Bump nerdctl from 1.7.6 to 2.0.0 #73
Open
+73
−1
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
v2.0.0
Tag: v2.0.0
Published at: 2024-11-06T00:47:46Z
URL: Release v2.0.0
Description:
nerdctl v2.0 is released in unison with containerd v2.0, but it continues to work with containerd v1.6 and v1.7 too.
The release of nerdctl v2.1 is NOT planned to be synchronized with containerd v2.1.
Changes
nerdctl v2 enables "detach-netns" for Rootless mode by default (# 2723).
This will bring:
nerdctl pull
,nerdctl push
,nerdctl build
, etcnerdctl pull 127.0.0.1:.../...
nerdctl run --net=host
Depends on RootlessKit >= v2.0 and BuildKit >= v0.13 (included in
nerdctl-full-*.tar.gz
).Note
After upgrading nerdctl (rootless mode) from v1.x to v2.x, it is highly recommended to
re-install the systemd units and the configurations:
Show more
Other major changes:
nerdctl run
:--systemd=(true|false|always)
flag for running systemd in containers flag (# 2785, thanks to @sazzy4o)--ipc=(shareable|container:<container>)
flag (# 2757, thanks to @minuk-dev)--annotation
flag (# 2906)nerdctl run --label
is only set as a containerd label and not propagated as an OCI annotation. A label with thenerdctl/
prefix can no longer be set manually, with an exception fornerdctl/bypass4netns
. Thenerdctl/bypass4netns
label is still allowed and is propagated to an OCI annotation, for sake of compatibility.--sig-proxy
flag (# 3043, thanks to @CodeChanning)--attach
flag (# 3157, thanks to @CodeChanning)--name
is relaxed to support longer names (# 3279, thanks to @Shubhranshu153)--security-opt systempaths=unconfined
flag (# 3533, thanks to @austinvazquez)--network ns:<PATH>
flag (# 3538, thanks to @dancavallaro)--log-driver=none
flag (# 3633, thanks to @coderbirju)nerdctl build
:--attest
,--sbom
, and--provenance
flags (# 2786, thanks to @yankay)--pull
flag (# 3074, thanks to @sondavidb)nerdctl ps
:--format=json
is changed for better Docker compatibility (# 2987, # 3058, thanks to @apostasie and @yankay)nerdctl inspect
:--size
flag (# 3021, thanks to @apostasie)nerdctl network
:nerdctl --namespace=foo network list
no longer shows networks created withnerdctl --namespace=bar network create
(# 3096, thanks to @apostasie)nerdctl compose up
:--abort-on-container-exit
flag (# 2873, thanks to @alegrey91)nerdctl builder prune
:--all
flag (# 3316, thanks to @austinvazquez)--force
flag (# 3316, thanks to @austinvazquez)nerdctl image prune
:--filter
flag (# 3319, thanks to @austinvazquez)nerdctl image load
:--quiet
flag (# 3551, thanks to @austinvazquez)Included components
below.Full changes: https://github.com/containerd/nerdctl/milestone/37?closed=1
Thanks to @CerberusQc @CodeChanning @Iceber @Shikachuu @Shubhranshu153 @TBBle @THLIVSQAZ @TinaMor @abitrolly @alegrey91 @apostasie @austinvazquez @bobcallaway @cezar-r @chews93319 @coderbirju @curlwget @dancavallaro @djdongjin @dmcgowan @fahedouch @frits-v @fwilhe2 @haytok @jmpargana @kebe7jun @ktock @lingdie @manugupt1 @midnight-wonderer @minuk-dev @monirul @pendo324 @qianxi0410 @roman-kiselenko @sazzy4o @sondavidb @testwill @thaJeztah @xyz-li @yankay @zjumoon01 @zwpaper
Compatible containerd versions
This release of nerdctl is expected to be used with containerd v1.6, v1.7, or v2.0.
About the binaries
nerdctl-2.0.0-linux-amd64.tar.gz
): nerdctl onlynerdctl-full-2.0.0-linux-amd64.tar.gz
): Includes dependencies such as containerd, runc, and CNIMinimal
Extract the archive to a path like
/usr/local/bin
or~/bin
.tar Cxzvvf /usr/local/bin nerdctl-2.0.0-linux-amd64.tar.gz
Full
Extract the archive to a path like
/usr/local
or~/.local
.tar Cxzvvf /usr/local nerdctl-full-2.0.0-linux-amd64.tar.gz
Included components
See
share/doc/nerdctl-full/README.md
:Quick start
Rootful
Rootless
Enabling cgroup v2 is highly recommended for rootless mode, see https://rootlesscontaine.rs/getting-started/common/cgroup2/ .
The binaries were built automatically on GitHub Actions.
The build log is available for 90 days: https://github.com/containerd/nerdctl/actions/runs/11694883870
The sha256sum of the SHA256SUMS file itself is
304a5a826358d302ed3c290146b8c67215da3906b559f801b88a148a5033a3be
.Release manager: @AkihiroSuda
Commits
ef588da
Merge pull request # 3646 from AkihiroSuda/dev7103b54
update SOCI snapshotter (0.8.0)29f3ff6
update containerd-fuse-overlayfs (2.0.0)2380710
update BuildKit (0.17.0)4f64af9
update runc (1.2.1)