• CRI-O v1.19.0
  • Downloads
  • Changelog since v1.18.0
    • Changes by Kind
      • Dependency-Change
      • API Change
      • Feature
      • Design
      • Documentation
      • Bug or Regression
      • Other (Cleanup or Flake)
      • Uncategorized
    • Dependencies
      • Added
      • Changed
      • Removed

CRI-O v1.19.0

The release notes have been generated for the commit range v1.18.0…v1.19.0 on Mon, 14 Sep 2020 20:17:11 UTC.

Downloads

Download the static release bundle via our Google Cloud Bucket: crio-v1.19.0.tar.gz

Changelog since v1.18.0

Changes by Kind

Dependency-Change

• Compile with go 1.15 (#4067, @mrunalp)

API Change

• CRI-O now manages namespace lifecycles by default (manage_ns_lifecycle = true). The config option manage_network_ns_lifecycle has also been fully deprecated (#3929, @haircommander)

Feature

• Add –version-file-persist, a place to put the version file in persistent storage. Now, crio wipe wipes containers if –version-file is not present (presumably it is on temporary storage), and wipes images if both –version-file and –version-file-persist are out of date (presumably there has been an upgrade of cri-o’s minor version (#3648, @haircommander)
• Add big_files_temporary_dir to allow customization of where large temporary files are put (#3935, @adawolfs)
• Add build support for setting SOURCE_DATE_EPOCH (#3708, @afbjorklund)
• Added --metrics-socket/metrics_socket configuration option to allow exposing the metrics endpoint on a local socket path (#3724, @saschagrunert)
• Added crio_image_layer_reuse metric which counts layer reuses during image pull (#4053, @saschagrunert)
• Added privileged field to container status info (#3777, @saschagrunert)
• Added behavior to allow filtering by a partial Pod Sandbox ID (#4033, @saschagrunert)
• Added configuration validation to ensure a conmon_cgroup == "pod" if cgroup_manager == "cgroupfs" (#3940, @saschagrunert)
• Added latest crun version to static binary bundle (#3837, @saschagrunert)
• Added metrics-exporter and documentation (#3751, @saschagrunert)
• Added new metrics crio_image_pulls_failures and crio_image_pulls_successes. For more information please refer to the CRI-O metrics guide (#3809, @saschagrunert)
• Container HostPort with SCTP protocol is supported. (#3874, @janosi)
• Containers running init or systemd are now given a new selinux label container_init_t, giving it selinux privileges more appropriate for the workload (#3754, @haircommander)
• If users want the container_kvm_t label when using a runtime that supports kvm separation, they will need to either set the runtime_type to “vm” or have “kata” in the runtime name. E.g

[crio.runtime.runtimes.my-kata-runtime] runtime_path = “” runtime_type = “oci” runtime_root = “/run/kata”

or

[crio.runtime.runtimes.my-kata-runtime] runtime_path = “” runtime_type = “vm” runtime_root = “/run/kata” (#3861, @umohnani8)

• Re-add the behavior that string slices can be passed to the CLI comma separated, for example --default-capabilities CHOWN,KILL (#3636, @saschagrunert)
• Removed socat runtime dependency which was needed for pod port forwarding (#3749, @saschagrunert)
• Return pod image, pid and spec in sandbox_status CRI verbose mode (#3819, @mrunalp)

Design

• Hooks_dir entries are now created if they don’t exist (#4052, @haircommander)

Documentation

• Added crun container runtime to crio.conf (commented out per default) (#3838, @saschagrunert)
• Added dependency report to generated release notes (#3828, @saschagrunert)
• The changelog is now rendered by a custom go template and contains the table of contents (#3739, @saschagrunert)

Bug or Regression

• Adding additional runtime handler doesn’t require the user to copy existing default runtime handler configuration. The existing default runtime handler configuration will be preserved while adding the new runtime handler. (#3772, @harche)
• ExecSync requests will ask conmon to not double fork, causing systemd to have fewer conmons re-parented to it. conmon v2.0.19 or greater is required for this feature. (#3908, @haircommander)
• Fix handling of the –cni-plugin-dir and other multivalue command line flags (#3870, @rhafer)
• Fix path to bash via /usr/bin/env in crio-shutdown.service (#3971, @saschagrunert)
• Fix the container cgroup in case cgroupfs cgroup manager is used (#4075) (#4080, @kolyshkin)
• Fix working set calculation (#4068, @kolyshkin)
• Fixed crio version binary mode parsing on musl toolchains (#3969, @saschagrunert)
• Fixed a bug where crictl only showed pod level stats, not container level stats. (#3933, @wgahnagl)
• Fixed a bug where exec sync requests (manually or automatically triggered via readiness/liveness probes) overwrite the runtime info.runtimeSpec.process.args of the container status (for example via crictl inspect). (#3989, @saschagrunert)
• Fixed bug where Pod creation would fail if Uid was not specified in Metadata of sandbox config passed in a run pod sandbox request (#3774, @haircommander)
• Fixed bug where pod names would sometimes leak on creation, causing the kubelet to fail to recreate (#3964, @haircommander)
• Fixed crio restart behavior to make sure that Pod creation timestamps are restored and the order in the list of pods stays stable across restarts (#4006, @rhafer)
• Fixed wrong linkmode output (on crio version) for static binaries (#3638, @saschagrunert)
• Reflects resource updates under the container spec. (#3978, @cynepco3hahue)

Other (Cleanup or Flake)

• Added info logs for image pulls and image status (#3843, @mrunalp)
• Cleanup default info logging (#3834, @mrunalp)
• Cleanup go module and vendor files. (#3722, @mrunalp)
• Pod creation now fails if conmon cannot be moved to the cgroup specified in conmon_cgroup. Our default value for conmon_cgroup is system.slice, which is invalid for cgroupfs. As such, if you use cgroupfs, you should change conmon_cgroup to pod (#3810, @haircommander)
• Removed crio-wipe.service and crio-shutdown.service systemd units from the static bundle since they are not required (#3689, @saschagrunert)

Uncategorized

• Add --drop-infra-ctr option to ask CRI-O to drop the infra container when a pod level pid namespace isn’t requested. This feature is considered experimental (#4186, @haircommander)
• Adds a new optional field, runtime_type, to the “–runtimes” option. (#3903, @fidencio)
• Cleanup and update nix derivation for static builds (#3804, @hswong3i)
• Fix a bug where a sudden reboot causes incomplete image writes. This could cause image storage to be corrupted, resulting in an error layer not known. (#3975, @openshift-cherrypick-robot)
• Fix bug where empty config fields having to do with storage cause /info requests to return incorrect information (which causes cadvisor to fail to read imageFs information) (#4161, @openshift-cherrypick-robot)
• Fixes panic when /sys/fs/cgroup can’t be stat’ed (#3973, @haircommander)
• If the default_runtime is changed from the default configuration, the corresponding existing default entry in the runtime map in the configuration will be ignored. (#4113, @openshift-cherrypick-robot)
• Remove support for --runtime flag (#4107, @haircommander)
• Updated crictl.yaml configuration inside the repository to reflect cri-tools v1.19.0 changes (#4185, @openshift-cherrypick-robot)

Dependencies

Added

• cloud.google.com/go/bigquery: v1.0.1
• cloud.google.com/go/pubsub: v1.0.1
• cloud.google.com/go/storage: v1.0.0
• dmitri.shuralyov.com/gpu/mtl: 666a987
• github.com/OneOfOne/xxhash: v1.2.2
• github.com/bombsimon/wsl/v3: v3.0.0
• github.com/cespare/xxhash/v2: v2.1.1
• github.com/cespare/xxhash: v1.1.0
• github.com/chzyer/logex: v1.1.10
• github.com/chzyer/readline: 2972be2
• github.com/chzyer/test: a1ea475
• github.com/dgryski/go-sip13: e10d5fe
• github.com/docopt/docopt-go: ee0de3b
• github.com/go-git/gcfg: v1.5.0
• github.com/go-git/go-billy/v5: v5.0.0
• github.com/go-git/go-git-fixtures/v4: v4.0.1
• github.com/go-git/go-git/v5: v5.1.0
• github.com/go-gl/glfw/v3.3/glfw: 12ad95a
• github.com/go-ini/ini: v1.9.0
• github.com/go-xmlfmt/xmlfmt: d5b6f63
• github.com/ianlancetaylor/demangle: 5e5cf60
• github.com/maratori/testpackage: v1.0.1
• github.com/moby/ipvs: v1.0.1
• github.com/moby/term: 672ec06
• github.com/nakabonne/nestif: v0.3.0
• github.com/nxadm/tail: v1.4.4
• github.com/oklog/ulid: v1.3.1
• github.com/phayes/checkstyle: bfd46e6
• github.com/prometheus/tsdb: v0.7.1
• github.com/ryancurrah/gomodguard: v1.0.2
• github.com/saschagrunert/ccli: b68f755
• github.com/saschagrunert/go-modiff: v1.2.0
• github.com/spaolacci/murmur3: f09979e
• github.com/tetafro/godot: v0.2.5
• github.com/yuin/goldmark: v1.1.32
• go.mozilla.org/pkcs7: 432b235
• google.golang.org/protobuf: v1.24.0
• gopkg.in/yaml.v3: 9f266ea
• gotest.tools/v3: v3.0.2
• k8s.io/klog/v2: v2.3.0

Changed

• cloud.google.com/go: v0.44.3 → v0.51.0
• github.com/Azure/azure-sdk-for-go: v35.0.0+incompatible → v43.0.0+incompatible
• github.com/Azure/go-autorest/autorest/adal: v0.5.0 → v0.8.2
• github.com/Azure/go-autorest/autorest/date: v0.1.0 → v0.2.0
• github.com/Azure/go-autorest/autorest/mocks: v0.2.0 → v0.3.0
• github.com/Azure/go-autorest/autorest: v0.9.0 → v0.9.6
• github.com/GoogleCloudPlatform/k8s-cloud-provider: 27a4ced → 7901bc8
• github.com/GoogleCloudPlatform/testgrid: v0.0.1-alpha.4 → v0.0.10
• github.com/Microsoft/hcsshim: v0.8.7 → 5eafd15
• github.com/alecthomas/template: a0175ee → fb15b89
• github.com/alecthomas/units: 2efee85 → c3de453
• github.com/bazelbuild/rules_go: 6dae44d → v0.23.3
• github.com/beorn7/perks: 3a771d9 → v1.0.1
• github.com/cilium/ebpf: 95b36a5 → 9f1617e
• github.com/containerd/cgroups: bf292b2 → 0dbf7f0
• github.com/containerd/containerd: v1.3.3 → v1.3.6
• github.com/containerd/ttrpc: 0be804e → v1.0.1
• github.com/containerd/typeurl: 2a93cfd → v1.0.0
• github.com/containernetworking/cni: 4fae32b → v0.8.0
• github.com/containernetworking/plugins: v0.8.5 → v0.8.6
• github.com/containers/buildah: v1.14.8 → v1.14.9
• github.com/containers/conmon: v2.0.15+incompatible → v2.0.17+incompatible
• github.com/containers/image/v5: v5.4.3 → v5.5.1
• github.com/containers/libpod: v1.9.0 → v1.9.2
• github.com/containers/ocicrypt: v1.0.2 → v1.0.3
• github.com/containers/storage: v1.18.2 → v1.20.2
• github.com/coredns/corefile-migration: v1.0.6 → v1.0.10
• github.com/coreos/go-systemd/v22: v22.0.0 → v22.1.0
• github.com/creack/pty: v1.1.9 → v1.1.11
• github.com/cri-o/ocicni: b197cd1 → 513ef78
• github.com/docker/docker: a9416c6 → aa6a989
• github.com/docker/libnetwork: c8a5fca → 5a177b7
• github.com/envoyproxy/go-control-plane: v0.9.4 → 5f8ba28
• github.com/evanphx/json-patch: v4.2.0+incompatible → e83c0a1
• github.com/fatih/color: v1.7.0 → v1.9.0
• github.com/go-logr/logr: v0.1.0 → v0.2.0
• github.com/godbus/dbus: 8a16820 → ade71ed
• github.com/golang/groupcache: 869f871 → 215e871
• github.com/golang/protobuf: v1.3.3 → v1.3.5
• github.com/golangci/golangci-lint: v1.23.3 → v1.25.0
• github.com/google/cadvisor: v0.35.0 → v0.37.0
• github.com/google/pprof: 54271f7 → d4f498a
• github.com/googleapis/gnostic: v0.1.0 → v0.4.1
• github.com/gostaticanalysis/analysisutil: v0.0.3 → 4088753
• github.com/json-iterator/go: v1.1.9 → v1.1.10
• github.com/jstemmer/go-junit-report: af01ea7 → v0.9.1
• github.com/klauspost/compress: v1.10.3 → v1.10.8
• github.com/klauspost/pgzip: v1.2.3 → v1.2.4
• github.com/konsorten/go-windows-terminal-sequences: v1.0.2 → v1.0.3
• github.com/mattn/go-isatty: v0.0.9 → v0.0.12
• github.com/matttproud/golang_protobuf_extensions: v1.0.1 → c182aff
• github.com/maxbrunsfeld/counterfeiter/v6: v6.2.2 → v6.2.3
• github.com/mistifyio/go-zfs: v2.1.1+incompatible → f784269
• github.com/mrunalp/fileutils: 7d4729f → abd8a0e
• github.com/onsi/ginkgo: v1.12.0 → v1.14.0
• github.com/onsi/gomega: v1.9.0 → v1.10.1
• github.com/opencontainers/go-digest: v1.0.0-rc1 → v1.0.0
• github.com/opencontainers/runc: v1.0.0-rc9 → v1.0.0-rc90
• github.com/opencontainers/runtime-spec: v1.0.2 → 3e4195d
• github.com/opencontainers/runtime-tools: d1bf3e6 → 07406c5
• github.com/opencontainers/selinux: v1.5.1 → v1.5.2
• github.com/prometheus/client_golang: v0.9.2 → v1.7.1
• github.com/prometheus/common: v0.4.1 → v0.10.0
• github.com/prometheus/procfs: v0.0.5 → v0.1.3
• github.com/rubiojr/go-vhd: 0bfd3b3 → 02e2102
• github.com/sclevine/spec: v1.2.0 → v1.4.0
• github.com/seccomp/containers-golang: v0.3.2 → v0.4.1
• github.com/sendgrid/rest: v2.4.1+incompatible → v2.6.0+incompatible
• github.com/sendgrid/sendgrid-go: v3.5.0+incompatible → v3.6.0+incompatible
• github.com/sergi/go-diff: v1.0.0 → v1.1.0
• github.com/sirupsen/logrus: v1.4.2 → v1.6.0
• github.com/spf13/cobra: v0.0.7 → v1.0.0
• github.com/stretchr/testify: v1.5.1 → v1.6.1
• github.com/tommy-muehle/go-mnd: v1.1.1 → e6f9a99
• github.com/urfave/cli: 7bc6a0a → v1.22.2
• github.com/vbauerster/mpb/v5: v5.0.3 → v5.2.2
• github.com/vishvananda/netns: 0a2b9b5 → 52d707b
• go.etcd.io/bbolt: v1.3.4 → v1.3.5
• go.etcd.io/etcd: 3cf2f69 → 18dfb9c
• go.opencensus.io: v0.22.1 → v0.22.2
• golang.org/x/crypto: 0ec3e99 → 75b2880
• golang.org/x/exp: efd6b22 → da58074
• golang.org/x/image: 0694c2d → cff245a
• golang.org/x/lint: 959b441 → fdd1cda
• golang.org/x/mobile: d3739f8 → d2bd2a2
• golang.org/x/mod: c90efee → v0.3.0
• golang.org/x/net: d3edc99 → ab34263
• golang.org/x/sync: 43a5402 → 6e8e738
• golang.org/x/sys: ea54a3c → ddb9806
• golang.org/x/text: v0.3.2 → v0.3.3
• golang.org/x/tools: 9497f49 → c1934b7
• google.golang.org/api: v0.9.0 → v0.21.0
• google.golang.org/appengine: v1.6.2 → v1.6.5
• google.golang.org/grpc: v1.28.1 → v1.27.0
• gopkg.in/yaml.v2: v2.2.8 → v2.3.0
• k8s.io/gengo: 36b2048 → 8167cfd
• k8s.io/kube-openapi: bf4fb3b → 656914f
• k8s.io/kubernetes/staging/src/k8s.io/api: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/apiextensions-apiserver: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/apimachinery: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/apiserver: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/cli-runtime: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/client-go: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/cloud-provider: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/cluster-bootstrap: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/code-generator: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/component-base: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/cri-api: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/csi-translation-lib: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/kube-aggregator: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/kube-controller-manager: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/kube-proxy: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/kube-scheduler: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/kubectl: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/kubelet: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/legacy-cloud-providers: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/metrics: 7879fc1 → 1afc535
• k8s.io/kubernetes/staging/src/k8s.io/sample-apiserver: 7879fc1 → 1afc535
• k8s.io/kubernetes: v1.18.1 → v1.19.0-rc.4
• k8s.io/release: v0.2.5 → v0.3.4
• k8s.io/system-validators: v1.0.4 → v1.1.2
• k8s.io/utils: 6496210 → f00132d
• mvdan.cc/sh/v3: v3.1.0 → v3.1.2
• sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.0.7 → v0.0.9
• sigs.k8s.io/structured-merge-diff/v3: v3.0.0 → 43c19bb

Removed

• github.com/Rican7/retry: v0.1.0
• github.com/bazelbuild/bazel-gazelle: 70208cb
• github.com/bazelbuild/buildtools: 69366ca
• github.com/bradfitz/go-smtpd: deb6d62
• github.com/cespare/prettybench: 03b8cfe
• github.com/cncf/udpa/go: 269d4d4
• github.com/containerd/release-tool: a35b5d7
• github.com/golangci/go-tools: e32c541
• github.com/golangci/gosec: 66fb7fc
• github.com/google/go-github: v17.0.0+incompatible
• github.com/hashicorp/go-version: v1.2.0
• github.com/jellevandenhooff/dkim: f50fe3d
• github.com/mesos/mesos-go: v0.0.9
• github.com/pelletier/go-buffruneio: v0.2.0
• github.com/ryanuber/go-glob: 256dc44
• github.com/src-d/gcfg: v1.4.0
• github.com/tarm/serial: 98f6abe
• github.com/vbatts/git-validation: v1.1.0
• go4.org: 417644f
• golang.org/x/build: 2835ba2
• golang.org/x/perf: 6e6d33e
• gopkg.in/russross/blackfriday.v2: v2.0.0
• gopkg.in/src-d/go-billy.v4: v4.3.2
• gopkg.in/src-d/go-git-fixtures.v3: v3.5.0
• gopkg.in/src-d/go-git.v4: v4.13.1
• gotest.tools/gotestsum: v0.3.5
• grpc.go4.org: 11d0a25
• k8s.io/repo-infra: v0.0.1-alpha.1