Containerd - v2.0.0-beta.0

Welcome to the v2.0.0-beta.0 release of containerd!
This is a pre-release of containerd

The first major release of containerd 2.x focuses on the continued stability of
containerd's core feature set with an easy upgrade from containerd 1.x. This
release includes the stabilization of new features added in the last 1.x release
as well as the removal of features which were deprecated in 1.x. The goal is to
support the vast community of containerd users well into the future along with
their ever increasing deployment footprints and variety of use cases.

Highlights

• Don't allow io_uring related syscalls in the RuntimeDefault seccomp profile. (#9320)
• Expose usage of deprecated features (#9258)
• Switch runc shim to task service v3 and fix restore (#9233)
• Add sandboxer configuration and move sandbox controllers to plugins (#8268)
• Use Intel ISA-L's igzip if available (#9200)
• Generalize plugin library (#9214)
• Introduce top level config migration (#9223)
• Add image delete target (#8989)
• Use github.com/containerd/log (#9086)
• Add support for image expiration during garbage collection (#9022)
• Reduce the contention between ref lock and boltdb lock in content store (#8792)
• Remove the CriuPath field from runc's options (#8279)
• Remove support for config.toml version = 1 (#8275)
• Remove "containerd.io/restart.logpath" label (#8264)
• Remove aufs snapshotter (#8263)

Container Runtime Interface (CRI)

• Remove non-sandboxed CRI implementation (#9228)
• Add image verifier transfer service plugin system based on a binary directory (#8493)
• Add support for userns in stateless and stateful pods with idmap mounts (KEP-127, k8s >= 1.27) (#8287)
• Use sandboxed CRI by default (#8994)
• Implement RuntimeConfig CRI call (#8722)
• Add support for user namespaces (KEP-127) (#8803)
• Remove CRI v1alpha2 (#8276)

Runtime

• Remove io.containerd.runtime.v1.linux and io.containerd.runc.v1 (#8262)

Breaking

• Don't allow io_uring related syscalls in the RuntimeDefault seccomp profile. (#9320)
• Move client to subpackage (#9316)
• Remove CRI v1alpha2 (#8276)
• Remove io.containerd.runtime.v1.linux and io.containerd.runc.v1 (#8262)
• Remove "containerd.io/restart.logpath" label (#8264)
• Remove aufs snapshotter (#8263)

Deprecations

• Deprecate go-plugin configuration option (#9238)
• CNI conf_template in CRI is no longer deprecated (#8637)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Derek McGowan
• Akihiro Suda
• Wei Fu
• Phil Estes
• Sebastiaan van Stijn
• Samuel Karp
• Maksym Pavlenko
• Kazuyoshi Kato
• Rodrigo Campos
• Danny Canter
• Gabriel Adrian Samfira
• Iceber Gu
• Jin Dong
• Bjorn Neergaard
• Austin Vazquez
• Mike Brown
• Paul "TBBle" Hampson
• Kirtana Ashok
• Krisztian Litkey
• rongfu.leng
• Abel Feng
• Enrico Weigelt
• Kohei Tokunaga
• James Sturtevant
• Ilya Hanov
• Marat Radchenko
• Akhil Mohan
• Cardy.Tang
• Hsing-Yu (David) Chen
• Justin Chadwell
• Markus Lehtonen
• Nashwan Azhari
• Shingo Omura
• Vinayak Goyal
• helen
• Aditi Sharma
• Brian Goff
• Charity Kathure
• Henry Wang
• Kay Yan
• Laura Brehm
• Artem Khramov
• Brad Davidson
• Bryant Biggs
• Chen Yiyang
• Cory Snider
• Davanum Srinivas
• Ed Bartosh
• Ethan Lowman
• James Jenkins
• Jiang Liu
• Jordan Liggitt
• June Rhodes
• Mahamed Ali
• Michael Crosby
• Paweł Gronowski
• Peteris Rudzusiks
• Sam Edwards
• Samruddhi Khandale
• Steve Griffith
• VERNOU Cédric
• hang.jiang
• jerryzhuang
• Aaron Lehmann
• Aditya Ramani
• Alex Couture-Beil
• Alex Ellis
• Alex Rodriguez
• Alexandru Matei
• Amir M. Ghazanfari
• Antonio Huete Jimenez
• Ben Foster
• Bin Xin
• BinBin He
• Brennan Kinney
• Craig Ingram
• Daisy Rong
• Djordje Lukic
• Edgar Lee
• Eng Zer Jun
• Etienne Champetier
• Evan Lezar
• Fahed Dorgaa
• Gary McDonald
• Jan Dubois
• Jiongchi Yu
• Kern Walster
• Maksim An
• Milas Bowman
• Pan Yibo
• Qasim Sarfraz
• Qiutong Song
• Robbie Buxton
• Robert-André Mauchin
• Shuaiyi Zhang
• Shukui Yang
• Tianon Gravi
• Tony Fang
• Tõnis Tiigi
• Wang Xinwen
• William Chen
• charles-chenzz
• chschumacher1994
• guangli.bao
• ningmingxiao
• pigletfly
• wangxiang
• zhangpeng
• zhaojizhuang
• zounengren
• 沈陵

Dependency Changes

• dario.cat/mergo v1.0.0 new
• github.com/AdaLogics/go-fuzz-headers 1f10f66a31bf -> ced1acdcaa24
• github.com/AdamKorcz/go-118-fuzz-build 5330a85ea652 -> 8075edf89bb0
• github.com/Microsoft/go-winio v0.6.0 -> v0.6.1
• github.com/Microsoft/hcsshim v0.10.0-rc.7 -> v0.12.0-rc.0
• github.com/Microsoft/hcsshim/test 43a75bb4edd3 new
• github.com/cenkalti/backoff/v4 v4.2.0 -> v4.2.1
• github.com/container-orchestrated-devices/container-device-interface v0.5.4 -> v0.6.1
• github.com/containerd/cgroups/v3 v3.0.1 -> v3.0.2
• github.com/containerd/continuity v0.3.0 -> v0.4.2
• github.com/containerd/go-runc v1.0.0 -> v1.1.0
• github.com/containerd/log v0.1.0 new
• github.com/containerd/nri v0.3.0 -> v0.5.0
• github.com/containerd/plugin 7ec69893e1e7 new
• github.com/containerd/ttrpc v1.2.1 -> v1.2.2
• github.com/containerd/typeurl/v2 v2.1.0 -> v2.1.1
• github.com/containernetworking/plugins v1.2.0 -> v1.3.0
• github.com/distribution/reference v0.5.0 new
• github.com/emicklei/go-restful/v3 v3.10.1 -> v3.10.2
• github.com/go-logr/logr v1.2.3 -> v1.2.4
• github.com/golang/protobuf v1.5.2 -> v1.5.3
• github.com/google/uuid v1.3.0 -> v1.3.1
• github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 -> v1.4.0
• github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0 -> v2.16.2
• github.com/klauspost/compress v1.16.0 -> v1.17.2
• github.com/klauspost/cpuid/v2 v2.0.4 -> v2.2.5
• github.com/minio/sha256-simd v1.0.0 -> v1.0.1
• github.com/moby/sys/user v0.1.0 new
• github.com/opencontainers/image-spec 3a7f492d3f1b -> v1.1.0-rc5
• github.com/opencontainers/runtime-spec v1.1.0-rc.1 -> 4fec88fd00a4
• github.com/opencontainers/runtime-tools 946c877fa809 -> 2e043c6bd626
• github.com/pelletier/go-toml/v2 v2.1.0 new
• github.com/prometheus/client_golang v1.14.0 -> v1.16.0
• github.com/prometheus/client_model v0.3.0 -> v0.4.0
• github.com/prometheus/common v0.37.0 -> v0.44.0
• github.com/prometheus/procfs v0.8.0 -> v0.10.1
• github.com/sirupsen/logrus v1.9.0 -> v1.9.3
• github.com/stretchr/testify v1.8.2 -> v1.8.4
• github.com/urfave/cli v1.22.12 -> v1.22.14
• github.com/vishvananda/netns 2eb08e3e575f -> v0.0.4
• golang.org/x/mod v0.7.0 -> v0.12.0
• golang.org/x/net v0.7.0 -> v0.17.0
• golang.org/x/oauth2 v0.4.0 -> v0.10.0
• golang.org/x/sync v0.1.0 -> v0.3.0
• golang.org/x/sys v0.6.0 -> v0.13.0
• golang.org/x/term v0.5.0 -> v0.13.0
• golang.org/x/text v0.7.0 -> v0.13.0
• golang.org/x/time 90d013bbcef8 -> v0.3.0
• golang.org/x/tools v0.5.0 -> v0.11.0
• google.golang.org/genproto 7f2fa6fef1f4 -> 659f7aaaa771
• google.golang.org/genproto/googleapis/api 23370e0ffb3e new
• google.golang.org/genproto/googleapis/rpc 23370e0ffb3e new
• google.golang.org/grpc v1.53.0 -> v1.58.3
• google.golang.org/protobuf v1.28.1 -> v1.31.0
• k8s.io/api v0.26.2 -> v0.28.2
• k8s.io/apimachinery v0.26.2 -> v0.28.2
• k8s.io/apiserver v0.26.2 -> v0.28.2
• k8s.io/client-go v0.26.2 -> v0.28.2
• k8s.io/component-base v0.26.2 -> v0.28.2
• k8s.io/cri-api v0.26.2 -> v0.28.2
• k8s.io/klog/v2 v2.90.1 -> v2.100.1
• k8s.io/kubelet v0.28.2 new
• k8s.io/utils a5ecb0141aa5 -> d93618cff8a2
• sigs.k8s.io/json f223a00ba0e2 -> bc3834ca7abd

Previous release can be found at v1.7.0

Which file should I download?

• containerd-<VERSION>-<OS>-<ARCH>.tar.gz: ✅Recommended. Dynamically linked with glibc 2.31 (Ubuntu 20.04).
• containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz: Statically linked. Expected to be used on non-glibc Linux distributions. Not position-independent.

In addition to containerd, typically you will have to install runc
and CNI plugins from their official sites too.

See also the Getting Started documentation.