Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/
Full Changelog: https://github.com/kata-containers/kata-containers/compare/3.1.1...3.1.2
36b883180 release: Kata Containers 3.1.1 2ff6964be release: Adapt kata-deploy for 3.1.1 0e0d29d22 agent: Fix ut issue caused by fd double closed 8db3dfb30 osbuilder: Fix D-Bus enabling in the dracut case 1de0909a3 osbuilder: Enable dbus in the dracut case a86feb8bf runtime: Don't create socket file in /run/kata 8b597195a rustjail: Use CPUWeight with systemd and CgroupsV2 f83adbe83 rustjail: Add anyhow context for D-Bus connections e0e6f9481 rustjail: Fix minor grammatical error in function name ecadb514e rustjail: Do not unwrap potential error with cgroup manager
Kata Containers 3.1.1 is compatible with CRI-O
Kata Containers 3.1.1 is compatible with contaienrd v1.6.8
Kata Containers 3.1.1 support the OCI Runtime Specification v1.0.2
Kata Containers 3.1.1 is compatible with Kubernetes 1.23.1-00
The kata-agent
binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.
The kata-agent
uses the libseccomp v2.5.4 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
If you want to use the kata-agent
which is not statically linked with the library, you can build
a custom kata-agent
that does not use the library from sources.
For the details, please check the developer guide.
Agent version: 3.1.1
description: | Root filesystem disk image used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "ubuntu" version: "latest" ppc64le: name: "ubuntu" version: "latest" s390x: name: "ubuntu" version: "latest" x86_64: name: "clearlinux" version: "latest" meta: image-type: "clearlinux"
description: | Root filesystem initrd used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "alpine" version: "3.15"
ppc64le: name: "ubuntu" version: "20.04" s390x: name: "ubuntu" version: "20.04" x86_64: name: "alpine" version: "3.15"
Kata Containers 3.1.1 suggest to use the Linux kernel v5.19.2 See the kernel suggested Guest Kernel patches See the kernel suggested Guest Kernel config
Follow the Kata installation instructions.
More information Limitations
TBD
4a246309ee4d release: Kata Containers 3.2.0-alpha0
43dd4440f483 snap: Build the artefacts using kata-deploy
3443f558a61a nydus: upgrad nydus to v2.2.0
395645e1ce37 runtime: hybrid-mode cause error in the latest nydusd
74ec38cf0216 osbuilder: Add support for CBL-Mariner
8b008fc74307 kata-deploy: fix bash semantics error
dd23f452ab7f utils: renamed only_kata to skip_containerd
59c81ed2bba1 utils: informed pre-check about only_kata
ac585886821e runtime-rs: ch: Generate Cloud Hypervisor config for confidential guests
96555186b3eb runtime-rs: ch: Honour debug setting
e3c2d727ba9e runtime-rs: ch: clippy fix
ece5edc64133 qemu/arm64: disable image nvdimm if no firmware offered
462d4a1af257 workflows: static-checks: Free disk space before running checks
e68186d9af0d workflows: static-checks: Set GOPATH only once
439ff9d4c49e tools/osbuilder/tests: Remove TRAVIS variable
f31c79d21075 workflows: static-checks: Remove TRAVIS_XXX variables
4f0887ce42a5 kata-deploy: fix install failing to chmod runtime-rs/bin/*
09c4828ac3a9 workflows: add missing artifacts on payload-after-push
96baa8389525 agent: Bring in VFIO-AP device handling again
f666f8e2df6b agent: Add VFIO-AP device handling
b546eca26f0e runtime: Generalize VFIO devices
4c527d00c7b7 agent: Rename VFIO handling to VFIO PCI handling
db89c88f4fcb agent: Use cfg-if for s390x CCW
68a586e52c88 agent: Use a constant for CCW root bus path
f4938c0d90a1 bugfix: set hostname
fbf891fdfff5 packaging: Adapt get_last_modification()
82a04dbce179 local-build: Use cached VirtioFS when possible
3b9900489774 local-build: Use cached shim v2 when possible
1b8c5474dab1 local-build: Use cached RootFS when possible
09ce4ab893b2 local-build: Use cached QEMU when possible
1e1c843b8b65 local-build: Use cached Nydus when possible
64832ab65b35 local-build: Use cached Kernel when possible
04fb52f6c9ab local-build: Use cached Firecracker when possible
8a40f6f23498 local-build: Use cached Cloud Hypervisor when possible
194d5dc8a6e9 tools: Add support for caching VirtioFS artefacts
a34272cf2042 tools: Add support for caching shim v2 artefacts
7898db5f7902 tools: Add support for caching RootFS artefacts
e90891059b03 tools: Add support for caching QEMU artefacts
7aed8f8c80c3 tools: Add support for caching Nydus artefacts
cb4cbe29580f tools: Add support for caching Kernel artefacts
762f9f4c3edf tools: Add support for caching Firecracker artefacts
6b1b424fc733 tools: Add support for caching Cloud Hypervisor artefacts
08fe49f708e5 versions: Adjust kernel names to match kata-deploy build targets
99505c0f4f3a versions: Update firecracker version
a8b55bf8746d dependency: update cgroups-rs
9a01d4e4469a dragonball: add more unit test for virtio-blk device.
974a5c22f006 runtime: add support for Hyper-V
97cdba97ea98 runtime-rs: update load_config comment
a6c67a161e91 runtime: add support for ephemeral mounts to occupy entire sandbox memory
16e2c3cc55b1 agent: implement update_ephemeral_mounts api
3896c7a22bf3 protocol: add updateEphemeralMounts proto
40f4eef5355f build: Use the correct kernel name
30e235f0a1ec runtime-rs: impl volume-resize trait for sandbox
42b8867148d2 runtime-rs: impl volume-stats trait for sandbox
e7bca62c32fb bugfix: modify tty_win info in runtime when handling ResizePtyRequest
e029988bc2b7 bugfix: add get_ns_path API for Hypervisor
844bf053b2aa runtime-rs: add the missing default trait
43ce3f7588c6 packaging: Simplify get_last_modification()
33c5c49719ce packaging: Move repo_root_dir to lib.sh
f8e44172f6d1 utils: Make kata-manager.sh runs checks
760f78137db0 dragonball: support pmu on aarch64
2d43e131022c docs: fix typo in AWS installation guide
23488312f545 agent: always use cgroupfs when running as init
854638734887 agent: determine value of use_systemd_cgroup before LinuxContainer::new()
736aae47a4d2 rustjail: print type of cgroup manager
dbae281924b3 workflows: Properly set the kata-tarball architecture
76b4591e2b09 tools: Adjust the build-and-upload-payload.sh script
cd2aaeda2a07 kata-deploy: Switch to using an ubuntu image
9bc7bef3d622 kata-deploy: Fix path to the Dockerfile
78ba363f8e81 kata-deploy: Use different images for s390x and aarch64
6267909501a1 kata-deploy: Allow passing BASE_IMAGE_{NAME,TAG}
192df845885f agent: always use cgroupfs when running as init
b0691806f143 agent: determine value of use_systemd_cgroup before LinuxContainer::new()
ad8968c8d99a rustjail: print type of cgroup manager
a9e2fc86786e runtime/Makefile: Fix install-containerd-shim-v2 dependency
b6880c60d38e logging: Correct the code notes
8030e469b220 fix(runtime-rs): add exited state to ensure cleanup
12cfad485853 runtime-rs: modify the transfer to oci::Hooks
2c4428ee0247 runtime-rs: move pre-start hooks to sandbox_start
e80c9f7b742d runtime-rs: add StartContainer hook
977f281c5c08 runtime-rs: add CreateContainer hook support
875f2db5284b runtime-rs: add oci hook support
ecac3a9e104a docs: add design doc for Hooks
4b8a5a1a3df6 utils: Remove kata-manager.sh cgroups v2 check
7d292d7fc3e8 workflows: Fix the path of imported workflows
e07162e79d15 workflows: Fix action name
dd2713521e3a Dragonball: update dependencies
828d467222d4 workflows: Do not install docker
bd1ed26c8d0e workflows: Publish kata-deploy payload after a merge
fea7e8816fa5 runtime-rs: Fixed typo mod.rs
a96ba9923918 actions: Use git-diff
to get changes in kernel dir
c4ef5fd32551 agent: don't set permission of existing directory
dc86d6dac35f runtime: use filepath.Clean() to clean the mount path
3ac6f29e9544 runtime: clh: Re-generate the client code
262daaa2eff4 versions: Upgrade to Cloud Hypervisor v30.0
919d19f41542 feat(runtime): make static resource management consistent with 2.0
76e926453a02 osbuilder: Include minimal set of device nodes in ubuntu initrd
b582c0db86b3 kata-ctl/exec: add new command exec to enter guest VM.
1bff1ca30adb kernel: Add CONFIG_SEV_GUEST to SEV kernel config Adding kernel config to sev case since it is needed for SNP and SNP will use the SEV kernel. Incrementing kernel config version to reflect changes
3483272bbda5 runtime-rs: ch: Enable initrd usage
fbee6c820e73 runtime-rs: Improve Cloud Hypervisor config handling
e84af6a6205e virtiofsd: update to a valid path on ppc64le
2dd2421ad0c7 runtime-rs: cleanup kata host share path
0a21ad78b12d osbuilder: fix default build target in makefile
4c39c4ef9f42 devguide: Add link to the contribution guidelines
b4a1527aa664 kata-deploy: Fix static shim-v2 build on arm64
2c4f8077fd2e Revert "shim-v2: Bump Ubuntu container image to 22.04"
ced3c9989559 dragonball: config_manager: preserve device when update
afaccf924d93 Revert "workflows: Push the builder image to quay.io"
da8a6417aa21 runtime-rs: remove all remaining unsafe impl
0301194851c0 dragonball: use crossbeam_channel in VmmService instead of mpsc::channel
697ec8e578f3 kata-deploy: Fix kata static firecracker arm64 package build error
9d78bf90861b shim-v2: Bump Ubuntu container image to 22.04
b835c40bbdc1 workflows: Push the builder image to quay.io
781ed2986a25 packaging: Allow passing a container builder to the scripts
45668fae15ac packaging: Use existing image to build td-shim
e8c6bfbdeb8f packaging: Use existing image to build td-shim
3fa24f7acce5 packaging: Add infra to push the OVMF builder image
f076fa4c770f packaging: Use existing image to build OVMF
c7f515172dc2 packaging: Add infra to push the QEMU builder image
fb7b86b8e0e3 packaging: Use existing image to build QEMU
d0181bb26261 packaging: Add infra to push the virtiofsd builder image
7c93428a1889 packaging: Use existing image to build virtiofsd
8c227e247185 virtiofsd: Pass the expected toolchain to the build container
7ee00d8e5764 packaging: Add infra to push the shim-v2 builder image
24767d82aa5b packaging: Use existing image to build the shim-v2
6c3c771a52a6 packaging: Add infra to push the kernel builder image
b9b23112bf6f packaging: Use existing image to build the kernel
869827d77f62 packaging: Add push_to_registry()
e69a6f57493d packaging: Add get_last_modification()
6c05e5c67a0b packaging: Add and export BUILDER_REGISTRY
3cfce5a7090f utils: improved unsupported distro message.
1047840cf81a utils: always check some dependencies.
a161d119208e versions: Use ubuntu as the default distro for the rootfs-image
44aaec9020f9 github-action: Replace deprecated command with environment file
619ef544525d docs: Change the order of release step
95e3364493bd runtime-rs: remove unnecessary Send/Sync trait implement
be40683bc592 runtime-rs: Add a generic powerpc64le-options.mk
47c058599a39 packaging/shim-v2: Install the target depending on the arch/libc
07802a19dc54 runtime-rs: handle sys_dir bind volume
04e930073c70 sandbox: set the dns for the sandbox
32ebe1895bc2 agent: fix the issue of creating the dns file
a68c5004f859 packaging/shim-v2: Only change the config if the file exists
bbc733d6c8e6 docs: runtime-rs: Add CH status details
37b594c0d217 runtime-rs: Add basic CH implementation
545151829d51 kata-types: Add Cloud Hypervisor (CH) definitions
ee76b398b32b release: Revert kata-deploy changes after 3.1.0-rc0 release
Kata Containers 3.2.0-alpha0 is compatible with CRI-O
Kata Containers 3.2.0-alpha0 is compatible with contaienrd v1.6.8
Kata Containers 3.2.0-alpha0 support the OCI Runtime Specification v1.0.2
Kata Containers 3.2.0-alpha0 is compatible with Kubernetes 1.23.1-00
The kata-agent
binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.
The kata-agent
uses the libseccomp v2.5.4 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
If you want to use the kata-agent
which is not statically linked with the library, you can build
a custom kata-agent
that does not use the library from sources.
For the details, please check the developer guide.
Agent version: 3.2.0-alpha0
description: | Root filesystem disk image used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "ubuntu" version: "latest" ppc64le: name: "ubuntu" version: "latest" s390x: name: "ubuntu" version: "latest" x86_64: name: "ubuntu" version: "latest" meta: image-type: "ubuntu"
description: | Root filesystem initrd used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "alpine" version: "3.15"
ppc64le: name: "ubuntu" version: "20.04" s390x: name: "ubuntu" version: "20.04" x86_64: name: "alpine" version: "3.15"
Kata Containers 3.2.0-alpha0 suggest to use the Linux kernel v5.19.2 See the kernel suggested Guest Kernel patches See the kernel suggested Guest Kernel config
Follow the Kata installation instructions.
More information Limitations
This release includes several improvements inlcuding:
... and many bug fixes !
ac6c1d1f451f release: Kata Containers 3.1.0
e6d27759cb79 release: Adapt kata-deploy for 3.1.0
3eb7387bb741 agent: always use cgroupfs when running as init
be512e7f346a agent: determine value of use_systemd_cgroup before LinuxContainer::new()
12ec33d70de7 rustjail: print type of cgroup manager
491b95451c6f workflows: Do not install docker
624dc2d22222 runtime: use filepath.Clean() to clean the mount path
fcab7c3a01b4 osbuilder: Include minimal set of device nodes in ubuntu initrd
697707493084 kata-deploy: Fix static shim-v2 build on arm64
592ecdb67147 packaging/shim-v2: Install the target depending on the arch/libc
d1305ee9eb5d runtime-rs: Add a generic powerpc64le-options.mk
59a05c7401ee kata-deploy: Fix kata static firecracker arm64 package build error
79a40d48953b dependency: update cgroups-rs
5988199adaf8 release: Kata Containers 3.1.0-rc0
d144ded12c68 release: Adapt kata-deploy for 3.1.0-rc0
930488933026 docs: Update how-to-use-kata-containers-with-firecracker.md
8e3863cecbbe kata-deploy: Install protobuf-compiler explicitly in shim-v2 Dockerfile
c4539199118f runtime: tracing: Fix missing ctx return
ca02c9f5124e runtime: add reconnect timeout for vhost user block
67b8f0773fb8 SEV: Update ReducedPhysBits
4139d68d516c runtime-rs: Include target install in conditional branch
c07135535976 runtime-rs: Improve s390x error message
4e2db96ef76d runtime-rs: Don't try to build on Power
2f5bc0f408e6 kata-ctl: Expand unit tests for CPU check
01765e17342d runtime: support cgroup v2 metrics marshal guest metrics
e071d9251ff8 Typo: change tabs in comment to spaces
bdf20b5d263c rootfs: support EROFS filesystem
ed02c8a05137 docs: add guide for building rootfs with EROFS
49326fe4e1a2 fix(clippy): fix hypervisor clippy checks
fff0e50a738e versions: Update runc version
3c48f2202cd3 runtime: Improve documentation of appendFDs
94b1d9814c67 cargo: Update Cargo.lock files
f1855594a20c make: Get rid of verbose output while creating tar
c3836010a833 make: clean up obsolete targets
f83115a83800 docs: Fix missing critical steps in how-to-hotplug-memory-arm64.md
3c24e23409da README: Update Readme under packaging/kernel
d73f3a8a26b9 github-action: Add step to verify kernel config version id updated
ac64b021a681 clh: Enforce API timeout only for vm.boot request
56071c6e7b61 virtiofsd: change cache mod to const
5d37d31ac7d9 cgroups: upgrade cgroupfs to 0.3.1
ab59a65c9265 runtime-rs: neglect a certain error when delete cgroup
56f0a27fef9d kernel: Add console kernel config for s390
390916b33c48 runtime: remove not used shim configurations
9794c52c6517 improvement: Fix naming conventions for span name and log subsystem
57c5e5629bce Dragonball: add cpu resize ability
59f104c02290 runtime: skip unit test that fail regularly on aarch64
b7dd97cac653 kata-ctl: fix permission deny issue in test_add_remove
f49b89b632e6 CI: Set docker version to v20.10 in ubuntu:20.04 for s390x|ppc64le
856ab66871e4 virtiofsd: fix the build on ppc64le
1e531b44dc46 runtime:fix stat uds path
3a63e3c1f7c9 cni: Update cni plugins version to 1.2.0
510798155de2 dragonball: Improve test cases
dc90c6e30b7f dragonball: add more unit test for vm
334c4b8bdcb8 runtime: Drop QEMU log file support
00dcd900f9b9 docs: Add documentation for building agent with seccomp support.
8e8c720d5185 kata-deploy-push: Ensure we build Dragonball specific kernel
b7f4e96ff399 kata-deploy-test: Ensure we build dragonball specific kernel
063dec37c298 release: Add the dragonball-experimental kernel
0b3c91d2a23f kata-deploy: Add kernel-dragonball-experimental target
6199b69178e8 runtime-rs: change cache mode
a33a22ccd1dd runtime-rs: add missing config section for share-fs
9092c23a2efa runtime: Add hmp for qemu
9f490d16fef9 upcall: add document for upcall
39fe4a4b6f13 runtime: Collect QEMU's stderr
a5319c6be6ca runtime: Start QEMU undaemonized
bf4e3a618f3b runtime: Launch QEMU with cmd.Start()
8a1723a5cb97 runtime: Pre-establish the QMP connection
8a4f08cb0f7c govmm: Optionally pass QMP listener to QEMU
219bb8e7d02f govmm: Optionally start QMP with a pre-configured connection
2b779cba0050 docs: Update url link in QAT documentation
a85d0e465ca2 versions: update cni plugins version
861c38b6aaec versions: Upgrade to Cloud Hypervisor v29.0
ba87e0afea23 runtime: Use consts in kata-runtime check
676d028504e1 versions: Bump QEMU to v7.2.0
bf8848f92651 agent: Eliminate unnecessary metrics
69fc8de71231 runtime:all APIs are hang in the service.mu
8d4c2cf1b930 kata-ctl: Allow certain constants to go unused
64c11a66fd8d kata-ctl: Have function to get cpu details to run on specific arch
594b57d08282 utils: Add utility functions to get cpu and distro details.
d33e3436139d check: Move PROC_CPUINFO from architecture specific files
596037e20ca8 versions: Update conmon version
cf1bae352153 runtime: paas enablevhostuserstore annotation to hypervisor config
095e8fdef4e8 runk: Use the original Kill command instead of the customed it.
0f9e23a3d90b runk: Upgrade liboci-cli to v0.0.4
8551853cfe34 runtime: use system pagesize for hugepage test
1592a385eb86 dependency: update cgroups-rs
76437a97218b runtime: Use git rev-parse for the kata-monitor tag
923cd3fda14b virtcontainers: split out Linux parts from mount
60ff230d802f virtcontainers: Split the factory package into Linux and Darwin bits
a9626682af83 virtcontainers: resourcecontrol: Add skeleton for Darwin
ea06fe3afc11 virtcontainers: Add a Network API skeleton for Darwin
73216a810435 vendor: revendor netlink to get latest
6ee550e9a5e1 runtime: vCPUs pinning is sandbox specific, not hypervisor
e3d3b72fa2a2 virtcontainers: use resource control for setting CPU affinity
f137048be37e resource-control: add helper function for setting CPU affinity
fc17d7cc41a8 virtcontainers: Fix misspelling in error message
7eb43cec1505 runtime: add test generated file to .gitignore
12fd6ffc1fc9 runtime: fix up disable_netns handling
f8a48ab41ddc docs: add hint of probing loop module
64c9114a394c tools: add --locked option for cargo install
464d4c94de98 runtime-rs: process single_container
5f9c892e48f4 kata-types: add single_container support
fafc7a8b1a7d virtcontainers: tests: Ensure Linux specific tests are just run on Linux
86a82cace9c9 runtime: change cache mode from none to never
82c59efd65c7 runtime-rs: change cache mode from none to never
7b309b578dee kata-types: change cache mode from none to never
fee4e7c7c494 docs: change cache mode from none to never
f8a93a1dedc2 tools: Fix indentation for setup aks script
d48b22bb13b9 virtcontainers: fs_share: add Darwin skeleton
fa9ae9362ce4 virtcontainers: Add a Virtualization.framework skeleton
03de5f41b279 kata-ctl: remove get_kata_version_by_url function
c21a8d5ff898 kata-ctl: fix build error on s390x
9ec8a1398506 virtcontainers: introduce hypervisor_darwin
3b4420eb8e9f runtime: Define Darwin handled signals list
3886aad1994e nydus: net-ns handling needs to be only executed on Linux hosts
efa4fc0b25e4 clh: Add hotplug support for network devices
1074d2c1d3dd clh: Make vmAddNetPutRequest capable of doing hotplugs
85f9094f17c4 agent: refactor guest hooks
8bb68a9f2805 vc/network: skip existing endpoints when scanning for new ones
d085389127d0 vc: fix up UT for CreateSandbox API change
578a9c25f05c vc: rescan network endpoints after running prestart hooks
cb84b0fb02ce katautils: run prestart hooks after starting VM
24b05a99b60b schedcore: Make buildable on !linux
31591d791568 dragonball: fix unit test failure case about Kvm.
2b02e0a9bf3e dragonball: add more unit test for vcpu manager
e256903af25f runtime-rs: cleanup the run dir of hypervisor when shut down
937a41346e02 kata-ctl: add unit tests for volume ops
8451db7c0c78 kata-ctl: direct-volume: add Add and Remove handlers
2d4b2cf72caa runtime-rs: add POST method to shim-client
cae78a685122 kata-ctl: add constants for direct-volume commands
86ee24b33c52 Runtime: Clarify mutability of global var
dae6670628b4 kata-runtime: add rust runtime path for kata-runtime exec
652021ad95db versions: Upgrade to Cloud Hypervisor v28.1
a2e3715e01bf upcall: remove upcall client when stopping vm
360506225808 runtime-rs: add dbs-upcall feature
56e7b5d0fdbc runtime/Makefile: Get some bits happy on darwin
b4b5d8150e2f docs: remove old and misleading instructions for minikube
0fe24e08bb2a packaging: fix indents in build-kernel.sh
ecb28e2b13f9 kernel: adding kmod to do docker env
079462d2eb50 runk: Fix needless_borrow warning
2c24fcf34c69 runtime-rs: Fix clippy::bool-to-int-with-if warnings
025e78341e1d runtime-rs: Fix needless_borrow warnings
4fb163d570fa runtime-rs: Allow clippy:box_default warnings
20121fcda7ec runtime-rs: Fix unnecessary_cast warnings
b95364a1401a dragonball: Allow question_mark warning in allocate_device_resources()
0b2f060bf3ab dragonball: Fix unnecessary_cast warnings
a545a65934bf agent: Allow clippy::question_mark warning in Namespace{}
9ced34dd225f agent: Fix explicit_auto_deref warnings
f77220490e70 agent: Fix needless_borrow warnings
7bcdc9049a24 rustjail: Fix unnecessary_cast warnings
41d7dbaaea79 rustjail: Fix needless_borrow warnings
2a73e057db01 kata-types: Fix unnecessary_cast warnings
cf9ef1833cf9 kata-types: Fix needless_borrow warnings
126187e8145a safe-path: Fix needless_borrow warnings
bb78d35db8f2 kata-sys-util: Fix "match-like-matches-macro" warning
668e6524010e kata-sys-util: Fix unnecessary_cast warnings
c1a8d89a72aa kata-sys-util: Fix needless_borrow warnings
c9c38e6d0117 logging: Allow clippy::type-complexity warning
ffd6fbb6b653 logging: Fix needless_borrow warnings
60df30015bf4 protocols: Fix unnecessary_cast warnings
0bbeb34b4cd0 protocols: Fix needless_borrow warnings
dfea6c7d217f versions: Update the rust toolchain to 1.66.0
03a0c9d78ee3 kata-ctl: skip test if access GitHub.com fail
1dcbda3f0f9a kata-ctl: update Cargo.lock
087515a46e7d agent: unset CC
for cross-build
afaf17f42371 runtime-rs: enable container hugepage
fc4a67eec31f runtime-rs: enable vm hugepage
fd77eebd4d78 runtime-rs: fix the issues mentioned in the code review
0e692079094d runtime-rs: Clean up mount points shared to guest
3480780bd8d9 kata-ctl: add check framework support for non-x86
1bd533f10b00 kata-ctl: let check framework arch-agnostic
b0896126cf49 release: Kata Containers 3.1.0-alpha1
74fa10a23558 docs: remove duplicate sentences
ebe5c5adf9d9 docs: Update virtiofsd build script in the developer guide Script to execute to build virtiofsd has been changed in #5426 but not in the doc. This commit update the developer guide.
d14c3af35ca6 dragonball: refactor legacy device initialization
21ec766d29c2 docs: add documents for using bundle to start container
ca39a07a14a3 runtime-rs: enable start container from bundle
9f465a58af12 kernel: Add "unload" module to SEV config
ae0dcacd4a83 tools: Add some new gitignore items
99485d871c69 shim: return hypervisor's pid not shim's pid
a81ced0e3f00 upcall: add upcall into kernel build script
f5c34ed0880c Dragonball: introduce upcall
fbf294da3fe4 refactor(shim-mgmt): move client side to libs
b5cfd09583b1 kata-ctl: Fixed format for check release options
8dbfc3dc82bf kata-ctl: Fixed format for check release options
f3091a9da4ca kata-ctl: Add kata-ctl check release options
1f28ff683872 runtime-rs: add binary to exercise shim proper w/o containerd dependencies
eb8c9d38ff5c runtime-rs: add launch of a simple qemu process to start_vm()
2f6d0d408b90 runtime-rs: support qemu in VirtContainer
1413dfe91c7f runtime-rs: add basic empty boilerplate for qemu driver
a577df8b7173 tools: Fix indentation on build kernel script
4661ea8d3b83 runtime-rs: fix standalone share fs
79cf38e6ea83 runtime-rs: clear OCI spec namespace path
62f4603e8149 runtime-rs: reset rdma cgroup
5b6596f54e38 runtime-rs: CreateContainerRequest has Default
e9e82ce28b0e runtime-rs: fix is_pid_namespace_enabled check
78532154d9d2 docs: Add description for guest SELinux support
c617bbe70dcd runtime: Pass SELinux policy for containers to the agent
93547692863a agent: Add SELinux support for containers
a75f99d20d63 osbuilder: Create guest image for SELinux
a9c746f28422 kernel: Add kernel configs for SELinux
8079a9732d10 kata-sys-util: fix issues where umount2 couldn't get the correct path
7fdbbcda8241 agent: Drop the Option for LinuxContainer.cgroup_manager
c5abc5ed4d34 config: speed up rng init when kernel boot for arm64
b087667ac5de kata-deploy: Fix the pod of kata deploy starts to occur an error
3e6114b2efb5 tools: Fix indentation for ovmf script
d04d45ea0509 runtime: use pidfd to wait for processes on Linux
e9ba0c11d0e2 runtime: use exponential backoff for process wait
71491a69c3da runtime: move process wait logic to another function
92ebe61fea0d runtime: reap force killed processes
0019d653d618 runtime-rs: fix high cpu
748f22e7d0c2 agent: remove sysinfo dependency
fdf0a7bb1430 runtime-rs: fix the issues mentioned in the code review
1d823c4f6584 runtime-rs: umount and permission controls in sandbox level
527b871414dc runtime-rs: bind mount volumes in sandbox level
46b38458af17 docs: Update the rust version in the installation documentation
9ccf2ebe8a5e agent: add signal value to log
fb2c142f183f runtime-rs: fix some variable names and typos
a5e4cad4b654 kata-ctl: add host check for aarch64
737420469a7c kata-ctl: fix dependency version conflict
f7fc436bed5f workflow: fix cargo-deny-runner.yaml syntax error
d4321ab48970 runtime: Add identification in version for runtime-rs
89574f03f8c9 workflow: call cargo in user's $PATH
67fe703ff5df runtime-rs: remove the version number from the commit display message
e12db92e4df2 runk: Re-implement start operation using the agent codes
f443b7853746 build: update golang version to 1.19.3
86cb05883306 snap: Fix snapcraft setup (unbreak snap releases)
1d93a934682b fix(agent): fix iptables binary path in guest
2edbe389d872 runtime-rs: moving only vCPU threads into sandbox controller
cd85a44a0404 tools: Remove extra tab spaces from kata deploy binaries script
e723bad0afb3 ci: let static checks don't depend on build
69aae0227615 actions: use matrix to refactor static checks
d7bb4b5512b5 agent: support systemd cgroup for kata agent
340e24f17598 actions: skip some job using "paths-ignore" filter
1dfd845f51e0 runtime: go fix code for 1.19
2426ea9bdc58 doc: update runtime-rs "Build and Install"
4b45e1386905 runtime: don't fail mkdir if the folder is already created
cb199e0ecf1c kernel: add CONFIG_X86_SGX into whitelist
b987bbc57677 runtime-rs: block on the current thread when setup the network
6b2ef66f0fbf runtime-rs: add conditional compile for virt-sandbox persist
30a7ebf43067 runtime: Log invalid devices in QEMU config
2539f31862f3 runtime: Use containerd v1.6.8
a4099dab8f70 tools: Fix indentation of build static firecracker script
abb9ebeecef2 package: add nydus to release artifacts
b53171b605c6 agent: check command before do test_ip_tables
3bb145c63ad1 runtime: Support virtiofs queue size for qemu and make it configurable
993d05a42e95 docs: change mount-info.json to mountInfo.json
6c1e153a6ffc docs: update doc "NVIDIA GPU passthrough"
d808adef951e runtime-rs: support vhost-vsock
e80a9f09fac3 utils: Add utility function to fetch the kernel version.
a636d426d9b0 versions: update nydusd version
c46814b26a47 runtime-rs:support nydus v5 and v6
36545aa81ae9 runtime: clh: Re-generate the client code
f4b02c224420 versions: Upgrade to Cloud Hypervisor v28.0
e4a6fbadf80e docs: update doc "Setup swap device in guest kernel"
2f5f575a43b5 log-parser: Simplify check
d94718fb301f runtime: Fix gofmt issues
16b8375095f2 golang: Stop using io/ioutils
66aa330d0df2 versions: Update golangci-lint
b3a4a162949a versions: bump containerd version
eab8d6be1365 build: update golang version to 1.19.2
e80dbc15d8a6 runtime-rs: workaround Dragonball compilation problem
c3f1922df695 fix(fmt): fix cargo fmt to pass static check
a04afab74d62 qemu: early exit from Check if the process was stopped
7e481f217987 qemu: set stopped only if StopVM is successful
0e3ac66e761f clh: return faster with dead clh process from isClhRunning
9ef68e0c7adc clh: fast exit from isClhRunning if the process was stopped
2631b08ff109 clh: don't try to stop clh multiple times
8be08173050b tools: Fix indentation of build static virtiofsd script
3e9c3f12cef8 docs: Fix configuration path
936fe35acb89 runtime-rs : fix shim source is ambiguous
f45fe4f90d9a versions: update vmm-sys-util and related crates to v0.11.0
29c75cf12bfa runtime-rs: delete all cargo patches
f8f97c1e222c feat(shim-mgmt): iptables handler
9f70a6949b3e tools: Remove empty spaces from build kernel script
57336835da65 dragonball: add more unit test for device manager
2333700237c1 dragonball: add test utils.
2adb1c18235e Dragonball: enable mem_file_path config into hugetlbfs process
fef8e92af1ed runtime-rs:add hypervisor interface capabilities
daeee26a1e40 cloud-hypervisor: Fix GetThreadIDs function
40d514aa2c73 github: Parallelise static checks
27b19135847d runtime-rs: blanks filled & fixes made to virtiofsd launch
2508d39b7cb4 runtime: added vcpus pinning logics Core VCPU threads pinning logics for issue 4476. Also provided docs.
b74c18024a25 runtime-rs: fix shared volume permission issue
16dca4ecd405 runk: Ignore an error when calling kill cmd with --all option
df092185ee4f runk: Upgrade libseccomp crate to v0.3.0 in Cargo.lock
990e6359b714 snap: Unbreak docker install
ca69a9ad6d3f snap: Use metadata for dependencies
39363ffbfb0d runtime: remove same function
0ed7da30d7b6 tools: Fix indentation of build static clh script
43fcb8fd0906 virtiofsd: Not use "link-self-contained=yes" on s390x The compile option link-self-contained=yes asks rustc to use C library startup object files that come with the compiler, which are not available on the target s390x-unknown-linux-gnu. A build does not contain any startup files leading to a broken executable entry point (causing segmentation fault).
c0f5bc81b748 cargo: Add Cargo.lock to version control
474927ec9055 gitignore: Add gitignore file
699f821e12c8 utils: Add function to drop priveleges
a6fb4e2a68ce versions: bump golangci-lint version
b015f34aff17 runtime-rs: generate config files with the default target
219919e9f7d6 docs: Fix volumeMounts in SGX usage example
9d286af7b454 versions: Update Cloud Hypervisor to b4e39427080
144efd1a7a78 docs: update rust runtime installation guide
cbd84c3f5a88 rustjail: Upgrade libseccomp crate to v0.3.0
748be0fe3d16 makefile: remove sudo when create symbolic link
44d8de892321 agent: remove redundant checks
89e62d4edf8b shim: Ensure pagesize is set when reporting hugetbl stats
e95089b716b2 kata-ctl: add basic cpu check for s390x
871d2cf2c026 kata-ctl: Limit running tests to x86 and use native-tls on s390x
9f2c7e47c9da Revert "kata-ctl: Disable network check on s390x"
081ee487134c agent: use NLM_F_REPLACE replace NLM_F_EXCL in rtnetlink
abf4f9b2999d docs: kata 3.0 Architecture fix readme content error
72738dc11f45 agent: validate hugepage size is supported
f74e328fffc4 Makefile: fix an typo in runtime-rs makefile
227e717d278d qemu: Re-work static-build Dockerfile
9c1ac3d457f0 runtime-rs: return port on agent-url req
f205472b01bf Makefile: regulate the comment style for the runtime-rs comments
ac403cfa5a84 doc: Update how-to-run-kata-containers-with-SNP-VMs.md
00981b3c0a70 kata-ctl: Disable network check on s390x
c322d1d12a9a kata-ctl: arch: Improve check call
0bc5baafb948 snap: Build virtiofsd using the kata-deploy scripts
cb4ef4734fba snap: Create a task for installing docker
7e5941c578b1 virtiofsd: Build inside a container
9717dc3f7536 Dragonball: remove redundant comments in event manager
35d52d30fd21 versions: Update TDX QEMU
4d9dd8790d8d runtime-rs: fix typo get_contaier_type to get_container_type
70676d4a9912 kata-ctl: improve command descriptions for consistency
86ad832e37c8 runtime-rs: force shutdown shim process in it can't exit
9eb73d543ac3 versions: Update TDX kernel
1f1901e05944 dragonball: fix clippy warning for aarch64
a343c570e43a dragonball: enhance dragonball ci
6a64fb0eb3dd ci: skip s390x for dragonball.
a743e37daf7e Dragonball: delete redundant comments in blk_dev_mgr
00a42f69c09a kata-ctl: cargo: 2021 -> 2018
fb63274747da kata-ctl: rustfmt + clippy fixes
2b345ba29d9e build: Add kata-ctl to tools list
f7010b80614d kata-ctl: docs: Write basic documentation
781e604c39d8 docs: Reference kata-ctl README
15c343cbf2f4 kata-ctl: Don't rely on system ssl libs
c23584994a8d kata-ctl: clippy: Resolve warnings and reformat
133690434cdc kata-ctl: implement CLI argument --check-version-only
eb5423cb7fd2 kata-ctl: switch to use clap derive for CLI handling
018aa899cb81 kata-ctl: Add cpu check
7c9f9a5a1dae kata-ctl: Make arch test run at compile time
b63ba66dc347 kata-ctl: Formatting tweaks
cca7e32b54ec kata-ctl: Lint fixes to allow the branch to be built
8e7bb8521c35 kata-ctl: add code for framework for arch
303fc8b11835 kata-ctl: Add unit tests cases
d0b33e9a32cd versions: Add kata-ctl version entry
002b18054d82 kata-ctl: Add initial rust code for kata-ctl
8d4ced3c860f runtime-rs: support ephemeral storage for emptydir
862eaef86328 docs: fix a typo in rust-runtime-installation-guide
26c043dee72e ci: Add dragonball test
b62b18bf1cad dragonball: fix clippy warning
2ddc948d30ab Makefile: add dragonball components.
3fe81fe4ab26 dragonball-ut: use skip_if_not_root to skip root case
72259f101a67 dragonball: add more unit test for vmm actions
046ddc6463dc readme: remove libraries mentioning
ee74231b1cb2 release: Kata Containers 3.1.0-alpha0
102a9dda7174 workflow: Revert "workflow: trigger test-kata-deploy with pull_request"
68e8a86aec69 runtime: fix incorrect comment for SetFsSharingSupport function
04bbce8dc328 virtcontainers: add warn log record for qmp hotplug cpu error
53f209af447f libs/kata-types: adjust default_vcpus correctly
3aeaa6459d6c runtime-rs: delete duplicated PASSTHROUGH_FS_DIR const
435c8f181a71 acrn: Enable ACRN hypervisor support for Kata 2.x release
c31cf7269ee8 agent: reduce reference count for failed mount
ef5a2dc3bff0 agent: don't exit early if signal fails due to ESRCH
43ae972335f6 kata-sys-util: delete duplicated get_bundle_path
4da743f90b22 packaging: Mount $HOME/.docker in the 1st layer container
067e2b1e33b3 runtime: clh: Use the new API to boot with TDX firmware (td-shim)
5d63fcf34480 runtime: clh: Re-generate the client code
fe610704268c versions: Upgrade to Cloud Hypervisor v27.0
17de94e1187d microvm: Remove kernel_irqchip=on option
ac0483122307 kata-sys-util: fix typo unknow
f89ada2de10a dragonball: update ut for kernel config
a24127659243 versions: Update gperf url to avoid libseccomp random failures
a617a63481bd versions: Update oci version
6d585d591924 dragonball: fix no "as_str" error on Arm
421729f99136 tools: release: fix bogus version check
457b0beaf089 runtime-rs: update Cargo.lock
50299a329224 refactor(runtime-rs): Use RwLock in runtime agent
0e899669eead runtime-rs: fix shim close_io call to support kubectl cp
96cf21fad06a runtime-rs: add comments for runtime-rs shared directory
7676cde0c5c4 workflow: trigger test-kata-deploy with pull_request
f10827357ef6 workflow: require PR num input on test-kata-deploy workflow_dispatch
90ecc015e0a7 Dragonball: update linux_loader to 0.6.0
abc26b00bb27 dragonball: modify wrong code comments modify virtio_net_dev_mgr.rs wrong code comments
9bd941098e37 docs: Update urls in runk documentation
4a763925e54a runtime-rs: support watchable mount
e23bfd615e0c runtime-rs: make function name more understandable
426a43678093 runtime-rs: add unit test and eliminate raw string
87959cb72d2a runtime-rs: debug console support in runtime
d663f110d737 kata-deploy: get the config path from cri options
c6b3dcb67d5f kata-deploy: support kata-deploy for runtime-rs
a394761a5cc7 kata-deploy: add installation for runtime-rs
2caee1f38dce runtime-rs: define VFIO unbind path as a const
20bcaf0e363c runtime-rs: set agent timeout to 0 for stream RPCs
d9e6eb11ae50 docs: Guide to use SNP-VMs with Kata-Containers
ded60173d4b3 runtime: Enable choice between AMD SEV and SNP
22bda0838c77 runtime: Support for AMD SEV-SNP VMs
a2bbd294227d kernel: Introduce SNP kernel
0e69405e16a9 docs: Developer-Guide updated
105eda5b9ac7 runtime: Initrd path option added to config
adb33a412188 packaging: fix typo in configure-hypervisor.sh
9628c7df0c03 runtime: update runc dependency
7fbc883879b5 runtime-rs: drop dependency on rustc-serialize
bf2be0cf7a3b release: Revert kata-deploy changes after 3.0.0-rc0 release
208233288a94 runtime-rs: add test for StaticResource
46965739a4a7 runtime-rs: remove hardcoded string
274de024c532 docs: add README for runtime-rs hypervisor crate
9670a3caacf4 runtime-rs: use Path.is_file to check regular files
a4a23457caa8 osbuilder: Export directory variables for libseccomp
a828292b47aa runtime-rs: add unit tests for network resource
a8a8a28a3426 runtime-rs/resource: use macro to reduce duplicated code
3f65ff2d0740 runtime-rs: fix incorrect comments
86a02c5f6acd kernel: Add crypto kernel config for s390
f914319874f6 runtime: store the user name in hypervisor config
5cafe217703b runtime: make StopVM thread-safe
c3015927a3d3 runtime: add more debug logs for non-root user operation
0399da677da0 runtime-rs: update dependencies
f6f19917a8d1 dragonball: update dragonball-sandbox dependencies
d55cf9ab71dc docs: Update url in virtualization document
7622452f4b19 Dragonball: Fix the problem about stdio console
aaf6d69089b0 runtime-rs: call TomlConfig's validate function after load
5add50aea2d5 runtime-rs: timeout for shim management client
9f13496e135b runtime-rs: shim management client
e891295e10da runtime-rs: shim management - agent-url
59aeb776b0d4 runtime-rs: shim management
Kata Containers 3.1.0 is compatible with CRI-O
Kata Containers 3.1.0 is compatible with contaienrd v1.6.8
Kata Containers 3.1.0 support the OCI Runtime Specification v1.0.2
Kata Containers 3.1.0 is compatible with Kubernetes 1.23.1-00
The kata-agent
binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.
The kata-agent
uses the libseccomp v2.5.4 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
If you want to use the kata-agent
which is not statically linked with the library, you can build
a custom kata-agent
that does not use the library from sources.
For the details, please check the developer guide.
Agent version: 3.1.0
description: | Root filesystem disk image used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "ubuntu" version: "latest" ppc64le: name: "ubuntu" version: "latest" s390x: name: "ubuntu" version: "latest" x86_64: name: "clearlinux" version: "latest" meta: image-type: "clearlinux"
description: | Root filesystem initrd used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "alpine" version: "3.15"
ppc64le: name: "ubuntu" version: "20.04" s390x: name: "ubuntu" version: "20.04" x86_64: name: "alpine" version: "3.15"
Kata Containers 3.1.0 suggest to use the Linux kernel v5.19.2 See the kernel suggested Guest Kernel patches See the kernel suggested Guest Kernel config
Follow the Kata installation instructions.
More information Limitations
2f638b366 release: Kata Containers 3.0.2 98bacb0ef release: Adapt kata-deploy for 3.0.2 178ee3d7e agent: check command before do test_ip_tables 7461bcd76 runtime-rs: change cache mode 123c86717 SEV: Update ReducedPhysBits 98f60c100 clh: Enforce API timeout only for vm.boot request 960f089d3 virtiofsd: fix the build on ppc64le 92f3b11c9 runtime:all APIs are hang in the service.mu 4a5877f45 docs: Fix missing critical steps in how-to-hotplug-memory-arm64.md d3b57325e versions: Upgrade to Cloud Hypervisor v28.2 92619c833 runtime: Drop QEMU log file support 4f3db7678 runtime: Collect QEMU's stderr 918c11e46 runtime: Start QEMU undaemonized 8c4507be2 runtime: Launch QEMU with cmd.Start() a61fba6d4 runtime: Pre-establish the QMP connection ad9cb0ba5 govmm: Optionally pass QMP listener to QEMU d6dd99e98 govmm: Optionally start QMP with a pre-configured connection 0623f1fe6 virtiofsd: Not use "link-self-contained=yes" on s390x 5883dc1bd CI: Set docker version to v20.10 in ubuntu:20.04 for s390x|ppc64le 0d7bd066d docs: Fix missing critical steps in how-to-hotplug-memory-arm64.md ac1ce2d30 docs: Fix missing critical steps in how-to-hotplug-memory-arm64.md f4d71af45 docs: Fix missing critical steps in how-to-hotplug-memory-arm64.md fcc120d49 versions: Upgrade to Cloud Hypervisor v28.1
Kata Containers 3.0.2 is compatible with CRI-O
Kata Containers 3.0.2 is compatible with contaienrd v1.6.8
Kata Containers 3.0.2 support the OCI Runtime Specification v1.0.0-rc5
Kata Containers 3.0.2 is compatible with Kubernetes 1.23.1-00
The kata-agent
binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.
The kata-agent
uses the libseccomp v2.5.4 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
If you want to use the kata-agent
which is not statically linked with the library, you can build
a custom kata-agent
that does not use the library from sources.
For the details, please check the developer guide.
Agent version: 3.0.2
description: | Root filesystem disk image used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "ubuntu" version: "latest" ppc64le: name: "ubuntu" version: "latest" s390x: name: "ubuntu" version: "latest" x86_64: name: "clearlinux" version: "latest" meta: image-type: "clearlinux"
description: | Root filesystem initrd used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "alpine" version: "3.15" ppc64le: name: "ubuntu" version: "20.04" s390x: name: "ubuntu" version: "20.04" x86_64: name: "alpine" version: "3.15"
Kata Containers 3.0.2 suggest to use the Linux kernel v5.19.2 See the kernel suggested Guest Kernel patches See the kernel suggested Guest Kernel config
Follow the Kata installation instructions.
More information Limitations
This release includes several improvements inlcuding:
5988199ad release: Kata Containers 3.1.0-rc0
d144ded12 release: Adapt kata-deploy for 3.1.0-rc0
930488933 docs: Update how-to-use-kata-containers-with-firecracker.md
8e3863cec kata-deploy: Install protobuf-compiler explicitly in shim-v2 Dockerfile
c45391991 runtime: tracing: Fix missing ctx return
ca02c9f51 runtime: add reconnect timeout for vhost user block
67b8f0773 SEV: Update ReducedPhysBits
4139d68d5 runtime-rs: Include target install in conditional branch
c07135535 runtime-rs: Improve s390x error message
4e2db96ef runtime-rs: Don't try to build on Power
2f5bc0f40 kata-ctl: Expand unit tests for CPU check
01765e173 runtime: support cgroup v2 metrics marshal guest metrics
e071d9251 Typo: change tabs in comment to spaces
bdf20b5d2 rootfs: support EROFS filesystem
ed02c8a05 docs: add guide for building rootfs with EROFS
49326fe4e fix(clippy): fix hypervisor clippy checks
fff0e50a7 versions: Update runc version
3c48f2202 runtime: Improve documentation of appendFDs
94b1d9814 cargo: Update Cargo.lock files
f1855594a make: Get rid of verbose output while creating tar
c3836010a make: clean up obsolete targets
f83115a83 docs: Fix missing critical steps in how-to-hotplug-memory-arm64.md
3c24e2340 README: Update Readme under packaging/kernel
d73f3a8a2 github-action: Add step to verify kernel config version id updated
ac64b021a clh: Enforce API timeout only for vm.boot request
56071c6e7 virtiofsd: change cache mod to const
5d37d31ac cgroups: upgrade cgroupfs to 0.3.1
ab59a65c9 runtime-rs: neglect a certain error when delete cgroup
56f0a27fe kernel: Add console kernel config for s390
390916b33 runtime: remove not used shim configurations
9794c52c6 improvement: Fix naming conventions for span name and log subsystem
57c5e5629 Dragonball: add cpu resize ability
59f104c02 runtime: skip unit test that fail regularly on aarch64
b7dd97cac kata-ctl: fix permission deny issue in test_add_remove
f49b89b63 CI: Set docker version to v20.10 in ubuntu:20.04 for s390x|ppc64le
856ab6687 virtiofsd: fix the build on ppc64le
1e531b44d runtime:fix stat uds path
3a63e3c1f cni: Update cni plugins version to 1.2.0
510798155 dragonball: Improve test cases
dc90c6e30 dragonball: add more unit test for vm
334c4b8bd runtime: Drop QEMU log file support
00dcd900f docs: Add documentation for building agent with seccomp support.
8e8c720d5 kata-deploy-push: Ensure we build Dragonball specific kernel
b7f4e96ff kata-deploy-test: Ensure we build dragonball specific kernel
063dec37c release: Add the dragonball-experimental kernel
0b3c91d2a kata-deploy: Add kernel-dragonball-experimental target
6199b6917 runtime-rs: change cache mode
a33a22ccd runtime-rs: add missing config section for share-fs
9092c23a2 runtime: Add hmp for qemu
9f490d16f upcall: add document for upcall
39fe4a4b6 runtime: Collect QEMU's stderr
a5319c6be runtime: Start QEMU undaemonized
bf4e3a618 runtime: Launch QEMU with cmd.Start()
8a1723a5c runtime: Pre-establish the QMP connection
8a4f08cb0 govmm: Optionally pass QMP listener to QEMU
219bb8e7d govmm: Optionally start QMP with a pre-configured connection
2b779cba0 docs: Update url link in QAT documentation
a85d0e465 versions: update cni plugins version
861c38b6a versions: Upgrade to Cloud Hypervisor v29.0
ba87e0afe runtime: Use consts in kata-runtime check
676d02850 versions: Bump QEMU to v7.2.0
bf8848f92 agent: Eliminate unnecessary metrics
69fc8de71 runtime:all APIs are hang in the service.mu
8d4c2cf1b kata-ctl: Allow certain constants to go unused
64c11a66f kata-ctl: Have function to get cpu details to run on specific arch
594b57d08 utils: Add utility functions to get cpu and distro details.
d33e34361 check: Move PROC_CPUINFO from architecture specific files
596037e20 versions: Update conmon version
cf1bae352 runtime: paas enablevhostuserstore annotation to hypervisor config
095e8fdef runk: Use the original Kill command instead of the customed it.
0f9e23a3d runk: Upgrade liboci-cli to v0.0.4
8551853cf runtime: use system pagesize for hugepage test
1592a385e dependency: update cgroups-rs
76437a972 runtime: Use git rev-parse for the kata-monitor tag
923cd3fda virtcontainers: split out Linux parts from mount
60ff230d8 virtcontainers: Split the factory package into Linux and Darwin bits
a9626682a virtcontainers: resourcecontrol: Add skeleton for Darwin
ea06fe3af virtcontainers: Add a Network API skeleton for Darwin
73216a810 vendor: revendor netlink to get latest
6ee550e9a runtime: vCPUs pinning is sandbox specific, not hypervisor
e3d3b72fa virtcontainers: use resource control for setting CPU affinity
f137048be resource-control: add helper function for setting CPU affinity
fc17d7cc4 virtcontainers: Fix misspelling in error message
7eb43cec1 runtime: add test generated file to .gitignore
12fd6ffc1 runtime: fix up disable_netns handling
f8a48ab41 docs: add hint of probing loop module
64c9114a3 tools: add --locked option for cargo install
464d4c94d runtime-rs: process single_container
5f9c892e4 kata-types: add single_container support
fafc7a8b1 virtcontainers: tests: Ensure Linux specific tests are just run on Linux
86a82cace runtime: change cache mode from none to never
82c59efd6 runtime-rs: change cache mode from none to never
7b309b578 kata-types: change cache mode from none to never
fee4e7c7c docs: change cache mode from none to never
f8a93a1de tools: Fix indentation for setup aks script
d48b22bb1 virtcontainers: fs_share: add Darwin skeleton
fa9ae9362 virtcontainers: Add a Virtualization.framework skeleton
03de5f41b kata-ctl: remove get_kata_version_by_url function
c21a8d5ff kata-ctl: fix build error on s390x
9ec8a1398 virtcontainers: introduce hypervisor_darwin
3b4420eb8 runtime: Define Darwin handled signals list
3886aad19 nydus: net-ns handling needs to be only executed on Linux hosts
efa4fc0b2 clh: Add hotplug support for network devices
1074d2c1d clh: Make vmAddNetPutRequest capable of doing hotplugs
85f9094f1 agent: refactor guest hooks
8bb68a9f2 vc/network: skip existing endpoints when scanning for new ones
d08538912 vc: fix up UT for CreateSandbox API change
578a9c25f vc: rescan network endpoints after running prestart hooks
cb84b0fb0 katautils: run prestart hooks after starting VM
24b05a99b schedcore: Make buildable on !linux
31591d791 dragonball: fix unit test failure case about Kvm.
2b02e0a9b dragonball: add more unit test for vcpu manager
e256903af runtime-rs: cleanup the run dir of hypervisor when shut down
937a41346 kata-ctl: add unit tests for volume ops
8451db7c0 kata-ctl: direct-volume: add Add and Remove handlers
2d4b2cf72 runtime-rs: add POST method to shim-client
cae78a685 kata-ctl: add constants for direct-volume commands
86ee24b33 Runtime: Clarify mutability of global var
dae667062 kata-runtime: add rust runtime path for kata-runtime exec
652021ad9 versions: Upgrade to Cloud Hypervisor v28.1
a2e3715e0 upcall: remove upcall client when stopping vm
360506225 runtime-rs: add dbs-upcall feature
56e7b5d0f runtime/Makefile: Get some bits happy on darwin
b4b5d8150 docs: remove old and misleading instructions for minikube
0fe24e08b packaging: fix indents in build-kernel.sh
ecb28e2b1 kernel: adding kmod to do docker env
079462d2e runk: Fix needless_borrow warning
2c24fcf34 runtime-rs: Fix clippy::bool-to-int-with-if warnings
025e78341 runtime-rs: Fix needless_borrow warnings
4fb163d57 runtime-rs: Allow clippy:box_default warnings
20121fcda runtime-rs: Fix unnecessary_cast warnings
b95364a14 dragonball: Allow question_mark warning in allocate_device_resources()
0b2f060bf dragonball: Fix unnecessary_cast warnings
a545a6593 agent: Allow clippy::question_mark warning in Namespace{}
9ced34dd2 agent: Fix explicit_auto_deref warnings
f77220490 agent: Fix needless_borrow warnings
7bcdc9049 rustjail: Fix unnecessary_cast warnings
41d7dbaae rustjail: Fix needless_borrow warnings
2a73e057d kata-types: Fix unnecessary_cast warnings
cf9ef1833 kata-types: Fix needless_borrow warnings
126187e81 safe-path: Fix needless_borrow warnings
bb78d35db kata-sys-util: Fix "match-like-matches-macro" warning
668e65240 kata-sys-util: Fix unnecessary_cast warnings
c1a8d89a7 kata-sys-util: Fix needless_borrow warnings
c9c38e6d0 logging: Allow clippy::type-complexity warning
ffd6fbb6b logging: Fix needless_borrow warnings
60df30015 protocols: Fix unnecessary_cast warnings
0bbeb34b4 protocols: Fix needless_borrow warnings
dfea6c7d2 versions: Update the rust toolchain to 1.66.0
03a0c9d78 kata-ctl: skip test if access GitHub.com fail
1dcbda3f0 kata-ctl: update Cargo.lock
087515a46 agent: unset CC
for cross-build
afaf17f42 runtime-rs: enable container hugepage
fc4a67eec runtime-rs: enable vm hugepage
fd77eebd4 runtime-rs: fix the issues mentioned in the code review
0e6920790 runtime-rs: Clean up mount points shared to guest
3480780bd kata-ctl: add check framework support for non-x86
1bd533f10 kata-ctl: let check framework arch-agnostic
Kata Containers 3.1.0-rc0 is compatible with CRI-O
Kata Containers 3.1.0-rc0 is compatible with contaienrd v1.6.8
Kata Containers 3.1.0-rc0 support the OCI Runtime Specification v1.0.2
Kata Containers 3.1.0-rc0 is compatible with Kubernetes 1.23.1-00
The kata-agent
binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.
The kata-agent
uses the libseccomp v2.5.4 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
If you want to use the kata-agent
which is not statically linked with the library, you can build
a custom kata-agent
that does not use the library from sources.
For the details, please check the developer guide.
Agent version: 3.1.0-rc0
description: | Root filesystem disk image used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "ubuntu" version: "latest" ppc64le: name: "ubuntu" version: "latest" s390x: name: "ubuntu" version: "latest" x86_64: name: "clearlinux" version: "latest" meta: image-type: "clearlinux"
description: | Root filesystem initrd used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "alpine" version: "3.15" ppc64le: name: "ubuntu" version: "20.04" s390x: name: "ubuntu" version: "20.04" x86_64: name: "alpine" version: "3.15"
Kata Containers 3.1.0-rc0 suggest to use the Linux kernel v5.19.2 See the kernel suggested Guest Kernel patches See the kernel suggested Guest Kernel config
Follow the Kata installation instructions.
More information Limitations
ea74df127 release: Kata Containers 3.0.1 c712057ae release: Adapt kata-deploy for 3.0.1 bc5bbfa60 versions: update nydusd version 0afcc57a9 package: add nydus to release artifacts bd797edde kata-deploy: Fix the pod of kata deploy starts to occur an error 9cf1af873 runtime: clh: Re-generate the client code 4d6ca7623 versions: Upgrade to Cloud Hypervisor v28.0 719017d68 clh: return faster with dead clh process from isClhRunning 569ecdbe7 clh: fast exit from isClhRunning if the process was stopped fa8a0ad49 clh: don't try to stop clh multiple times 8fbf862fa cloud-hypervisor: Fix GetThreadIDs function 9141acd94 versions: Update Cloud Hypervisor to b4e39427080 9a0ab92f6 runtime: clh: Use the new API to boot with TDX firmware (td-shim) f3eac35b5 runtime: clh: Re-generate the client code 8a7e0efd1 versions: Upgrade to Cloud Hypervisor v27.0 9cf1af873 runtime: clh: Re-generate the client code 4d6ca7623 versions: Upgrade to Cloud Hypervisor v28.0 719017d68 clh: return faster with dead clh process from isClhRunning 569ecdbe7 clh: fast exit from isClhRunning if the process was stopped fa8a0ad49 clh: don't try to stop clh multiple times 8fbf862fa cloud-hypervisor: Fix GetThreadIDs function 9141acd94 versions: Update Cloud Hypervisor to b4e39427080 9a0ab92f6 runtime: clh: Use the new API to boot with TDX firmware (td-shim) f3eac35b5 runtime: clh: Re-generate the client code 8a7e0efd1 versions: Upgrade to Cloud Hypervisor v27.0 a152f6034 runk: Ignore an error when calling kill cmd with --all option 50bf4434d log-parser: Simplify check 74791ed38 runtime: Fix gofmt issues 778ebb6e6 golang: Stop using io/ioutils b5661e988 versions: Update golangci-lint 88c13b682 versions: bump containerd version b8ce291dd build: update golang version to 1.19.2 f5e5ca427 github: Parallelise static checks eaa7ab746 snap: Unbreak docker install 8d2fd2449 snap: Use metadata for dependencies ab83ab6be snap: Build virtiofsd using the kata-deploy scripts 1772df5ac snap: Create a task for installing docker 2e4958644 virtiofsd: Build inside a container
Kata Containers 3.0.1 is compatible with CRI-O
Kata Containers 3.0.1 is compatible with contaienrd v1.6.8
Kata Containers 3.0.1 support the OCI Runtime Specification v1.0.0-rc5
Kata Containers 3.0.1 is compatible with Kubernetes 1.23.1-00
The kata-agent
binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.
The kata-agent
uses the libseccomp v2.5.4 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
If you want to use the kata-agent
which is not statically linked with the library, you can build
a custom kata-agent
that does not use the library from sources.
For the details, please check the developer guide.
Agent version: 3.0.1
description: | Root filesystem disk image used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "ubuntu" version: "latest" ppc64le: name: "ubuntu" version: "latest" s390x: name: "ubuntu" version: "latest" x86_64: name: "clearlinux" version: "latest" meta: image-type: "clearlinux"
description: | Root filesystem initrd used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "alpine" version: "3.15"
ppc64le: name: "ubuntu" version: "20.04" s390x: name: "ubuntu" version: "20.04" x86_64: name: "alpine" version: "3.15"
Kata Containers 3.0.1 suggest to use the Linux kernel v5.19.2 See the kernel suggested Guest Kernel patches See the kernel suggested Guest Kernel config
Follow the Kata installation instructions.
More information Limitations
b0896126c release: Kata Containers 3.1.0-alpha1 74fa10a23 docs: remove duplicate sentences ebe5c5adf docs: Update virtiofsd build script in the developer guide Script to execute to build virtiofsd has been changed in #5426 but not in the doc. This commit update the developer guide. d14c3af35 dragonball: refactor legacy device initialization 21ec766d2 docs: add documents for using bundle to start container ca39a07a1 runtime-rs: enable start container from bundle 9f465a58a kernel: Add "unload" module to SEV config ae0dcacd4 tools: Add some new gitignore items 99485d871 shim: return hypervisor's pid not shim's pid a81ced0e3 upcall: add upcall into kernel build script f5c34ed08 Dragonball: introduce upcall fbf294da3 refactor(shim-mgmt): move client side to libs b5cfd0958 kata-ctl: Fixed format for check release options 8dbfc3dc8 kata-ctl: Fixed format for check release options f3091a9da kata-ctl: Add kata-ctl check release options 1f28ff683 runtime-rs: add binary to exercise shim proper w/o containerd dependencies eb8c9d38f runtime-rs: add launch of a simple qemu process to start_vm() 2f6d0d408 runtime-rs: support qemu in VirtContainer 1413dfe91 runtime-rs: add basic empty boilerplate for qemu driver a577df8b7 tools: Fix indentation on build kernel script 4661ea8d3 runtime-rs: fix standalone share fs 79cf38e6e runtime-rs: clear OCI spec namespace path 62f4603e8 runtime-rs: reset rdma cgroup 5b6596f54 runtime-rs: CreateContainerRequest has Default e9e82ce28 runtime-rs: fix is_pid_namespace_enabled check 78532154d docs: Add description for guest SELinux support c617bbe70 runtime: Pass SELinux policy for containers to the agent 935476928 agent: Add SELinux support for containers a75f99d20 osbuilder: Create guest image for SELinux a9c746f28 kernel: Add kernel configs for SELinux 8079a9732 kata-sys-util: fix issues where umount2 couldn't get the correct path 7fdbbcda8 agent: Drop the Option for LinuxContainer.cgroup_manager c5abc5ed4 config: speed up rng init when kernel boot for arm64 b087667ac kata-deploy: Fix the pod of kata deploy starts to occur an error 3e6114b2e tools: Fix indentation for ovmf script d04d45ea0 runtime: use pidfd to wait for processes on Linux e9ba0c11d runtime: use exponential backoff for process wait 71491a69c runtime: move process wait logic to another function 92ebe61fe runtime: reap force killed processes 0019d653d runtime-rs: fix high cpu 748f22e7d agent: remove sysinfo dependency fdf0a7bb1 runtime-rs: fix the issues mentioned in the code review 1d823c4f6 runtime-rs: umount and permission controls in sandbox level 527b87141 runtime-rs: bind mount volumes in sandbox level 46b38458a docs: Update the rust version in the installation documentation 9ccf2ebe8 agent: add signal value to log fb2c142f1 runtime-rs: fix some variable names and typos a5e4cad4b kata-ctl: add host check for aarch64 737420469 kata-ctl: fix dependency version conflict f7fc436be workflow: fix cargo-deny-runner.yaml syntax error d4321ab48 runtime: Add identification in version for runtime-rs 89574f03f workflow: call cargo in user's $PATH 67fe703ff runtime-rs: remove the version number from the commit display message e12db92e4 runk: Re-implement start operation using the agent codes f443b7853 build: update golang version to 1.19.3 86cb05883 snap: Fix snapcraft setup (unbreak snap releases) 1d93a9346 fix(agent): fix iptables binary path in guest 2edbe389d runtime-rs: moving only vCPU threads into sandbox controller cd85a44a0 tools: Remove extra tab spaces from kata deploy binaries script e723bad0a ci: let static checks don't depend on build 69aae0227 actions: use matrix to refactor static checks d7bb4b551 agent: support systemd cgroup for kata agent 340e24f17 actions: skip some job using "paths-ignore" filter 1dfd845f5 runtime: go fix code for 1.19 2426ea9bd doc: update runtime-rs "Build and Install" 4b45e1386 runtime: don't fail mkdir if the folder is already created cb199e0ec kernel: add CONFIG_X86_SGX into whitelist b987bbc57 runtime-rs: block on the current thread when setup the network 6b2ef66f0 runtime-rs: add conditional compile for virt-sandbox persist 30a7ebf43 runtime: Log invalid devices in QEMU config 2539f3186 runtime: Use containerd v1.6.8 a4099dab8 tools: Fix indentation of build static firecracker script abb9ebeec package: add nydus to release artifacts b53171b60 agent: check command before do test_ip_tables 3bb145c63 runtime: Support virtiofs queue size for qemu and make it configurable 993d05a42 docs: change mount-info.json to mountInfo.json 6c1e153a6 docs: update doc "NVIDIA GPU passthrough" d808adef9 runtime-rs: support vhost-vsock e80a9f09f utils: Add utility function to fetch the kernel version. a636d426d versions: update nydusd version c46814b26 runtime-rs:support nydus v5 and v6 36545aa81 runtime: clh: Re-generate the client code f4b02c224 versions: Upgrade to Cloud Hypervisor v28.0 e4a6fbadf docs: update doc "Setup swap device in guest kernel" 2f5f575a4 log-parser: Simplify check d94718fb3 runtime: Fix gofmt issues 16b837509 golang: Stop using io/ioutils 66aa330d0 versions: Update golangci-lint b3a4a1629 versions: bump containerd version eab8d6be1 build: update golang version to 1.19.2 e80dbc15d runtime-rs: workaround Dragonball compilation problem c3f1922df fix(fmt): fix cargo fmt to pass static check a04afab74 qemu: early exit from Check if the process was stopped 7e481f217 qemu: set stopped only if StopVM is successful 0e3ac66e7 clh: return faster with dead clh process from isClhRunning 9ef68e0c7 clh: fast exit from isClhRunning if the process was stopped 2631b08ff clh: don't try to stop clh multiple times 8be081730 tools: Fix indentation of build static virtiofsd script 3e9c3f12c docs: Fix configuration path 936fe35ac runtime-rs : fix shim source is ambiguous f45fe4f90 versions: update vmm-sys-util and related crates to v0.11.0 29c75cf12 runtime-rs: delete all cargo patches f8f97c1e2 feat(shim-mgmt): iptables handler 9f70a6949 tools: Remove empty spaces from build kernel script 57336835d dragonball: add more unit test for device manager 233370023 dragonball: add test utils. 2adb1c182 Dragonball: enable mem_file_path config into hugetlbfs process fef8e92af runtime-rs:add hypervisor interface capabilities daeee26a1 cloud-hypervisor: Fix GetThreadIDs function 40d514aa2 github: Parallelise static checks 27b191358 runtime-rs: blanks filled & fixes made to virtiofsd launch 2508d39b7 runtime: added vcpus pinning logics Core VCPU threads pinning logics for issue 4476. Also provided docs. b74c18024 runtime-rs: fix shared volume permission issue 16dca4ecd runk: Ignore an error when calling kill cmd with --all option df092185e runk: Upgrade libseccomp crate to v0.3.0 in Cargo.lock 990e6359b snap: Unbreak docker install ca69a9ad6 snap: Use metadata for dependencies 39363ffbf runtime: remove same function 0ed7da30d tools: Fix indentation of build static clh script 43fcb8fd0 virtiofsd: Not use "link-self-contained=yes" on s390x The compile option link-self-contained=yes asks rustc to use C library startup object files that come with the compiler, which are not available on the target s390x-unknown-linux-gnu. A build does not contain any startup files leading to a broken executable entry point (causing segmentation fault). c0f5bc81b cargo: Add Cargo.lock to version control 474927ec9 gitignore: Add gitignore file 699f821e1 utils: Add function to drop priveleges a6fb4e2a6 versions: bump golangci-lint version b015f34af runtime-rs: generate config files with the default target 219919e9f docs: Fix volumeMounts in SGX usage example 9d286af7b versions: Update Cloud Hypervisor to b4e39427080 144efd1a7 docs: update rust runtime installation guide cbd84c3f5 rustjail: Upgrade libseccomp crate to v0.3.0 748be0fe3 makefile: remove sudo when create symbolic link 44d8de892 agent: remove redundant checks 89e62d4ed shim: Ensure pagesize is set when reporting hugetbl stats e95089b71 kata-ctl: add basic cpu check for s390x 871d2cf2c kata-ctl: Limit running tests to x86 and use native-tls on s390x 9f2c7e47c Revert "kata-ctl: Disable network check on s390x" 081ee4871 agent: use NLM_F_REPLACE replace NLM_F_EXCL in rtnetlink abf4f9b29 docs: kata 3.0 Architecture fix readme content error 72738dc11 agent: validate hugepage size is supported f74e328ff Makefile: fix an typo in runtime-rs makefile 227e717d2 qemu: Re-work static-build Dockerfile 9c1ac3d45 runtime-rs: return port on agent-url req f205472b0 Makefile: regulate the comment style for the runtime-rs comments ac403cfa5 doc: Update how-to-run-kata-containers-with-SNP-VMs.md 00981b3c0 kata-ctl: Disable network check on s390x c322d1d12 kata-ctl: arch: Improve check call 0bc5baafb snap: Build virtiofsd using the kata-deploy scripts cb4ef4734 snap: Create a task for installing docker 7e5941c57 virtiofsd: Build inside a container 9717dc3f7 Dragonball: remove redundant comments in event manager 35d52d30f versions: Update TDX QEMU 4d9dd8790 runtime-rs: fix typo get_contaier_type to get_container_type 70676d4a9 kata-ctl: improve command descriptions for consistency 86ad832e3 runtime-rs: force shutdown shim process in it can't exit 9eb73d543 versions: Update TDX kernel 1f1901e05 dragonball: fix clippy warning for aarch64 a343c570e dragonball: enhance dragonball ci 6a64fb0eb ci: skip s390x for dragonball. a743e37da Dragonball: delete redundant comments in blk_dev_mgr 00a42f69c kata-ctl: cargo: 2021 -> 2018 fb6327474 kata-ctl: rustfmt + clippy fixes 2b345ba29 build: Add kata-ctl to tools list f7010b806 kata-ctl: docs: Write basic documentation 781e604c3 docs: Reference kata-ctl README 15c343cbf kata-ctl: Don't rely on system ssl libs c23584994 kata-ctl: clippy: Resolve warnings and reformat 133690434 kata-ctl: implement CLI argument --check-version-only eb5423cb7 kata-ctl: switch to use clap derive for CLI handling 018aa899c kata-ctl: Add cpu check 7c9f9a5a1 kata-ctl: Make arch test run at compile time b63ba66dc kata-ctl: Formatting tweaks cca7e32b5 kata-ctl: Lint fixes to allow the branch to be built 8e7bb8521 kata-ctl: add code for framework for arch 303fc8b11 kata-ctl: Add unit tests cases d0b33e9a3 versions: Add kata-ctl version entry 002b18054 kata-ctl: Add initial rust code for kata-ctl 8d4ced3c8 runtime-rs: support ephemeral storage for emptydir 862eaef86 docs: fix a typo in rust-runtime-installation-guide 26c043dee ci: Add dragonball test b62b18bf1 dragonball: fix clippy warning 2ddc948d3 Makefile: add dragonball components. 3fe81fe4a dragonball-ut: use skip_if_not_root to skip root case 72259f101 dragonball: add more unit test for vmm actions 046ddc646 readme: remove libraries mentioning
Kata Containers 3.1.0-alpha1 is compatible with CRI-O
Kata Containers 3.1.0-alpha1 is compatible with contaienrd v1.6.8
Kata Containers 3.1.0-alpha1 support the OCI Runtime Specification v1.0.2
Kata Containers 3.1.0-alpha1 is compatible with Kubernetes 1.23.1-00
The kata-agent
binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.
The kata-agent
uses the libseccomp v2.5.4 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
If you want to use the kata-agent
which is not statically linked with the library, you can build
a custom kata-agent
that does not use the library from sources.
For the details, please check the developer guide.
Agent version: 3.1.0-alpha1
description: | Root filesystem disk image used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "ubuntu" version: "latest" ppc64le: name: "ubuntu" version: "latest" s390x: name: "ubuntu" version: "latest" x86_64: name: "clearlinux" version: "latest" meta: image-type: "clearlinux"
description: | Root filesystem initrd used to boot the guest virtual machine. url: "https://github.com/kata-containers/kata-containers/tools/osbuilder" architecture: aarch64: name: "alpine" version: "3.15"
ppc64le: name: "ubuntu" version: "20.04" s390x: name: "ubuntu" version: "20.04" x86_64: name: "alpine" version: "3.15"
Kata Containers 3.1.0-alpha1 suggest to use the Linux kernel v5.19.2 See the kernel suggested Guest Kernel patches See the kernel suggested Guest Kernel config
Follow the Kata installation instructions.
More information Limitations