Docker Engine 24.0 release notes

This page describes the latest changes, additions, known issues, and fixes for Docker Engine version 24.0.

For more information about:

• Deprecated and removed features, see Deprecated Engine Features.
• Changes to the Engine API, see Engine API version history.

24.0.2

2023-05-26

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 24.0.2 milestone
• moby/moby, 24.0.2 milestone

Bug fixes and enhancements

• Fix a panic during build when referencing locally tagged images. moby/buildkit#3899, moby/moby#45582
• Fix builds potentially failing with exit code: 4294967295 when performing many concurrent build stages. moby/moby#45620
• Fix DNS resolution on Windows ignoring etc/hosts (%WINDIR%\System32\Drivers\etc\hosts), including resolution of localhost. moby/moby#45562
• Apply a workaround for a containerd bug that causes concurrent docker exec commands to take significantly longer than expected. moby/moby#45625
• containerd image store: Fix an issue where the image Created field would contain an incorrect value. moby/moby#45623
• containerd image store: Adjust the output of image pull progress so that the output has the same format regardless of whether the containerd image store is enabled. moby/moby#45602
• containerd image store: Switching between the default and containerd image store now requires a daemon restart. moby/moby#45616

Packaging updates

• Upgrade Buildx to v0.10.5. docker/docker-ce-packaging#900

24.0.1

2023-05-19

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 24.0.1 milestone
• moby/moby, 24.0.1 milestone

Removed

• Remove CLI completions for storage drivers removed in the 24.0 major release. docker/cli#4302

Bug fixes and enhancements

• Fix an issue where DNS query NXDOMAIN replies from external servers were forwarded to the client as SERVFAIL. moby/moby#45573
• Fix an issue where docker pull --platform would report No such image regarding another tag pointing to the same image. moby/moby#45562
• Fix an issue where insecure registry configuration would be forgotten during config reload. moby/moby#45571
• containerd image store: Fix an issue where images which have no layers would not be listed in docker images -a moby/moby#45588
• API: Fix an issue where GET /images/{id}/json would return null instead of empty RepoTags and RepoDigests. moby/moby#45564
• API: Fix an issue where POST /commit did not accept an empty request body. moby/moby#45568

Packaging updates

• Upgrade Compose to v2.18.1. docker/docker-ce-packaging#896

24.0.0

2023-05-16

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 24.0.0 milestone
• moby/moby, 24.0.0 milestone

New

• Introduce experimental support for containerd as the content store (replacing the existing storage drivers). moby/moby#43735, other moby/moby pull requests
• The --host CLI flag now supports a path component in a ssh:// host address, allowing use of an alternate socket path without configuration on the remote host. docker/cli#4073
• The docker info CLI command now reports a version and platform field. docker/cli#4180
• Introduce the daemon flag --default-network-opt to configure options for newly created networks. moby/moby#43197
• Restrict access to AF_VSOCK in the socket(2) family of syscalls in the default seccomp profile. moby/moby#44562
• Introduce support for setting OCI runtime annotations on containers. docker/cli#45025, moby/moby#45025
• Alternative runtimes can now be configured in daemon.json, enabling runtime names to be aliased and options to be passed. moby/moby#45032
• The docker-init binary will now be discovered in FHS-compliant libexec directories, in addition to the PATH. moby/moby#45198
• API: Surface the daemon-level --no-new-privileges in GET /info. moby/moby#45320

Removed

• docker info no longer reports IndexServiceAddress. docker/cli#4204
• libnetwork: Remove fallback code for obsolete kernel versions. moby/moby#44684, moby/moby#44802
• libnetwork: Remove unused code related to classic Swarm. moby/moby#44965
• libnetwork: Remove usage of the xt_u32 kernel module from encrypted Swarm overlay networks. moby/moby#45281
• Remove support for BuildKit’s deprecated buildinfo in favor of standard provenance attestations. moby/moby#45097
• Remove the deprecated AUFS and legacy overlay storage drivers. moby/moby#45342, moby/moby#45359
• Remove the deprecated overlay2.override_kernel_check storage driver option. moby/moby#45368
• Remove workarounds for obsolete versions of apparmor_parser from the AppArmor profiles. moby/moby#45500
• API: GET /images/json no longer represents empty RepoTags and RepoDigests as<none>:<none>/<none>@<none>. Empty arrays are returned instead on API >= 1.43. moby/moby#45068

Deprecated

• Deprecate the --oom-score-adjust daemon option. moby/moby#45315
• API: Deprecate the VirtualSize field in GET /images/json and GET /images/{id}/json. moby/moby#45346

Bug fixes and enhancements

• The docker stack command no longer validates the build section of Compose files. docker/cli#4214
• Fix lingering healthcheck processes after the timeout is reached. moby/moby#43739
• Reduce the overhead of container startup when using the overlay2 storage driver. moby/moby#44285
• API: Handle multiple before= and since= filters in GET /images. moby/moby#44503
• Fix numerous bugs in the embedded DNS resolver implementation used by user-defined networks. moby/moby#44664
• Add execDuration field to the map of event attributes. moby/moby#45494
• Swarm-level networks can now be created with the Windows internal, l2bridge, and nat drivers. moby/swarmkit#3121, moby/moby#45291

Packaging updates

• Update Go to 1.20.4. docker/cli#4253, moby/moby#45456, docker/docker-ce-packaging#888
• Update containerd to v1.7.1. moby/moby#45537
• Update buildkit to v0.11.6. moby/moby#45367