Skip to content

Kata Containers 3.1.0-alpha0

Pre-release
Pre-release
Compare
Choose a tag to compare
@bergwolf bergwolf released this 09 Oct 08:48
· 6008 commits to main since this release
3.1.0-alpha0
acd72c4
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Release 3.1.0-alpha0

kata-containers Changes

  • runtime: Support for AMD SEV-SNP VMs
  • runtime-rs: debug console support in runtime
  • runtime-rs: support watchable mount
  • runtime-rs/agent locking optimization
  • Cloud Hypervisor support upgraded to v27.0
  • various bugfix and CI improvements

Shortlog

ee74231 release: Kata Containers 3.1.0-alpha0
102a9dd workflow: Revert "workflow: trigger test-kata-deploy with pull_request"
68e8a86 runtime: fix incorrect comment for SetFsSharingSupport function
04bbce8 virtcontainers: add warn log record for qmp hotplug cpu error
53f209a libs/kata-types: adjust default_vcpus correctly
3aeaa64 runtime-rs: delete duplicated PASSTHROUGH_FS_DIR const
435c8f1 acrn: Enable ACRN hypervisor support for Kata 2.x release
c31cf72 agent: reduce reference count for failed mount
ef5a2dc agent: don't exit early if signal fails due to ESRCH
43ae972 kata-sys-util: delete duplicated get_bundle_path
4da743f packaging: Mount $HOME/.docker in the 1st layer container
067e2b1 runtime: clh: Use the new API to boot with TDX firmware (td-shim)
5d63fcf runtime: clh: Re-generate the client code
fe61070 versions: Upgrade to Cloud Hypervisor v27.0
17de94e microvm: Remove kernel_irqchip=on option
ac04831 kata-sys-util: fix typo unknow
f89ada2 dragonball: update ut for kernel config
a241276 versions: Update gperf url to avoid libseccomp random failures
a617a63 versions: Update oci version
6d585d5 dragonball: fix no "as_str" error on Arm
421729f tools: release: fix bogus version check
457b0be runtime-rs: update Cargo.lock
50299a3 refactor(runtime-rs): Use RwLock in runtime agent
0e89966 runtime-rs: fix shim close_io call to support kubectl cp
96cf21f runtime-rs: add comments for runtime-rs shared directory
7676cde workflow: trigger test-kata-deploy with pull_request
f108273 workflow: require PR num input on test-kata-deploy workflow_dispatch
90ecc01 Dragonball: update linux_loader to 0.6.0
abc26b0 dragonball: modify wrong code comments modify virtio_net_dev_mgr.rs wrong code comments
9bd9410 docs: Update urls in runk documentation
4a76392 runtime-rs: support watchable mount
e23bfd6 runtime-rs: make function name more understandable
426a436 runtime-rs: add unit test and eliminate raw string
87959cb runtime-rs: debug console support in runtime
d663f11 kata-deploy: get the config path from cri options
c6b3dcb kata-deploy: support kata-deploy for runtime-rs
a394761 kata-deploy: add installation for runtime-rs
2caee1f runtime-rs: define VFIO unbind path as a const
20bcaf0 runtime-rs: set agent timeout to 0 for stream RPCs
d9e6eb1 docs: Guide to use SNP-VMs with Kata-Containers
ded6017 runtime: Enable choice between AMD SEV and SNP
22bda08 runtime: Support for AMD SEV-SNP VMs
a2bbd29 kernel: Introduce SNP kernel
0e69405 docs: Developer-Guide updated
105eda5 runtime: Initrd path option added to config
adb33a4 packaging: fix typo in configure-hypervisor.sh
9628c7d runtime: update runc dependency
7fbc883 runtime-rs: drop dependency on rustc-serialize
bf2be0c release: Revert kata-deploy changes after 3.0.0-rc0 release
2082332 runtime-rs: add test for StaticResource
4696573 runtime-rs: remove hardcoded string
274de02 docs: add README for runtime-rs hypervisor crate
9670a3c runtime-rs: use Path.is_file to check regular files
a4a2345 osbuilder: Export directory variables for libseccomp
a828292 runtime-rs: add unit tests for network resource
a8a8a28 runtime-rs/resource: use macro to reduce duplicated code
3f65ff2 runtime-rs: fix incorrect comments
86a02c5 kernel: Add crypto kernel config for s390
f914319 runtime: store the user name in hypervisor config
5cafe21 runtime: make StopVM thread-safe
c301592 runtime: add more debug logs for non-root user operation
0399da6 runtime-rs: update dependencies
f6f1991 dragonball: update dragonball-sandbox dependencies
d55cf9a docs: Update url in virtualization document
7622452 Dragonball: Fix the problem about stdio console
aaf6d69 runtime-rs: call TomlConfig's validate function after load
5add50a runtime-rs: timeout for shim management client
9f13496 runtime-rs: shim management client
e891295 runtime-rs: shim management - agent-url
59aeb77 runtime-rs: shim management

Compatibility with CRI-O

Kata Containers 3.1.0-alpha0 is compatible with CRI-O

Compatibility with containerd

Kata Containers 3.1.0-alpha0 is compatible with contaienrd v1.5.2

OCI Runtime Specification

Kata Containers 3.1.0-alpha0 support the OCI Runtime Specification v1.0.2

Compatibility with Kubernetes

Kata Containers 3.1.0-alpha0 is compatible with Kubernetes 1.23.1-00

Libseccomp Notices

The kata-agent binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.

The kata-agent uses the libseccomp v2.5.4 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.

If you want to use the kata-agent which is not statically linked with the library, you can build
a custom kata-agent that does not use the library from sources.
For the details, please check the developer guide.

Kata Linux Containers image

Agent version: 3.1.0-alpha0

Default Image Guest OS:

description: |
Root filesystem disk image used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/kata-containers/tools/osbuilder"
architecture:
aarch64:
name: "ubuntu"
version: "latest"
ppc64le:
name: "ubuntu"
version: "latest"
s390x:
name: "ubuntu"
version: "latest"
x86_64:
name: "clearlinux"
version: "latest"
meta:
image-type: "clearlinux"

Default Initrd Guest OS:

description: |
Root filesystem initrd used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/kata-containers/tools/osbuilder"
architecture:
aarch64:
name: "alpine"
version: "3.15"

Do not use Alpine on ppc64le & s390x, the agent cannot use musl because

there is no such Rust target

ppc64le:
name: "ubuntu"
version: "20.04"
s390x:
name: "ubuntu"
version: "20.04"
x86_64:
name: "alpine"
version: "3.15"

Kata Linux Containers Kernel

Kata Containers 3.1.0-alpha0 suggest to use the Linux kernel v5.19.2
See the kernel suggested Guest Kernel patches
See the kernel suggested Guest Kernel config

Installation

Follow the Kata installation instructions.

Issues & limitations

More information Limitations

Assets 6
Loading