github alibaba/OpenSandbox k8s/controller/v0.2.0
K8s Component controller v0.2.0
on GitHub

latest release: js/sandbox/v0.1.7
5 hours ago

K8s Component controller v0.2.0

What's New

Changes included since k8s/controller/v0.1.0.
Scoped paths: kubernetes.

✨ Features

  • feat(k8s): Add auto-assign pool for batchsandbox
  • feat(snapshot): support public snapshots api on Kubernetes runtime
  • feat(server,helm): support env override for api_key
  • feat(release): sign and attest release artifacts
  • feat(k8s): Add pool auto-assign proposal doc
  • feat(server,k8s): implement pause/resume with rootfs snapshot support (#668)
  • feat(k8s): add recycle handler;refactor allocator
  • feat(server): implement OSEP-0011 signed endpoint for secure route access (#787)
  • feat: auto-create/delete PVC and Docker volumes via per-volume API fields (#660)
  • feat(k8s): use patch to update batchsandbox status instead of update
  • feat(k8s): opt pool controller sync alloc cocurrently and add controller workers flag
  • feat(k8s): add Pool rolling update maxUnavailable, close #610 (#610)
  • feat(pool): add scaleStrategy to control scaling behavior
  • feat(k8s): fix in-memory allocation state polluted by same pool name bug
  • feat(k8s): add eviction handler in pool
  • feat(k8s): fix recover failed bug
  • feat(k8s): add e2e test cases for in-memory pool allocation state
  • feat(k8s): fix multi-namespace pool allocation issue; fix recover bug on startup
  • feat(k8s): refactor pool allocation store to in-memory, to fix K8s crd size limitation
  • feat(k8s): add logs in alloc & pool
  • feat(k8s): fix pool alloc atomic bug
  • feat(server): configure egress enforcement mode and centralize sidecar env names
  • feat(controller): add kube client rate limiter flags and configuration (#490)
  • feat(secure-container): add gVisor and Kata RuntimeClass support with e2e tests and secure-container guide docs

🐛 Bug Fixes

  • fix(k8s): batchsandboxe.status.conditions.type missing "Paused"
  • fix(snapshot): harden Kubernetes public snapshot runtime
  • fix(helm): move extraEnv under server.env for consistent config grouping
  • fix(kubernetes): remove pool allocation finalizer on detach
  • fix: verify self-signed controller CA signatures
  • fix: build controller package target
  • fix: enforce crypto key length policy
  • fix(chart/controller): coerce kubeClient.qps/burst to int before gt comparison (#770)
  • fix(chart/server): wire imagePullSecrets into ServiceAccount and Deployment (#767)
  • fix(config): correct log level TOML key across docs, tests, and deploys
  • fix(k8s): fix status deep equal compare, close #638 (#638)
  • fix(ingress): avoid full scan
  • fix(k8s): remove redundant append in scaleBatchSandbox loop
  • fix(pool): correct pod creation count calculation and logging
  • fix(k8s): fix available status check in pool status cal
  • fix(controller): delete dirty pods in pool allocation
  • fix(kubernetes): set SandboxImage to always use TaskExecutorImage in test utils for Kind compatibility
  • fix(scheduler): schedule tasks on new pods when BatchSandbox scales out (#102)
  • fix: add server rbac for secrets
  • fix(kubernetes): update deployment namespace and name in Makefile

⚠️ Breaking Changes

  • None

📦 Misc

  • chore(chart): regenerate Chart.lock for opensandbox-controller 0.2.0
  • chore(chart): bump opensandbox-controller chart version to 0.2.0
  • chore: bump execd to v1.0.16
  • chore: bump egress to v1.0.11
  • chore: bump execd to v1.0.15
  • chore(chart): bump opensandbox-server image to v0.1.13
  • docs(helm): clarify chart and app versioning
  • Update agent guidance docs
  • chore: bump ingress to v1.0.7
  • chore: bump egress to v1.0.10
  • chore(deps): bump github.com/moby/spdystream in /kubernetes
  • build: make native Go builds repeatable
  • fix e2e
  • fix ut
  • chore: bump execd to v1.0.14
  • chore: bump OpenTelemetry Go dependencies
  • chore: bump egress to v1.0.9
  • refactor(kubernetes): move crypto policy helpers
  • chore(chart): bump opensandbox-server image to v0.1.12
  • docs(k8s): Add docs to provide harness
  • chore: bump execd to v1.0.13
  • chore(chart): bump opensandbox-server image to v0.1.11
  • chore: bump egress to v1.0.8
  • chore: bump execd to v1.0.12
  • chore: add Dockerfile.dockerignore to reduce build context (#718)
  • chore(k8s): refactor task schedule func call in pool controller
  • chore(chart): bump opensandbox-server image to v0.1.10
  • chore: bump egress to v1.0.7
  • chore: bump execd to v1.0.11
  • bump ingress gateway to 1.0.6
  • chore: bump execd to v1.0.10
  • chore: bump egress to v1.0.6
  • test(pool_controller): add MaxUnavailable scale strategy to pool specs in tests
  • docs(kubernetes): add scaleStrategy option to control scaling rate
  • chore: bump egress to v1.0.4
  • chore(deps): bump google.golang.org/grpc in /kubernetes
  • test(runtime): improve timing waits in process test cases
  • chore: bump ingress to 1.0.5 (#560)
  • chore: bump execd to v1.0.9 (#564)
  • chore: build image for dockerhub
  • chore: bump opensandbox server to 0.1.8
  • chore: merge kubernetes test workflow
  • chore(kubernetes): refactor test code and Makefile for image variables instead of hard-coded strings
  • chore: bump execd to v1.0.7 (#451)
  • chore: bump code-interpreter to v1.0.2 (#460)
  • chore: dump server to 0.1.7 and ingress to 1.0.4
  • chore(charts): bump ingress image to v1.0.3
  • docs(kubernetes): clarify pause/resume API support status
  • chore(k8s): add opensandbox release chart(all-in-one) & update controller release name
  • chore(server): add logger instance to main module
  • docs(k8s): update error server version in chart value
  • docs(k8s): update pool samples
  • chore(k8s): update server helm template
  • chore(k8s): update helm template
  • test(e2e_runtime): remove unused gvisor batchsandbox and pool test data YAML files
  • docs: upgrade kubernetes version to 1.21.1+
  • test(k8s): update k8s version in e2e workflow and README
  • chore(server): add opensandbox server deployment helm charts
  • test(gvisor): add gVisor binaries download and improve cluster setup
  • chore(deps): bump go.opentelemetry.io/otel/sdk in /kubernetes
  • test(kata): remove all e2e Kata Containers runtime tests and related testdata

👥 Contributors

Thanks to these contributors ❤️

Check out latest releases or
releases around alibaba/OpenSandbox k8s/controller/v0.2.0

Don't miss a new OpenSandbox release

NewReleases is sending notifications on new releases.

Get notifications