github k3s-io/containerd v2.1.5
containerd 2.1.5
on GitHub

16 hours ago

Welcome to the v2.1.5 release of containerd!

The fifth patch release for containerd 2.1 contains various fixes and updates.

Security Updates

Highlights

Container Runtime Interface (CRI)

  • Disable event subscriber during task cleanup (#12410)
  • Add SystemdCgroup to default runtime options (#12253)
  • Fix userns with container image VOLUME mounts that need copy (#12242)

Image Distribution

  • Ensure errContentRangeIgnored error when range-get request is ignored (#12312)

Runtime

  • Update runc binary to v1.3.3 (#12478)

Deprecations

  • Postpone v2.2 deprecation items to v2.3 (#12431)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Phil Estes
  • Akihiro Suda
  • Derek McGowan
  • Austin Vazquez
  • Rodrigo Campos
  • Maksym Pavlenko
  • Wei Fu
  • ningmingxiao
  • Akhil Mohan
  • Henry Wang
  • Andrew Halaney
  • Divya Rani
  • Jose Fernandez
  • Swagat Bora
  • wheat2018

Changes

58 commits

  • Prepare release notes for v2.1.5 (#12483)
  • Update runc binary to v1.3.3 (#12478)
    • 3d713d3d0 runc: Update runc binary to v1.3.3
  • Update GHA runners to use latest images for basic binaries build (#12470)
    • de4221cb7 Update GHA runners to use latest images for basic binaries build
  • ci: bump Go 1.24.9, 1.25.3 (#12467)
  • Update GHA runners to use latest image for most jobs (#12468)
    • 21ec7cc7d Update GHA runners to use latest image for most jobs
  • CI: update Fedora to 43 (#12449)
  • Postpone v2.2 deprecation items to v2.3 (#12431)
    • 6374a8f9d Postpone v2.2 deprecation items to v2.3
  • CI: skip ubuntu-24.04-arm on private repos (#12427)
    • 98e0e73de CI: skip ubuntu-24.04-arm on private repos
  • Disable event subscriber during task cleanup (#12410)
    • a3770cf83 cri/server/podsandbox: disable event subscriber
  • Fix lost container logs from quickly closing io (#12377)
    • 7d9f09ba0 bugfix:fix container logs lost because io close too quickly
  • ci: bump Go 1.24.8 (#12360)
  • Prevent goroutine hangs during ProgressTracker shutdown (#12336)
    • 9b57a4d35 Prevent goroutine hangs during ProgressTracker shutdown
  • Ensure errContentRangeIgnored error when range-get request is ignored (#12312)
    • ca3de4fe7 Ensure errContentRangeIgnored error when range-get request is ignored by registry
  • Remove additional fuzzers from instrumentation repo (#12313)
    • dfffe3d9c Remove additional fuzzers from CI
  • update release builds to 1.24.7 and add 1.25.1 to CI (#12258)
    • c54585ba7 update release builds to 1.24.7 and add 1.25.1 to CI
  • runc:Update runc binary to v1.3.1 (#12277)
    • f0a48ce38 runc:Update runc binary to v1.3.1
  • Add SystemdCgroup to default runtime options (#12253)
    • f13f8c431 add SystemdCgroup to default runtime options
  • install-runhcs-shim: fetch target commit instead of tags (#12256)
    • 42bb71e1e install-runhcs-shim: fetch target commit instead of tags
  • Fix userns with container image VOLUME mounts that need copy (#12242)
    • 10944e19f integration: Add test for directives with userns
    • 41d74aee2 cri: Fix userns with Dockerfile VOLUME mounts that need copy
  • Fix overlayfs issues related to user namespace (#12222)
    • f40bfc46b core/mount: Retry unmounting idmapped directories
    • 1f51d2dea core/mount: Test cleanup of DoPrepareIDMappedOverlay()
    • 8fbf8c503 core/mount: Properly cleanup on doPrepareIDMappedOverlay errors
    • b9d678e15 core/mount: Don't call nil function on errors
    • 583fe2d24 core/mount: Only idmap once per overlayfs, not per layer
  • Add documentation for cgroup_writable field (#12229)
    • 4832b4d15 Add documentation for cgroup_writable field
  • fix: create bootstrap.json with 0644 permission (#12183)
    • 3c174cf64 fix: create bootstrap.json with 0644 permission
  • ci: bump Go 1.23.12, 1.24.6 (#12186)
  • sys: fix pidfd leak in UnshareAfterEnterUserns (#12179)
    • 5ef6ea747 sys: fix pidfd leak in UnshareAfterEnterUserns

Dependency Changes

This release has no dependency changes

Previous release can be found at v2.1.4

Which file should I download?

  • containerd-<VERSION>-<OS>-<ARCH>.tar.gz: ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04).
  • containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz: Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent.

In addition to containerd, typically you will have to install runc
and CNI plugins from their official sites too.

See also the Getting Started documentation.

Check out latest releases or
releases around k3s-io/containerd v2.1.5

Don't miss a new containerd release

NewReleases is sending notifications on new releases.

Get notifications