Tons of refactoring happened in this release. Thanks to all the contributors for working on this.
This release also features:
- Experimental support for reading Kubernetes container logs (
nerdctl --namespace=k8s.io logs <CONTAINERID>) - Improved compose error messages
- Enhanced support for Windows
Note
Upgrade notice
The CNI plugins package bundled with the
nerdctl-fulldistribution is upgraded to v1.2.0 in this release.Some users of rootless mode may face an error like
open /etc/cni/tuning/allowlist.conf: permission deniedwhen/etc/cniis created with the0700permission on the host.In this case, run
sudo chmod 0755 /etc/cnion the host.
Changes
nerdctl logs:- Experimental support for reading Kubernetes container logs (#1847, #1958, thanks to @zhaojizhuang)
nerdctl run:- Support specifying
-tand-din conjunction (#1642, thanks to @yzxiu) - Add
--utsflag (#1683, thanks to @dcantah) - Add
--cgroup-parentflag (#1782, thanks to @dcantah) - Windows: Add
nerdctl run --isolation=hostfor running Host Process containers (#795, thanks to @jsturtevant) - Windows: Add
nerdctl run --isolation=hyperv(#1848, thanks to @dardelean)
- Support specifying
nerdctl images:- Add
--filter dangling=truefilter (#1785, thanks to @manugupt1)
- Add
nerdctl build:- Propagate
SOURCE_DATE_EPOCHfrom the client env to the build arg (#1926)
- Propagate
nerdctl compose create:- Add
nerdctl compose createcommand (#1668, thanks to @djdongjin)
- Add
nerdctl compose start:- Add
nerdctl compose startcommand (#1656, thanks to @djdongjin)
- Add
nerdctl compose up:- Show detailed errors again (#1943)
nerdctl compose down:- Add
--remove-orphansflag (#1366, thanks to @stillfox-lee)
- Add
- IPFS:
- Refactoring:
- Docs:
- Move the command reference from
README.mdtodocs/command-reference.md(#1880, thanks to @djdongjin)
- Move the command reference from
- nerdctl-full:
- Project:
- Add Jing Dong (@djdongjin) as a REVIEWER (#1649)
Full changes: https://github.com/containerd/nerdctl/milestone/25?closed=1
Thanks to @Iceber @Laitr0n @Rajpratik71 @STRRL @Zheaoli @aman556 @austinvazquez @ayewo @dardelean @davidhsingyuchen @dcantah @djdongjin @fahedouch @ginglis13 @jsturtevant @ktock @manugupt1 @miles170 @stillfox-lee @suyanhanx @thaJeztah @weikequ @yzxiu @zhaojizhuang
Compatible containerd versions
This release of nerdctl is expected to be used with containerd v1.5 or v1.6.
About the binaries
- Minimal (
nerdctl-1.2.0-linux-amd64.tar.gz): nerdctl only - Full (
nerdctl-full-1.2.0-linux-amd64.tar.gz): Includes dependencies such as containerd, runc, and CNI
Minimal
Extract the archive to a path like
/usr/local/bin or ~/bin .
tar Cxzvvf /usr/local/bin nerdctl-1.2.0-linux-amd64.tar.gz
-rwxr-xr-x root/root 25739264 2023-01-31 02:23 nerdctl
-rwxr-xr-x root/root 21622 2023-01-31 02:23 containerd-rootless-setuptool.sh
-rwxr-xr-x root/root 7032 2023-01-31 02:23 containerd-rootless.sh
Full
Extract the archive to a path like
See
/usr/local or ~/.local .
tar Cxzvvf /usr/local nerdctl-full-1.2.0-linux-amd64.tar.gz
drwxr-xr-x 0/0 0 2023-01-31 02:37 bin/
-rwxr-xr-x 0/0 27066289 2015-10-21 00:00 bin/buildctl
-rwxr-xr-x 0/0 23724032 2022-09-05 09:52 bin/buildg
-rwxr-xr-x 0/0 51992719 2015-10-21 00:00 bin/buildkitd
-rwxr-xr-x 0/0 3602712 2023-01-31 02:31 bin/bypass4netns
-rwxr-xr-x 0/0 5111808 2023-01-31 02:32 bin/bypass4netnsd
-rwxr-xr-x 0/0 55108536 2023-01-31 02:34 bin/containerd
-rwxr-xr-x 0/0 10219520 2022-11-09 07:56 bin/containerd-fuse-overlayfs-grpc
-rwxr-xr-x 0/0 21622 2023-01-31 02:32 bin/containerd-rootless-setuptool.sh
-rwxr-xr-x 0/0 7032 2023-01-31 02:32 bin/containerd-rootless.sh
-rwxr-xr-x 0/0 9768960 2023-01-31 02:34 bin/containerd-shim-runc-v2
-rwxr-xr-x 0/0 58983200 2023-01-26 12:59 bin/containerd-stargz-grpc
-rwxr-xr-x 0/0 20333208 2023-01-31 02:37 bin/ctd-decoder
-rwxr-xr-x 0/0 28135832 2023-01-31 02:33 bin/ctr
-rwxr-xr-x 0/0 29080179 2023-01-31 02:37 bin/ctr-enc
-rwxr-xr-x 0/0 26628320 2023-01-26 12:59 bin/ctr-remote
-rwxr-xr-x 0/0 1783392 2023-01-31 02:37 bin/fuse-overlayfs
-rwxr-xr-x 0/0 81736760 2023-01-23 14:59 bin/ipfs
-rwxr-xr-x 0/0 25710592 2023-01-31 02:32 bin/nerdctl
-rwxr-xr-x 0/0 9847163 2022-11-15 11:19 bin/rootlessctl
-rwxr-xr-x 0/0 11311662 2022-11-15 11:19 bin/rootlesskit
-rwxr-xr-x 0/0 13784704 2023-01-31 02:32 bin/runc
-rwxr-xr-x 0/0 2338128 2023-01-31 02:37 bin/slirp4netns
-rwxr-xr-x 0/0 870496 2023-01-31 02:37 bin/tini
drwxr-xr-x 0/0 0 2023-01-31 02:36 lib/
drwxr-xr-x 0/0 0 2023-01-31 02:36 lib/systemd/
drwxr-xr-x 0/0 0 2023-01-31 02:36 lib/systemd/system/
-rw-r--r-- 0/0 1331 2023-01-31 02:36 lib/systemd/system/buildkit.service
-rw-r--r-- 0/0 1270 2023-01-31 02:31 lib/systemd/system/containerd.service
-rw-r--r-- 0/0 312 2023-01-31 02:36 lib/systemd/system/stargz-snapshotter.service
drwxr-xr-x 0/0 0 2023-01-31 02:36 libexec/
drwxrwxr-x 0/0 0 2023-01-31 02:36 libexec/cni/
-rwxr-xr-x 0/0 3859475 2023-01-16 21:42 libexec/cni/bandwidth
-rwxr-xr-x 0/0 4299004 2023-01-16 21:42 libexec/cni/bridge
-rwxr-xr-x 0/0 10167415 2023-01-16 21:42 libexec/cni/dhcp
-rwxr-xr-x 0/0 3986082 2023-01-16 21:42 libexec/cni/dummy
-rwxr-xr-x 0/0 4385098 2023-01-16 21:42 libexec/cni/firewall
-rwxr-xr-x 0/0 3870731 2023-01-16 21:42 libexec/cni/host-device
-rwxr-xr-x 0/0 3287319 2023-01-16 21:42 libexec/cni/host-local
-rwxr-xr-x 0/0 3999593 2023-01-16 21:42 libexec/cni/ipvlan
-rwxr-xr-x 0/0 3353028 2023-01-16 21:42 libexec/cni/loopback
-rwxr-xr-x 0/0 4029261 2023-01-16 21:42 libexec/cni/macvlan
-rwxr-xr-x 0/0 3746163 2023-01-16 21:42 libexec/cni/portmap
-rwxr-xr-x 0/0 4161070 2023-01-16 21:42 libexec/cni/ptp
-rwxr-xr-x 0/0 3550152 2023-01-16 21:42 libexec/cni/sbr
-rwxr-xr-x 0/0 2845685 2023-01-16 21:42 libexec/cni/static
-rwxr-xr-x 0/0 3437180 2023-01-16 21:42 libexec/cni/tuning
-rwxr-xr-x 0/0 3993252 2023-01-16 21:42 libexec/cni/vlan
-rwxr-xr-x 0/0 3586502 2023-01-16 21:42 libexec/cni/vrf
drwxr-xr-x 0/0 0 2023-01-31 02:32 share/
drwxr-xr-x 0/0 0 2023-01-31 02:32 share/doc/
drwxr-xr-x 0/0 0 2023-01-31 02:32 share/doc/nerdctl/
-rw-r--r-- 0/0 12339 2023-01-31 02:23 share/doc/nerdctl/README.md
drwxr-xr-x 0/0 0 2023-01-31 02:32 share/doc/nerdctl/docs/
-rw-r--r-- 0/0 3953 2023-01-31 02:23 share/doc/nerdctl/docs/build.md
-rw-r--r-- 0/0 2570 2023-01-31 02:23 share/doc/nerdctl/docs/builder-debug.md
-rw-r--r-- 0/0 3996 2023-01-31 02:23 share/doc/nerdctl/docs/cni.md
-rw-r--r-- 0/0 67464 2023-01-31 02:23 share/doc/nerdctl/docs/command-reference.md
-rw-r--r-- 0/0 1846 2023-01-31 02:23 share/doc/nerdctl/docs/compose.md
-rw-r--r-- 0/0 3030 2023-01-31 02:23 share/doc/nerdctl/docs/config.md
-rw-r--r-- 0/0 7328 2023-01-31 02:23 share/doc/nerdctl/docs/cosign.md
-rw-r--r-- 0/0 2435 2023-01-31 02:23 share/doc/nerdctl/docs/dir.md
-rw-r--r-- 0/0 854 2023-01-31 02:23 share/doc/nerdctl/docs/experimental.md
-rw-r--r-- 0/0 14217 2023-01-31 02:23 share/doc/nerdctl/docs/faq.md
-rw-r--r-- 0/0 1197 2023-01-31 02:23 share/doc/nerdctl/docs/freebsd.md
-rw-r--r-- 0/0 2439 2023-01-31 02:23 share/doc/nerdctl/docs/gpu.md
-rw-r--r-- 0/0 14463 2023-01-31 02:23 share/doc/nerdctl/docs/ipfs.md
-rw-r--r-- 0/0 1748 2023-01-31 02:23 share/doc/nerdctl/docs/multi-platform.md
-rw-r--r-- 0/0 2596 2023-01-31 02:23 share/doc/nerdctl/docs/nydus.md
-rw-r--r-- 0/0 3277 2023-01-31 02:23 share/doc/nerdctl/docs/ocicrypt.md
-rw-r--r-- 0/0 1876 2023-01-31 02:23 share/doc/nerdctl/docs/overlaybd.md
-rw-r--r-- 0/0 15626 2023-01-31 02:23 share/doc/nerdctl/docs/registry.md
-rw-r--r-- 0/0 5088 2023-01-31 02:23 share/doc/nerdctl/docs/rootless.md
-rw-r--r-- 0/0 10370 2023-01-31 02:23 share/doc/nerdctl/docs/stargz.md
drwxr-xr-x 0/0 0 2023-01-31 02:37 share/doc/nerdctl-full/
-rw-r--r-- 0/0 1152 2023-01-31 02:37 share/doc/nerdctl-full/README.md
-rw-r--r-- 0/0 6014 2023-01-31 02:37 share/doc/nerdctl-full/SHA256SUMS
Included components
share/doc/nerdctl-full/README.md:
# nerdctl (full distribution)
- nerdctl: v1.2.0
- containerd: v1.6.16
- runc: v1.1.4
- CNI plugins: v1.2.0
- BuildKit: v0.11.2
- Stargz Snapshotter: v0.14.1
- imgcrypt: v1.1.7
- RootlessKit: v1.1.0
- slirp4netns: v1.2.0
- bypass4netns: v0.3.0
- fuse-overlayfs: v1.10
- containerd-fuse-overlayfs: v1.0.5
- Kubo (IPFS): v0.18.0
- Tini: v0.19.0
- buildg: v0.4.1
## License
- bin/slirp4netns: [GNU GENERAL PUBLIC LICENSE, Version 2](https://github.com/rootless-containers/slirp4netns/blob/v1.2.0/COPYING)
- bin/fuse-overlayfs: [GNU GENERAL PUBLIC LICENSE, Version 3](https://github.com/containers/fuse-overlayfs/blob/v1.10/COPYING)
- bin/ipfs: [Combination of MIT-only license and dual MIT/Apache-2.0 license](https://github.com/ipfs/kubo/blob/v0.18.0/LICENSE)
- bin/{runc,bypass4netns,bypass4netnsd}: Apache License 2.0, statically linked with libseccomp ([LGPL 2.1](https://github.com/seccomp/libseccomp/blob/main/LICENSE), source code available at https://github.com/seccomp/libseccomp/)
- bin/tini: [MIT License](https://github.com/krallin/tini/blob/v0.19.0/LICENSE)
- Other files: [Apache License 2.0](https://www.apache.org/licenses/LICENSE-2.0)
Quick start
Rootful
$ sudo systemctl enable --now containerd
$ sudo nerdctl run -d --name nginx -p 80:80 nginx:alpineRootless
$ containerd-rootless-setuptool.sh install
$ nerdctl run -d --name nginx -p 8080:80 nginx:alpineEnabling cgroup v2 is highly recommended for rootless mode, see https://rootlesscontaine.rs/getting-started/common/cgroup2/ .
The binaries were built automatically on GitHub Actions.
The build log is available for 90 days: https://github.com/containerd/nerdctl/actions/runs/4050110148
The sha256sum of the SHA256SUMS file itself is fc2aa561ac3146f8b0d14388864d28bd970ede87c44d60e90901588e6264914e .