Skip to content

garden-runc/0.5.0

You can find the source of this version on GitHub at cloudfoundry-incubator/guardian-release. It was created based on the commit d4ab478f.

Release Notes

Much good stuff: - AppArmor! Unprivileged containers are now secured with a default apparmor profile. This is based on the default docker apparmor profile for maximum compatibility - The shared_mounts bosh property is gone, we now do the right thing for anything in /var/vcap/data - We now use the new OCI “create/start” split to run network plugins, allowing much more flexibility in how this works and cleaning up the code a lot - Iodaemon is gone, we now use a binary called ‘dadoo’ to do a roughly similar job - Reattaching after restart should now be more bulletproof, for example getting the exit code should work - Code now imported via code.cloudfoundry.org domain

Usage

You can reference this release in your deployment manifest from the releases section:

- name: "garden-runc"
  version: "0.5.0"
  url: "https://bosh.io/d/github.com/cloudfoundry-incubator/guardian-release?v=0.5.0"
  sha1: "3ec8d982052f09960b1733a98bae98b3ac24aba1"

Or upload it to your director with the upload-release command:

bosh upload-release --sha1 3ec8d982052f09960b1733a98bae98b3ac24aba1 \
  "https://bosh.io/d/github.com/cloudfoundry-incubator/guardian-release?v=0.5.0"

Jobs

Packages