Skip to content

containerd 2.0.3

Latest
Latest
Compare
Choose a tag to compare
@github-actions github-actions released this 01 Mar 05:22
· 0 commits to master since this release
v2.0.3
This tag was signed with the committer’s verified signature.
dmcgowan Derek McGowan
GPG key ID: F58C5D0A4405ACDB
Verified
Learn about vigilant mode.
06b99ca
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Welcome to the v2.0.3 release of containerd!

The third patch release for containerd 2.0 includes various bug fixes and updates.

Highlights

  • Update remote content to break up writes to avoid grpc message size limits (#11457)
  • Update runc binary to v1.2.5 (#11394)

Container Runtime Interface (CRI)

  • Fix privileged container sysfs can't be rw because pod is ro by default (#11456)
  • Fix recursive RLock() mutex acquisition (containerd/go-cni#126)

Node Resource Interface (NRI)

  • Fix initial sync race when registering NRI plugins (#11329)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Akihiro Suda
  • Mike Brown
  • Phil Estes
  • Akhil Mohan
  • Chifeng Cai
  • Krisztian Litkey
  • Wei Fu
  • Andrey Smirnov
  • Austin Vazquez
  • Chris Henzie
  • Jing Xu
  • Jonathan A. Sternberg
  • Jose Fernandez
  • Kirtana Ashok
  • Lei Liu
  • Maksym Pavlenko
  • Michael Zappa
  • Samuel Karp
  • fengwei0328
  • zounengren

Changes

42 commits

  • Prepare release notes for v2.0.3 (#11443)
  • Update remote content to break up writes to avoid grpc message size limits (#11457)
    • eaa7ca80d proxy: break up writes from the remote writer to avoid grpc limits
  • Fix privileged container sysfs can't be rw because pod is ro by default (#11456)
    • c7f64196f Fix privileged container sysfs can't be rw because pod is ro by default
  • go.{mod,sum}: bump CDI deps to v.0.8.1. (#11430)
  • Prefer runtime options for PluginInfo request (#11446)
    • 569af34cb Prefer runtime options for PluginInfo request
  • pkg: prevent oom watcher from depending on shim pkg (#11439)
    • 0ce93e16a prevent oom watcher depend on shim pkg.
  • CI: arm64-8core-32gb -> ubuntu-24.04-arm (#11436)
    • f3284aa68 CI: arm64-8core-32gb -> ubuntu-24.04-arm
  • Revert "Add timestamp to PodSandboxStatusResponse for kubernetes Evented PLEG" (#11403)
    • b5313993c Revert "Add timestamp to PodSandboxStatusResponse for kubernetes Evented PLEG"
  • move the device after the options when using mkfs.ext4 (#11411)
    • f95a426b8 move the device after the options when using mkfs.ext4
  • update build to go1.23.6, test go1.24.0 (#11410)
    • 4d19a6adf update build to go1.23.6, test go1.24.0
  • build(deps): bump actions/cache from 4.1.2 to 4.2.0 (#11405)
    • c738c3aab build(deps): bump actions/cache from 4.1.2 to 4.2.0
  • Upgrade x/net to 0.33.0 to fix vulnerability GHSA-w32m-9786-jp63 (#11387)
  • Update install-imgcrypt to allow change install repo (#11357)
    • 0785bd8cc Update install-imgcrypt to allow change install repo
  • Update runc binary to v1.2.5 (#11394)
  • Update go-cni version to fix Race Condition issue (#11269)
  • Fix initial sync race when registering NRI plugins (#11329)
    • 79cdbf61b cri,nri: block NRI plugin sync. during event processing.
  • Update github.com/containerd/imgcrypt to v2.0.0 (#11325)
    • 9d5cfce83 Update github.com/containerd/imgcrypt to v2.0.0
  • Move CDI device spec out of the OCI package (#11265)
    • f58939c33 Remove deprecated WithCDIDevices in oci spec opts
    • 3d53430fe Move CDI device spec out of the OCI package
  • update to go1.23.5 / go1.22.11 (#11297)
  • build(deps): bump google.golang.org/protobuf from 1.35.1 to 1.35.2 (#11263)
    • 3a6ab80d0 build(deps): bump google.golang.org/protobuf from 1.35.1 to 1.35.2

Changes from containerd/go-cni

2 commits

Dependency Changes

  • github.com/containerd/go-cni v1.1.11 -> v1.1.12
  • github.com/containerd/imgcrypt/v2 v2.0.0-rc.1 -> v2.0.0
  • github.com/containers/ocicrypt v1.2.0 -> v1.2.1
  • github.com/petermattis/goid 4fcff4a6cae7 new
  • github.com/sasha-s/go-deadlock v0.3.5 new
  • github.com/smallstep/pkcs7 v0.1.1 new
  • golang.org/x/crypto v0.28.0 -> v0.31.0
  • golang.org/x/net v0.30.0 -> v0.33.0
  • golang.org/x/oauth2 v0.22.0 -> v0.23.0
  • golang.org/x/sync v0.8.0 -> v0.10.0
  • golang.org/x/sys v0.26.0 -> v0.28.0
  • golang.org/x/term v0.25.0 -> v0.27.0
  • golang.org/x/text v0.19.0 -> v0.21.0
  • google.golang.org/grpc v1.67.1 -> v1.68.1
  • google.golang.org/protobuf v1.35.1 -> v1.35.2
  • tags.cncf.io/container-device-interface v0.8.0 -> v0.8.1

Previous release can be found at v2.0.2

Which file should I download?

  • containerd-<VERSION>-<OS>-<ARCH>.tar.gz: ✅Recommended. Dynamically linked with glibc 2.31 (Ubuntu 20.04).
  • containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz: Statically linked. Expected to be used on non-glibc Linux distributions. Not position-independent.

In addition to containerd, typically you will have to install runc
and CNI plugins from their official sites too.

See also the Getting Started documentation.

Assets 25
Loading