kata-containers Changes
Shortlog
2d29791 release: Kata Containers 2.5.0-rc0
f4eea83 release: Adapt kata-deploy for 2.5.0-rc0
96553e8 runtime: Add documentation of drop-in config file fragments
c656457 runtime: Add tests of drop-in config file decoding
99f5ca8 runtime: Plug drop-in decoding into decodeConfig()
0f9856c runtime: Scan drop-in directory, read files and decode them
2c1efcc runtime: Add helpers to copy fields between tomlConfig instances
20f1187 runtime: Add framework to manipulate config structs via reflection
2a4fbd6 agent: enhance get handled signal
0ddb34a oci: fix serde skip serializing condition
acd3302 agent: Run OCI poststart hooks after a container is launched
fbb2e9b agent: Replace some libc functions with nix ones
1f363a3 runtime: overwrite mount type to bind for bind mounts
4e48509 build: Set safe.directory for runtime repo
433816c ci/cd: update check-commit-message
48ccd42 ci: Set safe.directory against tests repository
a5a25ed runtime: delete Console from Cmd type
3232714 virtcontainers: Remove unused function
0939f51 config: Expose default_maxmemory
58ff2bd clh,qemu: Adapt to using default_maxmemory
afdc960 hypervisor: Add default_maxmemory configuration
ab5f1c9 shim: set a non-zero return code if the wait process call failed.
e5be5cb runtime: device: cleanup outdated comments
5f936f2 virtcontainers: config validation is host specific
bdf5e52 virtcontainers: validate hypervisor config outside of hypervisor itself
469e098 katautils: don't do validation when loading hypervisor config
1a78c3d packaging: Remove unused kata docker configure script
0e2459d docs: Add cgroupDriver for containerd
4e30e11 shim: support shim v2 logging plugin
e32bf53 device: deduplicate state structures
f97d9b4 runtime: device/persist: drop persist dependency from device pkgs
f9e96c6 runtime: device: move to top level package
3880e0c agent: refactor reading file timing for debugging
93874cb packaging: Restrict kernel patches applied to top-level dir
07b1367 versions: Update kernel to latest LTS version 5.15.48
1b7d36f agent: Allow BUILD_TYPE=debug
c70d3a2 agent: Update the dependencies
612fd79 random: Fix "nonminimal-bool" clippy warning
d4417f2 netlink: Fix "or-fun-call" clippy warnings
e227b4c block: Leverage multiqueue for virtio-block
9ff10c0 kernel: Add CONFIG_EFI=y as part of the TDX fragments
e7e7dc9 runtime: Add heuristic to get the right value(s) for mem-reserve
ef925d4 runtime: enable sandbox feature on qemu
0bbbe70 snap: fix snap build on ppc64le
c7dd10e packaging: Remove unused publish kata image script
1b7fd19 rootfs: Fix chronyd.service failing on boot
2899530 tracing: Remove whitespace from root span
9941588 workflow: Removing man-db, workflow kept failing
a305baf docs: Update outdated URLs and keep them available
721ca72 runtime: fix error when trying to parse sandbox sizing annotations
90a7763 snap: Fix debug cli option
5d7fb7b build(deps): bump github.com/containerd/containerd in /src/runtime
d0ca2fc build(deps): bump crossbeam-utils in /src/tools/trace-forwarder
a60dcff build(deps): bump regex from 1.5.4 to 1.5.6 in /src/tools/agent-ctl
dbf5067 build(deps): bump crossbeam-utils in /src/tools/agent-ctl
8e2847b build(deps): bump crossbeam-utils from 0.8.6 to 0.8.8 in /src/libs
e9ada16 build(deps): bump regex from 1.5.4 to 1.5.5 in /src/agent
adad9ce build(deps): bump crossbeam-utils from 0.8.5 to 0.8.8 in /src/agent
ac5dbd8 clh: Improve logging related to the net dev addition
0b75522 network: Set queues to 1 to ensure we get the network fds
93b61e0 network: Add FFI_NO_PI to the netlink flags
bf3ddc1 clh: Pass the tuntap fds down to Cloud Hypervisor
55ed32e clh: Take care of the VmAdNetdPut request ourselves
01fe09a clh: Hotplug the network devices
2e07538 clh: Expose VmAddNetPut
bee7703 docs: Update containerd url link
1a5ba31 agent: refactor reading file timing for debugging
bb26bd7 safe-path: fix clippy warning
db5048d kernel: build efi_secret module for SEV
1ef0b7d runtime: Switch to using the rust version of virtiofsd (all but power)
9773838 virtiofsd: export env vars needed for building it
eff4e10 shim: change the log level for GetOOMEvent call failures
4124413 docs: Add more kata monitor details
8f10e13 config: Allow enable_iommu pod annotation by default
b0e090f versions: Bump virtiofsd to v1.3.0
1b84597 docs: Add storage limits to arch doc
7ae11ca docs: Update source for cri-tools
f509962 tools: Enable extra detail on error
34bcef8 docs: Add agent-ctl examples section
815157b docs: Remove erroneous whitespace
Compatibility with CRI-O
Kata Containers 2.5.0-rc0 is compatible with CRI-O
Compatibility with containerd
Kata Containers 2.5.0-rc0 is compatible with contaienrd v1.5.2
OCI Runtime Specification
Kata Containers 2.5.0-rc0 support the OCI Runtime Specification v1.0.0-rc5
Compatibility with Kubernetes
Kata Containers 2.5.0-rc0 is compatible with Kubernetes 1.23.1-00
Libseccomp Notices
The kata-agent binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.
The kata-agent uses the libseccomp v2.5.1 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.
If you want to use the kata-agent which is not statically linked with the library, you can build
a custom kata-agent that does not use the library from sources.
For the details, please check the developer guide.
Kata Linux Containers image
Agent version: 2.5.0-rc0
Default Image Guest OS:
description: |
Root filesystem disk image used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/kata-containers/tools/osbuilder"
architecture:
aarch64:
name: "ubuntu"
version: "latest"
ppc64le:
name: "ubuntu"
version: "latest"
s390x:
name: "ubuntu"
version: "latest"
x86_64:
name: "clearlinux"
version: "latest"
meta:
image-type: "clearlinux"
Default Initrd Guest OS:
description: |
Root filesystem initrd used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/kata-containers/tools/osbuilder"
architecture:
aarch64:
name: "alpine"
version: "3.15"
ppc64le:
name: "ubuntu"
version: "20.04"
s390x:
name: "ubuntu"
version: "20.04"
x86_64:
name: "alpine"
version: "3.15"
Kata Linux Containers Kernel
Kata Containers 2.5.0-rc0 suggest to use the Linux kernel v5.15.48
See the kernel suggested Guest Kernel patches
See the kernel suggested Guest Kernel config
Installation
Follow the Kata installation instructions.
Issues & limitations
More information Limitations