v0.16.0
Key features: support nerdctl.toml
for global configuration, supporthosts.toml
for configuring certs, improved integration of cosign
Changes:
Global:
- Support
nerdctl.toml
for global configuration (#635)
nerdctl pull
, nerdctl push
, nerdctl login
:
- Support
/etc/containerd/certs.d/<HOST:PORT>/hosts.toml
(~/.config/containerd/certs.d/<HOST:PORT>/hosts.toml
) for configuring certs (#642)
nerdctl run
:
- Add
--verify=cosign
and--cosign-key=KEY
flags for cosign integration (#628, thanks to @junnplus) - Automatically generate a container name from the image name, e.g.,
nerdctl run nginx
creates a container named "nginx-62edd" (#693) - Add
--cpuset-mems
,--cpu-quota
, and--cpu-period
options (#689, thanks to @ningmingxiao) - Add
--rdt-class
option for Intel RDT classes (#418, thanks to @marquiz)
nerdctl commit
:
- Add
--pause=false
option (#673, thanks to @fhke) - Support overriding
ENTRYPOINT
with--change
option (#667, thanks to @tomfeigin)
nerdctl ipfs registry
:
nerdctl build
:
- Add
--label
option (#653, thanks to @junnplus) - Add a dummy
--rm
option (#649, thanks to @JuozasVainauskas)
nerdctl create
: - Add
nerdctl create
command (#647, thanks to @junnplus)
nerdctl network rm
:
nerdctl compose
:
- Support specifying service name for
nerdctl compose pull/push
(#621, thanks to @junnplus) - Support labels in
nerdctl compose up --build
(#664, thanks to @junnplus) - Support specifying subnets (#652, thanks to @junnplus)
- Add
--services
,--volumes
, and--hash
options fornerdctl compose config
(#632, thanks to @junnplus) - Add
nerdctl compose kill
command (#617, thanks to @junnplus)
nerdctl-full:
- Update containerd (1.5.9), fuse-overlayfs (1.8), go-ipfs (0.11) (#670)
Other changes: https://github.com/containerd/nerdctl/milestone/11?closed=1
Thanks to @junnplus @JuozasVainauskas @fahedouch @fhke @ktock @liubin @marquiz @mrueg @ningmingxiao @stefanberger @tomfeigin
About the binaries
- Minimal (
nerdctl-0.16.0-linux-amd64.tar.gz
): nerdctl only - Full (
nerdctl-full-0.16.0-linux-amd64.tar.gz
): Includes dependencies such as containerd, runc, and CNI
Minimal
Extract the archive to a path like /usr/local/bin
or ~/bin
.
tar Cxzvvf /usr/local/bin nerdctl-0.16.0-linux-amd64.tar.gz
-rwxr-xr-x root/root 27803648 2022-01-13 04:31 nerdctl
-rwxr-xr-x root/root 17308 2022-01-13 04:30 containerd-rootless-setuptool.sh
-rwxr-xr-x root/root 6972 2022-01-13 04:30 containerd-rootless.sh
Full
Extract the archive to a path like /usr/local
or ~/.local
.
tar Cxzvvf /usr/local nerdctl-full-0.16.0-linux-amd64.tar.gz
drwxr-xr-x 0/0 0 2022-01-13 04:42 bin/
-rwxr-xr-x 0/0 25845982 2015-10-21 00:00 bin/buildctl
-rwxr-xr-x 0/0 38767973 2015-10-21 00:00 bin/buildkitd
-rwxr-xr-x 0/0 49850400 2022-01-13 04:40 bin/containerd
-rwxr-xr-x 0/0 9752576 2021-11-19 07:44 bin/containerd-fuse-overlayfs-grpc
-rwxr-xr-x 0/0 17308 2022-01-13 04:38 bin/containerd-rootless-setuptool.sh
-rwxr-xr-x 0/0 6972 2022-01-13 04:38 bin/containerd-rootless.sh
-rwxr-xr-x 0/0 8376320 2022-01-13 04:40 bin/containerd-shim-runc-v2
-rwxr-xr-x 0/0 56691128 2021-11-18 10:54 bin/containerd-stargz-grpc
-rwxr-xr-x 0/0 19155554 2022-01-13 04:42 bin/ctd-decoder
-rwxr-xr-x 0/0 27080960 2022-01-13 04:39 bin/ctr
-rwxr-xr-x 0/0 28005345 2022-01-13 04:42 bin/ctr-enc
-rwxr-xr-x 0/0 29106648 2021-11-18 10:54 bin/ctr-remote
-rwxr-xr-x 0/0 2462352 2022-01-13 04:42 bin/fuse-overlayfs
-rwxr-xr-x 0/0 67841120 2021-12-09 18:37 bin/ipfs
-rwxr-xr-x 0/0 27774976 2022-01-13 04:38 bin/nerdctl
-rwxr-xr-x 0/0 9130136 2021-11-08 06:46 bin/rootlessctl
-rwxr-xr-x 0/0 10555302 2021-11-08 06:46 bin/rootlesskit
-rwxr-xr-x 0/0 13415232 2022-01-13 04:39 bin/runc
-rwxr-xr-x 0/0 3669824 2022-01-13 04:42 bin/slirp4netns
drwxr-xr-x 0/0 0 2022-01-13 04:42 lib/
drwxr-xr-x 0/0 0 2022-01-13 04:42 lib/systemd/
drwxr-xr-x 0/0 0 2022-01-13 04:42 lib/systemd/system/
-rw-r--r-- 0/0 1331 2022-01-13 04:42 lib/systemd/system/buildkit.service
-rw-r--r-- 0/0 1270 2022-01-13 04:38 lib/systemd/system/containerd.service
-rw-r--r-- 0/0 312 2022-01-13 04:42 lib/systemd/system/stargz-snapshotter.service
drwxr-xr-x 0/0 0 2022-01-13 04:42 libexec/
drwxrwxr-x 0/0 0 2022-01-13 04:42 libexec/cni/
-rwxr-xr-x 0/0 3990800 2021-09-07 19:48 libexec/cni/bandwidth
-rwxr-xr-x 0/0 4409304 2021-09-07 19:48 libexec/cni/bridge
-rwxr-xr-x 0/0 9784253 2021-09-07 19:49 libexec/cni/dhcp
-rwxr-xr-x 0/0 4553440 2021-09-07 19:48 libexec/cni/firewall
-rwxr-xr-x 0/0 4009601 2021-09-07 19:48 libexec/cni/host-device
-rwxr-xr-x 0/0 3402808 2021-09-07 19:49 libexec/cni/host-local
-rwxr-xr-x 0/0 4144654 2021-09-07 19:48 libexec/cni/ipvlan
-rwxr-xr-x 0/0 2166784 2021-09-27 06:35 libexec/cni/isolation
-rwxr-xr-x 0/0 3472123 2021-09-07 19:48 libexec/cni/loopback
-rwxr-xr-x 0/0 4216875 2021-09-07 19:48 libexec/cni/macvlan
-rwxr-xr-x 0/0 3924908 2021-09-07 19:48 libexec/cni/portmap
-rwxr-xr-x 0/0 4337802 2021-09-07 19:48 libexec/cni/ptp
-rwxr-xr-x 0/0 3682127 2021-09-07 19:48 libexec/cni/sbr
-rwxr-xr-x 0/0 2967017 2021-09-07 19:49 libexec/cni/static
-rwxr-xr-x 0/0 3622640 2021-09-07 19:48 libexec/cni/tuning
-rwxr-xr-x 0/0 4140657 2021-09-07 19:48 libexec/cni/vlan
-rwxr-xr-x 0/0 3715972 2021-09-07 19:48 libexec/cni/vrf
drwxr-xr-x 0/0 0 2022-01-13 04:39 share/
drwxr-xr-x 0/0 0 2022-01-13 04:39 share/doc/
drwxr-xr-x 0/0 0 2022-01-13 04:39 share/doc/nerdctl/
-rw-r--r-- 0/0 58004 2022-01-13 04:30 share/doc/nerdctl/README.md
drwxr-xr-x 0/0 0 2022-01-13 04:39 share/doc/nerdctl/docs/
-rw-r--r-- 0/0 2870 2022-01-13 04:30 share/doc/nerdctl/docs/cni.md
-rw-r--r-- 0/0 1848 2022-01-13 04:30 share/doc/nerdctl/docs/compose.md
-rw-r--r-- 0/0 3062 2022-01-13 04:30 share/doc/nerdctl/docs/config.md
-rw-r--r-- 0/0 3111 2022-01-13 04:30 share/doc/nerdctl/docs/cosign.md
-rw-r--r-- 0/0 2358 2022-01-13 04:30 share/doc/nerdctl/docs/dir.md
-rw-r--r-- 0/0 445 2022-01-13 04:30 share/doc/nerdctl/docs/experimental.md
-rw-r--r-- 0/0 13257 2022-01-13 04:30 share/doc/nerdctl/docs/faq.md
-rw-r--r-- 0/0 1196 2022-01-13 04:30 share/doc/nerdctl/docs/freebsd.md
-rw-r--r-- 0/0 2326 2022-01-13 04:30 share/doc/nerdctl/docs/gpu.md
-rw-r--r-- 0/0 12965 2022-01-13 04:30 share/doc/nerdctl/docs/ipfs.md
-rw-r--r-- 0/0 1667 2022-01-13 04:30 share/doc/nerdctl/docs/multi-platform.md
-rw-r--r-- 0/0 3198 2022-01-13 04:30 share/doc/nerdctl/docs/ocicrypt.md
-rw-r--r-- 0/0 1448 2022-01-13 04:30 share/doc/nerdctl/docs/registry.md
-rw-r--r-- 0/0 3626 2022-01-13 04:30 share/doc/nerdctl/docs/rootless.md
-rw-r--r-- 0/0 4835 2022-01-13 04:30 share/doc/nerdctl/docs/stargz.md
drwxr-xr-x 0/0 0 2022-01-13 04:42 share/doc/nerdctl-full/
-rw-r--r-- 0/0 952 2022-01-13 04:42 share/doc/nerdctl-full/README.md
-rw-r--r-- 0/0 5167 2022-01-13 04:42 share/doc/nerdctl-full/SHA256SUMS
Included components
See share/doc/nerdctl-full/README.md
:
# nerdctl (full distribution)
- nerdctl: v0.16.0
- containerd: v1.5.9
- runc: v1.0.3
- CNI plugins: v1.0.1
- CNI isolation plugin: v0.0.4
- BuildKit: v0.9.3
- Stargz Snapshotter: v0.10.1
- imgcrypt: v1.1.2
- RootlessKit: v0.14.6
- slirp4netns: v1.1.12
- fuse-overlayfs: v1.8
- containerd-fuse-overlayfs: v1.0.4
- IPFS: v0.11.0
## License
- bin/slirp4netns: [GNU GENERAL PUBLIC LICENSE, Version 2](https://github.com/rootless-containers/slirp4netns/blob/v1.1.12/COPYING)
- bin/fuse-overlayfs: [GNU GENERAL PUBLIC LICENSE, Version 3](https://github.com/containers/fuse-overlayfs/blob/v1.8/COPYING)
- bin/ipfs: [Combination of MIT-only license and dual MIT/Apache-2.0 license](https://github.com/ipfs/go-ipfs/blob/v0.11.0/LICENSE)
- bin/runc (Apache License 2.0) is statically linked with libseccomp ([LGPL 2.1](https://github.com/seccomp/libseccomp/blob/main/LICENSE))
- Other files: [Apache License 2.0](https://www.apache.org/licenses/LICENSE-2.0)
Quick start
Rootful
$ sudo systemctl enable --now containerd
$ sudo nerdctl run -d --name nginx -p 80:80 nginx:alpine
Rootless
$ containerd-rootless-setuptool.sh install
$ nerdctl run -d --name nginx -p 8080:80 nginx:alpine
Enabling cgroup v2 is highly recommended for rootless mode, see https://rootlesscontaine.rs/getting-started/common/cgroup2/ .
The binaries were built automatically on GitHub Actions.
The build log is available for 90 days: https://github.com/containerd/nerdctl/actions/runs/1691067303
The sha256sum of the SHA256SUMS file itself is ecc315881abee3d647c0eed2692e78ce26197262ddd04ae765e2911389ba791d
.