Skip to content

v4.8.0-RC1

Pre-release
Pre-release
Compare
Choose a tag to compare
@ashley-cui ashley-cui released this 20 Nov 18:41
· 3303 commits to main since this release
v4.8.0-rc1
ac1d54e

Features

  • Podman machine now supports HyperV as a provider on Windows. This option can be set via the CONTAINERS_MACHINE_PROVIDER environment variable, or via containers.conf. HyperV requires Powershell to be run as Admin. Note that running WSL and HyperV machines at the same time is not supported.
  • The podman login and podman logout commands now support a new option, --compat-auth-file, which allows for editing Docker-compatible config files (#18617).
  • The podman machine init and podman machine set commands now support a new option, --usb, which sets allows USB passthrough for the QEMU provider (#16707).
  • The --ulimit option now supports setting -1 to indicate the maximum limit allowed for the current process (#19319).
  • The podman play kube command now supports the BUILDAH_ISOLATION environment variable to change build isolation when the --build option is set (#20024).
  • The podman volume create command now supports --opt o=size=XYZ on tmpfs file systems (#20449).
  • The podman info command for remote calls now reports client information even if the remote connection is unreachable
  • Added a new field, privileged, to containers.conf, which sets the defaults for the --privileged flag when creating, running or exec'ing into a container.
  • The podman kube play command now supports setting DefaultMode for volumes (#19313).
  • The --opt option to the podman network create command now accepts a new driver specific option, vrf, which assigns a VRF to the bridge interface.
  • A new option --rdt-class=COS has been added to the podman create and podman run commands that enables assigning a container to a Class Of Service (COS). The COS has to be pre-configured based on a pseudo-filesystem created by the resctrl kernel driver that enables interacting with the Intel RDT CAT feature.
  • The podman kube play command now supports a new option, --publish-all, which exposes all containerPorts on the host.
  • The --filter option now supports label!=, which filters for containers without the specified label.

Changes

  • Podman now defaults to sqlite as its database backend. For backwards compatibility, if a boltdb database already exists on the system, Podman will continue using it.
  • RHEL Subscriptions from the host now flow through to quay.io/podman/* images.
  • The --help option to the podman push command now shows the compression algorithm used.
  • The remote Podman client’s commit command now shows progress messages (#19947).
  • The podman kube play command now sets the pod hostname to the node/machine name when hostNetwork=true in k8s yaml (#19321).
  • The --tty,-t option to the podman exec command now defines the TERM environment variable even if the container is not running with a terminal (#20334).
  • Podman now also uses the helper_binaries_dir option in containers.conf to lookup the init binary (catatonit).
  • Podman healthcheck events are now logged as notices.
  • Podman machines no longer automatically update, preventing accidental service interruptions (#20122).
  • The amount of CPUs a podman machine uses now defaults to available cores/2 (#17066).
  • Podman machine now prohibits using provider names as machine names. applehv, qemu, wsl, and hyperv are no longer valid Podman machine names

Quadlet

  • Quadlet now supports the UIDMap, GIDMap, SubUIDMap, and SubGIDMap options in .container files.
  • Fixed a bug where symlinks were not resolved in search paths (#20504).
  • Quadlet now supports the ReadOnlyTmpfs option.
  • The VolatileTmpfs option is now deprecated.
  • Quadlet now supports systemd specifiers in User and Group keys.
  • Quadlet now supports ImageName for .image files.
  • Quadlet now supports a new option, --force, to the stop command.
  • Quadlet now supports the oneshot service type for .kube files, which allows yaml files without containers.
  • Quadlet now supports podman level arguments (#20246).
  • Fixed a bug where Quadlet would crash when specifying non key-value options (#20104).
  • Quadlet now removes anonymous volumes when removing a container (#20070).
  • Quadlet now supports a new unit type, .image.

Bugfixes

  • Fixed a bug where mounted volumes on Podman machines on MacOS would have a max open files limit (#16106).
  • Fixed a bug where setting both the --uts and --network options to host did not fill /etc/hostname with the host's name (#20448).
  • Fixed a bug where the remote Podman client’s build command would incorrectly parse https paths (#20475).
  • Fixed a bug where running Docker Compose against a WSL podman machine would fail (#20373).
  • Fixed a race condition where parallel tagging and untagging of images would fail (#17515).
  • Fixed a bug where the podman exec command would leak sessions when the specified command does not existFixed a bug where the podman exec command would leak sessions when the specified command does not exist (#20392).
  • Fixed a bug where the podman history command did not display the size of certain layers (#20375).
  • Fixed a bug where a container with a custom user namespace and --restart always/on-failure would not correctly cleanup the netnsm on restart, resulting in leaked ips and network namespaces (#18615).
  • Fixed a bug where remote calls to the podman top command would incorrectly parse options (#19176).
  • Fixed a bug where the --read-only-tmpfs option to the podman run command was incorrectly handled when the --read-only option was set (#20225).
  • Fixed a bug where creating containers in parallel may cause a deadlock if both containers attempt to use the same named volume (#20313).
  • Fixed a bug where a container restarted by the Podman service would occasionally not mount its storage (#17042).
  • Fixed a bug where the --filter option to the podman images command would not correctly filter ids, digests, or intermediates (#19966).
  • Fixed a bug where setting the --replace option to the podman run command would print both the old and new container ID. Now, only the new container ID is printed.
  • Fixed a bug where the podman machine ls command would show Creation time as LastUp time for machines that have never been booted. Now, new machines show Never, with the json value being ZeroTime.
  • Fixed a bug in the podman build command where the default pull policy was not set to missing (#20125).
  • Fixed a bug where setting the static or volume directory in containers.conf would lead to cleanup errors (#19938).
  • Fixed a bug where the podman kube play command exposed all containerPorts on the host (#17028).
  • Fixed a bug where the podman farm update command did not verify farm and connection existence before updating (#20080).
  • Fixed a bug where remote Podman calls would not honor the --connection option while the CONTAINER_HOST environment variable was set. The active destination is not resolved with the correct priority, that is, CLI flags, env vars, ActiveService from containers.conf, RemoteURI (#15588).
  • Fixed a bug where the --env-host option was not honoring the default from containers.conf

API

  • Fixed a bug in the Compat Image Prune endpoint where the dangling filter was set twice (#20469).
  • Fixed a bug in the Compat API where attempting to connect a container to a network while the connection already exists returned a 200 status code. It now correctly returns a 500 error code.
  • Fixed a bug in the Compat API where some responses would not have compatible error details if progress data had not been sent yet (#20013).
  • The Libpod Pull endpoint now supports a new option, compatMode which causes the streamed JSON payload to be identical to the Compat endpoint.
  • Fixed a bug in the Libpod Container Create endpoint where it would return an incorrect status code if the image was not found. The endpoint now correctly returns 404.
  • The Compat Network List endpoint should see a significant performance improvement (#20035).

Misc

  • Updated Buildah to v1.33.1
  • Updated the containers/storage library to v1.51.0
  • Updated the containers/image library to v5.29.0
  • Updated the containers/common library to v0.57.0
  • Updated the containers/libhvee library to v0.5.0
  • Updated the Mac pkginstaller QEMU to v8.0.0
  • Podman Machine now runs with gvproxy v0.7.1