Update cri to f1d492b0cdd14e76476ee4dd024696ce3634e501.#3548
Merged
AkihiroSuda merged 1 commit intocontainerd:masterfrom Aug 19, 2019
Merged
Update cri to f1d492b0cdd14e76476ee4dd024696ce3634e501.#3548AkihiroSuda merged 1 commit intocontainerd:masterfrom
AkihiroSuda merged 1 commit intocontainerd:masterfrom
Conversation
Signed-off-by: Lantao Liu <[email protected]>
Member
Author
|
Here is a diff of the release note to make the change more clear: 15c15
< Added plugins.cri.registry.tls_configs option to support TLS connections to registries. (containerd/cri#1143)
---
> Added plugins.cri.registry.configs option to support TLS and auth configs of registries. (containerd/cri#1143) NOTE: Non-mutual TLS is also supported. (#3521) (see registry.md for more details)
17a18
> Added privileged_without_host_devices runtime option to disable host devices for privileged pods for the runtime. This is especially useful for runtimes like kata. (containerd/cri#1213)
19c20
< Avoid Status lockup when CNI network setup/teardown is slow. (containerd/cri#1078)
---
> Avoided Status lockup when CNI network setup/teardown is slow. (containerd/cri#1078)
20a22,27
> Fixed a bug that https is still attempted when an http mirror is configured. (containerd/cri#1201)
> Supported URL path in plugins.cri.registry.mirrors, e.g. https://my.custom.registry/anypath. (containerd/cri#1227)
> Added wildcard * support plugins.cri.registry.mirrors. (containerd/cri#1196)
> Removed an unnecessary round-trip to the image registry when pulling image. (containerd/cri#1229)
> Updated cni library to v0.7.1 which has better context cancellation support. (containerd/cri#1236)
> Updated cni plugins to v0.7.6 to fix a race condition in the bridge plugin. (#3507)
25a33
> plugins.cri.registry.auths is deprecated, use plugins.cri.registry.configs instead. (containerd/cri#1227) |
|
Build succeeded.
|
Codecov Report
@@ Coverage Diff @@
## master #3548 +/- ##
=======================================
Coverage 44.94% 44.94%
=======================================
Files 115 115
Lines 12790 12790
=======================================
Hits 5748 5748
Misses 6170 6170
Partials 872 872
Continue to review full report at Codecov.
|
AkihiroSuda
approved these changes
Aug 19, 2019
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Containerd 1.3 is validated against v1.15, but it is also compatible with Kubernetes v1.12+. (See more details about support metrics)
Features
io.containerd.runc.v2runtime is fully validated and ready to be used in production. This helps minimizing per-pod resource overhead. Note thatio.containerd.runtime.v1.linuxis still the default runtime. (Use per-pod shim. cri#1075)pod_annotationsruntime option. Pod annotations specified in the list will be passed to the runtime as OCI annotations. This enables runtimes to support annotation-based experimental features. (Add support for passing sandbox annotations to runtime cri#1084)stream_idle_timeoption. This makes idle connection timeout of the streaming server configurable. (Add configurable timeout for idle streaming connections cri#1057)max_conf_numoption toplugins.cri.cni. This makes it possible to setup multiple CNI networks in a pod. NOTE: multi-network is not an officially supported feature in Kubernetes.(Make cni plugin config file num configurable cri#1154)plugins.cri.registry.configsoption to support TLS and auth configs of registries. (TLS auth with image registries cri#1143) NOTE: Non-mutual TLS is also supported. (Registry TLS Config usually no key file, only have crt file #3521) (see registry.md for more details)disable_tcp_serviceoption, and it is disabled by default. (Support a TCP endpoint cri#1181)max_concurrent_downloadsoption to restrict the number of concurrent downloads for each image. The default concurrency is3. (Add max concurrent downloads support. cri#1211)privileged_without_host_devicesruntime option to disable host devices for privileged pods for the runtime. This is especially useful for runtimes like kata. (runtime based privileged container translation cri#1213)Enhancements
Statuslockup when CNI network setup/teardown is slow. (Consider load cni conf in a goroutine to prevent stuckup in Status cri#1078)Status(crictl info) output. (adds cni config data to the cri status/info cri#1158)httpsis still attempted when anhttpmirror is configured. (Attempting to pull missing image from insecure registry gives wrong message cri#1201)plugins.cri.registry.mirrors, e.g.https://my.custom.registry/anypath. (New registry mirror cri#1227)*support inplugins.cri.registry.mirrors. (Add support for pull-through cache with registry cri#1196)bridgeplugin. (Bad test: CRI could not add IP address to \"cni0\": file exists #3507)Deprecation
ctr cri loadcommand is deprecated, usectr -n=k8s.io images importinstead.(Consolidatectr cri loadandctr importcri#909)plugins.cri.containerd.default_runtimeoption is deprecated, useplugins."io.containerd.grpc.v1.cri".containerd.default_runtime_nameinstead. ([config] Move DefaultRuntime to Runtimes cri#1076)systemd_cgroups,runtime_engineandruntime_rootare deprecated, use runtimeoptionsinstead. (Print warning message for deprecated options. cri#1217)runtimeHandlerfield is moved from the sandboxinfointostatus. (Add RuntimeHandler into PodSandbox and PodSandboxStatus cri#1063)plugins.cri.registry.authsis deprecated, useplugins.cri.registry.configsinstead. (New registry mirror cri#1227)Signed-off-by: Lantao Liu [email protected]