Docker Engine 18.03 release notes
18.03.1-ce
2018-04-26
Client
- Fix error with merge compose file with networks docker/cli#983open_in_new
- Fix docker stack deploy re-deploying services after the service was updated with
--force
docker/cli#963open_in_new - Fix docker version output alignment docker/cli#965open_in_new
Runtime
- Fix AppArmor profiles not being applied to
docker exec
processes moby/moby#36466open_in_new - Don't sort plugin mount slice moby/moby#36711open_in_new
- Daemon/cluster: handle partial attachment entries during configure moby/moby#36769open_in_new
- Bump Golang to 1.9.5 moby/moby#36779open_in_new docker/cli#986open_in_new
- Daemon/stats: more resilient cpu sampling moby/moby#36519open_in_new
- Containerd: update to 1.0.3 release moby/moby#36749open_in_new
- Fix Windows layer leak when write fails moby/moby#36728open_in_new
- Don't make container mount unbindable moby/moby#36768open_in_new
- Fix Daemon panics on container export after a daemon restart moby/moby/36586open_in_new
- Fix digest cache being removed on autherrors moby/moby#36509open_in_new
- Make sure plugin container is removed on failure moby/moby#36715open_in_new
- Copy: avoid using all system memory with authz plugins moby/moby#36595open_in_new
- Relax some libcontainerd client locking moby/moby#36848open_in_new
- Update
hcsshim
to v0.6.10 to address CVE-2018-8115open_in_new
Swarm Mode
- Increase raft Election tick to 10 times Heartbeat tick moby/moby#36672open_in_new
Networking
- Gracefully remove LB endpoints from services docker/libnetwork#2112open_in_new
- Retry other external DNS servers on ServFail docker/libnetwork#2121open_in_new
- Improve scalabiltiy of bridge network isolation rules docker/libnetwork#2117open_in_new
- Allow for larger preset property values, do not override docker/libnetwork#2124open_in_new
- Prevent panics on concurrent reads/writes when calling
changeNodeState
docker/libnetwork#2136open_in_new
18.03.0-ce
2018-03-21
Builder
- Switch to -buildmode=pie moby/moby#34369open_in_new
- Allow Dockerfile to be outside of build-context docker/cli#886open_in_new
- Builder: fix wrong cache hits building from tars moby/moby#36329open_in_new
- Fixes files leaking to other images in a multi-stage build moby/moby#36338open_in_new
Client
- Simplify the marshaling of compose types.Config docker/cli#895open_in_new
- Add support for multiple composefile when deploying docker/cli#569open_in_new
- Fix broken Kubernetes stack flags docker/cli#831open_in_new
- Fix stack marshaling for Kubernetes docker/cli#890open_in_new
- Fix and simplify bash completion for service env, mounts and labels docker/cli#682open_in_new
- Fix
before
andsince
filter fordocker ps
moby/moby#35938open_in_new - Fix
--label-file
weird behavior docker/cli#838open_in_new - Fix compilation of defaultCredentialStore() on unsupported platforms docker/cli#872open_in_new
- Improve and fix bash completion for images docker/cli#717open_in_new
- Added check for empty source in bind mount docker/cli#824open_in_new
- Fix TLS from environment variables in client moby/moby#36270open_in_new
- docker build now runs faster when registry-specific credential helper(s) are configured docker/cli#840open_in_new
- Update event filter zsh completion with
disable
,enable
,install
andremove
docker/cli#372open_in_new - Produce errors when empty ids are passed into inspect calls moby/moby#36144open_in_new
- Marshall version for the k8s controller docker/cli#891open_in_new
- Set a non-zero timeout for HTTP client communication with plugin backend docker/cli#883open_in_new
- Add DOCKER_TLS environment variable for --tls option docker/cli#863open_in_new
- Add --template-driver option for secrets/configs docker/cli#896open_in_new
- Move
docker trust
commands out of experimental docker/cli#934open_in_new docker/cli#935open_in_new docker/cli#944open_in_new
Logging
- AWS logs - don't add new lines to maximum sized events moby/moby#36078open_in_new
- Move log validator logic after plugins are loaded moby/moby#36306open_in_new
- Support a proxy in Splunk log driver moby/moby#36220open_in_new
- Fix log tail with empty logs moby/moby#36305open_in_new
Networking
- Libnetwork revendoring moby/moby#36137open_in_new
- Fix for deadlock on exit with Memberlist revendor docker/libnetwork#2040open_in_new
- Fix user specified ndots option docker/libnetwork#2065open_in_new
- Fix to use ContainerID for Windows instead of SandboxID docker/libnetwork#2010open_in_new
- Verify NetworkingConfig to make sure EndpointSettings is not nil moby/moby#36077open_in_new
- Fix
DockerNetworkInternalMode
issue moby/moby#36298open_in_new - Fix race in attachable network attachment moby/moby#36191open_in_new
- Fix timeout issue of
InspectNetwork
on AArch64 moby/moby#36257open_in_new
- Verbose info is missing for partial overlay ID moby/moby#35989open_in_new
- Update
FindNetwork
to address network name duplications moby/moby#30897open_in_new - Disallow attaching ingress network docker/swarmkit#2523open_in_new
- Prevent implicit removal of the ingress network moby/moby#36538open_in_new
- Fix stale HNS endpoints on Windows moby/moby#36603open_in_new
- IPAM fixes for duplicate IP addresses docker/libnetwork#2104open_in_new docker/libnetwork#2105open_in_new
Runtime
- Enable HotAdd for Windows moby/moby#35414open_in_new
- LCOW: Graphdriver fix deadlock in hotRemoveVHDs moby/moby#36114open_in_new
- LCOW: Regular mount if only one layer moby/moby#36052open_in_new
- Remove interim env var LCOW_API_PLATFORM_IF_OMITTED moby/moby#36269open_in_new
- Revendor Microsoft/opengcs @ v0.3.6 moby/moby#36108open_in_new
- Fix issue of ExitCode and PID not show up in Task.Status.ContainerStatus moby/moby#36150open_in_new
- Fix issue with plugin scanner going too deep moby/moby#36119open_in_new
- Do not make graphdriver homes private mounts moby/moby#36047open_in_new
- Do not recursive unmount on cleanup of zfs/btrfs moby/moby#36237open_in_new
- Don't restore image if layer does not exist moby/moby#36304open_in_new
- Adjust minimum API version for templated configs/secrets moby/moby#36366open_in_new
- Bump containerd to 1.0.2 (cfd04396dc68220d1cecbe686a6cc3aa5ce3667c) moby/moby#36308open_in_new
- Bump Golang to 1.9.4 moby/moby#36243open_in_new
- Ensure daemon root is unmounted on shutdown moby/moby#36107open_in_new
- Update runc to 6c55f98695e902427906eed2c799e566e3d3dfb5 moby/moby#36222open_in_new
- Fix container cleanup on daemon restart moby/moby#36249open_in_new
- Support SCTP port mapping (bump up API to v1.37) moby/moby#33922open_in_new
- Support SCTP port mapping docker/cli#278open_in_new
- Fix Volumes property definition in ContainerConfig moby/moby#35946open_in_new
- Bump moby and dependencies docker/cli#829open_in_new
- C.RWLayer: check for nil before use moby/moby#36242open_in_new
- Add
REMOVE
andORPHANED
to TaskState moby/moby#36146open_in_new
- Fixed error detection using
IsErrNotFound
andIsErrNotImplemented
forContainerStatPath
,CopyFromContainer
, andCopyToContainer
methods moby/moby#35979open_in_new
- Add an integration/internal/container helper package moby/moby#36266open_in_new
- Add canonical import path moby/moby#36194open_in_new
- Add/use container.Exec() to integration moby/moby#36326open_in_new
- Fix "--node-generic-resource" singular/plural moby/moby#36125open_in_new
- Daemon.cleanupContainer: nullify container RWLayer upon release moby/moby#36160open_in_new
- Daemon: passdown the
--oom-kill-disable
option to containerd moby/moby#36201open_in_new - Display a warn message when there is binding ports and net mode is host moby/moby#35510open_in_new
- Refresh containerd remotes on containerd restarted moby/moby#36173open_in_new
- Set daemon root to use shared propagation moby/moby#36096open_in_new
- Optimizations for recursive unmount moby/moby#34379open_in_new
- Perform plugin mounts in the runtime moby/moby#35829open_in_new
- Graphdriver: Fix RefCounter memory leak moby/moby#36256open_in_new
- Use continuity fs package for volume copy moby/moby#36290open_in_new
- Use proc/exe for reexec moby/moby#36124open_in_new
- Add API support for templated secrets and configs moby/moby#33702open_in_new and moby/moby#36366open_in_new
- Use rslave propagation for mounts from daemon root moby/moby#36055open_in_new
- Add /proc/keys to masked paths moby/moby#36368open_in_new
- Bump Runc to 1.0.0-rc5 moby/moby#36449open_in_new
- Fixes
runc exec
on big-endian architectures moby/moby#36449open_in_new
- Use chroot when mount namespaces aren't provided moby/moby#36449open_in_new
- Fix systemd slice expansion so that it could be consumed by cAdvisor moby/moby#36449open_in_new
- Fix devices mounted with wrong uid/gid moby/moby#36449open_in_new
- Fix read-only containers with IPC private mounts
/dev/shm
read-only moby/moby#36526open_in_new
Swarm Mode
- Replace EC Private Key with PKCS#8 PEMs docker/swarmkit#2246open_in_new
- Fix IP overlap with empty EndpointSpec docker/swarmkit #2505open_in_new
- Add support for Support SCTP port mapping docker/swarmkit#2298open_in_new
- Do not reschedule tasks if only placement constraints change and are satisfied by the assigned node docker/swarmkit#2496open_in_new
- Ensure task reaper stopChan is closed no more than once docker/swarmkit #2491open_in_new
- Synchronization fixes docker/swarmkit#2495open_in_new
- Add log message to indicate message send retry if streaming unimplemented docker/swarmkit#2483open_in_new
- Debug logs for session, node events on dispatcher, heartbeats docker/swarmkit#2486open_in_new
- Add swarm types to bash completion event type filter docker/cli#888open_in_new
- Fix issue where network inspect does not show Created time for networks in swarm scope moby/moby#36095open_in_new