MyGit

3.0.0

kata-containers/kata-containers

版本发布时间: 2022-10-09 16:59:51

kata-containers/kata-containers最新发布版本:3.8.0(2024-08-22 00:44:43)

Release 3.0.0

kata-containers Changes

Shortlog

63495cf43 release: Kata Containers 3.0.0 fb4430549 release: Adapt kata-deploy for 3.0.0 20c02528e agent: reduce reference count for failed mount 3eb6f5858 agent: don't exit early if signal fails due to ESRCH 8dc8565ed versions: Update gperf url to avoid libseccomp random failures 740e7e2f7 kata-sys-util: fix typo unknow 727f233e2 release: Kata Containers 3.0.0-rc1 babab160b tools: release: fix bogus version check af22e7137 osbuilder: Export directory variables for libseccomp d663f110d kata-deploy: get the config path from cri options c6b3dcb67 kata-deploy: support kata-deploy for runtime-rs a394761a5 kata-deploy: add installation for runtime-rs b0c5f040f runtime-rs: set agent timeout to 0 for stream RPCs d44e39e05 runtime-rs: fix incorrect comments 43b0e9580 runtime: store the user name in hypervisor config 81801888a runtime: make StopVM thread-safe fba39ef32 runtime: add more debug logs for non-root user operation 63309514c runtime-rs: drop dependency on rustc-serialize e229a03cc runtime: update runc dependency 583591099 release: Kata Containers 3.0.0-rc0 be242a3c3 release: Adapt kata-deploy for 3.0.0-rc0 156e1c324 runtime-rs: delete some allow(dead_code) attributes fc9c6f87a kata-types: don't check virtio_fs_daemon for inline-virtio-fs 96c8be715 libs/kata-types: change return type of getting CPU period/quota 2b1d05857 runtime-rs: fix host device check pattern 62cf6e6fc runtime-rs: remove meaningless comment 84268f871 runtime-rs: update rust runtime roadmap bcf6bf843 runk: Enable seccomp support by default 36d805fab config: add "inline-virtio-fs" as a "shared_fs" type 85b49cee0 runtime-rs: add README.md 968c2f6e8 runk: Refactor container builder b948a8ffe kernel: fix kernel tarball name for SEV 50f912615 libs/kata-types: replace tabs by spaces in comments 566656b08 gperf: point URL to mirror site d23779ec9 Revert "agent: fix unittests for arp neighbors" d340564d6 Revert "agent: use rtnetlink's neighbours API to add neighbors" 188d37bad kata-deploy: Add debug statement e879270a0 runtime-rs: add default agent/runtime/hypervisor for configuration 5f4f5f240 docs: fix unix socket address in agent-ctl doc 41ec71169 runtime-rs: split amend_spec function ff7c78e0e runtime-rs: static resource mgmt default to false 00f3a6de1 runtime-rs: make static resource mgmt idiomatic 4a54876dd runtime-rs: support static resource management functionality 52bbc3a4b cargo.lock: update crates to comply with checks aa581f4b2 cargo.toml: Add oci to src/libs workplace 7914da72c cargo.tomls: Added Apache 2.0 to cargo.tomls bed4aab7e github-actions: Add cargo-deny 373dac2db qemu: Keep passing BUILD_SUFFIX 59e3850bf qemu: create no_patches.txt file for SPR-BKC-QEMU-v2.5 54d6d0175 qemu: fix tdx qemu tarball directories 9997ab064 sandbox_test: Add test to verify memory hotplug behavior f390c122f sandbox: don't hotplug too much memory at once e0142db24 hypervisor: Add GetTotalMemoryMB to interface e83b82131 docs: Update url in the Developer Guide 0ab49b233 release: Kata Containers 3.0.0-alpha1 b1a8acad5 versions: Update cni plugins version 749a6a248 docs: Specify language in markdown for syntax highlight a1fdc0827 kernel: Re-work get_tee_kernel() a6581734c kernel: Whitelist cleanup cce99c5c7 runtime-rs: delete socket from shim command-line options c75970b81 dragonball: add more unit test for config manager dc32c4622 osbuilder: fix ubuntu initrd /dev/ttyS0 hang cc5f91dac osbuilder: add systemd symlinks for kata-agent 731d39df4 kernel: Add CONFIG_CGROUP_HUGETLB=y as part of the cgroup fragments f7d41e98c kata-deploy: export CI in the build container 4f90e3c87 kata-deploy: add dockerbuild/install_yq.sh to gitignore 96d903734 github-actions: Auto-backporting a355812e0 runtime-rs: fixed bug on core-sched error handling 591dfa4fe runtime-rs: add support for core scheduling 92f7d6bf8 ci: Use versions.yaml for the libseccomp b535bac9c runk: Add cli message for init command c08a8631e agent: add some logs for mount operation c1e3b8f40 govmm: Refactor qmp functions for adding block device 598884f37 govmm: Refactor code to get rid of redundant code 00860a7e4 qmp: Pass aio backend while adding block device e1b49d758 config: Add block aio as a supported annotation ed0f1d0b3 config: Add "block_device_aio" as a config option for qemu b6cd2348f govmm: Add io_uring as AIO type 81cdaf077 govmm: Correct documentation for Linux aio. 763ceeb7b logging: Replace nix::Error::EINVAL with more descriptive msgs 4ee2b99e1 kata-deploy: fix threading conflicts 0a6f0174f kernel: Ignore CONFIG_SPECULATION_MITIGATIONS for older kernels 6cf16c4f7 agent-ctl: fix clippy error 4b57c04c3 runtime-rs: support loading kernel modules in guest vm dc90eae17 qemu: Drop unnecessary tdx_guest kernel parameter d4b67613f clh: Use HVC console with TDX c0cb3cd4d clh: Avoid crashing when memory hotplug is not allowed 9f0a57c0e clh: Increase API and SandboxStop timeouts for TDX c142fa254 clh: Lift the sharedFS restriction used with TDX bdf8a57bd runk: Move delete logic to libcontainer a06d819b2 runtime: cri-o annotations have been moved to podman ffd1c1ff4 agent-ctl/trace-forwarder: udpate thread_local dependency 69080d76d agent/runk: update regex dependency e0ec09039 runtime-rs: update async-std dependency 326f1cc77 agent: enrich some error code path 4f53e010b agent: skip test_load_kernel_module if non-root f508c2909 runtime: constify splitIrqChipMachineOptions 2b0587db9 runtime: VMX is migratible in vm factory case fa09f0ec8 runtime: remove qemuPaths a6fbaac1b runk: add pause/resume commands 8e201501e kernel: fix for set_kmem_limit error 00aadfe20 kernel: SEV guest kernel upgrade to 5.19.2 0d9d8d63e kernel: upgrade guest kernel support to 5.19.2 57bd3f42d runtime-rs: plug drop-in decoding into config-loading code 87b97b699 runtime-rs: add filesystem-related part of drop-in handling cf785a1a2 runtime-rs: add core toml::Value tree merging 09672eb2d agent: do some rollback works if case of do_create_container failed 8ff5c10ac network: Fix error message for setting hardware address on TAP interface 3a597c274 runtime: clh: Use the new 'payload' interface 16baecc5b runtime: clh: Re-generate the client code 50ea07183 versions: Upgrade to Cloud Hypervisor v26.0 fcc1e0c61 runtime: tracing: End root span at end of trace 78231a36e ci: Update libseccomp version 338c28295 dep: update nix dependency 3829ab809 docs: Update CRI-O target link 34746496b libs/test-utils: share test code by create a new crate eab7c8f28 runtime-rs: delete vergen dependency 6d6c06869 workflow: trigger release for 3.x releases 4d7f3edba runtime-rs: support the functionality of cleanup 5aa83754e runtime-rs: support save to persist file and restore 3e9077f6e docs: Update url in containerd documentation 52133ef66 release: Kata Containers 3.0.0-alpha0 c280d6965 runtime-rs: delete route model caada34f1 runtime-rs: fix design doc's typo b61dda40b docs: use curl as default downloader for runtime-rs ca9d16e5e runtime-rs: update Cargo.lock 99a7b4f3e workflow: Revert "static-checks: Allow Merge commit to be >75 chars" d14e80e9f workflow: Revert "docs: modify move-issues-to-in-progress.yaml" 1f4b6e646 versions: Update libseccomp version b82819015 Merge pull request #4823 from openanolis/runtime-rs-merge-main-runtime-rs f791169ef Merge pull request #4826 from openanolis/runtime-rs-version 8bbffc42c runtime-rs:update rtnetlink version e40383813 runtim-rs: Merge remote-tracking branch 'origin/main' into runtime-rs 931251105 Merge pull request #4817 from openanolis/runtime-rs-s390x-fail 389ae9702 runtime-rs:skip the test when the arch is s390x 945e02227 runtime-rs:skip the build process when the arch is s390x 8b0e1859c Merge pull request #4784 from openanolis/fix-protocol-ci-err b337390c2 Merge pull request #4791 from openanolis/runtime-rs-merge-main-1 7247575fa runtime-rs:fix cargo clippy 9803393f2 runtime-rs: Merge branch 'main' into runtime-rs-merge-main-1 86ac653ba libs: fix CI error for protocols 993ae2408 Merge pull request #4777 from openanolis/runtime-rs-merge adfad44ef Merge remote-tracking branch 'origin/main' into runtime-rs-merge-tmp 5457deb03 Merge pull request #4741 from openanolis/fix-stop-failed-in-azure fa0b11fc5 runtime-rs: fix stdin hang in azure 50b0b7cc1 Merge pull request #4681 from Tim-0731-Hzt/runtime-rs-sharepid 129335714 Merge pull request #4727 from openanolis/anolis-fix-network 71384b60f Merge pull request #4713 from openanolis/adjust_default_vcpu b3147411e runtime-rs:add unit test for set share pid ns 1ef3f8eac runtime-rs: set share sandbox pid namespace 57c556a80 runtime-rs: fix stop failed in azure 3f4dd92c2 Merge pull request #4702 from openanolis/runtime-rs-endpoint-dev a3127a03f Merge pull request #4721 from openanolis/install-guide-2 c825065b2 runtime-rs: fix tc filter setup failed e0194dcb5 runtime-rs: update route destination with prefix 534a4920b Merge pull request #4692 from openanolis/support_disable_guest_seccomp fa85fd584 docs: add rust environment setup for kata 3.0 896478c92 runtime-rs: add functionalities support for macvlan and vlan endpoints 43045be8d runtime-rs: handle default_vcpus greator than default_maxvcpu 54f53d57e runtime-rs: support disable_guest_seccomp 540303880 Merge pull request #4688 from quanweiZhou/fix_sandbox_cgroup_false 7c146a5d9 Merge pull request #4684 from quanweiZhou/fix-ctr-exit-error 08a658167 Merge pull request #4662 from openanolis/runtime-rs-user-manaul 4331ef80d Runtime-rs: add installation guide for rust-runtime 4c3bd6b1d Merge pull request #4656 from openanolis/runtime-rs-ipvlan 960f2a7f7 Merge pull request #4678 from Tim-0731-Hzt/runtime-rs-makefile-2 e9988f0c6 runtime-rs: fix sandbox_cgroup_only=false panic cebbebbe8 runtime-rs: fix ctr exit failed 758cc47b3 Merge pull request #4671 from liubin/4670-upgrade-nix 25be4d00f Merge pull request #4676 from openanolis/xuejun/runtime-rs 62182db64 runtime-rs: add unit test for ipvlan endpoint 99654ce69 runtime-rs: update dbs-xxx dependencies f4c3adf59 runtime-rs: Add compile option file 545ae3f0e runtime-rs: fix warning 19eca71cd runtime-rs: remove the value of hypervisor path in DB config d8920b00c runtime-rs: support functionalities of ipvlan endpoint 2b01e9ba4 dragonball: fix warning 996a6b80b kata-sys-util: upgrade nix version 9f49f7adc Merge pull request #4493 from openanolis/runtime-rs-dev 3c989521b dragonball: update for review 274598ae5 kata-runtime: add dragonball config check support. 1befbe673 runtime-rs: Cargo lock for fix version problem 3d6156f6e runtime-rs: support dragonball and runtime-binary 3f6123b4d libs: update configuration and annotations f3335c99c Merge pull request #4614 from Tim-0731-Hzt/runtime-rs-merge-main b424cf3c9 Merge pull request #4544 from openanolis/anolis/virtio_device_aarch64 d2584991e dragonball: fix dependency unused warning 458f6f42f dragonball: use const string for legacy device type 58b0fc479 Merge pull request #4192 from Tim-0731-Hzt/runtime-rs 0826a2157 Merge remote-tracking branch 'origin/main' into runtime-rs-1 939959e72 docs: add Dragonball to hypervisors f6f96b8fe dragonball: add legacy device support for aarch64 7a4183980 dragonball: add device info support for aarch64 30da3fb95 Merge pull request #4515 from openanolis/anolis/dragonball-3 9cee52153 fmt: do cargo fmt and add a dependency for blk_dev 47a4142e0 fs: change vhostuser and virtio into const e14e98bbe cpu_topo: add handle_cpu_topology function 5d3b53ee7 downtime: add downtime support 6a1fe85f1 vfio: add vfio as TODO 5ea35ddcd refractor: remove redundant by_id b646d7cb3 config: remove ht_enabled cb54ac6c6 memory: remove reserve_memory_bytes bde6609b9 hotplug: add room for other hotplug solution d88b1bf01 dragonball: update vsock dependency dd003ebe0 Dragonball: change error name and fix compile error 38957fe00 UT: fix compile error in unit tests 11b3f9514 dragonball: add virtio-fs device support 948381bdb dragonball: add virtio-net device support 3d20387a2 dragonball: add virtio-blk device support 87d38ae49 Doc: add document for Dragonball API 2bb1eeaec docs: further questions related to upcall 026aaeecc docs: add FAQ to the report fffcb8165 docs: update the content of the report 42ea854eb docs: kata 3.0 Architecture 090de2dae dragonball: fix the clippy errors. a1593322b dragonball: add vsock api to api server 89b9ba860 dragonball: add set_vm_configuration api 95fa0c70c dragonball: add start microvm support 5c1ccc376 dragonball: add Vmm struct 4d234f574 dragonball: refactor code layout cfd5dae47 dragonball: add vm struct 527b73a8e dragonball: remove unused feature in AddressSpaceMgr 514b4e723 Merge pull request #4543 from openanolis/anolis/add_vcpu_configure_aarch64 7120afe4e dragonball: add vcpu test function for aarch64 648d285a2 dragonball: add vcpu support for aarch64 7dad7c89f dragonball: update dbs-xxx dependency 59cab9e83 Merge pull request #4380 from Tim-0731-Hzt/rund/makefile 18093251e Merge pull request #4527 from Tim-0731-Hzt/rund-new/netlink 07231b2f3 runtime-rs:refactor network model with netlink c8a905206 build: format files 242992e3d build: put install methods in utils.mk 8a697268d build: makefile for dragonball config 9c526292e runtime-rs:refactor network model with netlink 12c1b9e6d Merge pull request #4536 from Tim-0731-Hzt/runtime-rs-kata-main f3907aa12 runtime-rs:Merge remote-tracking branch 'origin/main' into runtime-rs-newv badbbcd8b Merge pull request #4400 from openanolis/anolis/dragonball-2 71db2dd5b hotplug: add room for future acpi hotplug mechanism 8bb00a3dc dragonball: fix a bug when generating kernel boot args 2aedd4d12 doc: add document for vCPU, api and device bec22ad01 dragonball: add api module 07f44c3e0 dragonball: add vcpu manager 78c971875 dragonball: add upcall support 7d1953b52 dragonball: add vcpu 468c73b3c dragonball: add kvm context 98f041ed8 Merge pull request #4486 from openanolis/runtime-rs-merge-main 86123f49f Merge branch 'main' into runtime-rs e89e6507a dragonball: add signal handler b6cb2c4ae dragonball: add metrics system e80e0c464 dragonball: add io manager wrapper f23d7092e Merge pull request #4265 from openanolis/anolis/dragonball-1 d5ee3fc85 safe-path: fix clippy warning 93c10dfd8 runtime-rs: add crosvm license in Dragonball dfe6de771 dragonball: add dragonball into kata README 39ff85d61 dragonball: green ci 71f24d827 dragonball: add Makefile. a1df6d096 Doc: Update Dragonball Readme and add document for device 8619f2b3d dragonball: add virtio vsock device manager. 52d42af63 dragonball: add device manager. c1c1e5152 dragonball: add kernel config. 6850ef99a dragonball: add configuration manager. 0bcb422fc dragonball: add legacy devices manager 3c45c0715 dragonball: add console manager. 3d38bb300 dragonball: add address space manager. aff604055 dragonball: add resource manager support. 8835db6b0 dragonball: initial commit 9cb15ab4c agent: add the FSGroup support ff7874bc2 protobuf: upgrade the protobuf version to 2.27.0 06f398a34 runtime-rs: use withContext to evaluate lazily fd4c26f9c runtime-rs: support network resource 4be7185aa runtime-rs: runtime part implement 10343b1f3 runtime-rs: enhance runtimes 9887272db libs: enhance kata-sys-util and kata-types 3ff0db05a runtime-rs: support rootfs volume for resource 234d7bca0 runtime-rs: support cgroup resource 75e282b4c runtime-rs: hypervisor base define bdfee005f runtime-rs: service and runtime framework 4296e3069 runtime-rs: agent implements d3da156ee runtime-rs: uint FsType for s390x e705ee07c runtime-rs: update containerd-shim-protos to 0.2.0 8c0a60e19 runtime-rs: modify the review suggestion 278f843f9 runtime-rs: shim implements for runtime-rs 641b73610 libs: enhance kata-sys-util 69ba1ae9e trans: fix the issue of wrong swapness type d2a9bc667 agent: agent-protocol support async aee9633ce libs/sys-util: provide functions to execute hooks 8509de0ae libs/sys-util: add function to detect and update K8s emptyDir volume 6d59e8e19 libs/sys-util: introduce function to get device id 5300ea23a libs/sys-util: implement reflink_copy() 1d5c898d7 libs/sys-util: add utilities to parse NUMA information 87887026f libs/sys-util: add utilities to manipulate cgroup ccd03e2ca libs/sys-util: add wrappers for mount and fs 45a00b4f0 libs/sys-util: add kata-sys-util crate under src/libs 48c201a1a libs/types: make the variable name easier to understand b9b6d70aa libs/types: modify implementation details 05ad026fc libs/types: fix implementation details d96716b4d libs/types:fix styles and implementation details 6cffd943b libs/types:return Result to handle parse error 6ae87d9d6 libs/types: use contains to make code more readable 45e5780e7 libs/types: fixed spelling and grammer error 2599a06a5 libs/types:use include_str! in test file 8ffff40af libs/types:Option type to handle empty tomlconfig 626828696 libs/types: add license for test-config.rs 97d8c6c0f docs: modify move-issues-to-in-progress.yaml 8cdd70f6c libs/types: change method to update config by annotation e19d04719 libs/types: implement KataConfig to wrap TomlConfig 387ffa914 libs/types: support load Kata agent configuration from file 69f10afb7 libs/types: support load Kata hypervisor configuration from file 21cc02d72 libs/types: support load Kata runtime configuration from file 5b89c1df2 libs/types: add kata-types crate under src/libs 4f62a7618 libs/logging: fix clippy warnings 6f8acb94c libs: refine Makefile rules 7cdee4980 libs/logging: introduce a wrapper writer for logging 426f38de9 libs/logging: implement rotator for log files 392f1ecdf libs: convert to a cargo workspace 575df4dc4 static-checks: Allow Merge commit to be >75 chars 2ae807fd2 nydus: wait nydusd API server ready before mounting share fs 8a4e69008 versions: Update TD-shim due to build breakage 065305f4a agent-ctl: Add an empty [workspace] 1444d7ce4 packaging: Create no_patches.txt for the SPR-BKC-PC-v9.6.x c8d4ea84e docs: Improve SGX documentation 85f4e7caf runtime: explicitly mark the source of the log is from qemu.log d8ad16a34 runtime: add unlock before return in sendReq 889557ecb docs: add back host network limitation 230a22905 runk: add ps sub-command e40383813 runtim-rs: Merge remote-tracking branch 'origin/main' into runtime-rs 587c0c5e5 Merge pull request #4820 from cmaf/sgx-update-docs-1 c5452faec docs: Improve SGX documentation 2764bd752 Merge pull request #4770 from justxuewei/refactor/agent/netlink-neighbor 578121124 Merge pull request #4805 from fidencio/topic/bump-tdx-dependencies 869e40851 Merge pull request #4810 from fidencio/topic/adjust-final-tarball-location-for-tdvf-and-td-shim 8d1cb1d51 td-shim: Adjust final tarball location 62f05d4b4 ovmf: Adjust final tarball location 9972487f6 versions: Bump Kernel TDX version c9358155a kernel: Sort the TDX configs alphabetically dd397ff1b versions: Bump QEMU TDX version 873e75b91 Merge pull request #4773 from fidencio/topic/build-tdvf c9b5bde30 versions: Track and build TDVF e6a5a5106 packaging: Generate a tarball as OVMF build result 42eaf19b4 packaging: Simplify OVMF repo clone 4d33b0541 packaging: Don't hardcode "edk2" as the cloned repo's dir. 81fe51ab0 agent: fix unittests for arp neighbors 845c1c03c agent: use rtnetlink's neighbours API to add neighbors 8bbffc42c runtime-rs:update rtnetlink version 587c0c5e5 Merge pull request #4820 from cmaf/sgx-update-docs-1 c5452faec docs: Improve SGX documentation 2764bd752 Merge pull request #4770 from justxuewei/refactor/agent/netlink-neighbor 578121124 Merge pull request #4805 from fidencio/topic/bump-tdx-dependencies 869e40851 Merge pull request #4810 from fidencio/topic/adjust-final-tarball-location-for-tdvf-and-td-shim 8d1cb1d51 td-shim: Adjust final tarball location 62f05d4b4 ovmf: Adjust final tarball location 9972487f6 versions: Bump Kernel TDX version c9358155a kernel: Sort the TDX configs alphabetically dd397ff1b versions: Bump QEMU TDX version 873e75b91 Merge pull request #4773 from fidencio/topic/build-tdvf c9b5bde30 versions: Track and build TDVF e6a5a5106 packaging: Generate a tarball as OVMF build result 42eaf19b4 packaging: Simplify OVMF repo clone 4d33b0541 packaging: Don't hardcode "edk2" as the cloned repo's dir. 81fe51ab0 agent: fix unittests for arp neighbors 845c1c03c agent: use rtnetlink's neighbours API to add neighbors 389ae9702 runtime-rs:skip the test when the arch is s390x 945e02227 runtime-rs:skip the build process when the arch is s390x c5452faec docs: Improve SGX documentation 81fe51ab0 agent: fix unittests for arp neighbors 845c1c03c agent: use rtnetlink's neighbours API to add neighbors 9972487f6 versions: Bump Kernel TDX version c9358155a kernel: Sort the TDX configs alphabetically dd397ff1b versions: Bump QEMU TDX version 8d1cb1d51 td-shim: Adjust final tarball location 62f05d4b4 ovmf: Adjust final tarball location 86ac653ba libs: fix CI error for protocols 7247575fa runtime-rs:fix cargo clippy 9803393f2 runtime-rs: Merge branch 'main' into runtime-rs-merge-main-1 7503bdab6 Merge pull request #4783 from fidencio/topic/build-td-shim b06bc8228 versions: Track and add support for building TD-shim 8d9135a7c Merge pull request #4765 from ryansavino/ccv0-rust-upgrade 9b1940e93 versions: update rust version c9b5bde30 versions: Track and build TDVF e6a5a5106 packaging: Generate a tarball as OVMF build result 42eaf19b4 packaging: Simplify OVMF repo clone 4d33b0541 packaging: Don't hardcode "edk2" as the cloned repo's dir. 7503bdab6 Merge pull request #4783 from fidencio/topic/build-td-shim b06bc8228 versions: Track and add support for building TD-shim 8d9135a7c Merge pull request #4765 from ryansavino/ccv0-rust-upgrade 9b1940e93 versions: update rust version b06bc8228 versions: Track and add support for building TD-shim 9b1940e93 versions: update rust version adfad44ef Merge remote-tracking branch 'origin/main' into runtime-rs-merge-tmp 0aefab4d8 Merge pull request #4739 from liubin/fix/4738-trace-rpc-calls 54147db92 Merge pull request #4170 from Alex-Carter01/build-amdsev-ovmf 638c2c416 static-build: Add AmdSev option for OVMF builder Introduces new build of firmware needed for SEV f0b58e38d static-build: Add build script for OVMF a67402cc1 Merge pull request #4397 from yaoyinnan/3073/ftr/host-cgroupv2 229ff29c0 Merge pull request #4758 from GabyCT/topic/updaterunc 5c3155f7e runtime: Support for host cgroup v2 4ab45e5c9 docs: Update support for host cgroupv2 9dfd949f2 Merge pull request #4646 from amshinde/add-liburing-qemu 326eb2f91 versions: Update runc version 557229c39 Merge pull request #4724 from yahaa/fix-docs 1b01ea53d Merge pull request #4735 from nubificus/feature-fc-v1.1 27c82018d Merge pull request #4753 from Tim-Zhang/agent-fix-stream-fd-double-close 6fddf031d Merge pull request #4664 from lifupan/main f5aa6ae46 agent: Fix stream fd's double close problem 6e149b43f Docs: fix tables format error 56d49b507 versions: Update Firecracker version to v1.1.0 0e24f47a4 agent: log RPC calls for debugging e764a726a Merge pull request #4715 from Tim-Zhang/fix-ut-test_do_write_stream 427b29454 Merge pull request #4709 from liubin/fix/4708-unwrap-error 033737783 Merge pull request #4695 from liubin/4694/upgrade-nydus-version 0b4a91ec1 Merge pull request #4644 from bookinabox/optimize-get-paths 68c265587 Merge pull request #4718 from GabyCT/topic/updatefirecrackerversion df79c8fe1 versions: Update firecracker version 912641509 agent: fix fd-double-close problem in ut test_do_write_stream 0d7cb7eb1 agent: delete agent-type property in announce eec9ac81e rustjail: check result to let it return early. 402bfa0ce nydus: upgrade nydus/nydus-snapshotter version 6d56cdb9a Merge pull request #4686 from xujunjie-cover/issue4685 72dbd1fcb kata-monitor: fix can't monitor /run/vc/sbs. f690b0aad qemu: Add liburing to qemu build d93e4b939 container: kill all of the processes in this container 575b5eb5f Merge pull request #4506 from cyyzero/runk-exec 9ae2a45b3 cgroups: remove unnecessary get_paths() 0cc20f014 Merge pull request #4647 from fidencio/topic/fix-clh-crash-when-booting-up-with-no-network-device 418a03a12 Merge pull request #4639 from fidencio/topic/packaging-rework-qemu-build-suffix be31207f6 clh: Don't crash if no network device is set by the upper layer 39974fbac Merge pull request #4642 from fidencio/topic/clh-bump-to-v25.0-release 051181249 packaging: Add a "-" in the dir name if $BUILD_DIR is available dc3b6f659 versions: Update Cloud Hypervisor to v25.0 201ff223f packaging: Use the $BUILD_SUFFIX when renaming the qemu binary 9f0e4bb77 Merge pull request #4628 from fidencio/topic/rework-tee-kernel-builds cda1919a0 Merge pull request #4609 from fidencio/topic/kata-deploy-simplify-config-path-handling 1a25afcdf kernel: Allow passing the URL to download the tarball 0024b8d10 Merge pull request #4617 from Yuan-Zhuo/main 80c68b80a kernel: Deduplicate code used for building TEE kernels f7ccf92dc kata-deploy: Rely on the configured config path 386a523a0 kata-deploy: Pass the config path to CRI-O 13df57c39 build: save lines for repository_owner check f59939a31 runk: Support exec sub-command 0aefab4d8 Merge pull request #4739 from liubin/fix/4738-trace-rpc-calls 54147db92 Merge pull request #4170 from Alex-Carter01/build-amdsev-ovmf 638c2c416 static-build: Add AmdSev option for OVMF builder Introduces new build of firmware needed for SEV f0b58e38d static-build: Add build script for OVMF a67402cc1 Merge pull request #4397 from yaoyinnan/3073/ftr/host-cgroupv2 229ff29c0 Merge pull request #4758 from GabyCT/topic/updaterunc 5c3155f7e runtime: Support for host cgroup v2 4ab45e5c9 docs: Update support for host cgroupv2 9dfd949f2 Merge pull request #4646 from amshinde/add-liburing-qemu 326eb2f91 versions: Update runc version 557229c39 Merge pull request #4724 from yahaa/fix-docs 1b01ea53d Merge pull request #4735 from nubificus/feature-fc-v1.1 27c82018d Merge pull request #4753 from Tim-Zhang/agent-fix-stream-fd-double-close 6fddf031d Merge pull request #4664 from lifupan/main f5aa6ae46 agent: Fix stream fd's double close problem 6e149b43f Docs: fix tables format error 56d49b507 versions: Update Firecracker version to v1.1.0 0e24f47a4 agent: log RPC calls for debugging e764a726a Merge pull request #4715 from Tim-Zhang/fix-ut-test_do_write_stream 427b29454 Merge pull request #4709 from liubin/fix/4708-unwrap-error 033737783 Merge pull request #4695 from liubin/4694/upgrade-nydus-version 0b4a91ec1 Merge pull request #4644 from bookinabox/optimize-get-paths 68c265587 Merge pull request #4718 from GabyCT/topic/updatefirecrackerversion df79c8fe1 versions: Update firecracker version 912641509 agent: fix fd-double-close problem in ut test_do_write_stream 0d7cb7eb1 agent: delete agent-type property in announce eec9ac81e rustjail: check result to let it return early. 402bfa0ce nydus: upgrade nydus/nydus-snapshotter version 6d56cdb9a Merge pull request #4686 from xujunjie-cover/issue4685 72dbd1fcb kata-monitor: fix can't monitor /run/vc/sbs. f690b0aad qemu: Add liburing to qemu build d93e4b939 container: kill all of the processes in this container 575b5eb5f Merge pull request #4506 from cyyzero/runk-exec 9ae2a45b3 cgroups: remove unnecessary get_paths() 0cc20f014 Merge pull request #4647 from fidencio/topic/fix-clh-crash-when-booting-up-with-no-network-device 418a03a12 Merge pull request #4639 from fidencio/topic/packaging-rework-qemu-build-suffix be31207f6 clh: Don't crash if no network device is set by the upper layer 39974fbac Merge pull request #4642 from fidencio/topic/clh-bump-to-v25.0-release 051181249 packaging: Add a "-" in the dir name if $BUILD_DIR is available dc3b6f659 versions: Update Cloud Hypervisor to v25.0 201ff223f packaging: Use the $BUILD_SUFFIX when renaming the qemu binary 9f0e4bb77 Merge pull request #4628 from fidencio/topic/rework-tee-kernel-builds cda1919a0 Merge pull request #4609 from fidencio/topic/kata-deploy-simplify-config-path-handling 1a25afcdf kernel: Allow passing the URL to download the tarball 0024b8d10 Merge pull request #4617 from Yuan-Zhuo/main 80c68b80a kernel: Deduplicate code used for building TEE kernels f7ccf92dc kata-deploy: Rely on the configured config path 386a523a0 kata-deploy: Pass the config path to CRI-O 13df57c39 build: save lines for repository_owner check f59939a31 runk: Support exec sub-command 0e24f47a4 agent: log RPC calls for debugging fa0b11fc5 runtime-rs: fix stdin hang in azure 57c556a80 runtime-rs: fix stop failed in azure 638c2c416 static-build: Add AmdSev option for OVMF builder Introduces new build of firmware needed for SEV f0b58e38d static-build: Add build script for OVMF 5c3155f7e runtime: Support for host cgroup v2 4ab45e5c9 docs: Update support for host cgroupv2 326eb2f91 versions: Update runc version f690b0aad qemu: Add liburing to qemu build b3147411e runtime-rs:add unit test for set share pid ns 1ef3f8eac runtime-rs: set share sandbox pid namespace 6e149b43f Docs: fix tables format error 56d49b507 versions: Update Firecracker version to v1.1.0 f5aa6ae46 agent: Fix stream fd's double close problem d93e4b939 container: kill all of the processes in this container c825065b2 runtime-rs: fix tc filter setup failed e0194dcb5 runtime-rs: update route destination with prefix 43045be8d runtime-rs: handle default_vcpus greator than default_maxvcpu 912641509 agent: fix fd-double-close problem in ut test_do_write_stream 896478c92 runtime-rs: add functionalities support for macvlan and vlan endpoints fa85fd584 docs: add rust environment setup for kata 3.0 0d7cb7eb1 agent: delete agent-type property in announce eec9ac81e rustjail: check result to let it return early. 402bfa0ce nydus: upgrade nydus/nydus-snapshotter version 54f53d57e runtime-rs: support disable_guest_seccomp 9ae2a45b3 cgroups: remove unnecessary get_paths() df79c8fe1 versions: Update firecracker version 72dbd1fcb kata-monitor: fix can't monitor /run/vc/sbs. e9988f0c6 runtime-rs: fix sandbox_cgroup_only=false panic cebbebbe8 runtime-rs: fix ctr exit failed 4331ef80d Runtime-rs: add installation guide for rust-runtime 62182db64 runtime-rs: add unit test for ipvlan endpoint d8920b00c runtime-rs: support functionalities of ipvlan endpoint 19eca71cd runtime-rs: remove the value of hypervisor path in DB config 996a6b80b kata-sys-util: upgrade nix version 99654ce69 runtime-rs: update dbs-xxx dependencies f4c3adf59 runtime-rs: Add compile option file 545ae3f0e runtime-rs: fix warning 2b01e9ba4 dragonball: fix warning f59939a31 runk: Support exec sub-command 3c989521b dragonball: update for review 274598ae5 kata-runtime: add dragonball config check support. 1befbe673 runtime-rs: Cargo lock for fix version problem 3d6156f6e runtime-rs: support dragonball and runtime-binary 3f6123b4d libs: update configuration and annotations be31207f6 clh: Don't crash if no network device is set by the upper layer 051181249 packaging: Add a "-" in the dir name if $BUILD_DIR is available 201ff223f packaging: Use the $BUILD_SUFFIX when renaming the qemu binary dc3b6f659 versions: Update Cloud Hypervisor to v25.0 0826a2157 Merge remote-tracking branch 'origin/main' into runtime-rs-1 46fd7ce02 Merge pull request #4595 from amshinde/fix-clh-tarball-build 33360f171 Merge pull request #4600 from ManaSugi/fix/selinux-hypervisor-config f36bc8bc5 Merge pull request #4616 from GabyCT/topic/updatecontainerddoc 57c2d8b74 docs: Update URL links for containerd documentation e57a1c831 build: Mark git repos as safe for build ee3f5558a Merge pull request #4606 from liubin/fix/4605-delete-cri-containerd-plugin c09634dbc Merge pull request #4592 from fidencio/revert-kata-deploy-changes-after-2.5.0-rc0-release 2551924bd docs: delete CRI containerd plugin statement bee791593 Merge pull request #4533 from bookinabox/simplify-nproc efdb92366 build: Fix clh source build as normal user 0e40ecf38 tools/snap: simplify nproc be68cf071 Merge pull request #4597 from bergwolf/github/action 4d89476c9 runtime: Fix DisableSelinux config ac91fb7a1 Merge pull request #4591 from fidencio/2.5.0-rc0-branch-bump 3bafafec5 action: extend commit message line limit to 150 bytes 5010c643c release: Revert kata-deploy changes after 2.5.0-rc0 release 2d29791c1 release: Kata Containers 2.5.0-rc0 f4eea832a release: Adapt kata-deploy for 2.5.0-rc0 071dd4c79 Merge pull request #4109 from pmores/drop-in-cfg-files-support d9e868f44 Merge pull request #4479 from quanweiZhou/enhance-get-handled-signal b33ad7e57 Merge pull request #4574 from jelipo/fix-serde-serializing 018973828 Merge pull request #4576 from ManaSugi/fix/oci-poststart-hook cd2d8c6fe Merge pull request #4580 from ManaSugi/fix/replace-libc-with-nix a1de394e5 Merge pull request #4550 from liubin/fix/4548-overwrite-mount-type-for-bind-mount 44ec9684d Merge pull request #4573 from amshinde/unsafe-repo-runtime-shimv2 0ddb34a38 oci: fix serde skip serializing condition fbb2e9bce agent: Replace some libc functions with nix ones acd3302be agent: Run OCI poststart hooks after a container is launched 635fa543a Merge pull request #4560 from bookinabox/update-commit-message-check 1f363a386 runtime: overwrite mount type to bind for bind mounts 4e48509ed build: Set safe.directory for runtime repo c29038a2e Merge pull request #4562 from ManaSugi/git-safe-repo 02a51e75a Merge pull request #4554 from liubin/fix/delete-not-used-console-from-container-config aa561b49f Merge pull request #4540 from fidencio/topic/default_maxmemory 48ccd4233 ci: Set safe.directory against tests repository 2a4fbd6d8 agent: enhance get handled signal 433816cca ci/cd: update check-commit-message 2a94261df Merge pull request #4549 from liubin/fix/4419-set-status-if-wait-process-failed 1e12d5651 Merge pull request #4469 from egernst/config-validation-refactor a5a25ed13 runtime: delete Console from Cmd type 96553e8bd runtime: Add documentation of drop-in config file fragments c656457e9 runtime: Add tests of drop-in config file decoding 99f5ca80f runtime: Plug drop-in decoding into decodeConfig() 0f9856c46 runtime: Scan drop-in directory, read files and decode them 2c1efcc69 runtime: Add helpers to copy fields between tomlConfig instances 20f11877b runtime: Add framework to manipulate config structs via reflection ab5f1c956 shim: set a non-zero return code if the wait process call failed. e5be5cb08 runtime: device: cleanup outdated comments 5f936f268 virtcontainers: config validation is host specific 323271403 virtcontainers: Remove unused function 0939f5181 config: Expose default_maxmemory 58ff2bd5c clh,qemu: Adapt to using default_maxmemory ad055235a Merge pull request #4547 from GabyCT/topic/removeunuseddocker b2c038799 Merge pull request #4130 from surajssd/add-cgroup-driver-info 1a78c3df2 packaging: Remove unused kata docker configure script afdc96042 hypervisor: Add default_maxmemory configuration bdf5e5229 virtcontainers: validate hypervisor config outside of hypervisor itself 469e09854 katautils: don't do validation when loading hypervisor config 0e2459d13 docs: Add cgroupDriver for containerd 1a25afcdf kernel: Allow passing the URL to download the tarball 80c68b80a kernel: Deduplicate code used for building TEE kernels d2584991e dragonball: fix dependency unused warning 458f6f42f dragonball: use const string for legacy device type f6f96b8fe dragonball: add legacy device support for aarch64 7a4183980 dragonball: add device info support for aarch64 f7ccf92dc kata-deploy: Rely on the configured config path 386a523a0 kata-deploy: Pass the config path to CRI-O 13df57c39 build: save lines for repository_owner check 939959e72 docs: add Dragonball to hypervisors 2bb1eeaec docs: further questions related to upcall 026aaeecc docs: add FAQ to the report fffcb8165 docs: update the content of the report 42ea854eb docs: kata 3.0 Architecture 46fd7ce02 Merge pull request #4595 from amshinde/fix-clh-tarball-build 33360f171 Merge pull request #4600 from ManaSugi/fix/selinux-hypervisor-config f36bc8bc5 Merge pull request #4616 from GabyCT/topic/updatecontainerddoc 57c2d8b74 docs: Update URL links for containerd documentation e57a1c831 build: Mark git repos as safe for build ee3f5558a Merge pull request #4606 from liubin/fix/4605-delete-cri-containerd-plugin c09634dbc Merge pull request #4592 from fidencio/revert-kata-deploy-changes-after-2.5.0-rc0-release 2551924bd docs: delete CRI containerd plugin statement bee791593 Merge pull request #4533 from bookinabox/simplify-nproc efdb92366 build: Fix clh source build as normal user 0e40ecf38 tools/snap: simplify nproc be68cf071 Merge pull request #4597 from bergwolf/github/action 4d89476c9 runtime: Fix DisableSelinux config ac91fb7a1 Merge pull request #4591 from fidencio/2.5.0-rc0-branch-bump 3bafafec5 action: extend commit message line limit to 150 bytes 5010c643c release: Revert kata-deploy changes after 2.5.0-rc0 release 2d29791c1 release: Kata Containers 2.5.0-rc0 f4eea832a release: Adapt kata-deploy for 2.5.0-rc0 071dd4c79 Merge pull request #4109 from pmores/drop-in-cfg-files-support d9e868f44 Merge pull request #4479 from quanweiZhou/enhance-get-handled-signal b33ad7e57 Merge pull request #4574 from jelipo/fix-serde-serializing 018973828 Merge pull request #4576 from ManaSugi/fix/oci-poststart-hook cd2d8c6fe Merge pull request #4580 from ManaSugi/fix/replace-libc-with-nix a1de394e5 Merge pull request #4550 from liubin/fix/4548-overwrite-mount-type-for-bind-mount 44ec9684d Merge pull request #4573 from amshinde/unsafe-repo-runtime-shimv2 0ddb34a38 oci: fix serde skip serializing condition fbb2e9bce agent: Replace some libc functions with nix ones acd3302be agent: Run OCI poststart hooks after a container is launched 635fa543a Merge pull request #4560 from bookinabox/update-commit-message-check 1f363a386 runtime: overwrite mount type to bind for bind mounts 4e48509ed build: Set safe.directory for runtime repo c29038a2e Merge pull request #4562 from ManaSugi/git-safe-repo 02a51e75a Merge pull request #4554 from liubin/fix/delete-not-used-console-from-container-config aa561b49f Merge pull request #4540 from fidencio/topic/default_maxmemory 48ccd4233 ci: Set safe.directory against tests repository 2a4fbd6d8 agent: enhance get handled signal 433816cca ci/cd: update check-commit-message 2a94261df Merge pull request #4549 from liubin/fix/4419-set-status-if-wait-process-failed 1e12d5651 Merge pull request #4469 from egernst/config-validation-refactor a5a25ed13 runtime: delete Console from Cmd type 96553e8bd runtime: Add documentation of drop-in config file fragments c656457e9 runtime: Add tests of drop-in config file decoding 99f5ca80f runtime: Plug drop-in decoding into decodeConfig() 0f9856c46 runtime: Scan drop-in directory, read files and decode them 2c1efcc69 runtime: Add helpers to copy fields between tomlConfig instances 20f11877b runtime: Add framework to manipulate config structs via reflection ab5f1c956 shim: set a non-zero return code if the wait process call failed. e5be5cb08 runtime: device: cleanup outdated comments 5f936f268 virtcontainers: config validation is host specific 323271403 virtcontainers: Remove unused function 0939f5181 config: Expose default_maxmemory 58ff2bd5c clh,qemu: Adapt to using default_maxmemory ad055235a Merge pull request #4547 from GabyCT/topic/removeunuseddocker b2c038799 Merge pull request #4130 from surajssd/add-cgroup-driver-info 1a78c3df2 packaging: Remove unused kata docker configure script afdc96042 hypervisor: Add default_maxmemory configuration bdf5e5229 virtcontainers: validate hypervisor config outside of hypervisor itself 469e09854 katautils: don't do validation when loading hypervisor config 0e2459d13 docs: Add cgroupDriver for containerd e57a1c831 build: Mark git repos as safe for build efdb92366 build: Fix clh source build as normal user 9cee52153 fmt: do cargo fmt and add a dependency for blk_dev 47a4142e0 fs: change vhostuser and virtio into const e14e98bbe cpu_topo: add handle_cpu_topology function 5d3b53ee7 downtime: add downtime support 6a1fe85f1 vfio: add vfio as TODO 5ea35ddcd refractor: remove redundant by_id b646d7cb3 config: remove ht_enabled cb54ac6c6 memory: remove reserve_memory_bytes bde6609b9 hotplug: add room for other hotplug solution d88b1bf01 dragonball: update vsock dependency dd003ebe0 Dragonball: change error name and fix compile error 38957fe00 UT: fix compile error in unit tests 11b3f9514 dragonball: add virtio-fs device support 948381bdb dragonball: add virtio-net device support 3d20387a2 dragonball: add virtio-blk device support 87d38ae49 Doc: add document for Dragonball API 090de2dae dragonball: fix the clippy errors. a1593322b dragonball: add vsock api to api server 89b9ba860 dragonball: add set_vm_configuration api 95fa0c70c dragonball: add start microvm support 5c1ccc376 dragonball: add Vmm struct 4d234f574 dragonball: refactor code layout cfd5dae47 dragonball: add vm struct 527b73a8e dragonball: remove unused feature in AddressSpaceMgr 4d89476c9 runtime: Fix DisableSelinux config 57c2d8b74 docs: Update URL links for containerd documentation 2551924bd docs: delete CRI containerd plugin statement 5010c643c release: Revert kata-deploy changes after 2.5.0-rc0 release 0e40ecf38 tools/snap: simplify nproc 3bafafec5 action: extend commit message line limit to 150 bytes 7120afe4e dragonball: add vcpu test function for aarch64 648d285a2 dragonball: add vcpu support for aarch64 7dad7c89f dragonball: update dbs-xxx dependency c8a905206 build: format files 242992e3d build: put install methods in utils.mk 8a697268d build: makefile for dragonball config 07231b2f3 runtime-rs:refactor network model with netlink 9c526292e runtime-rs:refactor network model with netlink f3907aa12 runtime-rs:Merge remote-tracking branch 'origin/main' into runtime-rs-newv 916ffb75d Merge pull request #4432 from liubin/fix/4420-binary-log 4e30e11b3 shim: support shim v2 logging plugin 27b1bb5ed Merge pull request #4467 from egernst/device-pkg e32bf5331 device: deduplicate state structures f97d9b45c runtime: device/persist: drop persist dependency from device pkgs f9e96c650 runtime: device: move to top level package 3880e0c07 agent: refactor reading file timing for debugging 2488a0f6c Merge pull request #4439 from amshinde/update-kernel-to-5.15.46 083ca5f21 Merge pull request #4505 from yoheiueda/agent-debug-build 03fca8b45 Merge pull request #4526 from fidencio/topic/fix-clippy-warnings-and-update-agent-vendored-code c70d3a2c3 agent: Update the dependencies 612fd79ba random: Fix "nonminimal-bool" clippy warning d4417f210 netlink: Fix "or-fun-call" clippy warnings 93874cb3b packaging: Restrict kernel patches applied to top-level dir 07b1367c2 versions: Update kernel to latest LTS version 5.15.48 133528dd1 Merge pull request #4503 from amshinde/multi-queue-block f186a52b1 Merge pull request #4511 from fidencio/topic/add-config-efi-to-the-tdx-kernel 1b7d36fdb agent: Allow BUILD_TYPE=debug 9ff10c083 kernel: Add CONFIG_EFI=y as part of the TDX fragments 78e27de6c Merge pull request #4358 from zvonkok/memreserve e227b4c40 block: Leverage multiqueue for virtio-block 72049350a Merge pull request #4288 from fengwang666/enable-qemu-sandbox 8eac22ac5 Merge pull request #4495 from Amulyam24/snap-fix e7e7dc9df runtime: Add heuristic to get the right value(s) for mem-reserve e422730c7 Merge pull request #4497 from GabyCT/topic/removeunusedref e11fcf7d3 Merge pull request #4168 from Champ-Goblem/patch/fix-chronyd-failure-on-boot c7dd10e5e packaging: Remove unused publish kata image script 0bbbe7068 snap: fix snap build on ppc64le 6fd40085e Merge pull request #4484 from cmaf/tracing-update-rootspan-name 2c1b68d6e Merge pull request #4481 from zvonkok/fix-action ef925d40c runtime: enable sandbox feature on qemu 28995301b tracing: Remove whitespace from root span 9941588c0 workflow: Removing man-db, workflow kept failing 1b7fd19ac rootfs: Fix chronyd.service failing on boot 916ffb75d Merge pull request #4432 from liubin/fix/4420-binary-log 4e30e11b3 shim: support shim v2 logging plugin 27b1bb5ed Merge pull request #4467 from egernst/device-pkg e32bf5331 device: deduplicate state structures f97d9b45c runtime: device/persist: drop persist dependency from device pkgs f9e96c650 runtime: device: move to top level package 3880e0c07 agent: refactor reading file timing for debugging 2488a0f6c Merge pull request #4439 from amshinde/update-kernel-to-5.15.46 083ca5f21 Merge pull request #4505 from yoheiueda/agent-debug-build 03fca8b45 Merge pull request #4526 from fidencio/topic/fix-clippy-warnings-and-update-agent-vendored-code c70d3a2c3 agent: Update the dependencies 612fd79ba random: Fix "nonminimal-bool" clippy warning d4417f210 netlink: Fix "or-fun-call" clippy warnings 93874cb3b packaging: Restrict kernel patches applied to top-level dir 07b1367c2 versions: Update kernel to latest LTS version 5.15.48 133528dd1 Merge pull request #4503 from amshinde/multi-queue-block f186a52b1 Merge pull request #4511 from fidencio/topic/add-config-efi-to-the-tdx-kernel 1b7d36fdb agent: Allow BUILD_TYPE=debug 9ff10c083 kernel: Add CONFIG_EFI=y as part of the TDX fragments 78e27de6c Merge pull request #4358 from zvonkok/memreserve e227b4c40 block: Leverage multiqueue for virtio-block 72049350a Merge pull request #4288 from fengwang666/enable-qemu-sandbox 8eac22ac5 Merge pull request #4495 from Amulyam24/snap-fix e7e7dc9df runtime: Add heuristic to get the right value(s) for mem-reserve e422730c7 Merge pull request #4497 from GabyCT/topic/removeunusedref e11fcf7d3 Merge pull request #4168 from Champ-Goblem/patch/fix-chronyd-failure-on-boot c7dd10e5e packaging: Remove unused publish kata image script 0bbbe7068 snap: fix snap build on ppc64le 6fd40085e Merge pull request #4484 from cmaf/tracing-update-rootspan-name 2c1b68d6e Merge pull request #4481 from zvonkok/fix-action ef925d40c runtime: enable sandbox feature on qemu 28995301b tracing: Remove whitespace from root span 9941588c0 workflow: Removing man-db, workflow kept failing 1b7fd19ac rootfs: Fix chronyd.service failing on boot 71db2dd5b hotplug: add room for future acpi hotplug mechanism 8bb00a3dc dragonball: fix a bug when generating kernel boot args 2aedd4d12 doc: add document for vCPU, api and device bec22ad01 dragonball: add api module 07f44c3e0 dragonball: add vcpu manager 78c971875 dragonball: add upcall support 7d1953b52 dragonball: add vcpu 468c73b3c dragonball: add kvm context e89e6507a dragonball: add signal handler b6cb2c4ae dragonball: add metrics system e80e0c464 dragonball: add io manager wrapper 86123f49f Merge branch 'main' into runtime-rs f30fe86dc Merge pull request #4456 from Bevisy/fixIssue4454 553ec4611 Merge pull request #4436 from alex-matei/fix/sandbox-mem-overflow 0d33b2880 Merge pull request #4459 from jodh-intel/snap-fix-cli-options 9766a285a Merge pull request #4422 from snir911/dependabot_bumps 90a7763ac snap: Fix debug cli option d06dd8fcd Merge pull request #4312 from fidencio/topic/pass-the-tuntap-fd-to-clh a305bafee docs: Update outdated URLs and keep them available 185360cb9 Merge pull request #4452 from GabyCT/topic/updatedeveloperguide db2a4d6cd Merge pull request #4441 from liubin/fix/refactor-reading-mountstat-log bee770343 docs: Update containerd url link ac5dbd859 clh: Improve logging related to the net dev addition 0b75522e1 network: Set queues to 1 to ensure we get the network fds 93b61e0f0 network: Add FFI_NO_PI to the netlink flags bf3ddc125 clh: Pass the tuntap fds down to Cloud Hypervisor 55ed32e92 clh: Take care of the VmAdNetdPut request ourselves 01fe09a4e clh: Hotplug the network devices 2e0753833 clh: Expose VmAddNetPut c84a42525 Merge pull request #4442 from openanolis/anolis/fix_safepath_clippy 1d5448fbc Merge pull request #4180 from Alex-Carter01/build-kernel-efi-secret a80eb33cd Merge pull request #4308 from fidencio/topic/virtiofsd-switch-to-using-the-rust-version-on-all-arches 81acfc128 Merge pull request #4425 from liubin/fix/4376-change-log-level-of-getoomevent 9b93db022 Merge pull request #4417 from jodh-intel/docs-monitor-considerations 1ef0b7ded runtime: Switch to using the rust version of virtiofsd (all but power) bb26bd73b safe-path: fix clippy warning 1a5ba31cb agent: refactor reading file timing for debugging 721ca72a6 runtime: fix error when trying to parse sandbox sizing annotations aefe11b9b Merge pull request #4331 from dgibson/config-enable-iommu-annotation 7deb87dcb Merge pull request #4434 from fidencio/topic/bump-virtiofsd-release f811c8b60 Merge pull request #4431 from jodh-intel/docs-arch-storage-limits 9773838c0 virtiofsd: export env vars needed for building it b0e090f40 versions: Bump virtiofsd to v1.3.0 db5048d52 kernel: build efi_secret module for SEV 1b845978f docs: Add storage limits to arch doc 412441308 docs: Add more kata monitor details eff4e1017 shim: change the log level for GetOOMEvent call failures 5d7fb7b7b build(deps): bump github.com/containerd/containerd in /src/runtime d0ca2fcbb build(deps): bump crossbeam-utils in /src/tools/trace-forwarder a60dcff4d build(deps): bump regex from 1.5.4 to 1.5.6 in /src/tools/agent-ctl dbf50672e build(deps): bump crossbeam-utils in /src/tools/agent-ctl 8e2847bd5 build(deps): bump crossbeam-utils from 0.8.6 to 0.8.8 in /src/libs e9ada165f build(deps): bump regex from 1.5.4 to 1.5.5 in /src/agent adad9cef1 build(deps): bump crossbeam-utils from 0.8.5 to 0.8.8 in /src/agent 8f10e13e0 config: Allow enable_iommu pod annotation by default f30fe86dc Merge pull request #4456 from Bevisy/fixIssue4454 553ec4611 Merge pull request #4436 from alex-matei/fix/sandbox-mem-overflow 0d33b2880 Merge pull request #4459 from jodh-intel/snap-fix-cli-options 9766a285a Merge pull request #4422 from snir911/dependabot_bumps 90a7763ac snap: Fix debug cli option d06dd8fcd Merge pull request #4312 from fidencio/topic/pass-the-tuntap-fd-to-clh a305bafee docs: Update outdated URLs and keep them available 185360cb9 Merge pull request #4452 from GabyCT/topic/updatedeveloperguide db2a4d6cd Merge pull request #4441 from liubin/fix/refactor-reading-mountstat-log bee770343 docs: Update containerd url link ac5dbd859 clh: Improve logging related to the net dev addition 0b75522e1 network: Set queues to 1 to ensure we get the network fds 93b61e0f0 network: Add FFI_NO_PI to the netlink flags bf3ddc125 clh: Pass the tuntap fds down to Cloud Hypervisor 55ed32e92 clh: Take care of the VmAdNetdPut request ourselves 01fe09a4e clh: Hotplug the network devices 2e0753833 clh: Expose VmAddNetPut c84a42525 Merge pull request #4442 from openanolis/anolis/fix_safepath_clippy 1d5448fbc Merge pull request #4180 from Alex-Carter01/build-kernel-efi-secret a80eb33cd Merge pull request #4308 from fidencio/topic/virtiofsd-switch-to-using-the-rust-version-on-all-arches 81acfc128 Merge pull request #4425 from liubin/fix/4376-change-log-level-of-getoomevent 9b93db022 Merge pull request #4417 from jodh-intel/docs-monitor-considerations 1ef0b7ded runtime: Switch to using the rust version of virtiofsd (all but power) bb26bd73b safe-path: fix clippy warning 1a5ba31cb agent: refactor reading file timing for debugging 721ca72a6 runtime: fix error when trying to parse sandbox sizing annotations aefe11b9b Merge pull request #4331 from dgibson/config-enable-iommu-annotation 7deb87dcb Merge pull request #4434 from fidencio/topic/bump-virtiofsd-release f811c8b60 Merge pull request #4431 from jodh-intel/docs-arch-storage-limits 9773838c0 virtiofsd: export env vars needed for building it b0e090f40 versions: Bump virtiofsd to v1.3.0 db5048d52 kernel: build efi_secret module for SEV 1b845978f docs: Add storage limits to arch doc 412441308 docs: Add more kata monitor details eff4e1017 shim: change the log level for GetOOMEvent call failures 5d7fb7b7b build(deps): bump github.com/containerd/containerd in /src/runtime d0ca2fcbb build(deps): bump crossbeam-utils in /src/tools/trace-forwarder a60dcff4d build(deps): bump regex from 1.5.4 to 1.5.6 in /src/tools/agent-ctl dbf50672e build(deps): bump crossbeam-utils in /src/tools/agent-ctl 8e2847bd5 build(deps): bump crossbeam-utils from 0.8.6 to 0.8.8 in /src/libs e9ada165f build(deps): bump regex from 1.5.4 to 1.5.5 in /src/agent adad9cef1 build(deps): bump crossbeam-utils from 0.8.5 to 0.8.8 in /src/agent 8f10e13e0 config: Allow enable_iommu pod annotation by default d5ee3fc85 safe-path: fix clippy warning 93c10dfd8 runtime-rs: add crosvm license in Dragonball dfe6de771 dragonball: add dragonball into kata README 39ff85d61 dragonball: green ci 71f24d827 dragonball: add Makefile. a1df6d096 Doc: Update Dragonball Readme and add document for device 8619f2b3d dragonball: add virtio vsock device manager. 52d42af63 dragonball: add device manager. c1c1e5152 dragonball: add kernel config. 6850ef99a dragonball: add configuration manager. 0bcb422fc dragonball: add legacy devices manager 3c45c0715 dragonball: add console manager. 3d38bb300 dragonball: add address space manager. aff604055 dragonball: add resource manager support. 8835db6b0 dragonball: initial commit

Compatibility with CRI-O

Kata Containers 3.0.0 is compatible with CRI-O

Compatibility with containerd

Kata Containers 3.0.0 is compatible with contaienrd v1.5.2

OCI Runtime Specification

Kata Containers 3.0.0 support the OCI Runtime Specification v1.0.0-rc5

Compatibility with Kubernetes

Kata Containers 3.0.0 is compatible with Kubernetes 1.23.1-00

Libseccomp Notices

The kata-agent binaries inside the Kata Containers images provided with this release are statically linked with the following GNU LGPL-2.1 licensed libseccomp library.

The kata-agent uses the libseccomp v2.5.4 which is not modified from the upstream version. However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.

If you want to use the kata-agent which is not statically linked with the library, you can build a custom kata-agent that does not use the library from sources. For the details, please check the developer guide.

Kata Linux Containers image

Agent version: 3.0.0

Default Image Guest OS:

description: | Root filesystem disk image used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "ubuntu" version: "latest" ppc64le: name: "ubuntu" version: "latest" s390x: name: "ubuntu" version: "latest" x86_64: name: "clearlinux" version: "latest" meta: image-type: "clearlinux"

Default Initrd Guest OS:

description: | Root filesystem initrd used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "alpine" version: "3.15"

Do not use Alpine on ppc64le & s390x, the agent cannot use musl because

there is no such Rust target

ppc64le: name: "ubuntu" version: "20.04" s390x: name: "ubuntu" version: "20.04" x86_64: name: "alpine" version: "3.15"

Kata Linux Containers Kernel

Kata Containers 3.0.0 suggest to use the Linux kernel v5.19.2 See the kernel suggested Guest Kernel patches See the kernel suggested Guest Kernel config

Installation

Follow the Kata installation instructions.

Issues & limitations

More information Limitations

相关地址:原始地址 下载(tar) 下载(zip)

1、 kata-containers-3.0.0-vendor.tar.gz 166.51MB

2、 kata-static-3.0.0-x86_64.tar.xz 114.12MB

3、 libseccomp-2.5.4.tar.gz 622.29KB

4、 libseccomp-2.5.4.tar.gz.asc 833B

查看:2022-10-09发行的版本