Skip to content

v0.16.0

Compare
Choose a tag to compare
@github-actions github-actions released this 13 Jan 06:31
v0.16.0
0ddaffd

Key features: support nerdctl.toml for global configuration, supporthosts.toml for configuring certs, improved integration of cosign

Changes:

Global:

nerdctl pull, nerdctl push, nerdctl login:

  • Support /etc/containerd/certs.d/<HOST:PORT>/hosts.toml (~/.config/containerd/certs.d/<HOST:PORT>/hosts.toml) for configuring certs (#642)

nerdctl run:

  • Add --verify=cosign and --cosign-key=KEY flags for cosign integration (#628, thanks to @junnplus)
  • Automatically generate a container name from the image name, e.g., nerdctl run nginx creates a container named "nginx-62edd" (#693)
  • Add --cpuset-mems, --cpu-quota, and --cpu-period options (#689, thanks to @ningmingxiao)
  • Add --rdt-class option for Intel RDT classes (#418, thanks to @marquiz)

nerdctl commit:

  • Add --pause=false option (#673, thanks to @fhke)
  • Support overriding ENTRYPOINT with --change option (#667, thanks to @tomfeigin)

nerdctl ipfs registry:

  • Add --read-retry-num and --read-timeout options (#676, thanks to @ktock)

nerdctl build:

nerdctl network rm:

nerdctl compose:

  • Support specifying service name for nerdctl compose pull/push (#621, thanks to @junnplus)
  • Support labels in nerdctl compose up --build (#664, thanks to @junnplus)
  • Support specifying subnets (#652, thanks to @junnplus)
  • Add --services, --volumes, and --hash options for nerdctl compose config (#632, thanks to @junnplus)
  • Add nerdctl compose kill command (#617, thanks to @junnplus)

nerdctl-full:

  • Update containerd (1.5.9), fuse-overlayfs (1.8), go-ipfs (0.11) (#670)

Other changes: https://github.com/containerd/nerdctl/milestone/11?closed=1

Thanks to @junnplus @JuozasVainauskas @fahedouch @fhke @ktock @liubin @marquiz @mrueg @ningmingxiao @stefanberger @tomfeigin

About the binaries

  • Minimal (nerdctl-0.16.0-linux-amd64.tar.gz): nerdctl only
  • Full (nerdctl-full-0.16.0-linux-amd64.tar.gz): Includes dependencies such as containerd, runc, and CNI

Minimal

Extract the archive to a path like /usr/local/bin or ~/bin .

tar Cxzvvf /usr/local/bin nerdctl-0.16.0-linux-amd64.tar.gz

-rwxr-xr-x root/root  27803648 2022-01-13 04:31 nerdctl
-rwxr-xr-x root/root     17308 2022-01-13 04:30 containerd-rootless-setuptool.sh
-rwxr-xr-x root/root      6972 2022-01-13 04:30 containerd-rootless.sh

Full

Extract the archive to a path like /usr/local or ~/.local .

tar Cxzvvf /usr/local nerdctl-full-0.16.0-linux-amd64.tar.gz

drwxr-xr-x 0/0               0 2022-01-13 04:42 bin/
-rwxr-xr-x 0/0        25845982 2015-10-21 00:00 bin/buildctl
-rwxr-xr-x 0/0        38767973 2015-10-21 00:00 bin/buildkitd
-rwxr-xr-x 0/0        49850400 2022-01-13 04:40 bin/containerd
-rwxr-xr-x 0/0         9752576 2021-11-19 07:44 bin/containerd-fuse-overlayfs-grpc
-rwxr-xr-x 0/0           17308 2022-01-13 04:38 bin/containerd-rootless-setuptool.sh
-rwxr-xr-x 0/0            6972 2022-01-13 04:38 bin/containerd-rootless.sh
-rwxr-xr-x 0/0         8376320 2022-01-13 04:40 bin/containerd-shim-runc-v2
-rwxr-xr-x 0/0        56691128 2021-11-18 10:54 bin/containerd-stargz-grpc
-rwxr-xr-x 0/0        19155554 2022-01-13 04:42 bin/ctd-decoder
-rwxr-xr-x 0/0        27080960 2022-01-13 04:39 bin/ctr
-rwxr-xr-x 0/0        28005345 2022-01-13 04:42 bin/ctr-enc
-rwxr-xr-x 0/0        29106648 2021-11-18 10:54 bin/ctr-remote
-rwxr-xr-x 0/0         2462352 2022-01-13 04:42 bin/fuse-overlayfs
-rwxr-xr-x 0/0        67841120 2021-12-09 18:37 bin/ipfs
-rwxr-xr-x 0/0        27774976 2022-01-13 04:38 bin/nerdctl
-rwxr-xr-x 0/0         9130136 2021-11-08 06:46 bin/rootlessctl
-rwxr-xr-x 0/0        10555302 2021-11-08 06:46 bin/rootlesskit
-rwxr-xr-x 0/0        13415232 2022-01-13 04:39 bin/runc
-rwxr-xr-x 0/0         3669824 2022-01-13 04:42 bin/slirp4netns
drwxr-xr-x 0/0               0 2022-01-13 04:42 lib/
drwxr-xr-x 0/0               0 2022-01-13 04:42 lib/systemd/
drwxr-xr-x 0/0               0 2022-01-13 04:42 lib/systemd/system/
-rw-r--r-- 0/0            1331 2022-01-13 04:42 lib/systemd/system/buildkit.service
-rw-r--r-- 0/0            1270 2022-01-13 04:38 lib/systemd/system/containerd.service
-rw-r--r-- 0/0             312 2022-01-13 04:42 lib/systemd/system/stargz-snapshotter.service
drwxr-xr-x 0/0               0 2022-01-13 04:42 libexec/
drwxrwxr-x 0/0               0 2022-01-13 04:42 libexec/cni/
-rwxr-xr-x 0/0         3990800 2021-09-07 19:48 libexec/cni/bandwidth
-rwxr-xr-x 0/0         4409304 2021-09-07 19:48 libexec/cni/bridge
-rwxr-xr-x 0/0         9784253 2021-09-07 19:49 libexec/cni/dhcp
-rwxr-xr-x 0/0         4553440 2021-09-07 19:48 libexec/cni/firewall
-rwxr-xr-x 0/0         4009601 2021-09-07 19:48 libexec/cni/host-device
-rwxr-xr-x 0/0         3402808 2021-09-07 19:49 libexec/cni/host-local
-rwxr-xr-x 0/0         4144654 2021-09-07 19:48 libexec/cni/ipvlan
-rwxr-xr-x 0/0         2166784 2021-09-27 06:35 libexec/cni/isolation
-rwxr-xr-x 0/0         3472123 2021-09-07 19:48 libexec/cni/loopback
-rwxr-xr-x 0/0         4216875 2021-09-07 19:48 libexec/cni/macvlan
-rwxr-xr-x 0/0         3924908 2021-09-07 19:48 libexec/cni/portmap
-rwxr-xr-x 0/0         4337802 2021-09-07 19:48 libexec/cni/ptp
-rwxr-xr-x 0/0         3682127 2021-09-07 19:48 libexec/cni/sbr
-rwxr-xr-x 0/0         2967017 2021-09-07 19:49 libexec/cni/static
-rwxr-xr-x 0/0         3622640 2021-09-07 19:48 libexec/cni/tuning
-rwxr-xr-x 0/0         4140657 2021-09-07 19:48 libexec/cni/vlan
-rwxr-xr-x 0/0         3715972 2021-09-07 19:48 libexec/cni/vrf
drwxr-xr-x 0/0               0 2022-01-13 04:39 share/
drwxr-xr-x 0/0               0 2022-01-13 04:39 share/doc/
drwxr-xr-x 0/0               0 2022-01-13 04:39 share/doc/nerdctl/
-rw-r--r-- 0/0           58004 2022-01-13 04:30 share/doc/nerdctl/README.md
drwxr-xr-x 0/0               0 2022-01-13 04:39 share/doc/nerdctl/docs/
-rw-r--r-- 0/0            2870 2022-01-13 04:30 share/doc/nerdctl/docs/cni.md
-rw-r--r-- 0/0            1848 2022-01-13 04:30 share/doc/nerdctl/docs/compose.md
-rw-r--r-- 0/0            3062 2022-01-13 04:30 share/doc/nerdctl/docs/config.md
-rw-r--r-- 0/0            3111 2022-01-13 04:30 share/doc/nerdctl/docs/cosign.md
-rw-r--r-- 0/0            2358 2022-01-13 04:30 share/doc/nerdctl/docs/dir.md
-rw-r--r-- 0/0             445 2022-01-13 04:30 share/doc/nerdctl/docs/experimental.md
-rw-r--r-- 0/0           13257 2022-01-13 04:30 share/doc/nerdctl/docs/faq.md
-rw-r--r-- 0/0            1196 2022-01-13 04:30 share/doc/nerdctl/docs/freebsd.md
-rw-r--r-- 0/0            2326 2022-01-13 04:30 share/doc/nerdctl/docs/gpu.md
-rw-r--r-- 0/0           12965 2022-01-13 04:30 share/doc/nerdctl/docs/ipfs.md
-rw-r--r-- 0/0            1667 2022-01-13 04:30 share/doc/nerdctl/docs/multi-platform.md
-rw-r--r-- 0/0            3198 2022-01-13 04:30 share/doc/nerdctl/docs/ocicrypt.md
-rw-r--r-- 0/0            1448 2022-01-13 04:30 share/doc/nerdctl/docs/registry.md
-rw-r--r-- 0/0            3626 2022-01-13 04:30 share/doc/nerdctl/docs/rootless.md
-rw-r--r-- 0/0            4835 2022-01-13 04:30 share/doc/nerdctl/docs/stargz.md
drwxr-xr-x 0/0               0 2022-01-13 04:42 share/doc/nerdctl-full/
-rw-r--r-- 0/0             952 2022-01-13 04:42 share/doc/nerdctl-full/README.md
-rw-r--r-- 0/0            5167 2022-01-13 04:42 share/doc/nerdctl-full/SHA256SUMS

Included components

See share/doc/nerdctl-full/README.md:

# nerdctl (full distribution)
- nerdctl: v0.16.0
- containerd: v1.5.9
- runc: v1.0.3
- CNI plugins: v1.0.1
- CNI isolation plugin: v0.0.4
- BuildKit: v0.9.3
- Stargz Snapshotter: v0.10.1
- imgcrypt: v1.1.2
- RootlessKit: v0.14.6
- slirp4netns: v1.1.12
- fuse-overlayfs: v1.8
- containerd-fuse-overlayfs: v1.0.4
- IPFS: v0.11.0

## License
- bin/slirp4netns:    [GNU GENERAL PUBLIC LICENSE, Version 2](https://github.com/rootless-containers/slirp4netns/blob/v1.1.12/COPYING)
- bin/fuse-overlayfs: [GNU GENERAL PUBLIC LICENSE, Version 3](https://github.com/containers/fuse-overlayfs/blob/v1.8/COPYING)
- bin/ipfs: [Combination of MIT-only license and dual MIT/Apache-2.0 license](https://github.com/ipfs/go-ipfs/blob/v0.11.0/LICENSE)
- bin/runc (Apache License 2.0) is statically linked with libseccomp ([LGPL 2.1](https://github.com/seccomp/libseccomp/blob/main/LICENSE))
- Other files: [Apache License 2.0](https://www.apache.org/licenses/LICENSE-2.0)

Quick start

Rootful

$ sudo systemctl enable --now containerd
$ sudo nerdctl run -d --name nginx -p 80:80 nginx:alpine

Rootless

$ containerd-rootless-setuptool.sh install
$ nerdctl run -d --name nginx -p 8080:80 nginx:alpine

Enabling cgroup v2 is highly recommended for rootless mode, see https://rootlesscontaine.rs/getting-started/common/cgroup2/ .


The binaries were built automatically on GitHub Actions.
The build log is available for 90 days: https://github.com/containerd/nerdctl/actions/runs/1691067303

The sha256sum of the SHA256SUMS file itself is ecc315881abee3d647c0eed2692e78ce26197262ddd04ae765e2911389ba791d .