kernel version should be 4.19+; recommend version 5.8 for cgroup v2

[pacoxu]

For kernel long term support, see https://wiki.linuxfoundation.org/civilinfrastructureplatform/start and https://endoflife.date/linux

• 4.4 & 4.19 are selected as kernel Super Long Term Support (SLTS), and the Civil Infrastructure Platform will provide support until at least 2026.
  • EDITED removed 4.4 as CIP is not in https://www.kernel.org/category/releases.html and maintained in a different place.
• For cgroup v2, Kubernetes recommends to use 5.8 and later, and in runc docs, the minimal version is 4.15 and 5.2+ is recommended.

Other comments that may be related:

In Kubernetes 1.31, cgroup v1 is moved to maintenance mode and 4.14 LTS EOF in Jan 2024 (linux, LTS) , besides, centos 7 is EOL in June 30, 2024. I chosen 4.15 as runc.

• for kernel minimal version, choosing 4.15 as runc + cgroup v2 https://github.com/opencontainers/runc/blob/3778ae603c706494fd1e2c2faf83b406e38d687d/docs/cgroup-v2.md?plain=1#L24
  • kernel >= 4.15 with CONFIG_CGROUP_DEVICE and CONFIG_CGROUP_BPF is required. From https://github.com/containerd/containerd/pull/3799#issuecomment-555740694.
  • cpu (since Linux 4.15)
• cgroup v2: Kubernetes recommended kernel version https://kubernetes.io/docs/concepts/architecture/cgroups/

More details can be found in https://github.com/kubernetes/kubernetes/issues/116799.

The v1.31 KEP https://github.com/kubernetes/enhancements/issues/4569

• https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/4569-cgroup-v1-maintenance-mode/README.md KEP-4569: Moving cgroup v1 support into maintenance mode

Other minimal kernel version candidates

• kernel 4.5 announced that cgroup v2 is not experimental anymore, as it supports io/pids/memory.
• runc recommends 5.2+ as 5.2 supports freezer.

[pacoxu]

/assign @neolit123 @SataQiu

[pacoxu]

Updated.

[neolit123]

/hold drop the hold if needed.

[pacoxu]

should we create a release after this PR merges?

Yes.

/hold drop the hold if needed.

We may wait for another week or two in case SIG-Node owners have some inputs.

[neolit123]

should we create a release after this PR merges?

Yes.

/hold drop the hold if needed.

We may wait for another week or two in case SIG-Node owners have some inputs.

you should probably give them a ping on slack, or they will miss this.

[pacoxu]

According to some discussions in https://github.com/endoflife-date/endoflife.date/pull/5608#issuecomment-2268591430, the CIP seems to be not in https://www.kernel.org/category/releases.html and maintained in a different place(gitlab) than torvalds/linux.

I prefer to remove the 4.4.* here.

[neolit123]

According to some discussions in endoflife-date/endoflife.date#5608 (comment), the CIP seems to be not in https://www.kernel.org/category/releases.html and maintained in a different place(gitlab) than torvalds/linux.

I prefer to remove the 4.4.* here.

+1 to keep only official lts

[pacoxu]

Updated in commit: update according to kernel official active kernel releases.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: neolit123, pacoxu, SataQiu

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/kubernetes/system-validators/blob/master/OWNERS)~~ [SataQiu,neolit123] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

[pacoxu]

/unhold @neolit123 Could you trigger a release after v1.31.0 is released this week?