github containerd/containerd v1.3.8
containerd 1.3.8

Welcome to the v1.3.8 release of containerd!

The eighth patch release for containerd 1.3 includes several bug fixes and updates.

Notable Updates

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Lantao Liu
  • Sebastiaan van Stijn
  • Phil Estes
  • Derek McGowan
  • Wei Fu
  • Akihiro Suda
  • Brian Goff
  • Jintao Zhang
  • Mike Brown
  • Samuel Karp
  • Bingshen Wang
  • Bowen Yan
  • Florian Schmaus
  • Giuseppe Capizzi
  • Kazuyoshi Kato
  • Kenta Tada
  • Li Yuxuan
  • Maksym Pavlenko
  • Michael Crosby
  • Shengjing Zhu
  • Stanislav Levin
  • Tianon Gravi
  • Tim Allclair

Changes

109 commits

  • 7fb6e1713 Merge pull request #4782 from dmcgowan/prepare-1.3.8
  • 3b63746c0 Prepare 1.3.8 release
  • b2f19447a Merge pull request #4753 from thaJeztah/1.3_restore_nil_pointer
  • b3913eeaf Merge pull request #4750 from thaJeztah/1.3_backport_windows_int_overflow
  • bcb8bd3e4 bug fix:#3448
  • 7f4ecee09 Fix integer overflow on windows
  • 609788376 Merge pull request #4747 from estesp/fix-gha-cve-1.3
  • 8fcab2e3f Fix release.yml script for GH Actions changes to env/path
  • e97ecf499 Merge pull request #4744 from estesp/fix-ci-1.3
  • 651188ccf Fix GH Actions CI deprecations
  • 81678f0e5 Merge pull request #4697 from estesp/cp-4692-1.3
  • d1f19bec7 Remove setuid gosu in favor of "sudo -E PATH=$PATH ..."
  • ee26aa810 Merge pull request #4693 from samuelkarp/release1.3-critest
  • 7f5720ee3 setup: install critest v1.16.1
  • 8ed201980 ci: run critest target for all runtimes
  • 0cd442194 Merge pull request #4649 from estesp/cp-4645-1.3
  • d47ee95a6 Check if a process exists before returning it
  • 53371c823 Merge pull request #4598 from estesp/release-script-updates
  • 4bb1ec089 Proper case for DESTDIR so GH Actions configuration is used
  • 6eef06eab Fix DCO commit limit
  • e5afa333a Add CRI release build
  • 9bd8f6e4c Update containerd systemd unit file
  • c7bd04763 Create etcd user in cloud init.
  • a208e937e use containerd/project header test
  • da709fe9b Fix indent in cni.template.
  • bdd3c8529 Update deployment and integration test
  • d8ef77eb8 Add TaskMax=infinity
  • f3c918509 Remove noSnat
  • e617564d9 Use v2 config.
  • 70d9e28a6 Use per-pod shim.
  • b3ef77e56 Add DefaultRuntimeName option.
  • f0d9c25e6 Use ctr images import.
  • 5a5581694 Add cri as required plugin.
  • 1ee592b6a Use runc.v1 for now for debugging.
  • a6f0c7ba1 Enable runc.v2 as the default runtime in test.
  • 61254c0d0 Use local env to avoid writing to passed-in readonly env.
  • 816214947 Set default "" to extra runtime handler.
  • 25b7a9361 Expose vars to configure an additional runtime handler
  • 90ef88d69 Support docker 18.09 in the test script.
  • 3acc61aad Remove the unused health-monitor.sh.
  • 1656e2c62 Support netd in GCE bootstrap.
  • cf18a7f24 Serve streaming on localhost by default to match k8s 1.11 default.
  • 6462656c5 Remove crictl on GCE for all cases.
  • 876448273 Set stream server to serve on localhost on GCE.
  • 151d40da7 Make max container log line size configurable through cloud init.
  • 7423599a9 Disable TLS streaming to work with new kubelet streaming proxy.
  • de14be92d Update cni.template
  • 7ba7a1c74 Disable restart plugin on GCE.
  • d5a7d0d40 Fix kube-container-runtime-monitor.
  • 51c239c50 Use crictl installed in kube-up.sh
  • 7e4202681 Add unix:// prefix for socket addresses used by CRI remote client.
  • 78bc3160c Add KUBE_CONTAINER_RUNTIME_NAME to fix fluentd support.
  • 1efcba285 Try using preloaded containerd if no version is specified.
  • b3d92c5dd Add log level support.
  • 4c3b865ef Improve gce bootstrapping in various ways.
  • bae03ff7c Add cni config template support.
  • cb8d42994 Enable TLS streaming in all the setup.
  • 7078a01e6 Use systemd service cgroup and oom score adj.
  • eca3ca166 Fix for kube-up.sh and update several documments.
  • 95159e4e5 Replace ctrcri with ctr cri.
  • 240169814 Update GCE cluster bootstrapping and e2e test
  • 1fe038512 Enable container log rotation.
  • 0ce45ac5d Do not block on stream server close.
  • 206b239d6 Add initial wait for health-monitor and use pkill -x.
  • fc561a2a1 The ENV is finalized as KUBE_KUBELET_EXTRA_ARGS.
  • 8416e9356 change crictl sandboxes to pods; other references to sandboxes
  • 23bd0364e Update ocicni to main stream.
  • 1b4ef5d64 Add a separate CLI for cri-containerd ctrcri.
  • 4fc3b564c Use registry-1.docker.io as backup
  • 3bc1d3559 Put version into metadata so that version won't be changed across restart.
  • 544e0e71a Set registry mirror.
  • 0d0257a94 Configure container runtime cgroups for cgroup.
  • 5ad7db207 Add runtime cgroup and fix a cli panic.
  • 89e92495d Update all glog flags to log-level.
  • b49929ebc Update containerd to 6c7abf7c76c1973d4fb4b0bad51691de84869a51.
  • 077721211 Add document for kube-up.sh
  • a797a6ce2 Add OS and arch in release tarball.
  • 2ad761ddb Add cluster directory and health-monitor.sh.
  • 02d93addb Merge pull request #4561 from thaJeztah/1.3_backport_seccomp_updates
  • 1f5b5c909 seccomp: allow io-uring related system calls
  • 37c1a8ecb seccomp: allow clock_settime when CAP_SYS_TIME is added
  • f959608b0 seccomp: allow quotactl with CAP_SYS_ADMIN
  • 61f1b4ee2 seccomp: allow sync_file_range2 on supported architectures.
  • 4748bb7d5 seccomp: allow personality with UNAME26 bit set
  • 93a529467 seccomp: allow syscall membarrier
  • 280fc55eb seccomp: allow adjtimex get time operation
  • 2fb406bef seccomp: allow add preadv2 and pwritev2 syscalls
  • f81ce26aa seccomp: move the syslog syscall to be gated by CAP_SYS_ADMIN or CAP_SYSLOG
  • 2ee65d857 Update usage of whitelist in project
  • 39052fa79 seccomp: allow 'rseq' syscall in default seccomp profile
  • a3a385c9d seccomp: remove the unused query_module(2)
  • 7d3e2766c seccomp: Whitelist clock_adjtime
  • 078b6d91b seccomp: add 64-bit time_t syscalls
  • 6f8f27ab4 Merge pull request #4553 from thaJeztah/1.3_backport_add_openat2_syscall
  • bdb3ce2fa seccomp: add faccessat2 syscall.
  • 44633cf1b seccomp: add openat2 syscall.
  • 8d67174ae Merge pull request #4543 from thaJeztah/1.3_backport_forward_signal_not_found
  • 1850de7af Ignore SIGURG signals in signal forwarder
  • 11325afdb Exit signal forward if process not found
  • aebad1da6 Merge pull request #4511 from fuweid/13-cherry-pick-4486
  • 58172a6f4 tasks: Monitor v2 tasks in initFunc as well
  • f99bb2cc4 Merge pull request #4495 from kzys/backport-1.3-4437
  • fd6c9153a snapshots/devmapper: fix rollback
  • 6c71fe1c4 Merge pull request #4463 from thaJeztah/1.3_backport_bump_golang_1.13.15
  • 1ef5cd282 Bump Golang 1.13.15
  • 0e7693b58 Bump Golang 1.13.14
  • e36542ca5 Bump Go 1.13.13
  • 83b33f63b .zuul: update go version to 1.13.10
  • 2ba1c323b ci: set pipefail in zuul script



Dependency Changes

This release has no dependency changes

Previous release can be found at v1.3.7

latest releases: v1.5.0-beta.0, v1.3.9, v1.4.3...
one month ago