Add a release 3.5.0 overview blog post #248
Conversation
This patch adds a new blog post to provide highlights of the latest, 3.5.0 release of Kata Containers. Signed-off-by: Ildiko Vancsa <ildiko.vancsa@gmail.com>
✅ Deploy Preview for katacontainers ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
|
|
||
| 2. Security Enhancements | ||
|
|
||
| The kata-agent now includes the latest ‘libseccomp’ v2.5.5 to improve security. Please note that this library is licensed under [GNU LGPL-2.1](https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html). The version used by Kata Containers is not modified from the upstream version, and you can find the complete source code for the library attached for full compliance. |
There was a problem hiding this comment.
The libseccomp bump went into 3.4.0
There was a problem hiding this comment.
Ah, good clarification. I saw the notice in the release notes and I thought that meant it was bumped in this release. I will update the blog post title to allow for more updates than just 3.5.0, and leave this here as a note.
|
|
||
| The kata-agent now includes the latest ‘libseccomp’ v2.5.5 to improve security. Please note that this library is licensed under [GNU LGPL-2.1](https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html). The version used by Kata Containers is not modified from the upstream version, and you can find the complete source code for the library attached for full compliance. | ||
|
|
||
| In addition, ‘rootfs’ is now built with≈ with ‘AGENT_POLICY=yes’ by default for increased security and stability. |
There was a problem hiding this comment.
I think it's worth mentioning related to this that in 3.5.0 we changed the policy implementation from the golang based OPA binary to the regorus crate, which should give improved performances and a smaller rootfs and memory performance of the guest.
There was a problem hiding this comment.
This might be in new features section though.
There was a problem hiding this comment.
I added it under the new features section.
Signed-off-by: Ildiko Vancsa <ildiko.vancsa@gmail.com>
There was a problem hiding this comment.
@stevenhorsman Thank you for the speedy review, I updated the article to address your comments. Please let me know if the content looks good to go.
|
|
||
| 2. Security Enhancements | ||
|
|
||
| The kata-agent now includes the latest ‘libseccomp’ v2.5.5 to improve security. Please note that this library is licensed under [GNU LGPL-2.1](https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html). The version used by Kata Containers is not modified from the upstream version, and you can find the complete source code for the library attached for full compliance. |
There was a problem hiding this comment.
Ah, good clarification. I saw the notice in the release notes and I thought that meant it was bumped in this release. I will update the blog post title to allow for more updates than just 3.5.0, and leave this here as a note.
|
|
||
| The kata-agent now includes the latest ‘libseccomp’ v2.5.5 to improve security. Please note that this library is licensed under [GNU LGPL-2.1](https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html). The version used by Kata Containers is not modified from the upstream version, and you can find the complete source code for the library attached for full compliance. | ||
|
|
||
| In addition, ‘rootfs’ is now built with≈ with ‘AGENT_POLICY=yes’ by default for increased security and stability. |
There was a problem hiding this comment.
I added it under the new features section.
|
Awesome, thank you for the quick review! I'll publish this since 3.6.0 is knocking on the door now. :) |
Fix publish date
This patch adds a new blog post to provide highlights of the latest, 3.5.0 release of Kata Containers.