Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/
Please take the Kata Containers survey:
This will help the Kata Containers community understand:
The kata-agent binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.
The kata-agent uses the libseccomp v2.5.5 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
If you want to use the kata-agent which is not statically linked with the library, you can build
a custom kata-agent that does not use the library from sources.
The majority of the components of the project were built using containers. In order to do a step towards build reproducibility we publish those container images, and when those are used combined with the version of the projects listed as part of the "versions.yaml" file, users can get as close to the environment we used to build the release artefacts.
The users who want to rebuild the tarballs using exactly the same images can simply use the following environment variables:
AGENT_CONTAINER_BUILDER
COCO_GUEST_COMPONENTS_CONTAINER_BUILDER
KERNEL_CONTAINER_BUILDER
OVMF_CONTAINER_BUILDER
PAUSE_IMAGE_CONTAINER_BUILDER
QEMU_CONTAINER_BUILDER
SHIM_V2_CONTAINER_BUILDER
TOOLS_CONTAINER_BUILDER
VIRTIOFSD_CONTAINER_BUILDER
Follow the Kata installation instructions.
More information Limitations
Full Changelog: https://github.com/kata-containers/kata-containers/compare/4.0.0-test...4.1.0-test
Please take the Kata Containers survey:
This will help the Kata Containers community understand:
The kata-agent binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.
The kata-agent uses the libseccomp v2.5.5 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
If you want to use the kata-agent which is not statically linked with the library, you can build
a custom kata-agent that does not use the library from sources.
The majority of the components of the project were built using containers. In order to do a step towards build reproducibility we publish those container images, and when those are used combined with the version of the projects listed as part of the "versions.yaml" file, users can get as close to the environment we used to build the release artefacts.
The users who want to rebuild the tarballs using exactly the same images can simply use the following environment variables:
AGENT_CONTAINER_BUILDER
COCO_GUEST_COMPONENTS_CONTAINER_BUILDER
KERNEL_CONTAINER_BUILDER
OVMF_CONTAINER_BUILDER
PAUSE_IMAGE_CONTAINER_BUILDER
QEMU_CONTAINER_BUILDER
SHIM_V2_CONTAINER_BUILDER
TOOLS_CONTAINER_BUILDER
VIRTIOFSD_CONTAINER_BUILDER
Follow the Kata installation instructions.
More information Limitations
KataVirtualVolume structure into go runtime by @ChengyuZhu6 in https://github.com/kata-containers/kata-containers/pull/8471
KataVirtualVolume to the guest as devices in go runtime by @ChengyuZhu6 in https://github.com/kata-containers/kata-containers/pull/8494
tomlq to configure containerd by @fidencio in https://github.com/kata-containers/kata-containers/pull/8639
make test by @justxuewei in https://github.com/kata-containers/kata-containers/pull/8700
jq as part of the kata-deploy daemonset by @fidencio in https://github.com/kata-containers/kata-containers/pull/8709
make check by @ChengyuZhu6 in https://github.com/kata-containers/kata-containers/pull/9043
make vendor by @ChengyuZhu6 in https://github.com/kata-containers/kata-containers/pull/9112
Full Changelog: https://github.com/kata-containers/kata-containers/compare/3.3.0-alpha0...4.0.0-test
This release was mistakenly deleted by @fidencio while working on the new release process. Thankfully we had the tag, and the release has been re-created based on the tag.
The biggest change in 3.2.0 is the conversion of CI to GitHub actions as in the main development branch. This is part of the initiative to deprecate the test repository and to stop using Jenkins for CI.
224ae841ac30 release: Kata Containers 3.2.0
2cda69b2849c release: Adapt kata-deploy for 3.2.0
305e60300879 actions: Move all the checkout actions to v4
52a985e1f731 release: Always use actions/checkout to ensure we're in a git repo
dc0fe5d7a22a actions: release: Use GH cli instead of hub
93c7d165dccb ci: k8s: Fix bogus firecracker check in k8s-credentials-secrets.bat
12b8cbb4f6dd tests: Adjust timeout for agent stability test
37c99a46b1af tests: Enable agent stability test
92f283f06258 runtime: Validate hypervisor section name in config file
8cf5506700a7 metrics: fixes common.sh function to always return true
544f261433a6 metrics: skips docker restart when it is not installed or is masked.
26c6ca93d3c2 metrics: removing trailing comma characters from json file.
0e0aabfd872b metrics: removal of reference in the documentation to the dax test.
5d911db5e27b tests: Remove unused function from scability test
a380437380c5 tests: Fix path for versions yaml for soak parallel test
4495a797210f tests: Enable scability test for stability CI
961daee9835e scripts: Use install_yq from the kata-containers repo
9b48525af1d8 release: tag_repos: Stop tagging / updating the tests repo
668c8979f022 runtime: fix reading cgroup stats of sandboxes
11e2f2a458d5 versions: Bump virtiofsd to v1.8.0
9eb8723a5b5f clh: arm: Use static_sandbox_resource_mgmt=true
e7579d20f767 runtime/qemu: Rework QMP/HMP support
f0278f41d71d runtime/virtiofsd: Drop all references to "--cache=none"
4679aa771249 runtime/qemu: Pass "--xattr" to virtiofsd instead of "-o xattr"
03d712ab252c runtime: Allow virtio_fs_extra_args annotation
e0513094a02d runtime/vc: runPrestartHooks should ignore GetHypervisorPid failure
c17cbd30f0ea runtime: fail early when starting docker container with FC
7e6f8010bd6a runtime: run prestart hooks before starting VM for FC
fa824af2349a qemu: tdx: Workaround SMP issue with TDX 1.5
07471cd7a64e qemu: tdx: Adapt to the TDX 1.5 stack
2f28866f262e versions: tdx: Update Kernel to 6.2 + TDX
a36064c729f6 versions: tdx: Update TDVF to the "edk2-stable202302"
65e0b99eb4a8 versions: tdx: Update QEMU to v7.2 + TDX v1.10
9ce8ee6c0ca6 runtime/fc: fix image/initrd annotation handling
f86bfe0da33d runtime/clh: fix image/initrd annotation handling
59fae423b5f5 runtime/qemu: fix image/initrd annotation handling
ef65c5767fd7 kata-agent: use default filemode for block device when it is set to 0
93609aa0cd8b deps: Bump dependent crate versions
7ff98daecffa gha: Add install dependencies for stability tests
ef49db59f77a gha: Add general dependencies to stability tests
a818f628d7dc tests: Add soak parallel stability test
602c56c0d739 tests: Enable soak parallel test
a19553930798 ci: k8s: set KUBERNETES default value
c4456c21d92a tests: run k8s-volume on a given node
58ad83330053 tests: run k8s-file-volume on a given node
a54bdd00d592 tests: exec_host() now gets the node name
0eaf81c1a270 tests: add get_one_kata_node() to tests_common.sh
5f2c7c78ffdb ci: k8s: set KATA_HYPERVISOR default value
7fceb21362ca ci: k8s: configurable deploy kata timeout
c4b0f1f31baf ci: k8s: shellcheck fixes to gha-run.sh
6fb40ad47dd9 kata-deploy: re-format kata-[deploy|cleanup].yaml
5cd2e947dc78 ci: k8s: run_tests() for kcli
56cebfb4857a ci: k8s: add deploy-kata-kcli() to gh-run.sh
6b76d21568d3 ci: k8s: add cleanup-kcli() to gha-run.sh
308ce26438b7 ci: k8s: set default image for deploy_kata()
c3b91ed39498 ci: k8s: create k8s clusters with kcli
33791f09447a metrics: stops kata components and k8s deployment when test finishes
621e6e6d8c58 gha: combine coco jobs into a single yaml
fe52c0900c7e gha: combine basic amd64 jobs into a single yaml
301a7d94e32d gha: ci: Revert tracing test PR to unbreak CI
c1da29b9b152 ci: Port runk tests to this repo
63be808730b8 ci: Add placeholder for runk tests
6541969a8320 ci: Move tracing tests here
5d232c8143b0 ci: Add placeholder for tracing tests
619ef169fb9d ci: Create a function to install docker
16e31dd40946 metrics: Use jq tool to pretty-print json metrics output
1f9a4e908f1b metrics: Enables FIO test for kata containers
fe4f72e0a155 gha: Add containerd stability tests to ci yaml
7963298ba26c gha: Add stability gha run script
a4e0929054e3 gha: Add stability tests workflow for gha
be3a3c221b26 gha: arm64: Ensure the builder is arm64-builder
f20164dc75c2 packaging: tools: Remove set -x leftover
1941d87b8402 packaging: release: Mention newly added images
95da1c71ecea packaging: tools: Fix container image env var name
508016fca127 packaging: Allow passing the TOOLS_CONTAINER_BUILDER
bb1efe0d461d packaging: stable-3.2: Remove everything related to agent policy
892c9f2f03ab gha: Build the kata-agent as part of our workflows
a586b8c5815c packaging: Build the kata-agent
766a5fa1180a agent: Allow specifying DESTDIR and AGENT_POLICY via env vars
050a4260b9b6 packaging: Add get_agent_image_name()
3770b200a861 gha: Fix k0s deployment
cf254bc4ee51 tests: Add general stability fixes
1edf2d9bc15e tests: Add agent stability test
a8eec39559f4 tests: Add cassandra stress in stability tests
240c584ae298 tests: Add stressng dockerfile for stability tests
e95d3b1be56f tests: Add stressor CPU test for stability tests
4393f553e97c metrics: Add stability test for kata CI
362adea8cd42 metrics: Fix general check static warnings
16c349e76c97 docs: Update url in kata vra document
5800be50294c ci: Build src/tools components as part of our tests / releases
41b509e0a67f kata-deploy: Build components from src/tools
a5d7ba666215 static-build: Add scripts to build content from src/tools
d503daf75e05 packaging: Add get_tools_image_name()
b2e432c02468 packaging: Use git abbreviated hash
c22fdb46e338 metrics: Increase qemu jitter value
8a1af8689bfa metrics: Increase jitter value for clh
f3fcf6cbf974 metrics: Add checkmetrics for latency test
ce03e9f97a0d metrics: Add qemu latency value limit
cd82a351bd55 metrics: Add latency value limits for kata CI
1709f99975a7 ci: kata-monitor: Move tests over
a50c7f1972cc ci: Add placeholder for kata-monitor tests
c42d19619dfe ci: Make install_kata aware of container engines
5017435734be ci: Create a generic install_crio function
98e9434be46f ci: Add install_cni_plugins helper
c61b488b66f1 ci: Modify containerd default config
7c4617cfac57 metrics: Add init_env function to latency test
e106ecd1e4e6 metrics: Fix latency yamls path
665805c81cd6 metrics: Fix spelling warnings
b0c9b4254bbe metrics: Fix metrics README
c28a0a03f009 metrics: Fix C-Ray documentation
48a9b4ab1393 ci: crio: Trail '\r' from exec_host() output
2de1c8bac27d ci: crio: Enable default capabilities
d1d3c7cbdaee kata-deploy: Fix CRI-O detection
0de3216b088f kata-deploy: Add k0s support
468a3218f537 ci: crio: Pass -y to apt
3f2780fca657 metrics: Add latency benchmark for gha
73a084a7d4e8 metrics: Enable latency test in gha run script
cf3abd308f82 local-build: Fix .docker ownership before build-payload
8b607ff79a74 gha: Add pandoc as a dependency for static checks
6a9384ed4069 gha: Install hunspell for static checks
a11e8867afa8 ci: Trigger payload-after-push on workflow_dispatch
390bde3182a3 ci: Actually enable the CRI-O tests
f2953e644882 ci: k8s: rke2: Use sudo to call systemd
08bdb6b5da16 ci: k8s: Add a CRI-O test
b41fa6d9467c ci: k8s: Add a method to install CRI-O
67fef9d5c641 ci: k8s: k0s: Allow passing parameters to the k0s installer
2c3f130c8564 ci: kata-deploy: Fix runner name
7a8d848a92e0 ci: Enable kata-deploy tests for all the supported k8s flavours
7fc2f7d003ea ci: kata-deploy: Add the ability to deploy rke2
59a4b00d2962 ci: kata-deploy: Add the ability to deploy k0s
1a605c33add4 ci: kata-deploy: Add deploy-k8s argument to gha-run.sh
19ee6c9fd7ff ci: kata-deploy: Expland tests to run on k0s / rke2
03a8bed32bcf ci: kata-deploy: Add placeholder for tests on GARM
f09c255766cf ci: kata-deploy: Export KUBERNETES env var
abe9dc9904da ci: Move deploy_k8s() to gha-run-k8s-common.sh
ea6489653ede ci: Properly set K8S_TEST_UNION
7892e04dd1e1 ci: Add first letter of the K8S_TEST_HOST_TYPE to resource group name
882d7d7d894a ci: Create clusters in individual resource groups
b09a3f8f8e4b metrics: Add parallel bandwidth limit for qemu
63e8c38a7a73 metrics: Enable parallel bandwidth iperf limit
f3c42ff5febf nydus: Temporarily skip tests on dragonball
49c1a373300e nydus: Use kata-${KATA_HYPERVISOR} instead of kata
ae55c0b5109a static-build: Fix arch error on nydus build
65e5bfe9eb16 tests: nydus: Update nydus tests
079ab1e0acf2 versions: Bump nydus and nydus-snapshotter to its latest release
d9e910702bd4 gha: nydus: Populate run()
33a44278456a gha: nydus: Populate install_dependencies()
70c1c7d8685e gha: nydus: Actually install kata when install-kata is called
30efa3e5632b gha: nydus: Get rid of nydus{,-snapshotter} install from nydus_test.sh
9ad600067696 tests: nydus: Add timeout to the crictl calls
6d9b8e243743 tests: nydus: Add uid / namespace to the nydus container / sandbox
fd5935da9d64 tests: nydus: Decorate some calls with sudo
4b58777eecc2 tests: nydus: Adapt "source ..." to GHA
82c531978fca tests: nydus: Adapt check to "clh" instead "cloud-hypervisor"
4915605b20e5 tests: common: Add install_nydus_snapshotter()
8e4180f697ad tests: common: Add install_nydus()
625a05aa2a3f ci: static-checks: Clean up static-checks job
9784ded336b3 ci: static-checks: Run tests depending on KVM
668b7effb413 ci: static-checks: Move "sudo make test" to the new test matrix
4b660a4991d7 ci: static-checks: Move "make test" to the new test matrix
9e614ce466e7 runtime-rs: Ensure static-checks-build is a dep of make test
d5d21f4cb40f kata-ctl: Use loop instead of kvm module in tests
93577381a5dc kata-ctl: Ensure GENERATED_CODE is a dep of make test
93440dc141f6 agent: Ensure GENERATED_CODE is a dep of make test
d269f09a6641 ci: install_libseccomp: Do not depend on the tests repo
bb920178ada8 ci: static-checks: Move "make check" to the new test matrix
d6996d01c0c6 kata-ctl: Add kata-types to the Cargo.lock file
a62e18b27f23 kata-ctl: Ensure GENERATED_CODE is a dep of make check
cd6ab3cf07a7 tests: install_rust: Also install clippy
d288e1ab8769 ci: static-checks: Move vendor check to its own job
755057c9ed9a tests: Move install_rust.sh from the tests repo
d3a04b7b8f20 tests: install_go: Remove tests repo dependency
c18c412db762 tests: Move functions from kata_arch script here
bb8d1be300da ci: static-checks: Move kernel config check to its own job
7c4a0f7facab ci: Use variable size of VMs depending on the tests running
7019a25f2557 ci: cache: Fix ovmf-sev cache
dc9f2c24f14e ci: cache: Check the sha256sum of the component
a55c082fa121 ci: cache: Remove the script used to cache artefacts on Jenkins
e464bbfc9308 ci: cache: Also store the ${component} sha256sum
b5da4ce0d845 ci: cache: Use the cached artefacts from ORAS
2f280659b1cb ci: k8s: Temporarily disable tests that require a bigger VM instance
f160effaeefd ci: cache: Push cached artefacts to ghcr.io
6f8ded36b6be kata-deploy: Generate latest_{artefact,image_builder} files
0210db6e34b0 ci: cache: Install ORAS in the kata-deploy binaries builder container
27dd77469dd7 ci: k8s: devmapper: Use a smaller / cheaper VM instance
3b64c8d68719 ci: nydus: Use a smaller / cheaper VM instance
03857041e447 ci: nerdctl: Use a smaller / cheaper VM instance
301edcb92e75 ci: docker: Use a smaller / cheaper VM instance
594fcdce5620 ci: cri-containerd: Use a smaller / cheaper VM instance
fa9dd4604195 ci: k8s: Don't set cpu limit request for k8s-inotofy test
767ccb117f5f ci: Reduce the size of the AKS VMs
054895fcdd72 ci: cache: For consistency, read all used env vars
5e22a3085bee ci: cache: Pass the exposed env vars to the kata-deploy binaries in docker
bda035449163 ci: cache: Export env vars needed to use ORAS
c78f7408544a metrics: Add iperf cpu utilization limit for qemu
73e989c4b10d metrics: Add iperf value for cpu utilization
1c32b31589c0 tests: Apply timeout to 'ctr t kill'
1d78871713ee tests/vfio: Bump VM image to Fedora 38
b40a42699d11 tests/vfio: Accept single device in vfio group for CLH
82a02251592e tests/vfio: Get rid of sync's
a1aed0c78e73 gha: vfio: Set test timeout to 15m
32be55aa8a2a packaging: kernel: Enable VIRTIO_IOMMU on x86_64
3b5c5bcfa4ed runtime: clh: Support enabling iommu
a0f59829b213 tests/vfio: Give commands 30s to execute
65943d5b77b4 tests/vfio: Configure a value for 'hot_plug_vfio' for both vmms
18a8b8df03f2 runtime: Remove redundant check in checkPCIeConfig
d86af5923f2d runtime: Add test cases for checkPCIeConfig
0a918d0d20d0 runtime: Check config for supported CLH (cold|hot)_plug_vfio values
86201ace5a0d runtime: clh: Add hot_plug_vfio entry to config
01265fb21723 tests/vfio: Gather debug info and disable tdp_mmu
44f37f689adc tests/vfio: Capture journal from vm
a69d0d1772be tests/vfio: Change to get the test working in GHA
e90027f38ca7 tests/vfio: Move dependency installation to gha-run.sh
62804d637ce5 gha: vfio: Import jobs scripts from tests repo
97283b18b49d metrics: Increase jitter value for qemu
3c5bd8c44d1d metrics: Increase value limit for jitter in clh
6abf513f064b ci: docker: nerdtl: Use io.containerd.kata-${KATA_HYPERVISOR}.io
9a664ea8bb6f ci: nerdctl: Create the containerd config
5734c4cbca61 ci: nerdctl: Switch to tcp port 80 ping
55c8a47a406e ci: docker: Switch to tcp port 80 ping
31c3d9bd80c7 metrics: Add iperf bandwidth value for qemu
40ae855f0e96 metrics: Add iperf bandwidth value for kata metrics
deadacd58f2c metrics: Ensure docker is running in init_env
31c33f9c1c97 metrics: Add Cassandra Metrics documentation
0968bf1eb9e7 metrics: this PR skips the FIO test temprarily to fix issues
e5e395139879 ci: docker: Also run the smoke test with runc
c7147dabceea ci: docker: Run the tests after the kata-static is created
33430ad60ccd ci: Add a very basic nerdctl sanity test
69dd11f45938 ci: Add a very basic docker sanity test
fcfa6c6e1abb ci: use github.ref_name instead of $GITHUB_REF_NAME
19d9fd9eb17b ci: Add more target-branch related fixes
fe4247a90c57 ci: Fix target-branch usage
9f510d059bc8 metrics: Remove warning from metrics documentation
400418bce0ac kata-deploy: Remove curl after it's used
1df997c38c57 kata-deploy: Fix aarch64 image build
61b1a99fcaba gha: Manually rebase PR atop of the target branch before testing
db563709e3b4 kata-deploy: Switch to an alpine image
bb5dbfbbcebc k8s: ci: Skip "Pod quota" test with firecracker
263ed4afd1d5 ci: k8s: Remove useless skip statement from tests
7e135294a732 ci: k8s: Also check for "fc" (for firecracker)
8892d9a7b28f ci: k8s: Add clean-up-garm argument for gha-run.sh
c723a7d9c89d ci: k8s: devmapper tests should be using ubuntu 20.04
aee6f36c86c8 ci: k8s: Add a kata-deploy-garm target
5bb77b628db4 ci: k8s: Export KUBERNETES env var
7ce5c8b3fa90 ci: k8s: Install bats on GARM runners
9fb291d88a62 ci: k8s: Wait some time after restarting k3s
053308eefc56 metrics: fix FIO test initialization
89345b6731cc ci: k8s: Append, instead of overwrite, the devmapper config
bb675f810128 ci: k8s: Decrease k3s sleep from 4 to 2 minutes
695c7162ef09 ci: k8s: Use vanilla kubectl with k3s
7f865be39870 ci: k8s: Ensure k3s is deploy with --write-kubeconfig-mode=644
7a96d0a58991 ci: k8s: Use the proper command for sleep
92fdaf971977 metrics: Use TensorFlow optimized image
1b7ffeac531f ci: k8s: Fix typo in run-k8s-tests-on-garm.yaml
79de72592f84 ci: k8s: Add k8s devmapper tests (part 0)
a41a56e32641 ci: k8s: Add a function to configure devmapper for containerd
315288a00010 ci: k8s: Add a function to deploy k3s
899c823c0b88 packaging: do not install docker-compose-plugin for s390x|ppc64le
374e77d3308f metrics: Add write 95 percentile for FIO for qemu
22ce1671a6ad metrics: Add write 95 percentile FIO value
5e90c8e17646 metrics: Add checkmetrics to gha run script
651b89ba413d metrics: Add checkmetrics value for qemu for iperf
907baa3464ef metrics: Add jitter value for clh
d9408a72830b metrics: Add test selector to iperf metrics
3583f373f58d metrics: Enable iperf benchmark on gha for kata metrics
7fd7186780e7 CI: switch static-checks-dragonball CI machines to Azure
9b6c5eaff1c5 kata-deploy: Create kata-static.tar with correct ownership
4403af74ec95 metrics: re-enable memory-usage initialization step
d2d7c041f300 metrics: fix parsing issue on memory-usage test
8c7a4fd121dd gha: Rebase atop of the target branch
75dcca5a5336 metrics: Add grabdata script for metrics report
59e7c3a34709 gha: Update to checkout@v3 action
8f1cc278ca4b metrics: Add report generator link to general documentation
05180b61a088 metrics: Add README for kata metrics report
17c88a1a7fc1 metrics: Add limit for 90 percentile for qemu value
dbb4761c4bf0 metrics: Add limit for write 90 percentile value for clh
aebf392e4554 metrics: Enable FIO limits for kata metrics
41d05b885792 metrics: Fix memory footprint qemu limit
349140758117 metrics: Fix memory inside limits for kata metrics
08027f228277 metrics: Add test setup details to metrics report
99103db1fb94 metrics: Add boot lifecycle times to metrics report
75c92ba474e7 metrics: Add memory inside container to metrics report
1c1eb9810700 metrics: Add scaling system footprint in metrics report
01f6e6a1a3a2 metrics: Add metrics reportgen
428eb6908d79 metrics: Add report file titles
a8fa3d99da04 metrics: Generate PNGs alongside the PDF report
80625ed5736e metrics: Add metrics report R files
9f8e194e6fd9 metrics: Add report dockerfile
03c206f87f0f metrics: Add metrics report script
2684b267f7c9 tests: Expand confidential test to support TDX
4976629aee81 tests: Expand confidential test to support SNP
019849071e23 tests: Add confidential test for SEV
1b7c7901d962 local-build: Remove $HOME/.docker/buildx/activity/default
6a34bae03da8 gha: Avoid "fail-fast" in tests that are known to be flaky
17d22cae34a0 tests: use unique test name
e8c24fa0b92d tests: delete k8s deployment at the test's end
3e07c89d3923 metrics: Remove unused variable in tensorflow nhwc script
5b9a69433d49 kata-deploy: Don't try to remove /opt/kata
e99a13d26cca gha: vfio: Run on Ubuntu 23.04 runner
394d146b8949 local-build: Remove GID before creating group
742173722974 metrics: Add TensorFlow ResNet50 fp32 Dockerfile
9acbf2faf788 metrics: Add TensorFlow ResNet50 FP32 benchmark
4f2c9372c3da kata-deploy: Avoid failing on content removal
6ea1d3bffd47 metrics: Add disk link to README
ad2036927f96 metrics: Fix FIO path
abcb225ce326 metrics: Use function from metrics common in pytorch script
508f1bba15e2 gha: capture additional kata-deploy output
d46c300608a5 metrics: Enable kata runtime in K8s for FIO test.
3d3882a06a26 metrics: Update tensorflow name in gha run script
7d0a3dbf24da metrics: Fix check results for tensorflow benchmark
3e2a383b7d04 gha: kata-deploy: Do the runtime class cleanup as part of the cleanup
2c5db14a1ad4 gha: kata-deploy: Add the first kata-deploy test
0b4fb826de33 metrics: Remove unused variable in tensorflow mobilenet script
b38624e2b3af tests: common: Ensure test_type is used as part of the cluster's name
cdfcd9aba8d6 tests: commob: Don't fail if yq is not part of the cache
74edbaac9671 gha: kata-deploy: Add run-kata-deploy-tests.sh
d7130f48b032 gha: k8s: Stop running kata-deploy tests as part of the k8s suite
810507e8a303 tests: k8s: Call ensure_yq() in setup.sh
915bace795b2 kata-deploy: Properly create default runtime class
870d8004a0e6 metrics: Fix MobileNet help me description
145450544db7 gha: ci: Start running kata-deploy tests
bd29413721a6 docs: Fix TensorFlow word across the document
a845e94139e7 docs: Add Tensorflow Resnet50 documentation
6e5a5b82499c metrics: Add Dockerfile for ResNet50 int8
5d85cac1d697 metrics: Add Tensorflow ResNet50 int8 benchmark
7474e50ae2d9 gha: cri-containerd: Enable tests
20be3d93d538 gha: cri-containerd: Add timeout to the crictl calls on testContainerStop
10058f718ae6 gha: cri-containerd: Show pod before deleting it
585d5fba03be gha: cri-containerd: Print kata logs in case of error
2fea5a5f8b04 gha: cri-containerd: Group containerd logs
3c7597f4ba38 gha: cri-containerd: Ensure RUNTIME takes KATA_HYPERVISOR into account
738d808cace4 metrics: Rename tensorflow scripts
4bb8fcc0c014 tests: kata-deploy: Add placeholder for kata-deploy-tests-on-tdx
f5e14ef28309 tests: kata-deploy: Add placeholder for kata-deploy-tests-on-aks
e812c437fecb tests: kata-deploy: Add functional/kata-deploy/gha-run.sh placeholder
c19cebfa801e tests: Add gha-run-k8s-common.sh
4e8c512346ee metrics: fix the loop used to stop kata components #7629
47f32c4983b1 metrics: Add cassandra statefulset yaml
d5a14449fca7 metrics: Add cassandra service yaml
1292b51092bc metrics: Add block loop pvc yaml for cassandra
105a556a308b metrics: Add block loop pv yaml for cassandra test
1b126eb4ceb3 metrics: Add block loop pvc for cassandra test
671ad98451f2 metrics: Add Cassandra Kubernetes benchmark for kata metrics
058b3044553b gha: static-checks: Move to the Azure instances
b600659df21f metrics: Add check containers are running in tensorflow mobilenet
1b30aa818e29 metrics: Add check containers are up in tensorflow script
3502bb4b203e metrics: Remove unused variable in tensorflow script
b07c19eb5f91 metrics: Add check containers are running function
fc893927454a metrics: Add check containers are up in tensorflow mobilenet script
73843b786d2b metrics: Use check containers are up in tensorflow script
7fffa7f9ce0e metrics: Add check containers are up in common script
1b68145b6aac metrics: Use collect_results function in tensorflow mobilenet test
f29f8114704d metrics: Remove collect results function definition
6b6a6ee724ed metrics: Add common functions to the common script
a341c2f3249a metrics: compute tensorflow statistics
b8b4ca10e964 ci: unencrypted-image: Fix build context
dcc35781f737 ci: unencrypted-image: Don't fail to build on s390x
babbd4186c94 ci: create-confidential-image: Add dependent actions
cecb30dbb234 metrics: Add nginx documentation to network README
1971fe49865f metrics: Add nginx kubernetes yaml
6c921ce3db8f metrics: Add network nginx benchmark
a5a3e4124ff6 ci: k8s: tees: Ensure PR_NUMBER is exported
3a21c485bf1e ci: {{ pr-number }} should be {{ inputs.pr-number }}
218d83bd3fbe tests: k8s: Ensure the runtime classes are properly created
0625d8dfc1bd ci: Add build-and-publish-tee-confidential-unencrypted-image
6ae591c6188e ci: k8s: Add the image used for unencrypted confidential tests
8d4f9ef256b1 tests: upgrade bats version
a48466689053 metrics: install kata once and run multiple checks
759b0fa38587 metrics: General improvements to mobilenet tensorflow test
d6398ccf9ecc metrics: Add iperf to gha run script
a75db201676e gha: Add iperf network metrics
b33d4de01366 metrics: Add latency test to network README
db23b95b53e5 metrics: Add latency server yaml
2b60fe0fe087 metrics: Add latency client yaml
aa71d6f9311d metrics: Add network latency test
b2c627aac919 metrics: Improve naming testing containers in launch times test
ea1fdd2cb937 metrics: Clean kata components before start a metric test.
7d5f65be7ce9 kata-deploy: Use host's systemctl
2881bad407b0 dragonball: use version 0.10.4 of fuse-backend-rs
Kata Containers 3.2.0 is compatible with CRI-O
Kata Containers 3.2.0 is compatible with contaienrd v1.6.8
Kata Containers 3.2.0 support the OCI Runtime Specification v1.0.2
Kata Containers 3.2.0 is compatible with Kubernetes 1.23.1-00
The kata-agent binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.
The kata-agent uses the libseccomp v2.5.4 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
If you want to use the kata-agent which is not statically linked with the library, you can build
a custom kata-agent that does not use the library from sources.
For the details, please check the developer guide.
Agent version: 3.2.0
description: | Root filesystem disk image used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "ubuntu" version: "latest" ppc64le: name: "ubuntu" version: "latest" s390x: name: "ubuntu" version: "latest" x86_64: name: "ubuntu" version: "latest" tdx: name: "ubuntu" version: "latest" meta: image-type: "ubuntu"
description: | Root filesystem initrd used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "alpine" version: "3.15"
ppc64le: name: "ubuntu" version: "20.04" s390x: name: "ubuntu" version: "20.04" x86_64: name: "alpine" version: "3.15" mariner: name: "cbl-mariner" version: "2.0" sev: name: "ubuntu" version: "20.04"
The majority of the components of the project were built using containers. In order to do a step towards build reproducibility we publish those container images, and when those are used combined with the version of the projects listed as part of the "versions.yaml" file, users can get as close to the environment we used to build the release artefacts.
The users who want to rebuild the tarballs using exactly the same images can simply use the following environment variables:
AGENT_CONTAINER_BUILDER
KERNEL_CONTAINER_BUILDER
OVMF_CONTAINER_BUILDER
QEMU_CONTAINER_BUILDER
SHIM_V2_CONTAINER_BUILDER
TOOLS_CONTAINER_BUILDER
VIRTIOFSD_CONTAINER_BUILDER
Kata Containers 3.2.0 suggest to use the Linux kernel v6.1.38 See the kernel suggested Guest Kernel patches See the kernel suggested Guest Kernel config
Follow the Kata installation instructions.
More information Limitations
A lot of changes have been done as part of this 3.2.0-alpha4 release, and the highlights are:
743291c6c release: Fix upload-versions-yaml
bee1a628b metrics: Fix json result for tensorflow
51cd99c92 metrics: Round axelnet and resnet results
3b883bf5a metrics: Fix atoi invalid syntax
f9dec11a8 checkmetrics: Move checkmetrics to gha-run script
53af71cfd checkmetrics: Add AlexNet value for qemu
a435d36fe checkmetrics: Add Resnet value for qemu
a79a3a8e1 checkmetrics: Add alexnet value for clh
3c3287504 checkmetrics: Add Resnet value for clh
08dfaa97a metrics: General improvements to the tensorflow script
63b8534b4 metrics: Enable Tensorflow metrics for kata CI
1b111a9aa gha: release: stage must be defined for arm64 / s390x yamls
684a6e1a5 Revert "gha: release: stage must be a string"
8a2c20171 docs: Update links for pods and kubelet
91e1e612c k8s: Rely on the USING_NFD environment variable passed by the jobs
7c857d38c gha: release: stage must be a string
7edc7172c release: Kata Containers 3.2.0-alpha4
6222bd910 tests: Add k8s-file-volume test
187a72d38 tests: Add k8s-volume test
0c8427035 metrics: Add boot time value for qemu
6520dfee3 metrics: Update boot time for kata metrics
ff2279061 metrics: Update runtime and configuration paths
a5d4e3388 metrics: Add compare virtiofsd dax script
5e937fa62 metrics: Update general FIO tests
b0bea47c5 metrics: Add makefile to report generator
73c57b9a1 metrics: Add FIO report files for kata metrics
8353aae41 ci: k8s: Rework get_nodes_and_pods_info()
6ad5d7112 ci: k8s: Do not gather node info before running the tests
5261e3a60 ci: k8s: Group messages to improve readability
9cc6b5f46 ci: k8s: Get logs from kata-deploy
9d285c622 ci: k8s: Let kata-deploy take care of the runtimeclasses
87568ed98 gha: Test split out runtimeclasses are in sync with all-in-one file
39192c608 kata-deploy: Print variables passed to the script
0e157be6f kata-deploy: Allow runtimeclasses to be created by the daemonset
a27433324 kata-deploy: Change default values of DEBUG
69535b808 kata-deploy: runtimeclass: Split out entries
9e1710674 kata-runtimeClasses: Alphabetically sort the enrties
c8fcd29d9 runtime-rs: use device manager to handle virtio-pmem
901c19225 runtime-rs: support configure vm_rootfs_driver
5d6199f9b runtime-rs: use device manager to handle vm rootfs
20f1f62a2 runtime-rs: change block index to 0
314aec73d agent: fix typo in constant
662f87539 metrics: Add general FIO makefile
37641a543 metrics: Add example config for fio jobs
3c1044d9d metrics: Update FIO paths for k8s runner
6177a0db3 metrics: Add env files for FIO
a45900324 metrics: Add fio exec
ea198fddc metrics: Add FIO runner k8s
8f7ef41c1 metrics: Add FIO vendor code
6293c17bd metrics: Add FIO benchmark for metrics tests
3aa6c77a0 gha: dragonball: Run only on the dragonball labeled machine
c5a87eed2 tests: gha: Add timeout to cluster creation
6daeb08e6 tests: k8s: Clean up node debuggers after running
b9f100b39 agent,libs: Remove unused 'mut' keywords
2c8f83424 runtime-rs: remove unneeded 'mut' keywords
4703434b1 tests: k8s: Allow using custom resource group
350f3f70b tests: Import common.bash in run_kubernetes_tests.sh
d7f04a64a tests: k8s: Leave runtimeclass_workloads/ alone
bdde6aa94 tests: k8s: Split deployment and testing commands
91a0b3b40 tests: aks: Simply delete cluster when cleaning up
371a118ad agent: exclude symlinks from recursive ownership change
c8ac56569 cache: kernel: Harmonize commit with fetching side
81775ab1b cache: kernel: Fix SEV kernel caching
ff4cfcd8a runk: Add Docker guide to README
4a5ab38f1 metrics: General improvements to json.bash script
a56f96bb2 kata-deploy: Allow shim creation based on what's passed to the daemonset
717f775f3 gha: ci: Add skeleton of vfio job
1fc715bc6 s390x: Add AP Attach/Detach test
545de5042 vfio: Fix tests
62aa6750e vfio: Added better handling of VFIO Control Devices
dd422ccb6 vfio: Remove obsolete HotplugVFIOonRootBus
114542e2b s390x: Fixing device.Bus assignment
b7c9867d6 release: Mention the container images used to build the project
d4eba3698 kata-deploy-binaries: kernel_cache: Take module_dir into account
7c4b59781 ci: nydus: Fix typo in "source"
6a680e241 gha: ci: Add placeholder for the nydus tests as part of the CI
fb4f7a002 gha: nydus: Add a no-op GHA for nydus
4a207a16f gha: nydus: Bring tests as they are from the tests repo
bbd3c1b6a Dragonball: migrate dragonball-sandbox crates to Kata
e91f5edba ci: cri-containerd: Fix default typo for testContainerStart()
8b8aef09a ci: cri-containerd: Temporarily disable TestContainerSwap
56767001c ci: cri-containerd: Add namespace / uid to the pods
a84773652 ci: cri-containerd: Always use sudo to call crictl
99ba86a1b ci: cri-containerd: Add /usr/local/go/bin to the PATH
7f3b30999 ci: cri-containerd: Add function before each function
fde22d6bc ci: cri-containerd: Assume podman is always used
9465a0496 ci: cri-containerd: Adapt "source ..." to this repo
df8d14411 ci: cri-containerd: Remove CI variable
f90570aef ci: cri-containerd: Remove unused runc_runtime_bin
c3637039f ci: cri-containerd: Remove KILL_VMM_TEST env var
bc4919f9b ci: cri-containerd: Always run shim-v2 tests
f9e332c6d ci: cri-containerd: Stop cloning containerd
cfd662fee ci: cri-containerd: Remove ununsed SNAP_CI var
d36c3395c ci: cri-containerd: Update copyright
b5be8a4a8 ci: cri-containerd: Move integration-tests.sh as it was
f2e00c95c ci: cri-containerd: Populate install_dependencies()
897955252 versions: Add "latest" field for cri-tools
1bbcbafa6 ci: Add clone_cri_container()
f66c68a2b ci: Add install_cri_tools()
4dd828414 ci: Add install_cri_containerd()
ad47d1b9f ci: Add download_github_project_tarball()
788c562a9 ci: Add get_latest_patch_release_from_a_github_project()
6742f3a89 ci: Use function before each install_go.sh function
5eacecffc ci: Adjust paths for install_go.sh
8ed1595f9 ci: Update copyright for install_go.sh
6123d0db2 ci: Move install_go.sh as it was
8653be71b ci: Do not take cross-build into consideration for kata-arch.sh
6a76bf92c ci: Fix style / identation if kata-arch.sh
72743851c ci: Add function before each kata-arch.sh function
9f6d4892c ci: Update copyright for kata-arch.sh
6f73a7283 ci: Move kata-arch.sh as it was
3615d7343 ci: Add get_from_kata_deps()
34779491e gha: kubernetes: Avoid declaring repo_root_dir
f3738beac tests: Use $HOME/go as fallback for $GOPATH
b87ed2741 tests: Move ensure_yq to common.bash
124e39033 tests: common: Fix quoting when globbing
db77c9a43 tests: Make install_kata take care of the links
13715db1f tests: Do not call install_check_metrics when installing kata
630634c5d ci: k8s: Group logs to make them easier to read
228b30f31 ci: k8s: Gather node info during the cleanup
81f99543e ci: k8s: Cleanup cluster before deleting it
38a7b5325 packaging/tools: Add kata-debug
309e23255 cache: kernel: Consider changes in tools/packaging/kernel
ae6e8d2b3 kata-deploy: Properly get the path of the versions.yaml file
59fdd69b8 kata-deploy: Add VERSION and versions.yaml to the final tarball
5dddd7c5d release: Upload versions.yaml as part of the release
87d99a71e versions: Remove "kernel-experimental"
bad3ac84b metrics: Rename C-Ray to cpu performance tests
556e663fc metrics: Add disk link to general metrics README
98c121709 metrics: Add C-Ray README
8e7d9926e metrics: Add C-Ray Dockerfile
e2ee76978 metrics: Add C-Ray performance test
e64edf41e metrics: Add tensorflow function in gha-run script
67a6fff4f metrics: Enable tensorflow benchmark on gha
843006805 metrics: Add function to memory inside container script
01450deb6 Revert "metrics: Replace backslashes used to escape double quoted key in jq expr."
6a7a32365 versions: Bump virtiofsd to v1.7.0
55e2f0955 metrics: stop hypervirsor and shim at init_env stage
fad801d0f ci: k8s: Adapt "source ..." to the new location of gha-run.sh
2ee2cd307 ci: k8s: Move gha-run.sh to the kubernetes dir
88eaff533 ci: tdx: Adjust KUBECONFIG
c09e268a1 versions: Downgrade SEV(-SNP) kernel back to v5.19.x
950b89ffa versions: Update kernel to version v6.1.38
6c91af0a2 agent: Fix exec hang issues with a backgroud process
f72cb2fc1 agent: Remove shadowed function, add slog-term
07810bf71 agent: Ignore already mounted dev/fs/pseudo-fs
ac5f5353b ci: k8s: Bring TDX tests back
8ccc1e5c9 metrics: Update machine learning documentation
f50d2b066 gha: ci: cri-containerd: Fix KATA_HYPERVSIOR typo
620b94597 metrics: Add Tensorflow Mobilenet documentation
a864d0e34 tests: Add tensorflow mobilenet dockerfile
788d2a254 tests: Add tensorflow mobilenet performance test
468f017e2 metrics: Replace backslashes used to escape double quoted key in jq expr.
283f809dd runtime-rs: Enhancing Device Manager for network endpoints.
ed23b47c7 tracing: Add tracing to runtime-rs
150e54d02 runtime-rs: ignore unconfigured network interfaces
59f4731bb metrics: Stop running kata-env before kata is properly installed.
3ae02f920 metrics: use rm -f to remove older continerd config file.
2c8dfde16 kernel: Update kernel config name
64f013f3b ci: k8s: Enable debug when running the tests
8f4b1df9c kata-deploy: Give users the ability to run it on DEBUG mode
6787c6390 runtime-rs: add parameter for propagation of (u)mount events
62080f83c kata-sys-util: Fix compilation errors
02d99caf6 static-checks: Make cargo clippy pass.
982420682 agent: Make the static checks pass for agent
61e4032b0 kata-ctl: Remove all utility functions to get platform protection
a24dbdc78 kata-sys-util: Move utilities to get platform protection
dacdf7c28 kata-ctl: Remove cpu related functions from kata-ctl
f5d195717 kata-sys-util: Move additional functionality to cpu.rs
304b9d914 kata-sys-util: Move CPU info functions
6e5679bc4 tests: Add function before function name in common.bash for metrics
3fed61e7a tests: Add storage link to general metrics documentation
b34dda4ca tests: Add storage blogbench metrics documentation
6924d14df metrics: Fix metrics ts generator to treat numbers as decimals
7319cff77 ci: cri-containerd: Add LTS / Active versions for containerd
2a957d41c ci: cri-containerd: Export GOPATH
75a294b74 ci: cri-containerd: Ensure deps are installed
a65291ad7 agent: rustjail: update test_mknod_dev
46b81dd7d agent: clippy: fix cargo clippy warnings
c4771d9e8 agent: Makefile: enable set SECCOMP dynamically
a88212e2c utils.mk: update BUILD_TYPE argument
883b4db38 dragonball: fix cargo test on aarch64
aedc586e1 dragonball: Makefile: add coverage target
9e048c8ee checkmetrics: Add blogbench read value for qemu
2935aeb7d checkmetrics: Add blogbench write value for qemu
02031e29a checkmetrics: Add blogbench read value for clh
107fae033 checkmetrics: Add blogbench write value for clh
8c75c2f4b metrics: Update blogbench Dockerfile
49723a9ec metrics: Add double quotes to variables
dc67d902e metrics: Enable blogbench test
7f961461b tests: Add machine learning README
063f7aa7c tests: Add Pytorch Dockerfile
1af03b9b3 tests: Add Pytorch performance test
4cecd6237 tests: Add tensorflow Dockerfile
c4094f62c tests: Add metrics machine learning performance tests
438fe3b82 gha: ci: Add cri-containerd tests skeleton
bd08d745f tests: metrics: Move metrics specific function to metrics gha-run.sh
3ffd48bc1 tests: common: Move a few utility functions to common.bash
bb2ef4ca3 tests: Add function before each function
310e069f7 checkmetrics: Enable checkmetrics for memory inside test
2be342023 checkmetrics: Add memory usage inside container value for qemu
6ca34f949 checkmetrics: Add memory inside container value for clh
6c6892423 metrics: Enable memory inside container metrics
307cfc8f7 tools: Use a consistent target name when building mariner initrd
8c9d08e87 gha: ci: Gather info about the node / pods
6822029c8 runtime-rs: Do not scan network if network model is "none"
89b622dcb gha: k8s: tdx: Temporarily disable TDX tests
ce54e43eb metrics: Update memory usage script
fbc2a91ab gha: Cancel previous jobs if a PR is updated
d780cc08f gha: nightly: Also use workflow_dispatch to trigger it
b99ff3026 gha: nightly: Fix name size limit for AKS
1363fbbf1 README: Add badge for our Nightly CI
1776b18fa gha: Do not run all the tests if only docs are updated
28c29b248 bugfix: plus default_memory when calculating mem size
0c1cbd01d gha: ci: after-push: Use github.sha to get the last commit reference
37a955678 gha: ci: nightly: Use github.sha to get the last commit reference
96e9374d4 dragonball: Don't fail if a request asks for more CPUs than allowed
38f0aaa51 Revert "gha: k8s: dragonball: Skip k8s-number-cpus"
828a72183 gha: k8s: dragonball: Skip k8s-oom
a79505b66 gha: k8s: dragonball: Skip k8s-number-cpus
275c84e7b Revert "agent: fix the issue of exec hang with a backgroud process"
0ad298895 gha: ci: Fix refernce passed to checkout@v3
86904909a gha: ci: Avoid using env also in the ci-nightly and payload-after-push
c45f646b9 gha: k8s: Ensure cluster doesn't exist before creating it
1d05b9cc7 gha: ci: Pass down secrets to ci-on-push / ci-nightly
c5b4164cb gha: ci: Fix tarball-suffix passed to the metrics tests
b568c7f7d tests/integration: Provide default value for KATA_HOST_OS
d6e96ea06 tests/integration: Use AzureLinux instead of Mariner
40c46c75e tests/integration: Perform yq install in run_tests()
1c211cd73 gha: Swap asset/release in build matrix
0152c9aba tools: Introduce USE_CACHE environment variable
2b5975689 tests: Build CLH with glibc for Mariner
80c78eadc tests: Use baked-in kernel with Mariner
532755ce3 tests: Build Mariner rootfs initrd
b535c7cbd tests: Enable running k8s tests on Mariner
11e3ccfa4 gha: ci: Avoid using env unless it's really needed
1a7bbcd39 gha: ci: Fix typo pull_requesst -> pull_request
ddf4afb96 gha: ci: Fix set-fake-pr-number job
8a0a66655 gha: ci: schedule expects a list, not a map
5c0269dc5 gha: ci: Add pr-number input to the correct job
de83cd9de gha: ci: Use $VAR instead of ${{ env.VAR }}
6acce83e1 metrics: Fix the call to check_metrics function
5a61065ab checkmetrics: Add checkmetrics value for memory usage in qemu
78086ed1f checkmetrics: Add memory usage value for clh
1c3dbafbf metrics: Fix function of how to retrieve multiple values
18968f428 metrics: Add function to have uniformity
d8f90e89d metrics: Rename function at memory usage script
b9d66e0d5 metrics: Fix double quotes variables in memory usage script
476a11194 tests: Enable memory usage metrics tests
e067d1833 gha: Add a nightly CI job
106e30571 gha: Create a re-usable ci.yaml file
cc3993d86 gha: Pass event specific info from the caller workflow
4e396e728 metrics: Add function keyword to to helper metrics functions
1ca17c2f7 metrics: storing metrics workflow artifacts
7c0de8703 gha: k8s: Ensure tests are running on a specific namespace
35d096b60 metrics: Adds blogbench and webtool metrics tests
477856c1e gha: dragonball: Correctly propagate PATH update
5681caad5 versions: Upgrade to Cloud Hypervisor v33.0
0504bd725 agent: convert the sl macros to functions
0860fbd41 agent: convert the ttrpc_error macro to a function
0e5d6ce6d agent: convert the is_allowed macro to a function
f680fc52b agent: change AGENT_CONFIG's lazy type to just AgentConfig
72fd562bd gha: release: Use a specific release of hub
d8b8f7e94 metrics: Enable launch tests time metrics
0502354b4 checkmetrics: Add checkmetrics json for qemu
b481ef188 makefile: Add -buildvcs=false flag to go build
e94aaed3c ci_worker: Add checkmetrics ci worker for cloud hypervisor
917576e6f metrics: Add double quotes in all variables
cc8f0a24e metrics: Add checkmetrics to gha-run.sh for metrics CI
6bb2ea819 packaging: Fix indentation of build.sh script at ovmf
d035955ef doc: Add documentation for the virtualization reference architecture
9318e022a gpu: Add CC relates configs
b7932be4b gpu: Add Arm64 Kernel Settings
211b0ab26 gpu: Update Kernel Config
5f103003d gpu: Update kernel building to the latest changes
0f454d0c0 gpu: Fixing typos for PCIe topology changes
8330fb8ee gpu: Update unit tests
72f2cb84e gpu: Reset cold or hot plug after overriding
fbacc0964 gpu: PCIe topology, consider vhost-user-block in Virt
b11246c3a gpu: Various fixes for virt machine type
40101ea7d vfio: Added annotation for hot(cold) plug
8f0d4e261 vfio: Cleanup of Cold and Hot Plug
b5c4677e0 vfio: Rearrange the bus assignemnt
b1aa8c8a2 gpu: Moved the PCIe configs to drivers
55a66eb7f gpu: Add config to TOML
da42801c3 gpu: Add config settings tests for hot-plug
de39fb7d3 runtime: Add support for GPUDirect and GPUDirect RDMA PCIe topology
b2ce8b4d6 metrics: Add memory footprint tests to the CI
6a21e20c6 runtime: Add "none" as a shared_fs option
beb706368 metrics: Uniformity across function names
bff4672f7 runtime-rs: support physical endpoint using device manager
6fd25968c runtime-rs: bugfix for direct volume path's validation.
32cba7e44 metrics: Fix retrieving hypervisor version on metrics
1f3e837e4 runtime-rs: fix build error on AArch64
415578cf3 docs: Add general README
aa7946de4 checkmetrics: Add general checkmetrics documentation
2fac2b72f checkmetrics: Add checkmetrics makefile
e45899ae0 docs: Add time tests documentation reference
28130d3ce docs: Add boot time metrics documentation
0df2fc270 runtime-rs: add support spdk/vhost-user based volume.
adf88eaa8 static-build: Remove kata-version parameter
210a15794 dragonball: avoid obtaining lock twice in create_stdio_console
17198089e vendor: Add vendor checkmetrics dependencies
c4ee601bf metrics: Add checkmetrics for kata metrics CI
859359424 metrics: enable launch-times test on gha-run metrics script
f1dfea6e8 docs: Add metrics documentation reference
71071bdb6 docs: Add general metrics documentation
59510cfee runtime-rs: add support vfio device based volume
1e3b372bb runtime-rs: add support vfio device manager
e0d6475b4 gha: Don't automatically trigger CI
610f7986e check: Relax the unrestricted_guest check when running in a VM
1b406b9d0 kata-ctl:Implement functionality to check host is capable of running VM
56d2ea9b7 kata-ctl: Refactor kernel module check
09720babc docs: fix spelling of "crate"
21294b868 packaging: Fix indentation in init.sh script
7185afc50 gha: Fix gha actions
fad3ac9f5 metrics: install kata and launch-times test
4bbfcfaf1 tests: Move tests helper script to this repo
f152f0e8c metrics: Add launch-times to metrics tests
3cefa43e7 tests: Add json script for metrics tests
6a3710055 initramfs: Build dependencies as part of the Dockerfile
aa2380fdd packaging: Add infra to push the initramfs builder image
1c7fcc6cb packaging: Use existing image to build the initramfs
6b0848930 gha: Fix format for run launchtimes metrics yaml
c3043a6c6 tests: Add tests lib common script
a43ea24df virtiofsd: Convert legacy -o sub-options to their -- replacement
8e00dc694 virtiofsd: Drop -o no_posix_lock
2a15ad978 virtiofsd: Stop using deprecated -f option
b16e0de73 gha: Add base branch on SHA on pull requst
bc152b114 gha: ci-on-push: Run metrics tests
dad731d5c docs: Update Developer Guide
347385b4e runtime-rs: Enhance flexibility of virtio-fs config
21d227853 versions: Update firecracker version to 1.3.3
35e4938e8 tools: Fix no-op builds
213773998 runtime-rs: update Cargo.lock
0e2379909 gha: Fix stage definition in matrix
ae2cfa826 doc: add vcpu handlint doc for runtime-rs
7b1e67819 fix(clippy): fix clippy error
67972ec48 feat(runtime-rs): calculate initial size
aaa96c749 feat(runtime-rs): modify onlineCpuMemRequest
d66f7572d feat(runtime-rs): clear cpuset in runtime side
a0385e138 feat(runtime-rs): update linux resource when stop_process
a39e1e6cd feat(runtime-rs): merge the update_cgroups in update_linux_resources
fa6dff9f7 feat(runtime-rs): support vcpu resizing on runtime side
8cb4238b4 packaging: Remove snap package
9f7a45996 gha: Add rootfs-initrd-mariner build target
f28a62164 gha: Add cloud-hypervisor-glibc build target
8fb7ab751 dragonball: introduce virtio-balloon device
7ed949497 dragonball: introduce virtio-mem device
a8e0f51c5 dragonball: extend DeviceOpContext
f6afae9c7 packaging: Add rootfs-image-tdx-tarball target
f62b2670c config: Add root hash value and measure config to kernel params
008058807 kernel: Integrate initramfs into Guest kernel
28b264562 initramfs: Add build script to generate initramfs
5cb02a806 image-build: generate root hash as an separate partition for rootfs
31c0ad207 packaging: Add cryptsetup support in Guest kernel and rootfs
776a15e09 runtime-rs: add support direct volume.
abae11404 runtime-rs: refactor device manager implementation
69668ce87 tests: gha-run: Use correct env variable for repo
f487199ed gha: aks: Fix argument in call to gha-run.sh
77519fd12 kata-ctl: Switch to slog logging; add --log-level, --json-logging args
980d084f4 log-parser: Update log parser link at README
aab603096 gha: aks: Extract run commands to a script
e4eb664d2 runtime-rs: update rust to 1.69.0
ed37715e0 runtime-rs: handle copy files when share_fs is not available
410bc1814 agent-ctl: fix the compile error
25d2fb0fd agent: fix the issue of exec hang with a backgroud process
5f6fc3ed7 runtime-rs: bugfix: update Cargo.lock
1c6d22c80 gha: aks: Use short SHA in cluster name
3c1f6d36d readme: Update Kata Containers logo
388684113 readme: Add status badge for the "Publish Artefacts" job
26f752038 kata-deploy: Change how we get the Ubuntu k8s key
aebd3b47d gha: aks: Ensure host_os is used everywhere needed
433b5add4 kubernetes: add agnhost command in pod yaml
4b89a6bda release: Standardize kata static file name
43e73bdef packaging: make BUILDER_REGISTRY configurable
0c8282c22 gha: aks: Add the host_os as part of the aks cluster's name
9228815ad kernel: Modify build-kernel.sh to accomodate for changes in version.yaml
03027a739 gha: Fix Mariner cluster creation
af16d3fca gha: Unbreak CI and fix cluster creation step
ffe3157a4 dragonball: add arm64 patches for upcall
560442e6e dragonball: add vcpu_boot_onlined vector
e31772cfe dragonball: add support resize_vcpu on aarch64
64c764c14 dragonball: update dbs-boot to v0.4.0
fd9b41464 dragonball: update comment for init_microvm
eee7aae71 runtime-rs/sandbox_bindmounts: add support for sandbox bindmounts
5ddc4f94c runtime-rs/kata-ctl: Enhancement of DirectVolumeMount.
4af4ced1a gha: Create Mariner host as part of k8s tests
2bda92fac netlink: Fix the issue of update_interface
557b84081 gha: aks: Wait longer to start running the tests
c04c872c4 gha: aks: Increase the timeout time
0e47cfc4c runtime: sending SIGKILL to qemu
c477ac551 dragonball: Convert VirtioNetDeviceMgr function to method
4659facb7 dragonball: Convert BlockDeviceMgr function to method
ee6deef09 dragonball: Remove virtio-net and vsock devices gracefully
428041624 kata-deploy: Improve shim backup / restore
6a0035e41 doc: Update git commands
14c3f1e9f kata-deploy: Fix indentation on kata deploy merge script
Kata Containers 3.2.0-alpha4 is compatible with CRI-O
Kata Containers 3.2.0-alpha4 is compatible with contaienrd v1.6.8
Kata Containers 3.2.0-alpha4 support the OCI Runtime Specification v1.0.2
Kata Containers 3.2.0-alpha4 is compatible with Kubernetes 1.23.1-00
The kata-agent binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.
The kata-agent uses the libseccomp v2.5.4 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
If you want to use the kata-agent which is not statically linked with the library, you can build
a custom kata-agent that does not use the library from sources.
For the details, please check the developer guide.
Agent version: 3.2.0-alpha4
description: | Root filesystem disk image used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "ubuntu" version: "latest" ppc64le: name: "ubuntu" version: "latest" s390x: name: "ubuntu" version: "latest" x86_64: name: "ubuntu" version: "latest" tdx: name: "ubuntu" version: "latest" meta: image-type: "ubuntu"
description: | Root filesystem initrd used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "alpine" version: "3.15"
ppc64le: name: "ubuntu" version: "20.04" s390x: name: "ubuntu" version: "20.04" x86_64: name: "alpine" version: "3.15" mariner: name: "cbl-mariner" version: "2.0" sev: name: "ubuntu" version: "20.04"
The majority of the components of the project were built using containers. In order to do a step towards build reproducibility we publish those container images, and when those are used combined with the version of the projects listed as part of the "versions.yaml" file, users can get as close to the environment we used to build the release artefacts.
The users who want to rebuild the tarballs using exactly the same images can simply use the following environment variables:
Kata Containers 3.2.0-alpha4 suggest to use the Linux kernel v6.1.38 See the kernel suggested Guest Kernel patches See the kernel suggested Guest Kernel config
Follow the Kata installation instructions.
More information Limitations
This is the ONLY version of Kata Containers 3.1.x that should be used in production. Previous versions had an issue with the guest image that's only been fixed as part of this release.
100e9c4dd gha: release: Use a specific release of hub
956368e16 kata-deploy: Change how we get the Ubuntu k8s key
447f36801 kata-deploy: Improve shim backup / restore
46bc1f76a kata-deploy: Use apt-key.gpg from k8s.io
984addfea kata-deploy: Do not ship the kata tarball
d39aeff8a kata-deploy: Ensure node is ready after CRI Engine restart
56de5b679 kata-deploy: fix install failing to chmod runtime-rs/bin/*
9de3cf405 kata-deploy: Switch to using an ubuntu image
3c02758c2 release: Kata Containers 3.1.3
a43f10beb release: Adapt kata-deploy for 3.1.3
993ecec93 virtiofsd: Convert legacy -o sub-options to their -- replacement
2e9125c32 virtiofsd: Drop -o no_posix_lock
407727e1f virtiofsd: Stop using deprecated -f option
6668ddb8b versions: Use ubuntu as the default distro for the rootfs-image
075a31128 runtime: sending SIGKILL to qemu
Kata Containers 3.1.3 is compatible with CRI-O
Kata Containers 3.1.3 is compatible with contaienrd v1.6.8
Kata Containers 3.1.3 support the OCI Runtime Specification v1.0.2
Kata Containers 3.1.3 is compatible with Kubernetes 1.23.1-00
The kata-agent binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.
The kata-agent uses the libseccomp v2.5.4 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
If you want to use the kata-agent which is not statically linked with the library, you can build
a custom kata-agent that does not use the library from sources.
For the details, please check the developer guide.
Agent version: 3.1.3
description: | Root filesystem disk image used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "ubuntu" version: "latest" ppc64le: name: "ubuntu" version: "latest" s390x: name: "ubuntu" version: "latest" x86_64: name: "ubuntu" version: "latest" meta: image-type: "ubuntu"
description: | Root filesystem initrd used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "alpine" version: "3.15"
ppc64le: name: "ubuntu" version: "20.04" s390x: name: "ubuntu" version: "20.04" x86_64: name: "alpine" version: "3.15"
Kata Containers 3.1.3 suggest to use the Linux kernel v5.19.2 See the kernel suggested Guest Kernel patches See the kernel suggested Guest Kernel config
Follow the Kata installation instructions.
More information Limitations
In this release we're posting the shortlog between 3.2.0-alpha0 and 3.2.0-alpha3, as the -alpha1 and -alpha2 releases couldn't be finished due to issues in our release pipeline.
The most notorious changes that are worth mentioning are:
kata-ctl toolf636c1f8a gha: release: Simplify the process for tagging the payload
d10c9be60 gha: release: login-action: Don't specify docker.io registry
0b1c5ea5b versions: Update nydus version to 2.2.1
eff6ed2d5 runtime: make debug console work with sandbox_cgroup_only
c54363114 release: Kata Containers 3.2.0-alpha3
f3702268d release: Fix docker/login-action version
fc09d0f5d release: Kata Containers 3.2.0-alpha2
4719802c8 runtime-rs: add virtio-blk-mmio
f9bded448 runtime-rs: add devicetype enum
6800d30fd runtime-rs: remove device
f16012a1e runtime-rs: support linux device
fe9ec6764 runtime-rs: block volume
a8bfac90b runtime-rs: support block rootfs
b076d46db agent: handle hotplug virtio-mmio device
6e273d6cc runtime-rs: implement trait for vhost-user device
cc9c91538 runtime-rs: implement trait for vfio device
e4c5c74a7 runtime-rs: device manager
22154e0a3 cache: Fix OVMF tarball name for different flavours
b7341cd96 cache: Use "initrd" as initrd_type to build rootfs-initrd
35c3d7b4b runtime: clh: Re-generate the client code
cfee99c57 versions: Upgrade to Cloud Hypervisor v32.0
b8ffcd1b9 osbuilder: Bump fedora image version
636539bf0 kata-deploy: Use apt-key.gpg from k8s.io
ae24dc73c local-build: Standardise what's set for the local build scripts
ad324adf1 gha: aks: Wait a little bit more before run the tests
11a34a72e docs: Update container network model url
191b6dd9d gha: release: Fix s390x worklow
75330ab3f cache: Fix OVMF caching
cfd8f4ff7 gha: payload-after-push: Pass secrets down
a89b44aab tools: Fix arch bug
f527f614c release: Kata Containers 3.2.0-alpha1
ca1531fe9 runtime: Use static_sandbox_resource_mgmt=true for TEEs
f6e1b1152 agent: update tokio dependency
4cb83dc21 kata-ctl: update tokio dependency
df615ff25 runk: update tokio dependency
ca6892ddb runtime-rs: update tokio dependency
3e85bf5b1 resource-control: fix setting CPU affinities on Linux
bdb75fb21 runtime: use enable_vcpus_pinning from toml
fa832f470 gha: k8s: Make the tests more reliable
cbb9fe8b8 config: Use standard OVMF with SEV
724437efb kata-deploy: add kata-qemu-sev runtimeclass
521dad2a4 Tests: skip CPU constraints test on SEV and SNP
72308ddb0 gha: ci-on-push: Don't skip tests for SEV
da0f92cef gha: ci-on-push: Don't skip tests for SEV-SNP
12f43bea0 gha: tdx: Use the k3s overlay for kata-cleanup
dd7562522 runtime: pkg/sev: Add kbs utility package for SEV pre-attestation
05de7b260 runtime: Add sev package
3a9d3c72a gpu: Rename the last bits from gpu to nvidia-gpu
4cde844f7 local-build: Fix kernel-nvidia-gpu target name
1a3f8fc1a deploy: fix shell script error
c5a59caca ppc64le: switch virtiofsd from C to rust version
bfdf0144a versions: Bump virtiofsd to 1.6.1
87cb98c01 osbuilder: Fix indentation in rootfs.sh
20cb87508 virtcontainers/qemu_test.go: Improve test coverage
022a33de9 agent: Add context to errors when AgentConfig file is missing
50cc9c582 tests: Improve coverage for virtcontainers/pkg/compatoci/ for Kata 2.0
73913c8eb kata-manager: Fix '-o' syntax and logic error
593840e07 kata-ctl: Allow INSTALL_PATH= to be specified
5f3f844a1 runtime-rs: fix building instructions with respect to required Rust version
197c33651 Dragonball: use LinuxBootConfigurator::write_bootparams to writes the boot parameters into guest memory.
b9a1db260 kata-deploy: Add http_proxy as part of the docker build
777c3dc8d kata-deploy: Do not ship the kata tarball
136e2415d static-build: Download firecracker instead of building it
3bf767cfc static-build: Adjust ARCH for nydus
ac88d34e0 static-build: Use relased binary for CLH (aarch64)
2856d3f23 deploy: Fix arch in image tag
e8f81ee93 Revert "kata-deploy: Use readinessProbe to ensure everything is ready"
a4c0303d8 virtcontainers: Fixed static checks for improved test coverage for fc.go
03a8cd69c virtcontainers: Improved test coverage for fc.go from 4.6% to 18.5%
cfe63527c release: Fix multi-arch publishing is not supported
4d17ea4a0 cache: Fix nvidia-snp caching version
a133fadbf cache: Fix nvidia-gpu-tdx-experimental cache URL
defb64334 runtime: remove overriding ARCH value by default for ppc64le
5226f15c8 gha: Fix Body Line Length action flagging empty body commit messages
0d49ceee0 gha: Fix snap creation workflow warnings
b9990c201 cache: Fix nvidia-gpu version
c9bf7808b cache: Update the KERNEL_FLAVOUR list to include nvidia-gpu
3665b4204 gpu: Rename gpu targets to nvidia-gpu
2c90cac75 local-build: fixup alphabetization
4da6eb588 kata-deploy: Add qemu-snp shim
14dd05375 kata-deploy: add kata-qemu-snp runtimeclass
0bb37bff7 config: Add SNP configuration
af7f2519b versions: update SEV kernel description
dbcc3b5cc local-build: fix default values for OVMF build
b8bbe6325 gha: build OVMF for tests and release
cf0ca265f local-build: Add x86_64 OVMF target
db095ddeb cache: add SNP flavor to comments
f4ee00576 gha: Build and ship QEMU for SNP
7a58a91fa docs: update SNP guide
879333bfc versions: update SNP QEMU version
38ce4a32a local-build: add support to build QEMU for SEV-SNP
e1f3b871c docs: Mark snap installation method as unmaintained
772d4db26 gha: Build and ship SEV initrd
45fa36692 gha: Build and ship SEV OVMF
4770d3064 gha: Build and ship SEV kernel.
fb9c1fc36 runtime: Add qemu-sev config
813e4c576 runtimeClasses: add sev runtime class
af18806a8 static-build: Add caching support to sev ovmf
76ae7a3ab packaging: adding caching capability for kernel
12c5ef902 packaging: add support to build OVMF for SEV
b87820ee8 packaging: add support to build initrd for sev
b0e6a094b packaging: Add sev kernel build capability
5f8008b69 kata-ctl: add unit test for kvm check
a085a6d7b kata-ctl: add generic kvm check
6594a9329 tools: made log-parser-rs
17daeb9dd warning_fix: fix warnings when build with cargo-1.68.0
8495f830b cross-compile: Include documentation and configuration for cross-compile
205909fbe runtime: Fix virtiofs fd leak
13d7f39c7 gpu: Check for VFIO port assignments
138ada049 gpu: Cold Plug VFIO toml setting
f7ad75cb1 gpu: Cold-plug extend the api.md
0fec2e698 gpu: Add cold-plug test
dded731db gpu: Add OVMF setting for MMIO aperture
2a830177c gpu: Add fwcfg helper function
131f056a1 gpu: Extract VFIO Functions to drivers
c8cf7ed3b gpu: Add ColdPlug of VFIO devices with devManager
e2b5e7f73 gpu: Add Rawdevices to hypervisor
6107c32d7 gpu: Assign default value to cold-plug
377ebc2ad gpu: Add configuration option for cold-plug VFIO
c18ceae10 gpu: Add new struct PCIePort
1c1ee8057 pkg/signals: Improved test coverage 60% to 100%
9c38204f1 virtcontainers/persist: Improved test coverage 65% to 87.5%
0f45b0faa virtcontainers/clh_test.go: improve unit test coverage
6bf1fc605 virtcontainers/factory: Improved test coverage
5c9246db1 gha: Also run k8s tests on qemu-snp
c57a44436 gha: Add the ability to test qemu-snp
9e2b7ff17 gha: sev: fix for kata-deploy error
c849bdb0a gha: Also run k8s tests on qemu-sev
521519d74 gha: Add the ability to test qemu-sev
406419289 env: Utilize arch specific functionality to get cpu details
fb40c71a2 env: Check for root privileges
1016bc17b config: Add api to fetch config from default config path
b908a780a kata-env: Pass cmd option for file path
b1920198b config: Workaround the way agent and hypervisor configs are fetched
f2b2621de kata-env: Implement the kata-env command.
f2ebdd81c utils: Get rid of spurious print statement left behind.
9a94f1f14 make: Export VERSION and COMMIT
2f81f48da config: Add file under /opt as another location to look for the config
07f7d17db config: Make the pipe_size field optional
68f635773 config: Make function to get the default conf file public
7565b3356 kata-ctl: Implement Display trait for GuestProtection enum
94a00f934 utils: Make certain constants in utils.rs public
572b338b3 gitignore: Ignore .swp and .swo editor backup files
376884b8a cargo: Update version of clap to 4.1.13
cc8ea3232 runtime-rs: support keep_abnormal in toml config
b1730e4a6 gpu: Add new kernel build option to usage()
825e76948 gpu: Add GPU support to default kernel without any TEE
e4ee07f7d gpu: Add GPU TDX experimental kernel
87ea43cd4 gpu: Add configuration fragment
aca6ff728 gpu: Build and Ship an GPU enabled Kernel
e4b3b0887 gpu: Add proper CONFIG_LOCALVERSION depending on TEE
432d40744 kata-ctl: checks for kvm, kvm_intel modules loaded
3e7b90226 osbuilder: Fix D-Bus enabling in the dracut case
6d315719f snap: fix docker start fail issue
96e8470db kata-manager: Fix containerd download
53c749a9d agent: Fix ut issue caused by fd double closed
2e3f19af9 agent: fix clippy warnings caused by protobuf3
4849c56fa agent: Fix unit test issue cuased by protobuf upgrade
0a582f781 trace-forwarder: remove unused crate protobuf
73253850e kata-ctl: remove unused crate ttrpc
76d2e3054 agent-ctl: Bump ttrpc from 0.6.0 to 0.7.1
eb3d20dcc protocols: Add ut for Serde
59568c79d protocols: add support for Serde
a6b4d92c8 runtime-rs: Bump ttrpc from 0.6.0 to 0.7.1
8af6fc77c agent: Bump ttrpc from 0.6.0 to 0.7.1
009b42dbf protocols: Fix unit test
392732e21 protocols: Bump ttrpc from 0.6.0 to 0.7.1
ac7c63bc6 gpu: Add containerd shim for qemu-gpu
a0cc8a75f gpu: Add a kube runtime class
a81fff706 gpu: Adding a GPU enabled configuration
f4f958d53 gpu: Do not pass-through PCI (Host) Bridges
a1272bcf1 gha: tdx: Fix typo overlay -> overlays
3fa0890e5 cache-components: Fix TDVF caching
80e3a2d40 cache-components: Fix TDX QEMU caching
dc662333d runtime: Increase the dial_timeout
f478b9115 clh: tdx: Update timeouts for confidential guest
3b76abb36 kata-deploy: Ensure node is ready after CRI Engine restart
5ec9ae0f0 kata-deploy: Use readinessProbe to ensure everything is ready
ea386700f kata-deploy: Update podOverhead for TDX
e31efc861 gha: tdx: Use the k3s overlay
542bb0f3f gha: tdx: Set KUBECONFIG env at the job level
d7fdf19e9 gha: tdx: Delete kata-deploy after the tests finish
da35241a9 tests: k8s: Skip k8s-cpu-ns when testing TDX
375187e04 versions: Upgrade to Cloud Hypervisor v31.0
eb1762e81 osbuilder: Enable dbus in the dracut case
db2cac34d runtime: Don't create socket file in /run/kata
f3595e48b nydus_rootfs/prefetch_files: add prefetch_files for RAFS
dc6569dbb runtime-rs/virtio-fs: add support extra handler for cache mode.
69ba2098f runtime-rs: remove network entities and netns
b31f103d1 runtime-rs: enable nerdctl cni plugin
3bfaafbf4 fix: oci hook
69d7a959c gha: ci-on-push: Run tests on TDX
5a0727ecb kata-deploy: Ship kata-qemu-tdx runtimeClass
98682805b config: Add configuration for QEMU TDX
3e1580019 govmm: Directly pass the firmware using -bios with TDX
3c5ffb0c8 govmm: Set "sept-ve-disable=on"
ed145365e runtime/qemu: Drop "kvm-type=tdx"
25b3cdd38 virtcontainers: Drop check for the tdx CPU flag
01bdacb4e virtcontainers: Also check /sys/firmwares/tdx for TDX
9feec533c cache: Add ability to cache OVMF
ce8d98251 gha: Build and ship the OVMF for TDX
39c3fab7b local-build: Add support to build OVMF for TDX
054174d3e versions: Bump OVMF for TDX
800fb49da packaging: Add get_ovmf_image_name() helper
fbf03d7ac cache: Document kernel-tdx-experimental
5d79e9696 cache: Add a space to ease the reading of the kernel flavours
6e4726e45 cache: Fix typos
fc22ed0a8 gha: Build and ship the Kernel for TDX
502844ced local-build: Add support to build Kernel for TDX
b2585eecf local-build: Avoid code duplication building the kernel
f33345c31 versions: Update Kernel TDX version
20ab2c242 versions: Move Kernel TDX to its own experimental entry
3d9ce3982 cache: Allow specifying the QEMU_FLAVOUR
33dc6c65a gha: Build and ship QEMU for TDX
eceaae30a local-build: Add support to build QEMU for TDX
f7b7c187e static-build: Improve qemu-experimental build script
3018c9ad5 versions: Update QEMU TDX version
800ee5cd8 versions: Move QEMU TDX to its own experimental entry
1315bb45f local-build: Add dragonball kernel to the all target
73e108136 local-build: Rename non vanilla kernel build functions
1d851b4be local-build: Cosmetic changes in build targets
cbe6ad903 runtime: support non-root for clh
49ce685eb gha: k8s-on-aks: Always delete the AKS cluster
e2a770df5 gha: ci-on-push: Run k8s tests with dragonball
c1fbaae8d rustjail: Use CPUWeight with systemd and CgroupsV2
79f3047f0 gha: k8s-on-aks: {create,delete} AKS must be a coded-in step
d1f550bd1 docs: update the rust version from versions.yaml
2f35b4d4e gha: ci-on-push: Only run on main branch
e7bd2545e Revert "gha: ci-on-push: Depend on Commit Message Check"
0d96d4963 Revert "gha: ci-on-push: Adjust to using workflow_run"
c7ee45f7e Revert "gha: ci-on-push: Adapt chained jobs to workflow_run"
5d4d72064 Revert "gha: k8s-on-aks: Fix cluster name"
13d857a56 gha: k8s-on-aks: Set {create,delete}_aks as steps
85cc5bb53 gha: k8s-on-aks: Fix cluster name
108d80a86 gha: Add the ability to also test Dragonball
8086c75f6 gha: Also run k8s tests on AKS with dragonball
2550d4462 gha: build-kata-static-tarball: Only push to registry after merge
e81b8b8ee local-build: build-and-upload-payload is not quay.io specific
13929fc61 gha: publish-kata-deploy-payload: Improve registry login
41026f003 gha: payload-after-push: Pass registry / repo as inputs
7855b4306 gha: ci-on-push: Adapt chained jobs to workflow_run
3a760a157 gha: ci-on-push: Adjust to using workflow_run
a159ffdba gha: ci-on-push: Depend on Commit Message Check
1688e4f3f gha: aks: Use D4s_v5 instance
fe86c08a6 tools: Avoid building the kernel twice
b661e0cf3 rustjail: Add anyhow context for D-Bus connections
7796e6ccc rustjail: Fix minor grammatical error in function name
41fdda1d8 rustjail: Do not unwrap potential error with cgroup manager
0f7351556 runtime: add filter metrics with specific names
3215860a4 gha: Set ci-on-push to run on pull_request_target
d17dfe4cd gha: Use ghcr.io for the k8s CI
60c62c3b6 gha: Remove kata-deploy-test.yaml
43894e945 gha: Remove kata-deploy-push.yaml
cab9ca043 gha: Add a CI pipeline for Kata Containers
53b526b6b gha: k8s: Add snippet to run k8s tests on aks clusters
c444c24bc gha: aks: Add snippets to create / delete aks clusters
11e0099fb tests: Move k8s tests to this repo
73be4bd3f gha: Update actions for release.yaml
d38d7fbf1 gha: Remove code duplication from release.yaml
56331bd7b gha: Split payload-after-push-*.yaml
a552a1953 docs: Update CNM url in networking document
a914283ce kata-ctl: add function to get platform protection.
d3bb25418 utils: Add function to check vhost-vsock
Kata Containers 3.2.0-alpha3 is compatible with CRI-O
Kata Containers 3.2.0-alpha3 is compatible with contaienrd v1.6.8
Kata Containers 3.2.0-alpha3 support the OCI Runtime Specification v1.0.2
Kata Containers 3.2.0-alpha3 is compatible with Kubernetes 1.23.1-00
The kata-agent binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.
The kata-agent uses the libseccomp v2.5.4 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
If you want to use the kata-agent which is not statically linked with the library, you can build
a custom kata-agent that does not use the library from sources.
For the details, please check the developer guide.
Agent version: 3.2.0-alpha3
description: | Root filesystem disk image used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "ubuntu" version: "latest" ppc64le: name: "ubuntu" version: "latest" s390x: name: "ubuntu" version: "latest" x86_64: name: "ubuntu" version: "latest" meta: image-type: "ubuntu"
description: | Root filesystem initrd used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "alpine" version: "3.15" ppc64le: name: "ubuntu" version: "20.04" s390x: name: "ubuntu" version: "20.04" x86_64: name: "alpine" version: "3.15" sev: name: "ubuntu" version: "20.04"
Kata Containers 3.2.0-alpha3 suggest to use the Linux kernel v5.19.2 See the kernel suggested Guest Kernel patches See the kernel suggested Guest Kernel config
Follow the Kata installation instructions.
More information Limitations