Releases: opencontainers/runc
runc 1.0-rc5 -- "The Final Stretch"
This is planned to be the final -rc release of runc. While we really
haven't followed the rules for release candidates (with huge features
introduced each release, and with massive gaps between releases) the
hope is that once we've release 1.0.0 we will be much more liberal with
releases in future. Let's see how that pans out. :P
NOTE: This release's artefacts were updated on 2020-07-30 to correct an
LGPL compliance issue (we previously did not include the source code of
libseccomp
with our releases) and thus we had to recompile ourrunc
binaries to be sure we were distributing the correct version oflibseccomp
.
All of the binaries are still signed by the same maintainer key, and thus can
still be easily validated.
NOTE: This release's artefacts were updated on 2021-04-07, to correct an
issue with the .tar.xz archive from 2020-07-30 (the archive had malformed
paths due to a bug in historical release scripts -- which caused the update
on 2020-07-30 to change the checksum of the source code archive). See #2895
for more details. All of the binaries are still signed by the same maintainer
key, and thus can still be easily validated.
Features:
- Support cgroups in rootless containers. This is a continuation of the
previous work done, and allows for users that have specialised setups
(such as having the LXC pam_cg.so module set up) to use cgroups with
rootless containers. #1540 - Add support for newuidmap and newgidmap with rootless containers.
This is a continuation of some previous work, and allows users that
have /etc/sub{uid,gid} configured to use the shadow-utils setuid
helpers. Note that this support doesn't restrict users that don't want
to use setuid binaries at all. #1529 - runc will now use a chroot when mount namespaces aren't provided in
the config.json. While chroot does have its (many) downsides, this
does allow for specialised configurations to work properly. #1702 - Expose annotations to hooks, so that the hook can have more direct
information about the container it is being run against. #1687 - Add "runc exec --additional-gids" support. #1608
- Allow more signals to be sent with "runc kill" than are defined by
Go's syscall package. #1706 - Emit an error if users try to use MS_PRIVATE with --no-pivot, as that
is simply not safe. #1606 - Add support for "unbindable" and "runbindable" as rootfs propagation.
#1655 - Implement intelrdt support in runc. #1279 #1590
- Add support for lazy migration with CRIU. This includes the addition
of "runc checkpoint httpd" which acts as a remote pagefault request
server. #1541 - Add MIPS support. #1475
Fixes:
-
Delay seccomp application as late as possible, to reduce the syscall
footprint of runc on profiles. #1569 -
Fix --read-only containers with user namespaces, which would
previously fail under Docker because of privilege problems when trying
to do the read-only remount. #1572 -
Switch away from stateDirFd entirely. This is an improvement over the
protections we added for CVE-2016-9962, and protects against many
other possible container escape bugs. #1570 -
Handle races between "runc start" and "runc delete" over the exec FIFO
correctly, and avoid blocking "runc start" indefinitely. #1698 -
Correctly generate seccomp profiles that place requirements on syscall
arguments, as well as multi-argument restrictions. #1616 #1424 -
Prospective patch for remounting of old-root during pivot_root. This
is intended to solve one of the many "mount leak" bugs that have been
popping up recently -- caused by lots of container churn and host
mounts being pinned during container setup. #1500 -
Fix "runc exec" on big-endian architectures. #1727
-
Correct systemd slice expansion to work with cAdvisor. #1722
-
Fix races against systemd cgroup scope creation. #1683
-
Do not wait for signalled processes if libcontainer is running in a
process that is a subreaper. #1678 -
Remove dependency on libapparmor entirely, and just use
/proc/$pid/attr directly. #1675 -
Handle systemd's quirky CPUQuotaPerSecUSec handling in
fractions-of-a-percent edge-cases. #1651 -
Remove docker/docker import in runc by moving the package to runc.
#1644 -
Switch from docker's pkg/symlink to cyphar/filepath-securejoin. #1622
-
Add /proc/scsi to masked paths (mirror of Docker's CVE-2017-16539).
#1641 -
Add more extensive tests for terminal handling. #1357
-
Always write freezer state during retry-loop, to avoid an indefinite
hang when new tasks are spawned in the container. #1610 -
Create cwd when it doesn't exist in the container. #1604
-
Set initial console size based on process spec, to avoid SIGWINCH
races where initial console size is completely wrong. #1275 -
Use epoll for PTY IO, to avoid issues with systemd's SAK protections.
#1455 -
Update state.json after a "runc update". #1558
-
Switch to umoci's release scripts, to use a more "standardised" and
distribution-friendly release scheme. Several makefile-fixes included
as well. #1554 #1542 #1555 -
Reap "runc:[1:CHILD]" to avoid intermediate zombies building up. #1506
-
Use CRIU's RPC to check the version. #1535
-
Always save own namespace paths rather than the path given during
start-up, to avoid issues where the path disappears afterwards. #1477 -
Fix that we incorrectly set the owners of devices. This is still (subtly)
broken in user namespaces, but will be fixed in a future version. #1743 -
Lots of other miscellaneous fixes and cleanups, many of which were
written by first-time contributors. Thanks for contributing, and
welcome to the project! #1729 #1724 #1695 #1685 #1703 #1699 #1682
#1665 #1667 #1669 #1654 #1664 #1660 #1645 #1640 #1621 #1607 #1206
#1615 #1614 #1453 #1613 #1600 #1599 #1598 #1597 #1593 #1586 #1588
#1587 #1589 #1575 #1578 #1573 #1561 #1560 #1559 #1556 #1551 #1553
#1548 #1544 #1545 #1537
Removals:
- Andrej Vagin stepped down as a maintainer. Thanks for all of your hard
work Andrej, and have fun working on your other projects! #1543
Static Linking Notices
The runc
binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc
acting
as a "work that uses the Library":
The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.
However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.
Thanks to all of the contributors that made this release possible:
- Adrian Reber areber@redhat.com
- Akihiro Suda suda.akihiro@lab.ntt.co.jp
- Aleksa Sarai asarai@suse.de
- Alex Fang littlelightlittlefire@gmail.com
- Allen Sun allensun.shl@alibaba-inc.com
- Andrei Vagin avagin@openvz.org
- Antonio Murdaca runcom@redhat.com
- Bin Lu bin.lu@arm.com
- Danail Branekov danail.branekov@sap.com
- Daniel, Dao Quang Minh dqminh89@gmail.com
- Ed King eking@pivotal.io
- Euan Kemp euan.kemp@coreos.com
- Giuseppe Scrivano gscrivan@redhat.com
- Jianyong Wu jianyong.wu@arm.com
- Kenfe-Mickael Laventure mickael.laventure@gmail.com
- Konstantinos Karampogias konstantinos.karampogias@swisscom.com
- leitwolf7 leitwolf@wolke7.net
- Lorenzo Fontana lo@linux.com
- Ma Shimiao mashimiao.fnst@cn.fujitsu.com
- Matthew Heon mheon@redhat.com
- Michael Crosby crosbymichael@gmail.com
- Mrunal Patel mrunal@me.com
- Nikolas Sepos nikolas.sepos@gmail.com
- Peter Morjan peter.morjan@de.ibm.com
- Petros Angelatos petrosagg@gmail.com
- Qiang Huang h.huangqiang@huawei.com
- ravisantoshgudimetla ravisantoshgudimetla@gmail.com
- s7v7nislands s7v7nislands@gmail.com
- Sebastien Boeuf sebastien.boeuf@intel.com
- Seth Jennings sjenning@redhat.com
- Steven Hartland steven.hartland@multiplay.co.uk
- Sumit Sanghrajka sumit.sanghrajka@gmail.com
- Taeung Song treeze.taeung@gmail.com
- Thomas Hipp thipp@suse.de
- Tobias Klauser tklauser@distanz.ch
- Tom Godkin tgodkin@pivotal.io
- Tycho Andersen tycho@docker.com
- Valentin Kulesh valentin.kulesh@virtuozzo.com
- vikaschoudhary16 choudharyvikas16@gmail.com
- Vincent Demeester vincent@sbr.pm
- Vladimir Stefanovic vladimir.stefanovic@imgtec.com
- vsoch vsochat@stanford.edu
- Will Martin wmartin@pivotal.io
- W. Trevor King wking@tremily.us
- Xiaochen Shen xiaochen.shen@intel.com
- ynirk julien.lavesque@gmail.com
- Yong Tang yong.tang.github@outlook.com
- Yuanhong Peng pengyuanhong@huawei.com
- yupeng yu.peng36@zte.com.cn
Vote: +5 -0 #2
Signed-off-by: Aleksa Sarai asarai@suse.de
runc 1.0-rc4
NOTE: This release's artefacts were updated on 2020-07-30 to correct an
LGPL compliance issue (we previously did not include the source code of
libseccomp
orlibapparmor
with our releases) and thus we had to recompile
ourrunc
binaries to be sure we were distributing the correct version of
libseccomp
andlibapparmor
. All of the binaries are still signed by the
same maintainer key, and thus can still be easily validated.
NOTE: This release's artefacts were updated on 2021-04-07, to correct an
issue with the .tar.xz archive from 2020-07-30 (the archive had malformed
paths due to a bug in historical release scripts -- which caused the update
on 2020-07-30 to change the checksum of the source code archive). See #2895
for more details. All of the binaries are still signed by the same maintainer
key, and thus can still be easily validated.
Features:
- runc now supports v1.0.0 of the OCI runtime specification. #1527
- Rootless containers support has been released. The current state of
this feature is that it only supports single-{uid,gid} mappings as an
unprivileged user, and cgroups are completely unsupported. Work is
being done to improve this. #774 - Rather than relying on CRIU version nnumbers, actually check if the
system supports pre-dumping. #1371 - Allow the PIDs cgroup limit to be updated. #1423
- Add support for checkpoint/restore of containers with orphaned PTYs
(which is effectively all containers with terminal=true). #1355 - Permit prestart hooks to modify the cgroup configuration of a
container. #1239 - Add support for a wide variety of mount options. #1460
- Expose memory.use_hierarchy in MemoryStats. #1378
Fixes:
- Fix incorrect handling of systems without the freezer cgroup. #1387
- Many, many changes to switch away from Go's "syscall" stdlib to
"golang.org/x/sys/unix". #1394 #1398 #1442 #1464 #1467 #1470 #1474
#1478 #1491 #1482 #1504 #1519 #1530 - Set cgroup resources when restoring a container. #1399
- Switch back to using /sbin as the installation directory. #1406
- Remove the arbitrary container ID length restriction. #1435
- Make container force deletion ignore non-existent containers. #1451
- Improve handling of arbitrary cgroup mount locations when populating
cpuset. #1372 - Make the SaneTerminal interface public. #1479
- Fix cases where runc would report a container to be in a "Running"
state if the init was a zombie or dead. #1489 - Do not set supplementary groups for numeric users. #1450
- Fix various issues with the "owner" field in runc-list. #1516
- Many other miscellaneous fixes, some of which were made by first-time
contributors. Thanks, and welcome to the project! #1406 #1400 #1365
#1396 #1402 #1414 #1412 #1408 #1418 #1425 #1428 #1436 #1433 #1438
#1410 #1447 #1388 #1484 #1481 #1496 #1245 #1524 #1534 #1526 #1533
Removals:
Static Linking Notices
The runc
binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc
acting
as a "work that uses the Library":
The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.
However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.
Thanks to all of the contributors that made this release possible:
- Adrian Reber areber@redhat.com
- Aleksa Sarai asarai@suse.de
- Andrei Vagin avagin@virtuozzo.com
- Antonio Murdaca runcom@redhat.com
- chchliang chen.chuanliang@zte.com.cn
- Christy Perez christy@linux.vnet.ibm.com
- Craig Furman cfurman@pivotal.io
- CuiHaozhi cuihz@wise2c.com
- Daniel, Dao Quang Minh dqminh89@gmail.com
- Derek Carr decarr@redhat.com
- Harshal Patil harshal.patil@in.ibm.com
- Jonh Wendell jonh.wendell@redhat.com
- Justin Cormack justin.cormack@docker.com
- Kang Liang kangliang424@gmail.com
- Kenfe-Mickael Laventure mickael.laventure@gmail.com
- Konstantinos Karampogias konstantinos.karampogias@swisscom.com
- Ma Shimiao mashimiao.fnst@cn.fujitsu.com
- Michael Crosby crosbymichael@gmail.com
- Mrunal Patel mrunalp@gmail.com
- Qiang Huang h.huangqiang@huawei.com
- Steven Hartland steven.hartland@multiplay.co.uk
- Tim Potter tpot@hpe.com
- Tobias Klauser tklauser@distanz.ch
- Valentin Rothberg vrothberg@suse.com
- Vincent Batts vbatts@redhat.com
- Wentao Zhang zhangwentao234@huawei.com
- Will Martin wmartin@pivotal.io
- W. Trevor King wking@tremily.us
- yangshukui yangshukui@huawei.com
- Zhang Wei zhangwei555@huawei.com
Vote-Closed: [Wed Aug 9 05:28:38 UTC 2017]
Vote-Results: [+5 -0 /2]
runc 1.0-rc3
NOTE: This release's artefacts were updated on 2020-07-30 to correct an
LGPL compliance issue (we previously did not include the source code of
libseccomp
orlibapparmor
with our releases) and thus we had to recompile
ourrunc
binaries to be sure we were distributing the correct version of
libseccomp
andlibapparmor
. All of the binaries are still signed by the
same maintainer key, and thus can still be easily validated.
NOTE: This release's artefacts were updated on 2021-04-07, to correct an
issue with the .tar.xz archive from 2020-07-30 (the archive had malformed
paths due to a bug in historical release scripts -- which caused the update
on 2020-07-30 to change the checksum of the source code archive). See #2895
for more details. All of the binaries are still signed by the same maintainer
key, and thus can still be easily validated.
Features:
- Add slice management support to the systemd cgroup driver. Checks are
done to make sure that systemd supports the feature. #1084 - Support for readonly mount labels. #1112
- Add a tmpcopyup mount extension for tmpfs mounts that are mounted over
already existing directories, allowing for the contents of a volume to
be copied up transparently. #845
- Switch our pivot_root usage to no longer require temporary
directories, improving the state of containters running in entirely
readonly contexts. #1125 #1148
- Allow updating of rt_period_us and rt_runtime_us in cpuacct cgroup.
- Reimplement console handling to use AF_UNIX sockets such that the
console is created inside the container's (namespaced) devpts
instance, solving a wide variety of historical pty bugs with runC.
#1018 #1356
- Support overlayfs in mounts. #1314
- Support creating devices with types 'p' and 'u'. #1321
- Add --preserve-fds=N to create and run commands. #1320
- Add pre-dump and parent-path to checkpoint. #1001
- Update to runtime-spec v1.0.0-rc5. #1370
Fixes:
- Remove check for binding to /. #1090
- Ensure we log to logrus on command errors. #1089
- Don't enable kmem limits if they're not specified in the config. #1095
- Handle cases where specs.Resources.* members would cause null
dereferences. #1111 #1116 - Fix bugs in the GetProcessStartTime implementation. #1136
- Make sysctl config validation checks handle network namespaces more
gracefully. #1138 #1149 - Guarantee correct namespace creation ordering. This is part of the
rootless container patchset, and is also required in certain SELinux
setups. #977 - Stop screwing around with '\n' in console output. #1146
- Fix cpuset.cpu_exclusive handling. #1194
- Sync HookState with the OCI specification. #1201
- Split remounting mountpoints and bindmounts, resolving issues with
mount options being dropped in certain cases. #1222 - Fix leftover cgroup directory issue. #1196
- Handle config.Devices and config.MaskPaths in checkpoint. #1110.
- Don't create combined cgroup subsystem names. #1268
- Ignore cgroupv2 mountpoints, fixing issues with systemd v232. #1266
- Race condition when synchronising with children and grandchildren in
nsexec.c. #1237 - Fix state checks to no longer depend on _LIBCONTAINER being present in
the environment, fixing both bugs as well as being part of the
rootless container patchset. #1317 - Fix systemd-notify when using different PID namespaces, and allow
detach+notify socket. #1308 - Don't fchown when inheriting stdio, which is necessary for rootless
containers in certain scenarios. #1354 - Fix cpu.cfs_quota_us being changed when systemd is reloaded. #1344
- Add devices to whitelist for LXD, to make runC under LXC/LXD work
better. #1327 - Many improvements to testing. #1121 #1131 #1132 #1147
Security:
- Several fixes for CVE-2016-9962. 5d93fed #1274
Static Linking Notices
The runc
binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc
acting
as a "work that uses the Library":
The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.
However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.
Thanks to all of the contributors that made this release possible:
- Qiang Huang h.huangqiang@huawei.com
- Aleksa Sarai asarai@suse.de
- Mrunal Patel mrunalp@gmail.com
- Michael Crosby crosbymichael@gmail.com
- Wang Long long.wanglong@huawei.com
- Daniel, Dao Quang Minh dqminh89@gmail.com
- rajasec rajasec79@gmail.com
- Zhang Wei zhangwei555@huawei.com
- Steven Hartland steven.hartland@multiplay.co.uk
- Giuseppe Scrivano gscrivan@redhat.com
- Shukui Yang yangshukui@huawei.com
- Ma Shimiao mashimiao.fnst@cn.fujitsu.com
- Daniel Dao dqminh89@gmail.com
- CuiHaozhi cuihaozhi@chinacloud.com.cn
- Antonio Murdaca runcom@redhat.com
- Xianglin Gao xlgao@zju.edu.cn
- Lei Jitang leijitang@huawei.com
- Justin Cormack justin.cormack@docker.com
- Dan Walsh dwalsh@redhat.com
- Daniel Martí mvdan@mvdan.cc
- Ce Gao ce.gao@outlook.com
- allencloud allen.sun@daocloud.io
- Alexander Morozov lk4d4math@gmail.com
- yupeng yu.peng36@zte.com.cn
- Yuanhong Peng pengyuanhong@huawei.com
- Yong Tang yong.tang.github@outlook.com
- xuxinkun xuxinkun@gmail.com
- Xianlu Bird xianlubird@gmail.com
- William Martin wmartin@pivotal.io
- Wentao Zhang zhangwentao234@huawei.com
- Vivek Goyal vgoyal@redhat.com
- Samuel Ortiz sameo@linux.intel.com
- rainrambler wanganyu@outlook.com
- Mohammad Arab boynux@gmail.com
- Michal Rostecki michal@kinvolk.io
- Máximo Cuadros mcuadros@gmail.com
- Kenfe-Mickael Laventure mickael.laventure@gmail.com
- Ian Campbell ian.campbell@docker.com
- Harry Zhang harryz@hyper.sh
- Fengtu Wang wangfengtu@huawei.com
- Eric Paris eparis@redhat.com
- Derek Carr decarr@redhat.com
- Deng Guangxing dengguangxing@huawei.com
- CuiHaozhi 61755280@qq.com
- Crazykev crazykev@zju.edu.cn
- Chris Aniszczyk caniszczyk@gmail.com
- Casey Callendrello c1@caseyc.net
- Carlton-Semple carlton.semple@ibm.com
- Brian Goff cpuguy83@gmail.com
- Andrew Vagin avagin@openvz.org
runc 1.0-rc2
NOTE: This release's artefacts were updated on 2020-07-30 to correct an
LGPL compliance issue (we previously did not include the source code of
libseccomp
orlibapparmor
with our releases) and thus we had to recompile
ourrunc
binaries to be sure we were distributing the correct version of
libseccomp
andlibapparmor
. All of the binaries are still signed by the
same maintainer key, and thus can still be easily validated.
NOTE: This release's artefacts were updated on 2021-04-07, to correct an
issue with the .tar.xz archive from 2020-07-30 (the archive had malformed
paths due to a bug in historical release scripts -- which caused the update
on 2020-07-30 to change the checksum of the source code archive). See #2895
for more details. All of the binaries are still signed by the same maintainer
key, and thus can still be easily validated.
Features
- {create,run}: add --no-new-keyring flag so that a new session keyring
is not created for the container and the calling process's keyring is
inherited. - restore: add --empty-ns flag to tell CRIU to only create a network
namespace for a container and not populate it (allowing higher levels
to correctly handle re-creating the network namespace). - {create,start}: use a FIFO rather than signals to signal the starting
of a container. This removes the Go version restriction, and also
avoids potential issues with Go's signal handling. - exec: allow additional groups to be overridden.
- delete: add --force flag.
- exec: disable the subreaper option entirely, because the option
causes many issues with reparenting in the context of containers.
This is not a complete fix, which is intended to land for -rc3. Using
the removed option will be silently ignored by runC. - {create,run}: add support for masking directories with MaskPaths.
- delete: allow for the deletion of multiple containers in one cmdline.
- build: add
make release
for distributions.
Fixes
- Major improvements and fixes to CLI handling. Now commands like
runc ps
andrunc exec
will act sanely when you're trying to use
flags that are not meant to be parsed by runC. - Set the cp.rt_* cgroup options correctly so that runC running in
SCHED_RR (realtime) mode can operate properly. - Massive improvements to kmem limit detection to ensure that we only
attempt to change memory.kmem.* if it is safe to do so. - Part of a major cleanup of the nsenter code, with more intended to
land before -rc3. - Restored containers now have a start time, which is the time that the
new container was started (not when the original container was
started). - Fix the default cgroupPath behaviour, so that we actually attach to
subcgroups of all of the caller's current cgroups (rather than using
the devices cgroup path for all other cgroups) - Support 32bit UIDs on i386 with the setuid32(2) syscall.
- Add /proc/timer_list to the set of default masked paths.
- Do not create /dev/fuse by default.
- Parse cgroupPath correctly if it contains ':'.
- Add some more debugging information for the test suite, along with
fixes for race conditions and other issues. In addition, add more
integration tests for edge conditions. - Improve check-config.sh script to handle more cases.
- Fix incorrect type when setting of net_cls classid.
- Lots of fixes to help pages and man pages.
- *: append -dirty to the version if the git repo is unclean.
- Fix the JSON tags for CpuRt* options.
- Cleanups to the rootfs setup code.
- Improve error messages related to SELinux.
Static Linking Notices
The runc
binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc
acting
as a "work that uses the Library":
The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.
However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.
Thanks to all of the contributors that made this release possible:
- Akihiro Suda suda.akihiro@lab.ntt.co.jp
- Aleksa Sarai asarai@suse.de
- Alexander Morozov lk4d4math@gmail.com
- Andrew Vagin avagin@virtuozzo.com
- Ben ben.gray@bskyb.com
- Buddha Prakash buddhap@google.com
- Carl Henrik Lunde chlunde@ifi.uio.no
- Christian Brauner cbrauner@suse.de
- Dam Thomason ad@mthomason.net
- Dan Walsh dwalsh@redhat.com
- Daniel, Dao Quang Minh dqminh89@gmail.com
- Davanum Srinivas davanum@gmail.com
- Euan Kemp euank@coreos.com
- Guilherme Rezende guilhermebr@gmail.com
- Haiyan Meng hmeng@redhat.com
- Hushan Jia hushan.jia@gmail.com
- Jiuyue Ma majiuyue@huawei.com
- Johnny Bieren jbieren@redhat.com
- Jonathan Boulle jonathanboulle@gmail.com
- Justin Cormack justin.cormack@docker.com
- Kenfe-Mickael Laventure mickael.laventure@gmail.com
- Michael Crosby crosbymichael@gmail.com
- Mike Brown brownwm@us.ibm.com
- Mrunal Patel mrunalp@gmail.com
- Peng Gao peng.gao.dut@gmail.com
- Petar Petrov pppepito86@gmail.com
- Phil Estes estesp@linux.vnet.ibm.com
- Qiang Huang h.huangqiang@huawei.com
- Serge Hallyn serge@hallyn.com
- Seth Jennings sjenning@redhat.com
- Shukui Yang yangshukui@huawei.com
- Tristan Cacqueray tdecacqu@redhat.com
- Vishnu kannan vishnuk@google.com
- Wang Long long.wanglong@huawei.com
- Yang Hongyang imhy.yang@gmail.com
- Yen-Lin Chen hencrice@gmail.com
- Yuanhong Peng pengyuanhong@huawei.com
- Zhang Wei zhangwei555@huawei.com
- Zhao Lei zhaolei@cn.fujitsu.com
- rajasec rajasec79@gmail.com
- xiekeyang xiekeyang@huawei.com
runc 1.0-rc1
runc 1.0 Release Candidate 1
This is the first of the release candidates for OCI's runtime specification and runc version 1.0. Runc is now using the runtime-spec 1.0.0-rc1 release.
Breaking Changes
The large breaking change from the previous versions of runc to 1.0 is the create and start command changes. The previous start command functionality has been moved to the run command. runc run mycontainer
. runc start
does not perform the operations that it did before this release.
Create -> Start -> Delete
By splitting the create and start phase for a container it allows higher level systems to modify the container before the user defined process is started.
A simple example of using this new workflow would look something like this from the command line:
# create the container with the specified configuration
runc create mycontainer
# at the point that create returns the container's environment is fully setup but the user's specified process has not run
# you can place network interfaces inside the container
# you can exec into the container
# you can modify the mount namespaces
runc exec mycontainer ps aux
# after your setup is complete you can start the user defined process
runc start mycontainer
# after start returns the user defied process inside your OCI config is running
# whenever the container exits you must delete the container removing any existing resources it still has
runc delete mycontainer
If you want the previous functionality where runc did this for you, use the runc run
command.
Container State
You can get the container state and status by using the runc state
command:
runc state mycontainer
{
"ociVersion": "1.0.0-rc1",
"id": "mycontainer",
"pid": 18917,
"bundlePath": "/containers/mycontainer",
"rootfsPath": "/containers/mycontainer/rootfs",
"status": "running",
"created": "2016-06-03T21:23:42.401668933Z",
"annotations": {
"something": "else"
}
}
ps command
A ps
command was added to show the processes inside the container:
runc ps influxdb
UID PID PPID C STIME TTY TIME CMD
1000 18936 18917 0 14:23 ? 00:00:06 influxd -config /home/influxdb/influxdb.conf
Other Updates
- Added seccomp support for more architectures
- Stable stats output
- Added
update
command for dynamically updating container resources - bash completion and man pages
Please help in testing and please report any issues to the issue tracker on github. Thanks!
- OCI Maintainers
Usage
NAME:
runc - Open Container Initiative runtime
runc is a command line client for running applications packaged according to
the Open Container Initiative (OCI) format and is a compliant implementation of the
Open Container Initiative specification.
runc integrates well with existing process supervisors to provide a production
container runtime environment for applications. It can be used with your
existing process monitoring tools and the container will be spawned as a
direct child of the process supervisor.
Containers are configured using bundles. A bundle for a container is a directory
that includes a specification file named "config.json" and a root filesystem.
The root filesystem contains the contents of the container.
To start a new instance of a container:
# runc start [ -b bundle ] <container-id>
Where "<container-id>" is your name for the instance of the container that you
are starting. The name you provide for the container instance must be unique on
your host. Providing the bundle directory using "-b" is optional. The default
value for "bundle" is the current directory.
USAGE:
runc [global options] command [command options] [arguments...]
VERSION:
1.0.0-rc1
commit: 04f275d4601ca7e5ff9460cec7f65e8dd15443ec
spec: 1.0.0-rc1
COMMANDS:
checkpoint checkpoint a running container
create create a container
delete delete any resources held by the container often used with detached containers
events display container events such as OOM notifications, cpu, memory, and IO usage statistics
exec execute new process inside the container
init initialize the namespaces and launch the process (do not call it outside of runc)
kill kill sends the specified signal (default: SIGTERM) to the container's init process
list lists containers started by runc with the given root
pause pause suspends all processes inside the container
ps ps displays the processes running inside a container
restore restore a container from a previous checkpoint
resume resumes all processes that have been previously paused
run create and run a container
spec create a new specification file
start start signals a created container to execute the user defined process
state output the state of a container
update update container resource constraints
GLOBAL OPTIONS:
--debug enable debug output for logging
--log value set the log file path where internal debug information is written (default: "/dev/null")
--log-format value set the format used by logs ('text' (default), or 'json') (default: "text")
--root value root directory for storage of container state (this should be located in tmpfs) (default: "/run/runc")
--criu value path to the criu binary used for checkpoint and restore (default: "criu")
--systemd-cgroup enable systemd cgroup support, expects cgroupsPath to be of form "slice:prefix:name" for e.g. "system.slice:runc:434234"
--help, -h show help
--version, -v print the version
runc 0.1.1
runc 0.1.1
This release includes a bug fix for adding the selinux mount label in the specification.
Runc v0.1.0
This release updates runc to the OCI runtime specification v0.5.0 and includes various fixes and features.
Features:
- cgroups: pid limits and stats
- cgroups: kmem stats
- systemd cgroup support
- libcontainer specconv package
- no pivot root option
- numeric ids are treated as uid/gid
- hook improvements
Bug Fixes:
- log flushing
- atomic pid file creation
- init error recovery
- seccomp logging removed
- delete container on aborted start
- /dev bind mount handling
runc 0.0.9 and specification 0.4.0
runc 0.0.9
This new release of runc includes the specification v0.4 changes. The backwards incompatible changes includes moving process specific settings like capabilities, rlimits, apparmor, and selinux process label from the container configuration to the process configuration. Be sure to update your config.json
files for these changes or they will not be applied to the container. You can always use the runc spec
command to generate a compatible config.json
based on the specification version that runc is currently using.
Updates:
- In this release runc has better support for errors and logging for use with the
--log
flag. - Improved namespace sharing for joining PID namespaces.
- Allow all mount types inside the container's mount namespace.
- Updated masked and readonly paths for container's /proc.
- Better IO handling for container's STDIO.
- Unique session keyring support for containers.
- Container label support.
- No new privileges support.
- Various bug fixes and performance improvements.
NAME:
runc - Open Container Initiative runtime
runc is a command line client for running applications packaged according to
the Open Container Format (OCF) and is a compliant implementation of the
Open Container Initiative specification.
runc integrates well with existing process supervisors to provide a production
container runtime environment for applications. It can be used with your
existing process monitoring tools and the container will be spawned as a
direct child of the process supervisor.
Containers are configured using bundles. A bundle for a container is a directory
that includes a specification file named "config.json" and a root filesystem.
The root filesystem contains the contents of the container.
To start a new instance of a container:
# runc start [ -b bundle ] <container-id>
Where "<container-id>" is your name for the instance of the container that you
are starting. The name you provide for the container instance must be unique on
your host. Providing the bundle directory using "-b" is optional. The default
value for "bundle" is the current directory.
USAGE:
runc [global options] command [command options] [arguments...]
VERSION:
0.0.9
spec version 0.4.0
COMMANDS:
checkpoint checkpoint a running container
delete delete any resources held by the container often used with detached containers
events display container events such as OOM notifications, cpu, memory, IO and network stats
exec execute new process inside the container
init init is used to initialize the containers namespaces and launch the users process.
This command should not be called outside of runc.
kill kill sends the specified signal (default: SIGTERM) to the container's init process
list lists containers started by runc with the given root
pause pause suspends all processes inside the container
restore restore a container from a previous checkpoint
resume resumes all processes that have been previously paused
spec create a new specification file
start create and run a container
state output the state of a container
help, h Shows a list of commands or help for one command
GLOBAL OPTIONS:
--debug enable debug output for logging
--log "/dev/null" set the log file path where internal debug information is written
--log-format "text" set the format used by logs ('text' (default), or 'json')
--root "/run/runc" root directory for storage of container state (this should be located in tmpfs)
--criu "criu" path to the criu binary used for checkpoint and restore
--help, -h show help
--version, -v print the version
Release 0.0.8 for runc and specification 0.3.0
runc 0.0.8
This new release of runc supports the OCI runtime specification version 0.3.0. It includes changes such as the unified configuration file, separation of device creation and access, and many other usability updates.
New features
Detach
The detach flag allows runc to exit after it spawns the container and reparents the process to system init. You no longer have a long running runc process as the parent of the container.
runc start -d test
Pid file
The pid-file
flag allows runc to write the pid of the process run inside the container to a file so that existing init systems can wait on it and allows runc to exit.
runc start -d --pid-file test.pid test
Delete command
The delete command allows runc to delete the container's state after it has exited for use with the detach flag.
runc delete test
List command
The list command will list all containers running on a system that were spawned by runc.
> runc list
ID PID STATUS CREATED
test 15278 running 2016-02-10T22:21:09.415768192Z
Exec command updates
The exec command now allows you to use a json file for the process configuration or pass the arguments and settings via flags and args.
> runc exec --tty --env TEST=1 -- test ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 4476 900 ? Ss+ 22:23 0:00 sh
root 13 0.0 0.0 15600 2116 ? Rs+ 22:23 0:00 ps aux
Container ids
Container ids are required for every command in runc. You pass the container id as argument 1 to the commands to specify which container you want to interact with. This was always the case before in runc but hidden behind a --id
flag.
> runc start test
> runc events test
> runc kill test
Update to spec 0.3.0
Be sure to use the runc spec
command to generate a new base template for your containers based on the specification and the unified configuration file.
NAME:
runc - Open Container Initiative runtime
runc is a command line client for running applications packaged according to
the Open Container Format (OCF) and is a compliant implementation of the
Open Container Initiative specification.
runc integrates well with existing process supervisors to provide a production
container runtime environment for applications. It can be used with your
existing process monitoring tools and the container will be spawned as a
direct child of the process supervisor.
After creating config files for your root filesystem with runc, you can execute
a container in your shell by running:
# cd /mycontainer
# runc start [ -b bundle ] <container-id>
If not specified, the default value for the 'bundle' is the current directory.
'Bundle' is the directory where 'config.json' must be located.
USAGE:
runc [global options] command [command options] [arguments...]
VERSION:
0.0.8
spec version 0.3.0
COMMANDS:
checkpoint checkpoint a running container
delete delete any resources held by the container often used with detached containers
events display container events such as OOM notifications, cpu, memory, IO and network stats
exec execute new process inside the container
kill kill sends the specified signal (default: SIGTERM) to the container's init process
list lists containers started by runc with the given root
pause pause suspends all processes inside the container
restore restore a container from a previous checkpoint
resume resumes all processes that have been previously paused
spec create a new specification file
start create and run a container
help, h Shows a list of commands or help for one command
GLOBAL OPTIONS:
--debug enable debug output for logging
--log set the log file path where internal debug information is written
--log-format "text" set the format used by logs ('text' (default), or 'json')
--root "/run/opencontainer/containers" root directory for storage of container state (this should be located in tmpfs)
--criu "criu" path to the criu binary used for checkpoint and restore
--help, -h show help
--version, -v print the version
MD5 hases for the downloadable runc binaries in this release are:
- runc-amd64: 966cf271c2923b64d2d7ad0be9ffdc6e
Release v0.0.7
This release includes the following changes:
- Do not use stream encoders
- Update github.com/opencontainers/specs to a7b5092
- cgroup: systemd: properly expand systemd slice names
- Remove the nullState
- Revert "update date in README"
- Add build status badge
- Allow switch to anything from nullState
- Fix various state bugs for pause and destroy
- cgroups: set memory cgroups in Set
- Only set cwd when not empty
- Fix comment of swap limit
- Add support for just joining in apply using cgroup paths
- Remove some hard coded strings
- Handle seccomp proc parsing errors
- Embed Resources for backward compatibility
- add seccomp.IsEnabled() function
- cleanup old hack dir
- Check that cwd is absolute
- update go version to 1.5.3 in dockerfile and cleanup
- Make cwd required
- Update README of libcontainer
- Only validate post-hyphen field length on cgroup mounts
- libcontainer: set cgroup config late
- libcontainer: cgroups: loudly fail with Set
- libcontainer: cgroups: don't Set in Apply
- libcontainer: cgroups: add pids controller support
- cgroups: fs: fix cgroup.Parent path sanitisation
- Do not create devices when in user namespace
- Revert to non-recursive GetPids, add recursive GetAllPids
- selinux: add SelinuxSetEnforceMode implementation
- update date in README
- Add --console to specify path to use from runc
- Do not allow access to /dev/tty{0,1}
- Add white list for bind mount check
- Fix typo word in SPEC.md
- libcontainer: Add support for memcg pressure notifications
- Cleanup Godeps
- Revert "cgroups: add pids controller support"
- libcontainer: set cgroup config late
- libcontainer: cgroups: loudly fail with Set
- libcontainer: cgroups: don't Set in Apply
- libcontainer: cgroups: add pids controller support
- Caclulate NLA_HDRLEN as gccgo workaround
- Add state pattern for container state transition
- Move the cgroups setting into a Resources struct
- Move linux only Process.InitializeIO behind the linux build flag.
- Replace docker units package with new docker/go-units.
- Move STDIO initialization to libcontainer.Process
- Fixing TestSetFilecon in selinux test step
- Adding selinux label
- make localtest failure with selinux enabled
- Add spec version to runC version cli