Releases: AkihiroSuda/containerd
containerd 1.7.0-rc.1
Welcome to the v1.7.0-rc.1 release of containerd!
This is a pre-release of containerd
The eighth major release of containerd includes new functionality alongside many improvements.
This release is intended to be the last major release of containerd 1.x before 2.0.
Some functionality in this release may be considered experimental or unstable, but will become stable or default in 2.0.
This release still adheres to our backwards compability guarantees and users who do not use or enable new functionality should use this release with the same stability expectations.
The previous 1.6 release has also become a long term stable release for users who prefer releases with mostly stability improvements and wish to wait a few releases for new functionality.
Highlights
Sandbox API (experimental)
The sandbox API provides a new way of managing containerd's shim, providing more flexibility and functionality for multi-container environments such as Pods and VMs.
This API makes it easier to manage these groups of containers at a higher level and offers new extension points for shim implementations and clients.
Transfer Service (experimental)
- Transfer Service (#7320)
The transfer service provides a simple interface to transfer artifact objects between any source and destination. This allows for
pull and push operations to be done in containerd whether requested from clients or plugins. It is experimental in this release
to allow for further plugin development and integration into existing plugins.
See the Transfer Docs
NRI (experimental)
The Node Resource Interface is a common framework for plugging extensions into OCI-compatible container runtimes. It provides
basic mechanisms for plugins to track the state of containers and to make limited changes to their configuration.
This release introduces NRI v0.3.0 with an updated plugin interface to cover a wide range of use cases.
See the NRI Docs
Platform Support
- Linux containers on FreeBSD (#7000)
Runtime Features
- Add support for CDI device injection (#6654)
- Support for cgroups blockio (#5490)
- Add restart policy for enhanced restart manager (#6744)
gRPC Shim Support (experimental)
- Initial gRPC shim support (#8052)
Adds support for shims to use gRPC in addition to ttrpc. Existing ttrpc shim support is not going
away and will continue to be recommended for the best performance and lowest shim memory overhead.
The gRPC support allows implementation of a wider range of shim implementations which may not
have access to a stable ttrpc library in the implementation language. The shim protocol is also
updated to allow the shims to specify the protocol which is supported.
Road to 2.0
Refactoring
There are multiple places in the code today which are being targeted for refactoring to make long term support easier and to provide more extension points.
The CRI plugin is the most complex containerd plugin with a wide range of functionality. A major effort in this release and before 2.0 involves moving functionality
out of the single CRI plugin into smaller-scoped containerd plugins, such that they can be used and tested independently. The new sandbox and distribution interfaces provide one example of this,
but it also being done for image and network management.
The version of ttrpc has been updated this release to support streaming, allowing existing grpc services to use ttrpc.
Services are being refactored to allow ttrpc implementations, which can be served via shim and accessed using the new sandbox management capability.
- Remove gogoproto.customtype (#6699)
- Remove enumvalue_customname, goproto_enum_prefix and enum_customname (#6708)
- Remove all gogoproto extensions (#6829)
- Migrate off from github.com/gogo/protobuf (#6841)
- ttrpc streaming (ttrpc#107)
- Add unpack interface for client (#6749)
- Add collectible resources to metadata gc (#6804)
- Add version to shim protocol (#8177)
Configuration
Existing CRI configurations will be supported until 2.0.
Any functionality split out of CRI will have their configuration migrated to new plugins.
Deprecated configuration versions and configurations for deprecated features will be removed in 2.0.
Deprecation
The 2.0 release will remove any feature deprecated in 1.x. Features deprecated in this release include.
- Docker Schema 1 Image Deprecation (#6884)
CRI Updates
- Fix CRI plugin to setup pod network after creating the sandbox container (#5904)
- Support image pull progress timeout (#6150)
- Add experimental support for runtime specific snapshotters (#6899)
- Pass all TOML runtime configuration options from CRI to the runtime (#7764)
- Support for user namespaces in stateless pods (KEP-127) (experimental) (#7679)
- Add network plugin metrics (#7858)
- CRI v1alpha2 is deprecated and will be removed from containerd in containerd v2.0; if you are using the CRI API please move up to CRI v1; Kubernetes supports CRI v1 since Kubernetes 1.23 (#7863)
Other
- Support shallow content copy by adding reader option to local content reader at (#7414)
- Add NoSameOwner option when unpacking tars (#7386)
- Add
FetcherByDigest
for fetching blobs without fetching a manifest (#7460) - Update default seccomp profile to block socket calls to AF_VSOCK (#7510)
- Replace fork on mount logic with CLONE_FS (#7513)
- Add support for default registry host configuration (#7607)
- Use github.com/minio/sha256-simd for more efficient sha256 calculation (#7732)
- Make OCI options cross-platform (#7928)
- Update release builds to build from Ubuntu 20.04 with glibc 2.31 (#8021)
- Use data field from OCI descriptor when provided for fetch (#8076)
See the changelog for complete list of changes
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Derek McGowan
- Kazuyoshi Kato
- Maksym Pavlenko
- Phil Estes
- Wei Fu
- Akihiro Suda
- Sebastiaan van Stijn
- Samuel Karp
- Krisztian Litkey
- Mike Brown
- Danny Canter
- Daniel Canter
- Austin Vazquez
- yanggang
- Iceber Gu
- Ye Sijun
- Ed Bartosh
- Adam Korcz
- Luca Comellini
- Nashwan Azhari
- Stefan Berger
- Tony Fang
- ruiwen-zhao
- xin.li
- Brian Goff
- Gabriel Adrian Samfira
- Paul "TBBle" Hampson
- Henry Wang
- Rodrigo Campos
- Justin Terry
- Kevin Parsons
- Paco Xu
- Shengjing Zhu
- Swagat Bora
- wanglei
- zounengren
- Gavin Inglis
- Akhil Mohan
- Zechun Chen
- guodong
- lengrongfu
- James Jenkins
- Michael Crosby
- Qiutong Song
- Shiming Zhang
- Vincent Batts
- Antonio Ojea
- Cameron Sparr
- Casey Callendrello
- Changwei Ge
- Hsing-Yu (David) Chen
- Josh Seba
- Junyu Liu
- Kirtana Ashok
- Kohei Tokunaga
- Michael Zappa
- Qasim Sarfraz
- Tobias Klauser
- pigletfly
- yaoyinnan
- Abirdcfly
- Aditi Sharma
- Amit Barve
- Bennett-White
- Bjorn Neergaard
- Craig Ingram
- Eng Zer Jun
- Eric Lin
- Ethan Lowman
- Fabian Hoffmann
- James Sturtevant
- Jess
- Jian Zeng
- Jiongchi Yu
- Jonny Stoten
- Juan Hoyos
- Kang.Zhang
- Kay Yan
- Markus Lehtonen
- Mikko Ylinen
- Mohit Sharma
- Paul Cacheux
- Paul S. Schweigert
- Qian Zhang
- Yasin Turan
- Zhang Tianyang
- bin liu
- dependabot[bot]
- helen
- yulng
- Aman Sharma
- Anastassios Nanos
- Andrew G. Morgan
- Andrey Klimentyev
- Aniruddha Basak
- Anthony Nandaa
- Antti Kervinen
- Aviral Takkar
- Baoshuo
- Benjamin Elder
- Benjamin Wang
- Chao Dai
- Chuanying Du
- Claudiu Belu
- Cory Snider
- Daniel Lenar
- Danielle Lancashire
- Dat Nguyen
- Davanum Srinivas
- Dave
- David Leadbeater
- David Porter
- Dmitry...
containerd 1.7.0-beta.0.20221112
v1.7.0-beta.0.20221112 v1.7.0-beta.0.20221112
containerd 1.7.0-beta.0.20221111
v1.7.0-beta.0.20221111 v1.7.0-beta.0.20221111
containerd 1.7.0-prealpha.202210071413
v1.7.0-prealpha.202210071413 v1.7.0-prealpha.202210071413
containerd 1.7.0-prealpha.202208060102
v1.7.0-prealpha.202208060102 v1.7.0-prealpha.202208060102
containerd 1.6.7-prealpha.20220719
v1.6.7-prealpha.20220719 v1.6.7-prealpha.20220719