containerd 1.7 is a feature release intended to introduce new APIs and services while remaining backwards compatible with previous containerd 1.x releases. The release after 1.7 is targeted to be 2.0 with the goal of 2.0 the removal all features deprecated in 1.x. The 1.7 release will contain deprecation warnings to help prepare 1.7 users for 2.0.
Support timeline
gantt
title containerd Releases
dateFormat YYYY-MM-DD
section 1.5
1.5 (active) :active, a , 2021-05-03 , 2022-10-28
section 1.6
1.6 (active) :active, b , 2022-02-15, 2023-03-22
1.6 (extended support) :crit, b , 2023-03-22, 2023-09-22
section 1.7
1.7 (beta) :c, 2022-05-15, 2022-09-22
1.7 (estimate) :c , 2022-09-22, 2023-07-20
section 2.0
2.0 (estimate) :d , 2023-01-20, 2024-01-20
CRI codebase merged into main containerd codebase and switch to Go modules
"Boring" release with no big new features and focused on stability
Introduction of new APIs and Services along with 2.0 deprecation warnings
- Sandbox API
- ttrpc Streaming and containerd <-> shim API proxy
- Image Transfer Service (Push/Pull)
- Switch protobuf library away from unmaintained gogo
See Project Board: https://github.com/orgs/containerd/projects/3/views/6
Adds support for managing a sandbox environment apart from any currently running containers. The sandbox can be used as the target environment when containers are run, such as for running pods. The sandbox can also be configured (or re-configured) without making changes to containers.
This also adds another extensibility point to containerd as the sandbox shims may have additional plugins and APIs.
See containerd/containerd#6703
The containerd shim API proxy provides a way to target a Sandbox's services for containerd API calls rather than an internal service. This allows the shim implementation to implement any of containerd's existing APIs and the client to simply target a sandbox using metadata header in containerd's API.
To support this, the ttrpc protocol has been updated to support streaming, which is used by some of containerd's APIs. This will additionally enable containerd itself serving containerd APIs to client via ttrpc. This approach in the future could be extended to allow clients to use a shim service API which is not an existing containerd service API.
- Cross platform support via the containerd API
- Sandboxed containerd services for confidential computing
- General containerd in containerd support via containerd API (sandboxed containerd namespaces, user namespaced daemons, developer environments, version debugging)
A new service and containerd API which can support any combination of push, pull, import and export. The new service may be used by the client or any plugin, such as CRI. The service may be implemented by a sandbox shim or proxy plugin.
sequenceDiagram
participant Client
participant containerd API
participant local service
participant shim API
Client->>containerd API: Pull from registry
containerd API->>local service: Pull from registry (local)
Note over local service: Pull from registry<br />in containerd daemon
local service->>containerd API: Pull complete
containerd API->>Client: Pull complete
Client->>containerd API: Pull from registry
containerd API->>shim API: Pull from registry (sandbox)
Note over shim API: Pull from registry<br />in sandbox
shim API->>containerd API: Pull complete
containerd API->>Client: Pull complete