Tags give the ability to mark specific points in history as being important
-
v2.2.0
1c4457e0 · ·containerd 2.2.0 Welcome to the v2.2.0 release of containerd! The second minor release of containerd 2.x focuses on continued stability alongside new features and improvements. This is the second time-based released for containerd. ### Highlights * **Add mount manager** ([#12063](https://github.com/containerd/containerd/pull/12063)) The mount manager is a new service that provides lifecycle management for filesystem mounts to support more advanced use cases, such as: * **Device formatting** to create formatted filesystems (xfs, ext4) on-demand * **Mount activation** to prepare devices such as loopbacks or network fileystems * **Mount transformation** to allow mount arguments to be filled in dynamically from previous mounts * **Garbage collection** of mounts to ensure temporary mounts are never leaked * **Add conf.d include in the default config** ([#12323](https://github.com/containerd/containerd/pull/12323)) * **Add support for back references in the garbage collector** ([#12025](https://github.com/containerd/containerd/pull/12025)) #### Container Runtime Interface (CRI) * **Pod Sandbox Metrics** ([#10691](https://github.com/containerd/containerd/pull/10691)) Full implementation of Kubernetes CRI pod-level metrics API * **ListPodSandboxMetrics**: Query metrics for running pods/sandboxes * **ListMetricsDescriptors**: Discover available metrics and their descriptions * **Support image volume mount subpath** ([#11578](https://github.com/containerd/containerd/pull/11578)) #### Go client * **Update pkg/oci to use fs.FS interface and os.OpenRoot** ([#12245](https://github.com/containerd/containerd/pull/12245)) #### Image Distribution * **Parallel Unpack** ([#12332](https://github.com/containerd/containerd/pull/12332)) Adds support for unpacking layers in parallel during pull operations. This feature is supported with overlayfs and EROFS snapshotters. * **OCI Referrers Support** ([#12309](https://github.com/containerd/containerd/pull/12309)) Adds new referrers fetcher to remote registry interface using the [new referrers endpoint added in OCI distribution-spec 1.1](https://github.com/opencontainers/distribution-spec/blob/v1.1.0/spec.md#listing-referrers) * **Tar unpack progress through transfer service** ([#11921](https://github.com/containerd/containerd/pull/11921)) #### Image Storage * **EROFS enhancements using mount manager** ([#12333](https://github.com/containerd/containerd/pull/12333)) Improvements to EROFS snapshotter using the new mount manager service * **Quota Support**: Support for sized block devices as the upper layer for overlayfs * **Mount Lifecycle**: Loopback setup, block device creation, and overlayfs argument formatting is moved to the mount manager to be performed on-demand or within the runtime. * **Mount handler**: To allow optimization of EROFS mount types based on the current system * **macOS Support**: EROFS snapshotter can now be used on Darwin to natively allow image pulls * **Tar index mode**: Efficiently generate EROFS metadata backed by original tar content ([#11919](https://github.com/containerd/containerd/pull/11919)) * **Add snapshotter and differ for block CIMs** ([#12050](https://github.com/containerd/containerd/pull/12050)) #### Node Resource Interface (NRI) * **Enable otel traces in NRI** ([#12082](https://github.com/containerd/containerd/pull/12082)) * **Add WASM plugin support** ([containerd/nri#121](https://github.com/containerd/nri/pull/121)) #### Runtime * **Improve shim load time after restart by loading in parallel** ([#12142](https://github.com/containerd/containerd/pull/12142)) * **Fix pidfd leak in UnshareAfterEnterUserns** ([#12167](https://github.com/containerd/containerd/pull/12167)) #### Deprecations * **Deprecate cgroup v1** ([#12445](https://github.com/containerd/containerd/pull/12445)) * **Postpone v2.2 deprecation items to v2.3** ([#12417](https://github.com/containerd/containerd/pull/12417)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Phil Estes * Akihiro Suda * Maksym Pavlenko * Wei Fu * Krisztian Litkey * Mike Brown * Akhil Mohan * Markus Lehtonen * Samuel Karp * Sebastiaan van Stijn * ningmingxiao * Austin Vazquez * yashsingh74 * Gao Xiang * Kirtana Ashok * Jin Dong * Chris Henzie * Aadhar Agarwal * Etienne Champetier * Henry Wang * Rodrigo Campos * Sascha Grunert * Aleksa Sarai * Eric Mountain * Keith Mattix II * Paweł Gronowski * Tõnis Tiigi * Adrien Delorme * Apurv Barve * Enji Cooper * Kohei Tokunaga * Max Jonas Werner * Rehan Khan * Yang Yang * jinda.ljd * jokemanfire * Amit Barve * Andrew Halaney * Antonio Ojea * Brian Goff * Carlos Eduardo Arango Gutierrez * Chenyang Yan * Dawei Wei * Divya Rani * Evan Anderson * Fabiano Fidêncio * Iceber Gu * Jared Ledvina * Jonathan Perkin * Jose Fernandez * Karl Baumgartner * Michael Weibel * Osama Abdelkader * Radostin Stoyanov * Ruidong Cao * Sameer * Sergey Kanzhelev * Swagat Bora * Sylvain MOUQUET * Tom Wieczorek * Tycho Andersen * Wuyue (Tony) Sun * suranmiao * tanhuaan * wheat2018 * zounengren ### Dependency Changes * **dario.cat/mergo** v1.0.1 -> v1.0.2 * **github.com/Microsoft/hcsshim** v0.13.0-rc.3 -> v0.14.0-rc.1 * **github.com/StackExchange/wmi** cbe66965904d **_new_** * **github.com/checkpoint-restore/checkpointctl** v1.3.0 -> v1.4.0 * **github.com/containerd/cgroups/v3** v3.0.5 -> v3.1.0 * **github.com/containerd/console** v1.0.4 -> v1.0.5 * **github.com/containerd/containerd/api** v1.9.0 -> v1.10.0 * **github.com/containerd/go-cni** v1.1.12 -> v1.1.13 * **github.com/containerd/nri** v0.8.0 -> v0.10.0 * **github.com/containerd/platforms** v1.0.0-rc.1 -> v1.0.0-rc.2 * **github.com/containernetworking/plugins** v1.7.1 -> v1.8.0 * **github.com/coreos/go-systemd/v22** v22.5.0 -> v22.6.0 * **github.com/cpuguy83/go-md2man/v2** v2.0.5 -> v2.0.7 * **github.com/emicklei/go-restful/v3** v3.11.0 -> v3.13.0 * **github.com/fxamacker/cbor/v2** v2.7.0 -> v2.9.0 * **github.com/go-jose/go-jose/v4** v4.0.5 -> v4.1.2 * **github.com/go-logr/logr** v1.4.2 -> v1.4.3 * **github.com/go-ole/go-ole** v1.2.6 **_new_** * **github.com/golang/groupcache** 41bb18bfe9da -> 2c02b8208cf8 * **github.com/google/certtostore** v1.0.6 **_new_** * **github.com/google/deck** 105ad94aa8ae **_new_** * **github.com/gorilla/websocket** v1.5.0 -> e064f32e3674 * **github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus** v1.0.1 -> v1.1.0 * **github.com/hashicorp/errwrap** v1.1.0 **_new_** * **github.com/intel/goresctrl** v0.8.0 -> v0.10.0 * **github.com/klauspost/compress** v1.18.0 -> v1.18.1 * **github.com/knqyf263/go-plugin** v0.9.0 **_new_** * **github.com/moby/sys/capability** v0.4.0 **_new_** * **github.com/modern-go/reflect2** v1.0.2 -> 35a7c28c31ee * **github.com/opencontainers/runtime-tools** 2e043c6bd626 -> 0ea5ed0382a2 * **github.com/prometheus/client_golang** v1.22.0 -> v1.23.2 * **github.com/prometheus/client_model** v0.6.1 -> v0.6.2 * **github.com/prometheus/common** v0.62.0 -> v0.66.1 * **github.com/prometheus/procfs** v0.15.1 -> v0.16.1 * **github.com/stretchr/testify** v1.10.0 -> v1.11.1 * **github.com/tchap/go-patricia/v2** v2.3.2 -> v2.3.3 * **github.com/tetratelabs/wazero** v1.9.0 **_new_** * **github.com/urfave/cli/v2** v2.27.6 -> v2.27.7 * **github.com/vishvananda/netlink** 0e7078ed04c8 -> v1.3.1 * **go.etcd.io/bbolt** v1.4.0 -> v1.4.3 * **go.opentelemetry.io/otel** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/metric** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/sdk** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/trace** v1.35.0 -> v1.37.0 * **go.uber.org/goleak** v1.3.0 **_new_** * **go.yaml.in/yaml/v2** v2.4.2 **_new_** * **golang.org/x/crypto** v0.36.0 -> v0.41.0 * **golang.org/x/mod** v0.24.0 -> v0.29.0 * **golang.org/x/net** v0.38.0 -> v0.43.0 * **golang.org/x/oauth2** v0.27.0 -> v0.30.0 * **golang.org/x/sync** v0.14.0 -> v0.17.0 * **golang.org/x/sys** v0.33.0 -> v0.37.0 * **golang.org/x/term** v0.30.0 -> v0.34.0 * **golang.org/x/text** v0.23.0 -> v0.28.0 * **golang.org/x/time** v0.7.0 -> v0.14.0 * **google.golang.org/genproto/googleapis/api** 56aae31c358a -> a7a43d27e69b * **google.golang.org/genproto/googleapis/rpc** 56aae31c358a -> a7a43d27e69b * **google.golang.org/grpc** v1.72.0 -> v1.76.0 * **google.golang.org/protobuf** v1.36.6 -> v1.36.10 * **k8s.io/api** v0.32.3 -> v0.34.1 * **k8s.io/apimachinery** v0.32.3 -> v0.34.1 * **k8s.io/client-go** v0.32.3 -> v0.34.1 * **k8s.io/cri-api** v0.32.3 -> v0.34.1 * **k8s.io/utils** 3ea5e8cea738 -> 4c0f3b243397 * **sigs.k8s.io/json** 9aa6b5e7a4b3 -> cfa47c3a1cc8 * **sigs.k8s.io/randfill** v1.0.0 **_new_** * **sigs.k8s.io/structured-merge-diff/v6** v6.3.0 **_new_** * **sigs.k8s.io/yaml** v1.4.0 -> v1.6.0 Previous release can be found at [v2.1.0](https://github.com/containerd/containerd/releases/tag/v2.1.0) ### Which file should I download? * `containerd-<VERSION>-<OS>-<ARCH>.tar.gz`: ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04). * `containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz`: Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent. In addition to containerd, typically you will have to install [runc](https://github.com/opencontainers/runc/releases) and [CNI plugins](https://github.com/containernetworking/plugins/releases) from their official sites too. See also the [Getting Started](https://github.com/containerd/containerd/blob/main/docs/getting-started.md) documentation. -
v2.1.5
fcd43222 · ·containerd 2.1.5 Welcome to the v2.1.5 release of containerd! The fifth patch release for containerd 2.1 contains various fixes and updates. ### Security Updates * **containerd** * [**GHSA-pwhc-rpq9-4c8w**](https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w) * [**GHSA-m6hq-p25p-ffr2**](https://github.com/containerd/containerd/security/advisories/GHSA-m6hq-p25p-ffr2) * **runc** * [**GHSA-qw9x-cqr3-wc7r**](https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r) * [**GHSA-cgrx-mc8f-2prm**](https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm) * [**GHSA-9493-h29p-rfm2**](https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2) ### Highlights #### Container Runtime Interface (CRI) * **Disable event subscriber during task cleanup** ([#12410](https://github.com/containerd/containerd/pull/12410)) * **Add SystemdCgroup to default runtime options** ([#12253](https://github.com/containerd/containerd/pull/12253)) * **Fix userns with container image VOLUME mounts that need copy** ([#12242](https://github.com/containerd/containerd/pull/12242)) #### Image Distribution * **Ensure errContentRangeIgnored error when range-get request is ignored** ([#12312](https://github.com/containerd/containerd/pull/12312)) #### Runtime * **Update runc binary to v1.3.3** ([#12478](https://github.com/containerd/containerd/pull/12478)) #### Deprecations * **Postpone v2.2 deprecation items to v2.3** ([#12431](https://github.com/containerd/containerd/pull/12431)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Phil Estes * Akihiro Suda * Derek McGowan * Austin Vazquez * Rodrigo Campos * Maksym Pavlenko * Wei Fu * ningmingxiao * Akhil Mohan * Henry Wang * Andrew Halaney * Divya Rani * Jose Fernandez * Swagat Bora * wheat2018 ### Changes <details><summary>58 commits</summary> <p> * Prepare release notes for v2.1.5 ([#12483](https://github.com/containerd/containerd/pull/12483)) * [`fc5bdfeac`](https://github.com/containerd/containerd/commit/fc5bdfeacefc7ff2a4f6bafaa2ed6453dbb8c472) Prepare release notes for v2.1.5 * [`c578c26bf`](https://github.com/containerd/containerd/commit/c578c26bf9e9d3368e87edb837b706053c3ef30e) Update mailmap * [`46a4a03fb`](https://github.com/containerd/containerd/commit/46a4a03fb4131739e948f983af8c984eb0c36d61) Merge commit from fork * [`232786c90`](https://github.com/containerd/containerd/commit/232786c906a11dae0c1ef5059653d4164345401f) Fix directory permissions * [`239ab877d`](https://github.com/containerd/containerd/commit/239ab877db8edf31ffb2ae63d83919d1c242e8d2) Merge commit from fork * [`0766796e8`](https://github.com/containerd/containerd/commit/0766796e8e95ffdbf6d2b4fb08bda536c03d444c) fix goroutine leak of container Attach * Update runc binary to v1.3.3 ([#12478](https://github.com/containerd/containerd/pull/12478)) * [`3d713d3d0`](https://github.com/containerd/containerd/commit/3d713d3d0db35b9e0d587e482498c891cc6fa3f2) runc: Update runc binary to v1.3.3 * Update GHA runners to use latest images for basic binaries build ([#12470](https://github.com/containerd/containerd/pull/12470)) * [`de4221cb7`](https://github.com/containerd/containerd/commit/de4221cb7fb5f3ebb2fb5b2bdecfa907cdce94fb) Update GHA runners to use latest images for basic binaries build * ci: bump Go 1.24.9, 1.25.3 ([#12467](https://github.com/containerd/containerd/pull/12467)) * [`2045b1920`](https://github.com/containerd/containerd/commit/2045b1920f150e1591ed5d6e146ff280abb18be0) ci: bump Go 1.24.9, 1.25.3 * Update GHA runners to use latest image for most jobs ([#12468](https://github.com/containerd/containerd/pull/12468)) * [`21ec7cc7d`](https://github.com/containerd/containerd/commit/21ec7cc7d15d031e9d798971486237097173babe) Update GHA runners to use latest image for most jobs * CI: update Fedora to 43 ([#12449](https://github.com/containerd/containerd/pull/12449)) * [`893b5f92e`](https://github.com/containerd/containerd/commit/893b5f92e3fd9a75e3f4f9aa824287b97107b390) CI: update Fedora to 43 * Postpone v2.2 deprecation items to v2.3 ([#12431](https://github.com/containerd/containerd/pull/12431)) * [`6374a8f9d`](https://github.com/containerd/containerd/commit/6374a8f9d7123bc380a060586c387508069b3cea) Postpone v2.2 deprecation items to v2.3 * CI: skip ubuntu-24.04-arm on private repos ([#12427](https://github.com/containerd/containerd/pull/12427)) * [`98e0e73de`](https://github.com/containerd/containerd/commit/98e0e73de78c18bbb15f2e3194a7837c20a6eff4) CI: skip ubuntu-24.04-arm on private repos * Disable event subscriber during task cleanup ([#12410](https://github.com/containerd/containerd/pull/12410)) * [`a3770cf83`](https://github.com/containerd/containerd/commit/a3770cf83bc55558977b669495f5b6ed8abcc978) cri/server/podsandbox: disable event subscriber * Fix lost container logs from quickly closing io ([#12377](https://github.com/containerd/containerd/pull/12377)) * [`7d9f09ba0`](https://github.com/containerd/containerd/commit/7d9f09ba048da562cdc0a971be439641c87aedcf) bugfix:fix container logs lost because io close too quickly * ci: bump Go 1.24.8 ([#12360](https://github.com/containerd/containerd/pull/12360)) * [`d1cab3cc5`](https://github.com/containerd/containerd/commit/d1cab3cc58c001d314d638419032c0de0a8c1eb1) ci: bump Go 1.24.8 * Prevent goroutine hangs during ProgressTracker shutdown ([#12336](https://github.com/containerd/containerd/pull/12336)) * [`9b57a4d35`](https://github.com/containerd/containerd/commit/9b57a4d35a9728ccb99a03b1a27cca8b431e99ab) Prevent goroutine hangs during ProgressTracker shutdown * Ensure errContentRangeIgnored error when range-get request is ignored ([#12312](https://github.com/containerd/containerd/pull/12312)) * [`ca3de4fe7`](https://github.com/containerd/containerd/commit/ca3de4fe7b3219d1d2f8ac9482b93b0e63b52801) Ensure errContentRangeIgnored error when range-get request is ignored by registry * Remove additional fuzzers from instrumentation repo ([#12313](https://github.com/containerd/containerd/pull/12313)) * [`dfffe3d9c`](https://github.com/containerd/containerd/commit/dfffe3d9c59f85151bf3a2eceeca1c6e61f5e8a0) Remove additional fuzzers from CI * update release builds to 1.24.7 and add 1.25.1 to CI ([#12258](https://github.com/containerd/containerd/pull/12258)) * [`c54585ba7`](https://github.com/containerd/containerd/commit/c54585ba72f68ff3df49c16ecc19793d8d872e88) update release builds to 1.24.7 and add 1.25.1 to CI * runc:Update runc binary to v1.3.1 ([#12277](https://github.com/containerd/containerd/pull/12277)) * [`f0a48ce38`](https://github.com/containerd/containerd/commit/f0a48ce38a34730ce56d8e97436c2b92e9fd7156) runc:Update runc binary to v1.3.1 * Add SystemdCgroup to default runtime options ([#12253](https://github.com/containerd/containerd/pull/12253)) * [`f13f8c431`](https://github.com/containerd/containerd/commit/f13f8c4313c18b99f8d5e6f71cf9257a0b8d2f64) add SystemdCgroup to default runtime options * install-runhcs-shim: fetch target commit instead of tags ([#12256](https://github.com/containerd/containerd/pull/12256)) * [`42bb71e1e`](https://github.com/containerd/containerd/commit/42bb71e1e5bd40299d1ca58335d108ca64dbc203) install-runhcs-shim: fetch target commit instead of tags * Fix userns with container image VOLUME mounts that need copy ([#12242](https://github.com/containerd/containerd/pull/12242)) * [`10944e19f`](https://github.com/containerd/containerd/commit/10944e19f78c0286327838728dac0e3ee2bbb0a1) integration: Add test for directives with userns * [`41d74aee2`](https://github.com/containerd/containerd/commit/41d74aee202409a8b15029615a9c0a95ef1a9f29) cri: Fix userns with Dockerfile VOLUME mounts that need copy * Fix overlayfs issues related to user namespace ([#12222](https://github.com/containerd/containerd/pull/12222)) * [`f40bfc46b`](https://github.com/containerd/containerd/commit/f40bfc46b0b680f07299c05623d7383cd4204bcb) core/mount: Retry unmounting idmapped directories * [`1f51d2dea`](https://github.com/containerd/containerd/commit/1f51d2deada6bf493214c78069d93e94dc226091) core/mount: Test cleanup of DoPrepareIDMappedOverlay() * [`8fbf8c503`](https://github.com/containerd/containerd/commit/8fbf8c503ef9ebf837f82a40b9ea54f98d9dccbe) core/mount: Properly cleanup on doPrepareIDMappedOverlay errors * [`b9d678e15`](https://github.com/containerd/containerd/commit/b9d678e15e27ab45a7cfa9876a46f88afeaca90c) core/mount: Don't call nil function on errors * [`583fe2d24`](https://github.com/containerd/containerd/commit/583fe2d244568d585c9b5688d42a24e2cf407709) core/mount: Only idmap once per overlayfs, not per layer * Add documentation for cgroup_writable field ([#12229](https://github.com/containerd/containerd/pull/12229)) * [`4832b4d15`](https://github.com/containerd/containerd/commit/4832b4d1541ab01b35e087afda266cef8a66416c) Add documentation for cgroup_writable field * fix: create bootstrap.json with 0644 permission ([#12183](https://github.com/containerd/containerd/pull/12183)) * [`3c174cf64`](https://github.com/containerd/containerd/commit/3c174cf64e5b4e6cdae6f06e091e458120390fe7) fix: create bootstrap.json with 0644 permission * ci: bump Go 1.23.12, 1.24.6 ([#12186](https://github.com/containerd/containerd/pull/12186)) * [`74b0505eb`](https://github.com/containerd/containerd/commit/74b0505ebd86e8e27f80606322a8c3af73f00e33) ci: bump Go 1.23.12, 1.24.6 * sys: fix pidfd leak in UnshareAfterEnterUserns ([#12179](https://github.com/containerd/containerd/pull/12179)) * [`5ef6ea747`](https://github.com/containerd/containerd/commit/5ef6ea7470dd18e3c93f21c2ea5004f6e72b0642) sys: fix pidfd leak in UnshareAfterEnterUserns </p> </details> ### Dependency Changes This release has no dependency changes Previous release can be found at [v2.1.4](https://github.com/containerd/containerd/releases/tag/v2.1.4) ### Which file should I download? * `containerd-<VERSION>-<OS>-<ARCH>.tar.gz`: ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04). * `containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz`: Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent. In addition to containerd, typically you will have to install [runc](https://github.com/opencontainers/runc/releases) and [CNI plugins](https://github.com/containernetworking/plugins/releases) from their official sites too. See also the [Getting Started](https://github.com/containerd/containerd/blob/main/docs/getting-started.md) documentation.
-
v2.0.7
4ac6c20c · ·containerd 2.0.7 Welcome to the v2.0.7 release of containerd! The seventh patch release for containerd 2.0 includes various bug fixes and updates. ### Security Updates * **containerd** * [**GHSA-pwhc-rpq9-4c8w**](https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w) * [**GHSA-m6hq-p25p-ffr2**](https://github.com/containerd/containerd/security/advisories/GHSA-m6hq-p25p-ffr2) * **runc** * [**GHSA-qw9x-cqr3-wc7r**](https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r) * [**GHSA-cgrx-mc8f-2prm**](https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm) * [**GHSA-9493-h29p-rfm2**](https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2) ### Highlights #### Container Runtime Interface (CRI) * **Disable event subscriber during task cleanup** ([#12406](https://github.com/containerd/containerd/pull/12406)) * **Add SystemdCgroup to default runtime options** ([#12254](https://github.com/containerd/containerd/pull/12254)) * **Fix userns with container image VOLUME mounts that need copy** ([#12241](https://github.com/containerd/containerd/pull/12241)) #### Image Distribution * **Add dial timeout field to hosts toml configuration** ([#12136](https://github.com/containerd/containerd/pull/12136)) #### Runtime * **Update runc binary to v1.3.3** ([#12479](https://github.com/containerd/containerd/pull/12479)) * **Fix lost container logs from quickly closing io** ([#12376](https://github.com/containerd/containerd/pull/12376)) * **Create bootstrap.json with 0644 permission** ([#12184](https://github.com/containerd/containerd/pull/12184)) * **Fix pidfd leak in UnshareAfterEnterUserns** ([#12178](https://github.com/containerd/containerd/pull/12178)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Austin Vazquez * Phil Estes * Rodrigo Campos * Wei Fu * Akihiro Suda * Derek McGowan * Maksym Pavlenko * ningmingxiao * Kirtana Ashok * Akhil Mohan * Andrew Halaney * Jin Dong * Jose Fernandez * Mike Baynton * Philip Laine * Swagat Bora * wheat2018 ### Changes <details><summary>56 commits</summary> <p> * Prepare release notes for v2.0.7 ([#12482](https://github.com/containerd/containerd/pull/12482)) * [`4931e24f1`](https://github.com/containerd/containerd/commit/4931e24f169091cb4e425b7bfdd4fb0d3c20543b) Prepare release notes for v2.0.7 * [`205bc4f2d`](https://github.com/containerd/containerd/commit/205bc4f2dbce3df32d2d5140a3d039332b02dbe6) Update mailmap * [`5f708b76a`](https://github.com/containerd/containerd/commit/5f708b76a41a1cf56e167971e271c7581cb2f8cb) Merge commit from fork * [`8cd112d82`](https://github.com/containerd/containerd/commit/8cd112d8295bafcf4a992816ff9e07f5a78ff71b) Fix directory permissions * [`05290b5bc`](https://github.com/containerd/containerd/commit/05290b5bc8fd938c8f77856927a280a1d5eec7b6) Merge commit from fork * [`4d1edf4ad`](https://github.com/containerd/containerd/commit/4d1edf4addf8c31b096680f04fee499cabc75439) fix goroutine leak of container Attach * Update runc binary to v1.3.3 ([#12479](https://github.com/containerd/containerd/pull/12479)) * [`b46dc6a67`](https://github.com/containerd/containerd/commit/b46dc6a67cc575a83db083f71dcdbc722605c841) runc: Update runc binary to v1.3.3 * ci: bump Go 1.24.9; 1.25.3 ([#12361](https://github.com/containerd/containerd/pull/12361)) * [`5e9c82178`](https://github.com/containerd/containerd/commit/5e9c821780ff705c47406bf7a72d476da398135c) Update GHA runners to use latest images for basic binaries build * [`7f59248dc`](https://github.com/containerd/containerd/commit/7f59248dcd66cb0c418669a880e0c1d7e48e0dfa) Update GHA runners to use latest image for most jobs * [`e1373e8a8`](https://github.com/containerd/containerd/commit/e1373e8a8abf94b28507972694f8aea17f1b10c5) ci: bump Go 1.24.9, 1.25.3 * [`e1a910a6a`](https://github.com/containerd/containerd/commit/e1a910a6a989b2cb0ed1ae4fda42eacbb6361e4b) ci: bump Go 1.24.8; 1.25.2 * [`fd04b7f17`](https://github.com/containerd/containerd/commit/fd04b7f176ec52d17e0014d07d045d6fa79bd620) move exclude-dirs to issues.exclude-dirs * [`b49377975`](https://github.com/containerd/containerd/commit/b493779751d070255648e6b1e75dc9af8516c347) update golangci-lint to v1.64.2 * [`6e45022a1`](https://github.com/containerd/containerd/commit/6e45022a1e01fd1c78217df3b271d7735b8c4440) build(deps): bump golangci/golangci-lint-action from 6.3.2 to 6.5.0 * [`09ce0f2a1`](https://github.com/containerd/containerd/commit/09ce0f2a1ee5b1524c95c3831ed124e5d4fd0a2b) build(deps): bump golangci/golangci-lint-action from 6.2.0 to 6.3.2 * [`de63a740b`](https://github.com/containerd/containerd/commit/de63a740b8108c62bf018cf1f508bb9e5842bfd2) build(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 * Fix lost container logs from quickly closing io ([#12376](https://github.com/containerd/containerd/pull/12376)) * [`f953ee8a3`](https://github.com/containerd/containerd/commit/f953ee8a3c1feeaa60a3c9d386afa424040d56de) bugfix:fix container logs lost because io close too quickly * CI: update Fedora to 43 ([#12448](https://github.com/containerd/containerd/pull/12448)) * [`f6f15f513`](https://github.com/containerd/containerd/commit/f6f15f5135d313309a76fc6545e7cf86653d2f6e) CI: update Fedora to 43 * Disable event subscriber during task cleanup ([#12406](https://github.com/containerd/containerd/pull/12406)) * [`2a2329cbd`](https://github.com/containerd/containerd/commit/2a2329cbd02dc5e1a3010730fab01c618dad768c) cri/server/podsandbox: disable event subscriber * CI: skip ubuntu-24.04-arm on private repos ([#12428](https://github.com/containerd/containerd/pull/12428)) * [`dfb954743`](https://github.com/containerd/containerd/commit/dfb95474370ef22c4555178a3d7cc34df2a3f5bc) CI: skip ubuntu-24.04-arm on private repos * Remove additional fuzzers from instrumentation repo ([#12420](https://github.com/containerd/containerd/pull/12420)) * [`f6b02f6bb`](https://github.com/containerd/containerd/commit/f6b02f6bb81dc079f60d421347c931c73d4227e7) Remove additional fuzzers from CI * runc:Update runc binary to v1.3.1 ([#12275](https://github.com/containerd/containerd/pull/12275)) * [`75c13ee3f`](https://github.com/containerd/containerd/commit/75c13ee3fc3657ee419395e20820d1cbd4bb2f88) runc:Update runc binary to v1.3.1 * Add SystemdCgroup to default runtime options ([#12254](https://github.com/containerd/containerd/pull/12254)) * [`427cdd06c`](https://github.com/containerd/containerd/commit/427cdd06c9d093ede03384c550a440b0522e44ba) add SystemdCgroup to default runtime options * install-runhcs-shim: fetch target commit instead of tags ([#12255](https://github.com/containerd/containerd/pull/12255)) * [`0b35e19fb`](https://github.com/containerd/containerd/commit/0b35e19fb118b5144a75397522e476d0571ae9ef) install-runhcs-shim: fetch target commit instead of tags * Fix userns with container image VOLUME mounts that need copy ([#12241](https://github.com/containerd/containerd/pull/12241)) * [`3212afc2f`](https://github.com/containerd/containerd/commit/3212afc2f2d464157bcb24663360ee7dfa7207e6) integration: Add test for directives with userns * [`b855c6e10`](https://github.com/containerd/containerd/commit/b855c6e10372eb43d51186ab156cdce3d9eefb04) cri: Fix userns with Dockerfile VOLUME mounts that need copy * Fix overlayfs issues related to user namespace ([#12223](https://github.com/containerd/containerd/pull/12223)) * [`05c0c99f4`](https://github.com/containerd/containerd/commit/05c0c99f432b341152b54ce49d9b43c5cf3d131f) core/mount: Retry unmounting idmapped directories * [`afdede4ce`](https://github.com/containerd/containerd/commit/afdede4ced8c848191062b31dfcff1352161a844) core/mount: Test cleanup of DoPrepareIDMappedOverlay() * [`47205f814`](https://github.com/containerd/containerd/commit/47205f814d552a4eea9935375dd2f0874e107e5b) core/mount: Properly cleanup on doPrepareIDMappedOverlay errors * [`6f4abd970`](https://github.com/containerd/containerd/commit/6f4abd970aeea241f07edc1e0fd74f69a9a05979) core/mount: Don't call nil function on errors * [`a2f0d65d7`](https://github.com/containerd/containerd/commit/a2f0d65d78871832da6d2aa452aeeb180cd6d8f5) core/mount: Only idmap once per overlayfs, not per layer * [`1c32accd7`](https://github.com/containerd/containerd/commit/1c32accd71d34e3cb5798214adf26911609d11f1) Make ovl idmap mounts read-only * ci: bump Go 1.23.12, 1.24.6 ([#12187](https://github.com/containerd/containerd/pull/12187)) * [`9e72e91e6`](https://github.com/containerd/containerd/commit/9e72e91e63a75147f2a082565fc580babee8af06) ci: bump Go 1.23.12, 1.24.6 * Create bootstrap.json with 0644 permission ([#12184](https://github.com/containerd/containerd/pull/12184)) * [`009622e04`](https://github.com/containerd/containerd/commit/009622e0424fa4234d67272339fb7e282c302190) fix: create bootstrap.json with 0644 permission * Fix pidfd leak in UnshareAfterEnterUserns ([#12178](https://github.com/containerd/containerd/pull/12178)) * [`5bec0a332`](https://github.com/containerd/containerd/commit/5bec0a33297ad485f96116efb333ea750a27c926) sys: fix pidfd leak in UnshareAfterEnterUserns * Fix windows test failures ([#12120](https://github.com/containerd/containerd/pull/12120)) * [`2a2488131`](https://github.com/containerd/containerd/commit/2a2488131e3602bbbecf4afa11d0f3e4135f01a4) Fix intermittent test failures on Windows CIs * [`018470948`](https://github.com/containerd/containerd/commit/018470948db89512760e9c25d4c5da9c7bef5321) Remove WS2025 from CIs due to regression * Add dial timeout field to hosts toml configuration ([#12136](https://github.com/containerd/containerd/pull/12136)) * [`b50cbbc98`](https://github.com/containerd/containerd/commit/b50cbbc98550580b2baf5565ec5f1a3ded422b0e) Add dial timeout field to hosts toml configuration </p> </details> ### Dependency Changes This release has no dependency changes Previous release can be found at [v2.0.6](https://github.com/containerd/containerd/releases/tag/v2.0.6) ### Which file should I download? * `containerd-<VERSION>-<OS>-<ARCH>.tar.gz`: ✅Recommended. Dynamically linked with glibc 2.31 (Ubuntu 20.04). * `containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz`: Statically linked. Expected to be used on non-glibc Linux distributions. Not position-independent. In addition to containerd, typically you will have to install [runc](https://github.com/opencontainers/runc/releases) and [CNI plugins](https://github.com/containernetworking/plugins/releases) from their official sites too. See also the [Getting Started](https://github.com/containerd/containerd/blob/main/docs/getting-started.md) documentation.
-
v1.7.29
442cb34b · ·containerd 1.7.29 Welcome to the v1.7.29 release of containerd! The twenty-ninth patch release for containerd 1.7 contains various fixes and updates including security patches. ### Security Updates * **containerd** * [**GHSA-pwhc-rpq9-4c8w**](https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w) * [**GHSA-m6hq-p25p-ffr2**](https://github.com/containerd/containerd/security/advisories/GHSA-m6hq-p25p-ffr2) * **runc** * [**GHSA-qw9x-cqr3-wc7r**](https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r) * [**GHSA-cgrx-mc8f-2prm**](https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm) * [**GHSA-9493-h29p-rfm2**](https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2) ### Highlights #### Image Distribution * **Update differ to handle zstd media types** ([#12018](https://github.com/containerd/containerd/pull/12018)) #### Runtime * **Update runc binary to v1.3.3** ([#12480](https://github.com/containerd/containerd/pull/12480)) * **Fix lost container logs from quickly closing io** ([#12375](https://github.com/containerd/containerd/pull/12375)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Akihiro Suda * Phil Estes * Austin Vazquez * Sebastiaan van Stijn * ningmingxiao * Maksym Pavlenko * StepSecurity Bot * wheat2018 ### Changes <details><summary>38 commits</summary> <p> * [`442cb34bd`](https://github.com/containerd/containerd/commit/442cb34bda9a6a0fed82a2ca7cade05c5c749582) Merge commit from fork * [`0450f046e`](https://github.com/containerd/containerd/commit/0450f046e6942e513d0ebf1ef5c2aff13daa187f) Fix directory permissions * [`e5cb6ddb7`](https://github.com/containerd/containerd/commit/e5cb6ddb7a7730c24253a94d7fdb6bbe13dba6f7) Merge commit from fork * [`c575d1b5f`](https://github.com/containerd/containerd/commit/c575d1b5f4011f33b32f71ace75367a92b08c750) fix goroutine leak of container Attach * Prepare release notes for v1.7.29 ([#12486](https://github.com/containerd/containerd/pull/12486)) * [`1fc2daaf3`](https://github.com/containerd/containerd/commit/1fc2daaf3ed53f4c9e76fbc5786a6f1ae3bb885f) Prepare release notes for v1.7.29 * Update runc binary to v1.3.3 ([#12480](https://github.com/containerd/containerd/pull/12480)) * [`3f5f9f872`](https://github.com/containerd/containerd/commit/3f5f9f872707a743563d316e85e530193a2e30ac) runc: Update runc binary to v1.3.3 * Update GHA images and bump Go 1.24.9; 1.25.3 ([#12471](https://github.com/containerd/containerd/pull/12471)) * [`667409fb6`](https://github.com/containerd/containerd/commit/667409fb63098cb80280940ab06038114e7712da) ci: bump Go 1.24.9, 1.25.3 * [`294f8c027`](https://github.com/containerd/containerd/commit/294f8c027b607c4450b3e52f44280581a737a73f) Update GHA runners to use latest images for basic binaries build * [`cf66b4141`](https://github.com/containerd/containerd/commit/cf66b4141defb757dee0fc5653bfd0a7ba1e8fed) Update GHA runners to use latest image for most jobs * [`fa3e6fa18`](https://github.com/containerd/containerd/commit/fa3e6fa18aa8dc7e699428958e1fb1d38e832e15) pkg/epoch: extract parsing SOURCE_DATE_EPOCH to a function * [`ac334bffc`](https://github.com/containerd/containerd/commit/ac334bffc4e759f188afb58efd74a603ade0855a) pkg/epoch: fix tests on macOS * [`d04b8721f`](https://github.com/containerd/containerd/commit/d04b8721fc5bff2677beadb4f3d15d7c0ec989ca) pkg/epoch: replace some fmt.Sprintfs with strconv * CI: update Fedora to 43 ([#12450](https://github.com/containerd/containerd/pull/12450)) * [`5cfedbf52`](https://github.com/containerd/containerd/commit/5cfedbf52300d09f77a51f02a0c784c37284302c) CI: update Fedora to 43 * CI: skip ubuntu-24.04-arm on private repos ([#12429](https://github.com/containerd/containerd/pull/12429)) * [`cf99a012d`](https://github.com/containerd/containerd/commit/cf99a012d6f7fcb51afdea641d87474dae95f50d) CI: skip ubuntu-24.04-arm on private repos * runc:Update runc binary to v1.3.1 ([#12276](https://github.com/containerd/containerd/pull/12276)) * [`4c77b8d07`](https://github.com/containerd/containerd/commit/4c77b8d078a65a5e99e40847a9eaa18a944ff68e) runc:Update runc binary to v1.3.1 * Fix lost container logs from quickly closing io ([#12375](https://github.com/containerd/containerd/pull/12375)) * [`d30024db2`](https://github.com/containerd/containerd/commit/d30024db25590e6ec74b639746a5dc792f5c1403) bugfix:fix container logs lost because io close too quickly * ci: bump Go 1.24.8 ([#12362](https://github.com/containerd/containerd/pull/12362)) * [`f4b3d96f3`](https://github.com/containerd/containerd/commit/f4b3d96f3d83a0ac7bde03ae9eec749aa1936a59) ci: bump Go 1.24.8 * [`334fd8e4b`](https://github.com/containerd/containerd/commit/334fd8e4b974d88ebea43a998d76760aad49773a) update golangci-lint to v1.64.2 * [`8a67abc4c`](https://github.com/containerd/containerd/commit/8a67abc4cac67bf806da0b2b55ac7159e91f6996) Drop inactivated linter exportloopref * [`e4dbf08f0`](https://github.com/containerd/containerd/commit/e4dbf08f0ff3dc9f6b2a9a36eab71d73ac707956) build(deps): bump golangci/golangci-lint-action from 6.3.2 to 6.5.0 * [`d7db2ba06`](https://github.com/containerd/containerd/commit/d7db2ba063385d06132ec80890eb6c1fe4126692) build(deps): bump golangci/golangci-lint-action from 6.2.0 to 6.3.2 * [`d7182888f`](https://github.com/containerd/containerd/commit/d7182888f0071cce86d40fcf09cd9a247ac15c41) build(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 * [`4be6c7e3b`](https://github.com/containerd/containerd/commit/4be6c7e3b5d5da7be8c1c87e1c16450b7ea8dadb) build(deps): bump actions/cache from 4.1.2 to 4.2.0 * [`a2e097e86`](https://github.com/containerd/containerd/commit/a2e097e865887382c2fc29ee0cea0053e6152a12) build(deps): bump actions/checkout from 4.2.1 to 4.2.2 * [`6de404d11`](https://github.com/containerd/containerd/commit/6de404d11b8e237a7867c7fbe535579c5736bfde) build(deps): bump actions/cache from 4.1.1 to 4.1.2 * [`038a25584`](https://github.com/containerd/containerd/commit/038a25584e7f66272114ec0801b071e6149ef841) [StepSecurity] ci: Harden GitHub Actions * Update differ to handle zstd media types ([#12018](https://github.com/containerd/containerd/pull/12018)) * [`eaeb4b6ac`](https://github.com/containerd/containerd/commit/eaeb4b6ac581c0704bed0ff96ee7e53170345e84) Update differ to handle zstd media types * ci: bump Go 1.23.12, 1.24.6 ([#12188](https://github.com/containerd/containerd/pull/12188)) * [`83c535339`](https://github.com/containerd/containerd/commit/83c535339bbe253ce9e7a616a90f770994b754e5) ci: bump Go 1.23.12, 1.24.6 </p> </details> ### Dependency Changes This release has no dependency changes Previous release can be found at [v1.7.28](https://github.com/containerd/containerd/releases/tag/v1.7.28)
-
api/v1.10.0
8b34ce39 · ·containerd api/v1.10.0 Welcome to the api/v1.10.0 release of containerd! The 11th release for the containerd 1.x API aligns with the containerd 2.2 release. ### Highlights * **Add mount manager** The mount manager is a new service that provides lifecycle management for filesystem mounts to support more advanced use cases, such as: * **Device formatting** to create formatted filesystems (xfs, ext4) on-demand * **Mount activation** to prepare devices such as loopbacks or network fileystems * **Mount transformation** to allow mount arguments to be filled in dynamically from previous mounts * **Garbage collection** of mounts to ensure temporary mounts are never leaked ([#12063](https://github.com/containerd/containerd/pull/12063)) #### Image Distribution * **Parallel Unpack** Adds support for unpacking layers in parallel during pull operations. This feature is supported with overlayfs and EROFS snapshotters. ([#12332](https://github.com/containerd/containerd/pull/12332)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Akihiro Suda * Henry Wang * Phil Estes * Wei Fu ### Changes <details><summary>14 commits</summary> <p> * Prepare release notes for api/v1.10.0 ([#12472](https://github.com/containerd/containerd/pull/12472)) * [`69c855bb5`](https://github.com/containerd/containerd/commit/69c855bb54f53311cd5f8854719d8428dd692f96) Prepare release notes for api/v1.10.0 * api/go.mod: golang.org/x/net v0.38.0 ([#12430](https://github.com/containerd/containerd/pull/12430)) * [`4c7b94fce`](https://github.com/containerd/containerd/commit/4c7b94fce7bd19abce9b78538e3218b572f98127) api/go.mod: golang.org/x/net v0.38.0 * Prepare release notes for api/v1.10.0-rc.0 ([#12408](https://github.com/containerd/containerd/pull/12408)) * [`fbc7848f2`](https://github.com/containerd/containerd/commit/fbc7848f2378afa2cf58c868bfcab1467f3ccccd) Prepare release notes for api/v1.10.0-rc.0 * Add parallel unpack support ([#12332](https://github.com/containerd/containerd/pull/12332)) * [`0198b87fc`](https://github.com/containerd/containerd/commit/0198b87fcfb31492c23de83059291efc0f06a1f9) Implement parallel unpack * Prepare release notes for api/v1.10.0-beta.0 ([#12346](https://github.com/containerd/containerd/pull/12346)) * [`aa571f63c`](https://github.com/containerd/containerd/commit/aa571f63c6529d827bfef02956a8db9bee57ab8c) Prepare release notes for api/v1.10.0-beta.0 * Add mount manager ([#12063](https://github.com/containerd/containerd/pull/12063)) * [`8db301086`](https://github.com/containerd/containerd/commit/8db3010865ae9926aed6c5e476a7c6b2413b44d5) Add mounts api service * [`67fbf9db9`](https://github.com/containerd/containerd/commit/67fbf9db9cbf6ae83df58d18a19f32b28ebc0017) Generate and vendor proto changes * [`c5097ac63`](https://github.com/containerd/containerd/commit/c5097ac63fd704213c507a2b712fa2db7744090b) Add mount manager to protobuf services and types </p> </details> ### Dependency Changes * **golang.org/x/net** v0.37.0 -> v0.38.0 Previous release can be found at [api/v1.9.0](https://github.com/containerd/containerd/releases/tag/api/v1.9.0)
-
v2.2.0-rc.1
8bcea102 · ·containerd 2.2.0-rc.1 Welcome to the v2.2.0-rc.1 release of containerd! *This is a pre-release of containerd* The second minor release of containerd 2.x focuses on continued stability alongside new features and improvements. This is the second time-based released for containerd. ### Highlights * Add mount manager ([#12063](https://github.com/containerd/containerd/pull/12063)) * Add conf.d include in the default config ([#12323](https://github.com/containerd/containerd/pull/12323)) * Add support for back references in the garbage collector ([#12025](https://github.com/containerd/containerd/pull/12025)) #### Container Runtime Interface (CRI) * Implement CRI ListPodSandboxMetrics ([#10691](https://github.com/containerd/containerd/pull/10691)) * Support image volume mount subpath ([#11578](https://github.com/containerd/containerd/pull/11578)) #### Go client * Update pkg/oci to use fs.FS interface and os.OpenRoot ([#12245](https://github.com/containerd/containerd/pull/12245)) #### Image Distribution * Add parallel unpack support ([#12332](https://github.com/containerd/containerd/pull/12332)) * Add referrers fetcher to remotes ([#12309](https://github.com/containerd/containerd/pull/12309)) * Tar unpack progress through transfer service ([#11921](https://github.com/containerd/containerd/pull/11921)) #### Image Storage * Update erofs snapshotter to use mount manager ([#12333](https://github.com/containerd/containerd/pull/12333)) * Add snapshotter and differ for block CIMs ([#12050](https://github.com/containerd/containerd/pull/12050)) * Add tar index mode to erofs snapshotter ([#11919](https://github.com/containerd/containerd/pull/11919)) #### Node Resource Interface (NRI) * Enable otel traces in NRI ([#12082](https://github.com/containerd/containerd/pull/12082)) * Add WASM plugin support ([containerd/nri#121](https://github.com/containerd/nri/pull/121)) #### Runtime * Improve shim load time after restart by loading in parallel ([#12142](https://github.com/containerd/containerd/pull/12142)) * Fix pidfd leak in UnshareAfterEnterUserns ([#12167](https://github.com/containerd/containerd/pull/12167)) #### Deprecations * Deprecate cgroup v1 ([#12445](https://github.com/containerd/containerd/pull/12445)) * Postpone v2.2 deprecation items to v2.3 ([#12417](https://github.com/containerd/containerd/pull/12417)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Phil Estes * Akihiro Suda * Maksym Pavlenko * Wei Fu * Krisztian Litkey * Mike Brown * Akhil Mohan * Markus Lehtonen * Samuel Karp * Sebastiaan van Stijn * ningmingxiao * Austin Vazquez * yashsingh74 * Gao Xiang * Jin Dong * Chris Henzie * Kirtana Ashok * Aadhar Agarwal * Etienne Champetier * Henry Wang * Rodrigo Campos * Sascha Grunert * Aleksa Sarai * Eric Mountain * Keith Mattix II * Paweł Gronowski * Tõnis Tiigi * Adrien Delorme * Apurv Barve * Enji Cooper * Kohei Tokunaga * Max Jonas Werner * Rehan Khan * Yang Yang * jinda.ljd * jokemanfire * Amit Barve * Andrew Halaney * Antonio Ojea * Brian Goff * Carlos Eduardo Arango Gutierrez * Chenyang Yan * Dawei Wei * Divya Rani * Evan Anderson * Fabiano Fidêncio * Iceber Gu * Jared Ledvina * Jonathan Perkin * Jose Fernandez * Karl Baumgartner * Osama Abdelkader * Radostin Stoyanov * Ruidong Cao * Sameer * Sergey Kanzhelev * Swagat Bora * Sylvain MOUQUET * Tom Wieczorek * Tycho Andersen * Ubuntu * Wuyue (Tony) Sun * suranmiao * tanhuaan * zounengren ### Dependency Changes * **dario.cat/mergo** v1.0.1 -> v1.0.2 * **github.com/Microsoft/hcsshim** v0.13.0-rc.3 -> v0.14.0-rc.1 * **github.com/StackExchange/wmi** cbe66965904d **_new_** * **github.com/checkpoint-restore/checkpointctl** v1.3.0 -> v1.4.0 * **github.com/containerd/cgroups/v3** v3.0.5 -> v3.1.0 * **github.com/containerd/console** v1.0.4 -> v1.0.5 * **github.com/containerd/containerd/api** v1.9.0 -> v1.10.0-rc.0 * **github.com/containerd/go-cni** v1.1.12 -> v1.1.13 * **github.com/containerd/nri** v0.8.0 -> v0.10.0 * **github.com/containernetworking/plugins** v1.7.1 -> v1.8.0 * **github.com/coreos/go-systemd/v22** v22.5.0 -> v22.6.0 * **github.com/cpuguy83/go-md2man/v2** v2.0.5 -> v2.0.7 * **github.com/emicklei/go-restful/v3** v3.11.0 -> v3.13.0 * **github.com/fxamacker/cbor/v2** v2.7.0 -> v2.9.0 * **github.com/go-jose/go-jose/v4** v4.0.5 -> v4.1.2 * **github.com/go-logr/logr** v1.4.2 -> v1.4.3 * **github.com/go-ole/go-ole** v1.2.6 **_new_** * **github.com/golang/groupcache** 41bb18bfe9da -> 2c02b8208cf8 * **github.com/google/certtostore** v1.0.6 **_new_** * **github.com/google/deck** 105ad94aa8ae **_new_** * **github.com/gorilla/websocket** v1.5.0 -> e064f32e3674 * **github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus** v1.0.1 -> v1.1.0 * **github.com/hashicorp/errwrap** v1.1.0 **_new_** * **github.com/intel/goresctrl** v0.8.0 -> v0.9.0 * **github.com/klauspost/compress** v1.18.0 -> v1.18.1 * **github.com/knqyf263/go-plugin** v0.9.0 **_new_** * **github.com/moby/sys/capability** v0.4.0 **_new_** * **github.com/modern-go/reflect2** v1.0.2 -> 35a7c28c31ee * **github.com/opencontainers/runtime-tools** 2e043c6bd626 -> 0ea5ed0382a2 * **github.com/prometheus/client_golang** v1.22.0 -> v1.23.2 * **github.com/prometheus/client_model** v0.6.1 -> v0.6.2 * **github.com/prometheus/common** v0.62.0 -> v0.66.1 * **github.com/prometheus/procfs** v0.15.1 -> v0.16.1 * **github.com/stretchr/testify** v1.10.0 -> v1.11.1 * **github.com/tchap/go-patricia/v2** v2.3.2 -> v2.3.3 * **github.com/tetratelabs/wazero** v1.9.0 **_new_** * **github.com/urfave/cli/v2** v2.27.6 -> v2.27.7 * **github.com/vishvananda/netlink** 0e7078ed04c8 -> v1.3.1 * **go.etcd.io/bbolt** v1.4.0 -> v1.4.3 * **go.opentelemetry.io/otel** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/metric** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/sdk** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/trace** v1.35.0 -> v1.37.0 * **go.uber.org/goleak** v1.3.0 **_new_** * **go.yaml.in/yaml/v2** v2.4.2 **_new_** * **golang.org/x/crypto** v0.36.0 -> v0.41.0 * **golang.org/x/mod** v0.24.0 -> v0.29.0 * **golang.org/x/net** v0.38.0 -> v0.43.0 * **golang.org/x/oauth2** v0.27.0 -> v0.30.0 * **golang.org/x/sync** v0.14.0 -> v0.17.0 * **golang.org/x/sys** v0.33.0 -> v0.37.0 * **golang.org/x/term** v0.30.0 -> v0.34.0 * **golang.org/x/text** v0.23.0 -> v0.28.0 * **golang.org/x/time** v0.7.0 -> v0.14.0 * **google.golang.org/genproto/googleapis/api** 56aae31c358a -> a7a43d27e69b * **google.golang.org/genproto/googleapis/rpc** 56aae31c358a -> a7a43d27e69b * **google.golang.org/grpc** v1.72.0 -> v1.76.0 * **google.golang.org/protobuf** v1.36.6 -> v1.36.10 * **k8s.io/api** v0.32.3 -> v0.34.1 * **k8s.io/apimachinery** v0.32.3 -> v0.34.1 * **k8s.io/client-go** v0.32.3 -> v0.34.1 * **k8s.io/cri-api** v0.32.3 -> v0.34.1 * **k8s.io/utils** 3ea5e8cea738 -> 4c0f3b243397 * **sigs.k8s.io/json** 9aa6b5e7a4b3 -> cfa47c3a1cc8 * **sigs.k8s.io/randfill** v1.0.0 **_new_** * **sigs.k8s.io/structured-merge-diff/v6** v6.3.0 **_new_** * **sigs.k8s.io/yaml** v1.4.0 -> v1.6.0 Previous release can be found at [v2.1.0](https://github.com/containerd/containerd/releases/tag/v2.1.0) ### Which file should I download? * `containerd-<VERSION>-<OS>-<ARCH>.tar.gz`: ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04). * `containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz`: Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent. In addition to containerd, typically you will have to install [runc](https://github.com/opencontainers/runc/releases) and [CNI plugins](https://github.com/containernetworking/plugins/releases) from their official sites too. See also the [Getting Started](https://github.com/containerd/containerd/blob/main/docs/getting-started.md) documentation.
-
v2.2.0-rc.0
870bb7c8 · ·containerd 2.2.0-rc.0 Welcome to the v2.2.0-rc.0 release of containerd! *This is a pre-release of containerd* The second minor release of containerd 2.x focuses on continued stability alongside new features and improvements. This is the second time-based released for containerd. ### Highlights * Add mount manager ([#12063](https://github.com/containerd/containerd/pull/12063)) * Add conf.d include in the default config ([#12323](https://github.com/containerd/containerd/pull/12323)) * Add support for back references in the garbage collector ([#12025](https://github.com/containerd/containerd/pull/12025)) #### Container Runtime Interface (CRI) * Implement CRI ListPodSandboxMetrics ([#10691](https://github.com/containerd/containerd/pull/10691)) * Support image volume mount subpath ([#11578](https://github.com/containerd/containerd/pull/11578)) #### Go client * Update pkg/oci to use fs.FS interface and os.OpenRoot ([#12245](https://github.com/containerd/containerd/pull/12245)) #### Image Distribution * Add parallel unpack support ([#12332](https://github.com/containerd/containerd/pull/12332)) * Add referrers fetcher to remotes ([#12309](https://github.com/containerd/containerd/pull/12309)) * Tar unpack progress through transfer service ([#11921](https://github.com/containerd/containerd/pull/11921)) #### Image Storage * Update erofs snapshotter to use mount manager ([#12333](https://github.com/containerd/containerd/pull/12333)) * Add snapshotter and differ for block CIMs ([#12050](https://github.com/containerd/containerd/pull/12050)) * Add tar index mode to erofs snapshotter ([#11919](https://github.com/containerd/containerd/pull/11919)) #### Node Resource Interface (NRI) * Enable otel traces in NRI ([#12082](https://github.com/containerd/containerd/pull/12082)) * Add WASM plugin support ([containerd/nri#121](https://github.com/containerd/nri/pull/121)) #### Runtime * Improve shim load time after restart by loading in parallel ([#12142](https://github.com/containerd/containerd/pull/12142)) * Fix pidfd leak in UnshareAfterEnterUserns ([#12167](https://github.com/containerd/containerd/pull/12167)) #### Deprecations * Postpone v2.2 deprecation items to v2.3 ([#12417](https://github.com/containerd/containerd/pull/12417)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Phil Estes * Akihiro Suda * Maksym Pavlenko * Krisztian Litkey * Wei Fu * Mike Brown * Markus Lehtonen * Sebastiaan van Stijn * Samuel Karp * ningmingxiao * Akhil Mohan * Austin Vazquez * yashsingh74 * Gao Xiang * Jin Dong * Chris Henzie * Kirtana Ashok * Aadhar Agarwal * Etienne Champetier * Henry Wang * Rodrigo Campos * Sascha Grunert * Aleksa Sarai * Eric Mountain * Keith Mattix II * Paweł Gronowski * Tõnis Tiigi * Adrien Delorme * Apurv Barve * Enji Cooper * Kohei Tokunaga * Max Jonas Werner * Rehan Khan * Yang Yang * jinda.ljd * jokemanfire * Amit Barve * Andrew Halaney * Antonio Ojea * Brian Goff * Carlos Eduardo Arango Gutierrez * Chenyang Yan * Dawei Wei * Divya Rani * Evan Anderson * Fabiano Fidêncio * Iceber Gu * Jared Ledvina * Jonathan Perkin * Jose Fernandez * Karl Baumgartner * Osama Abdelkader * Radostin Stoyanov * Ruidong Cao * Sameer * Sergey Kanzhelev * Swagat Bora * Sylvain MOUQUET * Tom Wieczorek * Tycho Andersen * Ubuntu * Wuyue (Tony) Sun * suranmiao * tanhuaan * zounengren ### Dependency Changes * **dario.cat/mergo** v1.0.1 -> v1.0.2 * **github.com/Microsoft/hcsshim** v0.13.0-rc.3 -> v0.14.0-rc.1 * **github.com/StackExchange/wmi** cbe66965904d **_new_** * **github.com/checkpoint-restore/checkpointctl** v1.3.0 -> v1.4.0 * **github.com/containerd/cgroups/v3** v3.0.5 -> v3.1.0 * **github.com/containerd/console** v1.0.4 -> v1.0.5 * **github.com/containerd/containerd/api** v1.9.0 -> v1.10.0-rc.0 * **github.com/containerd/go-cni** v1.1.12 -> v1.1.13 * **github.com/containerd/nri** v0.8.0 -> v0.10.0 * **github.com/containernetworking/plugins** v1.7.1 -> v1.8.0 * **github.com/coreos/go-systemd/v22** v22.5.0 -> v22.6.0 * **github.com/cpuguy83/go-md2man/v2** v2.0.5 -> v2.0.7 * **github.com/emicklei/go-restful/v3** v3.11.0 -> v3.13.0 * **github.com/fxamacker/cbor/v2** v2.7.0 -> v2.9.0 * **github.com/go-jose/go-jose/v4** v4.0.5 -> v4.1.2 * **github.com/go-logr/logr** v1.4.2 -> v1.4.3 * **github.com/go-ole/go-ole** v1.2.6 **_new_** * **github.com/golang/groupcache** 41bb18bfe9da -> 2c02b8208cf8 * **github.com/google/certtostore** v1.0.6 **_new_** * **github.com/google/deck** 105ad94aa8ae **_new_** * **github.com/gorilla/websocket** v1.5.0 -> e064f32e3674 * **github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus** v1.0.1 -> v1.1.0 * **github.com/hashicorp/errwrap** v1.1.0 **_new_** * **github.com/intel/goresctrl** v0.8.0 -> v0.9.0 * **github.com/klauspost/compress** v1.18.0 -> v1.18.1 * **github.com/knqyf263/go-plugin** v0.9.0 **_new_** * **github.com/moby/sys/capability** v0.4.0 **_new_** * **github.com/modern-go/reflect2** v1.0.2 -> 35a7c28c31ee * **github.com/opencontainers/runtime-tools** 2e043c6bd626 -> 0ea5ed0382a2 * **github.com/prometheus/client_golang** v1.22.0 -> v1.23.2 * **github.com/prometheus/client_model** v0.6.1 -> v0.6.2 * **github.com/prometheus/common** v0.62.0 -> v0.66.1 * **github.com/prometheus/procfs** v0.15.1 -> v0.16.1 * **github.com/stretchr/testify** v1.10.0 -> v1.11.1 * **github.com/tchap/go-patricia/v2** v2.3.2 -> v2.3.3 * **github.com/tetratelabs/wazero** v1.9.0 **_new_** * **github.com/urfave/cli/v2** v2.27.6 -> v2.27.7 * **github.com/vishvananda/netlink** 0e7078ed04c8 -> v1.3.1 * **go.etcd.io/bbolt** v1.4.0 -> v1.4.3 * **go.opentelemetry.io/otel** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/metric** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/sdk** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/trace** v1.35.0 -> v1.37.0 * **go.uber.org/goleak** v1.3.0 **_new_** * **go.yaml.in/yaml/v2** v2.4.2 **_new_** * **golang.org/x/crypto** v0.36.0 -> v0.41.0 * **golang.org/x/mod** v0.24.0 -> v0.29.0 * **golang.org/x/net** v0.38.0 -> v0.43.0 * **golang.org/x/oauth2** v0.27.0 -> v0.30.0 * **golang.org/x/sync** v0.14.0 -> v0.17.0 * **golang.org/x/sys** v0.33.0 -> v0.37.0 * **golang.org/x/term** v0.30.0 -> v0.34.0 * **golang.org/x/text** v0.23.0 -> v0.28.0 * **golang.org/x/time** v0.7.0 -> v0.14.0 * **google.golang.org/genproto/googleapis/api** 56aae31c358a -> a7a43d27e69b * **google.golang.org/genproto/googleapis/rpc** 56aae31c358a -> a7a43d27e69b * **google.golang.org/grpc** v1.72.0 -> v1.76.0 * **google.golang.org/protobuf** v1.36.6 -> v1.36.10 * **k8s.io/api** v0.32.3 -> v0.34.1 * **k8s.io/apimachinery** v0.32.3 -> v0.34.1 * **k8s.io/client-go** v0.32.3 -> v0.34.1 * **k8s.io/cri-api** v0.32.3 -> v0.34.1 * **k8s.io/utils** 3ea5e8cea738 -> 4c0f3b243397 * **sigs.k8s.io/json** 9aa6b5e7a4b3 -> cfa47c3a1cc8 * **sigs.k8s.io/randfill** v1.0.0 **_new_** * **sigs.k8s.io/structured-merge-diff/v6** v6.3.0 **_new_** * **sigs.k8s.io/yaml** v1.4.0 -> v1.6.0 Previous release can be found at [v2.1.0](https://github.com/containerd/containerd/releases/tag/v2.1.0) ### Which file should I download? * `containerd-<VERSION>-<OS>-<ARCH>.tar.gz`: ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04). * `containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz`: Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent. In addition to containerd, typically you will have to install [runc](https://github.com/opencontainers/runc/releases) and [CNI plugins](https://github.com/containernetworking/plugins/releases) from their official sites too. See also the [Getting Started](https://github.com/containerd/containerd/blob/main/docs/getting-started.md) documentation.
-
api/v1.10.0-rc.0
4f0b20fe · ·containerd api/v1.10.0-rc.0 Welcome to the api/v1.10.0-rc.0 release of containerd! *This is a pre-release of containerd* The 11th release for the containerd 1.x API aligns with the containerd 2.2 release. ### Highlights * Add mount manager ([#12063](https://github.com/containerd/containerd/pull/12063)) #### Image Distribution * Add parallel unpack support ([#12332](https://github.com/containerd/containerd/pull/12332)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Henry Wang * Wei Fu ### Changes <details><summary>10 commits</summary> <p> * Prepare release notes for api/v1.10.0-rc.0 ([#12408](https://github.com/containerd/containerd/pull/12408)) * [`fbc7848f2`](https://github.com/containerd/containerd/commit/fbc7848f2378afa2cf58c868bfcab1467f3ccccd) Prepare release notes for api/v1.10.0-rc.0 * Add parallel unpack support ([#12332](https://github.com/containerd/containerd/pull/12332)) * [`0198b87fc`](https://github.com/containerd/containerd/commit/0198b87fcfb31492c23de83059291efc0f06a1f9) Implement parallel unpack * Prepare release notes for api/v1.10.0-beta.0 ([#12346](https://github.com/containerd/containerd/pull/12346)) * [`aa571f63c`](https://github.com/containerd/containerd/commit/aa571f63c6529d827bfef02956a8db9bee57ab8c) Prepare release notes for api/v1.10.0-beta.0 * Add mount manager ([#12063](https://github.com/containerd/containerd/pull/12063)) * [`8db301086`](https://github.com/containerd/containerd/commit/8db3010865ae9926aed6c5e476a7c6b2413b44d5) Add mounts api service * [`67fbf9db9`](https://github.com/containerd/containerd/commit/67fbf9db9cbf6ae83df58d18a19f32b28ebc0017) Generate and vendor proto changes * [`c5097ac63`](https://github.com/containerd/containerd/commit/c5097ac63fd704213c507a2b712fa2db7744090b) Add mount manager to protobuf services and types </p> </details> ### Dependency Changes This release has no dependency changes Previous release can be found at [api/v1.9.0](https://github.com/containerd/containerd/releases/tag/api/v1.9.0)
-
v2.2.0-beta.2
995d9718 · ·containerd 2.2.0-beta.2 Welcome to the v2.2.0-beta.2 release of containerd! *This is a pre-release of containerd* The second minor release of containerd 2.x focuses on continued stability alongside new features and improvements. This is the second time-based released for containerd. This is a beta release and some functionality is still under development. ### Highlights * Update erofs snapshotter to use mount manager ([#12333](https://github.com/containerd/containerd/pull/12333)) * Add mount manager ([#12063](https://github.com/containerd/containerd/pull/12063)) * Add conf.d include in the default config ([#12323](https://github.com/containerd/containerd/pull/12323)) * Add support for back references in the garbage collector ([#12025](https://github.com/containerd/containerd/pull/12025)) #### Go client * Update pkg/oci to use fs.FS interface and os.OpenRoot ([#12245](https://github.com/containerd/containerd/pull/12245)) #### Image Distribution * Add referrers fetcher to remotes ([#12309](https://github.com/containerd/containerd/pull/12309)) * Tar unpack progress through transfer service ([#11921](https://github.com/containerd/containerd/pull/11921)) #### Image Storage * Add snapshotter and differ for block CIMs ([#12050](https://github.com/containerd/containerd/pull/12050)) * Add tar index mode to erofs snapshotter ([#11919](https://github.com/containerd/containerd/pull/11919)) #### Node Resource Interface (NRI) * Enable otel traces in NRI ([#12082](https://github.com/containerd/containerd/pull/12082)) * Add WASM plugin support ([containerd/nri#121](https://github.com/containerd/nri/pull/121)) #### Runtime * Improve shim load time after restart by loading in parallel ([#12142](https://github.com/containerd/containerd/pull/12142)) * Fix pidfd leak in UnshareAfterEnterUserns ([#12167](https://github.com/containerd/containerd/pull/12167)) #### Deprecations * 1.6 is EOL ([#12348](https://github.com/containerd/containerd/pull/12348)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Phil Estes * Maksym Pavlenko * Akihiro Suda * Krisztian Litkey * Mike Brown * Wei Fu * Markus Lehtonen * Sebastiaan van Stijn * Samuel Karp * ningmingxiao * Austin Vazquez * yashsingh74 * Jin Dong * Chris Henzie * Gao Xiang * Kirtana Ashok * Aadhar Agarwal * Etienne Champetier * Rodrigo Campos * Akhil Mohan * Sascha Grunert * Henry Wang * Aleksa Sarai * Eric Mountain * Keith Mattix II * Paweł Gronowski * Adrien Delorme * Apurv Barve * Enji Cooper * Kohei Tokunaga * Max Jonas Werner * Rehan Khan * Tõnis Tiigi * Yang Yang * jinda.ljd * jokemanfire * Amit Barve * Andrew Halaney * Antonio Ojea * Brian Goff * Carlos Eduardo Arango Gutierrez * Chenyang Yan * Dawei Wei * Divya Rani * Fabiano Fidêncio * Iceber Gu * Jared Ledvina * Jonathan Perkin * Jose Fernandez * Karl Baumgartner * Osama Abdelkader * Radostin Stoyanov * Ruidong Cao * Sameer * Sergey Kanzhelev * Swagat Bora * Sylvain MOUQUET * Tom Wieczorek * Tycho Andersen * Ubuntu * Wuyue (Tony) Sun * suranmiao * tanhuaan * zounengren ### Dependency Changes * **dario.cat/mergo** v1.0.1 -> v1.0.2 * **github.com/Microsoft/hcsshim** v0.13.0-rc.3 -> v0.14.0-rc.1 * **github.com/StackExchange/wmi** cbe66965904d **_new_** * **github.com/checkpoint-restore/checkpointctl** v1.3.0 -> v1.4.0 * **github.com/containerd/console** v1.0.4 -> v1.0.5 * **github.com/containerd/containerd/api** v1.9.0 -> v1.10.0-beta.1 * **github.com/containerd/go-cni** v1.1.12 -> v1.1.13 * **github.com/containerd/nri** v0.8.0 -> v0.10.0 * **github.com/containernetworking/plugins** v1.7.1 -> v1.8.0 * **github.com/coreos/go-systemd/v22** v22.5.0 -> v22.6.0 * **github.com/cpuguy83/go-md2man/v2** v2.0.5 -> v2.0.7 * **github.com/emicklei/go-restful/v3** v3.11.0 -> v3.13.0 * **github.com/fxamacker/cbor/v2** v2.7.0 -> v2.9.0 * **github.com/go-jose/go-jose/v4** v4.0.5 -> v4.1.2 * **github.com/go-logr/logr** v1.4.2 -> v1.4.3 * **github.com/go-ole/go-ole** v1.2.6 **_new_** * **github.com/golang/groupcache** 41bb18bfe9da -> 2c02b8208cf8 * **github.com/google/certtostore** v1.0.6 **_new_** * **github.com/google/deck** 105ad94aa8ae **_new_** * **github.com/gorilla/websocket** v1.5.0 -> e064f32e3674 * **github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus** v1.0.1 -> v1.1.0 * **github.com/hashicorp/errwrap** v1.1.0 **_new_** * **github.com/intel/goresctrl** v0.8.0 -> v0.9.0 * **github.com/klauspost/compress** v1.18.0 -> v1.18.1 * **github.com/knqyf263/go-plugin** v0.9.0 **_new_** * **github.com/moby/sys/capability** v0.4.0 **_new_** * **github.com/modern-go/reflect2** v1.0.2 -> 35a7c28c31ee * **github.com/opencontainers/runtime-tools** 2e043c6bd626 -> 0ea5ed0382a2 * **github.com/prometheus/client_golang** v1.22.0 -> v1.23.2 * **github.com/prometheus/client_model** v0.6.1 -> v0.6.2 * **github.com/prometheus/common** v0.62.0 -> v0.66.1 * **github.com/prometheus/procfs** v0.15.1 -> v0.16.1 * **github.com/stretchr/testify** v1.10.0 -> v1.11.1 * **github.com/tchap/go-patricia/v2** v2.3.2 -> v2.3.3 * **github.com/tetratelabs/wazero** v1.9.0 **_new_** * **github.com/urfave/cli/v2** v2.27.6 -> v2.27.7 * **github.com/vishvananda/netlink** 0e7078ed04c8 -> v1.3.1 * **go.etcd.io/bbolt** v1.4.0 -> v1.4.3 * **go.opentelemetry.io/otel** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/metric** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/sdk** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/trace** v1.35.0 -> v1.37.0 * **go.uber.org/goleak** v1.3.0 **_new_** * **go.yaml.in/yaml/v2** v2.4.2 **_new_** * **golang.org/x/crypto** v0.36.0 -> v0.41.0 * **golang.org/x/mod** v0.24.0 -> v0.29.0 * **golang.org/x/net** v0.38.0 -> v0.43.0 * **golang.org/x/oauth2** v0.27.0 -> v0.30.0 * **golang.org/x/sync** v0.14.0 -> v0.17.0 * **golang.org/x/sys** v0.33.0 -> v0.37.0 * **golang.org/x/term** v0.30.0 -> v0.34.0 * **golang.org/x/text** v0.23.0 -> v0.28.0 * **golang.org/x/time** v0.7.0 -> v0.9.0 * **google.golang.org/genproto/googleapis/api** 56aae31c358a -> a7a43d27e69b * **google.golang.org/genproto/googleapis/rpc** 56aae31c358a -> a7a43d27e69b * **google.golang.org/grpc** v1.72.0 -> v1.76.0 * **google.golang.org/protobuf** v1.36.6 -> v1.36.10 * **k8s.io/api** v0.32.3 -> v0.34.1 * **k8s.io/apimachinery** v0.32.3 -> v0.34.1 * **k8s.io/client-go** v0.32.3 -> v0.34.1 * **k8s.io/cri-api** v0.32.3 -> v0.34.1 * **k8s.io/utils** 3ea5e8cea738 -> 4c0f3b243397 * **sigs.k8s.io/json** 9aa6b5e7a4b3 -> cfa47c3a1cc8 * **sigs.k8s.io/randfill** v1.0.0 **_new_** * **sigs.k8s.io/structured-merge-diff/v6** v6.3.0 **_new_** * **sigs.k8s.io/yaml** v1.4.0 -> v1.6.0 Previous release can be found at [v2.1.0](https://github.com/containerd/containerd/releases/tag/v2.1.0) ### Which file should I download? * `containerd-<VERSION>-<OS>-<ARCH>.tar.gz`: ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04). * `containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz`: Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent. In addition to containerd, typically you will have to install [runc](https://github.com/opencontainers/runc/releases) and [CNI plugins](https://github.com/containernetworking/plugins/releases) from their official sites too. See also the [Getting Started](https://github.com/containerd/containerd/blob/main/docs/getting-started.md) documentation.
-
v2.2.0-beta.1
d94e514f · ·containerd 2.2.0-beta.1 Welcome to the v2.2.0-beta.1 release of containerd! *This is a pre-release of containerd* The second minor release of containerd 2.x focuses on continued stability alongside new features and improvements. This is the second time-based released for containerd. This is a beta release and some functionality is still under development. ### Highlights * Add mount manager ([#12063](https://github.com/containerd/containerd/pull/12063)) * Add conf.d include in the default config ([#12323](https://github.com/containerd/containerd/pull/12323)) * Add support for back references in the garbage collector ([#12025](https://github.com/containerd/containerd/pull/12025)) #### Go client * Update pkg/oci to use fs.FS interface and os.OpenRoot ([#12245](https://github.com/containerd/containerd/pull/12245)) #### Image Distribution * Add referrers fetcher to remotes ([#12309](https://github.com/containerd/containerd/pull/12309)) * Tar unpack progress through transfer service ([#11921](https://github.com/containerd/containerd/pull/11921)) #### Image Storage * Add snapshotter and differ for block CIMs ([#12050](https://github.com/containerd/containerd/pull/12050)) * Add tar index mode to erofs snapshotter ([#11919](https://github.com/containerd/containerd/pull/11919)) #### Node Resource Interface (NRI) * Enable otel traces in NRI ([#12082](https://github.com/containerd/containerd/pull/12082)) * Add WASM plugin support ([containerd/nri#121](https://github.com/containerd/nri/pull/121)) #### Runtime * Fix pidfd leak in UnshareAfterEnterUserns ([#12167](https://github.com/containerd/containerd/pull/12167)) #### Deprecations * 1.6 is EOL ([#12348](https://github.com/containerd/containerd/pull/12348)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Phil Estes * Maksym Pavlenko * Krisztian Litkey * Akihiro Suda * Mike Brown * Wei Fu * Markus Lehtonen * Sebastiaan van Stijn * Samuel Karp * Austin Vazquez * ningmingxiao * yashsingh74 * Jin Dong * Kirtana Ashok * Aadhar Agarwal * Chris Henzie * Etienne Champetier * Rodrigo Campos * Akhil Mohan * Gao Xiang * Sascha Grunert * Henry Wang * Aleksa Sarai * Eric Mountain * Keith Mattix II * Paweł Gronowski * Adrien Delorme * Apurv Barve * Enji Cooper * Kohei Tokunaga * Rehan Khan * Yang Yang * jokemanfire * Amit Barve * Andrew Halaney * Antonio Ojea * Brian Goff * Carlos Eduardo Arango Gutierrez * Chenyang Yan * Dawei Wei * Divya Rani * Fabiano Fidêncio * Iceber Gu * Jared Ledvina * Jonathan Perkin * Jose Fernandez * Karl Baumgartner * Osama Abdelkader * Radostin Stoyanov * Ruidong Cao * Sameer * Sergey Kanzhelev * Swagat Bora * Sylvain MOUQUET * Tom Wieczorek * Tycho Andersen * Tõnis Tiigi * Wuyue (Tony) Sun * jinda.ljd * tanhuaan * zounengren ### Dependency Changes * **dario.cat/mergo** v1.0.1 -> v1.0.2 * **github.com/Microsoft/hcsshim** v0.13.0-rc.3 -> v0.14.0-rc.1 * **github.com/StackExchange/wmi** cbe66965904d **_new_** * **github.com/checkpoint-restore/checkpointctl** v1.3.0 -> v1.4.0 * **github.com/containerd/console** v1.0.4 -> v1.0.5 * **github.com/containerd/containerd/api** v1.9.0 -> v1.10.0-beta.1 * **github.com/containerd/go-cni** v1.1.12 -> v1.1.13 * **github.com/containerd/nri** v0.8.0 -> v0.10.0 * **github.com/containernetworking/plugins** v1.7.1 -> v1.8.0 * **github.com/coreos/go-systemd/v22** v22.5.0 -> v22.6.0 * **github.com/cpuguy83/go-md2man/v2** v2.0.5 -> v2.0.7 * **github.com/emicklei/go-restful/v3** v3.11.0 -> v3.13.0 * **github.com/fxamacker/cbor/v2** v2.7.0 -> v2.9.0 * **github.com/go-jose/go-jose/v4** v4.0.5 -> v4.1.2 * **github.com/go-logr/logr** v1.4.2 -> v1.4.3 * **github.com/go-ole/go-ole** v1.2.6 **_new_** * **github.com/golang/groupcache** 41bb18bfe9da -> 2c02b8208cf8 * **github.com/google/certtostore** v1.0.6 **_new_** * **github.com/google/deck** 105ad94aa8ae **_new_** * **github.com/gorilla/websocket** v1.5.0 -> e064f32e3674 * **github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus** v1.0.1 -> v1.1.0 * **github.com/hashicorp/errwrap** v1.1.0 **_new_** * **github.com/intel/goresctrl** v0.8.0 -> v0.9.0 * **github.com/knqyf263/go-plugin** v0.9.0 **_new_** * **github.com/moby/sys/capability** v0.4.0 **_new_** * **github.com/modern-go/reflect2** v1.0.2 -> 35a7c28c31ee * **github.com/opencontainers/runtime-tools** 2e043c6bd626 -> 0ea5ed0382a2 * **github.com/prometheus/client_golang** v1.22.0 -> v1.23.2 * **github.com/prometheus/client_model** v0.6.1 -> v0.6.2 * **github.com/prometheus/common** v0.62.0 -> v0.66.1 * **github.com/prometheus/procfs** v0.15.1 -> v0.16.1 * **github.com/stretchr/testify** v1.10.0 -> v1.11.1 * **github.com/tchap/go-patricia/v2** v2.3.2 -> v2.3.3 * **github.com/tetratelabs/wazero** v1.9.0 **_new_** * **github.com/urfave/cli/v2** v2.27.6 -> v2.27.7 * **github.com/vishvananda/netlink** 0e7078ed04c8 -> v1.3.1 * **go.etcd.io/bbolt** v1.4.0 -> v1.4.3 * **go.opentelemetry.io/otel** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/metric** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/sdk** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/trace** v1.35.0 -> v1.37.0 * **go.uber.org/goleak** v1.3.0 **_new_** * **go.yaml.in/yaml/v2** v2.4.2 **_new_** * **golang.org/x/crypto** v0.36.0 -> v0.41.0 * **golang.org/x/mod** v0.24.0 -> v0.28.0 * **golang.org/x/net** v0.38.0 -> v0.43.0 * **golang.org/x/oauth2** v0.27.0 -> v0.30.0 * **golang.org/x/sync** v0.14.0 -> v0.17.0 * **golang.org/x/sys** v0.33.0 -> v0.36.0 * **golang.org/x/term** v0.30.0 -> v0.34.0 * **golang.org/x/text** v0.23.0 -> v0.28.0 * **golang.org/x/time** v0.7.0 -> v0.9.0 * **google.golang.org/genproto/googleapis/api** 56aae31c358a -> a7a43d27e69b * **google.golang.org/genproto/googleapis/rpc** 56aae31c358a -> a7a43d27e69b * **google.golang.org/grpc** v1.72.0 -> v1.76.0 * **google.golang.org/protobuf** v1.36.6 -> v1.36.10 * **k8s.io/api** v0.32.3 -> v0.34.1 * **k8s.io/apimachinery** v0.32.3 -> v0.34.1 * **k8s.io/client-go** v0.32.3 -> v0.34.1 * **k8s.io/cri-api** v0.32.3 -> v0.34.1 * **k8s.io/utils** 3ea5e8cea738 -> 4c0f3b243397 * **sigs.k8s.io/json** 9aa6b5e7a4b3 -> cfa47c3a1cc8 * **sigs.k8s.io/randfill** v1.0.0 **_new_** * **sigs.k8s.io/structured-merge-diff/v6** v6.3.0 **_new_** * **sigs.k8s.io/yaml** v1.4.0 -> v1.6.0 Previous release can be found at [v2.1.0](https://github.com/containerd/containerd/releases/tag/v2.1.0) ### Which file should I download? * `containerd-<VERSION>-<OS>-<ARCH>.tar.gz`: ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04). * `containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz`: Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent. In addition to containerd, typically you will have to install [runc](https://github.com/opencontainers/runc/releases) and [CNI plugins](https://github.com/containernetworking/plugins/releases) from their official sites too. See also the [Getting Started](https://github.com/containerd/containerd/blob/main/docs/getting-started.md) documentation.
-
api/v1.10.0-beta.1
ea46953f · ·containerd api/v1.10.0-beta.1 Welcome to the api/v1.10.0-beta.1 release of containerd! *This is a pre-release of containerd* The 11th release for the containerd 1.x API aligns with the containerd 2.2 release. ### Highlights * Add mount manager ([#12063](https://github.com/containerd/containerd/pull/12063)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Wei Fu ### Changes <details><summary>6 commits</summary> <p> * Prepare release notes for api/v1.10.0-beta.0 ([#12346](https://github.com/containerd/containerd/pull/12346)) * [`aa571f63c`](https://github.com/containerd/containerd/commit/aa571f63c6529d827bfef02956a8db9bee57ab8c) Prepare release notes for api/v1.10.0-beta.0 * Add mount manager ([#12063](https://github.com/containerd/containerd/pull/12063)) * [`8db301086`](https://github.com/containerd/containerd/commit/8db3010865ae9926aed6c5e476a7c6b2413b44d5) Add mounts api service * [`67fbf9db9`](https://github.com/containerd/containerd/commit/67fbf9db9cbf6ae83df58d18a19f32b28ebc0017) Generate and vendor proto changes * [`c5097ac63`](https://github.com/containerd/containerd/commit/c5097ac63fd704213c507a2b712fa2db7744090b) Add mount manager to protobuf services and types </p> </details> ### Dependency Changes This release has no dependency changes Previous release can be found at [api/v1.9.0](https://github.com/containerd/containerd/releases/tag/api/v1.9.0)
-
api/v1.10.0-beta.0
7669bb4f · ·containerd api/v1.10.0-beta.0 Welcome to the api/v1.10.0-beta.0 release of containerd! *This is a pre-release of containerd* The 11th release for the containerd 1.x API aligns with the containerd 2.2 release. ### Highlights * Add mount manager ([#12063](https://github.com/containerd/containerd/pull/12063)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Wei Fu ### Changes <details><summary>6 commits</summary> <p> * Prepare release notes for api/v1.10.0-beta.0 ([#12346](https://github.com/containerd/containerd/pull/12346)) * [`aa571f63c`](https://github.com/containerd/containerd/commit/aa571f63c6529d827bfef02956a8db9bee57ab8c) Prepare release notes for api/v1.10.0-beta.0 * Add mount manager ([#12063](https://github.com/containerd/containerd/pull/12063)) * [`8db301086`](https://github.com/containerd/containerd/commit/8db3010865ae9926aed6c5e476a7c6b2413b44d5) Add mounts api service * [`67fbf9db9`](https://github.com/containerd/containerd/commit/67fbf9db9cbf6ae83df58d18a19f32b28ebc0017) Generate and vendor proto changes * [`c5097ac63`](https://github.com/containerd/containerd/commit/c5097ac63fd704213c507a2b712fa2db7744090b) Add mount manager to protobuf services and types </p> </details> ### Dependency Changes This release has no dependency changes Previous release can be found at [api/v1.9.0](https://github.com/containerd/containerd/releases/tag/api/v1.9.0)
-
v2.2.0-beta.0
5bcf77a5 · ·containerd 2.2.0-beta.0 Welcome to the v2.2.0-beta.0 release of containerd! *This is a pre-release of containerd* The second minor release of containerd 2.x focuses on continued stability alongside new features and improvements. This is the second time-based released for containerd. This is a beta release and some functionality is still under development. ### Highlights * Add support for back references in the garbage collector ([#12025](https://github.com/containerd/containerd/pull/12025)) #### Go client * Update pkg/oci to use fs.FS interface and os.OpenRoot ([#12245](https://github.com/containerd/containerd/pull/12245)) #### Image Distribution * Tar unpack progress through transfer service ([#11921](https://github.com/containerd/containerd/pull/11921)) #### Image Storage * Add snapshotter and differ for block CIMs ([#12050](https://github.com/containerd/containerd/pull/12050)) * Add tar index mode to erofs snapshotter ([#11919](https://github.com/containerd/containerd/pull/11919)) #### Node Resource Interface (NRI) * Enable otel traces in NRI ([#12082](https://github.com/containerd/containerd/pull/12082)) * Add WASM plugin support ([containerd/nri#121](https://github.com/containerd/nri/pull/121)) #### Runtime * Fix pidfd leak in UnshareAfterEnterUserns ([#12167](https://github.com/containerd/containerd/pull/12167)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Phil Estes * Derek McGowan * Krisztian Litkey * Akihiro Suda * Maksym Pavlenko * Mike Brown * Wei Fu * Markus Lehtonen * Samuel Karp * Sebastiaan van Stijn * Austin Vazquez * ningmingxiao * yashsingh74 * Jin Dong * Kirtana Ashok * Etienne Champetier * Rodrigo Campos * Akhil Mohan * Chris Henzie * Gao Xiang * Sascha Grunert * Aleksa Sarai * Eric Mountain * Keith Mattix II * Paweł Gronowski * Adrien Delorme * Enji Cooper * Kohei Tokunaga * Yang Yang * jokemanfire * Aadhar Agarwal * Amit Barve * Andrew Halaney * Antonio Ojea * Brian Goff * Chenyang Yan * Dawei Wei * Divya Rani * Fabiano Fidêncio * Henry Wang * Iceber Gu * Jared Ledvina * Jonathan Perkin * Jose Fernandez * Karl Baumgartner * Radostin Stoyanov * Rehan Khan * Ruidong Cao * Sameer * Swagat Bora * Sylvain MOUQUET * Tom Wieczorek * Tycho Andersen * Ubuntu * Wuyue (Tony) Sun * jinda.ljd * tanhuaan * zounengren ### Dependency Changes * **dario.cat/mergo** v1.0.1 -> v1.0.2 * **github.com/Microsoft/hcsshim** v0.13.0-rc.3 -> v0.14.0-rc.1 * **github.com/checkpoint-restore/checkpointctl** v1.3.0 -> v1.4.0 * **github.com/containerd/console** v1.0.4 -> v1.0.5 * **github.com/containerd/go-cni** v1.1.12 -> v1.1.13 * **github.com/containerd/nri** v0.8.0 -> v0.10.0 * **github.com/containernetworking/plugins** v1.7.1 -> v1.8.0 * **github.com/coreos/go-systemd/v22** v22.5.0 -> v22.6.0 * **github.com/cpuguy83/go-md2man/v2** v2.0.5 -> v2.0.7 * **github.com/emicklei/go-restful/v3** v3.11.0 -> v3.13.0 * **github.com/fxamacker/cbor/v2** v2.7.0 -> v2.9.0 * **github.com/go-jose/go-jose/v4** v4.0.5 -> v4.1.1 * **github.com/go-logr/logr** v1.4.2 -> v1.4.3 * **github.com/golang/groupcache** 41bb18bfe9da -> 2c02b8208cf8 * **github.com/gorilla/websocket** v1.5.0 -> e064f32e3674 * **github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus** v1.0.1 -> v1.1.0 * **github.com/intel/goresctrl** v0.8.0 -> v0.9.0 * **github.com/knqyf263/go-plugin** v0.9.0 **_new_** * **github.com/modern-go/reflect2** v1.0.2 -> 35a7c28c31ee * **github.com/prometheus/client_golang** v1.22.0 -> v1.23.2 * **github.com/prometheus/client_model** v0.6.1 -> v0.6.2 * **github.com/prometheus/common** v0.62.0 -> v0.66.1 * **github.com/prometheus/procfs** v0.15.1 -> v0.16.1 * **github.com/stretchr/testify** v1.10.0 -> v1.11.1 * **github.com/tchap/go-patricia/v2** v2.3.2 -> v2.3.3 * **github.com/tetratelabs/wazero** v1.9.0 **_new_** * **github.com/urfave/cli/v2** v2.27.6 -> v2.27.7 * **github.com/vishvananda/netlink** 0e7078ed04c8 -> v1.3.1 * **go.etcd.io/bbolt** v1.4.0 -> v1.4.3 * **go.opentelemetry.io/otel** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/metric** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/sdk** v1.35.0 -> v1.37.0 * **go.opentelemetry.io/otel/trace** v1.35.0 -> v1.37.0 * **go.uber.org/goleak** v1.3.0 **_new_** * **go.yaml.in/yaml/v2** v2.4.2 **_new_** * **golang.org/x/crypto** v0.36.0 -> v0.41.0 * **golang.org/x/mod** v0.24.0 -> v0.28.0 * **golang.org/x/net** v0.38.0 -> v0.43.0 * **golang.org/x/oauth2** v0.27.0 -> v0.30.0 * **golang.org/x/sync** v0.14.0 -> v0.17.0 * **golang.org/x/sys** v0.33.0 -> v0.36.0 * **golang.org/x/term** v0.30.0 -> v0.34.0 * **golang.org/x/text** v0.23.0 -> v0.28.0 * **golang.org/x/time** v0.7.0 -> v0.9.0 * **google.golang.org/genproto/googleapis/api** 56aae31c358a -> 8d1bb00bc6a7 * **google.golang.org/genproto/googleapis/rpc** 56aae31c358a -> 8d1bb00bc6a7 * **google.golang.org/grpc** v1.72.0 -> v1.75.1 * **google.golang.org/protobuf** v1.36.6 -> v1.36.9 * **k8s.io/api** v0.32.3 -> v0.34.1 * **k8s.io/apimachinery** v0.32.3 -> v0.34.1 * **k8s.io/client-go** v0.32.3 -> v0.34.1 * **k8s.io/cri-api** v0.32.3 -> v0.34.1 * **k8s.io/utils** 3ea5e8cea738 -> 4c0f3b243397 * **sigs.k8s.io/json** 9aa6b5e7a4b3 -> cfa47c3a1cc8 * **sigs.k8s.io/randfill** v1.0.0 **_new_** * **sigs.k8s.io/structured-merge-diff/v6** v6.3.0 **_new_** * **sigs.k8s.io/yaml** v1.4.0 -> v1.6.0 Previous release can be found at [v2.1.0](https://github.com/containerd/containerd/releases/tag/v2.1.0) ### Which file should I download? * `containerd-<VERSION>-<OS>-<ARCH>.tar.gz`: ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04). * `containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz`: Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent. In addition to containerd, typically you will have to install [runc](https://github.com/opencontainers/runc/releases) and [CNI plugins](https://github.com/containernetworking/plugins/releases) from their official sites too. See also the [Getting Started](https://github.com/containerd/containerd/blob/main/docs/getting-started.md) documentation.
-
v2.1.4
75cb2b71 · ·containerd 2.1.4 Welcome to the v2.1.4 release of containerd! The fourth patch release for containerd 2.1 contains various fixes and updates. ### Highlights #### Container Runtime Interface (CRI) * Fix containerd panic when sandbox extension is missing ([#12076](https://github.com/containerd/containerd/pull/12076)) * Update status response to return stable order for runtime handlers ([#12054](https://github.com/containerd/containerd/pull/12054)) #### Go client * Fix lazy gRPC connection mode waiting for connect on client creation ([#12079](https://github.com/containerd/containerd/pull/12079)) #### Image Distribution * Fix resolve deadlock issue in docker fetcher open ([#12127](https://github.com/containerd/containerd/pull/12127)) #### Image Storage * Update erofs snapshotter to make immutable optional ([#12091](https://github.com/containerd/containerd/pull/12091)) * Fix erofs filesystem UUID for tar-converted layers ([#12058](https://github.com/containerd/containerd/pull/12058)) #### Runtime * Fix close container io not closed when runtime create failed ([#12009](https://github.com/containerd/containerd/pull/12009)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Phil Estes * Eric Mountain * Maksym Pavlenko * Gao Xiang * Kirtana Ashok * ningmingxiao * Akihiro Suda * Austin Vazquez * Paweł Gronowski * Sebastiaan van Stijn * Wei Fu * jinda.ljd ### Changes <details><summary>26 commits</summary> <p> * Prepare release notes for v2.1.4 ([#12159](https://github.com/containerd/containerd/pull/12159)) * [`112e41363`](https://github.com/containerd/containerd/commit/112e41363bc25216c46fe4f3070f7f8b6d982cf2) Add release notes for v2.1.4 * Fix resolve deadlock issue in docker fetcher open ([#12127](https://github.com/containerd/containerd/pull/12127)) * [`add2dcf86`](https://github.com/containerd/containerd/commit/add2dcf8688019158fc1c015dddffe54c6610e24) Ensure fetcher always closes body and properly calls release * [`34a1cb1dd`](https://github.com/containerd/containerd/commit/34a1cb1dd1962520f6821b7273debf06a740ed6d) fix(dockerFetcher): resolve deadlock issue in dockerFetcher open * ci: bump Go 1.23.11, 1.24.5 ([#12115](https://github.com/containerd/containerd/pull/12115)) * [`82c4d6875`](https://github.com/containerd/containerd/commit/82c4d68755b6bb6749b8b328ec70fe0b7b776e1c) ci: bump Go 1.23.11, 1.24.5 * Backport windows test fixes ([#12119](https://github.com/containerd/containerd/pull/12119)) * [`6cc2a8d77`](https://github.com/containerd/containerd/commit/6cc2a8d779e29045f279cef041bec3d0569e75db) Fix intermittent test failures on Windows CIs * [`6adc69312`](https://github.com/containerd/containerd/commit/6adc69312f8f929f5e285d8fd3806c269853e850) Remove WS2025 from CIs due to regression * Update erofs snapshotter to make immutable optional ([#12091](https://github.com/containerd/containerd/pull/12091)) * [`8d194c19f`](https://github.com/containerd/containerd/commit/8d194c19febc6fd51c91ea5e43c720225cf553a0) erofs-snapshotter: make IMMUTABLE_FL optional * Fix lazy gRPC connection mode waiting for connect on client creation ([#12079](https://github.com/containerd/containerd/pull/12079)) * [`2df7175d7`](https://github.com/containerd/containerd/commit/2df7175d71d1e71c3b27f9c0879db4050b183fce) client/New: Don't unlazy the gRPC connection implicitly * backport: update go-md2man binary to v2.0.7 ([#12074](https://github.com/containerd/containerd/pull/12074)) * [`4902adb92`](https://github.com/containerd/containerd/commit/4902adb92fa3fb6c7764128eda5dc7ba2b596511) update go-md2man binary to v2.0.7 * Fix containerd panic when sandbox extension is missing ([#12076](https://github.com/containerd/containerd/pull/12076)) * [`02298e1a0`](https://github.com/containerd/containerd/commit/02298e1a03b92d36dba899c8aba82fc3c50422cd) cri:fix containerd panic when can't find sandbox extension * Fix erofs filesystem UUID for tar-converted layers ([#12058](https://github.com/containerd/containerd/pull/12058)) * [`583133e71`](https://github.com/containerd/containerd/commit/583133e7103145fcc338b695b2e6456c69fc52ee) erofs-differ: fix filesystem UUID for tar-converted layers * Update status response to return stable order for runtime handlers ([#12054](https://github.com/containerd/containerd/pull/12054)) * [`57db13d50`](https://github.com/containerd/containerd/commit/57db13d50de6d0c8a4587bc166d0a4ebee1dad02) Amend runtime handler test for stable order * [`d822c9048`](https://github.com/containerd/containerd/commit/d822c90480c0403d57cead351e8e53c063d07c1a) CRI: Stable sort for RuntimeHandlers * [`a2fd70639`](https://github.com/containerd/containerd/commit/a2fd70639e6a2aa82429ed2f4ce4967c15a03c3c) Test showing RuntimeHandlers in Status() are unordered * Fix close container io not closed when runtime create failed ([#12009](https://github.com/containerd/containerd/pull/12009)) * [`b74268f86`](https://github.com/containerd/containerd/commit/b74268f8674647234f6a08c005f84b38ba1adf63) bugfix:close container io when runtime create failed </p> </details> ### Dependency Changes This release has no dependency changes Previous release can be found at [v2.1.3](https://github.com/containerd/containerd/releases/tag/v2.1.3) ### Which file should I download? * `containerd-<VERSION>-<OS>-<ARCH>.tar.gz`: ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04). * `containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz`: Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent. In addition to containerd, typically you will have to install [runc](https://github.com/opencontainers/runc/releases) and [CNI plugins](https://github.com/containernetworking/plugins/releases) from their official sites too. See also the [Getting Started](https://github.com/containerd/containerd/blob/main/docs/getting-started.md) documentation.
-
v2.0.6
991cc336 · ·containerd 2.0.6 Welcome to the v2.0.6 release of containerd! The sixth patch release for containerd 2.0 includes various bug fixes and updates. ### Highlights * Update containerd config dump to reflect plugin config migrations ([#11772](https://github.com/containerd/containerd/pull/11772)) #### Container Runtime Interface (CRI) * Fix containerd panic when sandbox extension is missing ([#12077](https://github.com/containerd/containerd/pull/12077)) * Fix the panic caused by the failure of RunPodSandbox ([#12047](https://github.com/containerd/containerd/pull/12047)) * Add extension to sandbox metadata store on create sandbox ([#11808](https://github.com/containerd/containerd/pull/11808)) * Fix issue where Prometheus metric names changed for CRI ([#11750](https://github.com/containerd/containerd/pull/11750)) * Fix issue preventing some v2 shims from shutting down properly ([#11741](https://github.com/containerd/containerd/pull/11741)) #### Go client * Fix lazy gRPC connection mode waiting for connect on client creation ([#12080](https://github.com/containerd/containerd/pull/12080)) #### Image Distribution * Fix cross-repo mount fallback after authorization failure ([#11832](https://github.com/containerd/containerd/pull/11832)) #### Runtime * Fix container io to close after runtime create failure ([#12051](https://github.com/containerd/containerd/pull/12051)) * Fix incompatibility with some pre-v3 shims ([#11973](https://github.com/containerd/containerd/pull/11973)) * Update runc binary to v1.3.0 ([#11801](https://github.com/containerd/containerd/pull/11801)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Phil Estes * Austin Vazquez * Wei Fu * Akihiro Suda * Maksym Pavlenko * Samuel Karp * Yang Yang * Akhil Mohan * ningmingxiao * Alberto Garcia Hierro * Chris Henzie * HirazawaUi * Jin Dong * Kirtana Ashok * Paweł Gronowski * Vinayak Goyal ### Changes <details><summary>49 commits</summary> <p> * Prepare release notes for v2.0.6 ([#12145](https://github.com/containerd/containerd/pull/12145)) * [`d94b0fee6`](https://github.com/containerd/containerd/commit/d94b0fee617968ed919816d7c68d4583578dd697) Prepare release notes for v2.0.6 * ci: bump Go 1.23.11, 1.24.5 ([#12116](https://github.com/containerd/containerd/pull/12116)) * [`f901e3c81`](https://github.com/containerd/containerd/commit/f901e3c819c9a0f4d7c89258b754557029fa4d93) ci: bump Go 1.23.11, 1.24.5 * go.mod: golang.org/x/* latest ([#12097](https://github.com/containerd/containerd/pull/12097)) * [`7e4ac4761`](https://github.com/containerd/containerd/commit/7e4ac47612160a2038163a99048942e951fadd29) go.mod: golang.org/x/* latest * Fix lazy gRPC connection mode waiting for connect on client creation ([#12080](https://github.com/containerd/containerd/pull/12080)) * [`bed6d1401`](https://github.com/containerd/containerd/commit/bed6d1401087abe707a05da15eaae9626d43fc2a) client/New: Don't unlazy the gRPC connection implicitly * Fix containerd panic when sandbox extension is missing ([#12077](https://github.com/containerd/containerd/pull/12077)) * [`8094fa21a`](https://github.com/containerd/containerd/commit/8094fa21a62d67ee70369e1bb3e2973134de18a2) cri:fix containerd panic when can't find sandbox extension * Fix container io to close after runtime create failure ([#12051](https://github.com/containerd/containerd/pull/12051)) * [`552f717be`](https://github.com/containerd/containerd/commit/552f717be4dc2ec67c99afa0a2d305bf8a2b55f8) bugfix:close container io when runtime create failed * Fix the panic caused by the failure of RunPodSandbox ([#12047](https://github.com/containerd/containerd/pull/12047)) * [`c4394d05a`](https://github.com/containerd/containerd/commit/c4394d05a152b3382b9ecd0bc21c6be915b41216) Fix the panic caused by the failure of RunPodSandbox * ci: bump golang [1.23.10, 1.24.4] in build and release ([#11969](https://github.com/containerd/containerd/pull/11969)) * [`54f923a30`](https://github.com/containerd/containerd/commit/54f923a301e0b17712d0580eff032c43cf9edc98) ci: bump golang [1.23.10, 1.24.4] in build and release * [`2de777dfe`](https://github.com/containerd/containerd/commit/2de777dfe1372d025688f34110d05c2d7c4649ac) ci: bump golang [1.23.9, 1.24.3] in build and release * Enable CIs to run on WS2022 and WS2025 ([#11970](https://github.com/containerd/containerd/pull/11970)) * [`9724cd5ea`](https://github.com/containerd/containerd/commit/9724cd5eaccf15cfa292273dd2eaf2970433400b) Enable CIs to run on WS2022 and WS2025 * Fix incompatibility with some pre-v3 shims ([#11973](https://github.com/containerd/containerd/pull/11973)) * [`7fc3151fc`](https://github.com/containerd/containerd/commit/7fc3151fca7e0f7548aa7cf2aa76010e8f70b6a8) *: properly shutdown non-groupable shims to prevent resource leaks * [`4396336a1`](https://github.com/containerd/containerd/commit/4396336a11c306064ef2bc3358a157fda538400e) core/runtime: should invoke shim binary * [`10bcc6929`](https://github.com/containerd/containerd/commit/10bcc6929552f75f8bcbc90447b977ec10edc671) Revert "not set sandbox id when use podsandbox type" * [`f38eb62b6`](https://github.com/containerd/containerd/commit/f38eb62b63b5b5a209399a0d9301e4960ef17a12) integration: add testcase to recover ungroupable shim * [`2358561d5`](https://github.com/containerd/containerd/commit/2358561d5258624c56f21969fcbfe8c57f189fe3) Update release upgrade tests to test 1.7 and 2.0 * [`8931b1464`](https://github.com/containerd/containerd/commit/8931b14647cf4c0ca750fd12ebb44d074ea04f73) Fix upgrade test runtime config * Fetch image with default platform only in TestExportAndImportMultiLayer ([#11944](https://github.com/containerd/containerd/pull/11944)) * [`fc9235910`](https://github.com/containerd/containerd/commit/fc9235910d4dca7cd6189bb54f522d396c80db51) Fetch image with default platform only in TestExportAndImportMultiLayer * Add extension to sandbox metadata store on create sandbox ([#11808](https://github.com/containerd/containerd/pull/11808)) * [`f8679737e`](https://github.com/containerd/containerd/commit/f8679737eb84ac2808599376089f7f28be22a897) store extension when create sandbox in store * Fix cross-repo mount fallback after authorization failure ([#11832](https://github.com/containerd/containerd/pull/11832)) * [`cbfa66223`](https://github.com/containerd/containerd/commit/cbfa662234d8ebe78e35a8b6da46dfe5a50ff5c7) fix(docker pusher): if authorizing a cross-repo mount fails, fall back * .github: do not mark 2.0 releases as latest ([#11820](https://github.com/containerd/containerd/pull/11820)) * [`7bf4d0a40`](https://github.com/containerd/containerd/commit/7bf4d0a401b8160f2a5ba5c2fe57ef8df60aaa6e) .github: do not mark 2.0 releases as latest * Update runc binary to v1.3.0 ([#11801](https://github.com/containerd/containerd/pull/11801)) * [`fa5a08244`](https://github.com/containerd/containerd/commit/fa5a082442f308c5f6664ce178325fdebfe13200) Update runc binary to v1.3.0 * Revert "disable portmap test in ubuntu-22 to make CI happy" ([#11784](https://github.com/containerd/containerd/pull/11784)) * [`7cf3c604e`](https://github.com/containerd/containerd/commit/7cf3c604eb0bf0b8776f60b7e841476be727c32b) fix unbound SKIP_TEST variable error * [`827be7c9d`](https://github.com/containerd/containerd/commit/827be7c9dd805fad6f3e94ca0070045935c38051) Revert "disable portmap test in ubuntu-22 to make CI happy" * Update containerd config dump to reflect plugin config migrations ([#11772](https://github.com/containerd/containerd/pull/11772)) * [`626a57dd7`](https://github.com/containerd/containerd/commit/626a57dd72c64ea22fc67f55b0cc8d42e94ba055) fix: update containerd config dump to reflect plugin config migrations. * core/transfer/local: should not mark completed if it's not found ([#11768](https://github.com/containerd/containerd/pull/11768)) * [`983dd336f`](https://github.com/containerd/containerd/commit/983dd336f840de2ab7e64ed334adfc40b4f1458e) core/transfer/local: should not mark complete if it's not found * Fix issue where Prometheus metric names changed for CRI ([#11750](https://github.com/containerd/containerd/pull/11750)) * [`d2a30ea0c`](https://github.com/containerd/containerd/commit/d2a30ea0caab6bda8dc1dca5823d9d462c3d1b96) Revert criserver metrics subsystem back to cri * Fix issue preventing some v2 shims from shutting down properly ([#11741](https://github.com/containerd/containerd/pull/11741)) * [`e9804ee0e`](https://github.com/containerd/containerd/commit/e9804ee0e9d85788648b589c17e67a024a93151e) not set sandbox id when use podsandbox type * [CI] Fix vagrant ([#11740](https://github.com/containerd/containerd/pull/11740)) * [`9ddeff7f7`](https://github.com/containerd/containerd/commit/9ddeff7f7df90a7b1a732e2b48a5fcdef199def1) Fix vagrant setup </p> </details> ### Dependency Changes * **golang.org/x/crypto** v0.36.0 -> v0.40.0 * **golang.org/x/exp** aacd6d4b4611 -> 6ae5c78190dc * **golang.org/x/mod** v0.21.0 -> v0.26.0 * **golang.org/x/net** v0.37.0 -> v0.42.0 * **golang.org/x/oauth2** v0.28.0 -> v0.30.0 * **golang.org/x/sync** v0.12.0 -> v0.16.0 * **golang.org/x/sys** v0.31.0 -> v0.34.0 * **golang.org/x/term** v0.30.0 -> v0.33.0 * **golang.org/x/text** v0.23.0 -> v0.27.0 * **golang.org/x/time** v0.3.0 -> v0.12.0 Previous release can be found at [v2.0.5](https://github.com/containerd/containerd/releases/tag/v2.0.5) ### Which file should I download? * `containerd-<VERSION>-<OS>-<ARCH>.tar.gz`: ✅Recommended. Dynamically linked with glibc 2.31 (Ubuntu 20.04). * `containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz`: Statically linked. Expected to be used on non-glibc Linux distributions. Not position-independent. In addition to containerd, typically you will have to install [runc](https://github.com/opencontainers/runc/releases) and [CNI plugins](https://github.com/containernetworking/plugins/releases) from their official sites too. See also the [Getting Started](https://github.com/containerd/containerd/blob/main/docs/getting-started.md) documentation.
-
v1.7.28
b98a3aac · ·containerd 1.7.28 Welcome to the v1.7.28 release of containerd! The twenty-eighth patch release for containerd 1.7 contains various fixes and updates. ### Highlights #### Image Distribution * Refresh OAuth tokens when they expire during registry operations ([#11721](https://github.com/containerd/containerd/pull/11721)) * Set default differ for the default unpack config of transfer service ([#11689](https://github.com/containerd/containerd/pull/11689)) #### Runtime * Update runc binary to v1.3.0 ([#11800](https://github.com/containerd/containerd/pull/11800)) * Remove invalid error log when stopping container after containerd restart ([#11620](https://github.com/containerd/containerd/pull/11620)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Akhil Mohan * Akihiro Suda * Austin Vazquez * Maksym Pavlenko * Phil Estes * Derek McGowan * Kirtana Ashok * Henry Wang * Iain Macdonald * Jin Dong * Swagat Bora * Wei Fu * Yang Yang * madraceee ### Changes <details><summary>57 commits</summary> <p> * Prepare release notes for v1.7.28 ([#12134](https://github.com/containerd/containerd/pull/12134)) * [`b01b809f8`](https://github.com/containerd/containerd/commit/b01b809f89a27e19ff7531e1b88df07d2f40de97) Prepare release notes for v1.7.28 * ci: bump Go 1.23.11, 1.24.5 ([#12117](https://github.com/containerd/containerd/pull/12117)) * [`ce2373176`](https://github.com/containerd/containerd/commit/ce2373176b0db7cdcc3e289f57aeb59927ad0efb) ci: bump Go 1.23.11, 1.24.5 * Backport windows test fixes ([#12121](https://github.com/containerd/containerd/pull/12121)) * [`3c06bcc4d`](https://github.com/containerd/containerd/commit/3c06bcc4d2f5b55c501f9c5333596c5a6d0a980a) Fix intermittent test failures on Windows CIs * [`c6c0c6854`](https://github.com/containerd/containerd/commit/c6c0c6854ff663deb46363a8884a9015598c9f9b) Remove WS2025 from CIs due to regression * ci: use fedora 39 archive ([#12123](https://github.com/containerd/containerd/pull/12123)) * [`6d7e021cf`](https://github.com/containerd/containerd/commit/6d7e021cf0f0f6ba1d14f0b4f76ecdf7a005feaa) ci: use fedora/39-cloud-base image from archive * update runners to ubuntu 24.04 ([#11802](https://github.com/containerd/containerd/pull/11802)) * [`c362e18cc`](https://github.com/containerd/containerd/commit/c362e18ccd613b5baf04fff87832b871edfdecd5) CI: install OVMF for Vagrant * [`1d99bec21`](https://github.com/containerd/containerd/commit/1d99bec213063acdad8d7ad96ea4cbb78ab6b560) CI: fix "Unable to find a source package for vagrant" error * [`dafa3c48d`](https://github.com/containerd/containerd/commit/dafa3c48dffaff915bea2293eecd949fbdd94228) add debian sources for ubuntu-24 * [`b03301d85`](https://github.com/containerd/containerd/commit/b03301d851a5492808f36e5233a808a39575a1a0) partial: enable ubuntu 24 runners * [`13fbc5f97`](https://github.com/containerd/containerd/commit/13fbc5f970d1dee5425443a9b346d56ccc98db45) update release runners to ubuntu 24.04 * go.mod: golang.org/x/* latest ([#12096](https://github.com/containerd/containerd/pull/12096)) * [`da5d1a371`](https://github.com/containerd/containerd/commit/da5d1a3714ac06f6280740f668ebe95c62863c01) go.mod: golang.org/x/* latest * Remove additional fuzzers from instrumentation repo ([#12099](https://github.com/containerd/containerd/pull/12099)) * [`5fef123ba`](https://github.com/containerd/containerd/commit/5fef123ba77e3d9fd83f78fd34bdb80549034756) Remove additional fuzzers from CI * backport windows runner and golang toolchain updates ([#11972](https://github.com/containerd/containerd/pull/11972)) * [`a35978f5a`](https://github.com/containerd/containerd/commit/a35978f5af147f279280b34082c3781904bfd4cd) ci: bump golang [1.23.10, 1.24.4] in build and release * [`df035aa3e`](https://github.com/containerd/containerd/commit/df035aa3ef3d98eb48310d548439eb59c8b6d887) ci: bump golang [1.23.9, 1.24.3] in build and release * [`2a6d9fc71`](https://github.com/containerd/containerd/commit/2a6d9fc71e97ff0d742b21d0f62a05a70126aa21) use go1.23.8 as the default go version * [`15d4d6eba`](https://github.com/containerd/containerd/commit/15d4d6eba30565274e1ade4d545abab2dbbcf1f9) update to go 1.24.2, 1.23.8 * [`1613a3b1a`](https://github.com/containerd/containerd/commit/1613a3b1addf8fb8a50cef46860a1b7642d81589) Enable CIs to run on WS2022 and WS2025 * test: added runc v1 tests using vagrant ([#11896](https://github.com/containerd/containerd/pull/11896)) * [`60e73122c`](https://github.com/containerd/containerd/commit/60e73122c1f74524178ff1ea819a893d7cdb4372) test: added runc v1 tests using vagrant * Revert "disable portmap test in ubuntu-22 to make CI happy" ([#11803](https://github.com/containerd/containerd/pull/11803)) * [`10e1b515e`](https://github.com/containerd/containerd/commit/10e1b515ec9c497bcfd7b0758bff3f6c840b303a) Revert "Disable port mapping tests in CRI-in-UserNS" * [`7a680e884`](https://github.com/containerd/containerd/commit/7a680e88494d90896322e09d4070ed86d221e25b) fix unbound SKIP_TEST variable error * [`e5f8cc995`](https://github.com/containerd/containerd/commit/e5f8cc9953f28f1abdc2f7975a9f5833cc83ee9c) Revert "disable portmap test in ubuntu-22 to make CI happy" * Update runc binary to v1.3.0 ([#11800](https://github.com/containerd/containerd/pull/11800)) * [`b001469c7`](https://github.com/containerd/containerd/commit/b001469c70a4489c1453cfe856055b15c536645f) Update runc binary to v1.3.0 * Refresh OAuth tokens when they expire during registry operations ([#11721](https://github.com/containerd/containerd/pull/11721)) * [`a6421da84`](https://github.com/containerd/containerd/commit/a6421da84bb59dcf3680eb472b78f2eae8086f9b) remotes/docker/authorizer.go: invalidate auth tokens when they expire. * [CI] Fix vagrant ([#11739](https://github.com/containerd/containerd/pull/11739)) * [`effc49e8b`](https://github.com/containerd/containerd/commit/effc49e8b096bebfd73effb9257ad4fd80aa4e84) Fix vagrant setup * Fix CI ([#11722](https://github.com/containerd/containerd/pull/11722)) * [`d3e7dd716`](https://github.com/containerd/containerd/commit/d3e7dd716a7988bf49f92972998a5260fd538505) Skip criu on Arms * [`7cf9ebe94`](https://github.com/containerd/containerd/commit/7cf9ebe94676a443f5df2802f2c784a93dba6b9a) Disable port mapping tests in CRI-in-UserNS * [`42657a4ed`](https://github.com/containerd/containerd/commit/42657a4ed1bcc2a5162264cb820d97bdd0a56a6b) disable portmap test in ubuntu-22 to make CI happy * [`b300fd37b`](https://github.com/containerd/containerd/commit/b300fd37b840dcad8c0635e1f8ce848413441445) add option to skip tests in critest * [`6f4ffad27`](https://github.com/containerd/containerd/commit/6f4ffad27695c7e297c0052091b0d5e7fad7e48a) Address cgroup mountpoint does not exist * [`cef298331`](https://github.com/containerd/containerd/commit/cef2983317494d0a7b67e89ef81e083f75102066) Update Ubuntu to 24 * [`2dd9be16e`](https://github.com/containerd/containerd/commit/2dd9be16e71e97b922ae42b05a7ae837c28563ca) ci: update GitHub Actions release runner to ubuntu-24.04 * Set default differ for the default unpack config of transfer service ([#11689](https://github.com/containerd/containerd/pull/11689)) * [`e40e59e4e`](https://github.com/containerd/containerd/commit/e40e59e4ee8e7fb00213065c6fabbec8d4e7fc7f) Set default differ for the default unpack config of transfer service * silence govulncheck false positives ([#11679](https://github.com/containerd/containerd/pull/11679)) * [`ff097d5a4`](https://github.com/containerd/containerd/commit/ff097d5a4c1a427d10fa989895d05f78c0b52893) silence govulncheck false positives * vendor: github.com/go-jose/go-jose/v3 v3.0.4 ([#11619](https://github.com/containerd/containerd/pull/11619)) * [`52dd4dc51`](https://github.com/containerd/containerd/commit/52dd4dc51070fc93f13f048d3a919ccbf2b042aa) vendor: github.com/go-jose/go-jose/v3 v3.0.4 * Remove invalid error log when stopping container after containerd restart ([#11620](https://github.com/containerd/containerd/pull/11620)) * [`24f41d2d5`](https://github.com/containerd/containerd/commit/24f41d2d5c6514e2f0a6f553f80183ff274ec230) use shimCtx for fifo copy * Update runc binary to v1.2.6 ([#11584](https://github.com/containerd/containerd/pull/11584)) * [`1e1e78ad7`](https://github.com/containerd/containerd/commit/1e1e78ad7cab8d6f50be6bcf0ef7178a2ba3e207) Update runc binary to v1.2.6 * Use RWMutex in NSMap and reduce lock area ([#11556](https://github.com/containerd/containerd/pull/11556)) * [`9a8d1d44a`](https://github.com/containerd/containerd/commit/9a8d1d44a1dee8f805ad0b071b686887222a1fe7) Use RWMutex in NSMap and reduce lock area </p> </details> ### Dependency Changes * **github.com/go-jose/go-jose/v3** v3.0.3 -> v3.0.4 * **golang.org/x/crypto** v0.31.0 -> v0.40.0 * **golang.org/x/mod** v0.17.0 -> v0.26.0 * **golang.org/x/net** v0.33.0 -> v0.42.0 * **golang.org/x/oauth2** v0.11.0 -> v0.30.0 * **golang.org/x/sync** v0.10.0 -> v0.16.0 * **golang.org/x/sys** v0.28.0 -> v0.34.0 * **golang.org/x/term** v0.27.0 -> v0.33.0 * **golang.org/x/text** v0.21.0 -> v0.27.0 * **golang.org/x/time** 90d013bbcef8 -> v0.12.0 Previous release can be found at [v1.7.27](https://github.com/containerd/containerd/releases/tag/v1.7.27)
-
v1.6.39
b4506601 · ·containerd 1.6.39 Welcome to the v1.6.39 release of containerd! The thirty-ninth patch release for containerd 1.6 contains various fixes and updates. ### Highlights #### Runtime * Fix close container io not closed when runtime create failed ([#12052](https://github.com/containerd/containerd/pull/12052)) * Update runc binary to v1.3.0 ([#11799](https://github.com/containerd/containerd/pull/11799)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Akihiro Suda * Austin Vazquez * Phil Estes * Derek McGowan * Kirtana Ashok * Akhil Mohan * Maksym Pavlenko * Mike Brown * madraceee * ningmingxiao * zounengren ### Changes <details><summary>33 commits</summary> <p> * Prepare release notes for v1.6.39 ([#12045](https://github.com/containerd/containerd/pull/12045)) * [`22134cbfe`](https://github.com/containerd/containerd/commit/22134cbfea295649f9c43212c1fb14444cfe93ed) Prepare release notes for v1.6.39 * ci: bump Go 1.23.11, 1.24.5 ([#12118](https://github.com/containerd/containerd/pull/12118)) * [`067a639f6`](https://github.com/containerd/containerd/commit/067a639f6076d3a655533edf470aa0534930eb0d) ci: bump Go 1.23.11, 1.24.5 * Backport windows test fixes ([#12122](https://github.com/containerd/containerd/pull/12122)) * [`9cc952fb0`](https://github.com/containerd/containerd/commit/9cc952fb0b8e092b40c6187209dc9624377cb6cd) Fix intermittent test failures on Windows CIs * [`555a34af0`](https://github.com/containerd/containerd/commit/555a34af0511f64eafcc1141b5a0a0e996f2751e) Remove WS2025 from CIs due to regression * ci: use fedora 39 archive ([#12125](https://github.com/containerd/containerd/pull/12125)) * [`b58df07d6`](https://github.com/containerd/containerd/commit/b58df07d680e1872bd598b48c4b304c81d6697e4) ci: use fedora 39 archive * go.mod: github.com/containerd/btrfs v1.0.1 ([#12105](https://github.com/containerd/containerd/pull/12105)) * [`fa4b325e0`](https://github.com/containerd/containerd/commit/fa4b325e079be2b2b859f8dc8d6d1bab4ea14d29) go.mod: github.com/containerd/btrfs v1.0.1 * go.mod: golang.org/x/* latest, github.com/go-jose/go-jose/v3 v3.0.4 ([#12095](https://github.com/containerd/containerd/pull/12095)) * [`2c9f5778f`](https://github.com/containerd/containerd/commit/2c9f5778f04dc51ffa26f9dc9fae2bdd8b9699c8) Fix lint failures * [`b2576bb82`](https://github.com/containerd/containerd/commit/b2576bb82454a36b0f3f65e906d1365f44003d61) go.mod: github.com/go-jose/go-jose/v3 v3.0.4 * [`262e98e90`](https://github.com/containerd/containerd/commit/262e98e90504eca34a2420003d3eaaffd353cd46) go.mod: golang.org/x/* latest * Fix close container io not closed when runtime create failed ([#12052](https://github.com/containerd/containerd/pull/12052)) * [`22f669a7c`](https://github.com/containerd/containerd/commit/22f669a7c0bc30beaa7337a02646ec882d3f2174) bugfix:close container io when runtime create failed * backport windows runner and golang toolchain updates ([#12005](https://github.com/containerd/containerd/pull/12005)) * [`c165cc68b`](https://github.com/containerd/containerd/commit/c165cc68beec6ab59f037da8cfb37fe768e98848) ci: bump Go 1.24.4 in CI * [`ffacabc05`](https://github.com/containerd/containerd/commit/ffacabc054b3fc21eea11482aff2f56f732c0526) ci: bump golang [1.23.9, 1.24.3] in build and release * [`3ec9965e8`](https://github.com/containerd/containerd/commit/3ec9965e8e5669cdd10813d4f5dc71df46547fbf) use go1.23.8 as the default go version * [`e62a059a2`](https://github.com/containerd/containerd/commit/e62a059a2a0b2b63c60bac0130d4053eb1b4207a) update to go 1.24.2, 1.23.8 * [`d430f3277`](https://github.com/containerd/containerd/commit/d430f3277ea945385d408e6b1ffde9ab7e8ac9f5) Enable CIs to run on WS2022 and WS2025 * Update runc binary to v1.3.0 ([#11799](https://github.com/containerd/containerd/pull/11799)) * [`d00ccf523`](https://github.com/containerd/containerd/commit/d00ccf523dfee664e2ec158a19f88d731fdff237) Update runc binary to v1.3.0 * test: added runc v1 support in vagrant ([#11913](https://github.com/containerd/containerd/pull/11913)) * [`9e49725bf`](https://github.com/containerd/containerd/commit/9e49725bf455606d0843360268acb549b0da7967) test: added runc v1 support in vagrant * : Fix CI ([#11804](https://github.com/containerd/containerd/pull/11804)) * [`57250c719`](https://github.com/containerd/containerd/commit/57250c7197b60b6a06d65f2c1a9b07b0b8605a83) Skip criu on Arms * [`9d350bbbd`](https://github.com/containerd/containerd/commit/9d350bbbdabb45ea248cd5266322965874290ed2) Address cgroup mountpoint does not exist * [`78cbefc95`](https://github.com/containerd/containerd/commit/78cbefc954ec04caa26e7e09b8d8de12960988a0) ci: update GitHub Actions release runner to ubuntu-24.04 * Update runc binary to v1.2.6 ([#11585](https://github.com/containerd/containerd/pull/11585)) * [`2325157ed`](https://github.com/containerd/containerd/commit/2325157ed07ac38f8fe260063c1cd52d73a36a01) Update runc binary to v1.2.6 </p> </details> ### Changes from containerd/btrfs <details><summary>12 commits</summary> <p> * Fix `error: implicit declaration of function ‘memcpy’` ([containerd/btrfs#44](https://github.com/containerd/btrfs/pull/44)) * [`3fb5c91`](https://github.com/containerd/btrfs/commit/3fb5c91f016ebdfc72a0c64e81889defdb1dd51d) CI: update (Go 1.23, etc.) * [`cab79ec`](https://github.com/containerd/btrfs/commit/cab79ec9ea7e1b910e9aef01afbf87efb57ee674) CI: enable jobs for release/1.0 * [`12b3998`](https://github.com/containerd/btrfs/commit/12b3998bdd04e4c8b36d69faf5e65d8157be94c8) Fix `error: implicit declaration of function ‘memcpy’` * Update GitHub actions CI workflow ([containerd/btrfs#38](https://github.com/containerd/btrfs/pull/38)) * [`5d1f727`](https://github.com/containerd/btrfs/commit/5d1f7270e597460ff18660b50a5fbc96d81dd6d6) Update GitHub actions CI workflow * Upgrade Go compiler from Go 1.16 to Go 1.19 ([containerd/btrfs#39](https://github.com/containerd/btrfs/pull/39)) * [`d16e22b`](https://github.com/containerd/btrfs/commit/d16e22bc2cf48d71f14ee79d1c3a6d8c944dd759) Upgrade Go compiler from Go 1.16 to Go 1.19 * replace pkg/errors ([containerd/btrfs#35](https://github.com/containerd/btrfs/pull/35)) * [`9933796`](https://github.com/containerd/btrfs/commit/9933796ae83cea9d4d9b239c76440c1ff14c4e7b) replace pkg/errors * Branch rename for GH Actions ([containerd/btrfs#33](https://github.com/containerd/btrfs/pull/33)) * [`1aff978`](https://github.com/containerd/btrfs/commit/1aff97820a2be844266702bb611b1767d4cfcc00) Branch rename for GH Actions </p> </details> ### Dependency Changes * **cloud.google.com/go/compute/metadata** v0.2.3 -> v0.3.0 * **github.com/containerd/btrfs** v1.0.0 -> v1.0.1 * **github.com/go-jose/go-jose/v3** v3.0.3 -> v3.0.4 * **golang.org/x/crypto** v0.21.0 -> v0.40.0 * **golang.org/x/net** v0.23.0 -> v0.42.0 * **golang.org/x/oauth2** v0.11.0 -> v0.30.0 * **golang.org/x/sync** v0.3.0 -> v0.16.0 * **golang.org/x/sys** v0.18.0 -> v0.34.0 * **golang.org/x/term** v0.18.0 -> v0.33.0 * **golang.org/x/text** v0.14.0 -> v0.27.0 * **golang.org/x/time** 1f47c861a9ac -> v0.12.0 Previous release can be found at [v1.6.38](https://github.com/containerd/containerd/releases/tag/v1.6.38)
-
v2.1.3
c787fb98 · ·containerd 2.1.3 Welcome to the v2.1.3 release of containerd! The third patch release for containerd 2.1 contains various fixes and updates to address pull issues with some registries. ### Highlights #### Image Distribution * Fix multipart fetch issue when the server does not return content length ([#12003](https://github.com/containerd/containerd/pull/12003)) * Update transfer service supported platforms logic ([#11999](https://github.com/containerd/containerd/pull/11999)) * Fix import for local transfer service ([#12000](https://github.com/containerd/containerd/pull/12000)) * Fix registry errors with transfer service ([#11979](https://github.com/containerd/containerd/pull/11979)) * Fix fetch always adding range to requests ([#12001](https://github.com/containerd/containerd/pull/12001)) * Update fetcher errors to include full registry error ([#11997](https://github.com/containerd/containerd/pull/11997)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Phil Estes * Adrien Delorme ### Changes <details><summary>15 commits</summary> <p> * Prepare release notes for v2.1.3 ([#12002](https://github.com/containerd/containerd/pull/12002)) * [`627729341`](https://github.com/containerd/containerd/commit/62772934139be6d2b648a16b412d847dc0aef09c) Prepare release notes for v2.1.3 * Fix multipart fetch issue when the server does not return content length ([#12003](https://github.com/containerd/containerd/pull/12003)) * [`7636bd5eb`](https://github.com/containerd/containerd/commit/7636bd5eb2525babefd2983d38f6e1133843eb94) fix when multipart fetching and the server does not return content length * Update transfer service supported platforms logic ([#11999](https://github.com/containerd/containerd/pull/11999)) * [`3c5ede878`](https://github.com/containerd/containerd/commit/3c5ede878a7cb2d7a04a40e8ed1086718402fdf3) Update transfer supported platforms logic * Fix import for local transfer service ([#12000](https://github.com/containerd/containerd/pull/12000)) * [`fb752bc8e`](https://github.com/containerd/containerd/commit/fb752bc8ed456ff40ceb516dcb72830678cae1ab) fix import for local transfer service * Fix registry errors with transfer service ([#11979](https://github.com/containerd/containerd/pull/11979)) * [`f6d926314`](https://github.com/containerd/containerd/commit/f6d92631401562eba488a986a22002025d2860c9) Register remote errors for clients to access registry errors * [`7c1813345`](https://github.com/containerd/containerd/commit/7c18133453a495df7a334fde31423c56d42265c2) Decode grpc errors in the transfer client proxy * Fix fetch always adding range to requests ([#12001](https://github.com/containerd/containerd/pull/12001)) * [`babacebad`](https://github.com/containerd/containerd/commit/babacebadc0738e6b016e2f366cdf4bdf893a1a5) Fix fetch always adding range to requests * Update fetcher errors to include full registry error ([#11997](https://github.com/containerd/containerd/pull/11997)) * [`f30be44ad`](https://github.com/containerd/containerd/commit/f30be44ad31166bb4f4644255c5db59b9f47bb22) Update fetcher errors to include full registry error </p> </details> ### Dependency Changes This release has no dependency changes Previous release can be found at [v2.1.2](https://github.com/containerd/containerd/releases/tag/v2.1.2) ### Which file should I download? * `containerd-<VERSION>-<OS>-<ARCH>.tar.gz`: ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04). * `containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz`: Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent. In addition to containerd, typically you will have to install [runc](https://github.com/opencontainers/runc/releases) and [CNI plugins](https://github.com/containernetworking/plugins/releases) from their official sites too. See also the [Getting Started](https://github.com/containerd/containerd/blob/main/docs/getting-started.md) documentation.
-
v2.1.2
64ed2720 · ·containerd 2.1.2 Welcome to the v2.1.2 release of containerd! The second patch release for containerd 2.1 contains various fixes and updates. ### Highlights * Fix check of wrapped errors in erofs snapshotter ([#11935](https://github.com/containerd/containerd/pull/11935)) #### Go client * Improve mount error message ([#11884](https://github.com/containerd/containerd/pull/11884)) #### Image Distribution * Fix transfer differ selection ([#11936](https://github.com/containerd/containerd/pull/11936)) * Enable DuplicationSuppressor in transfer service ([#11932](https://github.com/containerd/containerd/pull/11932)) #### Runtime * Properly shutdown non-groupable shims to prevent resource leaks ([#11971](https://github.com/containerd/containerd/pull/11971)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Akihiro Suda * Kirtana Ashok * Austin Vazquez * Maksym Pavlenko * ningmingxiao * Gao Xiang * Henry Wang * Jin Dong * Phil Estes * Wei Fu ### Changes <details><summary>28 commits</summary> <p> * Prepare release notes for v2.1.2 ([#11962](https://github.com/containerd/containerd/pull/11962)) * [`63b9eae62`](https://github.com/containerd/containerd/commit/63b9eae62e4a927269d3c7d1d0a50eb9095c1ee1) Prepare release notes for v2.1.2 * Properly shutdown non-groupable shims to prevent resource leaks ([#11971](https://github.com/containerd/containerd/pull/11971)) * [`cff1feb28`](https://github.com/containerd/containerd/commit/cff1feb28c79f1f8f792f6284335f08f065bae1f) *: properly shutdown non-groupable shims to prevent resource leaks * ci: bump golang [1.23.10,1.24.4] in build and release ([#11968](https://github.com/containerd/containerd/pull/11968)) * [`2ce169aae`](https://github.com/containerd/containerd/commit/2ce169aae05d76f820ad977e8ea195938ced98a1) ci: bump golang [1.23.10,1.24.4] in build and release * Backport Enable CIs to run on WS2022 and WS2025 ([#11955](https://github.com/containerd/containerd/pull/11955)) * [`70bcb9b55`](https://github.com/containerd/containerd/commit/70bcb9b55edf9d832a4f8162a12830bcaf646695) Enable CIs to run on WS2022 and WS2025 * cri:use debug level when receive exec process exited events ([#11848](https://github.com/containerd/containerd/pull/11848)) * [`40575a15f`](https://github.com/containerd/containerd/commit/40575a15f212903a838381fc893560a86ba8b485) cri:use debug level when receive exec process exited events * build(deps): bump google.golang.org/grpc from 1.72.0 to 1.72.2 ([#11952](https://github.com/containerd/containerd/pull/11952)) * [`c71f77170`](https://github.com/containerd/containerd/commit/c71f77170ef2640197884644acfe5ba28b3cf6ab) build(deps): bump google.golang.org/grpc from 1.72.0 to 1.72.2 * Fix transfer differ selection ([#11936](https://github.com/containerd/containerd/pull/11936)) * [`4bcea74de`](https://github.com/containerd/containerd/commit/4bcea74decd64dcbf616f56b47cf8f5b4a2a586f) Update differ selection in transfer service to prefer default * [`0c3cd8a99`](https://github.com/containerd/containerd/commit/0c3cd8a99529849ee2e3f9661ebfa937f3f9be66) Add debug log when transfer returns not implemented * [`820e56765`](https://github.com/containerd/containerd/commit/820e56765083b50d0e8f4baf06f4804700f33a92) Add more error details when unpack fails to extract * Fetch image with default platform only in TestExportAndImportMultiLayer ([#11943](https://github.com/containerd/containerd/pull/11943)) * [`9b6c1949a`](https://github.com/containerd/containerd/commit/9b6c1949af50ee264d1d3a8b1aafd05149c4b8fe) Fetch image with default platform only in TestExportAndImportMultiLayer * Fix check of wrapped errors in erofs snapshotter ([#11935](https://github.com/containerd/containerd/pull/11935)) * [`480126f50`](https://github.com/containerd/containerd/commit/480126f5079e501228553038a584ce8542807d89) erofs-snapshotter: fix to work with wrapped errors * Enable DuplicationSuppressor in transfer service ([#11932](https://github.com/containerd/containerd/pull/11932)) * [`d82921ff5`](https://github.com/containerd/containerd/commit/d82921ff59cc91c1d75d35cc1cb3a5e709da9fdd) Enable DuplicationSuppressor in transfer service * ci: bump golang [1.23.9, 1.24.3] in build and release ([#11889](https://github.com/containerd/containerd/pull/11889)) * [`0bb25c3d6`](https://github.com/containerd/containerd/commit/0bb25c3d6cbb6eaf8d091b9f728776efdffe4859) ci: bump golang [1.23.9, 1.24.3] in build and release * Improve mount error message ([#11884](https://github.com/containerd/containerd/pull/11884)) * [`ac8e84efc`](https://github.com/containerd/containerd/commit/ac8e84efc384a728fbc498cf58f8c689263c857a) client:improve mount error message * Add symlink breakout test for overriden path ([#11887](https://github.com/containerd/containerd/pull/11887)) * [`dd2ce49d0`](https://github.com/containerd/containerd/commit/dd2ce49d0f23b0a190b86583c90a5a3eea4cdd4f) Add symlink breakout test for overriden path </p> </details> ### Dependency Changes * **google.golang.org/grpc** v1.72.0 -> v1.72.2 Previous release can be found at [v2.1.1](https://github.com/containerd/containerd/releases/tag/v2.1.1) ### Which file should I download? * `containerd-<VERSION>-<OS>-<ARCH>.tar.gz`: ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04). * `containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz`: Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent. In addition to containerd, typically you will have to install [runc](https://github.com/opencontainers/runc/releases) and [CNI plugins](https://github.com/containernetworking/plugins/releases) from their official sites too. See also the [Getting Started](https://github.com/containerd/containerd/blob/main/docs/getting-started.md) documentation.
-
v2.1.1
cb107664 · ·containerd 2.1.1 Welcome to the v2.1.1 release of containerd! The first patch release for containerd 2.1 fixes a critical vulnernability (CVE-2025-47290) which was first introduced in 2.1.0. See the [Github Advisory](https://github.com/containerd/containerd/security/advisories/GHSA-cm76-qm8v-3j95) for more details. This release also contains a few smaller updates and bux fixes. ### Highlights #### Image Storage * Fix erofs media type handling ([#11855](https://github.com/containerd/containerd/pull/11855)) #### Runtime * Reduce shim cleanup log level and add more context ([#11831](https://github.com/containerd/containerd/pull/11831)) #### Deprecations * Update removal version for deprecated registry config fields ([#11835](https://github.com/containerd/containerd/pull/11835)) Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Akihiro Suda * Samuel Karp * Derek McGowan * Gao Xiang * Akhil Mohan * Chris Henzie * Phil Estes * Sebastiaan van Stijn * ningmingxiao ### Changes <details><summary>17 commits</summary> <p> * [`cb1076646`](https://github.com/containerd/containerd/commit/cb1076646aa3740577fafbf3d914198b7fe8e3f7) Merge commit from fork * [`216667ba0`](https://github.com/containerd/containerd/commit/216667ba0ada456a2647e52dd2181e9dbd857d93) Prepare release notes for 2.1.1 * [`ac00b8e61`](https://github.com/containerd/containerd/commit/ac00b8e6108c6925ef4ab39e9b87e956a2efdabf) Revert "perf(applyNaive): avoid walking the tree for each file in the same directory" * build(deps): bump github.com/Microsoft/hcsshim ([#11847](https://github.com/containerd/containerd/pull/11847)) * [`444ca17cd`](https://github.com/containerd/containerd/commit/444ca17cd9baa2f68572bcf28af4eea7b12c2f1d) update runhcs version to v0.13.0 * [`0684f1c44`](https://github.com/containerd/containerd/commit/0684f1c44d021e7ef1ba26fc73b8922633d10403) build(deps): bump github.com/Microsoft/hcsshim * Fix erofs media type handling ([#11855](https://github.com/containerd/containerd/pull/11855)) * [`e1817a401`](https://github.com/containerd/containerd/commit/e1817a401f94698cdf8fdc01d8d0e2b4f1f463e7) docs/snapshotters/erofs.md: a tip for improved performance * [`2168cb92c`](https://github.com/containerd/containerd/commit/2168cb92c9cf89aaad06be9ae49fce49ed4972d8) erofs-differ: fix EROFS native image support * Reduce shim cleanup log level and add more context ([#11831](https://github.com/containerd/containerd/pull/11831)) * [`7fcbc3c46`](https://github.com/containerd/containerd/commit/7fcbc3c46a2e0fdf55082216b8eca3f8f09eb4e0) core/runtime/v2: cleanup shim-cleanup logs * Update removal version for deprecated registry config fields ([#11835](https://github.com/containerd/containerd/pull/11835)) * [`37d6c4236`](https://github.com/containerd/containerd/commit/37d6c42368a3e139fb516064ff4eb9637f197c7a) Update removal version for deprecated registry config fields * ctr:make sure containerd socket exist before create client ([#11827](https://github.com/containerd/containerd/pull/11827)) * [`e7be076d4`](https://github.com/containerd/containerd/commit/e7be076d48eba3ffa11a4be1133b92987227e776) ctr:make sure containerd socket exist before create client * .github: mark 2.1 releases as latest ([#11821](https://github.com/containerd/containerd/pull/11821)) * [`c90524d5f`](https://github.com/containerd/containerd/commit/c90524d5f4c8cec87ce3639263a42e6fa4555ef5) .github: mark 2.1 releases as latest </p> </details> ### Dependency Changes * **github.com/Microsoft/hcsshim** v0.13.0-rc.3 -> v0.13.0 Previous release can be found at [v2.1.0](https://github.com/containerd/containerd/releases/tag/v2.1.0) ### Which file should I download? * `containerd-<VERSION>-<OS>-<ARCH>.tar.gz`: ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04). * `containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz`: Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent. In addition to containerd, typically you will have to install [runc](https://github.com/opencontainers/runc/releases) and [CNI plugins](https://github.com/containernetworking/plugins/releases) from their official sites too. See also the [Getting Started](https://github.com/containerd/containerd/blob/main/docs/getting-started.md) documentation.