Skip to content

v1.1.0

Latest
Latest

Choose a tag to compare

View all tags
@RainbowMango RainbowMango released this 05 Jun 08:59
v1.1.0
0f804a9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Highlights

Snapshot & Restore for Cloud Hypervisor (#247)

The marquee feature of v1.1.0. The VMM sandbox now supports VM snapshot and restore on Cloud Hypervisor, enabling two powerful startup modes:

  • WarmFork — fork a running, pre-warmed template VM to spin up new sandboxes near-instantly, slashing cold-start latency for serverless and high-density workloads.
  • ContinuationSnapshot — checkpoint a VM's full state and resume it later from exactly where it left off.

See the new snapshot & restore user guide for WarmFork and ContinuationSnapshot examples. Includes patches/README for Cloud Hypervisor v52.0.

virtio-blk Storage for Cloud Hypervisor (#247)

Containers in the VMM sandbox can now use virtio-blk block devices for storage, providing a higher-performance, more isolated alternative to shared-FS mounts. Container rootfs storage is also now isolated per
container.

kuasar-ctl Diagnostic Tool (#236)

A new command-line diagnostic tool for inspecting sandboxes and tasks. It provides structured sandbox resolution and — importantly — propagates guest-side container exit codes back to the host, making failures far
easier to debug.

youki / libcontainer Integration (#232 and related)

The vmm-task in-VM agent now manages containers via the youki libcontainer crate (0.6) instead of shelling out to runc, with stdio fully wired through. This brings a more native, embeddable container lifecycle
to the guest.

Broader QEMU Support

  • virtiofs shared filesystem (#205)
  • VirtCCA confidential computing on Arm (#204)
  • aarch64 / Arm64 architecture (#169)
  • Sample QEMU configs for VirtualBox environments

systemd Watchdog Support (#228)

The sandboxer now integrates with the systemd watchdog for liveness supervision and automatic recovery of stuck sandboxer processes.

Reliability & Robustness

  • Concurrent sandbox recovery on restart for faster, more available restarts (#242)
  • Atomic state writes using truncate, with retry on stale temp files
  • Improved stop idempotency and overall robustness
  • Fixed panic in StreamingStdin poll_read and exec VM process wait conflicts
  • Preserve emptyDir tmpfs mount propagation; correct cpuset parsing for empty/whitespace input
  • Clean up exec IO files to prevent fd buildup in virtiofsd
  • Shared panic hook wired across all binaries

Testing & CI

  • New end-to-end test framework with runc tests (#215)
  • cri-containerd integration checks added to CI
  • Rust version consistency enforced across GitHub Actions, make check static-analysis target, and cargo-deny fixes

Docs & Proposals

  • Snapshot & restore proposal and user guide
  • virtio-blk storage proposal
  • Appliance mode proposal (agent sandbox)
  • install/uninstall scripts for kuasar-vmm
  • How-to-run-Kuasar-with-QEMU guide

Full Changelog: v1.0.1...v1.1.0

Assets 4
Loading