18.06.0-ce-rc1

Changelog

For more information on the list of deprecated flags and APIs, have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

18.06.0-ce (2018-07-DD)

Important notes about this release

• TODO: Notice here for release cycle change

Builder

• Builder: fix layer leak on multi-stage wildcard copy. moby/moby#37178
• Fix parsing of invalid environment variable substitution . moby/moby#37134
• Builder: use the arch info from base image. moby/moby#36816 moby/moby#37197
• Experimental BuildKit support. moby/moby#37151 docker/cli#1111

• Fix handling uppercase targets names in multi-stage builds. moby/moby#36960

Client

• Bump spf13/cobra to v0.0.3, pflag to v1.0.1. moby/moby#37106
• Add support for the new Stack API for Kubernetes v1beta2. docker/cli#899
• K8s: more robust stack error detection on deploy. docker/cli#948
• Support for rollback config in compose 3.7. docker/cli#409
• Update Cobra and pflag, and use built-in --version feature. docker/cli#1069
• Fix docker stack deploy --prune with empty name removing all services. docker/cli#1088
• [Kubernetes] stack services filters. docker/cli#1023

• Only show orchestrator flag in root, stack and version commands in help. docker/cli#1106
• Add an Extras field on the compose config types. docker/cli#1126
• Add options to the compose loader. docker/cli#1128

• Fix always listing nodes in docker stack ps command on Kubernetes. docker/cli#1093
• Fix output being shown twice on stack rm error message. docker/cli#1093

• Extend client API with custom HTTP requests. moby/moby#37071
• Changed error message for unreadable files to clarify possibility of a .Dockerignore entry. docker/cli#1053
• Restrict kubernetes.allNamespaces value to 'enabled' or 'disabled' in configuration file. docker/cli#1087
• Check errors when initializing the docker client in the help command. docker/cli#1119
• Better namespace experience with Kubernetes. Fix using namespace defined in ~/.kube/config for stack commands. Add a NAMESPACE column for docker stack ls command. Add a --all-namespaces flag for docker stack ls command. docker/cli#991
• Export Push and Save. docker/cli#1123
• Export pull as a public function. docker/cli#1026
• Remove Kubernetes commands from experimental. docker/cli#1068
• Adding configs/secrets to service inspect pretty. docker/cli#1006

• Fix service filtering by name on Kubernetes. docker/cli#1101
• Fix component information alignment in docker version. docker/cli#1065
• Fix cpu/memory limits and reservations being reset on service update. docker/cli#1079

• Manifest list: request specific permissions. docker/cli#1024
• Setting --orchestrator=all also sets --all-namespaces unless specific --namespace are set. docker/cli#1059

• Fix panics when --compress and --stream are used together. docker/cli#1105

• Switch from x/net/context to context. docker/cli#1038

• Add --init option to docker service create. docker/cli#479
• Fixed bug displaying garbage output for build command when --stream and --quiet flags combined. docker/cli#1090
• Add init support in 3.7 schema. docker/cli#1129

• Fix docker trust signer removal. docker/cli#1112
• Fix error message from docker inspect. docker/cli#1071

• Allow x-* extension on 3rd level objects. docker/cli#1097
• An invalid orchestrator now generates an error instead of being silently ignored. docker/cli#1055
• Added ORCHESTRATOR column to docker stack ls command. docker/cli#973
• Warn when using host-ip for published ports for services. docker/cli#1017

• Added the option to enable experimental cli features through the DOCKER_CLI_EXPERIMENTAL environment variable. docker/cli#1138
• Add exec_die to the list of known container events. docker/cli#1028

• [K8s] Do env-variable expansion on the uninterpreted Config files. docker/cli#974

• Print warnings on stderr for each unsupported features while parsing a compose file for deployment on Kubernetes. docker/cli#903
• Added description about pids count. docker/cli#1045

• Warn user of filter when pruning. docker/cli#1043
• Fix --rollback-* options overwriting --update-* options. docker/cli#1052

• Update Attach, Build, Commit, Cp, Create subcommand fish completions. docker/cli#1005

Deprecation

• Document reserved namespaces deprecation. docker/cli#1040

Logging

• Allow awslogs to use non-blocking mode. moby/moby#36522
• Improve logging of long log lines on fluentd log driver.. moby/moby#36159
• Re-order CHANGELOG.md to pass make validate test. moby/moby#37047
• Update Events, Exec, Export, History, Images, Import, Inspect, Load, and Login subcommand fish completions. docker/cli#1061
• Update documentation for RingLogger's ring buffer. moby/moby#37084

• Add metrics for log failures/partials. moby/moby#37034

• Fix logging plugin crash unrecoverable. moby/moby#37028
• Fix logging test type. moby/moby#37070
• Fix race conditions in logs API. moby/moby#37062
• Fix some issues in logfile reader and rotation. moby/moby#37063

Networking

• Allow user to specify default address pools for docker networks. moby/moby#36396 docker/cli#818
• Adding logs for ipam state doccker/libnetwork#2417
• Fix race conditions in the overlay network driver doccker/libnetwork#2143
• Add wait time into xtables lock warning doccker/libnetwork#2142
• filter xtables lock warnings when firewalld is active doccker/libnetwork#2135
• Switch from x/net/context to context doccker/libnetwork#2140
• Adding a recovery mechanism for a split gossip cluster doccker/libnetwork#2134
• Running docker inspect on network attachment tasks now returns a full task object. moby/moby#35246
• Some container/network cleanups. moby/moby#37033

• Fix network inspect for overlay network. moby/moby#37045

Runtime

• Aufs: log why aufs is not supported. moby/moby#36995
• Hide experimental checkpoint features on Windows. docker/cli#1094
• Lcow: Allow the client to customize capabilities and device cgroup rules for LCOW containers. moby/moby#37294
• Changed path given for executable output in windows to actual location of executable output. moby/moby#37295

• Add windows recycle bin test and update hcsshim to v0.6.11. moby/moby#36994

• Allow to add any args when doing a make run. moby/moby#37190
• Optimize ContainerTop() aka docker top. moby/moby#37131

• Fix compilation on 32bit machines. moby/moby#37292

• Update API version to v1 38. [moby/moby#37141](https://github.com/...

18.05.0-ce

Changelog

For more information on the list of deprecated flags and APIs, have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

18.05.0-ce (2018-05-09)

Builder

• Adding netbsd compatibility to the package pkg/term. moby/moby#36887
• Standardizes output path for artifacts of intermediate builds to /build/. moby/moby#36858

Client

• Fix docker stack deploy reference flag. docker/cli#981
• Fix docker stack deploy re-deploying services after the service was updated with --force. docker/cli#963

• Add bash completion for secret|config create --template-driver. docker/cli#1004
• Add fish completions for docker trust subcommand. docker/cli#984

• Fix --format example for docker history. docker/cli#980
• Fix error with merge composefile with networks. docker/cli#983

Logging

• Standardized the properties of storage-driver log messages. moby/moby#36492
• Improve partial message support in logger. moby/moby#35831

Networking

• Allow for larger preset property values, do not override. docker/libnetwork#2124
• networkdb: User write lock in handleNodeEvent. docker/libnetwork#2136

• Import libnetwork fix for rolling updates. moby/moby#36638
• Update libnetwork to improve scalabiltiy of bridge network isolation rules. moby/moby#36774

• Fix a misused network object name. moby/moby#36745

Runtime

• LCOW: Implement docker save. moby/moby#36599
• Pkg: devmapper: dynamically load dm_task_deferred_remove. moby/moby#35518
• Windows: Add GetLayerPath implementation in graphdriver. moby/moby#36738

• Fix Windows layer leak when write fails. moby/moby#36728
• Fix FIFO, sockets and device files when run in user NS. moby/moby#36756
• Fix docker version output alignment. docker/cli#965

• Always make sysfs read-write with privileged. moby/moby#36808
• Bump Golang to 1.10.1. moby/moby#35739
• Bump containerd client. moby/moby#36684
• Bump golang.org/x/net to go1.10 release commit. moby/moby#36894
• Context.WithTimeout: do call the cancel func. moby/moby#36920
• Copy: avoid using all system memory with authz plugins. moby/moby#36595
• Daemon/cluster: handle partial attachment entries during configure. moby/moby#36769
• Don't make container mount unbindable. moby/moby#36768
• Extra check before unmounting on shutdown. moby/moby#36879
• Move mount parsing to separate package. moby/moby#36896
• No global volume driver store. moby/moby#36637
• Pkg/mount improvements. moby/moby#36091
• Relax some libcontainerd client locking. moby/moby#36848
• Remove daemon dependency on api packages. moby/moby#36912
• Remove the retries for service update. moby/moby#36827
• Revert unencryted storage warning prompt. docker/cli#1008
• Support cancellation in directory.Size(). moby/moby#36734
• Switch from x/net/context -> context. moby/moby#36904
• Fixed a function to check Content-type is application/json or not. moby/moby#36778

• Add default pollSettings config functions. moby/moby#36706
• Add if judgment before receiving operations on daemonWaitCh. moby/moby#36651

• Fix issues with running volume tests as non-root.. moby/moby#36935

Swarm Mode

• RoleManager will remove detected nodes from the cluster membership docker/swarmkit#2548
• Scheduler/TaskReaper: handle unassigned tasks marked for shutdown docker/swarmkit#2574
• Avoid predefined error log. docker/swarmkit#2561
• Task reaper should delete tasks with removed slots that were not yet assigned. docker/swarmkit#2557
• Agent reports FIPS status. docker/swarmkit#2587

• Fix: timeMutex critical operation outside of critical section. docker/swarmkit#2603

• Expose swarmkit's Raft tuning parameters in engine config. moby/moby#36726
• Make internal/test/daemon.Daemon swarm aware. moby/moby#36826

18.03.1-ce

Changelog

For more information on the list of deprecated flags and APIs please have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

18.03.1-ce (2018-04-26)

Client

• Fix error with merge compose file with networks docker/cli#983

• Fix docker stack deploy re-deploying services after the service was updated with --force docker/cli#963
• Fix docker version output alignment docker/cli#965

Runtime

• Fix AppArmor profiles not being applied to docker exec processes moby/moby#36466
• Don't sort plugin mount slice moby/moby#36711
• Daemon/cluster: handle partial attachment entries during configure moby/moby#36769

• Bump Golang to 1.9.5 moby/moby#36779 docker/cli#986

• Daemon/stats: more resilient cpu sampling moby/moby#36519

• Containerd: update to 1.0.3 release moby/moby#36749

• Fix Windows layer leak when write fails moby/moby#36728

• Don't make container mount unbindable moby/moby#36768

• Fix Daemon panics on container export after a daemon restart moby/moby/36586
• Fix digest cache being removed on autherrors moby/moby#36509
• Make sure plugin container is removed on failure moby/moby#36715
• Copy: avoid using all system memory with authz plugins moby/moby#36595
• Relax some libcontainerd client locking moby/moby#36848

Swarm Mode

• Increase raft Election tick to 10 times Heartbeat tick moby/moby#36672

Networking

• Gracefully remove LB endpoints from services docker/libnetwork#2112
• Retry other external DNS servers on ServFail docker/libnetwork#2121
• Improve scalabiltiy of bridge network isolation rules docker/libnetwork#2117
• Allow for larger preset property values, do not override docker/libnetwork#2124
• Prevent panics on concurrent reads/writes when calling changeNodeState docker/libnetwork#2136

18.03.0-ce (2018-03-21)

Builder

• Switch to -buildmode=pie moby/moby#34369
• Allow Dockerfile to be outside of build-context docker/cli#886
• Builder: fix wrong cache hits building from tars moby/moby#36329

• Fixes files leaking to other images in a multi-stage build moby/moby#36338

Client

• Simplify the marshaling of compose types.Config docker/cli#895

• Add support for multiple composefile when deploying docker/cli#569

• Fix broken Kubernetes stack flags docker/cli#831
• Fix stack marshaling for Kubernetes docker/cli#890
• Fix and simplify bash completion for service env, mounts and labels docker/cli#682
• Fix before and since filter for docker ps moby/moby#35938
• Fix --label-file weird behavior docker/cli#838
• Fix compilation of defaultCredentialStore() on unsupported platforms docker/cli#872

• Improve and fix bash completion for images docker/cli#717

• Added check for empty source in bind mount docker/cli#824

• Fix TLS from environment variables in client moby/moby#36270

• docker build now runs faster when registry-specific credential helper(s) are configured docker/cli#840
• Update event filter zsh completion with disable, enable, install and remove docker/cli#372
• Produce errors when empty ids are passed into inspect calls moby/moby#36144
• Marshall version for the k8s controller docker/cli#891
• Set a non-zero timeout for HTTP client communication with plugin backend docker/cli#883

• Add DOCKER_TLS environment variable for --tls option docker/cli#863
• Add --template-driver option for secrets/configs docker/cli#896
• Move docker trust commands out of experimental docker/cli#934 docker/cli#935 docker/cli#944

Logging

• AWS logs - don't add new lines to maximum sized events moby/moby#36078
• Move log validator logic after plugins are loaded moby/moby#36306
• Support a proxy in Splunk log driver moby/moby#36220

• Fix log tail with empty logs moby/moby#36305

Networking

• Libnetwork revendoring moby/moby#36137

• Fix for deadlock on exit with Memberlist revendor docker/libnetwork#2040

• Fix user specified ndots option docker/libnetwork#2065

• Fix to use ContainerID for Windows instead of SandboxID docker/libnetwork#2010

• Verify NetworkingConfig to make sure EndpointSettings is not nil moby/moby#36077

• Fix DockerNetworkInternalMode issue moby/moby#36298
• Fix race in attachable network attachment moby/moby#36191
• Fix timeout issue of InspectNetwork on AArch64 moby/moby#36257

• Verbose info is missing for partial overlay ID moby/moby#35989
• Update FindNetwork to address network name duplications moby/moby#30897
• Disallow attaching ingress network docker/swarmkit#2523

• Prevent implicit removal of the ingress network moby/moby#36538
• Fix stale HNS endpoints on Windows moby/moby#36603
• IPAM fixes for duplicate IP addresses docker/libnetwork#2104 docker/libnetwork#2105

Runtime

• Enable HotAdd for Windows moby/moby#35414
• LCOW: Graphdriver fix deadlock in hotRemoveVHDs moby/moby#36114
• LCOW: Regular mount if only one layer moby/moby#36052
• Remove interim env var LCOW_API_PLATFORM_IF_OMITTED moby/moby#36269
• Revendor Microsoft/opengcs @ v0.3.6 moby/moby#36108

• Fix issue of ExitCode and PID not show up in Task.Status.ContainerStatus moby/moby#36150
• Fix issue with plugin scanner going too deep moby/moby#36119

• Do not make graphdriver homes private mounts moby/moby#36047
• Do not recursive unmount on cleanup of zfs/btrfs moby/moby#36237
• Don't restore image if layer does not exist moby/moby#36304
• Adjust minimum API version for templated configs/secrets moby/moby#36366
• Bump containerd to 1.0.2 (cfd04396dc68220d1cecbe686a6cc3aa5ce3667c) moby/moby#36308
• Bump Golang to 1.9.4 moby/moby#36243
• Ensure daemon root is unmounted on shutdown moby/moby#36107

• Fix container cleanup on daemon restart moby/moby#36249

• Support SCTP port mapping (bump up API to v1.37) moby/moby#33922
• Support SCTP port mapping docker/cli#278

• Fix Volumes property definition in ContainerConfig moby/moby#35946

• Bump moby and dependencies docker/cli#829
• C.RWLayer: check for nil before use moby/moby#36242

• Add REMOVE and ORPHANED to TaskState moby/moby#36146

• Fixed error detection using IsErrNotFound and IsErrNotImplemented for ContainerStatPath, CopyFromContainer, and CopyToContainer methods [moby/moby#35979](...

18.05.0-ce-rc1

Changelog

For more information on the list of deprecated flags and APIs, have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

18.05.0-ce (2018-05-DD)

Builder

• Adding netbsd compatibility to the package pkg/term. moby/moby#36887
• Standardizes output path for artifacts of intermediate builds to /build/. moby/moby#36858

Client

• Fix docker stack deploy reference flag. docker/cli#981
• Fix docker stack deploy re-deploying services after the service was updated with --force. docker/cli#963

• Add bash completion for secret|config create --template-driver. docker/cli#1004
• Add fish completions for docker trust subcommand. docker/cli#984

• Fix --format example for docker history. docker/cli#980
• Fix error with merge composefile with networks. docker/cli#983

Logging

• Standardized the properties of storage-driver log messages. moby/moby#36492
• Improve partial message support in logger. moby/moby#35831

Networking

• Allow for larger preset property values, do not override. docker/libnetwork#2124
• networkdb: User write lock in handleNodeEvent. docker/libnetwork#2136

• Import libnetwork fix for rolling updates. moby/moby#36638
• Update libnetwork to improve scalabiltiy of bridge network isolation rules. moby/moby#36774

• Fix a misused network object name. moby/moby#36745

Runtime

• LCOW: Implement docker save. moby/moby#36599
• Pkg: devmapper: dynamically load dm_task_deferred_remove. moby/moby#35518
• Windows: Add GetLayerPath implementation in graphdriver. moby/moby#36738

• Fix Windows layer leak when write fails. moby/moby#36728
• Fix FIFO, sockets and device files when run in user NS. moby/moby#36756
• Fix docker version output alignment. docker/cli#965

• Always make sysfs read-write with privileged. moby/moby#36808
• Bump Golang to 1.10.1. moby/moby#35739
• Bump containerd client. moby/moby#36684
• Bump golang.org/x/net to go1.10 release commit. moby/moby#36894
• Context.WithTimeout: do call the cancel func. moby/moby#36920
• Copy: avoid using all system memory with authz plugins. moby/moby#36595
• Daemon/cluster: handle partial attachment entries during configure. moby/moby#36769
• Don't make container mount unbindable. moby/moby#36768
• Extra check before unmounting on shutdown. moby/moby#36879
• Move mount parsing to separate package. moby/moby#36896
• No global volume driver store. moby/moby#36637
• Pkg/mount improvements. moby/moby#36091
• Relax some libcontainerd client locking. moby/moby#36848
• Remove daemon dependency on api packages. moby/moby#36912
• Remove the retries for service update. moby/moby#36827
• Revert unencryted storage warning prompt. docker/cli#1008
• Support cancellation in directory.Size(). moby/moby#36734
• Switch from x/net/context -> context. moby/moby#36904
• Fixed a function to check Content-type is application/json or not. moby/moby#36778

• Add default pollSettings config functions. moby/moby#36706
• Add if judgment before receiving operations on daemonWaitCh. moby/moby#36651

• Fix issues with running volume tests as non-root.. moby/moby#36935

Swarm Mode

• RoleManager will remove detected nodes from the cluster membership docker/swarmkit#2548
• Scheduler/TaskReaper: handle unassigned tasks marked for shutdown docker/swarmkit#2574
• Avoid predefined error log. docker/swarmkit#2561
• Task reaper should delete tasks with removed slots that were not yet assigned. docker/swarmkit#2557
• Agent reports FIPS status. docker/swarmkit#2587

• Fix: timeMutex critical operation outside of critical section. docker/swarmkit#2603

• Expose swarmkit's Raft tuning parameters in engine config. moby/moby#36726
• Make internal/test/daemon.Daemon swarm aware. moby/moby#36826

18.03.1-ce-rc2

Changelog

For more information on the list of deprecated flags and APIs please have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

18.03.1-ce (2018-04-DD)

Client

• Fix error with merge compose file with networks docker/cli#983

• Fix docker stack deploy re-deploying services after the service was updated with --force docker/cli#963
• Fix docker version output alignment docker/cli#965

Runtime

• Fix AppArmor profiles not being applied to docker exec processes moby/moby#36466
• Don't sort plugin mount slice moby/moby#36711
• Daemon/cluster: handle partial attachment entries during configure moby/moby#36769

• Bump Golang to 1.9.5 moby/moby#36779 docker/cli#986

• Daemon/stats: more resilient cpu sampling moby/moby#36519

• Containerd: update to 1.0.3 release moby/moby#36749

• Fix Windows layer leak when write fails moby/moby#36728

• Don't make container mount unbindable moby/moby#36768

• Fix Daemon panics on container export after a daemon restart moby/moby/36586
• Fix digest cache being removed on autherrors moby/moby#36509
• Make sure plugin container is removed on failure moby/moby#36715
• Copy: avoid using all system memory with authz plugins moby/moby#36595
• Relax some libcontainerd client locking moby/moby#36848

Swarm Mode

• Increase raft Election tick to 10 times Heartbeat tick moby/moby#36672

Networking

• Gracefully remove LB endpoints from services docker/libnetwork#2112
• Retry other external DNS servers on ServFail docker/libnetwork#2121
• Improve scalabiltiy of bridge network isolation rules docker/libnetwork#2117
• Allow for larger preset property values, do not override docker/libnetwork#2124
• Prevent panics on concurrent reads/writes when calling changeNodeState docker/libnetwork#2136

18.03.0-ce (2018-03-21)

Builder

• Switch to -buildmode=pie moby/moby#34369
• Allow Dockerfile to be outside of build-context docker/cli#886
• Builder: fix wrong cache hits building from tars moby/moby#36329

• Fixes files leaking to other images in a multi-stage build moby/moby#36338

Client

• Simplify the marshaling of compose types.Config docker/cli#895

• Add support for multiple composefile when deploying docker/cli#569

• Fix broken Kubernetes stack flags docker/cli#831
• Fix stack marshaling for Kubernetes docker/cli#890
• Fix and simplify bash completion for service env, mounts and labels docker/cli#682
• Fix before and since filter for docker ps moby/moby#35938
• Fix --label-file weird behavior docker/cli#838
• Fix compilation of defaultCredentialStore() on unsupported platforms docker/cli#872

• Improve and fix bash completion for images docker/cli#717

• Added check for empty source in bind mount docker/cli#824

• Fix TLS from environment variables in client moby/moby#36270

• docker build now runs faster when registry-specific credential helper(s) are configured docker/cli#840
• Update event filter zsh completion with disable, enable, install and remove docker/cli#372
• Produce errors when empty ids are passed into inspect calls moby/moby#36144
• Marshall version for the k8s controller docker/cli#891
• Set a non-zero timeout for HTTP client communication with plugin backend docker/cli#883

• Add DOCKER_TLS environment variable for --tls option docker/cli#863
• Add --template-driver option for secrets/configs docker/cli#896
• Move docker trust commands out of experimental docker/cli#934 docker/cli#935 docker/cli#944

Logging

• AWS logs - don't add new lines to maximum sized events moby/moby#36078
• Move log validator logic after plugins are loaded moby/moby#36306
• Support a proxy in Splunk log driver moby/moby#36220

• Fix log tail with empty logs moby/moby#36305

Networking

• Libnetwork revendoring moby/moby#36137

• Fix for deadlock on exit with Memberlist revendor docker/libnetwork#2040

• Fix user specified ndots option docker/libnetwork#2065

• Fix to use ContainerID for Windows instead of SandboxID docker/libnetwork#2010

• Verify NetworkingConfig to make sure EndpointSettings is not nil moby/moby#36077

• Fix DockerNetworkInternalMode issue moby/moby#36298
• Fix race in attachable network attachment moby/moby#36191
• Fix timeout issue of InspectNetwork on AArch64 moby/moby#36257

• Verbose info is missing for partial overlay ID moby/moby#35989
• Update FindNetwork to address network name duplications moby/moby#30897
• Disallow attaching ingress network docker/swarmkit#2523

• Prevent implicit removal of the ingress network moby/moby#36538
• Fix stale HNS endpoints on Windows moby/moby#36603
• IPAM fixes for duplicate IP addresses docker/libnetwork#2104 docker/libnetwork#2105

Runtime

• Enable HotAdd for Windows moby/moby#35414
• LCOW: Graphdriver fix deadlock in hotRemoveVHDs moby/moby#36114
• LCOW: Regular mount if only one layer moby/moby#36052
• Remove interim env var LCOW_API_PLATFORM_IF_OMITTED moby/moby#36269
• Revendor Microsoft/opengcs @ v0.3.6 moby/moby#36108

• Fix issue of ExitCode and PID not show up in Task.Status.ContainerStatus moby/moby#36150
• Fix issue with plugin scanner going too deep moby/moby#36119

• Do not make graphdriver homes private mounts moby/moby#36047
• Do not recursive unmount on cleanup of zfs/btrfs moby/moby#36237
• Don't restore image if layer does not exist moby/moby#36304
• Adjust minimum API version for templated configs/secrets moby/moby#36366
• Bump containerd to 1.0.2 (cfd04396dc68220d1cecbe686a6cc3aa5ce3667c) moby/moby#36308
• Bump Golang to 1.9.4 moby/moby#36243
• Ensure daemon root is unmounted on shutdown moby/moby#36107

• Fix container cleanup on daemon restart moby/moby#36249

• Support SCTP port mapping (bump up API to v1.37) moby/moby#33922
• Support SCTP port mapping docker/cli#278

• Fix Volumes property definition in ContainerConfig moby/moby#35946

• Bump moby and dependencies docker/cli#829
• C.RWLayer: check for nil before use moby/moby#36242

• Add REMOVE and ORPHANED to TaskState moby/moby#36146

• Fixed error detection using IsErrNotFound and IsErrNotImplemented for ContainerStatPath, CopyFromContainer, and CopyToContainer methods [moby/moby#35979](...

18.03.1-ce-rc1

Changelog

For more information on the list of deprecated flags and APIs please have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

18.03.1-ce (2018-04-DD)

Runtime

• Fix AppArmor profiles not being applied to docker exec processes moby/moby#36466
• Don't sort plugin mount slice moby/moby#36711
• Daemon/cluster: handle partial attachment entries during configure moby/moby#36769

• Bump Golang to 1.9.5 moby/moby#36779 docker/cli#986

• Daemon/stats: more resilient cpu sampling moby/moby#36519

• Containerd: update to 1.0.3 release moby/moby#36749

• Fix Windows layer leak when write fails moby/moby#36728

18.03.0-ce (2018-03-21)

Builder

• Switch to -buildmode=pie moby/moby#34369
• Allow Dockerfile to be outside of build-context docker/cli#886
• Builder: fix wrong cache hits building from tars moby/moby#36329

• Fixes files leaking to other images in a multi-stage build moby/moby#36338

Client

• Simplify the marshaling of compose types.Config docker/cli#895

• Add support for multiple composefile when deploying docker/cli#569

• Fix broken Kubernetes stack flags docker/cli#831
• Fix stack marshaling for Kubernetes docker/cli#890
• Fix and simplify bash completion for service env, mounts and labels docker/cli#682
• Fix before and since filter for docker ps moby/moby#35938
• Fix --label-file weird behavior docker/cli#838
• Fix compilation of defaultCredentialStore() on unsupported platforms docker/cli#872

• Improve and fix bash completion for images docker/cli#717

• Added check for empty source in bind mount docker/cli#824

• Fix TLS from environment variables in client moby/moby#36270

• docker build now runs faster when registry-specific credential helper(s) are configured docker/cli#840
• Update event filter zsh completion with disable, enable, install and remove docker/cli#372
• Produce errors when empty ids are passed into inspect calls moby/moby#36144
• Marshall version for the k8s controller docker/cli#891
• Set a non-zero timeout for HTTP client communication with plugin backend docker/cli#883

• Add DOCKER_TLS environment variable for --tls option docker/cli#863
• Add --template-driver option for secrets/configs docker/cli#896
• Move docker trust commands out of experimental docker/cli#934 docker/cli#935 docker/cli#944

Logging

• AWS logs - don't add new lines to maximum sized events moby/moby#36078
• Move log validator logic after plugins are loaded moby/moby#36306
• Support a proxy in Splunk log driver moby/moby#36220

• Fix log tail with empty logs moby/moby#36305

Networking

• Libnetwork revendoring moby/moby#36137

• Fix for deadlock on exit with Memberlist revendor docker/libnetwork#2040

• Fix user specified ndots option docker/libnetwork#2065

• Fix to use ContainerID for Windows instead of SandboxID docker/libnetwork#2010

• Verify NetworkingConfig to make sure EndpointSettings is not nil moby/moby#36077

• Fix DockerNetworkInternalMode issue moby/moby#36298
• Fix race in attachable network attachment moby/moby#36191
• Fix timeout issue of InspectNetwork on AArch64 moby/moby#36257

• Verbose info is missing for partial overlay ID moby/moby#35989
• Update FindNetwork to address network name duplications moby/moby#30897
• Disallow attaching ingress network docker/swarmkit#2523

• Prevent implicit removal of the ingress network moby/moby#36538
• Fix stale HNS endpoints on Windows moby/moby#36603
• IPAM fixes for duplicate IP addresses docker/libnetwork#2104 docker/libnetwork#2105

Runtime

• Enable HotAdd for Windows moby/moby#35414
• LCOW: Graphdriver fix deadlock in hotRemoveVHDs moby/moby#36114
• LCOW: Regular mount if only one layer moby/moby#36052
• Remove interim env var LCOW_API_PLATFORM_IF_OMITTED moby/moby#36269
• Revendor Microsoft/opengcs @ v0.3.6 moby/moby#36108

• Fix issue of ExitCode and PID not show up in Task.Status.ContainerStatus moby/moby#36150
• Fix issue with plugin scanner going too deep moby/moby#36119

• Do not make graphdriver homes private mounts moby/moby#36047
• Do not recursive unmount on cleanup of zfs/btrfs moby/moby#36237
• Don't restore image if layer does not exist moby/moby#36304
• Adjust minimum API version for templated configs/secrets moby/moby#36366
• Bump containerd to 1.0.2 (cfd04396dc68220d1cecbe686a6cc3aa5ce3667c) moby/moby#36308
• Bump Golang to 1.9.4 moby/moby#36243
• Ensure daemon root is unmounted on shutdown moby/moby#36107

• Fix container cleanup on daemon restart moby/moby#36249

• Support SCTP port mapping (bump up API to v1.37) moby/moby#33922
• Support SCTP port mapping docker/cli#278

• Fix Volumes property definition in ContainerConfig moby/moby#35946

• Bump moby and dependencies docker/cli#829
• C.RWLayer: check for nil before use moby/moby#36242

• Add REMOVE and ORPHANED to TaskState moby/moby#36146

• Fixed error detection using IsErrNotFound and IsErrNotImplemented for ContainerStatPath, CopyFromContainer, and CopyToContainer methods moby/moby#35979

• Add an integration/internal/container helper package moby/moby#36266
• Add canonical import path moby/moby#36194
• Add/use container.Exec() to integration moby/moby#36326

• Fix "--node-generic-resource" singular/plural moby/moby#36125

• Daemon.cleanupContainer: nullify container RWLayer upon release moby/moby#36160
• Daemon: passdown the --oom-kill-disable option to containerd moby/moby#36201
• Display a warn message when there is binding ports and net mode is host moby/moby#35510
• Refresh containerd remotes on containerd restarted moby/moby#36173
• Set daemon root to use shared propagation moby/moby#36096
• Optimizations for recursive unmount moby/moby#34379
• Perform plugin mounts in the runtime moby/moby#35829
• Graphdriver: Fix RefCounter memory leak moby/moby#36256
• Use continuity fs package for volume copy moby/moby#36290
• Use proc/exe for reexec moby/moby#36124

• Add API support for templated secrets and configs moby/moby#33702 and moby/moby#36366

• Use rslave propagation for mounts from daemon root moby/moby#36055
  +...

18.04.0-ce

Changelog

For more information on the list of deprecated flags and APIs, have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

18.04.0-ce (2018-04-10)

Builder

• Fix typos in builder and client. moby/moby#36424

Client

• Print Stack API and Kubernetes versions in version command. docker/cli#898

• Fix Kubernetes duplication in version command. docker/cli#953

• Use HasAvailableFlags instead of HasFlags for Options in help. docker/cli#959

• Add support for mandatory variables to stack deploy. docker/cli#893

• Fix docker stack services command Port output. docker/cli#943

• Deprecate unencrypted storage. docker/cli#561
• Don't set a default filename for ConfigFile. docker/cli#917

• Fix compose network name. docker/cli#941

Logging

• Silent login: use credentials from cred store to login. docker/cli#139

• Add support for compressibility of log file. moby/moby#29932

• Fix empty LogPath with non-blocking logging mode. moby/moby#36272

Networking

• Prevent explicit removal of ingress network. moby/moby#36538

Runtime

• Devmapper cleanup improvements. moby/moby#36307
• Devmapper.Mounted: remove. moby/moby#36437
• Devmapper/Remove(): use Rmdir, ignore errors. moby/moby#36438
• LCOW - Change platform parser directive to FROM statement flag. moby/moby#35089
• Split daemon service code to windows file. moby/moby#36653
• Windows: Block pulling uplevel images. moby/moby#36327
• Windows: Hyper-V containers are broken after 36586 was merged. moby/moby#36610
• Windows: Move kernel_windows to use golang registry functions. moby/moby#36617
• Windows: Pass back system errors on container exit. moby/moby#35967
• Windows: Remove servicing mode. moby/moby#36267
• Windows: Report Version and UBR. moby/moby#36451
• Bump Runc to 1.0.0-rc5. moby/moby#36449
• Mount failure indicates the path that failed. moby/moby#36407
• Change return for errdefs.getImplementer(). moby/moby#36489
• Client: fix hijackedconn reading from buffer. moby/moby#36663
• Content encoding negotiation added to archive request. moby/moby#36164
• Daemon/stats: more resilient cpu sampling. moby/moby#36519
• Daemon/stats: remove obnoxious types file. moby/moby#36494
• Daemon: use context error rather than inventing new one. moby/moby#36670
• Enable CRIU on non-amd64 architectures (v2). moby/moby#36676

• Fixes intermittent client hang after closing stdin to attached container moby/moby#36517
• Fix daemon panic on container export after restart moby/moby#36586
• Follow-up fixes on multi-stage moby's Dockerfile. moby/moby#36425

• Freeze busybox and latest glibc in Docker image. moby/moby#36375
• If container will run as non root user, drop permitted, effective caps early. moby/moby#36587
• Layer: remove metadata store interface. moby/moby#36504
• Minor optimizations to dockerd. moby/moby#36577
• Whitelist statx syscall. moby/moby#36417

• Add missing error return for plugin creation. moby/moby#36646

• Fix AppArmor not being applied to Exec processes. moby/moby#36466

• Daemon/logger/ring.go: log error not instance. moby/moby#36475

• Fix stats collector spinning CPU if no stats are collected. moby/moby#36609
• Fix(distribution): digest cache should not be moved if it was an auth. moby/moby#36509
• Make sure plugin container is removed on failure. moby/moby#36715

• Bump to containerd 1.0.3. moby/moby#36749
• Don't sort plugin mount slice. moby/moby#36711

Swarm Mode

• Fixes for synchronizing the dispatcher shutdown with in-progress rpcs. moby/moby#36371
• Increase raft ElectionTick to 10xHeartbeatTick. moby/moby#36672
• Make Swarm manager Raft quorum parameters configurable in daemon config. moby/moby#36726
• Ingress network should not be attachable. docker/swarmkit#2523
• [manager/state] Add fernet as an option for raft encryption. docker/swarmkit#2535
• Log GRPC server errors. docker/swarmkit#2541
• Log leadership changes at the manager level. docker/swarmkit#2542
• Remove the containerd executor. docker/swarmkit#2568
• Agent: backoff session when no remotes are available. docker/swarmkit#2570
• [ca/manager] Remove root CA key encryption support entirely. docker/swarmkit#2573

• Fix agent logging race. docker/swarmkit#2578

• Adding logic to restore networks in order. docker/swarmkit#2571

18.04.0-ce-rc2

Changelog

For more information on the list of deprecated flags and APIs, have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

18.04.0-ce (2018-04-DD)

Builder

• Fix typos in builder and client. moby/moby#36424

Client

• Print Stack API and Kubernetes versions in version command. docker/cli#898

• Fix Kubernetes duplication in version command. docker/cli#953

• Use HasAvailableFlags instead of HasFlags for Options in help. docker/cli#959

• Add support for mandatory variables to stack deploy. docker/cli#893

• Fix docker stack services command Port output. docker/cli#943

• Deprecate unencrypted storage. docker/cli#561
• Don't set a default filename for ConfigFile. docker/cli#917

• Fix compose network name. docker/cli#941

Logging

• Make LogFile perms configurable. moby/moby#36523
• Silent login: use credentials from cred store to login. docker/cli#139

• Add support for compressibility of log file. moby/moby#29932

• Fix empty LogPath with non-blocking logging mode. moby/moby#36272

Networking

• Prevent explicit removal of ingress network. moby/moby#36538

Runtime

• Devmapper cleanup improvements. moby/moby#36307
• Devmapper.Mounted: remove. moby/moby#36437
• Devmapper/Remove(): use Rmdir, ignore errors. moby/moby#36438
• LCOW - Change platform parser directive to FROM statement flag. moby/moby#35089
• Split daemon service code to windows file. moby/moby#36653
• Windows: Block pulling uplevel images. moby/moby#36327
• Windows: Hyper-V containers are broken after 36586 was merged. moby/moby#36610
• Windows: Move kernel_windows to use golang registry functions. moby/moby#36617
• Windows: Pass back system errors on container exit. moby/moby#35967
• Windows: Remove servicing mode. moby/moby#36267
• Windows: Report Version and UBR. moby/moby#36451
• Bump Runc to 1.0.0-rc5. moby/moby#36449
• Mount failure indicates the path that failed. moby/moby#36407
• Change return for errdefs.getImplementer(). moby/moby#36489
• Client: fix hijackedconn reading from buffer. moby/moby#36663
• Content encoding negotiation added to archive request. moby/moby#36164
• Daemon/stats: more resilient cpu sampling. moby/moby#36519
• Daemon/stats: remove obnoxious types file. moby/moby#36494
• Daemon: use context error rather than inventing new one. moby/moby#36670
• Enable CRIU on non-amd64 architectures (v2). moby/moby#36676

• Fixes intermittent client hang after closing stdin to attached container moby/moby#36517
• Fix daemon panic on container export after restart moby/moby#36586
• Follow-up fixes on multi-stage moby's Dockerfile. moby/moby#36425

• Freeze busybox and latest glibc in Docker image. moby/moby#36375
• If container will run as non root user, drop permitted, effective caps early. moby/moby#36587
• Layer: remove metadata store interface. moby/moby#36504
• Minor optimizations to dockerd. moby/moby#36577
• Whitelist statx syscall. moby/moby#36417

• Add missing error return for plugin creation. moby/moby#36646

• Fix AppArmor not being applied to Exec processes. moby/moby#36466

• Daemon/logger/ring.go: log error not instance. moby/moby#36475

• Fix stats collector spinning CPU if no stats are collected. moby/moby#36609
• Fix(distribution): digest cache should not be moved if it was an auth. moby/moby#36509
• Make sure plugin container is removed on failure. moby/moby#36715

• Bump to containerd 1.0.3. moby/moby#36749
• Don't sort plugin mount slice. moby/moby#36711

Swarm Mode

• Fixes for synchronizing the dispatcher shutdown with in-progress rpcs. moby/moby#36371
• Increase raft ElectionTick to 10xHeartbeatTick. moby/moby#36672
• Make Swarm manager Raft quorum parameters configurable in daemon config. moby/moby#36726
• Ingress network should not be attachable. docker/swarmkit#2523
• [manager/state] Add fernet as an option for raft encryption. docker/swarmkit#2535
• Log GRPC server errors. docker/swarmkit#2541
• Log leadership changes at the manager level. docker/swarmkit#2542
• Remove the containerd executor. docker/swarmkit#2568
• Agent: backoff session when no remotes are available. docker/swarmkit#2570
• [ca/manager] Remove root CA key encryption support entirely. docker/swarmkit#2573

• Fix agent logging race. docker/swarmkit#2578

• Adding logic to restore networks in order. docker/swarmkit#2571

18.04.0-ce-rc1

Changelog

For more information on the list of deprecated flags and APIs, have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

18.04.0-ce (2018-04-DD)

Builder

• Fix typos in builder and client. moby/moby#36424

Client

• Print Stack API and Kubernetes versions in version command. docker/cli#898

• Fix Kubernetes duplication in version command. docker/cli#953

• Use HasAvailableFlags instead of HasFlags for Options in help. docker/cli#959

• Add support for mandatory variables to stack deploy. docker/cli#893

• Fix docker stack services command Port output. docker/cli#943

• Deprecate unencrypted storage. docker/cli#561
• Don't set a default filename for ConfigFile. docker/cli#917

• Fix compose network name. docker/cli#941

Logging

• Make LogFile perms configurable. moby/moby#36523
• Silent login: use credentials from cred store to login. docker/cli#139

• Add support for compressibility of log file. moby/moby#29932

• Fix empty LogPath with non-blocking logging mode. moby/moby#36272

Networking

• Prevent explicit removal of ingress network. moby/moby#36538

Runtime

• Devmapper cleanup improvements. moby/moby#36307
• Devmapper.Mounted: remove. moby/moby#36437
• Devmapper/Remove(): use Rmdir, ignore errors. moby/moby#36438
• LCOW - Change platform parser directive to FROM statement flag. moby/moby#35089
• Split daemon service code to windows file. moby/moby#36653
• Windows: Block pulling uplevel images. moby/moby#36327
• Windows: Hyper-V containers are broken after 36586 was merged. moby/moby#36610
• Windows: Move kernel_windows to use golang registry functions. moby/moby#36617
• Windows: Pass back system errors on container exit. moby/moby#35967
• Windows: Remove servicing mode. moby/moby#36267
• Windows: Report Version and UBR. moby/moby#36451
• Bump Runc to 1.0.0-rc5. moby/moby#36449
• Mount failure indicates the path that failed. moby/moby#36407
• Change return for errdefs.getImplementer(). moby/moby#36489
• Client: fix hijackedconn reading from buffer. moby/moby#36663
• Content encoding negotiation added to archive request. moby/moby#36164
• Daemon/stats: more resilient cpu sampling. moby/moby#36519
• Daemon/stats: remove obnoxious types file. moby/moby#36494
• Daemon: use context error rather than inventing new one. moby/moby#36670
• Enable CRIU on non-amd64 architectures (v2). moby/moby#36676

• Fixes intermittent client hang after closing stdin to attached container moby/moby#36517
• Fix daemon panic on container export after restart moby/moby#36586
• Follow-up fixes on multi-stage moby's Dockerfile. moby/moby#36425

• Freeze busybox and latest glibc in Docker image. moby/moby#36375
• If container will run as non root user, drop permitted, effective caps early. moby/moby#36587
• Layer: remove metadata store interface. moby/moby#36504
• Minor optimizations to dockerd. moby/moby#36577
• Whitelist statx syscall. moby/moby#36417

• Add missing error return for plugin creation. moby/moby#36646

• Fix AppArmor not being applied to Exec processes. moby/moby#36466

• Daemon/logger/ring.go: log error not instance. moby/moby#36475

• Fix stats collector spinning CPU if no stats are collected. moby/moby#36609
• Fix(distribution): digest cache should not be moved if it was an auth. moby/moby#36509

Swarm Mode

• Fixes for synchronizing the dispatcher shutdown with in-progress rpcs. moby/moby#36371
• Increase raft ElectionTick to 10xHeartbeatTick. moby/moby#36672

18.03.0-ce

Changelog

For more information on the list of deprecated flags and APIs please have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

18.03.0-ce (2018-03-21)

Builder

• Switch to -buildmode=pie moby/moby#34369
• Allow Dockerfile to be outside of build-context docker/cli#886
• Builder: fix wrong cache hits building from tars moby/moby#36329

• Fixes files leaking to other images in a multi-stage build moby/moby#36338

Client

• Simplify the marshaling of compose types.Config docker/cli#895

• Add support for multiple composefile when deploying docker/cli#569

• Fix broken Kubernetes stack flags docker/cli#831
• Fix stack marshaling for Kubernetes docker/cli#890
• Fix and simplify bash completion for service env, mounts and labels docker/cli#682
• Fix before and since filter for docker ps moby/moby#35938
• Fix --label-file weird behavior docker/cli#838
• Fix compilation of defaultCredentialStore() on unsupported platforms docker/cli#872

• Improve and fix bash completion for images docker/cli#717

• Added check for empty source in bind mount docker/cli#824

• Fix TLS from environment variables in client moby/moby#36270

• docker build now runs faster when registry-specific credential helper(s) are configured docker/cli#840
• Update event filter zsh completion with disable, enable, install and remove docker/cli#372
• Produce errors when empty ids are passed into inspect calls moby/moby#36144
• Marshall version for the k8s controller docker/cli#891
• Set a non-zero timeout for HTTP client communication with plugin backend docker/cli#883

• Add DOCKER_TLS environment variable for --tls option docker/cli#863
• Add --template-driver option for secrets/configs docker/cli#896
• Move docker trust commands out of experimental docker/cli#934 docker/cli#935 docker/cli#944

Logging

• AWS logs - don't add new lines to maximum sized events moby/moby#36078
• Move log validator logic after plugins are loaded moby/moby#36306
• Support a proxy in Splunk log driver moby/moby#36220

• Fix log tail with empty logs moby/moby#36305

Networking

• Libnetwork revendoring moby/moby#36137

• Fix for deadlock on exit with Memberlist revendor docker/libnetwork#2040

• Fix user specified ndots option docker/libnetwork#2065

• Fix to use ContainerID for Windows instead of SandboxID docker/libnetwork#2010

• Verify NetworkingConfig to make sure EndpointSettings is not nil moby/moby#36077

• Fix DockerNetworkInternalMode issue moby/moby#36298
• Fix race in attachable network attachment moby/moby#36191
• Fix timeout issue of InspectNetwork on AArch64 moby/moby#36257

• Verbose info is missing for partial overlay ID moby/moby#35989
• Update FindNetwork to address network name duplications moby/moby#30897
• Disallow attaching ingress network docker/swarmkit#2523

• Prevent implicit removal of the ingress network moby/moby#36538
• Fix stale HNS endpoints on Windows moby/moby#36603
• IPAM fixes for duplicate IP addresses docker/libnetwork#2104 docker/libnetwork#2105

Runtime

• Enable HotAdd for Windows moby/moby#35414
• LCOW: Graphdriver fix deadlock in hotRemoveVHDs moby/moby#36114
• LCOW: Regular mount if only one layer moby/moby#36052
• Remove interim env var LCOW_API_PLATFORM_IF_OMITTED moby/moby#36269
• Revendor Microsoft/opengcs @ v0.3.6 moby/moby#36108

• Fix issue of ExitCode and PID not show up in Task.Status.ContainerStatus moby/moby#36150
• Fix issue with plugin scanner going too deep moby/moby#36119

• Do not make graphdriver homes private mounts moby/moby#36047
• Do not recursive unmount on cleanup of zfs/btrfs moby/moby#36237
• Don't restore image if layer does not exist moby/moby#36304
• Adjust minimum API version for templated configs/secrets moby/moby#36366
• Bump containerd to 1.0.2 (cfd04396dc68220d1cecbe686a6cc3aa5ce3667c) moby/moby#36308
• Bump Golang to 1.9.4 moby/moby#36243
• Ensure daemon root is unmounted on shutdown moby/moby#36107

• Fix container cleanup on daemon restart moby/moby#36249

• Support SCTP port mapping (bump up API to v1.37) moby/moby#33922
• Support SCTP port mapping docker/cli#278

• Fix Volumes property definition in ContainerConfig moby/moby#35946

• Bump moby and dependencies docker/cli#829
• C.RWLayer: check for nil before use moby/moby#36242

• Add REMOVE and ORPHANED to TaskState moby/moby#36146

• Fixed error detection using IsErrNotFound and IsErrNotImplemented for ContainerStatPath, CopyFromContainer, and CopyToContainer methods moby/moby#35979

• Add an integration/internal/container helper package moby/moby#36266
• Add canonical import path moby/moby#36194
• Add/use container.Exec() to integration moby/moby#36326

• Fix "--node-generic-resource" singular/plural moby/moby#36125

• Daemon.cleanupContainer: nullify container RWLayer upon release moby/moby#36160
• Daemon: passdown the --oom-kill-disable option to containerd moby/moby#36201
• Display a warn message when there is binding ports and net mode is host moby/moby#35510
• Refresh containerd remotes on containerd restarted moby/moby#36173
• Set daemon root to use shared propagation moby/moby#36096
• Optimizations for recursive unmount moby/moby#34379
• Perform plugin mounts in the runtime moby/moby#35829
• Graphdriver: Fix RefCounter memory leak moby/moby#36256
• Use continuity fs package for volume copy moby/moby#36290
• Use proc/exe for reexec moby/moby#36124

• Add API support for templated secrets and configs moby/moby#33702 and moby/moby#36366

• Use rslave propagation for mounts from daemon root moby/moby#36055

• Add /proc/keys to masked paths moby/moby#36368

• Bump Runc to 1.0.0-rc5 moby/moby#36449

• Fixes runc exec on big-endian architectures moby/moby#36449

• Use chroot when mount namespaces aren't provided moby/moby#36449

• Fix systemd slice expansion so that it could be consumed by cAdvisor moby/moby#36449
• Fix devices mounted with wrong uid/gid moby/moby#36449
• Fix read-only containers with IPC private mounts /dev/shm read-only [moby/moby#36526](https://gith...