Releases: containerd/containerd
containerd 1.6.30
Welcome to the v1.6.30 release of containerd!
The thirtieth patch release for containerd 1.6 contains various fixes and updates
as well as a build fix which prevented the v1.6.29 tag from being released.
Highlights
- Update builds to go 1.21.8 (#9945)
- Fix config import relative path glob (#9835)
- Move high volume event logs to Trace level (#9824)
- Move certain debug logs to trace logs (#9762)
Container Runtime Interface (CRI)
- Add timeout to drain exec io (#9768)
- Propagate deprecation list to runtime status (#9819)
- Fix image pinning when image is not pulled through cri (#9785)
Runtime
- Update runc-shim to process exec exits before init (#9927)
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Akihiro Suda
- Derek McGowan
- Wei Fu
- Maksym Pavlenko
- Phil Estes
- Kirtana Ashok
- Mike Brown
- Akhil Mohan
- Angelos Kolaitis
- Austin Vazquez
- Henry Wang
- Laura Brehm
- Nashwan Azhari
- Sebastiaan van Stijn
- Tony Fang
Changes
59 commits
- Prepare v1.6.30 (#9952)
- Prepare release notes for v1.6.29 (#9950)
9ef6d9d03
Add release notes for v1.6.29.toml
- use a composite action to install Go (#9949)
- Update builds to go 1.21.8 (#9945)
ccf3eb6a2
update to go 1.21.8, 1.22.1
- Backport easy go install and update go (#9890)
f6475ea59
Drop go 1.20 and build against 1.227c45ad092
Extract a composite action to install Go4f7305414
update to go1.21.6, go1.20.13da5a36c37
Use testifyafe6efee3
Revert container_stats_test.go change which caused Windows CRI integration test failure370ef115f
container_stats_test.go: avoid checking snapshot size935720b8c
Move inline PS scripts into files74bae5af8
Uninstall mingw before attempting upgrade9b9500bb0
CI: Explicitly upgrade MinGW on Windows 2019 GitHub runners.4814f9e48
seccomp, apparmor: add go:noinline
- Disable OOM set score unpriv test temporarily (#9943)
c7c8ce6bc
Disable OOM set score unpriv test temporarily
- Update runc-shim to process exec exits before init (#9927)
65915f0a2
runc-shim: process exec exits before init
- Backport GitHub actions package updates (#9877)
e552c8898
build(deps): bump golangci/golangci-lint-action from 3 to 4888ae152c
build(deps): bump actions/cache from 3 to 4dd913a0de
build(deps): bump actions/upload-artifact from 3 to 4a250c101a
build(deps): bump actions/download-artifact from 3 to 47c8fd2255
build(deps): bump github/codeql-action from 2 to 3f325e559e
build(deps): bump docker/setup-buildx-action from 2 to 31bae160de
build(deps): bump crazy-max/ghaction-github-runtime from 2 to 33c81dc13b
build(deps): bump actions/upload-artifact from 1 to 39b3b80eea
build(deps): bump actions/setup-go from 3 to 56b74818d8
build(deps): bump actions/checkout from 3 to 4
- Fix config import relative path glob (#9835)
0f2068a70
Fix config import relative path glob
- ci: update crun version to 1.14.3 (#9851)
89d00db95
ci: update crun version to 1.14.3
- Add timeout to drain exec io (#9768)
aac488730
*: fix code style issue2a38c7e2e
cri: add config ut for invalid drain io timeout valuece213431f
integration: add testcase to drain exec IO in timeb5d52efca
cri: disable drain-exec-IO if it is empty timeout85bed5863
*: update drainExecSyncIO docs and validate the timeout0438e477c
*: add DrainExecSyncIOTimeout config and disable as by defaultfb262317c
*: fix typo and skip exec-io-drain-testcase in winf50c9922b
pkg/cri/server: add timeout to drain exec io
- Move high volume event logs to Trace level (#9824)
99fa35e70
Move high volume event logs to Trace level
- Propagate deprecation list to runtime status (#9819)
3785deac4
cri: propagate deprecation list to runtime status
- ctr: print deprecation warnings on every invocation (#9821)
b7a0b1b8e
ctr: print deprecation warnings on every invocation
- Fix image pinning when image is not pulled through cri (#9785)
2d43994fb
bug fix: make sure cri image is pinned when it is pulled outside cri
- Move certain debug logs to trace logs (#9762)
195ef7691
Move certain debug logs to trace logs
Dependency Changes
This release has no dependency changes
Previous release can be found at [v1.6.28](https://github.com/containerd/containerd/releases/tag/v1...
containerd 1.7.13
Welcome to the v1.7.13 release of containerd!
The thirteenth patch release for containerd 1.7 updates the runc binary
in the release builds to address CVE-2024-21626
Notable Updates
- Update runc binary to v1.1.12 (GHSA-xr7r-f8xq-vfvv)
- Update seccomp profile for new syscalls added since Linux 5.16 (#9693)
See the changelog for complete list of changes
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Derek McGowan
- Akihiro Suda
- Evan Lezar
- Paweł Gronowski
- Phil Estes
- Wei Fu
Changes
9 commits
- Prepare v1.7.13 and update runc to v1.1.12 (#9724)
- [release/1.7] seccomp: kernel 6.7 (#9693)
1bed37871
seccomp: kernel 6.7
- [release/1.7] Update container-device-interface to v0.6.2 (#9685)
14628d4aa
Update container-device-interface to v0.6.2
- [release/1.7] content: Add InfoReaderProvider (#9658)
836477930
content: Add InfoReaderProvider
Dependency Changes
- tags.cncf.io/container-device-interface v0.6.2 new
- tags.cncf.io/container-device-interface/specs-go v0.6.0 new
Previous release can be found at v1.7.12
containerd 1.6.28
Welcome to the v1.6.28 release of containerd!
The twenty-eighth patch release for containerd 1.6 updates the runc binary
in the release builds to address CVE-2024-21626
Notable Updates
- Update runc binary to v1.1.12 (GHSA-xr7r-f8xq-vfvv)
- Update seccomp profile for new syscalls added since Linux 5.16 (#9694)
See the changelog for complete list of changes
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Andrey Epifanov
- Derek McGowan
- Akihiro Suda
- Maksym Pavlenko
- Phil Estes
- Shengjing Zhu
- Wei Fu
Changes
13 commits
- Prepare v1.6.28 and update runc to v1.1.12 (#9723)
570c7c637
Prepare release notes for v1.6.28b20b9f86b
Update runc binary to v1.1.12- [release/1.6] upgrade OpenTelemetry to v1.21.0 / v0.46.0 (CVE-2023-47108) etc. (#9707)
- [release/1.6] seccomp: kernel 6.7 (#9694)
f44628305
seccomp: kernel 6.7
- [release/1.6] carry #9557 - enable ARM CI (#9636)
Dependency Changes
- github.com/go-logr/logr v1.2.2 -> v1.3.0
- github.com/google/go-cmp v0.5.9 -> v0.6.0
- github.com/google/uuid v1.3.0 -> v1.3.1
- go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.28.0 -> v0.46.0
- go.opentelemetry.io/otel v1.3.0 -> v1.21.0
- go.opentelemetry.io/otel/metric v1.21.0 new
- go.opentelemetry.io/otel/sdk v1.3.0 -> v1.21.0
- go.opentelemetry.io/otel/trace v1.3.0 -> v1.21.0
- golang.org/x/crypto v0.14.0 -> v0.18.0
- golang.org/x/net v0.17.0 -> v0.18.0
- golang.org/x/oauth2 v0.10.0 -> v0.11.0
- golang.org/x/sys v0.13.0 -> v0.16.0
- golang.org/x/term v0.13.0 -> v0.16.0
- golang.org/x/text v0.13.0 -> v0.14.0
- google.golang.org/grpc v1.58.3 -> v1.59.0
Previous release can be found at v1.6.27
containerd 2.0.0-beta.2
Welcome to the v2.0.0-beta.2 release of containerd!
This is a pre-release of containerd
The first major release of containerd 2.x focuses on the continued stability of
containerd's core feature set with an easy upgrade from containerd 1.x. This
release includes the stabilization of new features added in the last 1.x release
as well as the removal of features which were deprecated in 1.x. The goal is to
support the vast community of containerd users well into the future along with
their ever increasing deployment footprints and variety of use cases.
Highlights
- Add PluginInfo to introspection API (#9442)
- Remove overlayfs volatile option on temp mounts (#9555)
- Move packages based on contributing guide (#9365)
- Update import and export to allow references to missing content (#9554)
- Add option to perform syncfs after pull (#9401)
- Update RuntimeDefault seccomp profile to disallow io_uring related syscalls (#9320)
- Expose usage of deprecated features (#9258)
- Switch runc shim to task service v3 and fix restore (#9233)
- Use Intel ISA-L's igzip if available (#9200)
- Generalize plugin library (#9214)
- Introduce top level config migration (#9223)
- Add image delete target (#8989)
- Remove
LimitNOFILE
fromcontainerd.service
(#8924) - Use github.com/containerd/log (#9086)
- Add support for image expiration during garbage collection (#9022)
- Reduce the contention between ref lock and boltdb lock in content store (#8792)
- Remove the CriuPath field from runc's options (#8279)
- Remove support for config.toml
version = 1
(#8275) - Remove "containerd.io/restart.logpath" label (#8264)
- Remove
aufs
snapshotter (#8263)
Container Runtime Interface (CRI)
- Enable CDI by default (#9621)
- Remove non-sandboxed CRI implementation (#9228)
- Add image verifier transfer service plugin system based on a binary directory (#8493)
- Add support for userns in stateless and stateful pods with idmap mounts (KEP-127, k8s >= 1.27) (#8287)
- Use sandboxed CRI by default (#8994)
- Implement RuntimeConfig CRI call (#8722)
- Add support for user namespaces (KEP-127) (#8803)
- Remove CRI v1alpha2 (#8276)
Runtime
- Add sandboxer configuration and move sandbox controllers to plugins (#8268)
- Remove
io.containerd.runtime.v1.linux
andio.containerd.runc.v1
(#8262)
Security Advisories
- [medium] RAPL accessible to a container GHSA-7ww5-4wqc-m92c
Breaking
- Update RuntimeDefault seccomp profile to disallow io_uring related syscalls (#9320)
- Move client to subpackage (#9316)
- Remove
LimitNOFILE
fromcontainerd.service
(#8924) - Remove CRI v1alpha2 (#8276)
- Remove
io.containerd.runtime.v1.linux
andio.containerd.runc.v1
(#8262) - Remove "containerd.io/restart.logpath" label (#8264)
- Remove
aufs
snapshotter (#8263)
Deprecations
- Deprecate go-plugin configuration option (#9238)
- CNI conf_template in CRI is no longer deprecated (#8637)
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Derek McGowan
- Akihiro Suda
- Wei Fu
- Phil Estes
- Sebastiaan van Stijn
- Samuel Karp
- Maksym Pavlenko
- Kazuyoshi Kato
- Rodrigo Campos
- Danny Canter
- Gabriel Adrian Samfira
- Iceber Gu
- Abel Feng
- Akhil Mohan
- Jin Dong
- Bjorn Neergaard
- Kirtana Ashok
- Kohei Tokunaga
- Austin Vazquez
- rongfu.leng
- Mike Brown
- Paul "TBBle" Hampson
- Krisztian Litkey
- James Sturtevant
- Enrico Weigelt
- Paweł Gronowski
- Ilya Hanov
- Marat Radchenko
- Cardy.Tang
- Hsing-Yu (David) Chen
- Justin Chadwell
- Brian Goff
- Bryant Biggs
- Davanum Srinivas
- Henry Wang
- Kay Yan
- Laura Brehm
- Markus Lehtonen
- Nashwan Azhari
- Shingo Omura
- Vinayak Goyal
- helen
- Aditi Sharma
- Charity Kathure
- Ed Bartosh
- Evan Lezar
- James Jenkins
- Milas Bowman
- yanggang
- Aditya Ramani
- Amit Barve
- Artem Khramov
- Brad Davidson
- Chen Yiyang
- Cory Snider
- Djordje Lukic
- Ethan Lowman
- Jiang Liu
- Jordan Liggitt
- June Rhodes
- Mahamed Ali
- Michael Crosby
- Peteris Rudzusiks
- Sam Edwards
- Samruddhi Khandale
- Shuaiyi Zhang
- Steve Griffith
- VERNOU Cédric
- hang.jiang
- jerryzhuang
- lengrongfu
- Aaron Lehmann
- Alex Couture-Beil
- Alex Ellis
- Alex Rodriguez
- Alexandru Matei
- Amir M. Ghazanfari
- Anthony Nandaa
- Antonio Huete Jimenez
- Avi Deitcher
- Ben Foster
- Bin Xin
- BinBin He
- Brennan Kinney
- Craig Ingram
- Daisy Rong
- Edgar Lee
- Eng Zer Jun
- Etienne Champetier
- Fahed Dorgaa
- Gary McDonald
- Iain Macdonald
- James Lakin
- Jan Dubois
- Jaroslav Jindrak
- Jiongchi Yu
- Kern Walster
- Kevin Parsons
- Konstantin Khlebnikov
- Maksim An
- Pan Yibo
- Qasim Sarfraz
- Qiutong Song
- Robbie Buxton
- Robert-André Mauchin
- Shukui Yang
- Tianon Gravi
- Tony Fang
- Tõnis Tiigi
- Wang Xinwen
- William Chen
- Yibo Zhuang
- Yury Gargay
- charles-chenzz
- chschumacher1994
- guangli.bao
- krglosse
- ningmingxiao
- pigletfly
- rokkiter
- roman-kiselenko
- roman-kiselenko
- wangxiang
- zhangpeng
- zhaojizhuang
- zounengren
- 吴小白
- 张钰
- 沈陵
Dependency Changes
- cloud.google.com/go/compute/metadata v0.2.3 new
- dario.cat/mergo v1.0.0 new
- github.com/AdaLogics/go-fuzz-headers 1f10f66a31bf -> ced1acdcaa24
- github.com/AdamKorcz/go-118-fuzz-build 5330a85ea652 -> 8075edf89bb0
- github.com/Microsoft/go-winio v0.6.0 -> v0.6.1
- github.com/Microsoft/hcsshim v0.10.0-rc.7 -> v0.12.0-rc.2
- github.com/cenkalti/backoff/v4 v4.2.0 -> v4.2.1
- github.com/cilium/ebpf v0.9.1 -> v0.11.0
- github.com/containerd/cgroups/v3 v3.0.1 -> v3.0.3
- github.com/containerd/continuity v0.3.0 -> v0.4.3
- github.com/containerd/errdefs v0.1.0 new
- github.com/containerd/go-runc v1.0.0 -> v1.1.0
- github.com/containerd/log v0.1.0 new
- github.com/containerd/nri v0.3.0 -> v0.5.0
- github.com/containerd/platforms v0.1.1 new
- github.com/containerd/plugin 7ec69893e1e7 new
- github.com/containerd/ttrpc v1.2.1 -> v1.2.2
- github.com/containerd/typeurl/v2 v2.1.0 -> v2.1.1
- github.com/containernetworking/plugins v1.2.0 -> v1.4.0
- github.com/distribution/reference v0.5.0 new
- github.com/emicklei/go-restful/v3 v3.10.1 -> v3.10.2
- github.com/felixge/httpsnoop v1.0.3 new
- github.com/fsnotify/fsnotify v1.6.0 -> v1.7.0
- github.com/go-logr/logr v1.2.3 -> v1.4.1
- github.com/golang/protobuf v1.5.2 -> v1.5.3
- github.com/google/go-cmp v0.5.9 -> v0.6.0
- github.com/google/uuid v1.3.0 -> v1.5.0
- **github.com/...
containerd 2.0.0-beta.1
Welcome to the v2.0.0-beta.1 release of containerd!
This is a pre-release of containerd
The first major release of containerd 2.x focuses on the continued stability of
containerd's core feature set with an easy upgrade from containerd 1.x. This
release includes the stabilization of new features added in the last 1.x release
as well as the removal of features which were deprecated in 1.x. The goal is to
support the vast community of containerd users well into the future along with
their ever increasing deployment footprints and variety of use cases.
Highlights
- Move packages based on contributing guide (#9365)
- Update import and export to allow references to missing content (#9554)
- *: enable ARM64 runner (#9456)
- Update RuntimeDefault seccomp profile to disallow io_uring related syscalls (#9320)
- Expose usage of deprecated features (#9258)
- Switch runc shim to task service v3 and fix restore (#9233)
- Use Intel ISA-L's igzip if available (#9200)
- Generalize plugin library (#9214)
- Introduce top level config migration (#9223)
- Add image delete target (#8989)
- Use github.com/containerd/log (#9086)
- Add support for image expiration during garbage collection (#9022)
- Reduce the contention between ref lock and boltdb lock in content store (#8792)
- Remove the CriuPath field from runc's options (#8279)
- Remove support for config.toml
version = 1
(#8275) - Remove "containerd.io/restart.logpath" label (#8264)
- Remove
aufs
snapshotter (#8263)
Container Runtime Interface (CRI)
- Enable CDI by default (#9621)
- Remove non-sandboxed CRI implementation (#9228)
- Add image verifier transfer service plugin system based on a binary directory (#8493)
- Add support for userns in stateless and stateful pods with idmap mounts (KEP-127, k8s >= 1.27) (#8287)
- Use sandboxed CRI by default (#8994)
- Implement RuntimeConfig CRI call (#8722)
- Add support for user namespaces (KEP-127) (#8803)
- Remove CRI v1alpha2 (#8276)
Runtime
- Add sandboxer configuration and move sandbox controllers to plugins (#8268)
- Remove
io.containerd.runtime.v1.linux
andio.containerd.runc.v1
(#8262)
Security Advisories
- [medium] RAPL accessible to a container GHSA-7ww5-4wqc-m92c
Breaking
- Update RuntimeDefault seccomp profile to disallow io_uring related syscalls (#9320)
- Move client to subpackage (#9316)
- Remove CRI v1alpha2 (#8276)
- Remove
io.containerd.runtime.v1.linux
andio.containerd.runc.v1
(#8262) - Remove "containerd.io/restart.logpath" label (#8264)
- Remove
aufs
snapshotter (#8263)
Deprecations
- Deprecate go-plugin configuration option (#9238)
- CNI conf_template in CRI is no longer deprecated (#8637)
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Derek McGowan
- Akihiro Suda
- Wei Fu
- Phil Estes
- Sebastiaan van Stijn
- Samuel Karp
- Maksym Pavlenko
- Kazuyoshi Kato
- Rodrigo Campos
- dependabot[bot]
- Danny Canter
- Gabriel Adrian Samfira
- Iceber Gu
- Abel Feng
- Jin Dong
- Bjorn Neergaard
- Kirtana Ashok
- Kohei Tokunaga
- Austin Vazquez
- rongfu.leng
- Akhil Mohan
- Mike Brown
- Paul "TBBle" Hampson
- Krisztian Litkey
- Enrico Weigelt
- James Sturtevant
- Paweł Gronowski
- Ilya Hanov
- Marat Radchenko
- Cardy.Tang
- Hsing-Yu (David) Chen
- Justin Chadwell
- Brian Goff
- Bryant Biggs
- Davanum Srinivas
- Henry Wang
- Kay Yan
- Laura Brehm
- Markus Lehtonen
- Nashwan Azhari
- Shingo Omura
- Vinayak Goyal
- helen
- Aditi Sharma
- Charity Kathure
- Ed Bartosh
- James Jenkins
- Milas Bowman
- Aditya Ramani
- Amit Barve
- Artem Khramov
- Brad Davidson
- Chen Yiyang
- Cory Snider
- Djordje Lukic
- Ethan Lowman
- Jiang Liu
- Jordan Liggitt
- June Rhodes
- Mahamed Ali
- Michael Crosby
- Peteris Rudzusiks
- Sam Edwards
- Samruddhi Khandale
- Shuaiyi Zhang
- Steve Griffith
- VERNOU Cédric
- hang.jiang
- jerryzhuang
- lengrongfu
- Aaron Lehmann
- Alex Couture-Beil
- Alex Ellis
- Alex Rodriguez
- Alexandru Matei
- Amir M. Ghazanfari
- Anthony Nandaa
- Antonio Huete Jimenez
- Avi Deitcher
- Ben Foster
- Bin Xin
- BinBin He
- Brennan Kinney
- Craig Ingram
- Daisy Rong
- Edgar Lee
- Eng Zer Jun
- Etienne Champetier
- Evan Lezar
- Fahed Dorgaa
- Gary McDonald
- Iceber Gu
- James Lakin
- Jan Dubois
- Jaroslav Jindrak
- Jiongchi Yu
- Kern Walster
- Kevin Parsons
- Konstantin Khlebnikov
- Maksim An
- Pan Yibo
- Qasim Sarfraz
- Qiutong Song
- Robbie Buxton
- Robert-André Mauchin
- Shukui Yang
- Tianon Gravi
- Tony Fang
- Tõnis Tiigi
- Wang Xinwen
- William Chen
- Yibo Zhuang
- charles-chenzz
- chschumacher1994
- guangli.bao
- ningmingxiao
- pigletfly
- rokkiter
- roman-kiselenko
- wangxiang
- zhangpeng
- zhaojizhuang
- zounengren
- 吴小白
- 沈陵
Dependency Changes
- cloud.google.com/go/compute/metadata v0.2.3 new
- dario.cat/mergo v1.0.0 new
- github.com/AdaLogics/go-fuzz-headers 1f10f66a31bf -> ced1acdcaa24
- github.com/AdamKorcz/go-118-fuzz-build 5330a85ea652 -> 8075edf89bb0
- github.com/Microsoft/go-winio v0.6.0 -> v0.6.1
- github.com/Microsoft/hcsshim v0.10.0-rc.7 -> v0.12.0-rc.2
- github.com/cenkalti/backoff/v4 v4.2.0 -> v4.2.1
- github.com/cilium/ebpf v0.9.1 -> v0.11.0
- github.com/container-orchestrated-devices/container-device-interface v0.5.4 -> v0.6.1
- github.com/containerd/cgroups/v3 v3.0.1 -> v3.0.3
- github.com/containerd/continuity v0.3.0 -> v0.4.3
- github.com/containerd/go-runc v1.0.0 -> v1.1.0
- github.com/containerd/log v0.1.0 new
- github.com/containerd/nri v0.3.0 -> v0.5.0
- github.com/containerd/plugin 7ec69893e1e7 new
- github.com/containerd/ttrpc v1.2.1 -> v1.2.2
- github.com/containerd/typeurl/v2 v2.1.0 -> v2.1.1
- github.com/containernetworking/plugins v1.2.0 -> v1.4.0
- github.com/distribution/reference v0.5.0 new
- github.com/emicklei/go-restful/v3 v3.10.1 -> v3.10.2
- github.com/felixge/httpsnoop v1.0.3 new
- github.com/fsnotify/fsnotify v1.6.0 -> v1.7.0
- github.com/go-logr/logr v1.2.3 -> v1.4.1
- github.com/golang/protobuf v1.5.2 -> v1.5.3
- github.com/google/go-cmp v0.5.9 -> v0.6.0
- github.com/google/uuid v1.3.0 -> v1.5.0
- github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 -> v1.4.0
- github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0 -> v2.16.2
- github.com/intel/goresctrl v0.3.0 -> v0.6.0
- github.com/klauspost/compress v1.16.0 -> v1.17.4
- github.com/klauspost/cpuid/v2 v2.0.4 -> v2.2.5
- github.com/minio/sha256-simd v1.0.0 -> v1.0.1
- **githu...
containerd 1.7.12
Welcome to the v1.7.12 release of containerd!
The twelfth patch release for containerd 1.7 contains various fixes and updates.
Notable Updates
- Fix on dialer function for Windows (#9501)
- Improve
/etc/group
handling when appending groups (#9544) - Update shim pidfile permissions to 0644 (#9548)
- Update runc binary to v1.1.11 (#9596)
- Allow import and export to reference missing content (#9600)
- Remove runc import (#9605)
- Update Go version to 1.20.13 (#9624)
Deprecation Warnings
- Emit deprecation warning for
containerd.io/restart.logpath
label usage (#9567)
See the changelog for complete list of changes
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Akihiro Suda
- Sebastiaan van Stijn
- Wei Fu
- Derek McGowan
- Paweł Gronowski
- Jaroslav Jindrak
- Maksym Pavlenko
- Samuel Karp
- Anthony Nandaa
- Bjorn Neergaard
- Djordje Lukic
- Kay Yan
Changes
34 commits
- [release/1.7] Prepare release notes for v1.7.12 (#9632)
775d544fe
Prepare release notes for v1.7.12
- [release/1.7] update to go1.20.13, test go1.21.6 (#9624)
a5dc5b894
update to go1.20.13, test go1.21.6
- [release/1.7] shim: Create pid-file and address with 0644 permissions (#9548)
- [release/1.7 backport] switch back from golang.org/x/sys/execabs to os/exec (go1.19) (#9602)
- [release/1.7] update to CDI v0.6.1, and remove github.com/opencontainers/runc dependency (#9605)
9251072f7
remove github.com/opencontainers/runc dependency4e67213d4
vendor: github.com/cncf-tags/container-device-interface v0.6.1e0ee0be0d
go.mod: github.com/opencontainers/runtime-spec v1.1.002be2236a
go.mod: github.com/.../container-device-interface v0.6.091f953bb4
go.mod: github.com/opencontainers/runtime-spec v1.1.0-rc.2
- [release/1.7 backport] import/export: Support references to missing content (#9600)
- [release/1.7 backport] update runc binary to v1.1.11 (#9596)
23516a99c
update runc binary to v1.1.11
- [release/1.7 backport] go.mod: dario.cat/mergo v1.0.0 (#9569)
428714e32
go.mod: dario.cat/mergo v1.0.0
- [release/1.7] restart: containerd.io/restart.logpath warning (#9567)
03fed557e
restart: containerd.io/restart.logpath warning
- [release 1.7] backport: fix on dialer function for windows (#9501)
68d237392
fix(pkg/dialer): minor fix on dialer function for windows
- [release/1.7] *: enable ARM64 runner (#9502)
c63165123
*: enable ARM64 runner
- [release/1.7 backport] WithAppendAdditionalGroups: better /etc/group handling (#9544)
55e570844
WithAppendAdditionalGroups: better /etc/group handling
Dependency Changes
- dario.cat/mergo v1.0.0 new
- github.com/container-orchestrated-devices/container-device-interface v0.5.4 -> v0.6.1
- github.com/moby/sys/user v0.1.0 new
- github.com/opencontainers/runtime-spec v1.1.0-rc.1 -> v1.1.0
Previous release can be found at v1.7.11
containerd 1.6.27
Welcome to the v1.6.27 release of containerd!
The twenty-seventh patch release for containerd 1.6 contains various fixes and updates.
Notable Updates
- Improve
/etc/group
handling when appending groups (#9543) - Update runc binary to v1.1.11 (#9597)
- Remove runc import (#9606)
- Update shim pidfile permissions to 0644 (#9613)
- Update Go version to 1.20.13 (#9625)
Deprecation Warnings
- Emit deprecation warning for CRIU config usage (#9448)
- Emit deprecation warning for some CRI configs (#9447)
- Emit deprecation warning for
containerd.io/restart.logpath
label usage (#9572)
See the changelog for complete list of changes
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Samuel Karp
- Akihiro Suda
- Derek McGowan
- Sebastiaan van Stijn
- Djordje Lukic
- Jaroslav Jindrak
- Kay Yan
- Maksym Pavlenko
- Phil Estes
- Wei Fu
- ruiwen-zhao
Changes
26 commits
- [release/1.6] Prepare release notes for v1.6.27 (#9631)
d0edecf28
Prepare release notes for v1.6.27
- [release/1.6] update to go1.20.13, test go1.21.6 (#9625)
32a515211
update to go1.20.13, test go1.21.6
- [release/1.6 backport] shim: Create pid-file with 0644 permissions (#9613)
37de14d95
shim: Create pid-file with 0644 permissions
- [release/1.6 backport] remove github.com/opencontainers/runc dependency (#9606)
3938d63de
remove github.com/opencontainers/runc dependency
- [release/1.6 backport] update runc binary to v1.1.11 (#9597)
9a9b11f73
update runc binary to v1.1.11
- [release/1.6 backport] go.mod: dario.cat/mergo v1.0.0 (#9570)
- [release/1.6] restart: containerd.io/restart.logpath warning (#9572)
d24d263a4
restart: containerd.io/restart.logpath warning
- [release/1.6 backport] WithAppendAdditionalGroups: better /etc/group handling (#9543)
9489c0eb0
WithAppendAdditionalGroups: better /etc/group handling
- [release/1.6] cri: add deprecation warnings for deprecated CRI configs (#9547)
713065793
deprecation: fix missing spaces in warningsde0cc92a7
cri: add deprecation warning for runtime_root833b94149
cri: add deprecation warning for rutnime_engine47de3d63d
cri: add deprecation warning for default_runtimed421b8fda
cri: add warning for untrusted_workload_runtime802cb64b0
cri: add warning for old form of systemd_cgroup
- [release/1.6] Add warning for CRIU config usage (#9546)
f8447466c
Add warning for CRIU config usage
Dependency Changes
- dario.cat/mergo v1.0.0 new
- github.com/moby/sys/user v0.1.0 new
Previous release can be found at v1.6.26
containerd 1.7.11
Welcome to the v1.7.11 release of containerd!
The eleventh patch release for containerd 1.7 contains various fixes and updates including
one security issue.
Notable Updates
- Fix Windows default path overwrite issue (#9440)
- Update push to always inherit distribution sources from parent (#9452)
- Update shim to use net dial for gRPC shim sockets (#9458)
- Fix otel version incompatibility (#9483)
- Fix Windows snapshotter blocking snapshot GC on remove failure (#9482)
- Mask
/sys/devices/virtual/powercap
path in runtime spec and deny in default apparmor profile (GHSA-7ww5-4wqc-m92c)
Deprecation Warnings
- Emit deprecation warning for AUFS snapshotter (#9436)
- Emit deprecation warning for v1 runtime (#9450)
- Emit deprecation warning for deprecated CRI configs (#9469)
- Emit deprecation warning for CRI v1alpha1 usage (#9479)
- Emit deprecation warning for CRIU config in CRI (#9481)
See the changelog for complete list of changes
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Samuel Karp
- Derek McGowan
- Phil Estes
- Bjorn Neergaard
- Danny Canter
- Sebastiaan van Stijn
- ruiwen-zhao
- Akihiro Suda
- Amit Barve
- Charity Kathure
- Maksym Pavlenko
- Milas Bowman
- Paweł Gronowski
- Wei Fu
Changes
39 commits
- [release/1.7] Prepare release notes for v1.7.11 (#9491)
dfae68bc3
Prepare release notes for v1.7.11
- [release/1.7] update to go1.20.12, test go1.21.5 (#9352)
- Github Security Advisory GHSA-7ww5-4wqc-m92c
- [release/1.7] Don't block snapshot garbage collection on Remove failures (#9482)
ed7c6895b
Don't block snapshot garbage collection on Remove failures
- [release/1.7] Add warning for CRIU config usage (#9481)
1fdefdd22
Add warning for CRIU config usage
- [release/1.7] Fix otel version incompatibility (#9483)
- [release/1.7] Add cri-api v1alpha2 usage warning to all api calls (#9479)
dc45bc838
Add cri-api v1alpha2 usage warning to all api calls
- [release/1.7] cri: add deprecation warnings for deprecated CRI configs (#9469)
9d1bad62e
deprecation: fix missing spaces in warnings51a604c07
cri: add deprecation warning for runtime_root8040e74bf
cri: add deprecation warning for rutnime_engine99adc40eb
cri: add deprecation warning for default_runtimeafef7ec64
cri: add warning for untrusted_workload_runtime6220dc190
cri: add warning for old form of systemd_cgroup
- [release/1.7] runtime/v2: net.Dial gRPC shim sockets before trying grpc (#9458)
80f96cd18
runtime/v2: net.Dial gRPC shim sockets before trying grpc
- [release/1.7] tasks: emit warning for v1 runtime and runc v1 runtime (#9450)
- [release/1.7] push: always inherit distribution sources from parent (#9452)
4464fde12
push: always inherit distribution sources from parent
- [release/1.7] Update tar tests to run on Darwin (#9451)
7e069ee25
Update tar tests to run on Darwin
- [release/1.7] ctr: Add sandbox flag to ctr run (#9449)
5fc0e4e61
ctr: Add sandbox flag to ctr run
- [release/1.7] Windows default path overwrite fix (#9440)
31fe03764
Fix windows default path overwrite issue
- [release/1.7] snapshots: emit deprecation warning for aufs (#9436)
625b35e4b
snapshots: emit deprecation warning for aufs
Dependency Changes
- github.com/felixge/httpsnoop v1.0.3 new
- go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0 new
Previous release can be found at v1.7.10
containerd 1.6.26
Welcome to the v1.6.26 release of containerd!
The twenty-sixth patch release for containerd 1.6 contains various fixes and updates.
Notable Updates
- Fix windows default path overwrite issue (#9441)
- Update push to inherit distribution sources from parent (#9453)
- Mask
/sys/devices/virtual/powercap
path in runtime spec and deny in default apparmor profile (GHSA-7ww5-4wqc-m92c)
Deprecation Warnings
- Emit deprecation warning for AUFS snapshotter usage (#9448)
- Emit deprecation warning for v1 runtime usage (#9468)
- Emit deprecation warning for CRI v1alpha1 usage (#9468)
See the changelog for complete list of changes
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Samuel Karp
- Derek McGowan
- Kohei Tokunaga
- Phil Estes
- Bjorn Neergaard
- Sebastiaan van Stijn
- Brian Goff
- Charity Kathure
- Kazuyoshi Kato
- Milas Bowman
- Wei Fu
- ruiwen-zhao
Changes
30 commits
- [release/1.6] Prepare release notes for v1.6.26 (#9490)
ac5c5d3e0
Prepare release notes for v1.6.26
- Github Security Advisory GHSA-7ww5-4wqc-m92c
- [release/1.6] update to go1.20.12, test go1.21.5 (#9472)
- [release/1.6] Add cri-api v1alpha2 usage warning to all api calls (#9484)
64e56bfde
Add cri-api v1alpha2 usage warning to all api calls
- [release/1.6] tasks: emit warning for v1 runtime and runc v1 runtime (#9468)
- [release/1.6] snapshots: emit deprecation warning for aufs (#9448)
7cfe7052f
snapshots: emit deprecation warning for aufs
- [release/1.6] cherry-pick/backport: Update golangci lint (#9455)
- [release/1.6] push: inherit distribution sources from parent (#9453)
- [release/1.6] Bump google.golang.org/grpc to v1.58.3 (#9408)
- [release/1.6] Windows default path overwrite fix (#9441)
ede0ad5e1
Fix windows default path overwrite issue
Dependency Changes
- cloud.google.com/go/compute/metadata v0.2.3 new
- github.com/cespare/xxhash/v2 v2.1.2 -> v2.2.0
- github.com/golang/protobuf v1.5.2 -> v1.5.3
- github.com/klauspost/compress v1.11.13 -> v1.15.9
- go.opencensus.io v0.23.0 -> v0.24.0
- golang.org/x/oauth2 2bc19b11175f -> v0.10.0
- golang.org/x/sync v0.1.0 -> v0.3.0
- google.golang.org/grpc v1.50.1 -> v1.58.3
- google.golang.org/protobuf v1.28.1 -> v1.31.0
Previous release can be found at v1.6.25
containerd 1.7.10
Welcome to the v1.7.10 release of containerd!
The tenth patch release for containerd 1.7 contains various fixes and updates.
Notable Updates
- Enhance container image unpack client logs (#9379)
- cri: fix using the pinned label to pin image (#9381)
- fix: ImagePull should close http connection if there is no available data to read. (#9409)
See the changelog for complete list of changes
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Wei Fu
- Iceber Gu
- Austin Vazquez
- Derek McGowan
- Phil Estes
- Samuel Karp
- ruiwen-zhao
Changes
11 commits
- Add release notes for v1.7.10 (#9426)
a995fe3a8
Add release notes for v1.7.10
- [release/1.7] fix: ImagePull should close http connection if there is no available data to read. (#9409)
- [release/1.7] cri: fix using the pinned label to pin image (#9381)
- [release/1.7] Enhance container image unpack client logs (#9379)
5930a3750
Enhance container image unpack client logs
Dependency Changes
This release has no dependency changes
Previous release can be found at v1.7.9