Caution
This release contains breaking changes for container users! As of v24.11.0, all persistent1 containers always run in read-only
mode and the setting itself is deprecated (kept only for compatibility reasons). The main reason for this change is to better serve users with embedded container images in their builds of Infix. I.e., they can now upgrade the OCI image in their build and rely on the container being automatically upgraded when Infix is upgraded, issue #823. For other users, the benefit is that all container configuration changes take when activated, issue #822, without having to perform any tricks.
Changes
- Add validation of interface name lengths, (1..15), Linux limit
- Add support for ftp/http/https URI:s in container image, with a new
checksum
setting for MD5/SHA256/SHA512 verification, issue #801 - Add a retry timer to the background container create service. This will ensure failing
docker pull
operations from remote images are retrying after 60 seconds, or quicker - CLI base component,
klish
, has been updated with better support for raw terminal mode and alternate quotes (' in addition to ") - Log silenced from container activation messages, only the very bare necessities are now logged, e.g.,
podman create
command + status - Factory reset no longer calls
shred
to "securely erase" any files from writable data partitions. This will speed up the next boot considerably
Fixes
- Fix #659: paged output in CLI accessed via console port sometimes causes lost lines, e.g. missing interfaces. With updated
klish
and the terminal in raw mode, the pager (less) can now control both the horizontal and vertical - Fix #822: adding, or changing, an environment variable to a running container does not take without the
container upgrade NAME
trick - Fix #823: with an OCI image embedded in the Infix image, an existing container in the configuration is not upgraded to the new OCI image with the Infix upgrade.
- Frr leaves log files in
/var/tmp/frr
on unclean shutdowns. This has now been fixed with a "tmpfiles" cleanup of that path at boot
-
I.e., set up in the configuration, as opposed to temporary ones started with
container run
from the CLI admin-exec context. ↩