rkt v1.29.0 Release Notes
Release Date: 2017-10-04 // over 6 years ago-
๐ This release contains a number of bugfixes, new features like the ability to share the host IPC namespace, dependency updates, and build system improvements.
๐ Bugfixes
- 0๏ธโฃ app/add: Use the image name as a default name for app (#3802). Make the
--name
flag optional like stated in the help message. - ๐ฒ stage1/init: activate systemd-journal-flush.service (#3807). It's needed to make systemd-journald write to /var/log/journal instead of /run/log/journal.
- ๐ง stage0/gc: try to avoid double overlay mounts (#3806). Before Linux 4.13, it used to be possible to perform double overlayfs mounts and now it's not, handle this case.
- api: add CreatedAt to v1.Pod (#3797). It might happen that the pod is created but we can't get its start time so we add a CreatedAt field to the API.
- lib: don't error out if we can't get the app exit code (#3800). This can happen if the pod dies but we don't have time to register the app exit code.
- image: set the header instead of adding it (#3796). The go http/client changes its behavior for redirect and header's copy since the go 1.8:
- lib/app: check in upper/ if the pod uses overlay (#3791). Getting creation/start time and status of applications will fail for pods using overlay if stage1 was unmounted (e.g. when rebooting).
- ๐ณ stage1: handle docker group semantics (#3792). Docker uses the UID as GID if you only specify the "user".
- ๐ stage1: support hybrid cgroup hierarchy (#3784). systemd introduced the hybrid cgroup hierarchy in v233, which was breaking the host flavor of rkt.
- pkg/keystore: ensure correct permissions on path creation (#3780). Allow writing to
/etc/rkt/trustedkeys
as a user in the rkt group in systems with restrictive umask. - networking: ensure the netns directory is mounted (#3761). Allows using rktnetes and rkt on the same host.
- stage1: fix systemd version fmt in error message (#3767). The previous version caused cryptic error messages.
๐ New features and UX changes
- app/add: Allow to define annotations for app from CLI (#3814).
- app/sandbox: Allow to define annotations for sandbox from CLI (#3816).
- ๐ stage0,rkt: don't require the pod to be running to remove apps (#3799).
- stage1: enable host IPC namespace (#3787). rkt normally creates a new IPC namespace for the pod. In order to stay in the host IPC namespace, a new option
--ipc=
was added. - rkt: bash completion code (#3774). This patch provides an implementation of the command used to generate completion code for the bash shell.
Other changes
- ๐ณ vendor: bump docker2aci to v0.17.0 (#3810).
- โก๏ธ vendor: update pborman/uuid to v1.1 (#3809).
- vendor: bump appc/spec to v0.8.11 (#3803).
- rkt_seccomp_test: Fix arm64 stat tests (#3804).
- ๐ง build: sort stage1 manifest files (#3808). To ease maintenance.
๐ท Build system
- 0๏ธโฃ app/add: Use the image name as a default name for app (#3802). Make the