mirror of
https://github.com/kata-containers/kata-containers.git
synced 2025-08-21 01:13:56 +00:00
release: Kata Containers 2.4.0-rc0
- Enhancement: fix comments/logs and delete not used function - storage: make k8s emptyDir volume creation location configurable - Implement direct-assigned volume - Bump containerd to 1.6.1 - experimentally enable vcpu hotplug and virtio-mem on arm64 in kernel part - versions: Upgrade to Cloud Hypervisor v22.0 - katatestutils: remove distro constraints - Minor fixes for the `disable_block_device_use` comments - clh: stop virtofsd if clh fails to boot up the vm - clh: tdx: Don't use sharedFS with Confidential Guests - runtime: Build golang components with extra security options - snap: Use git clone depth 1 for QEMU and dependencies - snap: Don't build cloud-hypevisor on ppc64le - build: always reset ARCH after getting it - virtcontainers: remove temp dir created for vsock in test code - docs: Add unit testing presentation - virtcontainers: Use available s390x hugepages - Update QEMU >= 6.1.0 in configure-hypervisor.sh - Fix monitor listen address - snap: clh: Re-use kata-deploy script here - osbuilder: Add CentOS Stream rootfs - runtime: Gofmt fixes - Update `confidential_guest` comments - cleanup runtime pkgs for Darwin build, add basic Darwin build/unit test - docs: Update Readme document - runtime: use Cmd.StdoutPipe instead of self-created pipe - docs: Developer-Guide build a custom Kata agent with musl - kata-agent: Fix mismatching error of cgroup and mountinfo. - runtime, config: make selinux configurable - Fix unbound variable / typo on error mesage - clh: Add TDX support - virtcontainers: Do not add a virtio-rng-ccw device - kata-monitor: fix collecting metrics for sandboxes not started through CRI - runtime: fix package declaration for ppc64le - Make the hypervisor framework not Linux specific - kata-deploy: Simplify Dockerfile and support s390x - Support nerdctl OCI hooks - shim: log events for CRI-O - docs: Update contributing link - kata-deploy: Use (kata with) qemu as the default shim-v2 binary - kata-monitor: simplify sandbox cache management and attach kubernetes POD metadata to metrics - nydus: add lazyload support for kata with clh - kernel: remove SYS_SUPPORTS_HUGETLBFS from powerpc fragments - packaging: Use `patch` for applying patches - virtcontainers: Remove duplicated assert messages in utils test code - versions: add nydus-snapshotter - docs: Update limitations document - packaging: support qemu-tdx - Kata manager fix install - versions: Linux 5.15.x - trace-forwarder/agent-ctl: run cargo fmt/clippy in make check - docs: Improve top-level README - runtime: use github.com/mdlayher/vsock@v1.1.0 - tools: Build cloud-hypervisor with "--features tdx" - virtiofsd: Use "-o announce_submounts" - feature: hugepages support - tools: clh: Allow to set when to build from sources and the build flags passed down to cargo - docs: Remove docker run and shared memory from limitations - versions: Udpate Cloud Hypervisor to 55479a64d237 - kernel: add missing config fragment for TDx - runtime: The index variable is initialized multiple times in for - scripts: fix a typo while to check build_type - versions: bump CRI-O to its 1.23 release - feature(nydusd): add nydusd support to introduce lazyload ability - docs: Fix relative links in Markdown - kernel: support TDx - device: Actually update PCIDEVICE_ environment variables for the guest - docs: Update link to EFK stack docs - runtime: support QEMU SGX - snap: update qemu version to 6.1.0 for arm - Release process related fixes - openshift-ci: switch to CentOS Stream - virtcontainers: Split the rootless package into OS specific parts - runtime: suppport split firmware - kata-deploy: for testing, make sure we use the PR branch - docs: Remove Zun documentation with kata containers - agent: Fix execute_hook() args error - workflows: stop checking revert commit84dff440release: Adapt kata-deploy for 2.4.0-rc0b257e0e5rustjail: delete function signal in BaseContainerd647b28bagent: delete meaningless FIXME comment1b34494bruntime: fix invalid comments for pkg/resourcecontrolafc567a9storage: make k8s emptyDir creation configurablee76519afruntime: small refactor to improve readability7e5f11a5vendor: Update containerd to 1.6.142771fa7runtime: don't set socket and thread for arm/virt8828ef41kernel: add arm experimental kernel build support8a9007feconfig: remove 2 config as they are removed in 5.151b6f7401kernel: add arm experimental patches to support vcpu hotplug and virtio-memf905161bruntime: mount direct-assigned block device fs only once27fb4902agent: add get volume stats handler in agentea51ef1cruntime: forward the stat and resize requests from shimv2 to kata agentc39281adruntime: update container creation to work with direct assigned volumes4e00c237agent: add grpc interface for stat and resize operationse9b5a255runtime: add stat and resize APIs to containerd-shim-v26e0090abruntime: persist direct volume mount infofa326b4eruntime: augment kata-runtime CLI to support direct-assigned volumeb8844fb8versions: Upgrade to Cloud Hypervisor v22.0af804734clh: stop virtofsd if clh fails to boot up the vm97951a2dclh: Don't use SharedFS with Confidential Guestsc30b3a9fclh: Adding a volume is not supported without SharedFSf889f1f9clh: introduce supportsSharedFS()54d27ed7clh: introduce loadVirtiofsDaemon()ae2221eaclh: introduce stopVirtiofsDaemon()e8bc26f9clh: introduce setupVirtiofsDaemon()413b3b47clh: introduce createVirtiofsDaemon()55cd0c89runtime: Build golang components with extra security options76e4f6a2Revert "hypervisors: Confidential Guests do not support Device hotplug"fa8b9392config: qemu: Fix disable_block_device_use comments9615c8bcconfig: fc: Don't expose disable_block_device_usec1fb4bb7snap: Don't build cloud-hypevisor on ppc64le58913694snap: Use git clone depth 1 for QEMU and dependenciesb27c7f40docs: Add unit testing presentatione64c54a2monitor: Listen to localhost only by defaulte6350d3dmonitor: Fix build optionsa67b93bbsnap: clh: Re-use kata-deploy script heref31125feversion: Bump cloud-hypervisor to b0324f85571c441f54d0a672subsystem: buildedf20766docs: Update Readme documenteda8ea15runtime: Gofmt fixes4afb278fci: add github action to exercise darwin build, unit testse355a718container: file is not linux specificb31876eedevice-manager: move linux-only test to a linux-only file6a5c6344resourcecontrol: SystemdCgroup check is not necessarily linux specificcc58cf69resourcecontrol: convert stats dev_t to unit64types5be188ccutils: Add darwin stubad044919virtcontainers: Convert stats dev_t to uint6456751089katautils: Use a syscall wrapper for the hook JSON state7d64ae7aruntime: Add a syscall wrapper packageabc681cakatautils: Add Darwin stub for the netNS APIde574662config: Expand confidential_guest comments641d475fconfig: clh: Use "Intel TDX" instead of just "TDX"0bafa2deconfig: clh: Mention supported TEEs81ed269eruntime: use Cmd.StdoutPipe instead of self-created pipe8edca8bbkata-agent: Fix mismatching error of cgroup and mountinfo.a9ba7c13clh: Fix typo on HotplugRemoveDevice827ab82atools: clh: Fix unbound variable082d538cruntime: make selinux configurable1103f5a4virtcontainers: Use FilesystemSharer for sharing the containers files533c1c0evirtcontainers: Keep all filesystem sharing prep code to sandbox.go61590bbdvirtcontainers: Add a Linux implementation for the FilesystemSharer03fc1cbdvirtcontainers: Add a filesystem sharing interface72434333clh: Add TDX supporta13b4d5aclh: Add firmware to the config filea8827e0chypervisors: Confidential Guests do not support NVDIMMf50ff9f7hypervisors: Confidential Guests do not support Memory hotplugdf8ffecdhypervisors: Confidential Guests do not support Device hotplug28c4c044hypervisors: Confidential Guests do not support VCPUs hotplug29ee870dclh: Add confidential_guest to the config file9621c596clh: refactor image / initrd configuration setdcdc412eclh: use common kernel params from the hypervisor code4c164afbversions: Update Cloud Hypervisor to 5343e09e7b8dbb2a65f90virtcontainers: Use available s390x hugepagescb4230e6runtime: fix package declaration for ppc64lefec26f8ekata-monitor: trivial: rename symbols & labels9fd4e551runtime: Move the resourcecontrol package one layer up823faee8virtcontainers: Rename the cgroups package0d1a7da6virtcontainers: Rename and clean the cgroup interfacead10e201virtcontainers: cgroups: Move non Linux routine to utils.god49d0b6fvirtcontainers: cgroups: Define a cgroup interface3ac52e81kata-monitor: fix updating sandbox cache at startup160bb621kata-monitor: bump version to 0.3.01a3381b0docs: Developer-Guide build a custom Kata agent with muslf6fc1621shim: log events for CRI-O1d68a08fdocs: Update contributing link9123fc09kata-deploy: Simplify Dockerfile and support s390x11220f05kata-deploy: Use (kata with) qemu as the default shim-v2 binary3175aad5virtiofs-nydus: add lazyload support for kata with clh94b831ebvirtcontainers: remove temp dir created for vsock in test code8cc1b186kernel: remove SYS_SUPPORTS_HUGETLBFS from powerpc fragments5c9d2b41packaging: Use `patch` for applying patches5b3fb6f8kernel: Build SGX as part of the vanilla kernel2c35d8cbworkflows: Stop building the experimental kernel32e7845dsnap: Build vanilla kernel for all arches27de212fruntime: Always add network endpoints from the pod netns1cee0a94virtcontainers: Remove duplicated assert messages in utils test code6c1d149adocs: Update limitations document7c4ee6ecpackaging/qemu: create no_patches file for qemu-tdxd47c488bversions: add qemu tdx section77c29bfdcontainer: Remove VFIO lazy attach handling7241d618versions: add nydus-snapshotter26b3f001virtcontainers: Split hypervisor into Linux and OS agnostic bitsfa0e9dc6virtcontainers: Make all Linux VMMs only build on Linuxc91035d0virtcontainers: Move non QEMU specific constants to hypervisor.go10ae0591virtcontainers: Move guest protection definitions to hypervisor.gob28d0274virtcontainers: Make max vCPU config less QEMU specifica5f6df6agovmm: Define the number of supported vCPUs per architecturea6b40151tools: clh: Remove unused variables5816c132tools: Build cloud-hypervisor with "--features tdx"e6060cb7versions: Linux 5.15.x9818cf71docs: Improve top-level and runtime README36c3fc12agent: support hugepages for containers81a8baa5runtime: add hugepages support7df677c0runtime: Update calculateSandboxMemory to include Hugepages Limit948a2b09tools: clh: Ensure the download binary is executable72bf5496agent: handle hook process result80e8dbf1agent: valid envs for hooks4f96e3eakatautils: Pass the nerdctl netns annotation to the OCI hooksa871a33bkatautils: Run the createRuntime hooksd9dfce14katautils: Run the preStart hook in the host namespace6be6d0a3katautils: Pass the OCI annotations back to the called OCI hooks493ebc8cutils: Update kata manager docs34b2e67dutils: Added more kata manager cli options714c9f56utils: Improve containerd configurationc464f326utils: kata-manager: Force containerd sym link creation4755d004utils: Fix unused parameter601be4e6utils: Fix containerd installationae21fcc7utils: Fix Kata tar archive checkf4d1e45cutils: Add kata-manager CLI options for kata and containerd395cff48docs: Remove docker run and shared memory from limitationse07545a2tools: clh: Allow passing down a build flag55cdef22tools: clh: Add the possibility to always build from sources3f87835autils: Switch kata manager to use getopts4bd945b6virtiofsd: Use "-o announce_submounts"37df1678build: always reset ARCH after getting it3a641b56katatestutils: remove distro constraints90fd625dversions: Udpate Cloud Hypervisor to 55479a64d237573a37b3osbuilder: Add CentOS Stream rootfsf10642c8osbuilder: Source .cargo/env before checking Rust955d359fkernel: add missing config fragment for TDx734b618cagent-ctl: run cargo fmt/clippy in make check12c37faftrace-forwarder: add make check for Rustc1ce67d9runtime: use github.com/mdlayher/vsock@v1.1.042a878e6runtime: The index variable is initialized multiple times in for1797b3ebpackaging/kernel: build TDX guest kernel98752529versions: add url and tag for tdx kernelbc8464e0packaging/kernel: add option -s option2d9f89aefeature(nydusd): add nydusd support to introduse lazyload abilityb19b6938docs: Fix relative links in Markdown9590874ddevice: Update PCIDEVICE_ environment variables for the guest7b7f426adevice: Keep host to VM PCI mapping persistently0b2bd641device: Rework update_spec_pci() to update_env_pci()982f14faruntime: support QEMU SGX40aa43f4docs: Update link to EFK stack docs54e1faecscripts: fix a typo while to check build_type07b9d93fvirtcontainer: Simplify the sandbox network creation flow2c7087ffvirtcontainers: Make all endpoints Linux only49d2cde1virtcontainers: Split network tests into generic and OS specific parts0269077evirtcontainers: Remove the netlink package dependency from network.go7fca5792virtcontainers: Unify Network endpoints management interfacec67109a2virtcontainers: Remove the Network PostAdd methode0b26443virtcontainers: Define a Network interface5e119e90virtcontainers: Rename the Network structure fields and methodsb858d0devirtcontainers: Make all Network fields private49eee79fvirtcontainers: Remove the NetworkNamespace structure844eb619virtcontainers: Have CreateVM use a Network referenced7b67a7dvirtcontainers: Network API cleanups and simplifications2edea883virtcontainers: Make the Network structure manage endpoints8f48e283virtcontainers: Expand the Network structure5ef522f7runtime: check kvm module `sev` correctly419d8134snap: update qemu version to 6.1.0 for arm00722187docs: update Release-Process.md496bc10dtools: check for yq before using it88a70d32Revert "workflows: Ensure a label change re-triggers the actions"a9bebb31openshift-ci: switch to CentOS Stream89047901kata-deploy-push: only run if PR modifying tools path7ffe9e51virtcontainers: Do not add a virtio-rng-ccw device1f29478bruntime: suppport split firmware24796d2fkata-deploy: for testing, make sure we use the PR branch1cc1c8d0docs: Remove images from Zun documentation5861e52fdocs: Remove Zun documentation with kata containers903a6a45versions: Bump critools to its 1.23 release63eb1158versions: bump CRI-O to its 1.23 release5083ae65workflows: stop checking revert commit14e7f52avirtcontainers: Split the rootless package into OS specific partsab447285kata-monitor: add kubernetes pod metadata labels to metrics834e199ekata-monitor: drop unused functions7516a8c5kata-monitor: rework the sandbox cache sync with the container managere78d80eakata-monitor: silently ignore CHMOD events on the sandboxes fse9eb34cekata-monitor: improve debug logging4fc4c76bagent: Fix execute_hook() args error Signed-off-by: Eric Ernst <eric_ernst@apple.com>
This commit is contained in:
Eric Ernst
Samuel Ortiz
parent
fbb2f0afd0
commit
ac65feeae3