@jonboulle jonboulle released this Sep 16, 2015 · 3462 commits to master since this release

Assets 4

While the noticeable changes should be minimal, there are a huge number of bug fixes and improvements under the hood which sets us up nicely for a significant v0.9.0 release in the next couple of weeks.

A few notable UX changes in this release:

  • Arguments can now be passed through to CNI plugins on the command line - see the networking documentation for details
  • The default metadata service port has been changed from 2375 (which had an unfortunate conflict with an IANA registered/reserved port) to an arbitrary non-registered port, 18112
  • The APPNAME field in the output of rkt image list has been changed to the more accurate NAME
  • rkt rm now supports a variable number of arguments, allowing the removal of multiple pods simultaneously

Full list of changes:

  • New features and UX changes:
    • rkt rm is now variadic: it can now remove multiple pods in one command, by UUID
    • The APPNAME column in rkt image list output has been changed to the more accurate NAME. This involves a schema change in rkt's on-disk datastore, but this should be upgraded transparently.
    • Headers are now sent when following HTTP redirects while trying to retrieve an image
    • The default metadata service port number was changed from a registered/reserved IANA port to an arbitrary port in the non-dynamic range
    • Added the ability to override arguments for network plugins
    • rkt will now error out if someone attempts to use --private-users with the lkvm backend
  • Bug fixes:
    • Fixed creation of /tmp in apps' root filesystems with correct permissions
    • Fixed garbage collection after umounts (for example, if a system reboots before a pod is cleanly destroyed)
    • Fixed a race in interactive mode when using the lkvm backend that could cause a deadlock or segfault
    • Fixed bad parameter being passed to the metadata service ("uid" -> "uuid")
    • Fixed setting of file permissions during stage1 set up
    • Fixed a potential race condition during simultaneous iptables invocation
    • Fixed ACI download progress being sent to stderr instead of stdout, now consistent with the output during retrieval of Docker images
    • rkt help prepare will now show the correct default stage1 image
    • rkt will refuse to add isolators with nil Limits, preventing a panic caused by an ambiguity in upstream appc schema
  • Other changes:
    • Reworked the SELinux implementation to use systemd-nspawn's native context-switching feature
    • Added a workaround for a bug in Docker <1.8 when it is run on the same system as rkt (see #1210 (comment))
    • Added a rkt-xxxx-tapN name to tap devices that rkt creates
    • Functional tests now clean intermediate images between tests
    • Countless improvements and cleanup to the build system
    • Numerous documentation improvements, including splitting out all top-level rkt subcommands into their own documents