Kata Containers 1.12.0-alpha0
Pre-releaseRelease 1.12.0-alpha0
agent Changes
- container oom event support
- static arp neighbors support
- security fix for CVE-2020-2023
Shortlog
b08eb7e release: Kata Containers 1.12.0-alpha0
c01192e device: Allow to use the predicted 'VmPath' when adding blk devices
a88af32 device: Do not allow container access to the nvdimm rootfs
42438f9 network: Add grpc method to add static arp neighbors
756de79 Makefile: do not use LDFLAGS to avoid environment contamination
1eb1abe channel: fix the issue of epoll_wait interrupted by signal
2aa833f agent: add grpc endpoint to retrieve oom events
proxy Changes
Shortlog
c9c4883 release: Kata Containers 1.12.0-alpha0
runtime Changes
- support OOM event reporting
- support guest static arp neighbors
- support vfio device cold plug on QEMU
- support block device hotplug on cloud-hpyervisor
- enable dax support on arm64 platform
- security fixes for CVE-2020-2023, CVE-2020-2024, CVE-2020-2025 and CVE-2020-2026
Shortlog
a3de452 release: Kata Containers 1.12.0-alpha0
c139a66 versions: update QEMU to 5.0.0
30b40f5 clh: Remove the use of deprecated '--memory file=' parameter
e02d5ef virtcontainers: print a warning when the device to append is not supported
5fccab7 virtcontainer/cgroup: create cgroup manager after creating the network
3c8c650 virtcontainers/network: Change signature of Enpoint Attach method
581ff97 drivers: change BindDevicetoVFIO signature
970ef45 device: support vfio cold plug
6532eaa device: add ColdPlug flag
26f8c14 vendor: update govmm
53a9d00 virtcontainers: Fix structured logging in cgroups package
c51baf8 shimv2: Use BUILDTAGS when building shimv2
651d5ff qemu: Fix kernel_irqchip=split option for IOMMU enabled sandbox
364435a clh: vsock: Use the updated VsockConfig
17d265a versions: Move to cloud-hypervisor v0.8.0
4ee382c qemu: Report all errors on virtiofsd execution
5a3b665 katatestutils: Use the configured virtiofs daemon path
2c34263 virtcontainers: Check the correct error variable for sandbox creation
c19daa5 qemu: Fix travis build failure for Power
5d442a2 qemu_arm64: Fix build failure
fdcd1f3 qemu: enable iommu on q35
66b54f8 qemu: support appending a vIOMMU device
401ad67 vendor: update govmm to bring iommu support
4645d3e virtiofsd: Use cache=auto
9ac3911 cli: Fix kata-env output on Power
6be76fc kata_agent: Add unit tests
5b96e01 clh: Clear the "PCIAddr" field while blk device hotplug
50c1dce kata_agent: Pass "VirtPath" with "PCIAddr" of blk devices to agent
aea29b6 kata_agent: Allow to use "VirtPath" as volume source for blk devices
e5a3211 clh: Allow add virtiofs args and cache options from config
49ebaa8 virtcontainers: drop deferred func for GetAndSetSandboxBlockIndex
379f19f qemu: Fix rtc parameter is not set to qemu
20fe3bb shimv2: check correct error variable for deferred func in service#StartShim
54e8fdb qemu: Fix Qemu binary path for Power across distros
e855d8d github: add auto comment bot
a3dec26 vc: make host shared path readonly
1d3e1ea qemu: Remove hard-coding of Qemu machine options for ppc64le
67d3e2c network: Detect and add static ARP entries
412dcbf vendor: Update agent to include AddARPNeighbors grpc method
6b32472 qemu: Remove PMU feature for Power (ppc64le) platform
e07a932 ci: Do not install virtcontainers with podman clh
f76d739 virtcontainers: GetOOMEvent should have no timeout
5e55272 clh: Set 'virtio-blk' as the default block device driver
c5f97b2 clh: Enable disk block device hotplug support
18662e1 qemu: Remove pmu limitation in nested virtualization of amd/ppc64le
41a06d4 build: Add "pmu=off" to default cpu_features option
f03c17d annotations: add cpu_features
0100af1 qemu: add cpu_features option
0b3a927 vendor: Update govmm
6c51754 clh: remove slow boot debug flags from kernel cmdline
160e3a7 clh: Remove vsock log port in kernel cmdline
e1ee00d clh: Improve hypervisor logging
882a823 virtiofsd: Improve logging
7b269ff qemu: Don't leak file descriptors in case of error
6aff077 virtcontainers: x86: Support microvm machine type
c98ef48 vendor: update govmm
bec32f6 utils: Fix case version check for stable releases
86f5810 shim: exit out of oom polling if unimplemented
b4833a4 virtcontainers: tests fix, nit fix
db28dcf shim: retrieve oom events after starting sandbox
86686b5 virtcontainers: add support for getOOMEvent agent endpoint to sandbox
ef8624b vendor: update agent
619ada2 clh: vsock: Supply the right VsockConfig to Vmconfig
9dbd929 versions: Move to cloud-hypervisor v0.7.0
3c4fe03 shm: handle shm mount backed by empty-dir memory volumes
7b5e8f6 clh: memory: remove pmem size argument
d4a9282 versions: Move to latest cloud-hypervisor
ee985a6 qemu: arm64: Set defaultGICVersion to 3 to limit the max vCPU number
4d4a153 qemu: arm64: Don't detect gic version by /proc/interrupts
d0dbd04 virtcontainers: Fix structured logging in device/config package
8d9fa47 virtcontainers: constrain runtime after creating network
017ac55 virtcontainers: update sandbox's device cgroup
1da6f22 virtcontainers: remove all the code related to HasCRIContainerType
389b374 virtcontainers: apply constraints to the sandbox cgroup
6377fc4 pkg/cgroups: update the list of devices for the hypervisor
042e7a2 pkg/cgroups: add methods to add and remove device from the cgroup
dc69d6e pkg/cgroups: implement functions to get information from a host device
eee0b09 device: add GetHostPath() to generic device
23aa94e logging: Fix structured logging in store package
868f687 versions: Remove golangci-lint and gometalinter entries
e36389e dax: enable dax on arm64
7e47046 vc: Version support check is ineffective in createSandbox
c4b5922 versions: Misc changes to descriptions
shim Changes
Shortlog
866e33c release: Kata Containers 1.12.0-alpha0
Compatibility with Docker
Kata Containers 1.12.0-alpha0 is compatible with Docker v18.06-ce
Compatibility with CRI-O
Kata Containers 1.12.0-alpha0 is compatible with CRI-O 0eec454168e381e460b3d6de07bf50bfd9b0d082
Compatibility with cri-containerd
Kata Containers 1.12.0-alpha0 is compatible with cri-contaienrd 3a4acfbc99aa976849f51a8edd4af20ead51d8d7
OCI Runtime Specification
Kata Containers 1.12.0-alpha0 support the OCI Runtime Specification v1.0.0-rc5
Compatibility with Kubernetes
Kata Containers 1.12.0-alpha0 is compatible with Kubernetes 1.17.3-00
Kata Linux Containers image
Agent version: 1.12.0-alpha0
Default Image Guest OS:
description: |
Root filesystem disk image used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/osbuilder"
architecture:
aarch64:
name: "ubuntu"
version: "latest"
ppc64le:
name: "centos"
version: "latest"
s390x:
name: "ubuntu"
version: "latest"
x86_64:
name: "clearlinux"
version: "latest"
meta:
image-type: "clearlinux"
Default Initrd Guest OS:
description: |
Root filesystem initrd used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/osbuilder"
architecture:
aarch64:
name: "alpine"
version: "3.7"
ppc64le:
name: "alpine"
version: "3.7"
s390x:
name: "alpine"
version: "3.7"
x86_64:
name: "alpine"
version: "3.7"
Kata Linux Containers Kernel
Kata Containers 1.12.0-alpha0 suggest to use the Linux kernel v5.4.32
See the kernel suggested Guest Kernel patches
See the kernel suggested Guest Kernel config
Installation
Follow the Kata installation instructions.
Issues & limitations
More information Limitations