github/confidential-containers
1
0
Fork 0
mirror of https://github.com/confidential-containers/confidential-containers.git synced 2025-10-21 15:31:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c771c13f068dd6c660fa78ea9bac9c2d17c4bce0
confidential-containers/releases/v0.9.0.md
Tobin Feldman-Fitzthum 6ef8992bc0 releases: fix dead links in release notes 
Our link checker is having problems with GH redirects, so let's update
these links to point to the right place (even for the old releases).

Signed-off-by: Tobin Feldman-Fitzthum <tobin@ibm.com>
2025-01-23 13:04:01 -05:00

95 lines
4.1 KiB
Markdown
Raw Blame History

# Release Notes for v0.9.0
Release Date: July 26th, 2024
This release is based on [3.7.0](https://github.com/kata-containers/kata-containers/releases/tag/3.7.0) of Kata Containers
and [v0.9.1](https://github.com/confidential-containers/enclave-cc/releases/tag/v0.9.1) of enclave-cc.
This is the first non-alpha release of Confidential Containers to be based on the main branch of Kata Containers.
This release does not have complete parity with releases based on CCv0, but it supports most features.
See the limitations section for more details.
Please see the [quickstart guide](../quickstart.md) for details on how to try out Confidential
Containers.
Please refer to our [Acronyms](https://github.com/confidential-containers/documentation/wiki/Acronyms)
and [Glossary](https://github.com/confidential-containers/documentation/wiki/Glossary) pages for
definitions of the acronyms used in this document.
## What's new
* Attestation is supported on SEV-SNP and IBM SE
* Encrypted container images are supported
* Authenticated registries are supported
* Pods with init containers can be run wth Nydus
* Sealed secrets (as environment variables) are supported
## Hardware Support
Attestation is supported and tested on three platforms: Intel TDX, AMD SEV-SNP, and IBM SE.
Not all feature have been tested on every platform, but those based on attestation
are expected to work on the platforms above.
Make sure your host platform is compatible with the hypervisor and guest kernel
provisioned by coco.
This release has been tested on the following stacks:
### AMD SEV-SNP
* Processor: AMD EPYC 7413
* Kernel: [6.8.0-rc5-next-20240221-snp-host-cc2568386](https://github.com/confidential-containers/linux/tree/amd-snp-host-202402240000)
* OS: Ubuntu 22.04.4 LTS
* k8s: v1.24.0 (Kubeadm)
* Kustomize: v4.5.4
### Intel TDX
* Kernel: [6.8.0-1004-intel](https://git.launchpad.net/~kobuk-team/ubuntu/+source/linux-intel/tree/?h=noble-main-next)
* OS: Ubuntu 24.04 LTS
* k8s: v1.30.2 (Kubeadm)
* Kustomize: v5.0.4-0.20230601165947-6ce0bf390ce3
### Secure Execution on IBM zSystems (s390x) running LinuxONE
* Hardware: IBM Z16 LPAR
* Kernel: 5.15.0-113-generic
* OS: Ubuntu 22.04.1 LTS
* k8s: v1.28.4 (k3s)
* Kustomize: v5.3.0
## Limitations
The following are known limitations of this release:
* Signed images are not yet supported.
* Secure storage is not yet supported.
* SEV(-ES) does not support attestation.
* Sealed secrets only supports secrets in environment variables.
* Credentials for authenticated registries are exposed to the host.
* Not all features are tested on all platforms.
* Nydus snapshotter support is not mature.
* Nydus snapshotter sometimes fails to pull an image.
* Host pulling with Nydus snapshotter is not yet enabled.
* Nydus snapshotter is not supported with enclave-cc.
* Pulling container images inside guest may have negative performance implications including greater resource usage and slower startup.
* `crio` support is still evolving.
* Platform support is rapidly changing
* SELinux is not supported on the host and must be set to permissive if in use.
* Complete integration with Kubernetes is still in progress.
* Existing APIs do not fully support the CoCo security and threat model. [More info](https://github.com/confidential-containers/confidential-containers/issues/53)
* Some commands accessing confidential data, such as `kubectl exec`, may either fail to work, or incorrectly expose information to the host
* The CoCo community aspires to adopting open source security best practices, but not all practices are adopted yet.
* We track our status with the OpenSSF Best Practices Badge, which remained at 75% at the time of this release.
* Community has adopted a security reporting protocol, but application and documentation of static and dynamic analysis still needed.
* Container metadata such as environment variables are not measured.
* The Kata Agent allows the host to call several dangerous endpoints
* Kata Agent does not validate mount requests. A malicious host might be able to mount a shared filesystem into the PodVM.
* Policy can be used to block endpoints, but it is not yet tied to the hardware evidence.
## CVE Fixes
None
Reference in New Issue View Git Blame Copy Permalink