rkt v1.30.0 Release Notes

Release Date: 2018-04-16 // almost 6 years ago
  • 🚀 This release includes some small command line tweaks and adds support for CRI logging in iottymux which is required by rktlet.
    📚 It also fixes a number of bugs, adds a lot of new documentation, and updates some dependencies.

    🆕 New features

    • status: added read from uuid-file (#3860).
    • 📜 stage0/run: relax '--hosts-entry' parser (#3833).
    • 🔊 iottymux: store logs for kubelet in the appropriate location (#3798). This change is made for rktlet. iottymux will store the logs directly in the CRI format.
    • 👍 rkt: add AWS auth headerer support to rkt config (#3910).

    🛠 Bugfixes

    • 0️⃣ kvm: solve certain routing issues by using the same default bridge as CNI (#3905).
    • networking/portfwd: fix compare routeLocalnetValue (#3897).
    • list: add ip of non-running pods to status output (#3857).
    • stage1: execute pre-start/post-stop hooks as privileged (#3844). Even if we run the container as an unprivileged user.
    • stage1-fly/run: allow non absolute commands to be run (#3845).
    • rkt: prevent skipping some images in image gc (#3858).
    • 📜 rkt: skip parsing in case of an empty string (#3822). Fix issue where rkt app add fails with an error message like must give only one app, even when only one app name is given.

    👷 Build system

    • 🏗 scripts: Add libfdt to install deps (#3834). libfdt-dev is needed when building kernels for architectures that support a device tree.
    • 👉 makelib: Fix go-find-directories symlink problem (#3824).
    • scripts: adding missing dependecies to debian dependency installer (#3829).
    • 🏗 scripts/build-pkgs: use RPM file dependency for shadow tools (#3904).

    Other changes

    • 📚 Lots of documentation updates.
    • ⚡️ selinux: Update to latest (#3818).
    • ⚡️ travis: update go versions (#3821).
    • 🐳 vendor: bump docker2aci to v0.17.1 (#3835). It fixes an image pulling bug for some images in GCR.
    • 🛠 Fixes all the misspell (#3870).
    • stage1/usr_from_coreos: add new image signing subkey 0638EB2F (#3902).
    • 📦 tests: Use semaphore install-package (#3827).
    • 🏗 tests: Add verbose flag to build-and-run-tests.sh (#3819).

Previous changes from v1.29.0

  • 🛠 This release contains a number of bugfixes, new features like the ability to share the host IPC namespace, dependency updates, and build system improvements.

    🛠 Bugfixes

    • 0️⃣ app/add: Use the image name as a default name for app (#3802). Make the --name flag optional like stated in the help message.
    • 🌲 stage1/init: activate systemd-journal-flush.service (#3807). It's needed to make systemd-journald write to /var/log/journal instead of /run/log/journal.
    • 🐧 stage0/gc: try to avoid double overlay mounts (#3806). Before Linux 4.13, it used to be possible to perform double overlayfs mounts and now it's not, handle this case.
    • api: add CreatedAt to v1.Pod (#3797). It might happen that the pod is created but we can't get its start time so we add a CreatedAt field to the API.
    • lib: don't error out if we can't get the app exit code (#3800). This can happen if the pod dies but we don't have time to register the app exit code.
    • image: set the header instead of adding it (#3796). The go http/client changes its behavior for redirect and header's copy since the go 1.8:
    • lib/app: check in upper/ if the pod uses overlay (#3791). Getting creation/start time and status of applications will fail for pods using overlay if stage1 was unmounted (e.g. when rebooting).
    • 🐳 stage1: handle docker group semantics (#3792). Docker uses the UID as GID if you only specify the "user".
    • 👍 stage1: support hybrid cgroup hierarchy (#3784). systemd introduced the hybrid cgroup hierarchy in v233, which was breaking the host flavor of rkt.
    • pkg/keystore: ensure correct permissions on path creation (#3780). Allow writing to /etc/rkt/trustedkeys as a user in the rkt group in systems with restrictive umask.
    • networking: ensure the netns directory is mounted (#3761). Allows using rktnetes and rkt on the same host.
    • stage1: fix systemd version fmt in error message (#3767). The previous version caused cryptic error messages.

    🆕 New features and UX changes

    • app/add: Allow to define annotations for app from CLI (#3814).
    • app/sandbox: Allow to define annotations for sandbox from CLI (#3816).
    • 🚚 stage0,rkt: don't require the pod to be running to remove apps (#3799).
    • stage1: enable host IPC namespace (#3787). rkt normally creates a new IPC namespace for the pod. In order to stay in the host IPC namespace, a new option --ipc= was added.
    • rkt: bash completion code (#3774). This patch provides an implementation of the command used to generate completion code for the bash shell.

    Other changes

    • 🐳 vendor: bump docker2aci to v0.17.0 (#3810).
    • ⚡️ vendor: update pborman/uuid to v1.1 (#3809).
    • vendor: bump appc/spec to v0.8.11 (#3803).
    • rkt_seccomp_test: Fix arm64 stat tests (#3804).
    • 🚧 build: sort stage1 manifest files (#3808). To ease maintenance.

    👷 Build system

    • 🏗 build/stage1: support local systemd source for offline builds (#3746).
    • ⬆️ RPM/deb package can upgrade even if running pods (#3766).
    • src flavor: copy the real libnss_files.so.2 file from the host (#3764). It was copying a symbolic link instead.