Het open source project Kata Containers heeft vandaag versie 3.0.0 van haar software uitgebracht. Kata Containers is een veilige container runtime met lichtgewicht virtuele machines die presteren als containers, maar een sterkere werklastisolatie leveren met behulp van hardwarevirtualisatietechnologie als tweede verdedigingslaag.
Sinds de lancering in 2017 is Kata Containers omarmd door users die waarde hechten aan “de snelheid van containers met de security van VM’s”. Kata Containers 3.0.0 bouwt voort op de meest waardevolle eigenschappen van software: security, snelheid en compatibiliteit met een grote verscheidenheid aan omgevingen en hardware.
Meer details zijn te vinden in het Engelstalige persbericht en hieronder:
Kata Containers Version 3.0.0 Arrives: Faster, More Secure, Support for New Environments
Enhanced compatibility features abound in Kata Containers 3.0.0, lending support for GPUs, Rust, Intel TDX and more.
Today, the open source project Kata Containers issued version 3.0.0 of the software. Kata Containers is a secure container runtime with lightweight virtual machines that feel and perform like containers but provide stronger workload isolation using hardware virtualization technology as a second layer of defense. This solution offers a fast and secure deployment option for anything from highly regulated workloads to untrusted code, spanning public and private cloud, containers-as-a-service and edge computing use cases.
Since launching in 2017, Kata Containers has been embraced by users who value “the speed of containers with the security of virtual machines.” Kata Containers 3.0.0 builds on software’s most valuable features: security, speed and compatibility with a wide variety of environments and hardware.
Key Features of Kata Containers 3.0.0:
- A newly written runtime implementation in Rust and an optional integrated Rust hypervisor, further reducing Kata Containers resource consumption and management complexity.
- Rust removes the overhead of the GO runtime.
- Integrated Rust hypervisor ensures that Kata Containers only spawn one host component for each POD.
- Aligns with the popular trends in the Linux community to rustify core software stack
- Improved hypervisor support, making Kata Containers more accessible to a wider range of environment configurations.
- Newly added support for GPUs, such as VFIO (Virtual function I/O), which allows safe, non-privileged, userspace drivers and PCI(e) devices in general.
- Upgrade to cloud-hypervisor v26.0 with several improvements to cloud-hypervisor support for Intel TDX
- Code updates to support the latest stable Linux Kernel release.
- Each deployment of the Kata Container runtime includes its own kernel for increased security & container isolation. The kernel in Kata Containers 3.0.0 has been updated to run v5.19.2.
- Increased compatibility with leading cloud-native technologies.
- Kata Containers supports popular runtimes including (but not limited to) Kubernetes, CRI-O, Containerd and OCI v1.0.0-rc5 Runtime specification.
“There’s a lot of excitement in the Kata Containers community around how the improved hypervisor support in Kata Containers 3.0.0 expands compatibility with a number of popular environment configurations and hardware technologies, such as GPUs,” said Treva Williams, technical community manager at the Open Infrastructure Foundation. “Kata community members are constantly seeking ways to improve and do not shy away from a challenge, such as rewriting Kata in Rust. Switching to Rust significantly increases speed, performance and safety, so the community’s hard work in making the switch pays huge dividends for Kata users and future contributors as well.”