• CRI-O v1.22.1
  • Downloads
  • Changelog since v1.22.0
    • Changes by Kind
      • Feature
      • Bug or Regression
      • Uncategorized
  • Dependencies
    • Added
    • Changed
    • Removed

CRI-O v1.22.1

The release notes have been generated for the commit range v1.22.0…74a7981 on Tue, 22 Feb 2022 11:48:02 UTC.

Downloads

Download one of our static release bundles via our Google Cloud Bucket:

• cri-o.amd64.74a7981224aecca9403dcac3c589f5b77857ad2d.tar.gz
• cri-o.arm64.74a7981224aecca9403dcac3c589f5b77857ad2d.tar.gz

Changelog since v1.22.0

Changes by Kind

Feature

• Add functionality to use taskset to spawn new commands cri-o runs. Now, if InfraCtrCPUSet is called, all newly spawned commands will be placed in the InfraCtrCPUSet (as it’s expected to be set to the reserved CPU set that system commands should run on). (#5547, @haircommander)
• Add support for “io.kubernetes.cri-o.TrySkipVolumeSELinuxLabel” annotation, which tells CRI-O to skip relabeling volumes if the top level is already correctly labeled Skip SELinux volume relabeling for super privileged containers (securityContext.seLinuxOptions.type = "spc_t"). (#5403, @haircommander)

Bug or Regression

• Fix a segfault if a workload is configured without the resources table (#5486, @haircommander)
• Fix an RSS regression with exec sync requests (#5245, @haircommander)
• Fix bug where ip a reports Error: Peer netns reference is invalid (#5558, @haircommander)

Uncategorized

• Allow CRI-O to parse > SIGRTMIN signals (#5439, @openshift-cherrypick-robot)
• Do not log on startup if Intel RDT is not supported. (#5298, @openshift-cherrypick-robot)
• Fix a PID leak in situations where conmon fails to be moved into the pod cgroup (#5295, @openshift-cherrypick-robot)
• Fix a bug where CRI-O waits forever on a conmon process that will not stop (#5309, @openshift-cherrypick-robot)
• Fix a bug where CRI-O would never shutdown if the networking plugin wasn’t configured correctly (#5507, @openshift-cherrypick-robot)
• Fix a bug where inspectp verbose output was incomplete for pods with a dropped infra container (#5315, @openshift-cherrypick-robot)
• Fix a bug where a pod given a host IPC or network namespace could configure sysctls on the host (#5616, @openshift-cherrypick-robot)
• Fix a bug where host network containers couldn’t read their cgroup hierarchy (#5365, @openshift-cherrypick-robot)
• Fix a bug where situations of excessive load on nodes causes containers to never actually start (#5602, @openshift-cherrypick-robot)
• Fix a case where conmon children are sometimes leaked (#5503, @openshift-cherrypick-robot)
• Fixed missing quantile values in container_runtime_crio_operations_latency_microseconds_total metrics (#5259, @openshift-cherrypick-robot)
• Merge storage_option from drop-in files to sttorage_option from storage.conf (#5437, @openshift-cherrypick-robot)
• Move namespace cleanup from sandbox stop to sandbox remove. This allows veth entries in the network namespaces of pods to be cleaned up earlier (#5477, @openshift-cherrypick-robot)

Dependencies

Added

Nothing has changed.

Changed

• github.com/opencontainers/selinux: v1.8.4 → v1.9.1

Removed

Nothing has changed.