github.com/containerd/containerd@v22.0.0-20200918172823-438c87b8e050+incompatible/releases/v1.2.0.toml (about) 1 # commit to be tagged for new release 2 commit = "HEAD" 3 4 project_name = "containerd" 5 github_repo = "containerd/containerd" 6 match_deps = "^github.com/(containerd/[a-zA-Z0-9-]+)$" 7 8 # previous release 9 previous = "v1.1.0" 10 11 pre_release = false 12 13 preface = """\ 14 The third major release of containerd brings both a mix of boring and 15 exciting changes. While fixing many bugs and continuing support for the 16 containerd 1.0 API, new APIs and interfaces have been added to allow 17 containerd to be more extensible and cover more use cases. 18 19 ## New V2 Runtime 20 21 A new v2 runtime has been added with a stable gRPC interface for managing 22 containers through external shims. 23 24 This allows runtime authors to easily integrate with containerd over a stable 25 API. 26 27 Various runtimes can be selected on a per container basis using the `WithRuntime` opt 28 or to test via ctr `ctr run --runtime io.containerd.runc.v1`. 29 30 [Documentation](https://github.com/containerd/containerd/blob/master/runtime/v2/README.md) 31 32 ## Updated CRI Plugin 33 34 Containerd 1.2 is validated against Kubernetes v1.11 and v1.12, but it is also compatible with Kubernetes v1.10. 35 36 ***To use containerd 1.2 with Kubernetes v1.10, be sure to run the stream server on an address accessible to the apiserver. A simple way is to set `stream_server_address=""` in the `[plugins.cri]` section of `containerd.toml`, so that `cri` plugin will automatically select a routable node address.*** 37 38 ### Kubernetes Runtime Class 39 [Kubernetes Runtime Class](https://github.com/kubernetes/community/blob/master/keps/sig-node/0014-runtime-class.md) introduced in Kubernetes 1.12 is supported. 40 41 Users can: 42 * Configure alternative runtime handlers with the config option `plugins.cri.containerd.runtimes.runtime_handler_name`, e.g. `plugins.cri.containerd.runtimes.kata`. ([config.md](https://github.com/containerd/cri/blob/release/1.2/docs/config.md)) 43 * Use the alternative runtime handler in Kubernetes by creating `RuntimeClass` for the runtime handler, and specifying `RuntimeClassName` in the pod spec. ([doc](https://github.com/kubernetes/website/blob/release-1.12/content/en/docs/concepts/containers/runtime-class.md)) 44 45 ***The `plugins.cri.containerd.untrusted_workload_runtime` config option and `io.kubernetes.cri.untrusted-workload` pod annotation are still functional, but start being deprecated. It is recommended to migrate to the `RuntimeClass` api.*** 46 47 ### Other Features 48 * Supported [`ProcMount`](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/auth/proc-mount-type.md) option introduced in Kubernetes 1.12. 49 * Added a new config option `plugins.cri.registry.auths` for user to config default credentials for specific registries. ([doc](https://github.com/containerd/cri/blob/release/1.2/docs/registry.md#configure-registry-credentials)) 50 * Added a new config option `plugins.cri.x509_key_pair_streaming` for user to config a valid certificate for the stream server. ([config.md](https://github.com/containerd/cri/blob/release/1.2/docs/config.md)) 51 * Added a runtime `options` field for shim v2 runtime. Use the `options` field to config runtime specific options, e.g. `NoPivotRoot` and `SystemdCgroup` for runtime type `io.containerd.runc.v1`. (See [config.md](https://github.com/containerd/cri/blob/release/1.2/docs/config.md)) 52 53 ### Notable Changes 54 * `cri` plugin can see images pulled/imported into containerd by `ctr images pull` and `ctr images import`. 55 * CNI config is now dynamically reloaded when changed. 56 * IPv4 address is guaranteed to be selected, when there are both IPv4 and IPv6 addresses for a pod. 57 * Privileged untrusted workload is allowed, the workload will get privilege inside the sandbox. 58 * `cri` plugin stream server serves on `http://localhost:0` by default. This is to work with the [kubelet streaming proxy](https://github.com/kubernetes/kubernetes/pull/64006) introduced in Kubernetes 1.11. 59 * Fixed an issue that a container can't be stopped when container processes are accidentally moved out of the container cgroups. 60 * `cluster/health-monitor.sh` in the release tarball will be deprecated next release. Please use Kubernetes [health-monitor.sh](https://github.com/kubernetes/kubernetes/blob/release-1.12/cluster/gce/gci/health-monitor.sh) instead. 61 62 ## New Proxy Plugins 63 64 A new proxy plugin configuration has been added to allow external snapshotters 65 be connected to containerd using gRPC. 66 67 [Documentation](https://github.com/containerd/containerd/blob/master/PLUGINS.md) 68 69 ## Managed /opt directory 70 71 A new `Install` method on the containerd client allows users to publish host level 72 binaries using standard container build tooling and container distribution tooling 73 to download containerd related binaries on their systems. 74 75 This can be used for v2 runtime authors to get their runtime shims on an existing 76 containerd system. It can also be used to install `runc` and other related tools. 77 78 ```bash 79 > ctr content fetch docker.io/crosbymichael/runc:latest 80 > ctr install docker.io/crosbymichael/runc:latest 81 ``` 82 83 [Documentation](https://github.com/containerd/containerd/blob/master/docs/managed-opt.md) 84 85 ## Garbage Collection 86 87 Add support for cleaning up leases and content ingests to garbage collections. 88 89 Add expiration label to clean up temporary resources. 90 91 ## Image Importer 92 93 The image importer has been updated to support output from `docker save`. Users 94 of the `ctr` tool should take note of the usage change to `ctr images import`. 95 We continue to recommend not building tooling on top of the `ctr` tool. 96 97 ## API Changes 98 99 This release features a couple additions to the API. Clients may make use of 100 these new API features but should be able to handle cases when those features 101 are not implemented on the server. The Go client handles this automatically. 102 103 - Add `ListStream` method to containers API. This allows listing a larger 104 number of containers without hitting message size limts. 105 - Add `Sync` flag to `Delete` in leases API. Setting this option will ensure 106 a garbage collection completes before the removal call is returned. This can 107 be used to guarantee unreferenced objects are removed from disk after a lease. 108 109 ## Other Improvements 110 111 Improved multi-arch image support using more precise matching and ranking""" 112 113 # notable prs to include in the release notes, 1234 is the pr number 114 [notes] 115 116 [breaking] 117 118 [rename_deps] 119 [rename_deps.ttrpc] 120 old = "github.com/stevvooe/ttrpc" 121 new = "github.com/containerd/ttrpc"