EVE is Edge Virtualization Engine 
EVE aims to develop an open, agnostic, and standardized architecture unifying the approach to developing and orchestrating cloud-native applications across the enterprise on-premises edge. It offers users new levels of control through hardware-assisted virtualization of on-prem edge devices. 

LATEST 8.10.0 Release  https://github.com/lf-edge/eve/releases/tag/8.10.0 🎉


📡wwan: Explicitly request IPv4 connection

Without explicitly asking for IPv4 (which we only support for wwan), for some LTE networks the connect request may fail with:

error: couldn't start network: QMI protocol error (14): 'CallFailed'

call end reason (1): generic-unspecified

verbose call end reason (6,50): [3gpp] ipv4-only-allowed

The network returns this error to indicate that only PDN type IPv4 is allowed for the requested PDN connectivity (which we want but need to be explicit about it).

💿Support for ISO format
This PR adds support for ISO format to support attach of iso images to VM to boot from or to install required data from iso. Also, PR contains small refactoring of volumemgr which makes zvol usage configurable for zfs persist type.

🔏Add new signing service at
Applications might want to get some application-specific data signed by EVE-OS so that they can verify it was indeed generated by an app instance running on a particular device.

✉️Bootstrap config protobuf message + config timestamp
Also some high-level documentation is included. However, later there will be a separate markdown document with a detailed description of the newly proposed bootstrapping mechanism (once we figure out all the details).

🎱Enable draid feature for persist pool
We had a bug with mismatch of libzfs and zfs module versions. Let's set draid feature enabled as we started with zfs 2.1.x which supports this feature. With disabled we will see errors from zpool status.

🎛Build zfs libs and binaries in dom0-ztools
We should use the same version of libzfs as we use in the kernel module. Let's add a build of binaries for zfs into dom0-ztools.

🗂Pillar with zfs files from dom0-ztools
We use zpool and zfs in pillar. Let's use binaries we built inside dom0-ztools.

🎉Update functions in the ZFS package that use base.Exec() to get information 

This commit changes the functions in the ZFS package where we used base.Exec() to get information.
After this commit, data will be collected through the go-libzfs.


🛠Fix PCIe BAR allocation on HPE m750
By default, Linux reassigns BAR addresses if there are devices with 64-bit addresses. However, on m750 it fails to assign BAR registers in some HW configurations e.g. P1000 NVIDIA GPU is installed into slot 1. We just force using UEFI assignments in this case. We set it only for m750 to be on a safe side.

🛠use explicit specific version of strongswan in Dockerfile and local file
pkg/strongswan: explicitly specify a version rather than just downloading link to latest. Note that we checked which version we currently are using via the md5 hash and used the same one. This PR does not change the version used, only explicitly references it.

🛠use explicit busybox commit version in pkg/fw
pkg/fw: use an explicit FROM busybox@sha256:<hash> instead of just FROM busybox

🛠Fix dom0-ztools version
Seems version of dom0-ztools changed before the merge of #2746 PR.

🛠Fix live gcp target
We have a problem with live-gcp target because of the wrong directory to find disks.

🛠Some Edgeview enhancements and fixes

GitHub:⭐️359(+1) DockerHub: 300k🚀 (+6397) pulls 
Changelog: https://github.com/lf-edge/eve/compare/8.9.0...8.10.0

8.9.0 Release https://github.com/lf-edge/eve/releases/tag/8.9.0   🎉


🎛Do not defer on subsequent boot
On the first boot we want to defer until the EdgeNodeCerts have been published to the controller, but on a subsequent boot we need to proceed and use a checkpointed config. As part of this we make sure we do not attempt to restart the attestation if we didn't yet try.

📈Increase default turbo-mode clock to 1.8GHz
According to https://www.raspberrypi.com/documentation/computers/config_txt.html#arm_boost-raspberry-pi-4-only newer revisions of the Raspberry Pi 4B are equipped with a second switch-mode power supply for the SoC voltage rail, and this allows the default turbo-mode clock to be increased from 1.5GHz to 1.8GHz. This change should be safe for all such boards.

⛔️Remove alpine edge usage 
We use alpine:edge in pkg/fw which is suboptimal in terms of controlling of versions of software. Let's jump to defined versions of upstream repositories to grub blobs from. Now it reproduces the same logic as we have using alpine:edge.

🎚Enable frequency control support for RPi4
Seems without CONFIG_ARM_RASPBERRYPI_CPUFREQ we use 600MHz in all cases on RPi4.

📄Refactor verification of AuthContainer
This prepares for being able to checkpoint the received configuration with its AuthContainer wrapper.

☑️Checkpoint EdgeDevConfig with AuthContainer
Means we can verify the signature when using the checkpoint

📄Populate meta data API with edge node info
Returns enterprise, project and device information in

GitHub:⭐️358(+0) DockerHub: 294394 (+4620) pulls
Changelog: https://github.com/lf-edge/eve/compare/8.8.0...8.9.0

8.8.0 Release https://github.com/lf-edge/eve/releases/tag/8.8.0   🎉

EVE is Edge Virtualization Engine 

EVE aims to develop an open, agnostic, and standardized architecture unifying the approach to developing and orchestrating cloud-native applications across the enterprise on-premises edge. It offers users new levels of control through hardware-assisted virtualization of on-prem edge devices. 


🎉Update of Eden tests
1. Sync version of eclient across tests
2. Add json format for info and metrics
3. Reduce metrics and config intervals to reduce load
4. Reduce load in switch_net_vlans by and reduce apps and dnsmasq
5. Add root certificate to v2tlsbaseroot
6. Expand volumes test to check no space and recovery from no space
7. Update ROL to support logs
8. Update EVE-OS versions

☁️Run only one EdenGCP at a time 
We are limited in ROL devices, so should limit concurrent runs of EdenGCP workflows. Using a concurrency group we will run one workflow at a time. According to Github’s docs "When a concurrent job or workflow is queued, if another job or workflow using the same concurrency group in the repository is in progress, the queued job or workflow will be pending. Any previously pending job or workflow in the concurrency group will be canceled.". But we use a snapshot version of EVE-OS, so it is expected behavior.

🔒Use lock for PoolOpenAll
Seems the namespace_reload function is expected to not run concurrently on the same handler pointer, we should use lock for iteration functions (PoolOpenAll and DatasetOpenAll).

📡wwan: configure MTU requested by the network
Currently, we leave the default MTU=1500 configured on the wwan interface. However, we should respect the MTU settings required by the network to which the modem has connected.

⚙️Remove chroot for zpool and zfs commands
We have zpool and zfs binaries in pillar, because they are required by snapshotter of the user containerd, so no need to chroot into hostfs.

🎛Update device config API 
Fetch DeviceName, DeviceId, ProjectId, ProjectName, EnterpriseName and EnterpriseId


🛠Fix IP subnet obtained for wwan interface 
During netlink.AddrList() usage, we should check if the interface address is reported with a Peer and if it is, use the subnet mask from the peer. This is the case with Point-to-Point interfaces.

🛠workflows: edenGCP: fix getting console log from RoL
This PR fixes an issue with getting logs from RoL.

Github:⭐️358(+1) DockerHub: 294394 (+3076) pulls
Changelog: https://github.com/lf-edge/eve/compare/8.7.0...8.8.0

EVE 8.7.0 Release  https://github.com/lf-edge/eve/releases/tag/8.7.0


☑️Check zvols existence in zfsmanager 
We can see "Error converting ... to zfs zvol ...: qemu-img failed: exit status 1, qemu-img: Could not open '...': Could not open '...': No such file or directory". We rely on fsnotify and mdev to properly create symlinks to zvols, but seems we should check existence explicitly and publish only if we have zvol. Mdev log indicates that we do add-remove-add sequence, seems we should enforce sequence handling for mdev. Also, we should not use persist publisher as devices may be changed on reboot and should align Key to not have '/' which leads to problems with publishing.

Update containerd runtime to v2 
Containerd runtime v1 is deprecated and we use v2 runtime for linuxkit services. We moved to runtime v2 in the pillar and replace v1 shim with an empty file to reduce space usage. Also, version 1 of config.toml is deprecated, we moved to version 2.

📧Docs and errors about keys with slashes 
We must not use keys with slashes or with a length more than allowed for the file name. We made errors more readable and added notes in docs.

🔧Force unmount container rootfs 
We can see errors with "device or resource busy" when we try to re-start container-based app instances occasionally. We will wait for success in unmounting of rootfs more and try to force unmount the second time.

⚙️Build all HV in one worker and prune 
Usage of distinct workers to build separate HV is sub-optimal as they are different only in rootfs and we spend time building the same set of packages. We will re-use workers. Also, we are possibly limited in space and should remove dangling images if they are not needed.

📉Reduce eve-alpine image size 
We build eve-alpine using layers of the previous eve-alpine. In that case, we end with the sum of layers as they are different. We separated steps to merge all layers into one.

dom0-ztools: Add version command 
Users might not be aware of /run/eve-release file in order to check EVE's running version. This commit adds a "version" option to the eve command line, so users can use the "eve version" to easily retrieve the version from /run/eve-release.

🆔Use pid from start of newlogd and wait 
We start newlogd as a long-running application and do not expect that it will change its PID. Let's check for the touch file as we do it for another agent and increase wait time.

📊Add error collection and metrics for vdev from ZFS 
Collection of I/O metrics for zpool and physical disks included in the zpool (for all types of operations) from ZFS


🛠Fix handling of a disabled lastresort config 
Even when lastresort is disabled by config, we might want to use it in case there is no network configuration available. Recently [1], a PR was merged, which enables lastresort config if persisted DPCL is empty. However, with the first boot of a device, DPCL is obviously empty, but a DPC can be submitted via config partition (override.json) or through a specially formatted USB stick (usb.json). These DPCs are submitted with some small delay, so they do not appear immediately inside DPCL. The idea of this PR is to change the current logic and wait for a minute for any DPC. If no config is available even after one minute then it will forcefully enable lastresort.

🛠Fix diag output when proxy is configured 
With explicit proxy configured, the resolution of the controller's domain name is done by the proxy, not EVE. In some scenarios, it is possible that local DNS server(s) configured for uplink interfaces are (intentionally) unable to translate external endpoints. In such cases, it is expected for the DNS check performed by diag to fail. Therefore it makes sense to skip this check if the explicit proxy is being used.

🛠Fix object provided as argument of DeleteLogObject 
We can see errors "DeleteLogObject: LogObject with mapKey verifyimage_status-... not found in internal map". Seems we must pass the same logBase object as we provide when call EnsureLogObject and NewLogObject. Otherwise, we will not delete objects from logObjectMap.

🛠Fix workerpool test
We seem to have a problem with the worker pool test as GC may run or not run in the background at the time of check for workers’ count. We spread the test work in time and add sleep according to GC intervals.

🛠Fix upgradeconverter test 
We should not use the current directory for pubsub in the test as it will be mounted and we potentially (for example on macOS) will not have the possibility to use sockets there.

🛠pkg/mkimage-raw-efi/make-raw: Fix comments 
Fix some typos and misspellings in the comments.

📄document how to do custom builds 
This document describes how to modify parts of eve-os so you can build a custom image for your purposes.

Github:⭐️357(+2) DockerHub: 291318 (+1893) pulls
Changelog: https://github.com/lf-edge/eve/compare/8.6.0...8.7.0

EVE 8.6.0 Release https://github.com/lf-edge/eve/releases/tag/8.6.0   🎉


Use xz compression for squashfs 
Changing compression from default (gzip) to xz will reduce rootfs size from 247.90 Mbytes down to 208.57 Mbytes. The squashfs compression time increases by about 3 times (from 11 seconds to 33 on my PC), however, this is a one-time image build operation.

Adjust squashfs decompressor options for arm64 
We can use parallel squashfs decompressor (CONFIG_SQUASHFS_DECOMP_MULTI) and decompress directly into the page cache (CONFIG_SQUASHFS_FILE_DIRECT) to speedup read of squashfs

🛠Simplify GRUB development process 
If pkg/grub/grub folder exists use it instead of cloning all necessary patches should be applied manually before making changes and either ./bootstrap or ./autogen.sh must be executed

📉Reduce Process and NI metric tickers 
CPU profiling indicates that gatherProcessMetricList and getNetworkMetrics are not as cheap operations as it might seem. We reduced calls and make tickers aware of publishing metrics global options.

📈Increase ctrd memory limit 
Moving to the second instance of containerd require enlarge of cgroups limit, seems we miss enlarge of /eve/containerd 

🔐Enable TPM in UEFI 
In terms of using TPM devices with QEMU, we enabled support inside UEFI 

📡Add support for AX210 WiFi 
Contributed by Zeljko.Misic@o-s.de


😉 No disk led blinking on VMware 
We have no LEDs in a virtual machine, so we will not stress the disk

🛠Fix usage calculation for zfs 
We should use information from zfs to calculate the usage of /persist/vault/volumes as we use zvol devices not placed in that directory. 


📄document pubsub 
pubsub is the library that handles object in-memory storage, the persistence of such data, and notification to other interested processes of changes to the data.

Github:⭐️355(+1) DockerHub: 291318 (+2154) pulls
Changelog: https://github.com/lf-edge/eve/compare/8.5.0...8.6.0

8.5.0 Release https://github.com/lf-edge/eve/releases/tag/8.5.0🎉


🎉support Edge-View container on EVE 
this runs as an 'edgeview' container inside EVE, for access into EVE, the Apps and its site routable Apps

💿use sparced write while rolling out image to zvol 
It takes forever to write huge amount of data to the disk. The limit for the qemu-img operation was 16 minutes, which was not even close to being enough for flashing 2TiB of data. Assuming that zvol is created with all zeroes, we can instruct qemu-img to skip writing zeroes. This drastically speeds up the process of rolling out the image, as qcow2 almost never contains data to fill the target volume entirely. Also in case we indeed have to flash a lot of data to the disk, this patch increases timeout up to 2 hours.

📡Properly report NTP server used for network with static config 
For networks with static IP configurations, there is a different field inside DNS used to store the address of the assigned NTP server. GetNTPServers should therefore differentiate between statically configured and DHCP-based networks, and report the assigned NTP server(s) accordingly. 

🔨pillar: introduce debug build 
With this series, one can build Eve’s image with some extra debug capabilities. For now, this includes a pillar with debug symbols, and delve is included in the pillar container.


🛠Eden tests cleanup 
It seems we spend time more than limit for testing, so:

🛠 Fix dhcpcd arguments for static IP config  
With static IP configuration, dhcpcd should directly assign a given IP address to an interface, instead of requesting it from a DHCP server (which may not even be present in the network or may give a different address). This is actually a new bug introduced by NIM refactoring, which slipped through manual testing. This reinforces, even more, the need to enhance eden and allow to automatically test all kinds of network scenarios for regression (currently we only test DHCP).


update the docs with instruction how to use dev builds 
Eve can be built in "development" mode, by specifying `DEV=y` flag. Currently, this affects only the pillar package. Specifically, the pillar is built with debug symbols and includes https://github.com/go-delve/delve.

Github:⭐️354(+2) DockerHub: 289164 (+3132) pulls
Changelog: https://github.com/lf-edge/eve/compare/8.4.0...8.5.0 

8.3.0 Release https://github.com/lf-edge/eve/releases/tag/8.3.0 🎉


🚥Expose WWAN-related status information to apps via metadata server 

Provided that the device has at least one cellular modem visible to EVE (i.e. not assigned directly to an application), JSON-formatted WWAN status information is made available to all applications on the `/eve/v1/network/wwan/status.json` endpoint. This includes information about the installed cellular equipment (modem(s) and SIM card(s)), identity information (IMEI, IMSI, ICCID), available network providers (PLMNs), and more.

💿 Use kernel command line to deploy zfs in live img 

We are forced to rebuild the EVE with zfs in the version to use zfs with live images. To generalize extraction of images from existing docker image of EVE we should use options that we can configure with grub options. This PR will deploy zfs persist partition when we will start live image with eve_install_zfs_with_raid_level defined in kernel cmdline.

📡Expose cellular metrics for LPS 

Added cellular metrics (packet counters and signal strength) to the "/api/v1/radio" endpoint of the Local Profile Server (LPS).

🛠 Fix TestWireless from dpcmanager package 
TestWireless may fail if the reading of DNS content from inside of the test overlaps with updates made by DPCManager. This can be prevented by reading published DNS (via pubsub) as opposed to accessing DNS directly in memory. Additionally, the test should wait for RadioSilence.ChangeInProgress to turn false before checking values of other RadioSilence attributes.

🛠 Fix documentation for AppInfo LPS endpoint 
Minor changes in documentation

Github:⭐️350(+3) DockerHub: 286032 (+2665) pulls
Changelog: https://github.com/lf-edge/eve/compare/8.2.0...8.3.0 


The EVE Design Summit is taking place on June 23 in Berlin, Germany. Top EVE developers and contributors will collaborate with industry users and community members to plan the way forward. An open-source community keynote will be followed by lunch, then we’ll complete the remaining technical expert talks and break into groups to strategize for the future. We’ll wrap the day with an evening social event.

8.2.0 Release https://github.com/lf-edge/eve/releases/tag/8.2.0🎉 


🎛 wwan: Replace uqmi with qmicli 
This is due to a limitation of the QMI protocol and the linux driver qmi_wwan, which require that there is at most one client talking to the modem. For this reason, qmicli provides a proxy that multiplexes multiple requests under one session. But uqmi is not able to use this proxy, therefore we have to completely migrate from uqmi to qmicli.

🔓Send empty escrow key if TPM not enabled 
To complete the attestation sequence we should send EncryptedVaultKeyFromDevice. Let’s leave data empty to indicate that we do not want to send it to the controller(if no TPM is enabled).

☑️ DPC verify: more sensitive handling of DNS errors 
In this case, the DPC manager should wait instead of falling back to the previous DPC. But to detect this, Send* functions inside the cloud had to be improved to return an error value that allows unwrapping errors from all the send attempts.

🚦Add shutdown command to EdgeDevConfig 
We added support to shutdown node gracefully to EdgeDevConfig. 


🚦 Add shutdown/shutdown-poweroff commands to LPS API 
We added DevInfo to the Local Profile API documentation. Publish the current state of the device to the local server and optionally obtain a command to execute.

🎛 Add document to list supported RAID configuration 
ZFS provides a rich set of functionality but at a cost of extra resource usage. We added a table of RAID configurations for GRUB.


🛠 Fix acl test to handle multiple IPs from dig 
Dig command may return several IPs to properly handle them during the creation of the network we should join lines from output into one with a comma separator.

🛠 Fix accidental loop for poweroff command 
This was introduced in PR #2609 and discovered as part of the review for PR #2610

🛠 Fix attestation restart on 403 config response 
We should restart attestation on 403 code as config response and this code is assumed as an error, so we should move handling to the proper place inside error from SendOnAllIntf handling.

🛠 Do not restart a crashed VM within the handleModify function. 
We added a check for `status.HasError()` in the condition in the `handleModify` function to eliminate the restart of crashed VM earlier than in `config.timer.reboot` seconds.

Github:⭐️347(+3) DockerHub: 282591(+1585) pulls
Changelog: https://github.com/lf-edge/eve/compare/8.0.0...8.1.0 


The EVE Design Summit is taking place on June 23 in Berlin, Germany. Top EVE developers and contributors will collaborate with industry users and community members to plan the way forward. An open-source community keynote will be followed by lunch, then we’ll complete the remaining technical expert talks and break into groups to strategize for the future. We’ll wrap the day with an evening social event.

8.1.0 Released https://github.com/lf-edge/eve/releases/tag/8.1.0  🎉 


📍Geographic coordinates reported by EVE #2600
EVE is able to obtain location information from a GNSS receiver integrated into an LTE modem. 
This information is then propagated to 3 destinations:

By default, location reporting is disabled and has to be explicitly enabled under the cellular configuration.
Learn more https://wiki.lfedge.org/display/EVE/GPS+coordinates+exposed+by+EVE 

🎛 add edgeview container/api doc 
Edge-View as a service on EVE, it needs to receive/update user configurations from the controller; and it needs to send/update Edge-View running status to the controller.

proto changes for app delay start interval  && application instance staggered start built proto files 
The crux of this feature is to introduce a delay between the time EVE is ready to process application instance configuration and the time the application is started. This delay interval should be added per application instance.
⬇️Remove /config/uuid compatibility for downgrade to older than 5.21 
This includes removing some old unneeded code and relying on the 5-second timer when we have a UUID. Also, remove the /config/uuid compatibility for a downgrade to older than 5.21.
🛠Fix leaking locked mutex in netmonitor  
watcher of LinuxNetworkMonitor would leave the mutex in a locked state in some cases, causing DPC Manager to deadlock.
📺Add missing iptables rule to allow local VNC traffic 

Github:⭐️344(+2) DockerHub: 282591(+861) pulls
Changelog: https://github.com/lf-edge/eve/compare/8.0.0...8.1.0 




7.11.0 Released https://github.com/lf-edge/eve/releases/tag/7.11.0 



Github:⭐️340(+1) stars 121(+3) forks DockerHub: 280472(+1351)pulls🚀
Changelog: https://github.com/lf-edge/eve/compare/7.11.0...8.0.0

7.10.0 Released https://github.com/lf-edge/eve/releases/tag/7.10.0 


Github:⭐️339 stars 119(+1) forks DockerHub: 279121(+ 1606) pulls🚀
Changelog: https://github.com/lf-edge/eve/compare/7.9.0...7.10.0 

7.9.0 Released https://github.com/lf-edge/eve/releases/tag/7.9.0 



Github:⭐️339(+2) stars 118 forks DockerHub: 277515(+1190) pulls🚀
Changelog: https://github.com/lf-edge/eve/compare/7.8.0...7.9.0

7.8.0 Released https://github.com/lf-edge/eve/releases/tag/7.9.0 



Github:⭐️337 stars 118 forks DockerHub: 276325 pulls🚀
Changelog: https://github.com/lf-edge/eve/compare/7.7.0...7.8.0 

7.7.0 Released https://github.com/lf-edge/eve/releases/tag/7.7.0 



Changelog: https://github.com/lf-edge/eve/compare/7.6.0...7.7.0 

EVE 7.6.0  https://github.com/lf-edge/eve/releases/tag/7.6.0



Full Changelog: https://github.com/lf-edge/eve/compare/7.5.0...7.6.0 

EVE 7.5.0  https://github.com/lf-edge/eve/releases/tag/7.5.0 




Full Changelog: https://github.com/lf-edge/eve/compare/7.4.0...7.5.0 

EVE 7.4.0  https://github.com/lf-edge/eve/releases/tag/7.4.0 




Full Changelog : https://github.com/lf-edge/eve/compare/7.3.0...7.4.0 

EVE 6.10.0 https://github.com/lf-edge/eve/releases/tag/6.10.0 



Full Changelog : https://github.com/lf-edge/eve/compare/6.9.0...6.10.0