3.0.0-alpha1
版本发布时间: 2022-09-07 12:14:41
kata-containers/kata-containers最新发布版本:3.8.0(2024-08-22 00:44:43)
kata-containers Changes
Major highlights of this release include:
- Support for io_uring as I/O mechanism for qemu
- Upgrade to Cloud Hypervisor v26.0
- Kernel upgrade to 5.19.2
- Several improvements in cloud-hypervisor support for Intel TDX
- Support for static resource management functionality in rust runtime
- Support for hugetlb cgroups in the guest
- Addition of cargo-deny to scan for vulnerabilities and license issues wrt rust crates.
Shortlog
d23779ec9 Revert "agent: fix unittests for arp neighbors"
d340564d6 Revert "agent: use rtnetlink's neighbours API to add neighbors"
188d37bad kata-deploy: Add debug statement
e879270a0 runtime-rs: add default agent/runtime/hypervisor for configuration
5f4f5f240 docs: fix unix socket address in agent-ctl doc
41ec71169 runtime-rs: split amend_spec function
ff7c78e0e runtime-rs: static resource mgmt default to false
00f3a6de1 runtime-rs: make static resource mgmt idiomatic
4a54876dd runtime-rs: support static resource management functionality
52bbc3a4b cargo.lock: update crates to comply with checks
aa581f4b2 cargo.toml: Add oci to src/libs workplace
7914da72c cargo.tomls: Added Apache 2.0 to cargo.tomls
bed4aab7e github-actions: Add cargo-deny
373dac2db qemu: Keep passing BUILD_SUFFIX
59e3850bf qemu: create no_patches.txt file for SPR-BKC-QEMU-v2.5
54d6d0175 qemu: fix tdx qemu tarball directories
9997ab064 sandbox_test: Add test to verify memory hotplug behavior
f390c122f sandbox: don't hotplug too much memory at once
e0142db24 hypervisor: Add GetTotalMemoryMB to interface
e83b82131 docs: Update url in the Developer Guide
0ab49b233 release: Kata Containers 3.0.0-alpha1
b1a8acad5 versions: Update cni plugins version
749a6a248 docs: Specify language in markdown for syntax highlight
a1fdc0827 kernel: Re-work get_tee_kernel()
a6581734c kernel: Whitelist cleanup
cce99c5c7 runtime-rs: delete socket from shim command-line options
c75970b81 dragonball: add more unit test for config manager
dc32c4622 osbuilder: fix ubuntu initrd /dev/ttyS0 hang
cc5f91dac osbuilder: add systemd symlinks for kata-agent
731d39df4 kernel: Add CONFIG_CGROUP_HUGETLB=y as part of the cgroup fragments
f7d41e98c kata-deploy: export CI in the build container
4f90e3c87 kata-deploy: add dockerbuild/install_yq.sh to gitignore
96d903734 github-actions: Auto-backporting
a355812e0 runtime-rs: fixed bug on core-sched error handling
591dfa4fe runtime-rs: add support for core scheduling
92f7d6bf8 ci: Use versions.yaml for the libseccomp
b535bac9c runk: Add cli message for init command
c08a8631e agent: add some logs for mount operation
c1e3b8f40 govmm: Refactor qmp functions for adding block device
598884f37 govmm: Refactor code to get rid of redundant code
00860a7e4 qmp: Pass aio backend while adding block device
e1b49d758 config: Add block aio as a supported annotation
ed0f1d0b3 config: Add "block_device_aio" as a config option for qemu
b6cd2348f govmm: Add io_uring as AIO type
81cdaf077 govmm: Correct documentation for Linux aio.
763ceeb7b logging: Replace nix::Error::EINVAL with more descriptive msgs
4ee2b99e1 kata-deploy: fix threading conflicts
0a6f0174f kernel: Ignore CONFIG_SPECULATION_MITIGATIONS for older kernels
6cf16c4f7 agent-ctl: fix clippy error
4b57c04c3 runtime-rs: support loading kernel modules in guest vm
dc90eae17 qemu: Drop unnecessary tdx_guest
kernel parameter
d4b67613f clh: Use HVC console with TDX
c0cb3cd4d clh: Avoid crashing when memory hotplug is not allowed
9f0a57c0e clh: Increase API and SandboxStop timeouts for TDX
c142fa254 clh: Lift the sharedFS restriction used with TDX
bdf8a57bd runk: Move delete logic to libcontainer
a06d819b2 runtime: cri-o annotations have been moved to podman
ffd1c1ff4 agent-ctl/trace-forwarder: udpate thread_local dependency
69080d76d agent/runk: update regex dependency
e0ec09039 runtime-rs: update async-std dependency
326f1cc77 agent: enrich some error code path
4f53e010b agent: skip test_load_kernel_module if non-root
f508c2909 runtime: constify splitIrqChipMachineOptions
2b0587db9 runtime: VMX is migratible in vm factory case
fa09f0ec8 runtime: remove qemuPaths
a6fbaac1b runk: add pause/resume commands
8e201501e kernel: fix for set_kmem_limit error
00aadfe20 kernel: SEV guest kernel upgrade to 5.19.2
0d9d8d63e kernel: upgrade guest kernel support to 5.19.2
57bd3f42d runtime-rs: plug drop-in decoding into config-loading code
87b97b699 runtime-rs: add filesystem-related part of drop-in handling
cf785a1a2 runtime-rs: add core toml::Value tree merging
09672eb2d agent: do some rollback works if case of do_create_container failed
8ff5c10ac network: Fix error message for setting hardware address on TAP interface
3a597c274 runtime: clh: Use the new 'payload' interface
16baecc5b runtime: clh: Re-generate the client code
50ea07183 versions: Upgrade to Cloud Hypervisor v26.0
fcc1e0c61 runtime: tracing: End root span at end of trace
78231a36e ci: Update libseccomp version
338c28295 dep: update nix dependency
3829ab809 docs: Update CRI-O target link
34746496b libs/test-utils: share test code by create a new crate
Compatibility with CRI-O
Kata Containers 3.0.0-alpha1 is compatible with CRI-O
Compatibility with containerd
Kata Containers 3.0.0-alpha1 is compatible with contaienrd v1.5.2
OCI Runtime Specification
Kata Containers 3.0.0-alpha1 support the OCI Runtime Specification v1.0.0-rc5
Compatibility with Kubernetes
Kata Containers 3.0.0-alpha1 is compatible with Kubernetes 1.23.1-00
Libseccomp Notices
The kata-agent
binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.
The kata-agent
uses the libseccomp v2.5.4 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
If you want to use the kata-agent
which is not statically linked with the library, you can build
a custom kata-agent
that does not use the library from sources.
For the details, please check the developer guide.
Kata Linux Containers image
Agent version: 3.0.0-alpha1
Default Image Guest OS:
description: | Root filesystem disk image used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "ubuntu" version: "latest" ppc64le: name: "ubuntu" version: "latest" s390x: name: "ubuntu" version: "latest" x86_64: name: "clearlinux" version: "latest" meta: image-type: "clearlinux"
Default Initrd Guest OS:
description: | Root filesystem initrd used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "alpine" version: "3.15" ppc64le: name: "ubuntu" version: "20.04" s390x: name: "ubuntu" version: "20.04" x86_64: name: "alpine" version: "3.15"
Kata Linux Containers Kernel
Kata Containers 3.0.0-alpha1 suggest to use the Linux kernel v5.19.2 See the kernel suggested Guest Kernel patches See the kernel suggested Guest Kernel config
Installation
Follow the Kata installation instructions.
Issues & limitations
More information Limitations
1、 kata-containers-3.0.0-alpha1-vendor.tar.gz 166.4MB
2、 kata-static-3.0.0-alpha1-x86_64.tar.xz 108.03MB
3、 libseccomp-2.5.4.tar.gz 622.29KB
4、 libseccomp-2.5.4.tar.gz.asc 833B