Skip to content
This repository has been archived by the owner on May 12, 2021. It is now read-only.

# Release 1.9.0
Compare
Choose a tag to compare
@jcvenegas jcvenegas released this 23 Oct 17:38
· 871 commits to master since this release
1.9.0
8ff5bdc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Release 1.9.0 of Kata Containers includes:

  • Support for Firecracker 0.18.0, including support for virtio-vsock(https://github.com/firecracker-microvm/firecracker/blob/master/docs/vsock.md)
  • Support for OCI annotations allowing per pod custom configurations. With this, it is now possible to customize cpus, memory, kernel parameters, etc. on a per pod basis.
  • Experimental support for virtio-fs v0.3 with qemu, with nemu being deprecated.
  • Initial support for rootless Kata with podman.
  • Experimental support for ACRN hypervisor. (https://projectacrn.org/)
  • Configuration support to use pod cgroups alone, skipping cgroup creation for each container in a pod.

agent Changes

Shortlog

81ecd61 release: Kata Containers 1.9.0
6eac713 release: Kata Containers 1.9.0-rc0
95be1c3 agent: add support for logging to a vsock port
a03e23b protocols/client: improve hybrid vsock parser
6a96997 protocols/client: make schemes and hybrid vsock dialer public
e01f23c network: Add a testcase for setupDNS
d733185 network: Setup DNS for sandbox
bd0f562 protocols/client: support hybrid vsocks
4a34395 docs: Fix incorrect script reference in TRACING.md
8d682c4 release: Kata Containers 1.9.0-alpha2
b900a3f CI: Make Travis call common setup
a63ad12 release: Kata Containers 1.9.0-alpha1
545a411 mount: ensure local directory storage types have the correct permissions
006fdfe device: fix the issue of failed waiting on device appeared in /dev
f454d98 s390s: fix rootBusPath
b1a4284 travis: Fix golang version
b86f0de test: Add test to check for route-setup for interfaces from same subnet
2537235 network: While updating routes, do not delete routes with proto "kernel"
ad72fe8 agent: add support for loading kernel modules
72a50ef revert: agent: sandbox_pause should get arguments from proc
cfbd8c9 agent: sandbox_pause should get arguments from proc
b8b8dac s390x: add virtio-blk-ccw support
4ab32a9 vendor: dep check fixes
5ffb2a6 agent: make NoPivotRoot config depend on / fs type
a1c9d50 make: install depends on $(TARGET)
cf20c9b ci: Allow travis to use go install script
4354b24 tests: Add lots of new unit tests
d4a22d1 device: Allow uevent handler to be stopped
8eb2134 config: Add parseCmdlineOption test
d4f205d device: Add extra checks
faa6cb0 mount: Fix incorrect error return
2d95c36 mount: Add test for parseMountFlagsAndOptions
5163bab console: Add debug console test
d167490 sandbox: Remove redundant check
72fc0ad mount: Improve error message
c92715f tests: Add test for getMemory
cd2f994 memory: Add extra check for memory file
d0117bf release: Kata Containers 1.9.0-alpha0
7c97a0a agent: delete element of sandbox.deviceWatchers with right key
458b4aa vendor: Move to a previous version for runtime-spec vendor
32428bc vendor: update dependency opencontainers/runc

proxy Changes

Shortlog

c9f98d3 release: Kata Containers 1.9.0
8745201 release: Kata Containers 1.9.0-rc0
78bbd7e release: Kata Containers 1.9.0-alpha2
5e28640 release: Kata Containers 1.9.0-alpha1
1d7a0f1 vendor: Fix sync issue
3a5319f ci: Allow travis to use go install script
e497126 release: Kata Containers 1.9.0-alpha0

runtime Changes

Shortlog

e6f6a1c release: Kata Containers 1.9.0
b84cb5e release: Kata Containers 1.9.0-rc0
dd21046 vc/store: fix TestStoreVCNewVCSandboxStore/TestStoreVCNewVCContainerStore
6ab89e4 vc/store: fix cache factory ut
4863aa9 vc/store: reuse store
ad15631 virtiofsd: Do not use posix lock.
23a5dc7 virtiofsd: use virtiofsd --syslog
d5a3d0a virtiofs: use virtiofsd --fd=FDNUM
6ce6a26 kata_agent: use virtio-fs 0.3+ mount options
2b40b6b vendor: update kata agent
aa43e2a virtcontainers: set agent's logs vsock port
80855a8 ci: travis: allow ppc64le failures
c3abd51 config: Fix virtio-fs typo in Makefile
aa6a16c Hypervisor: UUID fix for acrn hypevisor
8f6b0a6 virtcontainers: change firecracker socket permissions
8f70643 tests: Remove hardcoded annotation value.
e7b9c36 tests: Add tests for annotations.
09129c1 config: Define minimum memory requirement
8405b56 annotations: add Annotations for the agent.
5b78a8a annotations: Add annotations for runtime config
afb91c2 annotations: Add annotations to support additional configurations
845bf73 annotations: Support annotations to customise kata config
30d0b7a annotations: Add missing firmware and hashes to asset annotations
46b6815 annotations: Change existing annotations to fit a new format
312f3e7 virtcontainers/fc: implement remove device
7e9cc56 virtcontainers/fc: improve create disk pool process
07932d5 virtcontainers/fc: add logs and improve others to make debugging easier
ed7240b virtcontainers: move device operations to a more generic place
e93bf96 network: Add tuntap device
c8dd92d dep: update vendor packages for netlink commit
41407cf vc: make cgroup usage configurable if rootless
5f0799f vc: add rootless dir to path variables
cdd6f7e katautils: update paths to be configurable for rootless execution
2d8b278 rootless: add rootless logic
8b843c5 QEMU: do not require nvdimm machine option with initrd
c152ebf s390x: Fix runtime build for s390x
bc3c07b versions: Update kernel to 4.19.75
b1909e8 config: fix virtiofsd name
84ead98 config: add configuration-qemu-virtio-fs.toml to gitignore
443e657 config: honor DEFSHAREDFS_QEMU_VIRTIOFS and CONFIG_QEMU_VIRTIOFS_IN
3d0949d virtcontainers: check minimum supported version of firecracker
8680db6 versions: update firecracker to the version 0.18.0
123ba13 vendor: update kata agent
5ac6e9a virtcontainers: make socket generation hypervisor specific
f2f0923 virtcontainers: rename kataVSOCK type and move it into the types package
f42dd7d virtcontainers/fc: Add support for hybrid vsocks
2c4cf39 virtcontainers/fc: bump firecracker experimental version
bb87b44 virtcontainers/fc: Add logger to the http transport
880bb2b virtcontainers: introducing HybridVSock type
2a8af23 virtcontainers: Make fc.go fit the new API
67ce728 virtcontainers: Update firecracker swagger API
1f93cff virtcontainers: fix the issue of missing qemu error logs
cdb1b5c cli: Fix the qemu-virtiofs.toml
7fa0a72 s390x: Share image between qemu instances
7965baa vendor: update govmm
c81db9c sandbox: The unit of newMemory is MB
4134571 config: do not use nemu variable for qemu-virtiofs configuration
97fe749 config: use 9p as default shared filesystem for nemu
2ed94cb Config: Remove ConfigJSONKey from annotations
324952c configuration: Add QEMU with virtiofs 3.0 support
82c2773 kernel: update to v4.19.73
7a3e7ef release: Kata Containers 1.9.0-alpha2
bca37c3 version: Add QEMU and kernel with virtiofs 3.0
da4d89b vendor: upgrade vendor ttrpc
07630b5 virtcontainers: Set sandbox dns in sandbox request
2faece3 s390x: Add appendImage function to qemu_s390x.go
e3f92fe virtcontainer: add error return code
a0e09df s390x: add appendVSock with devno
6b2a90a virtcontainer: rename appendVSockPCI
7c4e479 vc: Remove bind destination when unmounting
712e06a virtio-fs: add virtio_fs_extra_args for virtiofsd
b62814a sandbox: combine sandbox cgroup functions
9fc7246 sandbox: delete cgroup for SandboxOnly option
3fc6f4b sandbox: add containers, do not get cgroup path
074418f sandbox: Join cgroup sandbox on create.
2fcb8bb container: SandboxCgroupOnly: no host cgroups.
b650632 config: add option SandboxCgroupOnly
5a17d67 cgroups: container: check cgroup path before use it
f45b2d9 cgroups: quote some paths on errors.
6fdbef4 sandbox: Rename constrainHypervisor
caac68c sandbox: cgroup: prefix cgroup related methods
529ec25 sandbox: cgroups: move methods to sandbox file
d804c39 cgroups: container: rename functions
f71a1ef kernel: update to 4.19.71
d512158 hypervisor: Fix MacVTap internetworking support in ACRN
9507f45 CompatOCISpec: limit usage of CompatOCISpec
b075b5c s390x: add virtio-blk-ccw
d627585 virtcontainers: add devno
7eec670 virtcontainers: create generic function
e99739f ccw: add ccw type as bridge
23e6073 virtcontainers: Move bridge var in qemu type
9188774 bridges: abstraction of bridge type
f128195 release: Kata Containers 1.9.0-alpha1
611a860 kubernetes: update kubernetes for AArch64
8cf0f06 vsock: set VHOST_VSOCK_SET_GUEST_CID based based on arch
ff8d23d tests: allow running unit tests using podman
a5f1744 vc: Delete store when new/create container is failed
c8e5659 virtcontainers: fix kernel modules annotations
ba3d3da vendor: update govmm
5bfca6e test: add arch required kernel modules
db50978 kata-check: require kvm/vhost modules for amd64
c54f00a kata-check: reduce default output verbosity
24fcd1b test: add a generic function for CLI kata-check command
4cf0703 v2: Prevent killing all container processes when exec is failed
c91556a api: add a CleanupContainer api for VC
4a28b52 test: add test for network metric
dc38ba7 test: fix cgroup mock test
6534357 shim-v2: add network stat in metric
21698aa vendor: update cgroup
50d4188 qemu: fix error message miss
52e68f5 virtcontainers: cleanup the container config once failed
5b749a5 virtcontainers: remove the redundant sandbox config store
88e281c monitor: enlarge watch buffer
0075bf8 hypervisor: allow to return a slice of pids
0926c8d virtcontainers: Fix the issue of watching console for firecracker
4deeb05 versions: update version of qemu to 4.1.0
e7457e6 qemu: add logfile when debug is on
aebc496 qemu: fix memory prealloc option handling
6c77d76 qemu: check guest status with qmp query-status
5b50b34 shimv2: cancel monitor before stopping sandbox
49184ee vendor: update govmm
31ddb4d virtcontainers: add watchconsole for no_proxy type
b58ab66 qemu: do not try to stop qemu multiple times
d90eba8 network: always cold unplug network devices
d26ff71 Revert: "sandbox: remove network before stopping vm"
debc7d9 agent: add default timeout for grpc requests
9d4050e container: do not pause a StateReady container
794e08e sandbox: remove network before stopping vm
e467293 virtcontainers: fix hotplug pci devices execeed max capacity bug
3fc17e9 vsock: Propogate error for vsock ioctl
604e1ab versions: kernel: update to 4.19.65
df7cf77 network: Ignore routes with proto as "kernel"
565f14f acrn: Change the default network model for ACRN to macvtap
2c99b95 network: Deprecate bridged networking mode.
50c3e56 network: fix failed to remove network
355b9c0 virtcontainers: add support for loading kernel modules
979f064 vendor: update kata agent
2058751 shim-v2: fix shim leak when hypervisor exit unexpectly
a9168a3 virtiofs: wait for virtiofsd process to release its resources
0832294 pkg/katautils: Do not set init in the kernel command line
6e1e6a2 virtiofs: fix virtiofs crash when cache=none
263fb64 acrn: Add toml to gitignore
0d0a84e versions: Upgrade to k8s 1.15
7668aeb virtcontainers: support SMP die
104c04d vendor: update govmm
50e263d qemu: support vfio pass x-pci-vendor-id and x-pci-device-id pass
2cf4189 vendor: update github.com/intel/govmm
e41a6b9 vendor: Update vendor directories
95e8a7a dep: Remove nested vendor directories
3063391 ut: skip TestBindUnmountContainerRootfsENOENTNotError for non-root
c4583f4 ut: skip TestStartNetworkMonitor for non-root
f3d0978 persist: improve readability
3bfbbd6 persist: merge "network.json"
99cf3f8 persist: merge "agent.json"
7d5e48f persist: manage "hypervisor.json" with new store
d5d7d82 vc: move container mount cleanup to container.go
e02f6dc shimv2: monitor sandbox liveness
262484d monitor: watch hypervisor
67c401c agent: use hypervisor pid as backup proxy pid for non-kata proxy cases
835b6e9 sandbox: do not fail SIGKILL
bc4460e sandbox: support force stop
4130913 agent: mark agent dead when failing to connect
c472a01 container: allow to stop a paused container
f886c0b vc: drop container SetPid API
f2423e7 virtcontainers: convert virtcontainers tests to testify/assert
f2e6a31 ci: Allow travis to use go install script
f28de59 release: Kata Containers 1.9.0-alpha0
d14968b qemu: use x-ignore-shared to implement vm template
d392b22 virtiofs: Allow memory hotplug with virtiofs
4fed346 Firecracker: Enable jailer by default
78ea50c virtcontainers: Jailer: Add jailer support for firecracker
050f8e9 runtime: Disable disable-modern for virtio QMP add
3e4989d vendor: update govmm and match code
98a6973 virtcontainers: Add ACRN unit test cases
f246a79 virtcontainers: Add support for updating virtio-blk based container rootfs
d9a4157 virtcontainers: Add support for launching/managing ACRN based VMs
828e0a2 pkg/katautils: Add support for ACRN hypervisor config
adcac93 kata-check: Check and validate type-1 hypervisor for kata
4d26cee Make: Add ACRN hypervisor and generate configuration file
bdd8947 versions: add crictl version which is compatible with OpenShift
098501a versions: update CRI-O to v1.14.6
4968438 tests: Fix fork/exec test error
fcf9f9f test: Fix fd leak causing test error
5182a25 ci: Verify and block merge if other projects are not updated
da7f5f3 shimv2: Add missing page size to Hugetlb Stat

shim Changes

Shortlog

aecd26c release: Kata Containers 1.9.0
6ee541f release: Kata Containers 1.9.0-rc0
6aa2d82 vendor: update kata agent
5189642 shim/firecracker: Read agent's logs
ed10c9b vendor: update kata agent
153d74a release: Kata Containers 1.9.0-alpha2
6ec334a release: Kata Containers 1.9.0-alpha1
351ef95 vendor: Manually edit Gopkg.lock
728d0e5 vendor: Fix remaining out of sync dependency
b67e899 vendor: Fix out of sync vendor issue
e6c7cda ci: Allow travis to use go install script
68b467a release: Kata Containers 1.9.0-alpha0

Compatibility with Docker

Kata Containers 1.9.0 is compatible with Docker v18.06-ce

Compatibility with CRI-O

Kata Containers 1.9.0 is compatible with CRI-O v1.15.0

Compatibility with cri-containerd

Kata Containers 1.9.0 is compatible with cri-contaienrd 1.2.7

OCI Runtime Specification

Kata Containers 1.9.0 support the OCI Runtime Specification v1.0.0-rc5

Compatibility with Kubernetes

Kata Containers 1.9.0 is compatible with Kubernetes 1.15.3-00

Kata Linux Containers image

Agent version: 1.9.0

Default Image Guest OS:

description: |
Root filesystem disk image used to boot the guest virtual
machine.
url: https://github.com/kata-containers/osbuilder
architecture:
aarch64:
name: fedora
version: latest
ppc64le:
name: centos
version: latest
s390x:
name: ubuntu
version: latest
x86_64:
name: clearlinux
version: latest
meta:
image-type: clearlinux

Default Initrd Guest OS:

description: |
Root filesystem initrd used to boot the guest virtual
machine.
url: https://github.com/kata-containers/osbuilder
architecture:
aarch64:
name: alpine
version: "3.7"
ppc64le:
name: alpine
version: "3.7"
s390x:
name: alpine
version: "3.7"
x86_64:
name: alpine
version: "3.7"

Kata Linux Containers Kernel

Kata Containers 1.9.0 suggest to use the Linux kernel v4.19.75
See the kernel suggested Guest Kernel patches
See the kernel suggested Guest Kernel config

Installation

Follow the Kata installation instructions.

Issues & limitations

virtio-fs issues:

  • running dnf update or yum update in a kata-container using virtiofs may hang the container. See: kata-containers/tests#2008
  • there is also a performance issues reported. See: #2138

both issues are being investigated.

More information Limitations

Assets 3
Loading