GRR v1.11.0: This One Goes To Eleven
UPGRADE NOTE, ADDED 6/3/18: the previous rootfs management code had a bug where it considered compressed layer sizes rather than uncompressed sizes when calculating docker image quota usage. This means after upgrading to this version of garden docker images that used to fit in to quota (due to the bug) may no longer fit in to the same quota size
This release integrates grootfs and makes it the default filesystem manager for garden. You can still opt back in to garden-shed using the deprecated_use_garden_shed property. Grootfs uses overlay+xfs rather than aufs and supports running without root privileges.
Action Required: If you were using the separate grootfs-release, you can now just use this release. cf-deployment users do not need to take any action.
Action Required: If you weren't using grootfs-release please try to combine this deploy with a stemcell update or do a --recreate of your cells to clean up extra space from the old rootfs management code.
Other Noteworthy Changes:
- A number of fixes to grootfs, including fixing a leak in GC and removing an overbroad log line that could lead to passwords being logged.
- Fixes for creating processes with their own root filesystem in privileged containers
- Garden's init process now properly reaps processes. This avoids zombies on more recent kernels.
- Rootless mode is now supported on stemcells with hardened umask settings.
Bosh Property Updates
- As part of merging grootfs in to garden, the grootfs.* properties are now available in this release. Existing garden.* properties related to rootfs management are deprecated but still work to set the corresponding grootfs properties.
- It is now possible to ask for additional DNS entries to be supplied via the
additional_host_entriesbosh property (#54)
Dependency Updates:
- tar bumped to 1.30
- libnftnl bumped to 1.0.9