- Verified with grootfs-release v0.15.0
GRR v1.4.0 mostly introduces some changes to the network plugin API and introduces a first-pass experimental ability to limit container block IO. Please, contain your enthusiasm.
Network Plugin / Networking Changes
- We now allow the network plugin to return a set of DNS servers which we will ensure are set on the container’s resolv.conf. This allows DNS policy to be set by the network plugin if enabled.
- When the network plugin is not enabled, there’s now an
additional_dns_serversproperty that allows specifying extra DNS servers which should be appended to any inherited from resolv.conf or set to the
/etc/resolv.confare now bind-mounted in to the container rather than being written in a chroot. This interacts better with user namespaces and rootless containers and is generally more simple and secure.
- We no longer set up the built-in networkers iptable chains when an external network plugin is enabled, to avoid confusion caused by two things both creating iptable state on the host
- Log messages from
NetOut(log=true)rules now properly truncate handles so that space separation is preserved when the handle is longer than 29 characters
BlockIO Limiting (Experimental)
- We’ve added an experimental
default_container_blockio_weightproperty to allow assigning a blockio weight to all containers created by garden. This requires the CFQ scheduler to be enabled to be useful and applies to all garden-created containers on the host. The feature is being released experimentally via the bosh property, feedback welcome!
- You can now follow the updated experimental rootless mode doc to add networking support to your rootless containers.
Upload this release version to the Director:
$ bosh upload-release https://bosh.io/d/github.com/cloudfoundry/garden-runc-release?v=1.4.0 --sha1 1d6020e761806d7f355ceda06c889c582b47dc32
Modify deployment manifest to use this release in addition to any other used releases:
releases: - name: garden-runc version: "1.4.0"
Finally add needed deployment jobs and specify values for required properties.
Optionally download sha1: 1d6020e761806d7f355ceda06c889c582b47dc32 release tarball locally:
# ...or download it directly using curl $ curl -L -J -O https://bosh.io/d/github.com/cloudfoundry/garden-runc-release?v=1.4.0 # or with wget... $ wget --content-disposition https://bosh.io/d/github.com/cloudfoundry/garden-runc-release?v=1.4.0