This repository has been archived by the owner on Feb 24, 2020. It is now read-only.
v0.8.1
Pre-release
Pre-release
While the noticeable changes should be minimal, there are a huge number of bug fixes and improvements under the hood which sets us up nicely for a significant v0.9.0 release in the next couple of weeks.
A few notable UX changes in this release:
- Arguments can now be passed through to CNI plugins on the command line - see the networking documentation for details
- The default metadata service port has been changed from 2375 (which had an unfortunate conflict with an IANA registered/reserved port) to an arbitrary non-registered port, 18112
- The
APPNAME
field in the output ofrkt image list
has been changed to the more accurateNAME
rkt rm
now supports a variable number of arguments, allowing the removal of multiple pods simultaneously
Full list of changes:
- New features and UX changes:
rkt rm
is now variadic: it can now remove multiple pods in one command, by UUID- The
APPNAME
column inrkt image list
output has been changed to the more accurateNAME
. This involves a schema change in rkt's on-disk datastore, but this should be upgraded transparently. - Headers are now sent when following HTTP redirects while trying to retrieve an image
- The default metadata service port number was changed from a registered/reserved IANA port to an arbitrary port in the non-dynamic range
- Added the ability to override arguments for network plugins
- rkt will now error out if someone attempts to use
--private-users
with the lkvm backend
- Bug fixes:
- Fixed creation of /tmp in apps' root filesystems with correct permissions
- Fixed garbage collection after umounts (for example, if a system reboots before a pod is cleanly destroyed)
- Fixed a race in interactive mode when using the lkvm backend that could cause a deadlock or segfault
- Fixed bad parameter being passed to the metadata service ("uid" -> "uuid")
- Fixed setting of file permissions during stage1 set up
- Fixed a potential race condition during simultaneous
iptables
invocation - Fixed ACI download progress being sent to stderr instead of stdout, now consistent with the output during retrieval of Docker images
rkt help prepare
will now show the correct default stage1 image- rkt will refuse to add isolators with nil Limits, preventing a panic caused by an ambiguity in upstream appc schema
- Other changes:
- Reworked the SELinux implementation to use
systemd-nspawn
's native context-switching feature - Added a workaround for a bug in Docker <1.8 when it is run on the same system as rkt (see #1210 (comment))
- Added a
rkt-xxxx-tapN
name to tap devices that rkt creates - Functional tests now clean intermediate images between tests
- Countless improvements and cleanup to the build system
- Numerous documentation improvements, including splitting out all top-level
rkt
subcommands into their own documents
- Reworked the SELinux implementation to use