v2.0.1
·
96 commits
to main
since this release
v2.0.1
AkihiroSuda
Akihiro Suda
This tag was signed with the committer’s verified signature.
AkihiroSuda
Akihiro Suda
Changes
-
Config:
- Support customizing the default
$NERDCTL_BRIDGE_IP(#3640, thanks to @swagatbora90)
- Support customizing the default
-
Logging:
- json-file: Limit the default log size to 100MiB (#3670, thanks to @coderbirju)
- journald: add fields such as
CONTAINER_NAME(#3667, thanks to @haytok)
-
Network:
- Fix permissions for
/etc/{resolv.conf, hosts}with umask 0077 (#3708, thanks to @apostasie)
- Fix permissions for
-
Compose:
-
nerdctl-full:
Full changes: https://github.com/containerd/nerdctl/milestone/38?closed=1
Thanks to @ErikJiang @Zheaoli @apostasie @austinvazquez @coderbirju @djdongjin @haytok @pinglanlu @pqiaohaoq @ryfow @swagatbora90 @xyz-li @yankay
Compatible containerd versions
This release of nerdctl is expected to be used with containerd v1.6, v1.7, or v2.0.
About the binaries
- Minimal (
nerdctl-2.0.1-linux-amd64.tar.gz): nerdctl only - Full (
nerdctl-full-2.0.1-linux-amd64.tar.gz): Includes dependencies such as containerd, runc, and CNI
Minimal
Extract the archive to a path like /usr/local/bin or ~/bin .
tar Cxzvvf /usr/local/bin nerdctl-2.0.1-linux-amd64.tar.gz
-rwxr-xr-x root/root 26423448 2024-12-02 20:05 nerdctl
-rwxr-xr-x root/root 22657 2024-12-02 20:04 containerd-rootless-setuptool.sh
-rwxr-xr-x root/root 8708 2024-12-02 20:04 containerd-rootless.sh
Full
Extract the archive to a path like /usr/local or ~/.local .
tar Cxzvvf /usr/local nerdctl-full-2.0.1-linux-amd64.tar.gz
drwxr-xr-x 0/0 0 2024-12-02 20:12 bin/
-rwxr-xr-x 0/0 30399924 2015-10-21 00:00 bin/buildctl
-rwxr-xr-x 0/0 23724032 2022-09-05 09:52 bin/buildg
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-LICENSE -> ../libexec/cni/LICENSE
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-README.md -> ../libexec/cni/README.md
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-bandwidth -> ../libexec/cni/bandwidth
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-bridge -> ../libexec/cni/bridge
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-dhcp -> ../libexec/cni/dhcp
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-dummy -> ../libexec/cni/dummy
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-firewall -> ../libexec/cni/firewall
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-host-device -> ../libexec/cni/host-device
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-host-local -> ../libexec/cni/host-local
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-ipvlan -> ../libexec/cni/ipvlan
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-loopback -> ../libexec/cni/loopback
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-macvlan -> ../libexec/cni/macvlan
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-portmap -> ../libexec/cni/portmap
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-ptp -> ../libexec/cni/ptp
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-sbr -> ../libexec/cni/sbr
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-static -> ../libexec/cni/static
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-tap -> ../libexec/cni/tap
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-tuning -> ../libexec/cni/tuning
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-vlan -> ../libexec/cni/vlan
lrwxrwxrwx 0/0 0 2024-12-02 20:10 bin/buildkit-cni-vrf -> ../libexec/cni/vrf
-rwxr-xr-x 0/0 61474600 2015-10-21 00:00 bin/buildkitd
-rwxr-xr-x 0/0 15315664 2024-12-02 20:10 bin/bypass4netns
-rwxr-xr-x 0/0 5882008 2024-12-02 20:10 bin/bypass4netnsd
-rwxr-xr-x 0/0 38868944 2024-12-02 20:10 bin/containerd
-rwxr-xr-x 0/0 10494104 2024-11-05 23:12 bin/containerd-fuse-overlayfs-grpc
-rwxr-xr-x 0/0 22657 2024-12-02 20:12 bin/containerd-rootless-setuptool.sh
-rwxr-xr-x 0/0 8708 2024-12-02 20:12 bin/containerd-rootless.sh
-rwxr-xr-x 0/0 7721112 2024-12-02 20:10 bin/containerd-shim-runc-v2
-rwxr-xr-x 0/0 53428376 2024-11-27 14:44 bin/containerd-stargz-grpc
-rwxr-xr-x 0/0 22220133 2024-12-02 20:11 bin/ctd-decoder
-rwxr-xr-x 0/0 19710104 2024-12-02 20:10 bin/ctr
-rwxr-xr-x 0/0 29800853 2024-12-02 20:11 bin/ctr-enc
-rwxr-xr-x 0/0 21078168 2024-11-27 14:45 bin/ctr-remote
-rwxr-xr-x 0/0 1789968 2024-12-02 20:11 bin/fuse-overlayfs
-rwxr-xr-x 0/0 26390680 2024-12-02 20:12 bin/nerdctl
-rwxr-xr-x 0/0 11346380 2024-08-17 19:28 bin/rootlessctl
-rwxr-xr-x 0/0 13089548 2024-08-17 19:28 bin/rootlesskit
-rwxr-xr-x 0/0 15926160 2024-12-02 20:10 bin/runc
-rwxr-xr-x 0/0 2354520 2024-12-02 20:11 bin/slirp4netns
-rwxr-xr-x 0/0 9707672 2024-11-27 14:44 bin/stargz-store-helper
-rwxr-xr-x 0/0 870496 2024-12-02 20:11 bin/tini
drwxr-xr-x 0/0 0 2024-12-02 20:10 lib/
drwxr-xr-x 0/0 0 2024-12-02 20:10 lib/systemd/
drwxr-xr-x 0/0 0 2024-12-02 20:11 lib/systemd/system/
-rw-r--r-- 0/0 1325 2024-12-02 20:10 lib/systemd/system/buildkit.service
-rw-r--r-- 0/0 1264 2024-12-02 20:09 lib/systemd/system/containerd.service
-rw-r--r-- 0/0 312 2024-12-02 20:11 lib/systemd/system/stargz-snapshotter.service
drwxr-xr-x 0/0 0 2024-12-02 20:10 libexec/
drwxr-xr-x 0/0 0 2024-12-02 20:10 libexec/cni/
-rw-r--r-- 0/0 11357 2024-12-02 16:08 libexec/cni/LICENSE
-rw-r--r-- 0/0 2343 2024-12-02 16:08 libexec/cni/README.md
-rwxr-xr-x 0/0 4653925 2024-12-02 16:07 libexec/cni/bandwidth
-rwxr-xr-x 0/0 5286071 2024-12-02 16:07 libexec/cni/bridge
-rwxr-xr-x 0/0 12762833 2024-12-02 16:08 libexec/cni/dhcp
-rwxr-xr-x 0/0 4846921 2024-12-02 16:07 libexec/cni/dummy
-rwxr-xr-x 0/0 5313953 2024-12-02 16:07 libexec/cni/firewall
-rwxr-xr-x 0/0 4790557 2024-12-02 16:07 libexec/cni/host-device
-rwxr-xr-x 0/0 4055302 2024-12-02 16:08 libexec/cni/host-local
-rwxr-xr-x 0/0 4869442 2024-12-02 16:07 libexec/cni/ipvlan
-rwxr-xr-x 0/0 4113902 2024-12-02 16:07 libexec/cni/loopback
-rwxr-xr-x 0/0 4903047 2024-12-02 16:07 libexec/cni/macvlan
-rwxr-xr-x 0/0 4713168 2024-12-02 16:07 libexec/cni/portmap
-rwxr-xr-x 0/0 5075176 2024-12-02 16:07 libexec/cni/ptp
-rwxr-xr-x 0/0 4331809 2024-12-02 16:07 libexec/cni/sbr
-rwxr-xr-x 0/0 3650766 2024-12-02 16:08 libexec/cni/static
-rwxr-xr-x 0/0 4926373 2024-12-02 16:07 libexec/cni/tap
-rwxr-xr-x 0/0 4205491 2024-12-02 16:07 libexec/cni/tuning
-rwxr-xr-x 0/0 4858967 2024-12-02 16:07 libexec/cni/vlan
-rwxr-xr-x 0/0 4483701 2024-12-02 16:07 libexec/cni/vrf
drwxr-xr-x 0/0 0 2024-12-02 20:09 share/
drwxr-xr-x 0/0 0 2024-12-02 20:12 share/doc/
drwxr-xr-x 0/0 0 2024-12-02 20:12 share/doc/nerdctl/
-rw-r--r-- 0/0 12101 2024-12-02 20:04 share/doc/nerdctl/README.md
drwxr-xr-x 0/0 0 2024-12-02 20:04 share/doc/nerdctl/docs/
-rw-r--r-- 0/0 3953 2024-12-02 20:04 share/doc/nerdctl/docs/build.md
-rw-r--r-- 0/0 2570 2024-12-02 20:04 share/doc/nerdctl/docs/builder-debug.md
-rw-r--r-- 0/0 4779 2024-12-02 20:04 share/doc/nerdctl/docs/cni.md
-rw-r--r-- 0/0 77622 2024-12-02 20:04 share/doc/nerdctl/docs/command-reference.md
-rw-r--r-- 0/0 1814 2024-12-02 20:04 share/doc/nerdctl/docs/compose.md
-rw-r--r-- 0/0 5600 2024-12-02 20:04 share/doc/nerdctl/docs/config.md
-rw-r--r-- 0/0 9128 2024-12-02 20:04 share/doc/nerdctl/docs/cosign.md
-rw-r--r-- 0/0 5660 2024-12-02 20:04 share/doc/nerdctl/docs/cvmfs.md
drwxr-xr-x 0/0 0 2024-12-02 20:04 share/doc/nerdctl/docs/dev/
-rw-r--r-- 0/0 8587 2024-12-02 20:04 share/doc/nerdctl/docs/dev/store.md
-rw-r--r-- 0/0 2776 2024-12-02 20:04 share/doc/nerdctl/docs/dir.md
-rw-r--r-- 0/0 906 2024-12-02 20:04 share/doc/nerdctl/docs/experimental.md
-rw-r--r-- 0/0 14217 2024-12-02 20:04 share/doc/nerdctl/docs/faq.md
-rw-r--r-- 0/0 884 2024-12-02 20:04 share/doc/nerdctl/docs/freebsd.md
-rw-r--r-- 0/0 3273 2024-12-02 20:04 share/doc/nerdctl/docs/gpu.md
drwxr-xr-x 0/0 0 2024-12-02 20:04 share/doc/nerdctl/docs/images/
-rw-r--r-- 0/0 1540 2024-12-02 20:04 share/doc/nerdctl/docs/images/nerdctl-white.svg
-rw-r--r-- 0/0 1462 2024-12-02 20:04 share/doc/nerdctl/docs/images/nerdctl.svg
-rw-r--r-- 0/0 684421 2024-12-02 20:04 share/doc/nerdctl/docs/images/rootlessKit-network-design.png
-rw-r--r-- 0/0 14462 2024-12-02 20:04 share/doc/nerdctl/docs/ipfs.md
-rw-r--r-- 0/0 1755 2024-12-02 20:04 share/doc/nerdctl/docs/multi-platform.md
-rw-r--r-- 0/0 2960 2024-12-02 20:04 share/doc/nerdctl/docs/notation.md
-rw-r--r-- 0/0 2596 2024-12-02 20:04 share/doc/nerdctl/docs/nydus.md
-rw-r--r-- 0/0 3277 2024-12-02 20:04 share/doc/nerdctl/docs/ocicrypt.md
-rw-r--r-- 0/0 1876 2024-12-02 20:04 share/doc/nerdctl/docs/overlaybd.md
-rw-r--r-- 0/0 15657 2024-12-02 20:04 share/doc/nerdctl/docs/registry.md
-rw-r--r-- 0/0 8707 2024-12-02 20:04 share/doc/nerdctl/docs/rootless.md
-rw-r--r-- 0/0 2015 2024-12-02 20:04 share/doc/nerdctl/docs/soci.md
-rw-r--r-- 0/0 10312 2024-12-02 20:04 share/doc/nerdctl/docs/stargz.md
drwxr-xr-x 0/0 0 2024-12-02 20:04 share/doc/nerdctl/docs/testing/
-rw-r--r-- 0/0 4115 2024-12-02 20:04 share/doc/nerdctl/docs/testing/README.md
-rw-r--r-- 0/0 15068 2024-12-02 20:04 share/doc/nerdctl/docs/testing/tools.md
drwxr-xr-x 0/0 0 2024-12-02 20:11 share/doc/nerdctl-full/
-rw-r--r-- 0/0 1004 2024-12-02 20:11 share/doc/nerdctl-full/README.md
-rw-r--r-- 0/0 5713 2024-12-02 20:11 share/doc/nerdctl-full/SHA256SUMS
Included components
See share/doc/nerdctl-full/README.md:
# nerdctl (full distribution)
- nerdctl: v2.0.1
- containerd: v2.0.0
- runc: v1.2.2
- CNI plugins: v1.6.1
- BuildKit: v0.18.0
- Stargz Snapshotter: v0.16.2
- imgcrypt: v2.0.0-rc.1
- slirp4netns: v1.3.1
- bypass4netns: v0.4.1
- fuse-overlayfs: v1.14
- containerd-fuse-overlayfs: v2.0.0
- Tini: v0.19.0
- buildg: v0.4.1
- RootlessKit: v2.3.1
## License
- bin/slirp4netns: [GNU GENERAL PUBLIC LICENSE, Version 2](https://github.com/rootless-containers/slirp4netns/blob/v1.3.1/COPYING)
- bin/fuse-overlayfs: [GNU GENERAL PUBLIC LICENSE, Version 2](https://github.com/containers/fuse-overlayfs/blob/v1.14/COPYING)
- bin/{runc,bypass4netns,bypass4netnsd}: Apache License 2.0, statically linked with libseccomp ([LGPL 2.1](https://github.com/seccomp/libseccomp/blob/main/LICENSE), source code available at https://github.com/seccomp/libseccomp/)
- bin/tini: [MIT License](https://github.com/krallin/tini/blob/v0.19.0/LICENSE)
- Other files: [Apache License 2.0](https://www.apache.org/licenses/LICENSE-2.0)Quick start
Rootful
$ sudo systemctl enable --now containerd
$ sudo nerdctl run -d --name nginx -p 80:80 nginx:alpineRootless
$ containerd-rootless-setuptool.sh install
$ nerdctl run -d --name nginx -p 8080:80 nginx:alpineEnabling cgroup v2 is highly recommended for rootless mode, see https://rootlesscontaine.rs/getting-started/common/cgroup2/ .
The binaries were built automatically on GitHub Actions.
The build log is available for 90 days: https://github.com/containerd/nerdctl/actions/runs/12127066413
The sha256sum of the SHA256SUMS file itself is 608439147e8ec964c8083863890177709fb42b8a4d5aba00ed5c33a8205b5e8c .
Release manager: @AkihiroSuda
Contributors
ryfow, yankay, and 12 other contributors