Skip to content

Releases: containerd/containerd

containerd 2.0.0-rc.3

14 Jun 13:51
v2.0.0-rc.3
27de5fe
Compare
Choose a tag to compare
containerd 2.0.0-rc.3 Pre-release
Pre-release

Welcome to the v2.0.0-rc.3 release of containerd!
This is a pre-release of containerd

The first major release of containerd 2.x focuses on the continued stability of
containerd's core feature set with an easy upgrade from containerd 1.x. This
release includes the stabilization of new features added in the last 1.x release
as well as the removal of features which were deprecated in 1.x. The goal is to
support the vast community of containerd users well into the future along with
their ever increasing deployment footprints and variety of use cases.

Highlights

  • Preserve Unprivileged locked flags during remount of bind mounts (#10200)
  • Add api Go module and move all protos under api (#10151)
  • Configure otel from env instead of config.toml (#8970)
  • Fix config import relative path glob (#9746)
  • Enable NRI by default (#9744)
  • Add PluginInfo to introspection API (#9442)
  • Remove overlayfs volatile option on temp mounts (#9555)
  • Move packages based on contributing guide (#9365)
  • Expose usage of deprecated features (#9258)
  • Use Intel ISA-L's igzip if available (#9200)
  • Generalize plugin library (#9214)
  • Introduce top level config migration (#9223)
  • Add image delete target (#8989)
  • Remove LimitNOFILE from containerd.service (#8924)
  • Use github.com/containerd/log (#9086)
  • Add support for image expiration during garbage collection (#9022)
  • Reduce the contention between ref lock and boltdb lock in content store (#8792)
  • Remove "containerd.io/restart.logpath" label (#8264)
  • Remove aufs snapshotter (#8263)
  • Fix deadlock during NRI plugin registration (containerd/nri#79)
  • Fix deadlock when writing to pipe blocks (containerd/ttrpc#168)

Container Runtime Interface (CRI)

  • Add support to set loopback to up (#10238)
  • Add support for multiple subscribers to CRI container events (#9661)
  • Enable CDI by default (#9621)
  • Remove non-sandboxed CRI implementation (#9228)
  • Add support for userns in stateless and stateful pods with idmap mounts (KEP-127, k8s >= 1.27) (#8287)
  • Use sandboxed CRI by default (#8994)
  • Implement RuntimeConfig CRI call (#8722)
  • Add support for user namespaces (KEP-127) (#8803)
  • Remove CRI v1alpha2 (#8276)

Image Distribution

  • Skip "unknown" in image platform listing (#10257)
  • Update unpacker to fetch all provided content (#10202)
  • Enable Transfer service API to support plain HTTP (#10024)
  • Enable Transfer service to use registry configuration directory (#9908)
  • Disable the support for Schema 1 images (#9765)
  • Update Transfer service to add OCI descriptors to Progress structure (#9630)
  • Update import and export to allow references to missing content (#9554)
  • Add option to perform syncfs after pull (#9401)
  • Add image verifier transfer service plugin system based on a binary directory (#8493)

Runtime

  • Provide runtime options in plugin info (#10251)
  • Store bootstrap parameters in sandbox metadata (#9736)
  • Update apparmor to allow confined runc to kill containers (#10123)
  • Support vsock connection to task api (#9738)
  • Update RuntimeDefault seccomp profile to disallow io_uring related syscalls (#9320)
  • Switch runc shim to task service v3 and fix restore (#9233)
  • Add sandboxer configuration and move sandbox controllers to plugins (#8268)
  • Add annotations to CreateSandbox request (#8960)
  • Add SandboxMetrics (#8680)
  • Publish sandbox events (#8602)
  • Remove the CriuPath field from runc's options (#8279)
  • Remove support for config.toml version = 1 (#8275)
  • Remove io.containerd.runtime.v1.linux and io.containerd.runc.v1 (#8262)

Security Advisories

Breaking

  • Disable the support for Schema 1 images (#9765)
  • Update RuntimeDefault seccomp profile to disallow io_uring related syscalls (#9320)
  • Move client to subpackage (#9316)
  • Remove LimitNOFILE from containerd.service (#8924)
  • Remove CRI v1alpha2 (#8276)
  • Remove io.containerd.runtime.v1.linux and io.containerd.runc.v1 (#8262)
  • Remove "containerd.io/restart.logpath" label (#8264)
  • Remove aufs snapshotter (#8263)

Deprecations

  • Add type alias for event Envelope (#10279)
  • Postpone removal of deprecated CRI config properties (#9966)
  • Deprecate go-plugin configuration option (#9238)
  • CNI conf_template in CRI is no longer deprecated (#8637)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Akihiro Suda
  • Maksym Pavlenko
  • Wei Fu
  • Phil Estes
  • Sebastiaan van Stijn
  • Samuel Karp
  • Stefan Berger
  • Kazuyoshi Kato
  • Rodrigo Campos
  • Danny Canter
  • Abel Feng
  • Gabriel Adrian Samfira
  • Kirtana Ashok
  • Austin Vazquez
  • Iceber Gu
  • Kohei Tokunaga
  • Mike Brown
  • Krisztian Litkey
  • Akhil Mohan
  • Jin Dong
  • Bjorn Neergaard
  • rongfu.leng
  • Justin Chadwell
  • James Sturtevant
  • Paul "TBBle" Hampson
  • Davanum Srinivas
  • Enrico Weigelt
  • Brian Goff
  • Henry Wang
  • Paweł Gronowski
  • Hsing-Yu (David) Chen
  • Ilya Hanov
  • Laura Brehm
  • Marat Radchenko
  • Cardy.Tang
  • Shingo Omura
  • Aditi Sharma
  • Bryant Biggs
  • Evan Lezar
  • Jordan Liggitt
  • Kay Yan
  • Markus Lehtonen
  • Nashwan Azhari
  • Shuaiyi Zhang
  • Vinayak Goyal
  • helen
  • Alexandru Matei
  • Amit Barve
  • Anthony Nandaa
  • Charity Kathure
  • Ed Bartosh
  • Etienne Champetier
  • James Jenkins
  • Kevin Parsons
  • Milas Bowman
  • Swagat Bora
  • yanggang
  • Aditya Ramani
  • Adrian Reber
  • Amir M. Ghazanfari
  • Artem Khramov
  • Avi Deitcher
  • Brad Davidson
  • Chen Yiyang
  • Christian Muehlhaeuser
  • Cory Snider
  • Djordje Lukic
  • Edgar Lee
  • Ethan Lowman
  • Jiang Liu
  • June Rhodes
  • Lucas Rattz
  • Mahamed Ali
  • Maksim An
  • Michael Crosby
  • Peteris Rudzusiks
  • Sam Edwards
  • Samruddhi Khandale
  • Steve Griffith
  • Tony Fang
  • VERNOU Cédric
  • hang.jiang
  • jerryzhuang
  • lengrongfu
  • ningmingxiao
  • roman-kiselenko
  • zhanluxianshen
  • zounengren
  • Aaron Lehmann
  • Adrien Delorme
  • Alex Couture-Beil
  • Alex Ellis
  • Alex Rodriguez
  • Angelos Kolaitis
  • Antonio Huete Jimenez
  • Arash Haghighat
  • Ben Foster
  • Bin Tang
  • Bin Xin
  • BinBin He
  • Brennan Kinney
  • Changqing Li
  • ChengenH
  • ChengyuZhu6
  • Christian Stewart
  • Craig Ingram
  • Daisy Rong
  • David Porter
  • Derek Nola
  • Eng Zer Jun
  • Fabiano Fidêncio
  • Fahed Dorgaa
  • Gary McDonald
  • Iain Macdonald
  • James Lakin
  • Jan Dubois
  • Jaroslav Jindrak
  • Jiongchi Yu
  • Julien Balestra
  • Kern Walster
  • Kirill A. Korinsky
  • Konstantin Khlebnikov
  • Michael Zappa
  • Pan Yibo
  • Qasim Sarfraz
  • Qiutong Song...
Read more

containerd 1.7.18

05 Jun 02:34
v1.7.18
ae71819
Compare
Choose a tag to compare

Welcome to the v1.7.18 release of containerd!

The eighteenth patch release for containerd 1.7 contains various updates along
with an updated version of Go. Go 1.22.4 and 1.21.11 include a fix for a symlink
time of check to time of use race condition during directory removal.

Highlights

  • Update Go version to 1.21.11 (#10298)
  • Remove uses of platforms.Platform alias (#10277)
  • Migrate log imports to github.com/containerd/log (#10269)
  • Migrate errdefs package to github.com/containerd/errdefs (#10266)
  • Fix usage of "unknown" platform (#10261)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Sebastiaan van Stijn
  • Akhil Mohan
  • Austin Vazquez
  • Phil Estes

Changes

16 commits

  • Prepare release notes for v1.7.18 (#10301)
    • 9426aab62 Prepare release notes for v1.7.18
  • Update Go version to 1.21.11 (#10298)
  • Remove uses of platforms.Platform alias (#10277)
    • 1e3c662d6 [release/1.7] remove uses of platforms.Platform alias
  • Migrate log imports to github.com/containerd/log (#10269)
    • 0af6825b1 migrate logs imports to github.com/containerd/log module
  • Migrate errdefs package to github.com/containerd/errdefs (#10266)
    • 308341a44 replace uses of github.com/containerd/containerd/errdefs
    • 47ff8cfce migrate errdefs package to github.com/containerd/errdefs module
  • Fix usage of "unknown" platform (#10261)
    • f4d11912a core/image: fix usage of "unknown" platform
  • Explicitly set release latest to true (#10265)
    • 5b0480009 Explicitly set release latest to true
    • d669b100d build(deps): bump softprops/action-gh-release from 1 to 2

Changes from containerd/errdefs

6 commits

Dependency Changes

  • github.com/containerd/errdefs v0.1.0 new
  • google.golang.org/genproto b8732ec3820d -> e6e6cdab5c13
  • google.golang.org/genproto/googleapis/api b8732ec3820d -> 007df8e322eb
  • google.golang.org/genproto/googleapis/rpc b8732ec3820d -> d307bd883b97

Previous release can be found at v1.7.17

containerd 1.6.33

05 Jun 01:54
v1.6.33
d2d5821
Compare
Choose a tag to compare

Welcome to the v1.6.33 release of containerd!

The thirty-third patch release for containerd 1.6 contains various updates along
with an updated version of Go. Go 1.22.4 and 1.21.11 include a fix for a symlink
time of check to time of use race condition during directory removal.

Highlights

  • Update Go version to 1.21.11 (#10299)
  • Migrate log imports to github.com/containerd/log (#10271)
  • Migrate errdefs package to github.com/containerd/errdefs (#10267)
  • Fix usage of "unknown" platform (#10268)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Phil Estes
  • Sebastiaan van Stijn
  • Akhil Mohan
  • Austin Vazquez
  • Samuel Karp

Changes

14 commits

  • Prepare release notes for v1.6.33 (#10300)
    • 97e059626 Prepare release notes for v1.6.33
  • Update Go version to 1.21.11 (#10299)
    • da9a04e54 Includes fix for a symlink race on remove
  • Migrate log imports to github.com/containerd/log (#10271)
    • a389bb305 migrate logs imports to github.com/containerd/log module
  • Migrate errdefs package to github.com/containerd/errdefs (#10267)
    • 615fb03e4 replace uses of github.com/containerd/containerd/errdefs
    • c83be1b9e migrate errdefs package to github.com/containerd/errdefs module
  • Fix usage of "unknown" platform (#10268)
    • d4d489496 core/image: fix usage of "unknown" platform
  • Explicitly set release latest to false (#10263)
    • 5eaf5f881 Explicitly set release latest to false
    • b51f7445d build(deps): bump softprops/action-gh-release from 1 to 2

Changes from containerd/errdefs

6 commits

Dependency Changes

  • github.com/containerd/errdefs v0.1.0 new

Previous release can be found at v1.6.32

containerd API 1.8.0-rc.2

29 May 22:20
api/v1.8.0-rc.2
080d35b
Compare
Choose a tag to compare
Pre-release

Welcome to the api/v1.8.0-rc.2 release of containerd!
This is a pre-release of containerd

The first dedicated release for the containerd API. This release continues the 1.x
line of API compatibility with the 9th minor release of the 1.x API.

Highlights

  • Add type alias for event Envelope (#10279)
  • Add api Go module and move all protos under api (#10151)
  • Add PluginInfo to introspection API (#9442)
  • Expose usage of deprecated features (#9258)
  • Add image delete target (#8989)

Image Distribution

  • Enable Transfer service API to support plain HTTP (#10024)
  • Enable Transfer service to use registry configuration directory (#9908)
  • Update Transfer service to add OCI descriptors to Progress structure (#9630)
  • Add option to perform syncfs after pull (#9401)

Runtime

  • Store bootstrap parameters in sandbox metadata (#9736)
  • Add sandboxer configuration and move sandbox controllers to plugins (#8268)
  • Add annotations to CreateSandbox request (#8960)
  • Add SandboxMetrics (#8680)
  • Publish sandbox events (#8602)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Maksym Pavlenko
  • Akihiro Suda
  • Wei Fu
  • Abel Feng
  • Danny Canter
  • Phil Estes
  • Samuel Karp
  • Kohei Tokunaga
  • Akhil Mohan
  • Bryant Biggs
  • Davanum Srinivas
  • Iceber Gu
  • Kirtana Ashok
  • Sebastiaan van Stijn

Changes

57 commits

  • Add type alias for event Envelope (#10279)
    • 3e71ccafc Add type alias for event Envelope
  • Update api minimum Go version to 1.21 (#10276)
    • 359d84351 Update api minimum go version to 1.21
  • Prepare release notes for api/v1.8.0-rc.0 (#10167)
    • 55fcebffc Prepare release notes for api/v1.8.0
  • Add api Go module and move all protos under api (#10151)
  • Store bootstrap parameters in sandbox metadata (#9736)
    • de38490ed sandbox: merge address and protocol to one url
    • f6e0cf189 sandbox: add address info in Start and Status response
  • Enable Transfer service API to support plain HTTP (#10024)
    • 433279438 Transfer: Registry: Enable plain HTTP
  • Enable Transfer service to use registry configuration directory (#9908)
    • 7a3b7fba5 Transfer: Registry: Enable to use registry configuration diretory
  • Generate proto services with go-ttrpc (#7609)
    • f0e874941 Add ttrpc generated services
    • 65031eade Update protobuild to build ttrpc services
  • Add OSVersion to platform protobuf (#9733)
    • 5aa05481d Add OSVersion to platform protobuf
  • Move Message proto to types (#9742)
  • refactor: move plugin/fieldpath to api/types/ (#9687)
    • b16e3572a refactor: move plugin/fieldpath to api/types/
  • Add PluginInfo to introspection API (#9442)
    • 22d586e51 api/services/instrospection: add PluginInfo
  • Update Transfer service to add OCI descriptors to Progress structure (#9630)
    • a2472c0b5 transfer: add OCI descriptors to Progress structure
  • Add option to perform syncfs after pull (#9401)
    • bd5c602c4 api: introduce sync_fs to diff.ApplyRequest
  • Containerd v2 module (#9306)
    • 5fdf55e49 Update go module to github.com/containerd/containerd/v2
  • Expose usage of deprecated features (#9258)
    • 57c897f10 api/introspection: deprecation warnings in server
  • Add sandboxer configuration and move sandbox controllers to plugins (#8268)
    • d2d434b7d sandbox: add all sandbox information to Create method
    • f372b3501 sandbox: add sandboxer field of sandbox requests
  • Add image delete target (#8989)
    • f8fb2dad3 api: update image service to support target in delete request
  • fix: Add containerd to the message type reference (#9126)
    • 42eee8bf0 fix: Add containerd to the message type reference
  • platforms: isolate from errdefs and api dependencies (#9095)
    • e916d77c8 platforms: move ToProto, FromProto to api/types
  • Add annotations to CreateSandbox request (#8960)
    • 939ccbed4 Sandbox: Add annotations to CreateSandbox surface
  • archive: use 1970-01-01 as the whiteout timestamp (#8764)
    • 5dedb6d0d archive: use 1970-01-01 as the whiteout timestamp
  • Add SandboxMetrics (#8680)
    • d278d37ca Sandbox: Add Metrics rpc for controller
    • d56722ef2 Sandbox: Add SandboxMetrics rpc
  • Publish sandbox events (#8602)
  • Cleanup protobuild config (#8278)

Dependency Changes

  • github.com/containerd/ttrpc v1.2.1 -> v1.2.3
  • github.com/containerd/typeurl/v2 v2.1.0 -> v2.1.1
  • github.com/golang/protobuf v1.5.2 -> v1.5.3
  • github.com/opencontainers/image-spec 3a7f492d3f1b -> v1.1.0
  • **github.com/sirupsen/l...
Read more

containerd 1.6.32

22 May 18:51
v1.6.32
8b3b7ca
Compare
Choose a tag to compare

Welcome to the v1.6.32 release of containerd!

The thirty-second patch release for containerd 1.6 contains various fixes and updates.

Highlights

  • Handle unsupported config versions (#10234)
  • Preserve CL_UNPRIVILEGED locked flags during remount of bind mounts (#10212)
  • Update metadata snapshotter to lease on already exists (#10199)
  • Update apparmor template to allow confined runc to kill containers (#10130)
  • Prevent GC from schedule itself with 0 period. (#10103)
  • Configure otel from env instead of config.toml (#9993)

Container Runtime Interface (CRI)

  • Fix snapshotter root path when not under containerd root (#10127)
  • Fix CreatedAt time set to 269 years ago if create network failed (#10119)
  • Fix unexpected order of mounts (#10045)

Image Distribution

  • Update HTTP fallback to better account for TLS timeout and previous attempts (#10113)
  • Fix use of invalid token on retry fetching layer (#10064)

Deprecations

  • Configure otel from env instead of config.toml (#9993)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Stefan Berger
  • Derek McGowan
  • Austin Vazquez
  • Kazuyoshi Kato
  • Phil Estes
  • Brian Goff
  • Akihiro Suda
  • Maksym Pavlenko
  • Danny Canter
  • Samuel Karp
  • Alexandru Matei
  • Bin Tang
  • Brandon Lum
  • Bryant Biggs
  • Jimmy Hsiao
  • Kirill A. Korinsky
  • Paweł Gronowski
  • Sebastiaan van Stijn
  • Swagat Bora
  • Tomáš Virtus
  • Tony Fang
  • 张钰
  • 沈陵

Changes

53 commits

  • Prepare release notes for v1.6.32 (#10255)
    • 085dc4c0d Prepare release notes for v1.6.32
  • Bump hcsshim and go-winio for go1.22 compat (#10245)
    • 06724baad Bump go-winio to fix struct alignment on go1.22
    • b2fdf63b7 Update hcsshim for go1.22 fixes
  • Handle unsupported config versions (#10234)
    • 38607b59c Add check for unsupported config versions
  • Preserve CL_UNPRIVILEGED locked flags during remount of bind mounts (#10212)
    • c65da6997 Preserve CL_UNPRIVILEGED locked flags during remount of bind mounts
  • vendor: github.com/containerd/imgcrypt@v1.1.8 (#10216)
    • 6951203b1 vendor: github.com/containerd/imgcrypt@v1.1.8
  • vendor: golang.org/x/net@v0.23.0 (#10214)
  • Update tooling to Go 1.21.10, 1.22.3 for net/http bug fixes (#10208)
    • 5b4facbd6 Update toolchain to Go 1.21.10 and 1.22.3
  • Update metadata snapshotter to lease on already exists (#10199)
    • 57860c1b6 Add lease test for metadata snapshotter
    • b095401df Update metadata snapshotter to lease on exists
  • Update image-spec (#10185)
    • fd8d35752 Update image-spec to v1.1.0
    • 89b975d81 go.mod: github.com/opencontainers/image-spec v1.1.0-rc3
  • Fix snapshotter root path when not under containerd root (#10127)
    • f3e8b2ca1 CRI: "Fix" imageFSPath behavior
    • 68db74d19 Snapshotters: Export the root path
    • cd9b74640 Add exports to proxy plugin config
    • 83cf026b2 Add platform config to proxy plugins
  • Update apparmor template to allow confined runc to kill containers (#10130)
    • 63c41d003 apparmor: Allow confined runc to kill containers
  • Update HTTP fallback to better account for TLS timeout and previous attempts (#10113)
    • b12c3b0c8 Add deprecated HTTPFallback for package compatibility
    • 239955890 Update HTTPFallback to handle tls handshake timeout
    • b2a0ac0b4 Remove empty default tls configuration in ctr
  • update to go1.21.9, go1.22.2 (#10117)
  • Fix CreatedAt time set to 269 years ago if create network failed (#10119)
    • c809fa268 pod: CreatedAt time will be 269 years ago while creating cri network failed.
  • Prevent GC from schedule itself with 0 period. (#10103)
    • 6ddec44bd Prevent GC from schedule itself with 0 period.
  • Configure otel from env instead of config.toml (#9993)
  • Fix use of invalid token on retry fetching layer (#10064)
    • f1a14a12a fix bug that using invalid token to retry fetching layer
  • Fix unexpected order of mounts (#10045)
    • 9701cf998 fix(cri): fix unexpected order of mounts since go 1.19

Changes from containerd/imgcrypt

89 commits

  • CHANGES: Updated CHANGES document for 1.1.8 release (containerd/imgcrypt#122)
    • 956b4d3 CHANGES: Updated CHANGES document for 1.1.8 release
  • Synchronize enc-ctr with upstream ctr from containerd v1.6.23 and use containerd v1.6.23 in dependency ([containerd/imgcrypt#120](https...
Read more

containerd 2.0.0-rc.2

17 May 20:35
v2.0.0-rc.2
28b77e3
Compare
Choose a tag to compare
containerd 2.0.0-rc.2 Pre-release
Pre-release

Welcome to the v2.0.0-rc.2 release of containerd!
This is a pre-release of containerd

The first major release of containerd 2.x focuses on the continued stability of
containerd's core feature set with an easy upgrade from containerd 1.x. This
release includes the stabilization of new features added in the last 1.x release
as well as the removal of features which were deprecated in 1.x. The goal is to
support the vast community of containerd users well into the future along with
their ever increasing deployment footprints and variety of use cases.

Highlights

  • Preserve Unprivileged locked flags during remount of bind mounts (#10200)
  • Add api Go module and move all protos under api (#10151)
  • Configure otel from env instead of config.toml (#8970)
  • Fix config import relative path glob (#9746)
  • Enable NRI by default (#9744)
  • Add PluginInfo to introspection API (#9442)
  • Remove overlayfs volatile option on temp mounts (#9555)
  • Move packages based on contributing guide (#9365)
  • Expose usage of deprecated features (#9258)
  • Use Intel ISA-L's igzip if available (#9200)
  • Generalize plugin library (#9214)
  • Introduce top level config migration (#9223)
  • Add image delete target (#8989)
  • Remove LimitNOFILE from containerd.service (#8924)
  • Use github.com/containerd/log (#9086)
  • Add support for image expiration during garbage collection (#9022)
  • Reduce the contention between ref lock and boltdb lock in content store (#8792)
  • Remove "containerd.io/restart.logpath" label (#8264)
  • Remove aufs snapshotter (#8263)
  • Fix deadlock during NRI plugin registration (containerd/nri#79)
  • Fix deadlock when writing to pipe blocks (containerd/ttrpc#168)

Container Runtime Interface (CRI)

  • Add support for multiple subscribers to CRI container events (#9661)
  • Enable CDI by default (#9621)
  • Remove non-sandboxed CRI implementation (#9228)
  • Add support for userns in stateless and stateful pods with idmap mounts (KEP-127, k8s >= 1.27) (#8287)
  • Use sandboxed CRI by default (#8994)
  • Implement RuntimeConfig CRI call (#8722)
  • Add support for user namespaces (KEP-127) (#8803)
  • Remove CRI v1alpha2 (#8276)

Image Distribution

  • Update unpacker to fetch all provided content (#10202)
  • Enable Transfer service API to support plain HTTP (#10024)
  • Enable Transfer service to use registry configuration directory (#9908)
  • Disable the support for Schema 1 images (#9765)
  • Update Transfer service to add OCI descriptors to Progress structure (#9630)
  • Update import and export to allow references to missing content (#9554)
  • Add option to perform syncfs after pull (#9401)
  • Add image verifier transfer service plugin system based on a binary directory (#8493)

Runtime

  • Store bootstrap parameters in sandbox metadata (#9736)
  • Update apparmor to allow confined runc to kill containers (#10123)
  • Support vsock connection to task api (#9738)
  • Update RuntimeDefault seccomp profile to disallow io_uring related syscalls (#9320)
  • Switch runc shim to task service v3 and fix restore (#9233)
  • Add sandboxer configuration and move sandbox controllers to plugins (#8268)
  • Add annotations to CreateSandbox request (#8960)
  • Add SandboxMetrics (#8680)
  • Publish sandbox events (#8602)
  • Remove the CriuPath field from runc's options (#8279)
  • Remove support for config.toml version = 1 (#8275)
  • Remove io.containerd.runtime.v1.linux and io.containerd.runc.v1 (#8262)

Security Advisories

Breaking

  • Disable the support for Schema 1 images (#9765)
  • Update RuntimeDefault seccomp profile to disallow io_uring related syscalls (#9320)
  • Move client to subpackage (#9316)
  • Remove LimitNOFILE from containerd.service (#8924)
  • Remove CRI v1alpha2 (#8276)
  • Remove io.containerd.runtime.v1.linux and io.containerd.runc.v1 (#8262)
  • Remove "containerd.io/restart.logpath" label (#8264)
  • Remove aufs snapshotter (#8263)

Deprecations

  • Postpone removal of deprecated CRI config properties (#9966)
  • Deprecate go-plugin configuration option (#9238)
  • CNI conf_template in CRI is no longer deprecated (#8637)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Akihiro Suda
  • Maksym Pavlenko
  • Wei Fu
  • Phil Estes
  • Sebastiaan van Stijn
  • Samuel Karp
  • Kazuyoshi Kato
  • Rodrigo Campos
  • Danny Canter
  • Abel Feng
  • Gabriel Adrian Samfira
  • Kirtana Ashok
  • Iceber Gu
  • Austin Vazquez
  • Krisztian Litkey
  • Akhil Mohan
  • Kohei Tokunaga
  • Mike Brown
  • Jin Dong
  • Bjorn Neergaard
  • rongfu.leng
  • Justin Chadwell
  • James Sturtevant
  • Paul "TBBle" Hampson
  • Davanum Srinivas
  • Enrico Weigelt
  • Brian Goff
  • Henry Wang
  • Paweł Gronowski
  • Hsing-Yu (David) Chen
  • Ilya Hanov
  • Laura Brehm
  • Marat Radchenko
  • Cardy.Tang
  • Aditi Sharma
  • Bryant Biggs
  • Evan Lezar
  • Jordan Liggitt
  • Kay Yan
  • Markus Lehtonen
  • Nashwan Azhari
  • Shingo Omura
  • Shuaiyi Zhang
  • Vinayak Goyal
  • helen
  • Alexandru Matei
  • Amit Barve
  • Anthony Nandaa
  • Charity Kathure
  • Ed Bartosh
  • Etienne Champetier
  • James Jenkins
  • Kevin Parsons
  • Milas Bowman
  • Swagat Bora
  • yanggang
  • Aditya Ramani
  • Adrian Reber
  • Amir M. Ghazanfari
  • Artem Khramov
  • Avi Deitcher
  • Brad Davidson
  • Chen Yiyang
  • Christian Muehlhaeuser
  • Cory Snider
  • Djordje Lukic
  • Edgar Lee
  • Ethan Lowman
  • Jiang Liu
  • June Rhodes
  • Lucas Rattz
  • Mahamed Ali
  • Maksim An
  • Michael Crosby
  • Peteris Rudzusiks
  • Sam Edwards
  • Samruddhi Khandale
  • Steve Griffith
  • Tony Fang
  • VERNOU Cédric
  • hang.jiang
  • jerryzhuang
  • lengrongfu
  • ningmingxiao
  • roman-kiselenko
  • zhanluxianshen
  • zounengren
  • Aaron Lehmann
  • Adrien Delorme
  • Alex Couture-Beil
  • Alex Ellis
  • Alex Rodriguez
  • Angelos Kolaitis
  • Antonio Huete Jimenez
  • Arash Haghighat
  • Ben Foster
  • Bin Tang
  • Bin Xin
  • BinBin He
  • Brennan Kinney
  • Changqing Li
  • ChengenH
  • ChengyuZhu6
  • Christian Stewart
  • Craig Ingram
  • Daisy Rong
  • David Porter
  • Derek Nola
  • Eng Zer Jun
  • Fabiano Fidêncio
  • Fahed Dorgaa
  • Gary McDonald
  • Iain Macdonald
  • James Lakin
  • Jan Dubois
  • Jaroslav Jindrak
  • Jiongchi Yu
  • Julien Balestra
  • Kern Walster
  • Kirill A. Korinsky
  • Konstantin Khlebnikov
  • Pan Yibo
  • Qasim Sarfraz
  • Qiutong Song
  • Robbie Buxton
  • Robert-André Mauchin
  • Ruihua Wen
  • Shukui Yang
  • Talon
  • Tianon Gravi
  • Tim Hockin
  • Tobias Klauser
  • Tomáš Virtus
  • Tõnis Tiigi
  • Wang Xinwen
  • William Chen
  • Xinyang Ge
  • Yibo Zhuang
  • Yury Gargay
  • Zechun Chen
  • Zhang Tianyang
  • Zoe
  • baijia
  • charles-chenzz
  • chschumacher1994
  • guangli.bao
  • guangwu
  • krglosse
  • pigletfly
  • rokkiter
  • wangxiang
  • zhangpeng
  • zhaojizhuang
  • 吴小白
  • 张钰
  • 沈陵
  • 谭九鼎

Dependency Changes

...

Read more

containerd 1.7.17

16 May 22:00
v1.7.17
3a4de45
Compare
Choose a tag to compare

Welcome to the v1.7.17 release of containerd!

The seventeenth patch release for containerd 1.7 contains various fixes and updates.

Highlights

  • Use LOOP_CONFIGURE when creating loop devices (#10209)
  • Update unpacker to fetch all provided content (#10233)
  • Preserve CL_UNPRIVILEGED locked flags during remount of bind mounts (#10210)
  • Update metadata snapshotter to lease on already exists (#10198)
  • Handle unsupported config versions (#10165)
  • Fix deadlock when writing to pipe blocks (containerd/ttrpc#168)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Stefan Berger
  • Derek McGowan
  • Austin Vazquez
  • Alexandru Matei
  • Maksym Pavlenko
  • Akihiro Suda
  • Bryant Biggs
  • Kevin Parsons
  • Kirtana Ashok
  • Phil Estes
  • Kazuyoshi Kato
  • Kohei Tokunaga
  • Swagat Bora

Changes

43 commits

  • Prepare release notes for v1.7.17 (#10235)
    • 114b07b97 Prepare release notes for v1.7.17
  • Use LOOP_CONFIGURE when creating loop devices (#10209)
    • 803aaa680 Remove internal LoopConfig struct
    • 7bd3be948 Swap internal ioctl implementation with golang.org/x/sys
    • a0739dc0e Use LOOP_CONFIGURE when creating loop devices
  • Update unpacker to fetch all provided content (#10233)
    • 1573ea598 Update ctr image pull all platforms
    • 32b594f1b Update unpacker to always fetch all
  • Update hcsshim tag to v0.11.5 (#10232)
  • Update ttrpc tag to 1.2.4 (#10221)
  • Preserve CL_UNPRIVILEGED locked flags during remount of bind mounts (#10210)
    • ad85652fa Preserve CL_UNPRIVILEGED locked flags during remount of bind mounts
  • Update instrumentation fuzzer with new flag (#10229)
    • 582f3f43d Update instrumentation fuzzer with new flag
  • vendor: github.com/containerd/imgcrypt@v1.1.8 (#10215)
    • a5d13689b vendor: github.com/containerd/imgcrypt@v1.1.8
  • vendor: golang.org/x/net@v0.23.0 (#10211)
  • Update tooling to Go 1.21.10, 1.22.3 for net/http bug fixes (#10207)
    • c53b635f9 Update toolchain to Go 1.21.10 and 1.22.3
  • vendor: golang.org/x/crypto@v0.18.0 (#10204)
    • 4b52104f0 vendor: golang.org/x/crypto@v0.18.0
    • 2f65c83b0 vendor: golang.org/x/term@v0.16.0
    • 8a76171f7 vendor: golang.org/x/sys@v0.16.0
    • d45778523 vendor: golang.org/x/term@v0.15.0, golang.org/x/text@v0.14.0
    • 24038de8c vendor: golang.org/x/sys@v0.15.0
  • Update metadata snapshotter to lease on already exists (#10198)
    • eb930375c Add lease test for metadata snapshotter
    • 9f6c61ab9 Update metadata snapshotter to lease on exists
  • Update grpc and image-spec dependencies (#10180)
    • 24dd403ab Update image-spec to v1.1.0
    • 189b69e24 go.mod: github.com/opencontainers/image-spec v1.1.0-rc3
    • 388fb336b Update grpc to v1.59.0
  • Handle unsupported config versions (#10165)
    • 00347b7fa Add check for unsupported config versions

Changes from containerd/imgcrypt

53 commits

  • CHANGES: Updated CHANGES document for 1.1.8 release (containerd/imgcrypt#122)
    • 956b4d3 CHANGES: Updated CHANGES document for 1.1.8 release
  • Synchronize enc-ctr with upstream ctr from containerd v1.6.23 and use containerd v1.6.23 in dependency (containerd/imgcrypt#120)
    • 9e8e1c1 ctr: Sync code with containerd v1.6.23 ctr
    • 7d2cca5 build(deps): bump containerd from 1.6.20 to 1.6.23
  • Synchronize enc-ctr with upstream ctr from containerd v1.6.20 (containerd/imgcrypt#119)
    • 0f2559e ctr: Sync code with containerd v1.6.20 ctr
    • c48dd78 cmd: Copy IntToInt32Array into img package and use it
  • Update to ocicrypt 1.1.8 and minimum go 1.20 (containerd/imgcrypt#118)
    • 6d48a4e build(deps): bump ocicrypt from 1.1.7 to 1.1.8
    • 1bc94a2 github: Use golangci-lint v1.54.1 and adjust config file
    • 9065f1d github: Test with go 1.21 and go 1.20
    • 74986f3 go.mod: Require go 1.20
  • build(deps): bump google.golang.org/grpc from 1.47.0 to 1.53.0 (containerd/imgcrypt#117)
    • a2a8273 build(deps): bump google.golang.org/grpc from 1.47.0 to 1.53.0
  • test: Test creating and running of container with key file missing (containerd/imgcrypt#116)
    • 286470a test: Test creating and running of container with key file missing
  • Fix some issues in the test script (containerd/imgcrypt#115)
Read more

containerd 1.7.16

25 Apr 13:53
v1.7.16
8303183
Compare
Choose a tag to compare

Welcome to the v1.7.16 release of containerd!

The sixteenth patch release for containerd 1.7 contains various fixes and updates.

Highlights

  • Update AppArmor template to allow confined runc to kill containers (#10129)
  • Fix config import relative path glob (#9834)
  • Update AppArmor template to better support rootlesskit (#10116)
  • Update HTTP fallback to better account for TLS timeout and previous attempts (#10112)
  • Add support for HPC port forwarding (#10008)
  • Prevent GC from schedule itself with 0 period. (#10102)
  • Fix issue with using invalid token to retry fetching layer (#10065)
  • Automatically decompress archives for transfer service import (#9989)
  • Fix HTTPFallback fails when pushing manifest (#10044)
  • Add support for configuring otel from env and config deprecation notice (#9992)
  • Fix deadlock during NRI plugin registration (containerd/nri#79)

Build and Release Toolchain

  • Update Go to 1.21.9 and 1.22.2 with net/http security fix (#10115)

Container Runtime Interface (CRI)

  • Fix CRI snapshotter root path when not under containerd root (#10096)
  • Fix network creation failure from CreatedAt time as 269 years ago (#10122)
  • Include userns info in PodSandboxStatus (#9865)
  • Fix default working directory Windows HostProcess containers (#10071)
  • Fix ListPodSandboxStats to skip sandboxes with missing tasks (#10042)

Deprecations

  • Add support for configuring otel from env and config deprecation notice (#9992)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Samuel Karp
  • Wei Fu
  • Danny Canter
  • Kazuyoshi Kato
  • Kirtana Ashok
  • Maksym Pavlenko
  • Phil Estes
  • Sebastiaan van Stijn
  • Brian Goff
  • Rodrigo Campos
  • Akihiro Suda
  • Angelos Kolaitis
  • Bin Tang
  • David Porter
  • Edgar Lee
  • Evan Lezar
  • Kirill A. Korinsky
  • Kohei Tokunaga
  • Maksim An
  • Paweł Gronowski
  • Tomáš Virtus
  • 张钰10307750
  • 沈陵

Changes

50 commits

  • Add release notes for v1.7.16 (#10124)
  • Update AppArmor template to allow confined runc to kill containers (#10129)
    • 18a2c36fa apparmor: Allow confined runc to kill containers
  • Fix config import relative path glob (#9834)
    • 62e9535f2 Fix config import relative path glob
  • Fix CRI snapshotter root path when not under containerd root (#10096)
    • a8ebceb97 CRI: "Fix" imageFSPath behavior
    • bd423bf84 Snapshotters: Export the root path
    • 8fb6bfa71 Add exports to proxy plugin config
    • 8916e2cf9 Add platform config to proxy plugins
  • Fix network creation failure from CreatedAt time as 269 years ago (#10122)
    • 293f5151d pod: CreatedAt time will be 269 years ago while creating cri network failed.
  • Update AppArmor template to better support rootlesskit (#10116)
    • af19e746e apparmor: add signal (receive) peer=/usr/local/bin/rootlesskit,
  • Update Go to 1.21.9 and 1.22.2 with net/http security fix (#10115)
  • Update HTTP fallback to better account for TLS timeout and previous attempts (#10112)
    • 794b0c723 Add deprecated HTTPFallback for package compatibility
    • 51c649d9d Update HTTPFallback to handle tls handshake timeout
    • aa14890ed Remove empty default tls configuration in ctr
  • Add support for HPC port forwarding (#10008)
    • 3df5d4445 Add support for HPC port forwarding
  • Prevent GC from schedule itself with 0 period. (#10102)
    • 5c15bf406 Prevent GC from schedule itself with 0 period.
  • Include userns info in PodSandboxStatus (#9865)
    • b57dc9fd3 cri/server: Add userns tests in PodSandboxStatus
    • 6e809ef13 cri: Expose userns in PodSandboxStatus rpc
  • mod: bump github.com/containerd/nri@v0.6.1 (#10097)
    • 395a31901 mod: bump github.com/containerd/nri@v0.6.1
  • Fix issue with using invalid token to retry fetching layer (#10065)
    • f61de0864 fix bug that using invalid token to retry fetching layer
  • Bump tags.cncf.io/container-device-interface to v0.7.2 (#10077)
    • 7a2f49f70 Bump tags.cncf.io/container-device-interface to v0.7.2
  • Fix default working directory Windows HostProcess containers (#10071)
    • 989f1ec54 fix default working directory hostProcess
  • Fix unexpected order of mounts since go 1.19 (#10063)
    • 9f774e438 fix(cri): fix unexpected order of mounts since go 1.19
  • Automatically decompress archives for transfer service import (#9989)
    • 2aec52493 Automatically decompress archives for transfer service import
  • Use different containerd sock address in tests (#10056)
    • 8c76e7948 Use different containerd sock address in tests
  • Fix HTTPFallback fails when pushing manifest (#10044)
    • 18f4ad5ee remote: Fix HTTPFallback fails when pushing manifest
  • Add support for configuring otel from env and config deprecation notice (#9992)
  • Fix ListPodSandboxStats to skip sandboxes with missing tasks (#10042)
    • 90c309fe2 Add IsNotFound case to ListPodSandboxStats

Changes from containerd/nri

5 commits<...
Read more

containerd 2.0.0-rc.1

23 Apr 23:05
v2.0.0-rc.1
2d19e9b
Compare
Choose a tag to compare
containerd 2.0.0-rc.1 Pre-release
Pre-release

Welcome to the v2.0.0-rc.r1 release of containerd!
This is a pre-release of containerd

The first major release of containerd 2.x focuses on the continued stability of
containerd's core feature set with an easy upgrade from containerd 1.x. This
release includes the stabilization of new features added in the last 1.x release
as well as the removal of features which were deprecated in 1.x. The goal is to
support the vast community of containerd users well into the future along with
their ever increasing deployment footprints and variety of use cases.

Highlights

  • Enable Transfer service to use registry configuration directory (#9908)
  • Configure otel from env instead of config.toml (#8970)
  • Disable the support for Schema 1 images (#9765)
  • Fix config import relative path glob (#9746)
  • Enable NRI by default (#9744)
  • Add PluginInfo to introspection API (#9442)
  • Remove overlayfs volatile option on temp mounts (#9555)
  • Move packages based on contributing guide (#9365)
  • Update import and export to allow references to missing content (#9554)
  • Add option to perform syncfs after pull (#9401)
  • Expose usage of deprecated features (#9258)
  • Use Intel ISA-L's igzip if available (#9200)
  • Generalize plugin library (#9214)
  • Introduce top level config migration (#9223)
  • Add image delete target (#8989)
  • Remove LimitNOFILE from containerd.service (#8924)
  • Use github.com/containerd/log (#9086)
  • Add image verifier transfer service plugin system based on a binary directory (#8493)
  • Add support for image expiration during garbage collection (#9022)
  • Reduce the contention between ref lock and boltdb lock in content store (#8792)
  • Remove "containerd.io/restart.logpath" label (#8264)
  • Remove aufs snapshotter (#8263)

Container Runtime Interface (CRI)

  • Add support for multiple subscribers to CRI container events (#9661)
  • Enable CDI by default (#9621)
  • Remove non-sandboxed CRI implementation (#9228)
  • Add support for userns in stateless and stateful pods with idmap mounts (KEP-127, k8s >= 1.27) (#8287)
  • Use sandboxed CRI by default (#8994)
  • Implement RuntimeConfig CRI call (#8722)
  • Add support for user namespaces (KEP-127) (#8803)
  • Remove CRI v1alpha2 (#8276)

Runtime

  • Support vsock connection to task api (#9738)
  • Update RuntimeDefault seccomp profile to disallow io_uring related syscalls (#9320)
  • Switch runc shim to task service v3 and fix restore (#9233)
  • Add sandboxer configuration and move sandbox controllers to plugins (#8268)
  • Remove the CriuPath field from runc's options (#8279)
  • Remove support for config.toml version = 1 (#8275)
  • Remove io.containerd.runtime.v1.linux and io.containerd.runc.v1 (#8262)

Security Advisories

Breaking

  • Disable the support for Schema 1 images (#9765)
  • Update RuntimeDefault seccomp profile to disallow io_uring related syscalls (#9320)
  • Move client to subpackage (#9316)
  • Remove LimitNOFILE from containerd.service (#8924)
  • Remove CRI v1alpha2 (#8276)
  • Remove io.containerd.runtime.v1.linux and io.containerd.runc.v1 (#8262)
  • Remove "containerd.io/restart.logpath" label (#8264)
  • Remove aufs snapshotter (#8263)

Deprecations

  • Postpone removal of deprecated CRI config properties (#9966)
  • Deprecate go-plugin configuration option (#9238)
  • CNI conf_template in CRI is no longer deprecated (#8637)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Akihiro Suda
  • Wei Fu
  • Phil Estes
  • Maksym Pavlenko
  • Sebastiaan van Stijn
  • Samuel Karp
  • Kazuyoshi Kato
  • Rodrigo Campos
  • Danny Canter
  • Gabriel Adrian Samfira
  • Iceber Gu
  • Kirtana Ashok
  • Abel Feng
  • Austin Vazquez
  • Krisztian Litkey
  • Akhil Mohan
  • Kohei Tokunaga
  • Mike Brown
  • Jin Dong
  • Bjorn Neergaard
  • rongfu.leng
  • Justin Chadwell
  • James Sturtevant
  • Paul "TBBle" Hampson
  • Davanum Srinivas
  • Enrico Weigelt
  • Brian Goff
  • Paweł Gronowski
  • Hsing-Yu (David) Chen
  • Ilya Hanov
  • Laura Brehm
  • Marat Radchenko
  • Cardy.Tang
  • Henry Wang
  • Aditi Sharma
  • Bryant Biggs
  • Evan Lezar
  • Jordan Liggitt
  • Kay Yan
  • Markus Lehtonen
  • Nashwan Azhari
  • Shingo Omura
  • Vinayak Goyal
  • helen
  • Alexandru Matei
  • Amit Barve
  • Charity Kathure
  • Ed Bartosh
  • Etienne Champetier
  • James Jenkins
  • Milas Bowman
  • Shuaiyi Zhang
  • yanggang
  • Aditya Ramani
  • Amir M. Ghazanfari
  • Anthony Nandaa
  • Artem Khramov
  • Brad Davidson
  • Chen Yiyang
  • Christian Muehlhaeuser
  • Cory Snider
  • Djordje Lukic
  • Edgar Lee
  • Ethan Lowman
  • Jiang Liu
  • June Rhodes
  • Mahamed Ali
  • Maksim An
  • Michael Crosby
  • Peteris Rudzusiks
  • Sam Edwards
  • Samruddhi Khandale
  • Steve Griffith
  • Swagat Bora
  • Tony Fang
  • VERNOU Cédric
  • hang.jiang
  • jerryzhuang
  • lengrongfu
  • roman-kiselenko
  • zhanluxianshen
  • Aaron Lehmann
  • Adrian Reber
  • Alex Couture-Beil
  • Alex Ellis
  • Alex Rodriguez
  • Angelos Kolaitis
  • Antonio Huete Jimenez
  • Arash Haghighat
  • Avi Deitcher
  • Ben Foster
  • Bin Tang
  • Bin Xin
  • BinBin He
  • Brennan Kinney
  • ChengenH
  • ChengyuZhu6
  • Christian Stewart
  • Craig Ingram
  • Daisy Rong
  • David Porter
  • Derek Nola
  • Eng Zer Jun
  • Fahed Dorgaa
  • Gary McDonald
  • Iain Macdonald
  • James Lakin
  • Jan Dubois
  • Jaroslav Jindrak
  • Jiongchi Yu
  • Julien Balestra
  • Kern Walster
  • Kevin Parsons
  • Kirill A. Korinsky
  • Konstantin Khlebnikov
  • Pan Yibo
  • Qasim Sarfraz
  • Qiutong Song
  • Robbie Buxton
  • Robert-André Mauchin
  • Shukui Yang
  • Talon
  • Tianon Gravi
  • Tim Hockin
  • Tobias Klauser
  • Tõnis Tiigi
  • Wang Xinwen
  • William Chen
  • Yibo Zhuang
  • Yury Gargay
  • Zechun Chen
  • Zhang Tianyang
  • Zoe
  • baijia
  • charles-chenzz
  • chschumacher1994
  • guangli.bao
  • guangwu
  • krglosse
  • ningmingxiao
  • pigletfly
  • rokkiter
  • wangxiang
  • zhangpeng
  • zhaojizhuang
  • zounengren
  • 吴小白
  • 张钰
  • 沈陵
  • 谭九鼎

Dependency Changes

  • dario.cat/mergo v1.0.0 new
  • github.com/AdaLogics/go-fuzz-headers 1f10f66a31bf -> ced1acdcaa24
  • github.com/AdamKorcz/go-118-fuzz-build 5330a85ea652 -> 8075edf89bb0
  • github.com/Masterminds/semver/v3 v3.2.1 new
  • github.com/Microsoft/go-winio v0.6.0 -> v0.6.2
  • github.com/Microsoft/hcsshim v0.10.0-rc.7 -> v0.12.3
  • github.com/cenkalti/backoff/v4 v4.2.0 -> v4.3.0
  • github.com/checkpoint-restore/checkpointctl v1.1.0 new
  • github.com/checkpoint-restore/go-criu/v7 v7.1.0 new
  • github.com/cilium/ebpf v0.9.1 -> v0.11.0
  • github.com/containerd/cgroups/v3 v3.0.1 -> v3.0.3
  • github.com/containerd/console v1.0.3 -> v1.0.4
  • github.com/containerd/continuity v0.3.0 -> v0.4.3
  • github.com/containerd/errdefs v0.1.0 new
  • github.com/containerd/go-runc ...
Read more

containerd 1.7.15

05 Apr 17:19
v1.7.15
926c958
Compare
Choose a tag to compare

Welcome to the v1.7.15 release of containerd!

The fifteenth patch release for containerd 1.7 contains various fixes; one for a
regression introduced in v1.7.14 in the way process exits were handled.

Highlights

  • Adds mediatype to OCI index record on export (#9990)

Runtime

  • Fix runc shim to only defer init process exits (#10037)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Phil Estes
  • Austin Vazquez
  • Laura Brehm
  • Sebastiaan van Stijn
  • Talon

Changes

12 commits

  • Prepare for v1.7.15 release (#10039)
  • Fix runc shim to only defer init process exits (#10037)
    • 21df46766 runc-shim: only defer init process exits
  • Fix compile from version control system (source) use case (#10012)
    • 2a054213e Fix compile from version control system (source) use case
  • Adds mediatype to OCI index record on export (#9990)
    • 6605c47a4 adds mediatype to oci index record
  • vendor: google.golang.org/protobuf 1.33.0, github.com/golang/protobuf v1.5.4 (#9975)
    • e6d91d843 vendor: github.com/golang/protobuf v1.5.4
    • 2d136c5f5 build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0
    • a1a7af7a3 build(deps): bump google.golang.org/protobuf from 1.31.0 to 1.32.0

Dependency Changes

  • github.com/golang/protobuf v1.5.3 -> v1.5.4
  • google.golang.org/protobuf v1.31.0 -> v1.33.0

Previous release can be found at v1.7.14