github.com/containerd/Containerd@v1.4.13/releases/v1.1.0.toml (about)

     1  # commit to be tagged for new release
     2  commit = "HEAD"
     3  
     4  project_name = "containerd"
     5  github_repo = "containerd/containerd"
     6  
     7  # previous release
     8  previous = "v1.0.0"
     9  
    10  pre_release = true
    11  
    12  preface = """\
    13  `containerd` provides a daemon for managing running containers.
    14  
    15  1.1 is the second major release for `containerd` with added support for CRI, the
    16  Kubernetes [Container Runtime Interface](https://github.com/kubernetes/community/blob/master/contributors/devel/container-runtime-interface.md).
    17  CRI is a new plugin which allows connecting the containerd daemon directly to a
    18  Kubernetes kubelet to be used as the container runtime. The CRI GRPC interface
    19  listens on the same socket as the containerd GRPC interface and runs in the same
    20  process.
    21  
    22  In addition to all of the stability and bug fixes backported to 1.0,
    23  1.1 includes...
    24  
    25  - CRI plugin
    26  - ZFS, AUFS, and native snapshotter
    27  - Improvements to the `ctr` tool
    28  - Better support for multiple platforms
    29  - Cross namespace content sharing
    30  - Better mount cleanup
    31  - Support for disabling plugins
    32  - TCP debug address for remote debugging
    33  - Update to Go 1.10
    34  - Improvements to the garbage collector
    35  
    36  ## CRI Plugin
    37  
    38  This release of `cri` is a native plugin of `containerd`. It is built into
    39  `containerd` v1.1 and CRI services are enabled by default.
    40  
    41  You can now use Kubernetes, with `containerd` directly, without having to use
    42  the intermediate `cri-containerd` daemon. The `cri-containerd` daemon is
    43  end-of-life.
    44  
    45  *Note: Please [drain your node](https://kubernetes.io/docs/tasks/administer-cluster/safely-drain-node/) before
    46  upgrading from older versions of `cri-containerd` to `containerd` v1.1.*
    47  
    48  You can [use a containerd config file to configure the `cri` plugin](https://github.com/containerd/cri/blob/v1.0/docs/config.md).
    49  
    50  ### Untrusted Workload Runtime
    51  
    52  To run an untrusted pod on a runtime for untrusted workload, such as
    53  [Kata Containers](https://katacontainers.io/) or
    54  [Clear Containers](https://clearlinux.org/containers), you can:
    55  1. Configure a runtime for untrusted workload [with the config option `plugins.cri.containerd.untrusted_workload_runtime`](https://github.com/containerd/cri/blob/v1.0.0/docs/config.md).
    56  2. Create an untrusted pod by setting the annotation `io.kubernetes.cri.untrusted-workload` to `"true"`, for example:
    57  ```yaml
    58  apiVersion: v1
    59  kind: Pod
    60  metadata:
    61    name: nginx
    62    annotations:
    63      io.kubernetes.cri.untrusted-workload: "true"
    64  spec:
    65    containers:
    66    - name: nginx
    67      image: nginx
    68  ```
    69  
    70  By default, `cri` will run pods with the default runtime. However, if a pod has
    71  the `io.kubernetes.cri.untrusted-workload` annotation, the `cri` plugin will run
    72  the pod with the runtime for untrusted workloads.
    73  
    74  Unless configured otherwise, the default runtime is set to
    75  [runc](https://github.com/opencontainers/runc).
    76  
    77  ### Container Runtime Interface v1alpha2
    78  
    79  The supported CRI (Container Runtime Interface) version for Kubernetes v1.10 is
    80  now `v1alpha2.` This release of `containerd/cri` has been updated to use CRI `v1alpha2`, so
    81  **it only works with Kubernetes v1.10+.**
    82  
    83  New CRI features added in `v1alpha2` are all supported:
    84  * Container log rotation: Kubelet rotates container logs.
    85  * Shared pid namespace: Support sharing pid namespace inside a pod.
    86  
    87  ### Registry Mirror
    88  
    89  You can now setup registry configurations with the config option
    90  `plugins.cri.registry`.
    91  
    92  Currently only the `mirrors` option is supported. With it, you can specify
    93  registry mirrors and secure/insecure connections.
    94  ([doc](https://github.com/containerd/cri/blob/v1.0.0/docs/registry.md))
    95  
    96  ### End-To-End Test
    97  
    98  In terms of testing, we've passed:
    99  * ALL CRI validation tests
   100  * ALL node e2e tests
   101  * ALL e2e tests
   102  
   103  The containerd test coverage on GCE is equivalent with Docker now.
   104  
   105  All the test results are public: https://k8s-testgrid.appspot.com/sig-node-containerd.
   106  
   107  ### Performance
   108  
   109  We significantly improved pod start latency and cpu/memory usage of `cri` plugin
   110  this release.
   111  
   112  The continuous benchmark result is published on http://node-perf-dash.k8s.io/.
   113  Job `ci-kubernetes-node-kubelet-benchmark` is for Docker 17.03, and
   114  `ci-cri-containerd-node-e2e-benchmark` is for containerd with `cri` plugin.
   115  
   116  All metrics of containerd are either better or comparable with Docker 17.03.
   117  
   118  ## Try It Out
   119  
   120  If you would like to try containerd, please download the binaries included on
   121  this release. If you are using Docker, this version of containerd will be used
   122  in the next major release of Docker.
   123  
   124  To set up containerd with Kubernetes...
   125  * For a production quality cluster on GCE brought up with `kube-up.sh`, see [here](https://github.com/containerd/cri/blob/v1.0.0/docs/kube-up.md).
   126  * For a multi-node cluster installer and bring up steps using ansible and kubeadm, see [here](https://github.com/containerd/cri/blob/v1.0.0/contrib/ansible/README.md).
   127  * For creating a cluster from scratch on Google Cloud, see [Kubernetes the Hard Way](https://github.com/kelseyhightower/kubernetes-the-hard-way).
   128  * For a custom installation from release tarball, see [here](https://github.com/containerd/cri/blob/v1.0.0/docs/installation.md).
   129  * To install using LinuxKit on a local VM, see [here](https://github.com/linuxkit/linuxkit/tree/master/projects/kubernetes).
   130  
   131  ## Support
   132  
   133  The [_support horizon_](https://github.com/containerd/containerd/blob/master/RELEASES.md#support-horizon)
   134  for containerd has been updated to include the 1.1 release. With the addition of
   135  the CRI plugin, we are expanding the support horizon for 1.1 to include the
   136  entire lifespan of Kubernetes 1.10.  The containerd 1.1 release train will be
   137  considered an active branch with new patches until April 23, 2019 at the
   138  earliest, when 1.2 is released, or until Kubernetes 1.10 reaches end of life.
   139  The 1.1 containerd API is completely compatible with 1.0, any client using 1.0
   140  can safely upgrade to 1.1 without any incompatibilies. The CRI interface
   141  included with the CRI plugin is only supported for Kubernetes 1.10. The CRI
   142  interface is still considered alpha and will only be supported for Kubernetes
   143  1.10. The CRI plugin in containerd 1.1 will also only be supported for
   144  Kubernetes 1.10.
   145  """
   146  
   147  # notable prs to include in the release notes, 1234 is the pr number
   148  [notes]
   149  
   150  [breaking]