What’s New in 3.0
Completely rewritten and refactored, Clear Containers 3.0 uses Go language instead of C and introduces many new components and features. The 3.0 release of Clear Containers brings better integration into the container ecosystem and an ability to leverage code used for namespace based containers.
Clear Containers 3.0 introduces a libcontainer based agent which enables the application of policies and filters such as SELinux* and seccomp inside the Clear Containers guest. To improve the storage performance and full POSIX* compliance, Clear Containers 3.0 supports a virtio-blk storage backend. The new feature KSM throttling improves scaling and container density(link is external). Users can now run unmodified Clear Containers on HyperV*, VMware*, and GCE* with added improvements to nested virtualization. Clear Containers 3.0 also makes new resource constraints available to support OCI defined use cases (memory and CPU).
cc-runtime(link is external) is now compatible with the OCI(link is external) runtime specification(link is external) and works seamlessly with the Docker* Engine(link is external) pluggable runtime architecture. Clear Containers 3.0 can now also be run using Kubernetes* through CRI-O*(link is external), which is a Kubernetes* Container Runtime Interface (CRI)(link is external) implementation. With CRI-O and Clear Containers 3.0, it is possible to have both trusted and untrusted workloads run safely together in a Kubernetes cluster on bare metal.