mirror of
https://github.com/confidential-containers/confidential-containers.git
synced 2025-09-19 01:48:36 +00:00
Release: v0.10.0 release notes
Signed-off-by: Chris Porter <cporterbox@gmail.com>
This commit is contained in:
Chris Porter
committed by
Tobin Feldman-Fitzthum
Tobin Feldman-Fitzthum
parent
06c81daa12
commit
89fcc4ddcd
92
releases/v0.10.0.md
Normal file
92
releases/v0.10.0.md
Normal file
@@ -0,0 +1,92 @@
|
||||
# Release Notes for v0.10.0
|
||||
|
||||
Release Date: September 27th, 2024
|
||||
|
||||
This release is based on [3.9.0](https://github.com/kata-containers/kata-containers/releases/tag/3.9.0) of Kata Containers
|
||||
and [v0.10.0](https://github.com/confidential-containers/enclave-cc/releases/tag/v0.10.0) of enclave-cc.
|
||||
|
||||
This is the first release of Confidential Containers which has feature parity with CCv0.
|
||||
|
||||
Please see the [quickstart guide](../quickstart.md) for details on how to try out Confidential
|
||||
Containers.
|
||||
|
||||
Please refer to our [Acronyms](https://github.com/confidential-containers/documentation/wiki/Acronyms)
|
||||
and [Glossary](https://github.com/confidential-containers/documentation/wiki/Glossary) pages for
|
||||
definitions of the acronyms used in this document.
|
||||
|
||||
## What's new
|
||||
|
||||
* Support to pull and verify `cosign`-signed images
|
||||
* Trusted image storage on guest
|
||||
* Support Intel Tiber Trust Services as the verifier with Trustee for both Kata bare metal and peer-pods deployments
|
||||
* Init-data support for peer pods
|
||||
* Image-rs support for whiteouts and for layers with hard-link filenames over 100 characters
|
||||
* enclave-cc updated to Ubuntu 22.04 based runtime instance
|
||||
|
||||
## Hardware Support
|
||||
|
||||
Attestation is supported and tested on three platforms: Intel TDX, AMD SEV-SNP, and IBM SE.
|
||||
Not all feature have been tested on every platform, but those based on attestation
|
||||
are expected to work on the platforms above.
|
||||
|
||||
Make sure your host platform is compatible with the hypervisor and guest kernel
|
||||
provisioned by coco.
|
||||
|
||||
This release has been tested on the following stacks:
|
||||
|
||||
### AMD SEV-SNP
|
||||
|
||||
* Processor: AMD EPYC 7413
|
||||
* Kernel: [6.8.0-rc5-next-20240221-snp-host-cc2568386](https://github.com/confidential-containers/linux/tree/amd-snp-host-202402240000)
|
||||
* OS: Ubuntu 22.04.4 LTS
|
||||
* k8s: v1.30.1 (Kubeadm)
|
||||
* Kustomize: v4.5.4
|
||||
|
||||
### Intel TDX
|
||||
|
||||
* Kernel: [6.8.0-1004-intel](https://git.launchpad.net/~kobuk-team/ubuntu/+source/linux-intel/tree/?h=noble-main-next)
|
||||
* OS: Ubuntu 24.04 LTS
|
||||
* k8s: v1.30.2 (Kubeadm)
|
||||
* Kustomize: v5.0.4-0.20230601165947-6ce0bf390ce3
|
||||
|
||||
### Secure Execution on IBM zSystems (s390x) running LinuxONE
|
||||
|
||||
* Hardware: IBM Z16 LPAR
|
||||
* Kernel: 5.15.0-113-generic
|
||||
* OS: Ubuntu 22.04.1 LTS
|
||||
* k8s: v1.28.4 (k3s)
|
||||
* Kustomize: v5.3.0
|
||||
|
||||
## Limitations
|
||||
|
||||
The following are known limitations of this release:
|
||||
|
||||
* SEV(-ES) does not support attestation.
|
||||
* Sealed secrets only supports secrets in environment variables.
|
||||
* Credentials for authenticated registries are exposed to the host.
|
||||
* Not all features are tested on all platforms.
|
||||
* Nydus snapshotter support is not mature.
|
||||
* Nydus snapshotter sometimes fails to pull an image.
|
||||
* Host pulling with Nydus snapshotter is not yet enabled.
|
||||
* Nydus snapshotter is not supported with enclave-cc.
|
||||
* Pulling container images inside guest may have negative performance implications including greater resource usage and slower startup.
|
||||
* `crio` support is still evolving.
|
||||
* Platform support is rapidly changing
|
||||
* SELinux is not supported on the host and must be set to permissive if in use.
|
||||
* Complete integration with Kubernetes is still in progress.
|
||||
* Existing APIs do not fully support the CoCo security and threat model. [More info](https://github.com/confidential-containers/community/issues/53)
|
||||
* Some commands accessing confidential data, such as `kubectl exec`, may either fail to work, or incorrectly expose information to the host
|
||||
* The CoCo community aspires to adopting open source security best practices, but not all practices are adopted yet.
|
||||
* We track our status with the OpenSSF Best Practices Badge, which remained at 75% at the time of this release.
|
||||
* Community has adopted a security reporting protocol. The status of this is:
|
||||
* The operator now uses CodeQL for static scans, and it will be added for all other Go-based repositories in the next release.
|
||||
* Dependencies are now better handled with automatic updates using dependabot.
|
||||
* Static scan for Rust-based repos will be "N/A".
|
||||
* Container metadata such as environment variables are not measured.
|
||||
* The Kata Agent allows the host to call several dangerous endpoints
|
||||
* Kata Agent does not validate mount requests. A malicious host might be able to mount a shared filesystem into the PodVM.
|
||||
* Policy can be used to block endpoints, but it is not yet tied to the hardware evidence.
|
||||
|
||||
## CVE Fixes
|
||||
|
||||
None
|
||||
Reference in New Issue
Block a user