来源: https://github.com/containerd/containerd/releases/tag/v2.2.0

containerd/containerd v2.2.0 Release Notes

Published at: 2025-11-06T01:34:14Z

Welcome to the v2.2.0 release of containerd!

The second minor release of containerd 2.x focuses on continued stability alongside new features and improvements. This is the second time-based released for containerd.

Highlights

• Add mount manager (#12063)

  The mount manager is a new service that provides lifecycle management for filesystem mounts to support more advanced use cases, such as:

  • Device formatting to create formatted filesystems (xfs, ext4) on-demand
  • Mount activation to prepare devices such as loopbacks or network fileystems
  • Mount transformation to allow mount arguments to be filled in dynamically from previous mounts
  • Garbage collection of mounts to ensure temporary mounts are never leaked

• Add conf.d include in the default config (#12323)

• Add support for back references in the garbage collector (#12025)

Container Runtime Interface (CRI)

• Pod Sandbox Metrics (#10691)

  Full implementation of Kubernetes CRI pod-level metrics API

  • ListPodSandboxMetrics: Query metrics for running pods/sandboxes
  • ListMetricsDescriptors: Discover available metrics and their descriptions

• Support image volume mount subpath (#11578)

Go client

• Update pkg/oci to use fs.FS interface and os.OpenRoot (#12245)

Image Distribution

• Parallel Unpack (#12332)

  Adds support for unpacking layers in parallel during pull operations. This feature is supported with overlayfs and EROFS snapshotters.

• OCI Referrers Support (#12309)

  Adds new referrers fetcher to remote registry interface using the new referrers endpoint added in OCI distribution-spec 1.1

• Tar unpack progress through transfer service (#11921)

Image Storage

• EROFS enhancements using mount manager (#12333)

  Improvements to EROFS snapshotter using the new mount manager service

  • Quota Support: Support for sized block devices as the upper layer for overlayfs
  • Mount Lifecycle: Loopback setup, block device creation, and overlayfs argument formatting is moved to the mount manager to be performed on-demand or within the runtime.
  • Mount handler: To allow optimization of EROFS mount types based on the current system
  • macOS Support: EROFS snapshotter can now be used on Darwin to natively allow image pulls
  • Tar index mode: Efficiently generate EROFS metadata backed by original tar content (#11919)

• Add snapshotter and differ for block CIMs (#12050)

Node Resource Interface (NRI)

• Enable otel traces in NRI (#12082)
• Add WASM plugin support (containerd/nri#121)

Runtime

• Improve shim load time after restart by loading in parallel (#12142)
• Fix pidfd leak in UnshareAfterEnterUserns (#12167)

Deprecations

• Deprecate cgroup v1 (#12445)
• Postpone v2.2 deprecation items to v2.3 (#12417)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

• Derek McGowan
• Phil Estes
• Akihiro Suda
• Maksym Pavlenko
• Wei Fu
• Krisztian Litkey
• Mike Brown
• Akhil Mohan
• Markus Lehtonen
• Samuel Karp
• Sebastiaan van Stijn
• ningmingxiao
• Austin Vazquez
• yashsingh74
• Gao Xiang
• Kirtana Ashok
• Jin Dong
• Chris Henzie
• Aadhar Agarwal
• Etienne Champetier
• Henry Wang
• Rodrigo Campos
• Sascha Grunert
• Aleksa Sarai
• Eric Mountain
• Keith Mattix II
• Paweł Gronowski
• Tõnis Tiigi
• Adrien Delorme
• Apurv Barve
• Enji Cooper
• Kohei Tokunaga
• Max Jonas Werner
• Rehan Khan
• Yang Yang
• jinda.ljd
• jokemanfire
• Amit Barve
• Andrew Halaney
• Antonio Ojea
• Brian Goff
• Carlos Eduardo Arango Gutierrez
• Chenyang Yan
• Dawei Wei
• Divya Rani
• Evan Anderson
• Fabiano Fidêncio
• Iceber Gu
• Jared Ledvina
• Jonathan Perkin
• Jose Fernandez
• Karl Baumgartner
• Michael Weibel
• Osama Abdelkader
• Radostin Stoyanov
• Ruidong Cao
• Sameer
• Sergey Kanzhelev
• Swagat Bora
• Sylvain MOUQUET
• Tom Wieczorek
• Tycho Andersen
• Wuyue (Tony) Sun
• suranmiao
• tanhuaan
• wheat2018
• zounengren

Dependency Changes

• dario.cat/mergo v1.0.1 -> v1.0.2
• github.com/Microsoft/hcsshim v0.13.0-rc.3 -> v0.14.0-rc.1
• github.com/StackExchange/wmi cbe66965904d new
• github.com/checkpoint-restore/checkpointctl v1.3.0 -> v1.4.0
• github.com/containerd/cgroups/v3 v3.0.5 -> v3.1.0
• github.com/containerd/console v1.0.4 -> v1.0.5
• github.com/containerd/containerd/api v1.9.0 -> v1.10.0
• github.com/containerd/go-cni v1.1.12 -> v1.1.13
• github.com/containerd/nri v0.8.0 -> v0.10.0
• github.com/containerd/platforms v1.0.0-rc.1 -> v1.0.0-rc.2
• github.com/containernetworking/plugins v1.7.1 -> v1.8.0
• github.com/coreos/go-systemd/v22 v22.5.0 -> v22.6.0
• github.com/cpuguy83/go-md2man/v2 v2.0.5 -> v2.0.7
• github.com/emicklei/go-restful/v3 v3.11.0 -> v3.13.0
• github.com/fxamacker/cbor/v2 v2.7.0 -> v2.9.0
• github.com/go-jose/go-jose/v4 v4.0.5 -> v4.1.2
• github.com/go-logr/logr v1.4.2 -> v1.4.3
• github.com/go-ole/go-ole v1.2.6 new
• github.com/golang/groupcache 41bb18bfe9da -> 2c02b8208cf8
• github.com/google/certtostore v1.0.6 new
• github.com/google/deck 105ad94aa8ae new
• github.com/gorilla/websocket v1.5.0 -> e064f32e3674
• github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus v1.0.1 -> v1.1.0
• github.com/hashicorp/errwrap v1.1.0 new
• github.com/intel/goresctrl v0.8.0 -> v0.10.0
• github.com/klauspost/compress v1.18.0 -> v1.18.1
• github.com/knqyf263/go-plugin v0.9.0 new
• github.com/moby/sys/capability v0.4.0 new
• github.com/modern-go/reflect2 v1.0.2 -> 35a7c28c31ee
• github.com/opencontainers/runtime-tools 2e043c6bd626 -> 0ea5ed0382a2
• github.com/prometheus/client_golang v1.22.0 -> v1.23.2
• github.com/prometheus/client_model v0.6.1 -> v0.6.2
• github.com/prometheus/common v0.62.0 -> v0.66.1
• github.com/prometheus/procfs v0.15.1 -> v0.16.1
• github.com/stretchr/testify v1.10.0 -> v1.11.1
• github.com/tchap/go-patricia/v2 v2.3.2 -> v2.3.3
• github.com/tetratelabs/wazero v1.9.0 new
• github.com/urfave/cli/v2 v2.27.6 -> v2.27.7
• github.com/vishvananda/netlink 0e7078ed04c8 -> v1.3.1
• go.etcd.io/bbolt v1.4.0 -> v1.4.3
• go.opentelemetry.io/otel v1.35.0 -> v1.37.0
• go.opentelemetry.io/otel/metric v1.35.0 -> v1.37.0
• go.opentelemetry.io/otel/sdk v1.35.0 -> v1.37.0
• go.opentelemetry.io/otel/trace v1.35.0 -> v1.37.0
• go.uber.org/goleak v1.3.0 new
• go.yaml.in/yaml/v2 v2.4.2 new
• golang.org/x/crypto v0.36.0 -> v0.41.0
• golang.org/x/mod v0.24.0 -> v0.29.0
• golang.org/x/net v0.38.0 -> v0.43.0
• golang.org/x/oauth2 v0.27.0 -> v0.30.0
• golang.org/x/sync v0.14.0 -> v0.17.0
• golang.org/x/sys v0.33.0 -> v0.37.0
• golang.org/x/term v0.30.0 -> v0.34.0
• golang.org/x/text v0.23.0 -> v0.28.0
• golang.org/x/time v0.7.0 -> v0.14.0
• google.golang.org/genproto/googleapis/api 56aae31c358a -> a7a43d27e69b
• google.golang.org/genproto/googleapis/rpc 56aae31c358a -> a7a43d27e69b
• google.golang.org/grpc v1.72.0 -> v1.76.0
• google.golang.org/protobuf v1.36.6 -> v1.36.10
• k8s.io/api v0.32.3 -> v0.34.1
• k8s.io/apimachinery v0.32.3 -> v0.34.1
• k8s.io/client-go v0.32.3 -> v0.34.1
• k8s.io/cri-api v0.32.3 -> v0.34.1
• k8s.io/utils 3ea5e8cea738 -> 4c0f3b243397
• sigs.k8s.io/json 9aa6b5e7a4b3 -> cfa47c3a1cc8
• sigs.k8s.io/randfill v1.0.0 new
• sigs.k8s.io/structured-merge-diff/v6 v6.3.0 new
• sigs.k8s.io/yaml v1.4.0 -> v1.6.0

Previous release can be found at v2.1.0

Which file should I download?

• containerd-<VERSION>-<OS>-<ARCH>.tar.gz: ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04).
• containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz: Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent.

In addition to containerd, typically you will have to install runc and CNI plugins from their official sites too.

See also the Getting Started documentation.