0.8.0

Fixes a bug where the PATH environment variable was not properly set if another environment variable containing the string "PATH=" was specified

GRR v0.7.0

Minor fixes.

• Set a default window size (80x24) when no size is specified and a TTY is attached
• Ensure aufs module is auto-loaded (when available) even if no graph path is specified

GRR v0.6.0

Mostly a bug-fixin'-and-PR-mergin' release. Enjoy, get it while it's hot!

• Improve handling of re-attaching to processes after restart
• Fix bug where output was lost if a process exited while writing to a TTY
• Make semantics of Lookup match garden-linux to avoid flakes in other components (specific Lookup pretends not to know about containers until Create has returned successfully)
• PR: Don't run internal ("kawasaki") networker if an external network plugin path has been provided (enables container-to-container networking plugin to be tried experimentally in production), thanks @rosenhouse!
• PR: Support for execveat syscall in case of ppc64 arch, thanks @barthy1!
• PR: Remove destination filter from MASQUERADE rules, thanks @geofffranks!
• PR: Increase max keyrings from 500 to 1000000, thanks @RochesterinNYC!
• PR: Make rootfs a parameter to be passed in to guardian ifrit runner, thanks @nimakaviani & @jenspinney!

0.5.0

Much good stuff:

• AppArmor! Unprivileged containers are now secured with a default apparmor profile. This is based on the default docker apparmor profile for maximum compatibility
• The shared_mounts bosh property is gone, we now do the right thing for anything in /var/vcap/data
• We now use the new OCI "create/start" split to run network plugins, allowing much more flexibility in how this works and cleaning up the code a lot
• Iodaemon is gone, we now use a binary called 'dadoo' to do a roughly similar job
• Reattaching after restart should now be more bulletproof, for example getting the exit code should work
• Code now imported via code.cloudfoundry.org domain

0.4.0

• Add http_proxy, https_proxy and no_proxy properties for setting HTTP proxies to use when pulling from Docker registries
• NetOut rules with log: true now work correctly
• Container disk limits now work on Xenial
• Unprivileged containers now use seccomp to improve security
• Fixed a bug where container deletion could race with grace time expiration and container creation, resulting in two containers with the same IP address

You can find a guide to transitioning from Garden-Linux to Garden-RunC here.

0.3.0

• max_containers now defaults to 250
• User groups are now properly supported when running processes in containers
• Mounts made on the host are now available to be bind mounted into containers
• Max number of open file descriptors for the garden server is now 65536
• The head of the net-in port allocation queue is now persisted across garden server process restarts, though it is not persisted through VM recreation

You can find a guide to transitioning from Garden-Linux to Garden-RunC here.

0.2.0

• Rename destroy_containers_on_startup property to destroy_containers_on_start, to match Garden-Linux-Release
• NetOut rules now work correctly across server restarts
• Remove tag property, which was only present for testing and was not used
• Set $TMPDIR to a sensible path in /var/vcap/data, rather than using the tiny /tmp provided by BOSH
• Add the network_pool property

You can find a guide to transitioning from Garden-Linux to Garden-RunC here.

0.1.0

This release supports all features required to replace Garden-Linux in a Cloud Foundry deployment for development or testing. Performance with production workloads at scale has not yet been validated, so we don't recommend using this in production.

You can find a guide to transitioning from Garden-Linux to Garden-RunC here.

This release may or may not be suitable for non Cloud Foundry use, depending on the set of features required. Notably, a number of features do not yet work correctly across server restarts. Support for specifying container IPs and subnets is also not yet implemented.

0.0.0

A final release of garden-runC-release just to get the ball rolling for those who want to integrate against this in CI and such.

v0.1.0 is expected soon, and will have comprehensive release notes.