Skip to content

containerd 1.7.16

Choose a tag to compare

View all tags
@github-actions github-actions released this 25 Apr 13:53
· 4709 commits to main since this release
v1.7.16
This tag was signed with the committer’s verified signature.
dmcgowan Derek McGowan
GPG key ID: F58C5D0A4405ACDB
Verified
Learn about vigilant mode.
8303183
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Welcome to the v1.7.16 release of containerd!

The sixteenth patch release for containerd 1.7 contains various fixes and updates.

Highlights

  • Update AppArmor template to allow confined runc to kill containers (#10129)
  • Fix config import relative path glob (#9834)
  • Update AppArmor template to better support rootlesskit (#10116)
  • Update HTTP fallback to better account for TLS timeout and previous attempts (#10112)
  • Add support for HPC port forwarding (#10008)
  • Prevent GC from schedule itself with 0 period. (#10102)
  • Fix issue with using invalid token to retry fetching layer (#10065)
  • Automatically decompress archives for transfer service import (#9989)
  • Fix HTTPFallback fails when pushing manifest (#10044)
  • Add support for configuring otel from env and config deprecation notice (#9992)
  • Fix deadlock during NRI plugin registration (containerd/nri#79)

Build and Release Toolchain

  • Update Go to 1.21.9 and 1.22.2 with net/http security fix (#10115)

Container Runtime Interface (CRI)

  • Fix CRI snapshotter root path when not under containerd root (#10096)
  • Fix network creation failure from CreatedAt time as 269 years ago (#10122)
  • Include userns info in PodSandboxStatus (#9865)
  • Fix default working directory Windows HostProcess containers (#10071)
  • Fix ListPodSandboxStats to skip sandboxes with missing tasks (#10042)

Deprecations

  • Add support for configuring otel from env and config deprecation notice (#9992)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Samuel Karp
  • Wei Fu
  • Danny Canter
  • Kazuyoshi Kato
  • Kirtana Ashok
  • Maksym Pavlenko
  • Phil Estes
  • Sebastiaan van Stijn
  • Brian Goff
  • Rodrigo Campos
  • Akihiro Suda
  • Angelos Kolaitis
  • Bin Tang
  • David Porter
  • Edgar Lee
  • Evan Lezar
  • Kirill A. Korinsky
  • Kohei Tokunaga
  • Maksim An
  • Paweł Gronowski
  • Tomáš Virtus
  • 张钰10307750
  • 沈陵

Changes

50 commits

  • Add release notes for v1.7.16 (#10124)
  • Update AppArmor template to allow confined runc to kill containers (#10129)
    • 18a2c36fa apparmor: Allow confined runc to kill containers
  • Fix config import relative path glob (#9834)
    • 62e9535f2 Fix config import relative path glob
  • Fix CRI snapshotter root path when not under containerd root (#10096)
    • a8ebceb97 CRI: "Fix" imageFSPath behavior
    • bd423bf84 Snapshotters: Export the root path
    • 8fb6bfa71 Add exports to proxy plugin config
    • 8916e2cf9 Add platform config to proxy plugins
  • Fix network creation failure from CreatedAt time as 269 years ago (#10122)
    • 293f5151d pod: CreatedAt time will be 269 years ago while creating cri network failed.
  • Update AppArmor template to better support rootlesskit (#10116)
    • af19e746e apparmor: add signal (receive) peer=/usr/local/bin/rootlesskit,
  • Update Go to 1.21.9 and 1.22.2 with net/http security fix (#10115)
  • Update HTTP fallback to better account for TLS timeout and previous attempts (#10112)
    • 794b0c723 Add deprecated HTTPFallback for package compatibility
    • 51c649d9d Update HTTPFallback to handle tls handshake timeout
    • aa14890ed Remove empty default tls configuration in ctr
  • Add support for HPC port forwarding (#10008)
    • 3df5d4445 Add support for HPC port forwarding
  • Prevent GC from schedule itself with 0 period. (#10102)
    • 5c15bf406 Prevent GC from schedule itself with 0 period.
  • Include userns info in PodSandboxStatus (#9865)
    • b57dc9fd3 cri/server: Add userns tests in PodSandboxStatus
    • 6e809ef13 cri: Expose userns in PodSandboxStatus rpc
  • mod: bump github.com/containerd/nri@v0.6.1 (#10097)
    • 395a31901 mod: bump github.com/containerd/nri@v0.6.1
  • Fix issue with using invalid token to retry fetching layer (#10065)
    • f61de0864 fix bug that using invalid token to retry fetching layer
  • Bump tags.cncf.io/container-device-interface to v0.7.2 (#10077)
    • 7a2f49f70 Bump tags.cncf.io/container-device-interface to v0.7.2
  • Fix default working directory Windows HostProcess containers (#10071)
    • 989f1ec54 fix default working directory hostProcess
  • Fix unexpected order of mounts since go 1.19 (#10063)
    • 9f774e438 fix(cri): fix unexpected order of mounts since go 1.19
  • Automatically decompress archives for transfer service import (#9989)
    • 2aec52493 Automatically decompress archives for transfer service import
  • Use different containerd sock address in tests (#10056)
    • 8c76e7948 Use different containerd sock address in tests
  • Fix HTTPFallback fails when pushing manifest (#10044)
    • 18f4ad5ee remote: Fix HTTPFallback fails when pushing manifest
  • Add support for configuring otel from env and config deprecation notice (#9992)
  • Fix ListPodSandboxStats to skip sandboxes with missing tasks (#10042)
    • 90c309fe2 Add IsNotFound case to ListPodSandboxStats

Changes from containerd/nri

5 commits

Dependency Changes

  • github.com/containerd/nri v0.6.0 -> v0.6.1
  • tags.cncf.io/container-device-interface v0.6.2 -> v0.7.2
  • tags.cncf.io/container-device-interface/specs-go v0.6.0 -> v0.7.0

Previous release can be found at v1.7.15

Assets 48
Loading