Releases: kata-containers/runtime
Kata Containers 1.12.0-alpha0
Release 1.12.0-alpha0
agent Changes
- container oom event support
- static arp neighbors support
- security fix for CVE-2020-2023
Shortlog
b08eb7e release: Kata Containers 1.12.0-alpha0
c01192e device: Allow to use the predicted 'VmPath' when adding blk devices
a88af32 device: Do not allow container access to the nvdimm rootfs
42438f9 network: Add grpc method to add static arp neighbors
756de79 Makefile: do not use LDFLAGS to avoid environment contamination
1eb1abe channel: fix the issue of epoll_wait interrupted by signal
2aa833f agent: add grpc endpoint to retrieve oom events
proxy Changes
Shortlog
c9c4883 release: Kata Containers 1.12.0-alpha0
runtime Changes
- support OOM event reporting
- support guest static arp neighbors
- support vfio device cold plug on QEMU
- support block device hotplug on cloud-hpyervisor
- enable dax support on arm64 platform
- security fixes for CVE-2020-2023, CVE-2020-2024, CVE-2020-2025 and CVE-2020-2026
Shortlog
a3de452 release: Kata Containers 1.12.0-alpha0
c139a66 versions: update QEMU to 5.0.0
30b40f5 clh: Remove the use of deprecated '--memory file=' parameter
e02d5ef virtcontainers: print a warning when the device to append is not supported
5fccab7 virtcontainer/cgroup: create cgroup manager after creating the network
3c8c650 virtcontainers/network: Change signature of Enpoint Attach method
581ff97 drivers: change BindDevicetoVFIO signature
970ef45 device: support vfio cold plug
6532eaa device: add ColdPlug flag
26f8c14 vendor: update govmm
53a9d00 virtcontainers: Fix structured logging in cgroups package
c51baf8 shimv2: Use BUILDTAGS when building shimv2
651d5ff qemu: Fix kernel_irqchip=split option for IOMMU enabled sandbox
364435a clh: vsock: Use the updated VsockConfig
17d265a versions: Move to cloud-hypervisor v0.8.0
4ee382c qemu: Report all errors on virtiofsd execution
5a3b665 katatestutils: Use the configured virtiofs daemon path
2c34263 virtcontainers: Check the correct error variable for sandbox creation
c19daa5 qemu: Fix travis build failure for Power
5d442a2 qemu_arm64: Fix build failure
fdcd1f3 qemu: enable iommu on q35
66b54f8 qemu: support appending a vIOMMU device
401ad67 vendor: update govmm to bring iommu support
4645d3e virtiofsd: Use cache=auto
9ac3911 cli: Fix kata-env output on Power
6be76fc kata_agent: Add unit tests
5b96e01 clh: Clear the "PCIAddr" field while blk device hotplug
50c1dce kata_agent: Pass "VirtPath" with "PCIAddr" of blk devices to agent
aea29b6 kata_agent: Allow to use "VirtPath" as volume source for blk devices
e5a3211 clh: Allow add virtiofs args and cache options from config
49ebaa8 virtcontainers: drop deferred func for GetAndSetSandboxBlockIndex
379f19f qemu: Fix rtc parameter is not set to qemu
20fe3bb shimv2: check correct error variable for deferred func in service#StartShim
54e8fdb qemu: Fix Qemu binary path for Power across distros
e855d8d github: add auto comment bot
a3dec26 vc: make host shared path readonly
1d3e1ea qemu: Remove hard-coding of Qemu machine options for ppc64le
67d3e2c network: Detect and add static ARP entries
412dcbf vendor: Update agent to include AddARPNeighbors grpc method
6b32472 qemu: Remove PMU feature for Power (ppc64le) platform
e07a932 ci: Do not install virtcontainers with podman clh
f76d739 virtcontainers: GetOOMEvent should have no timeout
5e55272 clh: Set 'virtio-blk' as the default block device driver
c5f97b2 clh: Enable disk block device hotplug support
18662e1 qemu: Remove pmu limitation in nested virtualization of amd/ppc64le
41a06d4 build: Add "pmu=off" to default cpu_features option
f03c17d annotations: add cpu_features
0100af1 qemu: add cpu_features option
0b3a927 vendor: Update govmm
6c51754 clh: remove slow boot debug flags from kernel cmdline
160e3a7 clh: Remove vsock log port in kernel cmdline
e1ee00d clh: Improve hypervisor logging
882a823 virtiofsd: Improve logging
7b269ff qemu: Don't leak file descriptors in case of error
6aff077 virtcontainers: x86: Support microvm machine type
c98ef48 vendor: update govmm
bec32f6 utils: Fix case version check for stable releases
86f5810 shim: exit out of oom polling if unimplemented
b4833a4 virtcontainers: tests fix, nit fix
db28dcf shim: retrieve oom events after starting sandbox
86686b5 virtcontainers: add support for getOOMEvent agent endpoint to sandbox
ef8624b vendor: update agent
619ada2 clh: vsock: Supply the right VsockConfig to Vmconfig
9dbd929 versions: Move to cloud-hypervisor v0.7.0
3c4fe03 shm: handle shm mount backed by empty-dir memory volumes
7b5e8f6 clh: memory: remove pmem size argument
d4a9282 versions: Move to latest cloud-hypervisor
ee985a6 qemu: arm64: Set defaultGICVersion to 3 to limit the max vCPU number
4d4a153 qemu: arm64: Don't detect gic version by /proc/interrupts
d0dbd04 virtcontainers: Fix structured logging in device/config package
8d9fa47 virtcontainers: constrain runtime after creating network
017ac55 virtcontainers: update sandbox's device cgroup
1da6f22 virtcontainers: remove all the code related to HasCRIContainerType
389b374 virtcontainers: apply constraints to the sandbox cgroup
6377fc4 pkg/cgroups: update the list of devices for the hypervisor
042e7a2 pkg/cgroups: add methods to add and remove device from the cgroup
dc69d6e pkg/cgroups: implement functions to get information from a host device
eee0b09 device: add GetHostPath() to generic device
23aa94e logging: Fix structured logging in store package
868f687 versions: Remove golangci-lint and gometalinter entries
e36389e dax: enable dax on arm64
7e47046 vc: Version support check is ineffective in createSandbox
c4b5922 versions: Misc changes to descriptions
shim Changes
Shortlog
866e33c release: Kata Containers 1.12.0-alpha0
Compatibility with Docker
Kata Containers 1.12.0-alpha0 is compatible with Docker v18.06-ce
Compatibility with CRI-O
Kata Containers 1.12.0-alpha0 is compatible with CRI-O 0eec454168e381e460b3d6de07bf50bfd9b0d082
Compatibility with cri-containerd
Kata Containers 1.12.0-alpha0 is compatible with cri-contaienrd 3a4acfbc99aa976849f51a8edd4af20ead51d8d7
OCI Runtime Specification
Kata Containers 1.12.0-alpha0 support the OCI Runtime Specification v1.0.0-rc5
Compatibility with Kubernetes
Kata Containers 1.12.0-alpha0 is compatible with Kubernetes 1.17.3-00
Kata Linux Containers image
Agent version: 1.12.0-alpha0
Default Image Guest OS:
description: |
Root filesystem disk image used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/osbuilder"
architecture:
aarch64:
name: "ubuntu"
version: "latest"
ppc64le:
name: "centos"
version: "latest"
s390x:
name: "ubuntu"
version: "latest"
x86_64:
name: "clearlinux"
version: "latest"
meta:
image-type: "clearlinux"
Default Initrd Guest OS:
description: |
Root filesystem initrd used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/osbuilder"
architecture:
aarch64:
name: "alpine"
version: "3.7"
ppc64le:
name: "alpine"
version: "3.7"
s390x:
name: "alpine"
version: "3.7"
x86_64:
name: "alpine"
version: "3.7"
Kata Linux Containers Kernel
Kata Containers 1.12.0-alpha0 suggest to use the Linux kernel v5.4.32
See the kernel suggested Guest Kernel patches
See the kernel suggested Guest Kernel config
Installation
Follow the Kata installation instructions.
Issues & limitations
More information Limitations
Kata Containers 1.11.2
Release 1.11.2
agent Changes
Shortlog
69a9ae6 release: Kata Containers 1.11.2
proxy Changes
Shortlog
9c7651e release: Kata Containers 1.11.2
runtime Changes
Shortlog
fe20bb4 release: Kata Containers 1.11.2
476eb46 virtcontainers: print a warning when the device to append is not supported
74a4258 virtcontainer/cgroup: create cgroup manager after creating the network
c2c3b87 virtcontainers/network: Change signature of Enpoint Attach method
8a9a3ce drivers: change BindDevicetoVFIO signature
39b3c3e device: support vfio cold plug
f2eab50 device: add ColdPlug flag
a254da6 virtcontainers: Check the correct error variable for sandbox creation
857d138 virtcontainers: drop deferred func for GetAndSetSandboxBlockIndex
ad53710 shimv2: check correct error variable for deferred func in service#StartShim
f85a2d5 qemu: Report all errors on virtiofsd execution
44887a2 katatestutils: Use the configured virtiofs daemon path
3eee00e qemu: Remove hard-coding of Qemu machine options for ppc64le
cecd7f7 cli: Fix kata-env output on Power
2c3b344 qemu: Fix Qemu binary path for Power across distros
5d80f69 virtcontainers: Fix structured logging in cgroups package
dbc914a shimv2: Use BUILDTAGS when building shimv2
shim Changes
Shortlog
048028a release: Kata Containers 1.11.2
Compatibility with Docker
Kata Containers 1.11.2 is compatible with Docker v18.06-ce
Compatibility with CRI-O
Kata Containers 1.11.2 is compatible with CRI-O 0eec454168e381e460b3d6de07bf50bfd9b0d082
Compatibility with cri-containerd
Kata Containers 1.11.2 is compatible with cri-contaienrd 3a4acfbc99aa976849f51a8edd4af20ead51d8d7
OCI Runtime Specification
Kata Containers 1.11.2 support the OCI Runtime Specification v1.0.0-rc5
Compatibility with Kubernetes
Kata Containers 1.11.2 is compatible with Kubernetes 1.17.3-00
Kata Linux Containers image
Agent version: 1.11.2
Default Image Guest OS:
description: |
Root filesystem disk image used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/osbuilder"
architecture:
aarch64:
name: "ubuntu"
version: "latest"
ppc64le:
name: "centos"
version: "latest"
s390x:
name: "ubuntu"
version: "latest"
x86_64:
name: "clearlinux"
version: "latest"
meta:
image-type: "clearlinux"
Default Initrd Guest OS:
description: |
Root filesystem initrd used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/osbuilder"
architecture:
aarch64:
name: "alpine"
version: "3.7"
ppc64le:
name: "alpine"
version: "3.7"
s390x:
name: "alpine"
version: "3.7"
x86_64:
name: "alpine"
version: "3.7"
Kata Linux Containers Kernel
Kata Containers 1.11.2 suggest to use the Linux kernel v5.4.32
See the kernel suggested Guest Kernel patches
See the kernel suggested Guest Kernel config
Installation
Follow the Kata installation instructions.
Issues & limitations
More information Limitations
Kata Containers 1.10.6
Release 1.10.6
agent Changes
Shortlog
b44f652 release: Kata Containers 1.10.6
proxy Changes
Shortlog
1636e85 release: Kata Containers 1.10.6
runtime Changes
Shortlog
7ed7551 release: Kata Containers 1.10.6
shim Changes
Shortlog
a90a0f0 release: Kata Containers 1.10.6
Compatibility with Docker
Kata Containers 1.10.6 is compatible with Docker v18.06-ce
Compatibility with CRI-O
Kata Containers 1.10.6 is compatible with CRI-O v1.16.0
Compatibility with cri-containerd
Kata Containers 1.10.6 is compatible with cri-contaienrd 3a4acfbc99aa976849f51a8edd4af20ead51d8d7
OCI Runtime Specification
Kata Containers 1.10.6 support the OCI Runtime Specification v1.0.0-rc5
Compatibility with Kubernetes
Kata Containers 1.10.6 is compatible with Kubernetes 1.16.2-00
Kata Linux Containers image
Agent version: 1.10.6
Default Image Guest OS:
description: |
Root filesystem disk image used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/osbuilder"
architecture:
aarch64:
name: "fedora"
version: "latest"
ppc64le:
name: "centos"
version: "latest"
s390x:
name: "ubuntu"
version: "latest"
x86_64:
name: "clearlinux"
version: "latest"
meta:
image-type: "clearlinux"
Default Initrd Guest OS:
description: |
Root filesystem initrd used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/osbuilder"
architecture:
aarch64:
name: "alpine"
version: "3.7"
ppc64le:
name: "alpine"
version: "3.7"
s390x:
name: "alpine"
version: "3.7"
x86_64:
name: "alpine"
version: "3.7"
Kata Linux Containers Kernel
Kata Containers 1.10.6 suggest to use the Linux kernel v4.19.86
See the kernel suggested Guest Kernel patches
See the kernel suggested Guest Kernel config
Installation
Follow the Kata installation instructions.
Issues & limitations
More information Limitations
# Release 1.10.5
Please note that this release includes security fixes for CVE-2020-2023 and CVE-2020-2026. Users are strongly encouraged to move to this new release.
agent Changes
Shortlog
6fef0af release: Kata Containers 1.10.5
faec7c3 device: Do not allow container access to the nvdimm rootfs
proxy Changes
Shortlog
c908a9f release: Kata Containers 1.10.5
runtime Changes
Shortlog
eb8bf66 clh: Fix shared directory path for virtiofsd
f48f40f release: Kata Containers 1.10.5
e70898a vc: make host shared path readonly
de15a38 unit-test: refine related unit tests
95bb74e mount: modify func bindMount
483dcca vc: validate container path when cleaning up
bac553d vc: do not follow symlink when umounting contanier host path
346f71b logging: Fix structured logging in store package
cee6322 shm: handle shm mount backed by empty-dir memory volumes
shim Changes
Shortlog
ed0f2e5 release: Kata Containers 1.10.5
Compatibility with Docker
Kata Containers 1.10.5 is compatible with Docker v18.06-ce
Compatibility with CRI-O
Kata Containers 1.10.5 is compatible with CRI-O v1.16.0
Compatibility with cri-containerd
Kata Containers 1.10.5 is compatible with cri-contaienrd 3a4acfbc99aa976849f51a8edd4af20ead51d8d7
OCI Runtime Specification
Kata Containers 1.10.5 support the OCI Runtime Specification v1.0.0-rc5
Compatibility with Kubernetes
Kata Containers 1.10.5 is compatible with Kubernetes 1.16.2-00
Kata Linux Containers image
Agent version: 1.10.5
Default Image Guest OS:
description: |
Root filesystem disk image used to boot the guest virtual
machine.
url: https://github.com/kata-containers/osbuilder
architecture:
aarch64:
name: fedora
version: latest
ppc64le:
name: centos
version: latest
s390x:
name: ubuntu
version: latest
x86_64:
name: clearlinux
version: latest
meta:
image-type: clearlinux
Default Initrd Guest OS:
description: |
Root filesystem initrd used to boot the guest virtual
machine.
url: https://github.com/kata-containers/osbuilder
architecture:
aarch64:
name: alpine
version: "3.7"
ppc64le:
name: alpine
version: "3.7"
s390x:
name: alpine
version: "3.7"
x86_64:
name: alpine
version: "3.7"
Kata Linux Containers Kernel
Kata Containers 1.10.5 suggest to use the Linux kernel v4.19.86
See the kernel suggested Guest Kernel patches
See the kernel suggested Guest Kernel config
Installation
Follow the Kata installation instructions.
Issues & limitations
More information Limitations
# Release 1.11.1
Please note that this release includes security fixes for CVE-2020-2023 and CVE-2020-2026. Users are strongly encouraged to move to this new release.
agent Changes
Shortlog
f26bd42 release: Kata Containers 1.11.1
b863695 device: Do not allow container access to the nvdimm rootfs
proxy Changes
Shortlog
28a7423 release: Kata Containers 1.11.1
runtime Changes
Shortlog
bdf91fc release: Kata Containers 1.11.1
a74e194 shm: handle shm mount backed by empty-dir memory volumes
673b471 virtcontainers: Fix structured logging in device/config package
13887bf logging: Fix structured logging in store package
0042823 vc: make host shared path readonly
shim Changes
Shortlog
488f6da release: Kata Containers 1.11.1
Compatibility with Docker
Kata Containers 1.11.1 is compatible with Docker v18.06-ce
Compatibility with CRI-O
Kata Containers 1.11.1 is compatible with CRI-O 0eec454168e381e460b3d6de07bf50bfd9b0d082
Compatibility with cri-containerd
Kata Containers 1.11.1 is compatible with cri-contaienrd 3a4acfbc99aa976849f51a8edd4af20ead51d8d7
OCI Runtime Specification
Kata Containers 1.11.1 support the OCI Runtime Specification v1.0.0-rc5
Compatibility with Kubernetes
Kata Containers 1.11.1 is compatible with Kubernetes 1.17.3-00
Kata Linux Containers image
Agent version: 1.11.1
Default Image Guest OS:
description: |
Root filesystem disk image used to boot the guest virtual
machine.
url: https://github.com/kata-containers/osbuilder
architecture:
aarch64:
name: ubuntu
version: latest
ppc64le:
name: centos
version: latest
s390x:
name: ubuntu
version: latest
x86_64:
name: clearlinux
version: latest
meta:
image-type: clearlinux
Default Initrd Guest OS:
description: |
Root filesystem initrd used to boot the guest virtual
machine.
url: https://github.com/kata-containers/osbuilder
architecture:
aarch64:
name: alpine
version: "3.7"
ppc64le:
name: alpine
version: "3.7"
s390x:
name: alpine
version: "3.7"
x86_64:
name: alpine
version: "3.7"
Kata Linux Containers Kernel
Kata Containers 1.11.1 suggest to use the Linux kernel v5.4.32
See the kernel suggested Guest Kernel patches
See the kernel suggested Guest Kernel config
Installation
Follow the Kata installation instructions.
Issues & limitations
More information Limitations
# Release 1.11.0
Announcing Kata Containers 1.11.0.
This is a new stable branch for Kata. For this release Kata includes improvements.
Please note that this release includes security fixes for CVE-2020-2024 and CVE-2020-2025. Users are strongly encouraged to move to this new release.
Qemu:
- update qemu to 4.1.1
- qemu: Support PCIe device hotplug for q35
- qemu: Add virtio-mem support (experimental)
- Support pmem/nvdimm hotplug
Firecraker:
- Update Firecracker to v0.20.0
Cloud Hypervisor:
- Update to
cloud-hypervisor 0.7.0 - Device assignment using VFIO (Virtual Function I/O) was implemented.
- Memory and CPU hotplug was enabled for Kata and Cloud Hypervisor.
- Boot guest OS using virtualized persistent memory was enabled (
virtio-pmem).
Network:
- ipv6: Add support for ipv6
Internals:
- persist: move "newstore" out of experimental:The "newstore" feature has had been a "experimental" feature for long time.
cgroups and namespaces:
- rootless: Fix rootless for case
net=none - Support device cgroup in the host when sandbox_cgroup_only is true, the hypervisor has access only to the devices that the sandbox and its containers need
agent Changes
Shortlog
a04eb27 release: Kata Containers 1.11.0
27490d4 release: Kata Containers 1.11.0-rc0
305c6f9 protocols: fix client unit tests for go 1.13
6cbeed5 mount: Use "virtiofs" instead of "virtio_fs"
cfc96dd build: Add support to strip the agent golang binary
7c0a967 agent: signal from keyboard must not be fatal
8325ad8 agent: fix epoll fd left in the kata-agent when exec process
97f6fa7 release: Kata Containers 1.11.0-alpha1
05b557a agent: add configurable container pipe size cmdline option
8ede869 agent: add kernel cmdline parameter to enable or disable cgroups v2
ddd9188 agent: parse kernel command line as soon as possible
2a5442a agent: support pmem/nvdimm hotplug
3f0d98e agent: Remove dev from pciDeviceMap when device is unplugged
e4c2037 agent: don't receive signals from stdin
8f57eda protocols: client: Add timeout for hybrid vsock handshake
8929a02 release: Kata Containers 1.11.0-alpha0
f6472bd build: Update CentOS version for the Dockerfile
accab34 agent-client: include log in agent client
a44d555 FC: Add new vsock connection handshake
c66b927 ipv6: Add flag IFA_F_NODAD for ipv6 address.
93a901c ipv6: Add support for ipv6
8d8d3f8 test: change import path for NetworkInterface
e6cbfc1 vendor: Update vendoring for libcontainer.
660e61f Revert: client.go: HybridVSockDialer: Change Read EOT to recv peek
6cfb75d Revert: client.go: HybridVSockDialer: Check return size n of unix.Recvfrom
54eb918 Revert: client.go: HybridVSockDialer: Close dup fd after receive packet
2f49115 agent: Fix mem-hotplug on x86 when ARCH_MEMORY_PROBE is set
44608b2 vendor: update golang/sys
33f3208 client.go: HybridVSockDialer: Close dup fd after receive packet
proxy Changes
Shortlog
de96227 release: Kata Containers 1.11.0
9412389 release: Kata Containers 1.11.0-rc0
32085dd travis: specify golang version
1f23aa4 build: Add support to strip the proxy golang binary
a7e5f51 release: Kata Containers 1.11.0-alpha1
d70f905 release: Kata Containers 1.11.0-alpha0
46750d9 Makefile: overwrite PREFIX from environment
runtime Changes
Shortlog
c7fa5dc utils: Fix case version check for stable releases
c2b6978 release: Kata Containers 1.11.0
2d25165 clh: vsock: Supply the right VsockConfig to Vmconfig
fcc9e93 versions: Move to cloud-hypervisor v0.7.0
34be9e0 clh: memory: remove pmem size argument
9798e8a versions: Move to latest cloud-hypervisor
93b1b83 virtcontainers: constrain runtime after creating network
fc9be99 virtcontainers: update sandbox's device cgroup
5cfae21 virtcontainers: remove all the code related to HasCRIContainerType
cff5392 virtcontainers: apply constraints to the sandbox cgroup
ce6edc5 pkg/cgroups: update the list of devices for the hypervisor
3fceece pkg/cgroups: add methods to add and remove device from the cgroup
b345855 pkg/cgroups: implement functions to get information from a host device
0d3b697 device: add GetHostPath() to generic device
21711ee release: Kata Containers 1.11.0-rc0
d78ffd6 makefile: Make SELinux support configurable
7aa3168 clh: Boot from persistent memory device
e8fc25a version: Update clh to master
8c850d9 config: Add scsi_mod.scan=none for virtio-scsi
bf9758b katautils: Use config paths set during the build
07d0a4f version: Update kernel to lts 5.4.32
432f9be clh: virtiofs: Add no_posix_lock option
ab8050c kata_agent: Don't use dax if virtio_fs_cache is 0
6218b2a kata_agent: Remove sharedDirVirtioFSOptions
95ccc0f agent: Use "virtiofs" instead of "virtio_fs"
4c1cacd versions: Switch to virtio-fs-dev branch for kernel
8e0f891 v2: Open log fifo with RDWR instead of WRONLY
afbd03c qemu-ppc64le: Switch off large decrementer capability
0294fcb versions: Update go to 1.13.9
5eec8bd qemu_ppc64le: EXpose fs support explicitly
fd625b3 qemu: Don't crash if virtiofsd path is non existent
e4eb553 virtcontainers: Add SELinux support for running VM Confinement
39e354f clh: Implement capabilities
0a1ffc1 types: Make FS sharing disable by default
4d034b1 versions: update go to v1.14
7997218 Makefile: Allow change default hypervisor via env var
669b6e3 clh: Report warning when requested vCPUs exceeds maxVCPU allowed
aab82f6 clh: Add memory hotplug
2f94873 clh: Use MemUnit to create VM
b6a7d8d utils: Add memory unit abstraction
5e7d253 clh: add vmInfo method
ebb8fd5 versions: Update clh to latest master
3b53114 virtcontainers: improve algorithm to check Large bar devices
7aff546 virtcontainers: check PCI resource format before using it
2c310fe virtcontainers: handle persistent memory volumes
434b302 virtcontainers: hotplug block drives that are pmem devices as nvdimm
84e0ee1 virtcontainers: reimplement createBlockDevices
abbdf07 virtcontainers: add Pmem attribute to BlockDrive
ee941e5 virtcontainers: Implement function to get the pmem DeviceInfo
9ff44db virtcontainers: implement function to get the backing file
0a4e2ed virtcontainers: move GetDevicePathAndFsType to utils_linux
2c7f27e vendor: update govmm
e62a8aa versions: Update containerd commit
4d2574a virtcontainers: Don't create vfio devices in the guest
d0a730c shimv2: move container rootfs mounted flag to container level
d60902a FC: change minimum supported version of Firecracker to v0.21.1
aadf8c4 AArch64: enable firecracker v0.21.1 on AArch64
44e2349 FC: Fix error of overlong firecracker API unix socket
c3bafd5 FC: Change default API socket path
2945bcd FC: Removed redundant --seccomp-level jailer parameter
d2cae59 FC: Removed redundant RescanBlockDevice action
37b91b3 FC: Remove logger.options
f61eca8 clh: Add comments around clh api
6a4e667 virtiofsd: Check if PID is valid
3251bea version: Update clh to master
c518464 clh: Add vfio support
00da127 unit-test: refine related unit tests
13390df Jailer: re-mount jailerRoot with exec
9d3022a mount: modify func bindMount
126fa15 agent: append and handle vhost-user-blk device
cf066b7 devices: hotplug vhost-user-blk device to qemu
3696318 devices: filter vhost-user-blk/scsi device
54b24da devices: add vhost-user storage configuration
17a92ae release: Kata Containers 1.11.0-alpha1
94298dd clh: Remove dead-code on maxClhVcpus
2cd0c88 README: logging: add shimv2 information
4c28717 vc: add agent.container_pipe_size annotation
4ce44ab clh: set rootfstype
eee4d70 katutils: logging: default log level to Warn
913d153 cli: logging: Default to Warn level
ed43117 vc: Remove container share dir when stopping
17b9de1 clh: enable CPU hotplug
63c7ac5 clh: add 'APIsocket' to persist HypervisorState
e9a4658 vc: Use BlockIndexMap instead of BlockIndex
7427fea dnm: vendor: update agent client
0da1010 version-update: version update for cri-o and k8s
376c425 cli: add virtioFsDaemon to kata-env.
171eb70 qemu: use govmm vhost user device types directly
4639294 qemu: pass guest image file readonly
63fdf53 vendor: update govmm dependency
c6cc8b9 virtcontainers: support lazy attach devices
3345977 clh: update minimal supported version to check.
2033229 clh: Fix version check
ea82922 virtcontainers/pkg/cgroups: implement cgroup manager
03cdf6c virtcontainers: add new package for cgroups
5f9a77c vc: validate container path when cleaning up
5bf3231 vc: do not follow symlink when umounting contanier host path
12d10eb clh: Update clh driver to use the latest openAPI knobs
de8fe25 clh: Update CLH to stable/v0.5.x
32196ff clh: Do not find vsock context ID
c2462e7 release: Kata Containers 1.11.0-alpha0
db5cfeb makefile: Fix missing LDFLAGS references
b74cda0 makefile: do not use LDFLAGS for extra kata flags.
1c1e7cc unit-test: refine unit tests
1ad927d kata-check: use "--strict" to perform version consistency check
a4b3c65 kata-env: import new struct VersionInfo
0f720e6 virtcontainers: fix typo in sandbox
78bb6c0 virtcontainers/persist: fix typo in fs
a8dcff5 AArch64: change image rootfs from fedora to ubuntu
2c3b465 build: Add support to strip the binary
de7383b kernel: Update kernel to latest stable 5.4.15
055f317 selinux: Disable selinux
a45cf62 virtcontainers/pkg/rootless: fix comment on exported var
c36c667 cli: implement --rootless option
11bd456 virtcontainers: support new persist API
9585bc9 virtcontainers/hypervisors: support new persist API
00307a7 virtcontainers/sandbox: support new persist API
4b9ab55 virtcontainers/factory: support new persist API
71f48a3 virtcontainers/persist: update GetDriver to support rootless fs
dd2762f virtcontainers/persist: introduce mock fs driver
ea8fb96 virtcontainers/persist: introd...
# Release 1.10.4
agent Changes
Shortlog
443860e release: Kata Containers 1.10.4
proxy Changes
Shortlog
e6c5c6a release: Kata Containers 1.10.4
runtime Changes
Shortlog
7693e93 release: Kata Containers 1.10.4
shim Changes
Shortlog
9c47855 release: Kata Containers 1.10.4
Compatibility with Docker
Kata Containers 1.10.4 is compatible with Docker v18.06-ce
Compatibility with CRI-O
Kata Containers 1.10.4 is compatible with CRI-O 0eec454168e381e460b3d6de07bf50bfd9b0d082
Compatibility with cri-containerd
Kata Containers 1.10.4 is compatible with cri-contaienrd 3a4acfbc99aa976849f51a8edd4af20ead51d8d7
OCI Runtime Specification
Kata Containers 1.10.4 support the OCI Runtime Specification v1.0.0-rc5
Compatibility with Kubernetes
Kata Containers 1.10.4 is compatible with Kubernetes 1.16.2-00
Kata Linux Containers image
Agent version: 1.10.4
Default Image Guest OS:
description: |
Root filesystem disk image used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/osbuilder"
architecture:
aarch64:
name: "fedora"
version: "latest"
ppc64le:
name: "centos"
version: "latest"
s390x:
name: "ubuntu"
version: "latest"
x86_64:
name: "clearlinux"
version: "latest"
meta:
image-type: "clearlinux"
Default Initrd Guest OS:
description: |
Root filesystem initrd used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/osbuilder"
architecture:
aarch64:
name: "alpine"
version: "3.7"
ppc64le:
name: "alpine"
version: "3.7"
s390x:
name: "alpine"
version: "3.7"
x86_64:
name: "alpine"
version: "3.7"
Kata Linux Containers Kernel
Kata Containers 1.10.4 suggest to use the Linux kernel v4.19.86
See the kernel suggested Guest Kernel patches
See the kernel suggested Guest Kernel config
Installation
Follow the Kata installation instructions.
Issues & limitations
More information Limitations
# Release 1.11.0-rc0
Highlights for this rc0 release include:
- Add SELinux support for running VM Confinement
- Make SELinux support configurable
- cloud-hypervisor: Boot from persistent memory device
- Different virtiofs fixes
- Kernel updated to LTS 5.4.32
agent Changes
Shortlog
27490d4 release: Kata Containers 1.11.0-rc0
305c6f9 protocols: fix client unit tests for go 1.13
6cbeed5 mount: Use "virtiofs" instead of "virtio_fs"
cfc96dd build: Add support to strip the agent golang binary
7c0a967 agent: signal from keyboard must not be fatal
8325ad8 agent: fix epoll fd left in the kata-agent when exec process
proxy Changes
Shortlog
9412389 release: Kata Containers 1.11.0-rc0
32085dd travis: specify golang version
runtime Changes
Shortlog
21711ee release: Kata Containers 1.11.0-rc0
d78ffd6 makefile: Make SELinux support configurable
7aa3168 clh: Boot from persistent memory device
e8fc25a version: Update clh to master
8c850d9 config: Add scsi_mod.scan=none for virtio-scsi
bf9758b katautils: Use config paths set during the build
07d0a4f version: Update kernel to lts 5.4.32
432f9be clh: virtiofs: Add no_posix_lock option
ab8050c kata_agent: Don't use dax if virtio_fs_cache is 0
6218b2a kata_agent: Remove sharedDirVirtioFSOptions
95ccc0f agent: Use "virtiofs" instead of "virtio_fs"
4c1cacd versions: Switch to virtio-fs-dev branch for kernel
8e0f891 v2: Open log fifo with RDWR instead of WRONLY
afbd03c qemu-ppc64le: Switch off large decrementer capability
0294fcb versions: Update go to 1.13.9
5eec8bd qemu_ppc64le: EXpose fs support explicitly
fd625b3 qemu: Don't crash if virtiofsd path is non existent
e4eb553 virtcontainers: Add SELinux support for running VM Confinement
39e354f clh: Implement capabilities
0a1ffc1 types: Make FS sharing disable by default
4d034b1 versions: update go to v1.14
7997218 Makefile: Allow change default hypervisor via env var
669b6e3 clh: Report warning when requested vCPUs exceeds maxVCPU allowed
aab82f6 clh: Add memory hotplug
2f94873 clh: Use MemUnit to create VM
b6a7d8d utils: Add memory unit abstraction
5e7d253 clh: add vmInfo method
ebb8fd5 versions: Update clh to latest master
3b53114 virtcontainers: improve algorithm to check Large bar devices
7aff546 virtcontainers: check PCI resource format before using it
2c310fe virtcontainers: handle persistent memory volumes
434b302 virtcontainers: hotplug block drives that are pmem devices as nvdimm
84e0ee1 virtcontainers: reimplement createBlockDevices
abbdf07 virtcontainers: add Pmem attribute to BlockDrive
ee941e5 virtcontainers: Implement function to get the pmem DeviceInfo
9ff44db virtcontainers: implement function to get the backing file
0a4e2ed virtcontainers: move GetDevicePathAndFsType to utils_linux
2c7f27e vendor: update govmm
e62a8aa versions: Update containerd commit
4d2574a virtcontainers: Don't create vfio devices in the guest
d0a730c shimv2: move container rootfs mounted flag to container level
d60902a FC: change minimum supported version of Firecracker to v0.21.1
aadf8c4 AArch64: enable firecracker v0.21.1 on AArch64
44e2349 FC: Fix error of overlong firecracker API unix socket
c3bafd5 FC: Change default API socket path
2945bcd FC: Removed redundant --seccomp-level jailer parameter
d2cae59 FC: Removed redundant RescanBlockDevice action
37b91b3 FC: Remove logger.options
f61eca8 clh: Add comments around clh api
6a4e667 virtiofsd: Check if PID is valid
3251bea version: Update clh to master
c518464 clh: Add vfio support
shim Changes
Shortlog
157eb5a release: Kata Containers 1.11.0-rc0
3d4166a vendor: Update kata agent to 5bf8d4c
6153de8 vendor: Update logrus to v1.4.2
21a5451 travis: specify golang version.
Compatibility with Docker
Kata Containers 1.11.0-rc0 is compatible with Docker v18.06-ce
Compatibility with CRI-O
Kata Containers 1.11.0-rc0 is compatible with CRI-O 0eec454168e381e460b3d6de07bf50bfd9b0d082
Compatibility with cri-containerd
Kata Containers 1.11.0-rc0 is compatible with cri-contaienrd 3a4acfbc99aa976849f51a8edd4af20ead51d8d7
OCI Runtime Specification
Kata Containers 1.11.0-rc0 support the OCI Runtime Specification v1.0.0-rc5
Compatibility with Kubernetes
Kata Containers 1.11.0-rc0 is compatible with Kubernetes 1.17.3-00
Kata Linux Containers image
Agent version: 1.11.0-rc0
Default Image Guest OS:
description: |
Root filesystem disk image used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/osbuilder"
architecture:
aarch64:
name: "ubuntu"
version: "latest"
ppc64le:
name: "centos"
version: "latest"
s390x:
name: "ubuntu"
version: "latest"
x86_64:
name: &default-image-name "clearlinux"
version: "latest"
meta:
image-type: *default-image-name
Default Initrd Guest OS:
description: |
Root filesystem initrd used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/osbuilder"
architecture:
aarch64:
name: &default-initrd-name "alpine"
version: &default-initrd-version "3.7"
ppc64le:
name: *default-initrd-name
version: *default-initrd-version
s390x:
name: *default-initrd-name
version: *default-initrd-version
x86_64:
name: *default-initrd-name
version: *default-initrd-version
Kata Linux Containers Kernel
Kata Containers 1.11.0-rc0 suggest to use the Linux kernel v5.4.32
See the kernel suggested Guest Kernel patches
See the kernel suggested Guest Kernel config
Installation
Follow the Kata installation instructions.
Issues & limitations
More information Limitations
Kata Containers 1.10.3
Kata Containers release 1.10.3
Kata Containers 1.9.7
Kata Containers release 1.9.7