Today’s release presents a generational and architectural shift to utilize virtcontainers, a modular and hypervisor agnostic library for hardware virtualized containers. Clear Containers 3.0 is written in Go language and boasts an OCI(link is external)* compatible runtime implementation (cc-runtime(link is external)) that works both on top of virtcontainers, and as a platform for deployment.

What’s New in 3.0

Completely rewritten and refactored, Clear Containers 3.0 uses Go language instead of C and introduces many new components and features. The 3.0 release of Clear Containers brings better integration into the container ecosystem and an ability to leverage code used for namespace based containers.

Clear Containers 3.0 introduces a libcontainer based agent which enables the application of policies and filters such as SELinux* and seccomp inside the Clear Containers guest. To improve the storage performance and full POSIX* compliance, Clear Containers 3.0 supports a virtio-blk storage backend. The new feature KSM throttling improves scaling and container density(link is external). Users can now run unmodified Clear Containers on HyperV*, VMware*, and GCE* with added improvements to nested virtualization. Clear Containers 3.0 also makes new resource constraints available to support OCI defined use cases (memory and CPU).

Ecosystem Integration

cc-runtime(link is external) is now compatible with the OCI(link is external) runtime specification(link is external) and works seamlessly with the Docker* Engine(link is external) pluggable runtime architecture. Clear Containers 3.0 can now also be run using Kubernetes* through CRI-O*(link is external), which is a Kubernetes* Container Runtime Interface (CRI)(link is external) implementation. With CRI-O and Clear Containers 3.0, it is possible to have both trusted and untrusted workloads run safely together in a Kubernetes cluster on bare metal.

Documentation

Visit our GitHub page to view Clear Containers 3.0 overall architecture(link is external) and additional details. In the Release Notes(link is external) page you can find a complete list of the latest updates to the Clear Containers project.

Contributing

Clear Containers is a fully open source project that is actively being developed - check us out on GitHub and get involved.

CC3.0 Project(link is external) (GitHub)

CC3.0 Architecture(link is external) (GitHub)

Clear Containers and Clear Linux site (Intel)

IRC: #clearcontainers on Freenode

Mailing list:  https://lists.01.org/mailman/listinfo/cc-devel(link is external)

 - The Intel® Clear Containers Team

 *Other names and brands may be claimed as the property of others.