Skip to content

3.2.0.azl4

Latest
Latest
Compare
Choose a tag to compare
@Redent0r Redent0r released this 22 Jan 20:49
3.2.0.azl4
6058c26
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Release notes

  • Use Azl3 as default for node builder recipes
  • Addressed CVEs: CVE-2024-43806, CVE-2024-24786, CVE-2023-45288, CVE-2023-39325, CVE-2024-43806
  • Improved agent logging verbosity
  • Faster confidential pod startup
  • Allow pods with larger memory requests to start by increasing the timeout for CreateVM
  • Reduced memory usage for the guest image
  • Improved memory overhead management
  • Remove unused VMM options for memory allocation
  • Assign a default number of vcpus (1) to the VM when no limits are given
  • Added policy state support to agent
  • Fix mount OverlayFS with multiple lowdir entries after kernel update

What's Changed

  • tools: Align AGENT_POLICY_FILE check in rootfs-builder with upstream by @ms-mahuber in #244
  • node-builder: Use Azure Linux 3 as default path by @ms-mahuber in #251
  • libs:logging: Fix logger by @danmihai1 in #248
  • Fix logging verbosity comment to accurately reflect clh behavior by @Camelron in #249
  • node-builder: Deploy-only recipe for AzL3 VMs by @ms-mahuber in #254
  • runtime: skip logging some of the dial errors by @danmihai1 in #253
  • build(deps): bump rustix from 0.37.3 to 0.37.27 in /src/agent by @dependabot in #246
  • build(deps): bump google.golang.org/protobuf from 1.29.1 to 1.33.0 in /src/runtime by @dependabot in #243
  • build(deps): bump dependency golang.org/x/net to v0.23.0 by @Sumynwa in #261
  • build(deps): bump rustix from 0.37.19 to 0.37.27 in /src/tardev-snapshotter by @dependabot in #262
  • runtime: Set memory config shared=false when shared_fs=None in CLH by @Sumynwa in #265
  • runtime: relax timeout for CreateVM + BootVM in CLH by @Sumynwa in #268
  • agent: fix make test by @Sumynwa in #266
  • reduce the memory usage for the guest image by @danmihai1 in #280
  • runtime: improved memory overhead management by @danmihai1 in #281
  • runtime: Remove unused VMM options for mem alloc by @ms-mahuber in #283
  • runtime: Allocate default workload vcpus by @ms-mahuber in #282
  • policy: cherry pick state policy changes from upstream by @Redent0r in #273
  • agent: add back rego error logs by @Redent0r in #292
  • agent: avoid "unknown mount flag" for tardev by @danmihai1 in #294
  • runtime: skip empty Guest console output lines by @danmihai1 in #296
  • overlay: use nix::mount for OverlayFS to overcome mounting limitations by @miz060 in #293
    Full Changelog: 3.2.0.azl3...3.2.0.azl4

Contributors

miz060, danmihai1, and 5 other contributors
Assets 2
Loading