Firecracker-v0.5.0

Added

• Added metrics for API requests, VCPU and device actions for the serial console (UART), keyboard (i8042), block and network devices. Metrics are logged every 60 seconds.
• A CPU features template for C3 is available, in addition to the one for T2.
• Seccomp filters restrict Firecracker from calling any other system calls than the minimum set it needs to function properly. The filters are enabled by setting the USE_SECCOMP environment variable to 1 before running Firecracker.
• Firecracker can be started by a new binary called jailer. The jailer takes as command line arguments a unique ID, the path to the Firecracker binary, the NUMA node that Firecracker will be assigned to and a uid and gid for Firecracker to run under. It sets up a chroot environment and a cgroup and calls exec to morph into Firecracker.

Changed

• In case of failure, the metrics and the panic location are logged before aborting.
• Metric values are reset with every flush.
• CPUTemplate is now called CpuTemplate in order to work seamlessly with the swagger code generator for Go.
• firecracker-beta.yaml is now called firecracker.yaml.

Fixed

• Handling was added for several untreated KVM exit scenarios, which could have led to panic.
• Fixed a bug that caused Firecracker to crash when attempting to disable the IA32_DEBUG_INTERFACE MSR flag in the T2 CPU features.

Removed

• Removed a leftover file generated by the logger unit tests.
• Removed firecracker-v1.0.yaml.