3.0.0
版本发布时间: 2022-10-09 16:59:51
kata-containers/kata-containers最新发布版本:3.8.0(2024-08-22 00:44:43)
Release 3.0.0
kata-containers Changes
- A new runtime implementation based on Rust
- An optional builtin sandboxing functionality with rust-vmm based hypervisor dragonball
- GPU VFIO passthrough support
- Support host cgroup v2
- Support drop-in config files
- Support shimv2 logging plugin
- Agent support FSGroup
- A new safe-path library to handle path calculation safely for rust components
- A few new subcommands of runk
- Switch from C version virtiofsd to virtiofsd-rs
- Support enabling QEMU sandbox feature
- io_uring as IO mechanism for QEMU
- Support for virtio-blk device multiqueue simulation for QEMU and Cloud-hypervisor
- intel TDX support for QEMU and Cloud-hypervisor
- QEMU updated to v6.2.0
- Cloud-hypervisor upgraded to v26.0
- Firecracker updated to v1.1.0
- Guest kernel upgraded to v5.19.2
Shortlog
63495cf43 release: Kata Containers 3.0.0
fb4430549 release: Adapt kata-deploy for 3.0.0
20c02528e agent: reduce reference count for failed mount
3eb6f5858 agent: don't exit early if signal fails due to ESRCH
8dc8565ed versions: Update gperf url to avoid libseccomp random failures
740e7e2f7 kata-sys-util: fix typo unknow
727f233e2 release: Kata Containers 3.0.0-rc1
babab160b tools: release: fix bogus version check
af22e7137 osbuilder: Export directory variables for libseccomp
d663f110d kata-deploy: get the config path from cri options
c6b3dcb67 kata-deploy: support kata-deploy for runtime-rs
a394761a5 kata-deploy: add installation for runtime-rs
b0c5f040f runtime-rs: set agent timeout to 0 for stream RPCs
d44e39e05 runtime-rs: fix incorrect comments
43b0e9580 runtime: store the user name in hypervisor config
81801888a runtime: make StopVM thread-safe
fba39ef32 runtime: add more debug logs for non-root user operation
63309514c runtime-rs: drop dependency on rustc-serialize
e229a03cc runtime: update runc dependency
583591099 release: Kata Containers 3.0.0-rc0
be242a3c3 release: Adapt kata-deploy for 3.0.0-rc0
156e1c324 runtime-rs: delete some allow(dead_code) attributes
fc9c6f87a kata-types: don't check virtio_fs_daemon for inline-virtio-fs
96c8be715 libs/kata-types: change return type of getting CPU period/quota
2b1d05857 runtime-rs: fix host device check pattern
62cf6e6fc runtime-rs: remove meaningless comment
84268f871 runtime-rs: update rust runtime roadmap
bcf6bf843 runk: Enable seccomp support by default
36d805fab config: add "inline-virtio-fs" as a "shared_fs" type
85b49cee0 runtime-rs: add README.md
968c2f6e8 runk: Refactor container builder
b948a8ffe kernel: fix kernel tarball name for SEV
50f912615 libs/kata-types: replace tabs by spaces in comments
566656b08 gperf: point URL to mirror site
d23779ec9 Revert "agent: fix unittests for arp neighbors"
d340564d6 Revert "agent: use rtnetlink's neighbours API to add neighbors"
188d37bad kata-deploy: Add debug statement
e879270a0 runtime-rs: add default agent/runtime/hypervisor for configuration
5f4f5f240 docs: fix unix socket address in agent-ctl doc
41ec71169 runtime-rs: split amend_spec function
ff7c78e0e runtime-rs: static resource mgmt default to false
00f3a6de1 runtime-rs: make static resource mgmt idiomatic
4a54876dd runtime-rs: support static resource management functionality
52bbc3a4b cargo.lock: update crates to comply with checks
aa581f4b2 cargo.toml: Add oci to src/libs workplace
7914da72c cargo.tomls: Added Apache 2.0 to cargo.tomls
bed4aab7e github-actions: Add cargo-deny
373dac2db qemu: Keep passing BUILD_SUFFIX
59e3850bf qemu: create no_patches.txt file for SPR-BKC-QEMU-v2.5
54d6d0175 qemu: fix tdx qemu tarball directories
9997ab064 sandbox_test: Add test to verify memory hotplug behavior
f390c122f sandbox: don't hotplug too much memory at once
e0142db24 hypervisor: Add GetTotalMemoryMB to interface
e83b82131 docs: Update url in the Developer Guide
0ab49b233 release: Kata Containers 3.0.0-alpha1
b1a8acad5 versions: Update cni plugins version
749a6a248 docs: Specify language in markdown for syntax highlight
a1fdc0827 kernel: Re-work get_tee_kernel()
a6581734c kernel: Whitelist cleanup
cce99c5c7 runtime-rs: delete socket from shim command-line options
c75970b81 dragonball: add more unit test for config manager
dc32c4622 osbuilder: fix ubuntu initrd /dev/ttyS0 hang
cc5f91dac osbuilder: add systemd symlinks for kata-agent
731d39df4 kernel: Add CONFIG_CGROUP_HUGETLB=y as part of the cgroup fragments
f7d41e98c kata-deploy: export CI in the build container
4f90e3c87 kata-deploy: add dockerbuild/install_yq.sh to gitignore
96d903734 github-actions: Auto-backporting
a355812e0 runtime-rs: fixed bug on core-sched error handling
591dfa4fe runtime-rs: add support for core scheduling
92f7d6bf8 ci: Use versions.yaml for the libseccomp
b535bac9c runk: Add cli message for init command
c08a8631e agent: add some logs for mount operation
c1e3b8f40 govmm: Refactor qmp functions for adding block device
598884f37 govmm: Refactor code to get rid of redundant code
00860a7e4 qmp: Pass aio backend while adding block device
e1b49d758 config: Add block aio as a supported annotation
ed0f1d0b3 config: Add "block_device_aio" as a config option for qemu
b6cd2348f govmm: Add io_uring as AIO type
81cdaf077 govmm: Correct documentation for Linux aio.
763ceeb7b logging: Replace nix::Error::EINVAL with more descriptive msgs
4ee2b99e1 kata-deploy: fix threading conflicts
0a6f0174f kernel: Ignore CONFIG_SPECULATION_MITIGATIONS for older kernels
6cf16c4f7 agent-ctl: fix clippy error
4b57c04c3 runtime-rs: support loading kernel modules in guest vm
dc90eae17 qemu: Drop unnecessary tdx_guest kernel parameter
d4b67613f clh: Use HVC console with TDX
c0cb3cd4d clh: Avoid crashing when memory hotplug is not allowed
9f0a57c0e clh: Increase API and SandboxStop timeouts for TDX
c142fa254 clh: Lift the sharedFS restriction used with TDX
bdf8a57bd runk: Move delete logic to libcontainer
a06d819b2 runtime: cri-o annotations have been moved to podman
ffd1c1ff4 agent-ctl/trace-forwarder: udpate thread_local dependency
69080d76d agent/runk: update regex dependency
e0ec09039 runtime-rs: update async-std dependency
326f1cc77 agent: enrich some error code path
4f53e010b agent: skip test_load_kernel_module if non-root
f508c2909 runtime: constify splitIrqChipMachineOptions
2b0587db9 runtime: VMX is migratible in vm factory case
fa09f0ec8 runtime: remove qemuPaths
a6fbaac1b runk: add pause/resume commands
8e201501e kernel: fix for set_kmem_limit error
00aadfe20 kernel: SEV guest kernel upgrade to 5.19.2
0d9d8d63e kernel: upgrade guest kernel support to 5.19.2
57bd3f42d runtime-rs: plug drop-in decoding into config-loading code
87b97b699 runtime-rs: add filesystem-related part of drop-in handling
cf785a1a2 runtime-rs: add core toml::Value tree merging
09672eb2d agent: do some rollback works if case of do_create_container failed
8ff5c10ac network: Fix error message for setting hardware address on TAP interface
3a597c274 runtime: clh: Use the new 'payload' interface
16baecc5b runtime: clh: Re-generate the client code
50ea07183 versions: Upgrade to Cloud Hypervisor v26.0
fcc1e0c61 runtime: tracing: End root span at end of trace
78231a36e ci: Update libseccomp version
338c28295 dep: update nix dependency
3829ab809 docs: Update CRI-O target link
34746496b libs/test-utils: share test code by create a new crate
eab7c8f28 runtime-rs: delete vergen dependency
6d6c06869 workflow: trigger release for 3.x releases
4d7f3edba runtime-rs: support the functionality of cleanup
5aa83754e runtime-rs: support save to persist file and restore
3e9077f6e docs: Update url in containerd documentation
52133ef66 release: Kata Containers 3.0.0-alpha0
c280d6965 runtime-rs: delete route model
caada34f1 runtime-rs: fix design doc's typo
b61dda40b docs: use curl as default downloader for runtime-rs
ca9d16e5e runtime-rs: update Cargo.lock
99a7b4f3e workflow: Revert "static-checks: Allow Merge commit to be >75 chars"
d14e80e9f workflow: Revert "docs: modify move-issues-to-in-progress.yaml"
1f4b6e646 versions: Update libseccomp version
b82819015 Merge pull request #4823 from openanolis/runtime-rs-merge-main-runtime-rs
f791169ef Merge pull request #4826 from openanolis/runtime-rs-version
8bbffc42c runtime-rs:update rtnetlink version
e40383813 runtim-rs: Merge remote-tracking branch 'origin/main' into runtime-rs
931251105 Merge pull request #4817 from openanolis/runtime-rs-s390x-fail
389ae9702 runtime-rs:skip the test when the arch is s390x
945e02227 runtime-rs:skip the build process when the arch is s390x
8b0e1859c Merge pull request #4784 from openanolis/fix-protocol-ci-err
b337390c2 Merge pull request #4791 from openanolis/runtime-rs-merge-main-1
7247575fa runtime-rs:fix cargo clippy
9803393f2 runtime-rs: Merge branch 'main' into runtime-rs-merge-main-1
86ac653ba libs: fix CI error for protocols
993ae2408 Merge pull request #4777 from openanolis/runtime-rs-merge
adfad44ef Merge remote-tracking branch 'origin/main' into runtime-rs-merge-tmp
5457deb03 Merge pull request #4741 from openanolis/fix-stop-failed-in-azure
fa0b11fc5 runtime-rs: fix stdin hang in azure
50b0b7cc1 Merge pull request #4681 from Tim-0731-Hzt/runtime-rs-sharepid
129335714 Merge pull request #4727 from openanolis/anolis-fix-network
71384b60f Merge pull request #4713 from openanolis/adjust_default_vcpu
b3147411e runtime-rs:add unit test for set share pid ns
1ef3f8eac runtime-rs: set share sandbox pid namespace
57c556a80 runtime-rs: fix stop failed in azure
3f4dd92c2 Merge pull request #4702 from openanolis/runtime-rs-endpoint-dev
a3127a03f Merge pull request #4721 from openanolis/install-guide-2
c825065b2 runtime-rs: fix tc filter setup failed
e0194dcb5 runtime-rs: update route destination with prefix
534a4920b Merge pull request #4692 from openanolis/support_disable_guest_seccomp
fa85fd584 docs: add rust environment setup for kata 3.0
896478c92 runtime-rs: add functionalities support for macvlan and vlan endpoints
43045be8d runtime-rs: handle default_vcpus greator than default_maxvcpu
54f53d57e runtime-rs: support disable_guest_seccomp
540303880 Merge pull request #4688 from quanweiZhou/fix_sandbox_cgroup_false
7c146a5d9 Merge pull request #4684 from quanweiZhou/fix-ctr-exit-error
08a658167 Merge pull request #4662 from openanolis/runtime-rs-user-manaul
4331ef80d Runtime-rs: add installation guide for rust-runtime
4c3bd6b1d Merge pull request #4656 from openanolis/runtime-rs-ipvlan
960f2a7f7 Merge pull request #4678 from Tim-0731-Hzt/runtime-rs-makefile-2
e9988f0c6 runtime-rs: fix sandbox_cgroup_only=false panic
cebbebbe8 runtime-rs: fix ctr exit failed
758cc47b3 Merge pull request #4671 from liubin/4670-upgrade-nix
25be4d00f Merge pull request #4676 from openanolis/xuejun/runtime-rs
62182db64 runtime-rs: add unit test for ipvlan endpoint
99654ce69 runtime-rs: update dbs-xxx dependencies
f4c3adf59 runtime-rs: Add compile option file
545ae3f0e runtime-rs: fix warning
19eca71cd runtime-rs: remove the value of hypervisor path in DB config
d8920b00c runtime-rs: support functionalities of ipvlan endpoint
2b01e9ba4 dragonball: fix warning
996a6b80b kata-sys-util: upgrade nix version
9f49f7adc Merge pull request #4493 from openanolis/runtime-rs-dev
3c989521b dragonball: update for review
274598ae5 kata-runtime: add dragonball config check support.
1befbe673 runtime-rs: Cargo lock for fix version problem
3d6156f6e runtime-rs: support dragonball and runtime-binary
3f6123b4d libs: update configuration and annotations
f3335c99c Merge pull request #4614 from Tim-0731-Hzt/runtime-rs-merge-main
b424cf3c9 Merge pull request #4544 from openanolis/anolis/virtio_device_aarch64
d2584991e dragonball: fix dependency unused warning
458f6f42f dragonball: use const string for legacy device type
58b0fc479 Merge pull request #4192 from Tim-0731-Hzt/runtime-rs
0826a2157 Merge remote-tracking branch 'origin/main' into runtime-rs-1
939959e72 docs: add Dragonball to hypervisors
f6f96b8fe dragonball: add legacy device support for aarch64
7a4183980 dragonball: add device info support for aarch64
30da3fb95 Merge pull request #4515 from openanolis/anolis/dragonball-3
9cee52153 fmt: do cargo fmt and add a dependency for blk_dev
47a4142e0 fs: change vhostuser and virtio into const
e14e98bbe cpu_topo: add handle_cpu_topology function
5d3b53ee7 downtime: add downtime support
6a1fe85f1 vfio: add vfio as TODO
5ea35ddcd refractor: remove redundant by_id
b646d7cb3 config: remove ht_enabled
cb54ac6c6 memory: remove reserve_memory_bytes
bde6609b9 hotplug: add room for other hotplug solution
d88b1bf01 dragonball: update vsock dependency
dd003ebe0 Dragonball: change error name and fix compile error
38957fe00 UT: fix compile error in unit tests
11b3f9514 dragonball: add virtio-fs device support
948381bdb dragonball: add virtio-net device support
3d20387a2 dragonball: add virtio-blk device support
87d38ae49 Doc: add document for Dragonball API
2bb1eeaec docs: further questions related to upcall
026aaeecc docs: add FAQ to the report
fffcb8165 docs: update the content of the report
42ea854eb docs: kata 3.0 Architecture
090de2dae dragonball: fix the clippy errors.
a1593322b dragonball: add vsock api to api server
89b9ba860 dragonball: add set_vm_configuration api
95fa0c70c dragonball: add start microvm support
5c1ccc376 dragonball: add Vmm struct
4d234f574 dragonball: refactor code layout
cfd5dae47 dragonball: add vm struct
527b73a8e dragonball: remove unused feature in AddressSpaceMgr
514b4e723 Merge pull request #4543 from openanolis/anolis/add_vcpu_configure_aarch64
7120afe4e dragonball: add vcpu test function for aarch64
648d285a2 dragonball: add vcpu support for aarch64
7dad7c89f dragonball: update dbs-xxx dependency
59cab9e83 Merge pull request #4380 from Tim-0731-Hzt/rund/makefile
18093251e Merge pull request #4527 from Tim-0731-Hzt/rund-new/netlink
07231b2f3 runtime-rs:refactor network model with netlink
c8a905206 build: format files
242992e3d build: put install methods in utils.mk
8a697268d build: makefile for dragonball config
9c526292e runtime-rs:refactor network model with netlink
12c1b9e6d Merge pull request #4536 from Tim-0731-Hzt/runtime-rs-kata-main
f3907aa12 runtime-rs:Merge remote-tracking branch 'origin/main' into runtime-rs-newv
badbbcd8b Merge pull request #4400 from openanolis/anolis/dragonball-2
71db2dd5b hotplug: add room for future acpi hotplug mechanism
8bb00a3dc dragonball: fix a bug when generating kernel boot args
2aedd4d12 doc: add document for vCPU, api and device
bec22ad01 dragonball: add api module
07f44c3e0 dragonball: add vcpu manager
78c971875 dragonball: add upcall support
7d1953b52 dragonball: add vcpu
468c73b3c dragonball: add kvm context
98f041ed8 Merge pull request #4486 from openanolis/runtime-rs-merge-main
86123f49f Merge branch 'main' into runtime-rs
e89e6507a dragonball: add signal handler
b6cb2c4ae dragonball: add metrics system
e80e0c464 dragonball: add io manager wrapper
f23d7092e Merge pull request #4265 from openanolis/anolis/dragonball-1
d5ee3fc85 safe-path: fix clippy warning
93c10dfd8 runtime-rs: add crosvm license in Dragonball
dfe6de771 dragonball: add dragonball into kata README
39ff85d61 dragonball: green ci
71f24d827 dragonball: add Makefile.
a1df6d096 Doc: Update Dragonball Readme and add document for device
8619f2b3d dragonball: add virtio vsock device manager.
52d42af63 dragonball: add device manager.
c1c1e5152 dragonball: add kernel config.
6850ef99a dragonball: add configuration manager.
0bcb422fc dragonball: add legacy devices manager
3c45c0715 dragonball: add console manager.
3d38bb300 dragonball: add address space manager.
aff604055 dragonball: add resource manager support.
8835db6b0 dragonball: initial commit
9cb15ab4c agent: add the FSGroup support
ff7874bc2 protobuf: upgrade the protobuf version to 2.27.0
06f398a34 runtime-rs: use withContext to evaluate lazily
fd4c26f9c runtime-rs: support network resource
4be7185aa runtime-rs: runtime part implement
10343b1f3 runtime-rs: enhance runtimes
9887272db libs: enhance kata-sys-util and kata-types
3ff0db05a runtime-rs: support rootfs volume for resource
234d7bca0 runtime-rs: support cgroup resource
75e282b4c runtime-rs: hypervisor base define
bdfee005f runtime-rs: service and runtime framework
4296e3069 runtime-rs: agent implements
d3da156ee runtime-rs: uint FsType for s390x
e705ee07c runtime-rs: update containerd-shim-protos to 0.2.0
8c0a60e19 runtime-rs: modify the review suggestion
278f843f9 runtime-rs: shim implements for runtime-rs
641b73610 libs: enhance kata-sys-util
69ba1ae9e trans: fix the issue of wrong swapness type
d2a9bc667 agent: agent-protocol support async
aee9633ce libs/sys-util: provide functions to execute hooks
8509de0ae libs/sys-util: add function to detect and update K8s emptyDir volume
6d59e8e19 libs/sys-util: introduce function to get device id
5300ea23a libs/sys-util: implement reflink_copy()
1d5c898d7 libs/sys-util: add utilities to parse NUMA information
87887026f libs/sys-util: add utilities to manipulate cgroup
ccd03e2ca libs/sys-util: add wrappers for mount and fs
45a00b4f0 libs/sys-util: add kata-sys-util crate under src/libs
48c201a1a libs/types: make the variable name easier to understand
b9b6d70aa libs/types: modify implementation details
05ad026fc libs/types: fix implementation details
d96716b4d libs/types:fix styles and implementation details
6cffd943b libs/types:return Result to handle parse error
6ae87d9d6 libs/types: use contains to make code more readable
45e5780e7 libs/types: fixed spelling and grammer error
2599a06a5 libs/types:use include_str! in test file
8ffff40af libs/types:Option type to handle empty tomlconfig
626828696 libs/types: add license for test-config.rs
97d8c6c0f docs: modify move-issues-to-in-progress.yaml
8cdd70f6c libs/types: change method to update config by annotation
e19d04719 libs/types: implement KataConfig to wrap TomlConfig
387ffa914 libs/types: support load Kata agent configuration from file
69f10afb7 libs/types: support load Kata hypervisor configuration from file
21cc02d72 libs/types: support load Kata runtime configuration from file
5b89c1df2 libs/types: add kata-types crate under src/libs
4f62a7618 libs/logging: fix clippy warnings
6f8acb94c libs: refine Makefile rules
7cdee4980 libs/logging: introduce a wrapper writer for logging
426f38de9 libs/logging: implement rotator for log files
392f1ecdf libs: convert to a cargo workspace
575df4dc4 static-checks: Allow Merge commit to be >75 chars
2ae807fd2 nydus: wait nydusd API server ready before mounting share fs
8a4e69008 versions: Update TD-shim due to build breakage
065305f4a agent-ctl: Add an empty [workspace]
1444d7ce4 packaging: Create no_patches.txt for the SPR-BKC-PC-v9.6.x
c8d4ea84e docs: Improve SGX documentation
85f4e7caf runtime: explicitly mark the source of the log is from qemu.log
d8ad16a34 runtime: add unlock before return in sendReq
889557ecb docs: add back host network limitation
230a22905 runk: add ps sub-command
e40383813 runtim-rs: Merge remote-tracking branch 'origin/main' into runtime-rs
587c0c5e5 Merge pull request #4820 from cmaf/sgx-update-docs-1
c5452faec docs: Improve SGX documentation
2764bd752 Merge pull request #4770 from justxuewei/refactor/agent/netlink-neighbor
578121124 Merge pull request #4805 from fidencio/topic/bump-tdx-dependencies
869e40851 Merge pull request #4810 from fidencio/topic/adjust-final-tarball-location-for-tdvf-and-td-shim
8d1cb1d51 td-shim: Adjust final tarball location
62f05d4b4 ovmf: Adjust final tarball location
9972487f6 versions: Bump Kernel TDX version
c9358155a kernel: Sort the TDX configs alphabetically
dd397ff1b versions: Bump QEMU TDX version
873e75b91 Merge pull request #4773 from fidencio/topic/build-tdvf
c9b5bde30 versions: Track and build TDVF
e6a5a5106 packaging: Generate a tarball as OVMF build result
42eaf19b4 packaging: Simplify OVMF repo clone
4d33b0541 packaging: Don't hardcode "edk2" as the cloned repo's dir.
81fe51ab0 agent: fix unittests for arp neighbors
845c1c03c agent: use rtnetlink's neighbours API to add neighbors
8bbffc42c runtime-rs:update rtnetlink version
587c0c5e5 Merge pull request #4820 from cmaf/sgx-update-docs-1
c5452faec docs: Improve SGX documentation
2764bd752 Merge pull request #4770 from justxuewei/refactor/agent/netlink-neighbor
578121124 Merge pull request #4805 from fidencio/topic/bump-tdx-dependencies
869e40851 Merge pull request #4810 from fidencio/topic/adjust-final-tarball-location-for-tdvf-and-td-shim
8d1cb1d51 td-shim: Adjust final tarball location
62f05d4b4 ovmf: Adjust final tarball location
9972487f6 versions: Bump Kernel TDX version
c9358155a kernel: Sort the TDX configs alphabetically
dd397ff1b versions: Bump QEMU TDX version
873e75b91 Merge pull request #4773 from fidencio/topic/build-tdvf
c9b5bde30 versions: Track and build TDVF
e6a5a5106 packaging: Generate a tarball as OVMF build result
42eaf19b4 packaging: Simplify OVMF repo clone
4d33b0541 packaging: Don't hardcode "edk2" as the cloned repo's dir.
81fe51ab0 agent: fix unittests for arp neighbors
845c1c03c agent: use rtnetlink's neighbours API to add neighbors
389ae9702 runtime-rs:skip the test when the arch is s390x
945e02227 runtime-rs:skip the build process when the arch is s390x
c5452faec docs: Improve SGX documentation
81fe51ab0 agent: fix unittests for arp neighbors
845c1c03c agent: use rtnetlink's neighbours API to add neighbors
9972487f6 versions: Bump Kernel TDX version
c9358155a kernel: Sort the TDX configs alphabetically
dd397ff1b versions: Bump QEMU TDX version
8d1cb1d51 td-shim: Adjust final tarball location
62f05d4b4 ovmf: Adjust final tarball location
86ac653ba libs: fix CI error for protocols
7247575fa runtime-rs:fix cargo clippy
9803393f2 runtime-rs: Merge branch 'main' into runtime-rs-merge-main-1
7503bdab6 Merge pull request #4783 from fidencio/topic/build-td-shim
b06bc8228 versions: Track and add support for building TD-shim
8d9135a7c Merge pull request #4765 from ryansavino/ccv0-rust-upgrade
9b1940e93 versions: update rust version
c9b5bde30 versions: Track and build TDVF
e6a5a5106 packaging: Generate a tarball as OVMF build result
42eaf19b4 packaging: Simplify OVMF repo clone
4d33b0541 packaging: Don't hardcode "edk2" as the cloned repo's dir.
7503bdab6 Merge pull request #4783 from fidencio/topic/build-td-shim
b06bc8228 versions: Track and add support for building TD-shim
8d9135a7c Merge pull request #4765 from ryansavino/ccv0-rust-upgrade
9b1940e93 versions: update rust version
b06bc8228 versions: Track and add support for building TD-shim
9b1940e93 versions: update rust version
adfad44ef Merge remote-tracking branch 'origin/main' into runtime-rs-merge-tmp
0aefab4d8 Merge pull request #4739 from liubin/fix/4738-trace-rpc-calls
54147db92 Merge pull request #4170 from Alex-Carter01/build-amdsev-ovmf
638c2c416 static-build: Add AmdSev option for OVMF builder Introduces new build of firmware needed for SEV
f0b58e38d static-build: Add build script for OVMF
a67402cc1 Merge pull request #4397 from yaoyinnan/3073/ftr/host-cgroupv2
229ff29c0 Merge pull request #4758 from GabyCT/topic/updaterunc
5c3155f7e runtime: Support for host cgroup v2
4ab45e5c9 docs: Update support for host cgroupv2
9dfd949f2 Merge pull request #4646 from amshinde/add-liburing-qemu
326eb2f91 versions: Update runc version
557229c39 Merge pull request #4724 from yahaa/fix-docs
1b01ea53d Merge pull request #4735 from nubificus/feature-fc-v1.1
27c82018d Merge pull request #4753 from Tim-Zhang/agent-fix-stream-fd-double-close
6fddf031d Merge pull request #4664 from lifupan/main
f5aa6ae46 agent: Fix stream fd's double close problem
6e149b43f Docs: fix tables format error
56d49b507 versions: Update Firecracker version to v1.1.0
0e24f47a4 agent: log RPC calls for debugging
e764a726a Merge pull request #4715 from Tim-Zhang/fix-ut-test_do_write_stream
427b29454 Merge pull request #4709 from liubin/fix/4708-unwrap-error
033737783 Merge pull request #4695 from liubin/4694/upgrade-nydus-version
0b4a91ec1 Merge pull request #4644 from bookinabox/optimize-get-paths
68c265587 Merge pull request #4718 from GabyCT/topic/updatefirecrackerversion
df79c8fe1 versions: Update firecracker version
912641509 agent: fix fd-double-close problem in ut test_do_write_stream
0d7cb7eb1 agent: delete agent-type property in announce
eec9ac81e rustjail: check result to let it return early.
402bfa0ce nydus: upgrade nydus/nydus-snapshotter version
6d56cdb9a Merge pull request #4686 from xujunjie-cover/issue4685
72dbd1fcb kata-monitor: fix can't monitor /run/vc/sbs.
f690b0aad qemu: Add liburing to qemu build
d93e4b939 container: kill all of the processes in this container
575b5eb5f Merge pull request #4506 from cyyzero/runk-exec
9ae2a45b3 cgroups: remove unnecessary get_paths()
0cc20f014 Merge pull request #4647 from fidencio/topic/fix-clh-crash-when-booting-up-with-no-network-device
418a03a12 Merge pull request #4639 from fidencio/topic/packaging-rework-qemu-build-suffix
be31207f6 clh: Don't crash if no network device is set by the upper layer
39974fbac Merge pull request #4642 from fidencio/topic/clh-bump-to-v25.0-release
051181249 packaging: Add a "-" in the dir name if $BUILD_DIR is available
dc3b6f659 versions: Update Cloud Hypervisor to v25.0
201ff223f packaging: Use the $BUILD_SUFFIX when renaming the qemu binary
9f0e4bb77 Merge pull request #4628 from fidencio/topic/rework-tee-kernel-builds
cda1919a0 Merge pull request #4609 from fidencio/topic/kata-deploy-simplify-config-path-handling
1a25afcdf kernel: Allow passing the URL to download the tarball
0024b8d10 Merge pull request #4617 from Yuan-Zhuo/main
80c68b80a kernel: Deduplicate code used for building TEE kernels
f7ccf92dc kata-deploy: Rely on the configured config path
386a523a0 kata-deploy: Pass the config path to CRI-O
13df57c39 build: save lines for repository_owner check
f59939a31 runk: Support exec sub-command
0aefab4d8 Merge pull request #4739 from liubin/fix/4738-trace-rpc-calls
54147db92 Merge pull request #4170 from Alex-Carter01/build-amdsev-ovmf
638c2c416 static-build: Add AmdSev option for OVMF builder Introduces new build of firmware needed for SEV
f0b58e38d static-build: Add build script for OVMF
a67402cc1 Merge pull request #4397 from yaoyinnan/3073/ftr/host-cgroupv2
229ff29c0 Merge pull request #4758 from GabyCT/topic/updaterunc
5c3155f7e runtime: Support for host cgroup v2
4ab45e5c9 docs: Update support for host cgroupv2
9dfd949f2 Merge pull request #4646 from amshinde/add-liburing-qemu
326eb2f91 versions: Update runc version
557229c39 Merge pull request #4724 from yahaa/fix-docs
1b01ea53d Merge pull request #4735 from nubificus/feature-fc-v1.1
27c82018d Merge pull request #4753 from Tim-Zhang/agent-fix-stream-fd-double-close
6fddf031d Merge pull request #4664 from lifupan/main
f5aa6ae46 agent: Fix stream fd's double close problem
6e149b43f Docs: fix tables format error
56d49b507 versions: Update Firecracker version to v1.1.0
0e24f47a4 agent: log RPC calls for debugging
e764a726a Merge pull request #4715 from Tim-Zhang/fix-ut-test_do_write_stream
427b29454 Merge pull request #4709 from liubin/fix/4708-unwrap-error
033737783 Merge pull request #4695 from liubin/4694/upgrade-nydus-version
0b4a91ec1 Merge pull request #4644 from bookinabox/optimize-get-paths
68c265587 Merge pull request #4718 from GabyCT/topic/updatefirecrackerversion
df79c8fe1 versions: Update firecracker version
912641509 agent: fix fd-double-close problem in ut test_do_write_stream
0d7cb7eb1 agent: delete agent-type property in announce
eec9ac81e rustjail: check result to let it return early.
402bfa0ce nydus: upgrade nydus/nydus-snapshotter version
6d56cdb9a Merge pull request #4686 from xujunjie-cover/issue4685
72dbd1fcb kata-monitor: fix can't monitor /run/vc/sbs.
f690b0aad qemu: Add liburing to qemu build
d93e4b939 container: kill all of the processes in this container
575b5eb5f Merge pull request #4506 from cyyzero/runk-exec
9ae2a45b3 cgroups: remove unnecessary get_paths()
0cc20f014 Merge pull request #4647 from fidencio/topic/fix-clh-crash-when-booting-up-with-no-network-device
418a03a12 Merge pull request #4639 from fidencio/topic/packaging-rework-qemu-build-suffix
be31207f6 clh: Don't crash if no network device is set by the upper layer
39974fbac Merge pull request #4642 from fidencio/topic/clh-bump-to-v25.0-release
051181249 packaging: Add a "-" in the dir name if $BUILD_DIR is available
dc3b6f659 versions: Update Cloud Hypervisor to v25.0
201ff223f packaging: Use the $BUILD_SUFFIX when renaming the qemu binary
9f0e4bb77 Merge pull request #4628 from fidencio/topic/rework-tee-kernel-builds
cda1919a0 Merge pull request #4609 from fidencio/topic/kata-deploy-simplify-config-path-handling
1a25afcdf kernel: Allow passing the URL to download the tarball
0024b8d10 Merge pull request #4617 from Yuan-Zhuo/main
80c68b80a kernel: Deduplicate code used for building TEE kernels
f7ccf92dc kata-deploy: Rely on the configured config path
386a523a0 kata-deploy: Pass the config path to CRI-O
13df57c39 build: save lines for repository_owner check
f59939a31 runk: Support exec sub-command
0e24f47a4 agent: log RPC calls for debugging
fa0b11fc5 runtime-rs: fix stdin hang in azure
57c556a80 runtime-rs: fix stop failed in azure
638c2c416 static-build: Add AmdSev option for OVMF builder Introduces new build of firmware needed for SEV
f0b58e38d static-build: Add build script for OVMF
5c3155f7e runtime: Support for host cgroup v2
4ab45e5c9 docs: Update support for host cgroupv2
326eb2f91 versions: Update runc version
f690b0aad qemu: Add liburing to qemu build
b3147411e runtime-rs:add unit test for set share pid ns
1ef3f8eac runtime-rs: set share sandbox pid namespace
6e149b43f Docs: fix tables format error
56d49b507 versions: Update Firecracker version to v1.1.0
f5aa6ae46 agent: Fix stream fd's double close problem
d93e4b939 container: kill all of the processes in this container
c825065b2 runtime-rs: fix tc filter setup failed
e0194dcb5 runtime-rs: update route destination with prefix
43045be8d runtime-rs: handle default_vcpus greator than default_maxvcpu
912641509 agent: fix fd-double-close problem in ut test_do_write_stream
896478c92 runtime-rs: add functionalities support for macvlan and vlan endpoints
fa85fd584 docs: add rust environment setup for kata 3.0
0d7cb7eb1 agent: delete agent-type property in announce
eec9ac81e rustjail: check result to let it return early.
402bfa0ce nydus: upgrade nydus/nydus-snapshotter version
54f53d57e runtime-rs: support disable_guest_seccomp
9ae2a45b3 cgroups: remove unnecessary get_paths()
df79c8fe1 versions: Update firecracker version
72dbd1fcb kata-monitor: fix can't monitor /run/vc/sbs.
e9988f0c6 runtime-rs: fix sandbox_cgroup_only=false panic
cebbebbe8 runtime-rs: fix ctr exit failed
4331ef80d Runtime-rs: add installation guide for rust-runtime
62182db64 runtime-rs: add unit test for ipvlan endpoint
d8920b00c runtime-rs: support functionalities of ipvlan endpoint
19eca71cd runtime-rs: remove the value of hypervisor path in DB config
996a6b80b kata-sys-util: upgrade nix version
99654ce69 runtime-rs: update dbs-xxx dependencies
f4c3adf59 runtime-rs: Add compile option file
545ae3f0e runtime-rs: fix warning
2b01e9ba4 dragonball: fix warning
f59939a31 runk: Support exec sub-command
3c989521b dragonball: update for review
274598ae5 kata-runtime: add dragonball config check support.
1befbe673 runtime-rs: Cargo lock for fix version problem
3d6156f6e runtime-rs: support dragonball and runtime-binary
3f6123b4d libs: update configuration and annotations
be31207f6 clh: Don't crash if no network device is set by the upper layer
051181249 packaging: Add a "-" in the dir name if $BUILD_DIR is available
201ff223f packaging: Use the $BUILD_SUFFIX when renaming the qemu binary
dc3b6f659 versions: Update Cloud Hypervisor to v25.0
0826a2157 Merge remote-tracking branch 'origin/main' into runtime-rs-1
46fd7ce02 Merge pull request #4595 from amshinde/fix-clh-tarball-build
33360f171 Merge pull request #4600 from ManaSugi/fix/selinux-hypervisor-config
f36bc8bc5 Merge pull request #4616 from GabyCT/topic/updatecontainerddoc
57c2d8b74 docs: Update URL links for containerd documentation
e57a1c831 build: Mark git repos as safe for build
ee3f5558a Merge pull request #4606 from liubin/fix/4605-delete-cri-containerd-plugin
c09634dbc Merge pull request #4592 from fidencio/revert-kata-deploy-changes-after-2.5.0-rc0-release
2551924bd docs: delete CRI containerd plugin statement
bee791593 Merge pull request #4533 from bookinabox/simplify-nproc
efdb92366 build: Fix clh source build as normal user
0e40ecf38 tools/snap: simplify nproc
be68cf071 Merge pull request #4597 from bergwolf/github/action
4d89476c9 runtime: Fix DisableSelinux config
ac91fb7a1 Merge pull request #4591 from fidencio/2.5.0-rc0-branch-bump
3bafafec5 action: extend commit message line limit to 150 bytes
5010c643c release: Revert kata-deploy changes after 2.5.0-rc0 release
2d29791c1 release: Kata Containers 2.5.0-rc0
f4eea832a release: Adapt kata-deploy for 2.5.0-rc0
071dd4c79 Merge pull request #4109 from pmores/drop-in-cfg-files-support
d9e868f44 Merge pull request #4479 from quanweiZhou/enhance-get-handled-signal
b33ad7e57 Merge pull request #4574 from jelipo/fix-serde-serializing
018973828 Merge pull request #4576 from ManaSugi/fix/oci-poststart-hook
cd2d8c6fe Merge pull request #4580 from ManaSugi/fix/replace-libc-with-nix
a1de394e5 Merge pull request #4550 from liubin/fix/4548-overwrite-mount-type-for-bind-mount
44ec9684d Merge pull request #4573 from amshinde/unsafe-repo-runtime-shimv2
0ddb34a38 oci: fix serde skip serializing condition
fbb2e9bce agent: Replace some libc functions with nix ones
acd3302be agent: Run OCI poststart hooks after a container is launched
635fa543a Merge pull request #4560 from bookinabox/update-commit-message-check
1f363a386 runtime: overwrite mount type to bind for bind mounts
4e48509ed build: Set safe.directory for runtime repo
c29038a2e Merge pull request #4562 from ManaSugi/git-safe-repo
02a51e75a Merge pull request #4554 from liubin/fix/delete-not-used-console-from-container-config
aa561b49f Merge pull request #4540 from fidencio/topic/default_maxmemory
48ccd4233 ci: Set safe.directory against tests repository
2a4fbd6d8 agent: enhance get handled signal
433816cca ci/cd: update check-commit-message
2a94261df Merge pull request #4549 from liubin/fix/4419-set-status-if-wait-process-failed
1e12d5651 Merge pull request #4469 from egernst/config-validation-refactor
a5a25ed13 runtime: delete Console from Cmd type
96553e8bd runtime: Add documentation of drop-in config file fragments
c656457e9 runtime: Add tests of drop-in config file decoding
99f5ca80f runtime: Plug drop-in decoding into decodeConfig()
0f9856c46 runtime: Scan drop-in directory, read files and decode them
2c1efcc69 runtime: Add helpers to copy fields between tomlConfig instances
20f11877b runtime: Add framework to manipulate config structs via reflection
ab5f1c956 shim: set a non-zero return code if the wait process call failed.
e5be5cb08 runtime: device: cleanup outdated comments
5f936f268 virtcontainers: config validation is host specific
323271403 virtcontainers: Remove unused function
0939f5181 config: Expose default_maxmemory
58ff2bd5c clh,qemu: Adapt to using default_maxmemory
ad055235a Merge pull request #4547 from GabyCT/topic/removeunuseddocker
b2c038799 Merge pull request #4130 from surajssd/add-cgroup-driver-info
1a78c3df2 packaging: Remove unused kata docker configure script
afdc96042 hypervisor: Add default_maxmemory configuration
bdf5e5229 virtcontainers: validate hypervisor config outside of hypervisor itself
469e09854 katautils: don't do validation when loading hypervisor config
0e2459d13 docs: Add cgroupDriver for containerd
1a25afcdf kernel: Allow passing the URL to download the tarball
80c68b80a kernel: Deduplicate code used for building TEE kernels
d2584991e dragonball: fix dependency unused warning
458f6f42f dragonball: use const string for legacy device type
f6f96b8fe dragonball: add legacy device support for aarch64
7a4183980 dragonball: add device info support for aarch64
f7ccf92dc kata-deploy: Rely on the configured config path
386a523a0 kata-deploy: Pass the config path to CRI-O
13df57c39 build: save lines for repository_owner check
939959e72 docs: add Dragonball to hypervisors
2bb1eeaec docs: further questions related to upcall
026aaeecc docs: add FAQ to the report
fffcb8165 docs: update the content of the report
42ea854eb docs: kata 3.0 Architecture
46fd7ce02 Merge pull request #4595 from amshinde/fix-clh-tarball-build
33360f171 Merge pull request #4600 from ManaSugi/fix/selinux-hypervisor-config
f36bc8bc5 Merge pull request #4616 from GabyCT/topic/updatecontainerddoc
57c2d8b74 docs: Update URL links for containerd documentation
e57a1c831 build: Mark git repos as safe for build
ee3f5558a Merge pull request #4606 from liubin/fix/4605-delete-cri-containerd-plugin
c09634dbc Merge pull request #4592 from fidencio/revert-kata-deploy-changes-after-2.5.0-rc0-release
2551924bd docs: delete CRI containerd plugin statement
bee791593 Merge pull request #4533 from bookinabox/simplify-nproc
efdb92366 build: Fix clh source build as normal user
0e40ecf38 tools/snap: simplify nproc
be68cf071 Merge pull request #4597 from bergwolf/github/action
4d89476c9 runtime: Fix DisableSelinux config
ac91fb7a1 Merge pull request #4591 from fidencio/2.5.0-rc0-branch-bump
3bafafec5 action: extend commit message line limit to 150 bytes
5010c643c release: Revert kata-deploy changes after 2.5.0-rc0 release
2d29791c1 release: Kata Containers 2.5.0-rc0
f4eea832a release: Adapt kata-deploy for 2.5.0-rc0
071dd4c79 Merge pull request #4109 from pmores/drop-in-cfg-files-support
d9e868f44 Merge pull request #4479 from quanweiZhou/enhance-get-handled-signal
b33ad7e57 Merge pull request #4574 from jelipo/fix-serde-serializing
018973828 Merge pull request #4576 from ManaSugi/fix/oci-poststart-hook
cd2d8c6fe Merge pull request #4580 from ManaSugi/fix/replace-libc-with-nix
a1de394e5 Merge pull request #4550 from liubin/fix/4548-overwrite-mount-type-for-bind-mount
44ec9684d Merge pull request #4573 from amshinde/unsafe-repo-runtime-shimv2
0ddb34a38 oci: fix serde skip serializing condition
fbb2e9bce agent: Replace some libc functions with nix ones
acd3302be agent: Run OCI poststart hooks after a container is launched
635fa543a Merge pull request #4560 from bookinabox/update-commit-message-check
1f363a386 runtime: overwrite mount type to bind for bind mounts
4e48509ed build: Set safe.directory for runtime repo
c29038a2e Merge pull request #4562 from ManaSugi/git-safe-repo
02a51e75a Merge pull request #4554 from liubin/fix/delete-not-used-console-from-container-config
aa561b49f Merge pull request #4540 from fidencio/topic/default_maxmemory
48ccd4233 ci: Set safe.directory against tests repository
2a4fbd6d8 agent: enhance get handled signal
433816cca ci/cd: update check-commit-message
2a94261df Merge pull request #4549 from liubin/fix/4419-set-status-if-wait-process-failed
1e12d5651 Merge pull request #4469 from egernst/config-validation-refactor
a5a25ed13 runtime: delete Console from Cmd type
96553e8bd runtime: Add documentation of drop-in config file fragments
c656457e9 runtime: Add tests of drop-in config file decoding
99f5ca80f runtime: Plug drop-in decoding into decodeConfig()
0f9856c46 runtime: Scan drop-in directory, read files and decode them
2c1efcc69 runtime: Add helpers to copy fields between tomlConfig instances
20f11877b runtime: Add framework to manipulate config structs via reflection
ab5f1c956 shim: set a non-zero return code if the wait process call failed.
e5be5cb08 runtime: device: cleanup outdated comments
5f936f268 virtcontainers: config validation is host specific
323271403 virtcontainers: Remove unused function
0939f5181 config: Expose default_maxmemory
58ff2bd5c clh,qemu: Adapt to using default_maxmemory
ad055235a Merge pull request #4547 from GabyCT/topic/removeunuseddocker
b2c038799 Merge pull request #4130 from surajssd/add-cgroup-driver-info
1a78c3df2 packaging: Remove unused kata docker configure script
afdc96042 hypervisor: Add default_maxmemory configuration
bdf5e5229 virtcontainers: validate hypervisor config outside of hypervisor itself
469e09854 katautils: don't do validation when loading hypervisor config
0e2459d13 docs: Add cgroupDriver for containerd
e57a1c831 build: Mark git repos as safe for build
efdb92366 build: Fix clh source build as normal user
9cee52153 fmt: do cargo fmt and add a dependency for blk_dev
47a4142e0 fs: change vhostuser and virtio into const
e14e98bbe cpu_topo: add handle_cpu_topology function
5d3b53ee7 downtime: add downtime support
6a1fe85f1 vfio: add vfio as TODO
5ea35ddcd refractor: remove redundant by_id
b646d7cb3 config: remove ht_enabled
cb54ac6c6 memory: remove reserve_memory_bytes
bde6609b9 hotplug: add room for other hotplug solution
d88b1bf01 dragonball: update vsock dependency
dd003ebe0 Dragonball: change error name and fix compile error
38957fe00 UT: fix compile error in unit tests
11b3f9514 dragonball: add virtio-fs device support
948381bdb dragonball: add virtio-net device support
3d20387a2 dragonball: add virtio-blk device support
87d38ae49 Doc: add document for Dragonball API
090de2dae dragonball: fix the clippy errors.
a1593322b dragonball: add vsock api to api server
89b9ba860 dragonball: add set_vm_configuration api
95fa0c70c dragonball: add start microvm support
5c1ccc376 dragonball: add Vmm struct
4d234f574 dragonball: refactor code layout
cfd5dae47 dragonball: add vm struct
527b73a8e dragonball: remove unused feature in AddressSpaceMgr
4d89476c9 runtime: Fix DisableSelinux config
57c2d8b74 docs: Update URL links for containerd documentation
2551924bd docs: delete CRI containerd plugin statement
5010c643c release: Revert kata-deploy changes after 2.5.0-rc0 release
0e40ecf38 tools/snap: simplify nproc
3bafafec5 action: extend commit message line limit to 150 bytes
7120afe4e dragonball: add vcpu test function for aarch64
648d285a2 dragonball: add vcpu support for aarch64
7dad7c89f dragonball: update dbs-xxx dependency
c8a905206 build: format files
242992e3d build: put install methods in utils.mk
8a697268d build: makefile for dragonball config
07231b2f3 runtime-rs:refactor network model with netlink
9c526292e runtime-rs:refactor network model with netlink
f3907aa12 runtime-rs:Merge remote-tracking branch 'origin/main' into runtime-rs-newv
916ffb75d Merge pull request #4432 from liubin/fix/4420-binary-log
4e30e11b3 shim: support shim v2 logging plugin
27b1bb5ed Merge pull request #4467 from egernst/device-pkg
e32bf5331 device: deduplicate state structures
f97d9b45c runtime: device/persist: drop persist dependency from device pkgs
f9e96c650 runtime: device: move to top level package
3880e0c07 agent: refactor reading file timing for debugging
2488a0f6c Merge pull request #4439 from amshinde/update-kernel-to-5.15.46
083ca5f21 Merge pull request #4505 from yoheiueda/agent-debug-build
03fca8b45 Merge pull request #4526 from fidencio/topic/fix-clippy-warnings-and-update-agent-vendored-code
c70d3a2c3 agent: Update the dependencies
612fd79ba random: Fix "nonminimal-bool" clippy warning
d4417f210 netlink: Fix "or-fun-call" clippy warnings
93874cb3b packaging: Restrict kernel patches applied to top-level dir
07b1367c2 versions: Update kernel to latest LTS version 5.15.48
133528dd1 Merge pull request #4503 from amshinde/multi-queue-block
f186a52b1 Merge pull request #4511 from fidencio/topic/add-config-efi-to-the-tdx-kernel
1b7d36fdb agent: Allow BUILD_TYPE=debug
9ff10c083 kernel: Add CONFIG_EFI=y as part of the TDX fragments
78e27de6c Merge pull request #4358 from zvonkok/memreserve
e227b4c40 block: Leverage multiqueue for virtio-block
72049350a Merge pull request #4288 from fengwang666/enable-qemu-sandbox
8eac22ac5 Merge pull request #4495 from Amulyam24/snap-fix
e7e7dc9df runtime: Add heuristic to get the right value(s) for mem-reserve
e422730c7 Merge pull request #4497 from GabyCT/topic/removeunusedref
e11fcf7d3 Merge pull request #4168 from Champ-Goblem/patch/fix-chronyd-failure-on-boot
c7dd10e5e packaging: Remove unused publish kata image script
0bbbe7068 snap: fix snap build on ppc64le
6fd40085e Merge pull request #4484 from cmaf/tracing-update-rootspan-name
2c1b68d6e Merge pull request #4481 from zvonkok/fix-action
ef925d40c runtime: enable sandbox feature on qemu
28995301b tracing: Remove whitespace from root span
9941588c0 workflow: Removing man-db, workflow kept failing
1b7fd19ac rootfs: Fix chronyd.service failing on boot
916ffb75d Merge pull request #4432 from liubin/fix/4420-binary-log
4e30e11b3 shim: support shim v2 logging plugin
27b1bb5ed Merge pull request #4467 from egernst/device-pkg
e32bf5331 device: deduplicate state structures
f97d9b45c runtime: device/persist: drop persist dependency from device pkgs
f9e96c650 runtime: device: move to top level package
3880e0c07 agent: refactor reading file timing for debugging
2488a0f6c Merge pull request #4439 from amshinde/update-kernel-to-5.15.46
083ca5f21 Merge pull request #4505 from yoheiueda/agent-debug-build
03fca8b45 Merge pull request #4526 from fidencio/topic/fix-clippy-warnings-and-update-agent-vendored-code
c70d3a2c3 agent: Update the dependencies
612fd79ba random: Fix "nonminimal-bool" clippy warning
d4417f210 netlink: Fix "or-fun-call" clippy warnings
93874cb3b packaging: Restrict kernel patches applied to top-level dir
07b1367c2 versions: Update kernel to latest LTS version 5.15.48
133528dd1 Merge pull request #4503 from amshinde/multi-queue-block
f186a52b1 Merge pull request #4511 from fidencio/topic/add-config-efi-to-the-tdx-kernel
1b7d36fdb agent: Allow BUILD_TYPE=debug
9ff10c083 kernel: Add CONFIG_EFI=y as part of the TDX fragments
78e27de6c Merge pull request #4358 from zvonkok/memreserve
e227b4c40 block: Leverage multiqueue for virtio-block
72049350a Merge pull request #4288 from fengwang666/enable-qemu-sandbox
8eac22ac5 Merge pull request #4495 from Amulyam24/snap-fix
e7e7dc9df runtime: Add heuristic to get the right value(s) for mem-reserve
e422730c7 Merge pull request #4497 from GabyCT/topic/removeunusedref
e11fcf7d3 Merge pull request #4168 from Champ-Goblem/patch/fix-chronyd-failure-on-boot
c7dd10e5e packaging: Remove unused publish kata image script
0bbbe7068 snap: fix snap build on ppc64le
6fd40085e Merge pull request #4484 from cmaf/tracing-update-rootspan-name
2c1b68d6e Merge pull request #4481 from zvonkok/fix-action
ef925d40c runtime: enable sandbox feature on qemu
28995301b tracing: Remove whitespace from root span
9941588c0 workflow: Removing man-db, workflow kept failing
1b7fd19ac rootfs: Fix chronyd.service failing on boot
71db2dd5b hotplug: add room for future acpi hotplug mechanism
8bb00a3dc dragonball: fix a bug when generating kernel boot args
2aedd4d12 doc: add document for vCPU, api and device
bec22ad01 dragonball: add api module
07f44c3e0 dragonball: add vcpu manager
78c971875 dragonball: add upcall support
7d1953b52 dragonball: add vcpu
468c73b3c dragonball: add kvm context
e89e6507a dragonball: add signal handler
b6cb2c4ae dragonball: add metrics system
e80e0c464 dragonball: add io manager wrapper
86123f49f Merge branch 'main' into runtime-rs
f30fe86dc Merge pull request #4456 from Bevisy/fixIssue4454
553ec4611 Merge pull request #4436 from alex-matei/fix/sandbox-mem-overflow
0d33b2880 Merge pull request #4459 from jodh-intel/snap-fix-cli-options
9766a285a Merge pull request #4422 from snir911/dependabot_bumps
90a7763ac snap: Fix debug cli option
d06dd8fcd Merge pull request #4312 from fidencio/topic/pass-the-tuntap-fd-to-clh
a305bafee docs: Update outdated URLs and keep them available
185360cb9 Merge pull request #4452 from GabyCT/topic/updatedeveloperguide
db2a4d6cd Merge pull request #4441 from liubin/fix/refactor-reading-mountstat-log
bee770343 docs: Update containerd url link
ac5dbd859 clh: Improve logging related to the net dev addition
0b75522e1 network: Set queues to 1 to ensure we get the network fds
93b61e0f0 network: Add FFI_NO_PI to the netlink flags
bf3ddc125 clh: Pass the tuntap fds down to Cloud Hypervisor
55ed32e92 clh: Take care of the VmAdNetdPut request ourselves
01fe09a4e clh: Hotplug the network devices
2e0753833 clh: Expose VmAddNetPut
c84a42525 Merge pull request #4442 from openanolis/anolis/fix_safepath_clippy
1d5448fbc Merge pull request #4180 from Alex-Carter01/build-kernel-efi-secret
a80eb33cd Merge pull request #4308 from fidencio/topic/virtiofsd-switch-to-using-the-rust-version-on-all-arches
81acfc128 Merge pull request #4425 from liubin/fix/4376-change-log-level-of-getoomevent
9b93db022 Merge pull request #4417 from jodh-intel/docs-monitor-considerations
1ef0b7ded runtime: Switch to using the rust version of virtiofsd (all but power)
bb26bd73b safe-path: fix clippy warning
1a5ba31cb agent: refactor reading file timing for debugging
721ca72a6 runtime: fix error when trying to parse sandbox sizing annotations
aefe11b9b Merge pull request #4331 from dgibson/config-enable-iommu-annotation
7deb87dcb Merge pull request #4434 from fidencio/topic/bump-virtiofsd-release
f811c8b60 Merge pull request #4431 from jodh-intel/docs-arch-storage-limits
9773838c0 virtiofsd: export env vars needed for building it
b0e090f40 versions: Bump virtiofsd to v1.3.0
db5048d52 kernel: build efi_secret module for SEV
1b845978f docs: Add storage limits to arch doc
412441308 docs: Add more kata monitor details
eff4e1017 shim: change the log level for GetOOMEvent call failures
5d7fb7b7b build(deps): bump github.com/containerd/containerd in /src/runtime
d0ca2fcbb build(deps): bump crossbeam-utils in /src/tools/trace-forwarder
a60dcff4d build(deps): bump regex from 1.5.4 to 1.5.6 in /src/tools/agent-ctl
dbf50672e build(deps): bump crossbeam-utils in /src/tools/agent-ctl
8e2847bd5 build(deps): bump crossbeam-utils from 0.8.6 to 0.8.8 in /src/libs
e9ada165f build(deps): bump regex from 1.5.4 to 1.5.5 in /src/agent
adad9cef1 build(deps): bump crossbeam-utils from 0.8.5 to 0.8.8 in /src/agent
8f10e13e0 config: Allow enable_iommu pod annotation by default
f30fe86dc Merge pull request #4456 from Bevisy/fixIssue4454
553ec4611 Merge pull request #4436 from alex-matei/fix/sandbox-mem-overflow
0d33b2880 Merge pull request #4459 from jodh-intel/snap-fix-cli-options
9766a285a Merge pull request #4422 from snir911/dependabot_bumps
90a7763ac snap: Fix debug cli option
d06dd8fcd Merge pull request #4312 from fidencio/topic/pass-the-tuntap-fd-to-clh
a305bafee docs: Update outdated URLs and keep them available
185360cb9 Merge pull request #4452 from GabyCT/topic/updatedeveloperguide
db2a4d6cd Merge pull request #4441 from liubin/fix/refactor-reading-mountstat-log
bee770343 docs: Update containerd url link
ac5dbd859 clh: Improve logging related to the net dev addition
0b75522e1 network: Set queues to 1 to ensure we get the network fds
93b61e0f0 network: Add FFI_NO_PI to the netlink flags
bf3ddc125 clh: Pass the tuntap fds down to Cloud Hypervisor
55ed32e92 clh: Take care of the VmAdNetdPut request ourselves
01fe09a4e clh: Hotplug the network devices
2e0753833 clh: Expose VmAddNetPut
c84a42525 Merge pull request #4442 from openanolis/anolis/fix_safepath_clippy
1d5448fbc Merge pull request #4180 from Alex-Carter01/build-kernel-efi-secret
a80eb33cd Merge pull request #4308 from fidencio/topic/virtiofsd-switch-to-using-the-rust-version-on-all-arches
81acfc128 Merge pull request #4425 from liubin/fix/4376-change-log-level-of-getoomevent
9b93db022 Merge pull request #4417 from jodh-intel/docs-monitor-considerations
1ef0b7ded runtime: Switch to using the rust version of virtiofsd (all but power)
bb26bd73b safe-path: fix clippy warning
1a5ba31cb agent: refactor reading file timing for debugging
721ca72a6 runtime: fix error when trying to parse sandbox sizing annotations
aefe11b9b Merge pull request #4331 from dgibson/config-enable-iommu-annotation
7deb87dcb Merge pull request #4434 from fidencio/topic/bump-virtiofsd-release
f811c8b60 Merge pull request #4431 from jodh-intel/docs-arch-storage-limits
9773838c0 virtiofsd: export env vars needed for building it
b0e090f40 versions: Bump virtiofsd to v1.3.0
db5048d52 kernel: build efi_secret module for SEV
1b845978f docs: Add storage limits to arch doc
412441308 docs: Add more kata monitor details
eff4e1017 shim: change the log level for GetOOMEvent call failures
5d7fb7b7b build(deps): bump github.com/containerd/containerd in /src/runtime
d0ca2fcbb build(deps): bump crossbeam-utils in /src/tools/trace-forwarder
a60dcff4d build(deps): bump regex from 1.5.4 to 1.5.6 in /src/tools/agent-ctl
dbf50672e build(deps): bump crossbeam-utils in /src/tools/agent-ctl
8e2847bd5 build(deps): bump crossbeam-utils from 0.8.6 to 0.8.8 in /src/libs
e9ada165f build(deps): bump regex from 1.5.4 to 1.5.5 in /src/agent
adad9cef1 build(deps): bump crossbeam-utils from 0.8.5 to 0.8.8 in /src/agent
8f10e13e0 config: Allow enable_iommu pod annotation by default
d5ee3fc85 safe-path: fix clippy warning
93c10dfd8 runtime-rs: add crosvm license in Dragonball
dfe6de771 dragonball: add dragonball into kata README
39ff85d61 dragonball: green ci
71f24d827 dragonball: add Makefile.
a1df6d096 Doc: Update Dragonball Readme and add document for device
8619f2b3d dragonball: add virtio vsock device manager.
52d42af63 dragonball: add device manager.
c1c1e5152 dragonball: add kernel config.
6850ef99a dragonball: add configuration manager.
0bcb422fc dragonball: add legacy devices manager
3c45c0715 dragonball: add console manager.
3d38bb300 dragonball: add address space manager.
aff604055 dragonball: add resource manager support.
8835db6b0 dragonball: initial commit
Compatibility with CRI-O
Kata Containers 3.0.0 is compatible with CRI-O
Compatibility with containerd
Kata Containers 3.0.0 is compatible with contaienrd v1.5.2
OCI Runtime Specification
Kata Containers 3.0.0 support the OCI Runtime Specification v1.0.0-rc5
Compatibility with Kubernetes
Kata Containers 3.0.0 is compatible with Kubernetes 1.23.1-00
Libseccomp Notices
The kata-agent binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.
The kata-agent uses the libseccomp v2.5.4 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
If you want to use the kata-agent which is not statically linked with the library, you can build
a custom kata-agent that does not use the library from sources.
For the details, please check the developer guide.
Kata Linux Containers image
Agent version: 3.0.0
Default Image Guest OS:
description: | Root filesystem disk image used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "ubuntu" version: "latest" ppc64le: name: "ubuntu" version: "latest" s390x: name: "ubuntu" version: "latest" x86_64: name: "clearlinux" version: "latest" meta: image-type: "clearlinux"
Default Initrd Guest OS:
description: | Root filesystem initrd used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "alpine" version: "3.15"
Do not use Alpine on ppc64le & s390x, the agent cannot use musl because
there is no such Rust target
ppc64le: name: "ubuntu" version: "20.04" s390x: name: "ubuntu" version: "20.04" x86_64: name: "alpine" version: "3.15"
Kata Linux Containers Kernel
Kata Containers 3.0.0 suggest to use the Linux kernel v5.19.2 See the kernel suggested Guest Kernel patches See the kernel suggested Guest Kernel config
Installation
Follow the Kata installation instructions.
Issues & limitations
More information Limitations
1、 kata-containers-3.0.0-vendor.tar.gz 166.51MB
2、 kata-static-3.0.0-x86_64.tar.xz 114.12MB
3、 libseccomp-2.5.4.tar.gz 622.29KB
4、 libseccomp-2.5.4.tar.gz.asc 833B