Welcome to the v2.1.8 release of containerd!
The eighth patch release for containerd 2.1 contains various fixes and updates.
Security Updates
Highlights
Runtime
- Fix handling of out-of-range USER values in OCI spec to avoid unexpected username/group lookups (#13497)
- Fix bugs in sandbox service affecting sandbox creation configuration and event publishing (#13272)
- Set AppArmor abi conditionally to support versions < 3.0 (#13274)
Snapshotters
- Support both "volatile" and "fsync=volatile" mount options for volatile snapshotter (#13297)
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Wei Fu
- Brian Goff
- Chris Henzie
- Samuel Karp
- LEI WANG
- William Myers
Changes
12 commits
- Prepare release notes for v2.1.8 (#13489)
07f2265d4Prepare release notes for v2.1.8
- oci: return explicit error for out-of-range USER values (#13497)
2054cc54coci: return explicit error for out-of-range USER values
- Support both styles of volatile mount option (#13297)
677e8f08aSupport both styles of volatile mount option
- backport: sandbox: forward Create fields, fix event topics (#13272)
f3b4b35c9sandbox: forward Create fields, fix event topics
- apparmor: Set abi conditionally (#13274)
eba90da61apparmor: Set abi conditionally
- Add GitHub Action for k8s node e2e tests (#13249)
b8b110584Add GitHub Action for k8s node e2e tests
Dependency Changes
This release has no dependency changes
Previous release can be found at v2.1.7
Which file should I download?
containerd-<VERSION>-<OS>-<ARCH>.tar.gz: ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04).containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz: Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent.
In addition to containerd, typically you will have to install runc
and CNI plugins from their official sites too.
See also the Getting Started documentation.