The website uses cookies. By using this site, you agree to our use of cookies as described in the Privacy Policy.
I Agree
blank_error__heading
blank_error__body
Text direction?

Release containerd 1.4.0 · containerd/containerd

Welcome to the v1.4.0 release of containerd!

The fifth major release of containerd includes a mix of new features and
expanded support, such as support for CGroups v2, expanded SELinux support,
support for Windows on Kubernetes through CRI, and support for snapshotters
based on shared remote storage. All significant bug and stability fixes included
in this release are also available on supported prior releases. Like previous
major releases, what is not included in this release is also important. There
are only two small additions to the API with no backwards incompatible changes,
allowing client and daemon upgrades to be done independently without disruption.
The incredible increase in usage of containerd over the last year has shown the
value of our core principles to easily expand support for different use cases
while driving toward ever increasing stability.

Runtime

  • Support cgroups v2 #3726
  • Improved SELinux support
  • Rework shim logger shutdown process #4162
  • Deprecate io.containerd.runtime.v1.* and io.containerd.runc.v1 #4384

Snapshots

  • Support target snapshot option on prepare to allow skipping prepare when snapshot reports target already exists #3793
  • Add filters to walk function #3709
  • Support for FUSE mounts #3765
  • Snapshotter options passed to backend #4080
  • Support for lazy-pull snapshotters such as stargz-snapshotter

Plugins

  • Proxy snapshotter support for cleanup #3925

Client

  • Add spec options for host device and privileged handling #3718
  • WithLease takes options for more flexibility #3719
  • Add unpack options for pull #3826
  • Improve host fallback behaviour in docker remote #3868
  • Defer layer download until unpack to support skipping download when snapshotter reports already exists #3870
  • Split UID and GID namespace mapping in spec generation #3881
  • Propagate snapshotter layer annotations on unpack #3911
  • Create image record after blob download to fix concurrent download issue #3972
  • Use spec's mountLabel when mounting container rootfs #4051
  • Add Linux resources to spec options #4083
  • New registry configuration tooling for improved mirror and endpoint options #4138
  • Add namespace query parameter when using a registry proxy #4413

API

  • Add filters to snapshot list #3709
  • Add snapshot cleanup #3925

Daemon

  • Support NOTIFY_SOCKET for notifying the daemon's readiness to systemd #4088
  • Remove libseccomp requirement, seccomp support is now always built-in #4439

Windows

  • Disk usage support in snapshotter #3785
  • Add support for custom wcow and lcow sandbox scratch sizes #3965
  • Enable CRI plugin #4076

CRI

  • Support CNI DNS capabilities cri#1244
  • Build CRI Plugin on Windows and add presubmit cri#1258
  • Use container annotations when creating containers cri#1260
  • Add support for Windows containers process isolation cri#1264
  • Add windows port forward support cri#1284
  • Use http for localhost registry connections cri#1328
  • Add resolv.conf to sandbox container mounts cri#1344
  • Use host devices options from oci specs cri#1349
  • Fix privileged supported cri#1356
  • Update default runtime to io.containerd.runc.v2 cri#1359
  • Add instrospection service cri#1364
  • Unshare cgroup namespace for container when using cgroupv2 cri#1371
  • Add CPU and memory cgroupv2 metrics cri#1376
  • Reload CNI network config on fs change events cri#1405
  • Add support for stargz remote snapshots cri#1431
  • Add support for 'container-name' OCI annotation cri#1436
  • Remove socat for port forwarding cri#1470
  • Add config flag to default empty seccomp profile cri#1472
  • Add SELinux support cri#1487

And many more improvements and bug fixes in the complete changelog

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Phil Estes
  • Lantao Liu
  • Sebastiaan van Stijn
  • Akihiro Suda
  • Michael Crosby
  • Mike Brown
  • Wei Fu
  • Derek McGowan
  • Boris Popovschi
  • Maksym Pavlenko
  • Stefan Berger
  • Brandon Lum
  • Davanum Srinivas
  • Rui Chen
  • Brian Goff
  • Shengjing Zhu
  • Kohei Tokunaga
  • Kir Kolyshkin
  • Paul "TBBle" Hampson
  • Justin Terry
  • Kazuyoshi Kato
  • Li Yuxuan
  • Fahed Dorgaa
  • Gaurav Singh
  • Hu Shuai
  • Xiaodong Ye
  • Jie Hao Liao
  • Johannes Frey
  • Mario Macias
  • Ted Yu
  • Eric Ren
  • Erik Sipsma
  • Fupan Li
  • Joakim Roubert
  • Sam Whited
  • Sascha Grunert
  • Tõnis Tiigi
  • Alex Price
  • Antonio Ojea
  • Byonggon Chun
  • Daniel Canter
  • Darren Shepherd
  • Ed Bartosh
  • Eric Ernst
  • George Goh
  • Junior Santos
  • Kathryn Baldauf
  • Kenta Tada
  • Kevin Parsons
  • Manuel Rüger
  • Seth Pellegrino
  • Stephen J Day
  • Tibor Vass
  • Tom Faulhaber
  • xianlubird
  • Abhishek Kulkarni
  • Alex Ellis (OpenFaaS Ltd)
  • Ameya Gawde
  • Andrew Dunham
  • Angela Li
  • Arnaud Rebillout
  • Ashray Jain
  • Avi Deitcher
  • Bingshen Wang
  • Brian Pursley
  • Chethan Suresh
  • Chris C
  • Daniel Bevenius
  • Dave Syer
  • Drew Erny
  • Eli Uriegas
  • Erik Wilson
  • Evan Cordell
  • Fabricio Voznika
  • Florian Schmaus
  • Gábor Lipták
  • Haitao Li
  • HsuanChi (Austin) Kuo
  • Ivan Markin
  • Jacob Blain Christen
  • James Sturtevant
  • Jintao Zhang
  • Johann Neuhauser
  • John Millikin
  • Jordan Karaze
  • Joris De Winne
  • Josh Dolitsky
  • Justin Cormack
  • Justin Hutchings
  • Kiril Vladimiroff
  • Laszlo Janosi
  • Lifubang
  • Lorenz Brun
  • Lucas Kanashiro
  • Martin Hickey
  • Mihai Coman
  • Mikko Ylinen
  • Morgan Bauer
  • Murat
  • Nick Ethier
  • Nishchay Kumar
  • Peng Tao
  • Philip Marin
  • Reid Li
  • Rudy Zhang
  • SaiHarshaK
  • Seth Bunce
  • Sherif
  • Shiwei Zhang
  • SiYu Zhao
  • Stanislav Levin
  • Takumasa Sakao
  • Thibaut Collet
  • Tim Allclair
  • Tobias Bradtke
  • Tobias Klauser
  • Tom Wieczorek
  • Ulysses Souza
  • Wilbert van de Ridder
  • Yikun Jiang
  • Zhiyu Li
  • dingdongx
  • kenneth.kang
  • sayaoailun
  • yang yang
  • yuxiaobo
  • 张潇
  • 徐敏才

Changes

876 commits

Changes from containerd/aufs

4 commits

Changes from containerd/btrfs

7 commits

Changes from containerd/cgroups

181 commits

Changes from containerd/console

8 commits

Changes from containerd/continuity

35 commits

Changes from containerd/cri

401 commits

Changes from containerd/fifo

10 commits

Changes from containerd/go-cni

15 commits

Changes from containerd/go-runc

8 commits

Changes from containerd/imgcrypt

71 commits

Changes from containerd/ttrpc

19 commits

Changes from containerd/typeurl

20 commits

Changes from containerd/zfs

3 commits

Dependency Changes

  • github.com/Microsoft/hcsshim 9e921883ac92 -> v0.8.9
  • github.com/beorn7/perks 4c0e84591b9a -> v1.0.1
  • github.com/cespare/xxhash/v2 v2.1.1 new
  • github.com/cilium/ebpf 1c8d4c9ef775 new
  • github.com/containerd/aufs f894a800659b -> 371312c1e31c
  • github.com/containerd/btrfs af5082808c83 -> 153935315f4a
  • github.com/containerd/cgroups c4b9ac5c7601 -> 318312a37340
  • github.com/containerd/console 0650fd9eeb50 -> v1.0.0
  • github.com/containerd/continuity f2a389ac0a02 -> efbc4488d8fe
  • github.com/containerd/cri 5d49e7e51b43 -> 4e6644c
  • github.com/containerd/fifo bda0ff6ed73c -> f15a3290365b
  • github.com/containerd/go-cni 49fbd9b210f3 -> v1.0.0
  • github.com/containerd/go-runc e029b79d8cda -> 7016d3ce2328
  • github.com/containerd/imgcrypt v1.0.1 new
  • github.com/containerd/ttrpc 92c8520ef9f8 -> v1.0.1
  • github.com/containerd/typeurl a93fcdb778cd -> v1.0.1
  • github.com/containerd/zfs 2ceb2dbb8154 -> 9abf673ca6ff
  • github.com/containers/ocicrypt v1.0.1 new
  • github.com/coreos/go-systemd/v22 v22.1.0 new
  • github.com/cpuguy83/go-md2man/v2 v2.0.0 new
  • github.com/docker/docker 86f080cff091 -> 4634ce647cf2
  • github.com/docker/go-events 9461782956ad -> e31b211e4f1c
  • github.com/docker/go-metrics 4ea375f7759c -> v0.0.1
  • github.com/fsnotify/fsnotify v1.4.9 new
  • github.com/fullsailor/pkcs7 8306686428a5 new
  • github.com/go-logr/logr v0.2.0 new
  • github.com/godbus/dbus/v5 v5.0.3 new
  • github.com/gogo/googleapis v1.2.0 -> v1.3.2
  • github.com/gogo/protobuf v1.2.1 -> v1.3.1
  • github.com/golang/protobuf v1.2.0 -> v1.3.5
  • github.com/google/gofuzz v1.0.0 -> v1.1.0
  • github.com/grpc-ecosystem/go-grpc-prometheus 6b7015e65d36 -> v1.2.0
  • github.com/json-iterator/go v1.1.7 -> v1.1.10
  • github.com/konsorten/go-windows-terminal-sequences v1.0.1 -> v1.0.3
  • github.com/modern-go/reflect2 1.0.1 -> v1.0.1
  • github.com/opencontainers/go-digest c9281466c8b2 -> v1.0.0
  • github.com/opencontainers/runc 3e425f80a8c9 -> v1.0.0-rc92
  • github.com/opencontainers/runtime-spec 29686dbc5559 -> 4d89ac9fbff6
  • github.com/opencontainers/selinux v1.2.2 -> v1.6.0
  • github.com/pkg/errors v0.8.1 -> v0.9.1
  • github.com/prometheus/client_golang f4fb1b73fb09 -> v1.6.0
  • github.com/prometheus/client_model 99fa1f4be8e5 -> v0.2.0
  • github.com/prometheus/common 89604d197083 -> v0.9.1
  • github.com/prometheus/procfs cb4147076ac7 -> v0.0.11
  • github.com/russross/blackfriday/v2 v2.0.1 new
  • github.com/shurcooL/sanitized_anchor_name v1.0.0 new
  • github.com/sirupsen/logrus v1.4.1 -> v1.6.0
  • github.com/urfave/cli v1.22.0 -> v1.22.1
  • github.com/willf/bitset d5bec3311243 new
  • go.etcd.io/bbolt v1.3.3 -> v1.3.5
  • golang.org/x/crypto 5c40567a22f8 -> 75b288015ac9
  • golang.org/x/net f3200d17e092 -> ab3426394381
  • golang.org/x/oauth2 0f29369cfe45 -> 858c2ad4c8b6
  • golang.org/x/sys 9eafafc0a87e -> ed371f2e16b4
  • golang.org/x/text 19e51611da83 -> v0.3.3
  • golang.org/x/time 85acf8d2951c -> 555d28b269f0
  • google.golang.org/genproto d80a6e20e776 -> e50cd9704f63
  • google.golang.org/grpc 6eaf6f47437a -> v1.27.1
  • gopkg.in/inf.v0 v0.9.0 -> v0.9.1
  • gopkg.in/square/go-jose.v2 v2.3.1 new
  • gopkg.in/yaml.v2 v2.2.2 -> v2.2.8
  • gotest.tools/v3 v3.0.2 new
  • k8s.io/api kubernetes-1.16.0-rc.2 -> v0.19.0-rc.4
  • k8s.io/apimachinery kubernetes-1.16.0-rc.2 -> v0.19.0-rc.4
  • k8s.io/apiserver kubernetes-1.16.0-rc.2 -> v0.19.0-rc.4
  • k8s.io/client-go kubernetes-1.16.0-rc.2 -> v0.19.0-rc.4
  • k8s.io/cri-api kubernetes-1.16.0-rc.2 -> v0.19.0-rc.4
  • k8s.io/klog/v2 v2.2.0 new
  • k8s.io/utils c2654d5206da -> 2df71ebbae66
  • sigs.k8s.io/structured-merge-diff/v3 v3.0.0 new
  • sigs.k8s.io/yaml v1.1.0 -> v1.2.0

Previous release can be found at v1.3.0

Measure
Measure
Related Notes
Get a free MyMarkup account to save this article and view it later on any device.
Create account

End User License Agreement

Summary | 3 Annotations
support for snapshotters based on shared remote storage
2020/08/20 10:24
Unshare cgroup namespace for container when using cgroupv2
2020/08/20 10:29
Add CPU and memory cgroupv2 metrics
2020/08/20 10:29