From 0fb69ddf6a04fd08630302340de561ab078f6e3d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 20 Oct 2023 14:44:50 +0200 Subject: [PATCH] release: Kata Containers 3.3.0-alpha0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - kata-deploy-stable: Switch to using the ubuntu based payload - libs: protection: Fix typo in TDX output - ci: k8s: Fix bogus firecracker check in k8s-credentials-secrets.bat - tests: Enable agent stability test - docs: Fix paths to build kernel in SNP VMs documentation - runtime-rs: ch: Add TDX CH features check - runtime: Validate hypervisor section name in config file - tests: query data from the OPA service - release: tag_repos: Stop tagging the `tests` repo - metrics: fixes common.sh function to always return true - Memory footprint test removing trailing commas to make json results file valid - policy: allow access to ReseedRandomDev - runtime/kata-ctl: update dependencies - runtime-rs : fix Nydus support for runtime-rs + Dragonball - metrics: removal of reference in the documentation to the fio dax subtest. - runtime-rs: ch: Detect Intel TDX version - runitme-rs: use the same base64 as kata-runtime/direct-volume does - tests: Enable scability test for stability CI - runtime-rs: Add support for adding vfio device for cloud-hypervisor - tests: Enable soak parallel stability test - dragonball: vcpu metrics change to be recorded per vcpu - ci: k8s: adapt gha-run.sh to run locally - metrics: removes kata components and k8s deployment when test finishes - GHA: fix up referenced yaml exceeding 20 limit problem - gha: ci: Revert tracing test PR to unbreak CI - runtime-rs: ch: Enable feature - gha: ci: Port runk tests over - ci: gha: Port tracing tests over - Enable fio test using containerd client - gha: Add stability tests workflow for gha - gha: arm64: Ensure the builder is arm64-builder - kata-deploy: Build kata-agent as we build all the other components - versions: migrate out of k8s.gcr.io - doc: Update crictl pod-config - gha: Fix k0s deployment - tests: Add stability test for kata CI - docs: Update url in kata vra document - gpu: Adding CDI support for cold and hot-plug of VFIO devices - kata-deploy: build & ship the rust components from src/tools/ - metrics: Add latency value limits for kata CI - runtime: fix reading cgroup stats of sandboxes - Upgrade to Cloud Hypervisor v35.0 - ci: Port kata-monitor tests from Jenkins to GHA - metrics: Fix latency yamls path - metrics: Fix metrics README - metrics: Fix C-Ray documentation - runtime-rs: ch: Enable Intel TDX - ci: k8s: crio: Follow up patches to have CRI-O also working as part of our CI - metrics: Enable latency test in gha run script - local-build: Fix .docker ownership before build-payload - runtime-rs: Add network support for cloud-hypervisor - osbuild: Reduce guest components binary size with strip - gha: Add pandoc as a dependency for static checks - ci: rootfs-image build-asset is failing - feat(runtime-rs): introduce huge page mode to select VM RAM's backend - clh: Direct IO support for block devices - gha: Install hunspell for static checks - ci: Trigger payload-after-push on workflow_dispatch - ci: Actually enable the CRI-O tests - protocol: remove gogoprotobuff tests - ci: k8s: Also run tests with CRI-O - runtime: support kernel params including spaces - ci: kata-deploy: Fix runner name - metrics: Enable parallel bandwidth iperf limit - ci: kata-deploy: Enable all k8s flavours that we support - ci: Create clusters in individual resource groups - versions: Bump virtiofsd to v1.8.0 - clh: arm: Use static_sandbox_resource_mgmt=true - Bump nydus versions and update nydus tests - runtime/qemu: Rework QMP/HMP support - clh:arm64: use arm AMBA UART for hypervisor debug - ci: Use variable size of VMs depending on the tests running - ci: Rework static checks - runtime: incorrect handling of non-empty []Endpoint parameter in Remo… - ci: cache: Check the sha256sum of the components & fix ovmf-sev cache usage - ci: cache: Use the artefacts stored in ghcr.io/kata-containers/cached-artefacts/${component} - ci: Run some of the GARM tests in smaller instances - ci: Reduce the size of the AKS VMs - ci: cache: Allow pushing our artefacts to an OCI registry - metrics: Add iperf value for cpu utilization - ci: cache: Export env vars needed to use ORAS - gha: vfio: Import test script - tests: fix kernel and initrd annotations - metrics: Add iperf bandwidth value for kata metrics - metrics: Add Cassandra Metrics documentation - metrics: Remove warning from metrics documentation - ci: docker: nerdctl: Switch to tcp port 80 ping - runtime: Naming conflict of network devices - Remove gogoproto.nullable extension - metrics: Ensure docker is running in init_env - metrics: this PR skips the FIO test temprarily to fix issues - ci: Add a very basic nerdctl sanity test - runtime-rs: hypervisor: Remove debug kernel options - versions: Bump rust version - ci: Add a very basic docker sanity test - dragonball: fix for non-deterministic builds - runtime-rs: bring hybrid vsock devices in manager. - ci: use github.ref_name instead of $GITHUB_REF_NAME - ci: Add more target-branch related fixes - ci: Fix target-branch usage - agent: optimize the code of systemd cgroup manager - gha: Manually rebase PR atop of the target branch before testing - Update kernel to the latest LTS release (v6.1.52) and bring in erofs patches needed for the CC work - kata-deploy: Fix aarch64 image build - runtime: Fix more virtiofs args - kata-deploy: Switch to an alpine image - metrics: Use TensorFlow optimized image - metrics: fix FIO test initialization - ci: k8s: Add clean-up-garm argument for gha-run.sh - ci: k8s: Second round of fix-ups with the devmapper CI - metrics: re-enable memory-usage initialization step - Dragonball: optimize the placement of dbs-upcall features - ci: k8s: Fix typo in run-k8s-tests-on-garm.yaml - ci: k8s: Add k8s devmapper tests (part 0) - kata-deploy: Create kata-static.tar with correct ownership - runtime: run prestart hooks before starting VM for FC - metrics: Add write 95 percentile FIO value - runtime: Allow virtio_fs_extra_args annotation - packaging: do not install docker-compose-plugin for s390x|ppc64le - runtime-rs: Fix volumes and rootfs cleanup issues - metrics: Enable iperf benchmark on gha for kata metrics - CI: switch static-checks-dragonball CI machines to Azure - metrics: Add README for kata metrics report - osbuilder: Remove chcon operation for guest SELinux - kata-sys-util: protection: Update TDX checks - Improve the way to clean up storage devices for sandbox - agent: avoid possible leakage of storage device - tests: add policy to existing tests - gha: Rebase PR atop of the target branch before testing - versions: Update alpine to its 3.18 version - runtime: Fix data race in ioCopy - metrics: Add grabdata script for metrics report - Fixes tests on AMD machines - metrics: Enable FIO limits for kata metrics - metrics: Add metrics report script - metrics: Fix memory inside limits for kata metrics - metrics: fix parsing issue on memory-usage test - dragonball: vsock add fifo/pipe stream support for passed fd hybridSt… - tests: Add confidential test - tdx: Update the components needed for using the 6.2 kernel stack - tests: delete k8s deployment at the test's end - tests: use unique test name - runtime-rs: check peer close in log_forwarder - gha: Avoid "fail-fast" in tests that are known to be flaky - Refine storage device management for kata-agent - metrics: Remove unused variable in tensorflow nhwc script - kata-deploy: Don't try to remove /opt/kata - metrics: Add TensorFlow ResNet50 FP32 benchmark - gha: vfio: Run on Ubuntu 23.04 runner - kata-agent: use default filemode for block device when it is set to 0 - kata-types: introduce KataVirtualVolume to support nydus, direct volume and image pull - libs,tests: fix typo disable_guest_seccomp in configuration-anno-1.toml - local-build: Remove GID before creating group - kata-deploy: Avoid failing on content removal - runtime: fix image and initrd assets handling - metrics: Add disk link to README - metrics: Fix FIO path - gha: capture additional kata-deploy output - metrics: Use function from metrics common in pytorch script - metrics: Enable kata runtime in K8s for FIO test. - metrics: Fix README for pytorch - metrics: Remove unused variable in tensorflow mobilenet script - rootfs: agent: Policy support with AGENT_INIT=yes - gha: k8s: kata-deploy: Move kata-deploy specific tests from integration/kubernetes to functional/kata-deploy - metrics: Fix check results for tensorflow benchmark - metrics: Add Tensorflow ResNet50 int8 benchmark - kata-deploy: Properly create default runtime class - agent: simplify error handling - metrics: Fix MobileNet help me description - gha: ci: Start running kata-deploy tests - runk: Modify kill command's error message for containerd tests - runtime-rs: add driver option - gha: cri-containerd: Enable tests - metrics: Rename tensorflow scripts - gha: tests: Add kata-deploy functional tests -- Part 1 - agent: runtime: add Agent Policy feature - runk: Support without pid ns - metrics: Add Cassandra Kubernetes benchmark for kata metrics - metrics: Add common functions to the common script - metrics: fix the loop used to stop kata components - docs: Remove installation step in virtcontainers doc - Propogate secrets, config maps etc into guest if sharedFS not available - kata-deploy: Preliminary k0s support - gha: static-checks: Move to the Azure instances - versions: Update firecracker version to 1.4.0 - agent: Allow clippy::redundant_clone in the unit tests - agent: avoid creating new `Vec` instances when easily avoidable - metrics: compute tensorflow statistics - metrics: Add network nginx benchmark - metrics: install kata once and run multiple checks - ci: unencrypted-image: Fix build context - ci: create-confidential-image: Add dependent actions - Follow up fixes for https://github.com/kata-containers/kata-containers/pull/7596 - tests: Create image that will be used in the unencrypted confidential tests - kata-deploy: Ensure we cover SHIMS / DEFAULT_SHIM as part of our tests - tests: upgrade bats version - Fix mimor bugs and improve coding stype of agent rpc/sandbox/mount - deps: Bump dependent crate versions - fix number of queues handling in dragonball share fs device - runtime-rs: Introduce directly attachable network - metrics: General improvements to mobilenet tensorflow test - gha: Add iperf network metrics - docs: Use control-plane term instead of master - agent: avoid unnecessary calls to `Arc::clone` - metrics: Add network latency test - Image pulling on the host - Use version 0.10.4 of `fuse-backend-rs` - kata-deploy: Use host's systemctl - release: Revert kata-deploy changes after 3.2.0-rc0 release - metrics: stop kata components before start a metric test. - runtime-rs: Add block device handling for cloud hypervisor a93fdb014 kata-deploy-stable: Adapt to what we're using in the stable branch 36109da93 ci: k8s: Fix bogus firecracker check in k8s-credentials-secrets.bat d01daf749 tests: Adjust timeout for agent stability test 9b14dda14 libs: protection: Fix typo in TDX output 0e0867f15 runtime-rs: ch: Add TDX CH features check 409eadddb runtime-rs: ch: Improve readability of guest protection checks 82a0814fc tests: Enable agent stability test 32be8e3a8 tests: query data from the OPA service b81c0a669 tests: encode policy file during test 4f9681b41 metrics: fixes common.sh function to always return true 2ef2b2a6d docs: Fix paths to build kernel in SNP VMs documentation 408b59c02 runtime-rs: fix bugs to support Nydus v5 157caea9f Revert "nydus: Temporarily skip tests on dragonball" 678fe3cd3 Dragonball: fix Nydus config serde problem b6ec62138 policy: allow access to ReseedRandomDev 908519db9 metrics: skips docker restart when it is not installed or is masked. c2763120a metrics: removing trailing comma characters from json file. 3e8cf6959 runtime: Validate hypervisor section name in config file ef6388e81 tests: Remove unused function from scability test fbc8f8f46 scripts: Use install_yq from the `kata-containers` repo 65b1a2d27 release: tag_repos: Stop tagging / updating the `tests` repo 87b760f56 runtime-rs: ch: Detect Intel TDX version 73e81f5e3 runitme-rs: unify base64 encoding for direct-volume c6463cb5a tests: Fix path for versions yaml for soak parallel test 89c9454fc metrics: removal of reference in the documentation to the dax test. 30ff58904 tests: Enable scability test for stability CI 8d6f7b909 runtime-rs: Add support for handling vfio device for cloud-hypervisor e786b2b01 gha: Add install dependencies for stability tests dbfe6512f dragonball: vcpu metrics change to be recorded per vcpu fa60fbe02 dragonball: METRICS is refactored to RwLock 500d1c5ce kata-ctl: update rustls-webpki/webpki dependency d7660d82a runtime: unify gopkg.in/yaml.v3 to v3.0.1 fc9a107e8 runtime: unify swag and testify dependency 79ebb959c runtime: update runc dependency to v1.1.9 7f3e8bd65 runtime: unify golang.org/x/text to v0.7.0 df325ae37 runtime: update golang.org/x/net to v0.7.0 bba34910d metrics: stops kata components and k8s deployment when test finishes 84e3d884e gha: Add general dependencies to stability tests dec3951ca tests: Add soak parallel stability test 0f04d527d tests: Enable soak parallel test e669282c2 ci: k8s: set KUBERNETES default value c30c3ff18 tests: run k8s-volume on a given node 666993da8 tests: run k8s-file-volume on a given node 3a00fc910 tests: exec_host() now gets the node name 61c9c17bf tests: add get_one_kata_node() to tests_common.sh 68f083c4d ci: k8s: set KATA_HYPERVISOR default value 6677a61fe ci: k8s: configurable deploy kata timeout 200e54292 ci: k8s: shellcheck fixes to gha-run.sh 4af78be13 kata-deploy: re-format kata-[deploy|cleanup].yaml d54e6d9cd ci: k8s: run_tests() for kcli c2ef1f0fb ci: k8s: add deploy-kata-kcli() to gh-run.sh d2be8eef1 ci: k8s: add cleanup-kcli() to gha-run.sh cbb9aa15b ci: k8s: set default image for deploy_kata() 89bef7d03 ci: k8s: create k8s clusters with kcli 954d40cce gha: combine coco jobs into a single yaml b60e0a9b5 gha: combine basic amd64 jobs into a single yaml e9bd85211 gha: ci: Revert tracing test PR to unbreak CI b8a46a4b8 runtime-rs: ch: Enable feature 0f2dc8c67 gha: Add containerd stability tests to ci yaml da91c9df8 ci: Port runk tests to this repo 7f2377276 ci: Add placeholder for runk tests 9205acc3d ci: Move tracing tests here 85d290a04 gha: Add stability gha run script 54f0c8f88 gha: Add stability tests workflow for gha 3bb2923e5 ci: Add placeholder for tracing tests 2c3bf406d ci: Create a function to install docker 119f03de2 gha: arm64: Ensure the builder is arm64-builder 8c498ef5e metrics: Use jq tool to pretty-print json metrics output a2159a636 metrics: Enables FIO test for kata containers 70e7ec3e2 gha: Fix k0s deployment 560bbffb5 packaging: tools: Remove `set -x` leftover 18fa483d9 packaging: release: Mention newly added images ca3b88837 packaging: tools: Fix container image env var name 5ca66795c packaging: Allow passing the TOOLS_CONTAINER_BUILDER 02acef957 gha: Build the kata-agent as part of our workflows 5208386ab packaging: Build the kata-agent 1727487ee agent: Allow specifying DESTDIR and AGENT_POLICY via env vars 45c118883 packaging: Add get_agent_image_name() 0db8fb8f9 versions: migrate out of k8s.gcr.io a1a054367 doc: Fix spelling 6339605a1 tests: Add general stability fixes 59ae24444 doc: Update crictl pod-config fd19f4082 tests: Add agent stability test 215577032 tests: Add cassandra stress in stability tests f2d3ea988 tests: Add stressng dockerfile for stability tests 6493aa309 tests: Add stressor CPU test for stability tests ef68a3a36 metrics: Add stability test for kata CI 7c934dc7d gpu: Fix cold-plug of VFIO devices 8d66ef518 metrics: Increase qemu jitter value 5600e28b5 metrics: Increase jitter value for clh a6b1f5e21 ci: Build src/tools components as part of our tests / releases 501a168a8 kata-deploy: Build components from src/tools 6ef42db5e static-build: Add scripts to build content from src/tools 4d08ec29b packaging: Add get_tools_image_name() 98097c96d packaging: Use git abbreviated hash 489caf1ad ci: kata-monitor: Move tests over a3fb067f1 ci: Add placeholder for kata-monitor tests 57cb4ce20 ci: Make install_kata aware of container engines de1eeee33 ci: Create a generic install_crio function 64a200085 ci: Add install_cni_plugins helper 8132fe15c ci: Modify containerd default config 8cb7df1be metrics: Add checkmetrics for latency test e90440ae2 metrics: Add qemu latency value limit a74a8f8a9 metrics: Add latency value limits for kata CI d7def8317 metrics: Fix general check static warnings 928553d1b docs: Update url in kata vra document b0a3293d5 runtime-rs: ch: Enable Intel TDX 523399c32 runtime-rs: ch: Add more consts dea806581 runtime-rs: ch: Remove unused function 995f2c015 runtime-rs: ch: Only handle particular pending device types b1b96a5c4 runtime-rs: ch: Remove erroneous "virtio-blk-mmio" check 9ac29b8d3 metrics: Add init_env function to latency test dfd0c9fa9 runtime: clh: Re-generate the client code 8f9f087e3 versions: Upgrade to Cloud Hypervisor v35.0 81c8babca metrics: Fix latency yamls path 481573682 metrics: Fix C-Ray documentation ef63d67c4 ci: crio: Trail '\r' from exec_host() output 74c12b292 ci: crio: Enable default capabilities 358dc2f56 kata-deploy: Fix CRI-O detection ebaa4fa4c ci: crio: Pass `-y` to apt 97e73b223 metrics: Fix spelling warnings 36c8cd6f1 metrics: Fix metrics README 15425a2b8 local-build: Fix .docker ownership before build-payload 13ca7d9f9 gha: Add pandoc as a dependency for static checks 08bc8e4db metrics: Add latency benchmark for gha 6776b55d7 metrics: Enable latency test in gha run script 94e2ccc2d runtime: fix reading cgroup stats of sandboxes d507d189b fc: Add support for noflush cache option 2ca781518 clh: Direct IO support for block devices 0c95697cc ci: Trigger payload-after-push on workflow_dispatch 28cbc3b51 ci: rootfs-image build-asset is failing Fixes: #8027 87a861648 gha: Install hunspell for static checks 8c3c50ca8 ci: Actually enable the CRI-O tests 3a6510ad6 osbuild: Reduce guest components binary size with strip 07a6e63a6 ci: k8s: rke2: Use sudo to call systemd 03b82e848 ci: k8s: Add a CRI-O test d7105cf7a ci: k8s: Add a method to install CRI-O 54c0a471b ci: k8s: k0s: Allow passing parameters to the k0s installer 730ef5169 deps: updating dependencies 3a2c83d69 ci: kata-deploy: Fix runner name 82ff2db46 runtime: support kernel params including spaces 604a9dd67 protocol: remove gogoprotobuff tests f7fa7f602 ci: Enable kata-deploy tests for all the supported k8s flavours 2c908b598 ci: kata-deploy: Add the ability to deploy rke2 eaf616491 ci: kata-deploy: Add the ability to deploy k0s 001525763 ci: kata-deploy: Add deploy-k8s argument to gha-run.sh bf2cb0228 ci: kata-deploy: Expland tests to run on k0s / rke2 b12b9e188 ci: kata-deploy: Add placeholder for tests on GARM 9e1fb8a96 ci: kata-deploy: Export KUBERNETES env var 09cc0ed43 ci: Move deploy_k8s() to gha-run-k8s-common.sh 486fe14c9 ci: Properly set K8S_TEST_UNION d9ef1352a ci: Add first letter of the K8S_TEST_HOST_TYPE to resource group name 68267a399 ci: Create clusters in individual resource groups 9aa8d1c91 metrics: Add parallel bandwidth limit for qemu 44c7c082d versions: Bump virtiofsd to v1.8.0 af59d4bf4 metrics: Enable parallel bandwidth iperf limit aba36ab18 nydus: Temporarily skip tests on dragonball b8a8dfcd1 nydus: Use `kata-${KATA_HYPERVISOR}` instead of `kata` f6df3d6ef static-build: Fix arch error on nydus build 2f9c9e2e6 tests: nydus: Update nydus tests c9a4e7e46 versions: Bump nydus and nydus-snapshotter to its latest release b73bde320 gha: nydus: Populate run() b3904a1a3 gha: nydus: Populate install_dependencies() d2b3b67f5 gha: nydus: Actually install kata when `install-kata` is called 0ec00ad42 gha: nydus: Get rid of nydus{,-snapshotter} install from nydus_test.sh 568439c77 tests: nydus: Add timeout to the crictl calls 5ac3b76eb tests: nydus: Add uid / namespace to the nydus container / sandbox 376574a16 tests: nydus: Decorate some calls with `sudo` 4290fd4b6 tests: nydus: Adapt "source ..." to GHA a84efa3e8 tests: nydus: Adapt check to "clh" instead "cloud-hypervisor" 56a14b395 tests: common: Add install_nydus_snapshotter() b6563783e tests: common: Add install_nydus() 72599f191 clh: arm: Use static_sandbox_resource_mgmt=true 1f16b6627 runtime/qemu: Rework QMP/HMP support 8b1e9b0c7 ci: static-checks: Clean up static-checks job 2c5ca2eaf ci: static-checks: Run tests depending on KVM 509c309ab ci: static-checks: Move "sudo make test" to the new test matrix 4e963cedf ci: static-checks: Move "make test" to the new test matrix 08f2e5ae0 runtime-rs: Ensure static-checks-build is a dep of `make test` 2bc3a616a kata-ctl: Use `loop` instead of `kvm` module in tests 46daddc50 kata-ctl: Ensure GENERATED_CODE is a dep of `make test` ec826f328 agent: Ensure GENERATED_CODE is a dep of `make test` 1d32410a8 ci: install_libseccomp: Do not depend on the tests repo bf888b9a5 ci: static-checks: Move "make check" to the new test matrix 473ec8780 kata-ctl: Add `kata-types` to the Cargo.lock file ea19549a9 kata-ctl: Ensure GENERATED_CODE is a dep of `make check` e12577586 tests: install_rust: Also install clippy e2c61a152 ci: static-checks: Move vendor check to its own job 6794d4c84 tests: Move install_rust.sh from the tests repo e64508c30 tests: install_go: Remove tests repo dependency 11dff731b tests: Move functions from kata_arch script here 75c974c80 ci: static-checks: Move kernel config check to its own job 9c233bb9e test: Add test to verify try_from for clh Netconfig c69a1e33b ci: Use variable size of VMs depending on the tests running 9049d311d runtime-rs: Add network support for cloud-hypervisor eecd5bf2a ci: cache: Fix ovmf-sev cache 86c41074b ci: cache: Check the sha256sum of the component 460988c5f ci: cache: Remove the script used to cache artefacts on Jenkins 4533a7a41 ci: cache: Also store the ${component} sha256sum eccc76df6 ci: cache: Use the cached artefacts from ORAS 7f5e77bcb kernel: enable Arm pl011 support 241c355e0 clh:arm64: use arm AMBA uart for hypervisor debug 094b6b2cf ci: k8s: Temporarily disable tests that require a bigger VM instance d0c257b3a ci: cache: Push cached artefacts to ghcr.io 108f1b60d kata-deploy: Generate latest_{artefact,image_builder} files be2eb7b37 ci: cache: Install ORAS in the kata-deploy binaries builder container fb24fb0dc ci: k8s: devmapper: Use a smaller / cheaper VM instance 1daf02f5d ci: nydus: Use a smaller / cheaper VM instance e60d81f55 ci: nerdctl: Use a smaller / cheaper VM instance 4db416997 ci: docker: Use a smaller / cheaper VM instance 32841827b ci: cri-containerd: Use a smaller / cheaper VM instance 92fff129f ci: k8s: Don't set cpu limit request for k8s-inotofy test faf98c062 ci: Reduce the size of the AKS VMs adc18ecdb ci: cache: For consistency, read all used env vars c7a851efd ci: cache: Pass the exposed env vars to the kata-deploy binaries in docker 6bd15a85d ci: cache: Export env vars needed to use ORAS cd4fd1292 metrics: Add iperf cpu utilization limit for qemu df5cd10ea metrics: Add iperf value for cpu utilization a96050a7a tests: Apply timeout to 'ctr t kill' 9d9303678 tests/vfio: Bump VM image to Fedora 38 faee59b52 tests/vfio: Accept single device in vfio group for CLH df3dc1105 tests/vfio: Get rid of sync's 7211c3dcc gha: vfio: Set test timeout to 15m 1b02f89e4 packaging: kernel: Enable VIRTIO_IOMMU on x86_64 3a1db7a86 runtime: clh: Support enabling iommu 9f1a42c6c tests/vfio: Give commands 30s to execute b46b0ecf8 tests/vfio: Configure a value for 'hot_plug_vfio' for both vmms bfc93927f runtime: Remove redundant check in checkPCIeConfig 7c4e73b60 runtime: Add test cases for checkPCIeConfig fc51e4b9e runtime: Check config for supported CLH (cold|hot)_plug_vfio values 509771e6f runtime: clh: Add hot_plug_vfio entry to config 5f6475a28 tests/vfio: Gather debug info and disable tdp_mmu 8fffdc81c tests/vfio: Capture journal from vm df815087e tests/vfio: Change to get the test working in GHA a92ddeea1 tests/vfio: Move dependency installation to gha-run.sh 5a551a85b gha: vfio: Import jobs scripts from tests repo 49e2fa189 metrics: Increase jitter value for qemu 49234433a metrics: Increase value limit for jitter in clh 813bfdec0 ci: docker: nerdtl: Use io.containerd.kata-${KATA_HYPERVISOR}.io 46bc0b1c0 ci: nerdctl: Create the containerd config 13968aa7f ci: nerdctl: Switch to tcp port 80 ping e0c811678 ci: docker: Switch to tcp port 80 ping 1636abbe1 runtime: issue with non-empty []Endpoint in RemoveEndpoints 0aa073967 metrics: Add iperf bandwidth value for qemu c0ad91476 tests: fix kernel and initrd annotations 615c1cbf1 metrics: Add iperf bandwidth value for kata metrics d53eb73ee metrics: Ensure docker is running in init_env ad08321b8 metrics: Add Cassandra Metrics documentation a58ea6659 metrics: this PR skips the FIO test temprarily to fix issues f536ef5ce ci: docker: Also run the smoke test with runc c83f167c5 ci: docker: Run the tests after the kata-static is created 12d833d07 ci: Add a very basic nerdctl sanity test 348b8644d ci: Add a very basic docker sanity test a75fd5eb8 runk: Fix rust unecessary mut error a31c14517 kata-ctl: useless-vec warning c8419fc3b kata-ctl: Resolve non-minimal-cfg warning 3eaf68d95 agent-ctl: Allow clippy lint 1d8b78959 runtime-rs: Fix useless-vec warning 99f3d69e9 runtime-rs: Remove mut 16fbc27b0 dragonball: Allow ambiguous-glob-reexports bbf191951 dragonball: Resolve non-minimal-cfg warning 75cfdd5d5 agent: config: Allow clippy lint f3a0fd590 agent: config: Fix useles-vec warning 9e423bd3d libs: Fix clippy unnecesary hashes error 444395050 versions: Bump rust version a16b0962b chore(cargo): update cargo lock ca4b6b051 runtime: Naming conflict of network devices 202049f35 feat(runtime-rs): introduce huge page type to select VM RAM's backend f811b064c ci: use github.ref_name instead of $GITHUB_REF_NAME 6d795c089 ci: Add more target-branch related fixes 8509c3187 ci: Fix target-branch usage 060499dca metrics: Remove warning from metrics documentation c0f697fcc runtime: Allow kernel_params annotation b03e49794 dragonball: fix for non-deterministic builds 976d10150 runtime-rs: hypervisor: Remove debug kernel options fde34610c kernel: Add erofs patches needed for CC related work dc6a4588a versions: Bump kernel to the latest LTS release (6.1.52) 52f6449b7 kata-manager: Remove initcall_debug kernel option 8b4a0b368 kata-deploy: Remove curl after it's used 139c7f03a kata-deploy: Fix aarch64 image build 470d06541 agent: optimize the code of systemd cgroup manager bd24afcf7 gha: Manually rebase PR atop of the target branch before testing 72c510d05 runtime/virtiofsd: Drop all references to "--cache=none" ead724bec protocol: removing gogo.nullable feature d8e4bb985 protocol: remove unused PROTO_FILE env 5e1106a77 protocol: remove unused import_path 87accaaec protocol: use workdir during build 711a7ed96 protocol: remove mapping definitions 8db84c1bd protocol: force GOPATH to be set 68156d77a protocol: breaking lines to improve readability 670a8e9c7 kata-deploy: Switch to an alpine image 9d74b7ccc k8s: ci: Skip "Pod quota" test with firecracker f6cd3930c ci: k8s: Remove useless skip statement from tests 3cc20b47a ci: k8s: Also check for "fc" (for firecracker) b5bad3cb0 ci: k8s: Add clean-up-garm argument for gha-run.sh aaec5a09f ci: k8s: devmapper tests should be using ubuntu 20.04 27fa7d828 ci: k8s: Add a kata-deploy-garm target fa62a4c01 ci: k8s: Export KUBERNETES env var 8c9380a79 ci: k8s: Install bats on GARM runners 3de23034f ci: k8s: Wait some time after restarting k3s adfea55b8 metrics: fix FIO test initialization 2df183fd9 ci: k8s: Append, instead of overwrite, the devmapper config 369a8af8f ci: k8s: Decrease k3s sleep from 4 to 2 minutes ada65b988 ci: k8s: Use vanilla kubectl with k3s ad45ab5d3 ci: k8s: Ensure k3s is deploy with --write-kubeconfig-mode=644 028a97e0d ci: k8s: Use the proper command for sleep 3a427795e metrics: Use TensorFlow optimized image 8d99972a8 ci: k8s: Fix typo in run-k8s-tests-on-garm.yaml deed1b927 Dragonball: optimize the placement of dbs-upcall features 0e8bd50cb ci: k8s: Add k8s devmapper tests (part 0) b28b54df0 ci: k8s: Add a function to configure devmapper for containerd 54f711721 ci: k8s: Add a function to deploy k3s 81536f21a runtime/qemu: Pass "--xattr" to virtiofsd instead of "-o xattr" b1dd09a4d runtime: Allow virtio_fs_extra_args annotation 2efda20c7 packaging: do not install docker-compose-plugin for s390x|ppc64le 438fbf966 metrics: Add write 95 percentile for FIO for qemu 024b4d2ff metrics: Add write 95 percentile FIO value e98e5cdea metrics: Add checkmetrics to gha run script c1edfe551 metrics: Add checkmetrics value for qemu for iperf 6a79ecedf metrics: Add jitter value for clh f609a9a75 metrics: Add test selector to iperf metrics 5b8db3042 metrics: Enable iperf benchmark on gha for kata metrics 60f733d30 CI: switch static-checks-dragonball CI machines to Azure 7870b33a2 runtime-rs: bring hybridVsock devices in manager. 18c94ebbe kata-deploy: Create kata-static.tar with correct ownership 57e7bf14a agent: refine StorageDeviceGeneric::cleanup() 53edb1937 agent: implement StorageDeviceGeneric::cleanup() 0c63453e2 types: make StorageDevice::cleanup() return possible error code 3a3d77b3b agent: move StorageDeviceGeneric from kata-types into agent b151cfd14 metrics: re-enable memory-usage initialization step f3e1a6a94 osbuilder: alpine: Change mirror ac612aef5 osbuilder: alpine: Match the version on versions.yaml 9cd706d1c agent: avoid possible leakage of storage device bf21411e9 tests: add policy to k8s tests d0e061067 runtime: config: use the SEV initrd for SNP 67fed26f1 runtime: Use TDX image with in the qemu-tdx config ac939c458 gha: Rebase atop of the target branch 82cd14ba3 versions: Update alpine to its 3.18 version 666882575 metrics: Add grabdata script for metrics report c290eaed8 kata-sys-util: protection: Update TDX checks d7a996c68 gha: Update to checkout@v3 action c2ba29c15 runtime: Fix data race in ioCopy 211de08d9 osbuilder: Remove chcon operation for guest SELinux 9f21fa9b3 metrics: Add report generator link to general documentation c0ed5ea0a metrics: Add README for kata metrics report a7b59a5bf metrics: Add limit for 90 percentile for qemu value 99db6568e metrics: Add limit for write 90 percentile value for clh 6e06392c5 metrics: Enable FIO limits for kata metrics 2e4c87472 runtime/vc: runPrestartHooks should ignore GetHypervisorPid failure 21204caf2 runtime: fail early when starting docker container with FC 32fd01371 runtime: run prestart hooks before starting VM for FC 00e7ffd98 tests: check vmx only on Intel machines c8dd3c073 metrics: Fix memory footprint qemu limit 8877ec62f metrics: Fix memory inside limits for kata metrics 80146f207 tests: Fixes cpuType check on AMD machines 7e364716d metrics: Add test setup details to metrics report 17dc1b976 metrics: Add boot lifecycle times to metrics report 3b0d6538f metrics: Add memory inside container to metrics report 79fbb9d24 metrics: Add scaling system footprint in metrics report 8e6d4e6f3 metrics: Add metrics reportgen 139ffd4f7 metrics: Add report file titles 878d1a2e7 metrics: Generate PNGs alongside the PDF report fce248797 metrics: Add metrics report R files 08812074d metrics: Add report dockerfile 69781fc02 metrics: Add metrics report script e286e842c tests: Expand confidential test to support TDX e31f099be tests: Expand confidential test to support SNP c3b9d4945 tests: Add confidential test for SEV 538c965c2 metrics: fix parsing issue on memory-usage test 3818bf331 local-build: Remove $HOME/.docker/buildx/activity/default d1b54ede2 qemu: tdx: Workaround SMP issue with TDX 1.5 1e34220c4 qemu: tdx: Adapt to the TDX 1.5 stack 8115a0522 versions: tdx: Update Kernel to 6.2 + TDX ec18180f3 versions: tdx: Update TDVF to the "edk2-stable202302" 9803b2428 versions: tdx: Update QEMU to v7.2 + TDX v1.10 dffc16e5b runtime-rs: check peer close in log_forwarder aaa5ab126 agent: simplify storage device by removing StorageDeviceObject fb49d5d7c gha: Avoid "fail-fast" in tests that are known to be flaky 183f51d6f tests: use unique test name 6a974679f tests: delete k8s deployment at the test's end 32a778b6d metrics: Remove unused variable in tensorflow nhwc script d8f3ce649 kata-deploy: Don't try to remove /opt/kata 936e8091a gha: vfio: Run on Ubuntu 23.04 runner 0e7248264 agent: move storage device related code into dedicated files 268e84655 runtime-rs: Fix volumes and rootfs cleanup issues 8f49ee33b agent: refine storage related code a bit 60ca12ccb agent: switch to new storage subsystem fcbda0b41 kata-types: introduce StorageDevice and StorageHandlerManager b03b1f613 agent: simplify the way to manage storage object 8392c71bf sys-util: support more mount flags in parse_mount_options() c00d8f3d4 agent: use create_mount_destination() from kata-sys-util 5e867f053 types: add more mount related constants 880e6c9a7 agent: use function from kata-sys-utils to reduce code 3b881fbc0 local-build: Remove GID before creating group 959ca4944 metrics: Add TensorFlow ResNet50 fp32 Dockerfile 4b7d72c4a metrics: Add TensorFlow ResNet50 FP32 benchmark 5cba38c17 kata-deploy: Avoid failing on content removal 18d42da21 runtime/fc: fix image/initrd annotation handling 9fda7059a runtime/clh: fix image/initrd annotation handling 1a0092d63 runtime/qemu: fix image/initrd annotation handling 22d8f335d libs,tests: fix typo disable_guest_seccomp in configuration-anno-1.toml 8afd158ce metrics: Add disk link to README 40914b25d kata-agent: use default filemode for block device when it is set to 0 eee2ee6ee metrics: Fix FIO path 39bc3488f metrics: Use function from metrics common in pytorch script 400eb8874 gha: capture additional kata-deploy output 4aee3eade kata-types: implement serde methods for KataVirtualVolume b875e3932 kata-types: validate KataVirtualVolume object fa2fdc105 kata-types: implement two conversion helpers for KataVirtualVolume 6326af20e kata-types: introduce KataVirtualVolume c8b43f8b3 metrics: Fix README for pytorch fb571f8be metrics: Enable kata runtime in K8s for FIO test. cb056f8cb rootfs: agent: Policy support with AGENT_INIT=yes 85c02828e metrics: Update tensorflow name in gha run script e8a511934 metrics: Fix check results for tensorflow benchmark 2d896ad12 gha: kata-deploy: Do the runtime class cleanup as part of the cleanup 4ffc2c86f gha: kata-deploy: Add the first kata-deploy test 8616c050a metrics: Remove unused variable in tensorflow mobilenet script 285e616b5 tests: common: Ensure test_type is used as part of the cluster's name 790bd3548 tests: commob: Don't fail if yq is not part of the cache ce6adecd0 gha: kata-deploy: Add run-kata-deploy-tests.sh cfc29c11a gha: k8s: Stop running kata-deploy tests as part of the k8s suite f4dd15286 tests: k8s: Call ensure_yq() in setup.sh 339569b69 kata-deploy: Properly create default runtime class 2a491e9b1 metrics: Fix MobileNet help me description d19a75e80 gha: ci: Start running kata-deploy tests d90f7ac68 runtime-rs: add unit test for block driver e44919f0d runtime-rs: add load_test_config for unit test 7f48a6937 runtime-rs: add driver option bade6a5c3 docs: Fix TensorFlow word across the document 1a1b20776 docs: Add Tensorflow Resnet50 documentation 24baededc metrics: Add Dockerfile for ResNet50 int8 6d971ba8d metrics: Add Tensorflow ResNet50 int8 benchmark 25d151bd1 runk: Modify kill command's error message for containerd tests b3592ab25 gha: cri-containerd: Enable tests 84dd02e0f gha: cri-containerd: Add timeout to the crictl calls on testContainerStop b29782984 gha: cri-containerd: Show pod before deleting it ae0930824 gha: cri-containerd: Print kata logs in case of error 6c8b2ffa6 gha: cri-containerd: Group containerd logs 9e898701f gha: cri-containerd: Ensure RUNTIME takes KATA_HYPERVISOR into account 76dac8f22 agent: simplify error handling 18a7fd8e4 metrics: Rename tensorflow scripts e55fa93db tests: kata-deploy: Add placeholder for kata-deploy-tests-on-tdx d9ee17aae tests: kata-deploy: Add placeholder for kata-deploy-tests-on-aks ab829d103 agent: runtime: add the Agent Policy feature 831e73ff9 tests: kata-deploy: Add functional/kata-deploy/gha-run.sh placeholder af1b46bbf tests: Add gha-run-k8s-common.sh 416445e7e docs: Remove installation step in virtcontainers doc 72cbcf040 kata-deploy: Add k0s support 767434d50 metrics: fix the loop used to stop kata components #7629 5d0f0d43c metrics: Add cassandra statefulset yaml c1dcc1396 metrics: Add cassandra service yaml 2297a0d1c metrics: Add block loop pvc yaml for cassandra e3d511946 metrics: Add block loop pv yaml for cassandra test 989027159 metrics: Add block loop pvc for cassandra test 349b89969 metrics: Add Cassandra Kubernetes benchmark for kata metrics c52d09052 gha: static-checks: Move to the Azure instances 8815ed066 runtime: Remove config warnings afe1a6ac5 agent: support copying of directories and symlinks ab13ef87e runtime: propagate configmap/secrets etc changes for remote-hyp c074ec4df runtime: Copy shared files recursively fdcd52ff7 metrics: Add check containers are running in tensorflow mobilenet 36337ee14 metrics: Add check containers are up in tensorflow script f700f9b0b metrics: Remove unused variable in tensorflow script 833cf7a68 metrics: Add check containers are running function 918c78308 metrics: Add check containers are up in tensorflow mobilenet script 9d57a1fab metrics: Use check containers are up in tensorflow script 1c84680d8 metrics: Add check containers are up in common script d3e57cf45 metrics: Use collect_results function in tensorflow mobilenet test 286de046a metrics: Remove collect results function definition 9879709aa metrics: Add common functions to the common script 4746fa3da docs: Specify supported Firecracker version using `versions.yaml` cc922be5e versions: Update firecracker version to 1.4.0 39e67b06e dragonball: vsock add fifo/pipe stream support for passed fd hybridStream 473b0d3a3 metrics: compute tensorflow statistics 03d1fa67b ci: unencrypted-image: Fix build context eb463b38e ci: unencrypted-image: Don't fail to build on s390x a2d731ad2 ci: create-confidential-image: Add dependent actions d1a629622 metrics: Add nginx documentation to network README 498f7c054 metrics: Add nginx kubernetes yaml f8a5255cf metrics: Add network nginx benchmark 43fe5d1b9 ci: k8s: tees: Ensure PR_NUMBER is exported 54f6a7850 ci: {{ pr-number }} should be {{ inputs.pr-number }} 034d7aab8 tests: k8s: Ensure the runtime classes are properly created fac8ccf5c ci: Add build-and-publish-tee-confidential-unencrypted-image ab5f603ff ci: k8s: Add the image used for unencrypted confidential tests 1e8fe131b k8s: tests: Take advantage of `SHIMS` and `DEFAULT_SHIM` env vars 729b2dd61 agent: avoid creating new `Vec` instances when easily avoidable aeaec9dae tests: upgrade bats version e66496986 metrics: install kata once and run multiple checks baabfa9f1 agent: refine implementation of mount related code 98ba211a3 agent: fix a bug in update_ephemeral_mounts() 5333618d7 agent: make add_storage() take &[Storage] instead of Vec 37f34781d agent: simplify function online_cpu_memory() d3c542237 agent: refine style of code related to sandbox 71a9f6778 agent: avoid unwrap() in function do_remove_container() 84badd89d agent: avoid clone objects when possible b23c5ed15 deps: Bump dependent crate versions 863283716 metrics: General improvements to mobilenet tensorflow test 3c319d8d4 metrics: Add iperf to gha run script 5b5caf890 gha: Add iperf network metrics 66db5b535 metrics: Add latency test to network README c36572418 agent: avoid unnecessary calls to `Arc::clone` 4fbe0a3a5 runtime: bind-mount mounted block device into container 7e1b1949d runtime: add support for kata overlays 6c867d9e8 agent: add io.katacontainers.fs-opt.overlay-rw option 6163c3565 agent: skip mount options that start with "io.katacontainers." b2ff97aa0 dragonball: use version 0.10.4 of `fuse-backend-rs` 845eeb4d7 agent: Allow clippy::redundant_clone in the unit tests 1163fc9de release: Revert kata-deploy changes after 3.2.0-rc0 release 3958a39d0 runtime-rs: Introduce directly attachable network 1e15369e5 metrics: Improve naming testing containers in launch times test 5dbe88330 metrics: Clean kata components before start a metric test. 3b45060b6 metrics: Add latency server yaml 9bb8451df metrics: Add latency client yaml 64fdb9870 metrics: Add network latency test a81ad3b58 runtime-rs: Add block device handling in cloud hypervisor 3230dec95 kata-deploy: Use host's systemctl 1b21a4624 docs: Use control-plane term instead of master 28e5e9c86 runtime-rs: fix number of queues handling in dragonball share fs device f1d8de9be runk: Allow runk to launch a container without pid namespace Signed-off-by: Fabiano Fidêncio --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 2f290ae1b67f..1445abbcd359 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.2.0-rc0 +3.3.0-alpha0