Hello community, here is the log from the commit of package cri-o for openSUSE:Factory checked in at 2019-09-11 10:23:19 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cri-o (Old) and /work/SRC/openSUSE:Factory/.cri-o.new.7948 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cri-o" Wed Sep 11 10:23:19 2019 rev:35 rq:728727 version:1.15.1 Changes: -------- --- /work/SRC/openSUSE:Factory/cri-o/cri-o.changes 2019-09-02 13:22:29.557344697 +0200 +++ /work/SRC/openSUSE:Factory/.cri-o.new.7948/cri-o.changes 2019-09-11 10:23:22.283488591 +0200 @@ -1,0 +2,20 @@ +Thu Sep 5 15:01:52 UTC 2019 - Marco Vedovati <[email protected]> + +- Add katacontainers as a recommended package, and include it as an + additional OCI runtime in the configuration. +- Document the format of the [crio.runtime.runtimes] table entries, + and remove clutter from the current runc entry. + +------------------------------------------------------------------- +Thu Sep 5 07:35:05 UTC 2019 - Sascha Grunert <[email protected]> + +- Update to v1.15.1: + * Bump container storage to v1.12.6 + * Allow building with go1.10 + * Allow default IP route to not be present + * Update libpod to the latest version + * Require crio-wipe for crio service file + * Disable crio-wipe in systemd by default + * Change default apparmor profile to actually contain the version + +------------------------------------------------------------------- Old: ---- cri-o-1.15.0.tar.xz New: ---- cri-o-1.15.1.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cri-o.spec ++++++ --- /var/tmp/diff_new_pack.oPGD5k/_old 2019-09-11 10:23:23.015488500 +0200 +++ /var/tmp/diff_new_pack.oPGD5k/_new 2019-09-11 10:23:23.015488500 +0200 @@ -27,7 +27,7 @@ %define name_source2 sysconfig.crio %define name_source3 crio.conf Name: cri-o -Version: 1.15.0 +Version: 1.15.1 Release: 0 Summary: OCI-based implementation of Kubernetes Container Runtime Interface License: Apache-2.0 @@ -62,6 +62,7 @@ Requires: libcontainers-storage Requires: runc >= 1.0.0~rc6 Requires: socat +Recommends: katacontainers # Provide generic cri-runtime dependency (needed by kubernetes) Provides: cri-runtime # disable stripping of binaries ++++++ _service ++++++ --- /var/tmp/diff_new_pack.oPGD5k/_old 2019-09-11 10:23:23.047488496 +0200 +++ /var/tmp/diff_new_pack.oPGD5k/_new 2019-09-11 10:23:23.047488496 +0200 @@ -2,8 +2,8 @@ <service name="tar_scm" mode="disabled"> <param name="url">https://github.com/cri-o/cri-o</param> <param name="scm">git</param> -<param name="versionformat">1.15.0</param> -<param name="revision">v1.15.0</param> +<param name="versionformat">1.15.1</param> +<param name="revision">v1.15.1</param> </service> <service name="recompress" mode="disabled"> <param name="file">cri-o-*.tar</param> ++++++ cri-o-1.15.0.tar.xz -> cri-o-1.15.1.tar.xz ++++++ /work/SRC/openSUSE:Factory/cri-o/cri-o-1.15.0.tar.xz /work/SRC/openSUSE:Factory/.cri-o.new.7948/cri-o-1.15.1.tar.xz differ: char 26, line 1 ++++++ crio.conf ++++++ --- /var/tmp/diff_new_pack.oPGD5k/_old 2019-09-11 10:23:23.095488491 +0200 +++ /var/tmp/diff_new_pack.oPGD5k/_new 2019-09-11 10:23:23.099488491 +0200 @@ -115,7 +115,7 @@ # Used to change the name of the default AppArmor profile of CRI-O. The default # profile name is "crio-default-" followed by the version string of CRI-O. -apparmor_profile = "crio-default-1.15.0" +apparmor_profile = "crio-default-1.15.1" # Cgroup management implementation used for the runtime. cgroup_manager = "cgroupfs" @@ -225,12 +225,38 @@ # The runtime to use is picked based on the runtime_handler provided by the CRI. # If no runtime_handler is provided, the runtime will be picked based on the level # of trust of the workload. +# Each entry in the table should follow this format: +# +#[crio.runtime.runtimes.runtime-handler] +# runtime_path = "/path/to/the/runtime/handler/executable" +# runtime_type = "oci" +# runtime_root = "/path/to/the/runtime/root" +# +# Where: +# - runtime-handler: name used to identify the runtime +# - runtime_path (optional, string): absolute path to the runtime executable in +# the host filesystem. If omitted, the runtime-handler identifier should match +# the runtime executable name, and the runtime executable should be placed +# in $PATH. +# - runtime_type (optional, string): type of runtime, one of: "oci", "vm". If +# omitted, an "oci" runtime is assumed. +# - runtime_root (optional, string): root directory for storage of containers +# state. [crio.runtime.runtimes.runc] -runtime_path = "" -runtime_type = "oci" -runtime_root = "/run/runc" +# Kata Containers is an OCI runtime, where containers are run inside lightweight +# VMs. Kata provides additional isolation towards the host, minimizing the host attack +# surface and mitigating the consequences of containers breakout. + +# Kata Containers with the default configured VMM +#[crio.runtime.runtimes.kata-runtime] + +# Kata Containers with the QEMU VMM +#[crio.runtime.runtimes.kata-qemu] + +# Kata Containers with the Firecracker VMM +#[crio.runtime.runtimes.kata-fc] # The crio.image table contains settings pertaining to the management of OCI images. #
