Skip to content

Kata Containers 3.2.0
Compare
Choose a tag to compare
@fidencio fidencio released this 23 Oct 17:49
· 3984 commits to main since this release
3.2.0
This tag was signed with the committer’s verified signature.
fidencio Fabiano Fidêncio
GPG key ID: EE926C2BDACC177B
Verified
Learn about vigilant mode.
45687e3
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Release 3.2.0

kata-containers Changes

The biggest change in 3.2.0 is the conversion of CI to GitHub actions as in the main development branch. This is part of the initiative to deprecate the test repository and to stop using Jenkins for CI.

Shortlog

224ae84 release: Kata Containers 3.2.0
2cda69b release: Adapt kata-deploy for 3.2.0
305e603 actions: Move all the checkout actions to v4
52a985e release: Always use actions/checkout to ensure we're in a git repo
dc0fe5d actions: release: Use GH cli instead of hub
93c7d16 ci: k8s: Fix bogus firecracker check in k8s-credentials-secrets.bat
12b8cbb tests: Adjust timeout for agent stability test
37c99a4 tests: Enable agent stability test
92f283f runtime: Validate hypervisor section name in config file
8cf5506 metrics: fixes common.sh function to always return true
544f261 metrics: skips docker restart when it is not installed or is masked.
26c6ca9 metrics: removing trailing comma characters from json file.
0e0aabf metrics: removal of reference in the documentation to the dax test.
5d911db tests: Remove unused function from scability test
a380437 tests: Fix path for versions yaml for soak parallel test
4495a79 tests: Enable scability test for stability CI
961daee scripts: Use install_yq from the kata-containers repo
9b48525 release: tag_repos: Stop tagging / updating the tests repo
668c897 runtime: fix reading cgroup stats of sandboxes
11e2f2a versions: Bump virtiofsd to v1.8.0
9eb8723 clh: arm: Use static_sandbox_resource_mgmt=true
e7579d2 runtime/qemu: Rework QMP/HMP support
f0278f4 runtime/virtiofsd: Drop all references to "--cache=none"
4679aa7 runtime/qemu: Pass "--xattr" to virtiofsd instead of "-o xattr"
03d712a runtime: Allow virtio_fs_extra_args annotation
e051309 runtime/vc: runPrestartHooks should ignore GetHypervisorPid failure
c17cbd3 runtime: fail early when starting docker container with FC
7e6f801 runtime: run prestart hooks before starting VM for FC
fa824af qemu: tdx: Workaround SMP issue with TDX 1.5
07471cd qemu: tdx: Adapt to the TDX 1.5 stack
2f28866 versions: tdx: Update Kernel to 6.2 + TDX
a36064c versions: tdx: Update TDVF to the "edk2-stable202302"
65e0b99 versions: tdx: Update QEMU to v7.2 + TDX v1.10
9ce8ee6 runtime/fc: fix image/initrd annotation handling
f86bfe0 runtime/clh: fix image/initrd annotation handling
59fae42 runtime/qemu: fix image/initrd annotation handling
ef65c57 kata-agent: use default filemode for block device when it is set to 0
93609aa deps: Bump dependent crate versions
7ff98da gha: Add install dependencies for stability tests
ef49db5 gha: Add general dependencies to stability tests
a818f62 tests: Add soak parallel stability test
602c56c tests: Enable soak parallel test
a195539 ci: k8s: set KUBERNETES default value
c4456c2 tests: run k8s-volume on a given node
58ad833 tests: run k8s-file-volume on a given node
a54bdd0 tests: exec_host() now gets the node name
0eaf81c tests: add get_one_kata_node() to tests_common.sh
5f2c7c7 ci: k8s: set KATA_HYPERVISOR default value
7fceb21 ci: k8s: configurable deploy kata timeout
c4b0f1f ci: k8s: shellcheck fixes to gha-run.sh
6fb40ad kata-deploy: re-format kata-[deploy|cleanup].yaml
5cd2e94 ci: k8s: run_tests() for kcli
56cebfb ci: k8s: add deploy-kata-kcli() to gh-run.sh
6b76d21 ci: k8s: add cleanup-kcli() to gha-run.sh
308ce26 ci: k8s: set default image for deploy_kata()
c3b91ed ci: k8s: create k8s clusters with kcli
33791f0 metrics: stops kata components and k8s deployment when test finishes
621e6e6 gha: combine coco jobs into a single yaml
fe52c09 gha: combine basic amd64 jobs into a single yaml
301a7d9 gha: ci: Revert tracing test PR to unbreak CI
c1da29b ci: Port runk tests to this repo
63be808 ci: Add placeholder for runk tests
6541969 ci: Move tracing tests here
5d232c8 ci: Add placeholder for tracing tests
619ef16 ci: Create a function to install docker
16e31dd metrics: Use jq tool to pretty-print json metrics output
1f9a4e9 metrics: Enables FIO test for kata containers
fe4f72e gha: Add containerd stability tests to ci yaml
7963298 gha: Add stability gha run script
a4e0929 gha: Add stability tests workflow for gha
be3a3c2 gha: arm64: Ensure the builder is arm64-builder
f20164d packaging: tools: Remove set -x leftover
1941d87 packaging: release: Mention newly added images
95da1c7 packaging: tools: Fix container image env var name
508016f packaging: Allow passing the TOOLS_CONTAINER_BUILDER
bb1efe0 packaging: stable-3.2: Remove everything related to agent policy
892c9f2 gha: Build the kata-agent as part of our workflows
a586b8c packaging: Build the kata-agent
766a5fa agent: Allow specifying DESTDIR and AGENT_POLICY via env vars
050a426 packaging: Add get_agent_image_name()
3770b20 gha: Fix k0s deployment
cf254bc tests: Add general stability fixes
1edf2d9 tests: Add agent stability test
a8eec39 tests: Add cassandra stress in stability tests
240c584 tests: Add stressng dockerfile for stability tests
e95d3b1 tests: Add stressor CPU test for stability tests
4393f55 metrics: Add stability test for kata CI
362adea metrics: Fix general check static warnings
16c349e docs: Update url in kata vra document
5800be5 ci: Build src/tools components as part of our tests / releases
41b509e kata-deploy: Build components from src/tools
a5d7ba6 static-build: Add scripts to build content from src/tools
d503daf packaging: Add get_tools_image_name()
b2e432c packaging: Use git abbreviated hash
c22fdb4 metrics: Increase qemu jitter value
8a1af86 metrics: Increase jitter value for clh
f3fcf6c metrics: Add checkmetrics for latency test
ce03e9f metrics: Add qemu latency value limit
cd82a35 metrics: Add latency value limits for kata CI
1709f99 ci: kata-monitor: Move tests over
a50c7f1 ci: Add placeholder for kata-monitor tests
c42d196 ci: Make install_kata aware of container engines
5017435 ci: Create a generic install_crio function
98e9434 ci: Add install_cni_plugins helper
c61b488 ci: Modify containerd default config
7c4617c metrics: Add init_env function to latency test
e106ecd metrics: Fix latency yamls path
665805c metrics: Fix spelling warnings
b0c9b42 metrics: Fix metrics README
c28a0a0 metrics: Fix C-Ray documentation
48a9b4a ci: crio: Trail '\r' from exec_host() output
2de1c8b ci: crio: Enable default capabilities
d1d3c7c kata-deploy: Fix CRI-O detection
0de3216 kata-deploy: Add k0s support
468a321 ci: crio: Pass -y to apt
3f2780f metrics: Add latency benchmark for gha
73a084a metrics: Enable latency test in gha run script
cf3abd3 local-build: Fix .docker ownership before build-payload
8b607ff gha: Add pandoc as a dependency for static checks
6a9384e gha: Install hunspell for static checks
a11e886 ci: Trigger payload-after-push on workflow_dispatch
390bde3 ci: Actually enable the CRI-O tests
f2953e6 ci: k8s: rke2: Use sudo to call systemd
08bdb6b ci: k8s: Add a CRI-O test
b41fa6d ci: k8s: Add a method to install CRI-O
67fef9d ci: k8s: k0s: Allow passing parameters to the k0s installer
2c3f130 ci: kata-deploy: Fix runner name
7a8d848 ci: Enable kata-deploy tests for all the supported k8s flavours
7fc2f7d ci: kata-deploy: Add the ability to deploy rke2
59a4b00 ci: kata-deploy: Add the ability to deploy k0s
1a605c3 ci: kata-deploy: Add deploy-k8s argument to gha-run.sh
19ee6c9 ci: kata-deploy: Expland tests to run on k0s / rke2
03a8bed ci: kata-deploy: Add placeholder for tests on GARM
f09c255 ci: kata-deploy: Export KUBERNETES env var
abe9dc9 ci: Move deploy_k8s() to gha-run-k8s-common.sh
ea64896 ci: Properly set K8S_TEST_UNION
7892e04 ci: Add first letter of the K8S_TEST_HOST_TYPE to resource group name
882d7d7 ci: Create clusters in individual resource groups
b09a3f8 metrics: Add parallel bandwidth limit for qemu
63e8c38 metrics: Enable parallel bandwidth iperf limit
f3c42ff nydus: Temporarily skip tests on dragonball
49c1a37 nydus: Use kata-${KATA_HYPERVISOR} instead of kata
ae55c0b static-build: Fix arch error on nydus build
65e5bfe tests: nydus: Update nydus tests
079ab1e versions: Bump nydus and nydus-snapshotter to its latest release
d9e9107 gha: nydus: Populate run()
33a4427 gha: nydus: Populate install_dependencies()
70c1c7d gha: nydus: Actually install kata when install-kata is called
30efa3e gha: nydus: Get rid of nydus{,-snapshotter} install from nydus_test.sh
9ad6000 tests: nydus: Add timeout to the crictl calls
6d9b8e2 tests: nydus: Add uid / namespace to the nydus container / sandbox
fd5935d tests: nydus: Decorate some calls with sudo
4b58777 tests: nydus: Adapt "source ..." to GHA
82c5319 tests: nydus: Adapt check to "clh" instead "cloud-hypervisor"
4915605 tests: common: Add install_nydus_snapshotter()
8e4180f tests: common: Add install_nydus()
625a05a ci: static-checks: Clean up static-checks job
9784ded ci: static-checks: Run tests depending on KVM
668b7ef ci: static-checks: Move "sudo make test" to the new test matrix
4b660a4 ci: static-checks: Move "make test" to the new test matrix
9e614ce runtime-rs: Ensure static-checks-build is a dep of make test
d5d21f4 kata-ctl: Use loop instead of kvm module in tests
9357738 kata-ctl: Ensure GENERATED_CODE is a dep of make test
93440dc agent: Ensure GENERATED_CODE is a dep of make test
d269f09 ci: install_libseccomp: Do not depend on the tests repo
bb92017 ci: static-checks: Move "make check" to the new test matrix
d6996d0 kata-ctl: Add kata-types to the Cargo.lock file
a62e18b kata-ctl: Ensure GENERATED_CODE is a dep of make check
cd6ab3c tests: install_rust: Also install clippy
d288e1a ci: static-checks: Move vendor check to its own job
755057c tests: Move install_rust.sh from the tests repo
d3a04b7 tests: install_go: Remove tests repo dependency
c18c412 tests: Move functions from kata_arch script here
bb8d1be ci: static-checks: Move kernel config check to its own job
7c4a0f7 ci: Use variable size of VMs depending on the tests running
7019a25 ci: cache: Fix ovmf-sev cache
dc9f2c2 ci: cache: Check the sha256sum of the component
a55c082 ci: cache: Remove the script used to cache artefacts on Jenkins
e464bbf ci: cache: Also store the ${component} sha256sum
b5da4ce ci: cache: Use the cached artefacts from ORAS
2f28065 ci: k8s: Temporarily disable tests that require a bigger VM instance
f160eff ci: cache: Push cached artefacts to ghcr.io
6f8ded3 kata-deploy: Generate latest_{artefact,image_builder} files
0210db6 ci: cache: Install ORAS in the kata-deploy binaries builder container
27dd774 ci: k8s: devmapper: Use a smaller / cheaper VM instance
3b64c8d ci: nydus: Use a smaller / cheaper VM instance
0385704 ci: nerdctl: Use a smaller / cheaper VM instance
301edcb ci: docker: Use a smaller / cheaper VM instance
594fcdc ci: cri-containerd: Use a smaller / cheaper VM instance
fa9dd46 ci: k8s: Don't set cpu limit request for k8s-inotofy test
767ccb1 ci: Reduce the size of the AKS VMs
054895f ci: cache: For consistency, read all used env vars
5e22a30 ci: cache: Pass the exposed env vars to the kata-deploy binaries in docker
bda0354 ci: cache: Export env vars needed to use ORAS
c78f740 metrics: Add iperf cpu utilization limit for qemu
73e989c metrics: Add iperf value for cpu utilization
1c32b31 tests: Apply timeout to 'ctr t kill'
1d78871 tests/vfio: Bump VM image to Fedora 38
b40a426 tests/vfio: Accept single device in vfio group for CLH
82a0225 tests/vfio: Get rid of sync's
a1aed0c gha: vfio: Set test timeout to 15m
32be55a packaging: kernel: Enable VIRTIO_IOMMU on x86_64
3b5c5bc runtime: clh: Support enabling iommu
a0f5982 tests/vfio: Give commands 30s to execute
65943d5 tests/vfio: Configure a value for 'hot_plug_vfio' for both vmms
18a8b8d runtime: Remove redundant check in checkPCIeConfig
d86af59 runtime: Add test cases for checkPCIeConfig
0a918d0 runtime: Check config for supported CLH (cold|hot)_plug_vfio values
86201ac runtime: clh: Add hot_plug_vfio entry to config
01265fb tests/vfio: Gather debug info and disable tdp_mmu
44f37f6 tests/vfio: Capture journal from vm
a69d0d1 tests/vfio: Change to get the test working in GHA
e90027f tests/vfio: Move dependency installation to gha-run.sh
62804d6 gha: vfio: Import jobs scripts from tests repo
97283b1 metrics: Increase jitter value for qemu
3c5bd8c metrics: Increase value limit for jitter in clh
6abf513 ci: docker: nerdtl: Use io.containerd.kata-${KATA_HYPERVISOR}.io
9a664ea ci: nerdctl: Create the containerd config
5734c4c ci: nerdctl: Switch to tcp port 80 ping
55c8a47 ci: docker: Switch to tcp port 80 ping
31c3d9b metrics: Add iperf bandwidth value for qemu
40ae855 metrics: Add iperf bandwidth value for kata metrics
deadacd metrics: Ensure docker is running in init_env
31c33f9 metrics: Add Cassandra Metrics documentation
0968bf1 metrics: this PR skips the FIO test temprarily to fix issues
e5e3951 ci: docker: Also run the smoke test with runc
c7147da ci: docker: Run the tests after the kata-static is created
33430ad ci: Add a very basic nerdctl sanity test
69dd11f ci: Add a very basic docker sanity test
fcfa6c6 ci: use github.ref_name instead of $GITHUB_REF_NAME
19d9fd9 ci: Add more target-branch related fixes
fe4247a ci: Fix target-branch usage
9f510d0 metrics: Remove warning from metrics documentation
400418b kata-deploy: Remove curl after it's used
1df997c kata-deploy: Fix aarch64 image build
61b1a99 gha: Manually rebase PR atop of the target branch before testing
db56370 kata-deploy: Switch to an alpine image
bb5dbfb k8s: ci: Skip "Pod quota" test with firecracker
263ed4a ci: k8s: Remove useless skip statement from tests
7e13529 ci: k8s: Also check for "fc" (for firecracker)
8892d9a ci: k8s: Add clean-up-garm argument for gha-run.sh
c723a7d ci: k8s: devmapper tests should be using ubuntu 20.04
aee6f36 ci: k8s: Add a kata-deploy-garm target
5bb77b6 ci: k8s: Export KUBERNETES env var
7ce5c8b ci: k8s: Install bats on GARM runners
9fb291d ci: k8s: Wait some time after restarting k3s
053308e metrics: fix FIO test initialization
89345b6 ci: k8s: Append, instead of overwrite, the devmapper config
bb675f8 ci: k8s: Decrease k3s sleep from 4 to 2 minutes
695c716 ci: k8s: Use vanilla kubectl with k3s
7f865be ci: k8s: Ensure k3s is deploy with --write-kubeconfig-mode=644
7a96d0a ci: k8s: Use the proper command for sleep
92fdaf9 metrics: Use TensorFlow optimized image
1b7ffea ci: k8s: Fix typo in run-k8s-tests-on-garm.yaml
79de725 ci: k8s: Add k8s devmapper tests (part 0)
a41a56e ci: k8s: Add a function to configure devmapper for containerd
315288a ci: k8s: Add a function to deploy k3s
899c823 packaging: do not install docker-compose-plugin for s390x|ppc64le
374e77d metrics: Add write 95 percentile for FIO for qemu
22ce167 metrics: Add write 95 percentile FIO value
5e90c8e metrics: Add checkmetrics to gha run script
651b89b metrics: Add checkmetrics value for qemu for iperf
907baa3 metrics: Add jitter value for clh
d9408a7 metrics: Add test selector to iperf metrics
3583f37 metrics: Enable iperf benchmark on gha for kata metrics
7fd7186 CI: switch static-checks-dragonball CI machines to Azure
9b6c5ea kata-deploy: Create kata-static.tar with correct ownership
4403af7 metrics: re-enable memory-usage initialization step
d2d7c04 metrics: fix parsing issue on memory-usage test
8c7a4fd gha: Rebase atop of the target branch
75dcca5 metrics: Add grabdata script for metrics report
59e7c3a gha: Update to checkout@v3 action
8f1cc27 metrics: Add report generator link to general documentation
05180b6 metrics: Add README for kata metrics report
17c88a1 metrics: Add limit for 90 percentile for qemu value
dbb4761 metrics: Add limit for write 90 percentile value for clh
aebf392 metrics: Enable FIO limits for kata metrics
41d05b8 metrics: Fix memory footprint qemu limit
3491407 metrics: Fix memory inside limits for kata metrics
08027f2 metrics: Add test setup details to metrics report
99103db metrics: Add boot lifecycle times to metrics report
75c92ba metrics: Add memory inside container to metrics report
1c1eb98 metrics: Add scaling system footprint in metrics report
01f6e6a metrics: Add metrics reportgen
428eb69 metrics: Add report file titles
a8fa3d9 metrics: Generate PNGs alongside the PDF report
80625ed metrics: Add metrics report R files
9f8e194 metrics: Add report dockerfile
03c206f metrics: Add metrics report script
2684b26 tests: Expand confidential test to support TDX
4976629 tests: Expand confidential test to support SNP
0198490 tests: Add confidential test for SEV
1b7c790 local-build: Remove $HOME/.docker/buildx/activity/default
6a34bae gha: Avoid "fail-fast" in tests that are known to be flaky
17d22ca tests: use unique test name
e8c24fa tests: delete k8s deployment at the test's end
3e07c89 metrics: Remove unused variable in tensorflow nhwc script
5b9a694 kata-deploy: Don't try to remove /opt/kata
e99a13d gha: vfio: Run on Ubuntu 23.04 runner
394d146 local-build: Remove GID before creating group
7421737 metrics: Add TensorFlow ResNet50 fp32 Dockerfile
9acbf2f metrics: Add TensorFlow ResNet50 FP32 benchmark
4f2c937 kata-deploy: Avoid failing on content removal
6ea1d3b metrics: Add disk link to README
ad20369 metrics: Fix FIO path
abcb225 metrics: Use function from metrics common in pytorch script
508f1bb gha: capture additional kata-deploy output
d46c300 metrics: Enable kata runtime in K8s for FIO test.
3d3882a metrics: Update tensorflow name in gha run script
7d0a3db metrics: Fix check results for tensorflow benchmark
3e2a383 gha: kata-deploy: Do the runtime class cleanup as part of the cleanup
2c5db14 gha: kata-deploy: Add the first kata-deploy test
0b4fb82 metrics: Remove unused variable in tensorflow mobilenet script
b38624e tests: common: Ensure test_type is used as part of the cluster's name
cdfcd9a tests: commob: Don't fail if yq is not part of the cache
74edbaa gha: kata-deploy: Add run-kata-deploy-tests.sh
d7130f4 gha: k8s: Stop running kata-deploy tests as part of the k8s suite
810507e tests: k8s: Call ensure_yq() in setup.sh
915bace kata-deploy: Properly create default runtime class
870d800 metrics: Fix MobileNet help me description
1454505 gha: ci: Start running kata-deploy tests
bd29413 docs: Fix TensorFlow word across the document
a845e94 docs: Add Tensorflow Resnet50 documentation
6e5a5b8 metrics: Add Dockerfile for ResNet50 int8
5d85cac metrics: Add Tensorflow ResNet50 int8 benchmark
7474e50 gha: cri-containerd: Enable tests
20be3d9 gha: cri-containerd: Add timeout to the crictl calls on testContainerStop
10058f7 gha: cri-containerd: Show pod before deleting it
585d5fb gha: cri-containerd: Print kata logs in case of error
2fea5a5 gha: cri-containerd: Group containerd logs
3c7597f gha: cri-containerd: Ensure RUNTIME takes KATA_HYPERVISOR into account
738d808 metrics: Rename tensorflow scripts
4bb8fcc tests: kata-deploy: Add placeholder for kata-deploy-tests-on-tdx
f5e14ef tests: kata-deploy: Add placeholder for kata-deploy-tests-on-aks
e812c43 tests: kata-deploy: Add functional/kata-deploy/gha-run.sh placeholder
c19cebf tests: Add gha-run-k8s-common.sh
4e8c512 metrics: fix the loop used to stop kata components #7629
47f32c4 metrics: Add cassandra statefulset yaml
d5a1444 metrics: Add cassandra service yaml
1292b51 metrics: Add block loop pvc yaml for cassandra
105a556 metrics: Add block loop pv yaml for cassandra test
1b126eb metrics: Add block loop pvc for cassandra test
671ad98 metrics: Add Cassandra Kubernetes benchmark for kata metrics
058b304 gha: static-checks: Move to the Azure instances
b600659 metrics: Add check containers are running in tensorflow mobilenet
1b30aa8 metrics: Add check containers are up in tensorflow script
3502bb4 metrics: Remove unused variable in tensorflow script
b07c19e metrics: Add check containers are running function
fc89392 metrics: Add check containers are up in tensorflow mobilenet script
73843b7 metrics: Use check containers are up in tensorflow script
7fffa7f metrics: Add check containers are up in common script
1b68145 metrics: Use collect_results function in tensorflow mobilenet test
f29f811 metrics: Remove collect results function definition
6b6a6ee metrics: Add common functions to the common script
a341c2f metrics: compute tensorflow statistics
b8b4ca1 ci: unencrypted-image: Fix build context
dcc3578 ci: unencrypted-image: Don't fail to build on s390x
babbd41 ci: create-confidential-image: Add dependent actions
cecb30d metrics: Add nginx documentation to network README
1971fe4 metrics: Add nginx kubernetes yaml
6c921ce metrics: Add network nginx benchmark
a5a3e41 ci: k8s: tees: Ensure PR_NUMBER is exported
3a21c48 ci: {{ pr-number }} should be {{ inputs.pr-number }}
218d83b tests: k8s: Ensure the runtime classes are properly created
0625d8d ci: Add build-and-publish-tee-confidential-unencrypted-image
6ae591c ci: k8s: Add the image used for unencrypted confidential tests
8d4f9ef tests: upgrade bats version
a484666 metrics: install kata once and run multiple checks
759b0fa metrics: General improvements to mobilenet tensorflow test
d6398cc metrics: Add iperf to gha run script
a75db20 gha: Add iperf network metrics
b33d4de metrics: Add latency test to network README
db23b95 metrics: Add latency server yaml
2b60fe0 metrics: Add latency client yaml
aa71d6f metrics: Add network latency test
b2c627a metrics: Improve naming testing containers in launch times test
ea1fdd2 metrics: Clean kata components before start a metric test.
7d5f65b kata-deploy: Use host's systemctl
2881bad dragonball: use version 0.10.4 of fuse-backend-rs

Compatibility with CRI-O

Kata Containers 3.2.0 is compatible with CRI-O

Compatibility with containerd

Kata Containers 3.2.0 is compatible with contaienrd v1.6.8

OCI Runtime Specification

Kata Containers 3.2.0 support the OCI Runtime Specification v1.0.2

Compatibility with Kubernetes

Kata Containers 3.2.0 is compatible with Kubernetes 1.23.1-00

Libseccomp Notices

The kata-agent binaries inside the Kata Containers images provided with this release are
statically linked with the following GNU LGPL-2.1 licensed libseccomp library.

The kata-agent uses the libseccomp v2.5.4 which is not modified from the upstream version.
However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.

If you want to use the kata-agent which is not statically linked with the library, you can build
a custom kata-agent that does not use the library from sources.
For the details, please check the developer guide.

Kata Linux Containers image

Agent version: 3.2.0

Default Image Guest OS:

description: |
Root filesystem disk image used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/kata-containers/tools/osbuilder"
architecture:
aarch64:
name: "ubuntu"
version: "latest"
ppc64le:
name: "ubuntu"
version: "latest"
s390x:
name: "ubuntu"
version: "latest"
x86_64:
name: "ubuntu"
version: "latest"
tdx:
name: "ubuntu"
version: "latest"
meta:
image-type: "ubuntu"

Default Initrd Guest OS:

description: |
Root filesystem initrd used to boot the guest virtual
machine.
url: "https://github.com/kata-containers/kata-containers/tools/osbuilder"
architecture:
aarch64:
name: "alpine"
version: "3.15"

Do not use Alpine on ppc64le & s390x, the agent cannot use musl because

there is no such Rust target

ppc64le:
name: "ubuntu"
version: "20.04"
s390x:
name: "ubuntu"
version: "20.04"
x86_64:
name: "alpine"
version: "3.15"
mariner:
name: "cbl-mariner"
version: "2.0"
sev:
name: "ubuntu"
version: "20.04"

Kata Containers builder images

The majority of the components of the project were built using containers. In order to do a step towards
build reproducibility we publish those container images, and when those are used combined with the version
of the projects listed as part of the "versions.yaml" file, users can get as close to the environment we
used to build the release artefacts.

  • agent (on all its different flavours): quay.io/kata-containers/builders:agent-901c19225121-ef65c5767fd7
  • Kernel (on all its different flavours): quay.io/kata-containers/builders:kernel-7923de8999de-x86_64
  • OVMF (on all its different flavours): quay.io/kata-containers/builders:ovmf-6bb2ea81952e-x86_64
  • QEMU (on all its different flavurs): quay.io/kata-containers/builders:qemu-7ffc0c1225c3-x86_64
  • shim-v2: quay.io/kata-containers/builders:shim-v2-go-1.19.3-rust-1.69.0-11631c681ae8-x86_64
  • tools: quay.io/kata-containers/builders:tools-d5d21f4cb40f-901c19225121-ef65c5767fd7
  • virtiofsd: quay.io/kata-containers/builders:virtiofsd-1.72.0-musl-2205fb9d050a-x86_64

The users who want to rebuild the tarballs using exactly the same images can simply use the following environment
variables:

  • AGENT_CONTAINER_BUILDER
  • KERNEL_CONTAINER_BUILDER
  • OVMF_CONTAINER_BUILDER
  • QEMU_CONTAINER_BUILDER
  • SHIM_V2_CONTAINER_BUILDER
  • TOOLS_CONTAINER_BUILDER
  • VIRTIOFSD_CONTAINER_BUILDER

Kata Linux Containers Kernel

Kata Containers 3.2.0 suggest to use the Linux kernel v6.1.38
See the kernel suggested Guest Kernel patches
See the kernel suggested Guest Kernel config

Installation

Follow the Kata installation instructions.

Issues & limitations

More information Limitations

Assets 9
Loading