Official Packages

📦  sysbox-ee_0.5.2-linux_amd64.deb 📦  sysbox-ee_0.5.2-linux_arm64.deb

Changelog

Added

• Fixed issue #544 preventing containers initialization within sysbox containers when running latest oci-runc releases (1.1.0-rc.1+).
• Added support to allow CIFS mounts within Sysbox containers (Sysbox-EE only).
• Fixed issue to allow shiftfs mounts over files that are themselves bind-mounts.

Checksums

$ sha256sum sysbox-ee_0.5.2-0.linux_amd64.deb
f2c339d3e4e52ba4be32dd3ccff9abf4e8d004214ede8002ac9991a0223117de  sysbox-ee_0.5.2-0.linux_amd64.deb

$ sha256sum sysbox-ee_0.5.2-0.linux_arm64.deb
5e18ab9108857d4d7773b9da37e17d1aae038ad2d0ef97fad1f06dfa6dca21c6  sysbox-ee_0.5.2-0.linux_arm64.deb

Official Packages

📦  sysbox-ee_0.5.0-linux_amd64.deb 📦  sysbox-ee_0.5.0-linux_arm64.deb

Changelog

Added

• Added support for Linux ID-mapped mounts (shiftfs alternative in kernels >= 5.12).
• Added support for ARM64 hosts.
• Added support for running buildx/buildkit inside Sysbox containers.
• Added support for running Rancher RKE2 and Mirantis K0s inside Sysbox containers.
• Added configs to disable trapping chown and xattr* syscalls (improves performance but may reduce functionality).
• Added config to strictly honor container capabilities from higher-level container manager.
• Added support for per-container configs via SYSBOX_* env vars.
• Improved performance of Sysbox's syscall interception code.
• Improved the way Sysbox releases the seccomp-fd handles for intercept syscalls (kernels >= 5.8).
• Improved Sysbox's cross-compilation support (artifacts can now be generated from/to either AMD64 or ARM64 hosts).
• Update to golang 1.16.
• Replaced the per-distro *.deb installation packages with a single deb bundle package.
• Allow alternative Docker data-root inside a Sysbox container (if Docker is pre-installed in the Sysbox container image).

Fixed (main issues)

• Fixed segfault when building Docker image inside Sysbox container (issue #484).
• Fixed segfault when running python pip install inside nested sysbox container (issue #485).
• Fixed issue with running KinD inside a Sysbox container (issue #415).
• Fixed problem with shiftfs mounts on Kubernetes persistent volumes (issue #431).

Checksums

$ sha256sum sysbox-ee_0.5.0-0.linux_amd64.deb
a71382ca9833e776d35209120ea5af4aa113d505c56d18c86dad792da8ff34a3  sysbox-ee_0.5.0-0.linux_amd64.deb

$ sha256sum sysbox-ee_0.5.0-0.linux_arm64.deb
c932fd0ae1d3a0881882e65b9f8322eef09329eaa0268c1eab176d502eb13b73  sysbox-ee_0.5.0-0.linux_arm64.deb

Official Packages

📦  sysbox-ee_0.4.1-ubuntu-bionic_amd64.deb 📦  sysbox-ee_0.4.1-ubuntu-focal_amd64.deb 📦  sysbox-ee_0.4.1-debian-buster_amd64.deb 📦  sysbox-ee_0.4.1-debian-bullseye_amd64.deb

Changelog

Added

• Added important optimization to expedite the container creation cycle.
• Enhanced uid-shifting logic to perform shifting operations of Sysbox's special dirs on a need basis.
• Added support for Kinvolk's Flatcar Linux distribution (Sysbox-EE only).
• Added basic building blocks to allow Sysbox support on ARM platforms.
• Made various enhancements to Sysbox's Kubernetes installer to simplify its operation.
• Extend Sysbox's Kubernetes installer to support Rancher's RKE k8s distribution.

Fixed (main issues)

• Fixed issue preventing Sysbox folders from being eliminated from HDD when Sysbox is shut down.
• Enable sys container processes to set 'trusted.overlay.opaque' xattr on files (issue #254).
• Fixed bug resulting in the failure of "mount" operation within a sys container.

Checksums

$ sha256sum sysbox-ee_0.4.1-0.ubuntu-bionic_amd64.deb
2e6f442cf1a160455256221307d96c83e7720f9c76572d8ed83105cdcb65cf88  sysbox-ee_0.4.1-0.ubuntu-bionic_amd64.deb

$ sha256sum sysbox-ee_0.4.1-0.ubuntu-focal_amd64.deb
f3249d92e143c730792e19ef7cde32f4e841c393271e8e5c928497b3082c66f9  sysbox-ee_0.4.1-0.ubuntu-focal_amd64.deb

$ sha256sum sysbox-ee_0.4.1-0.debian-buster_amd64.deb
3edf9eb5ed06dd8d8c558c602bd8ded36691eb96cdfd9c8426b278ef1d33fdbc  sysbox-ee_0.4.1-0.debian-buster_amd64.deb

$ sha256sum sysbox-ee_0.4.1-0.debian-bullseye_amd64.deb
75b584bfe02ccbd795f66beb76ebe917930d1801adc007c41d9bdbef2666b88c  sysbox-ee_0.4.1-0.debian-bullseye_amd64.deb

Official Packages

📦  sysbox-ee_0.4.0-ubuntu-bionic_amd64.deb 📦  sysbox-ee_0.4.0-ubuntu-focal_amd64.deb 📦  sysbox-ee_0.4.0-debian-buster_amd64.deb 📦  sysbox-ee_0.4.0-debian-bullseye_amd64.deb

Changelog

Added

• Added support to create secure Kubernetes PODs with Sysbox (sysbox-pods).
• Added support for Cgroups-v2 systems.
• Added support for WeaveNet and Calico CNIs to run within a Sysbox container.
• Added support to allow K3s execution within Sysbox containers.
• Extended Sysbox support to Fedora-33 and Fedora-34 releases.
• Extended Sysbox support to Flatcar Linux distribution.
• Modified Sysbox binaries' installation path ("/usr/local/sbin" -> "/usr/bin").
• Enhanced generation and handling of logging output by relying on systemd (journald) subsystem.
• Multiple enhancements in /proc & /sys file-system's emulation logic.
• Extended installer to allow it to deploy Sysbox in non-strictly-supported distros / releases.
• Improved security of shiftfs mounts.

Fixed (main issues)

• Fixed issue impacting sysbox-fs stability in scaling scenarios (issue #266).
• Fixed issue preventing sys-container initialization due a recent change in oci-runc (issue #291).
• Fixed issue with "--mountpoint" cli knob being ignored (sysbox issue #310).
• Fixed issue causing sysbox-fs handlers to stall upon access to a procfs node (issue #306).
• Fixed issue preventing write access to 'domainname' procfs node (issue #287).
• Fixed issue preventing systemd-based containers from being able to initialize (issue #273).
• Made changes to allow Docker network sharing between containers.
• Ensure that Sysbox mounts in read-only containers are mounted as read only.

Removed

• Deprecated EOL'd Fedora-31 and Fedora-32 releases.

Checksums

$ sha256sum sysbox-ee_0.4.0-0.ubuntu-bionic_amd64.deb
ab89cafaf3311779f84dae30de762655d1d216c57bb0b10533b9f8b05e46176f  sysbox-ee_0.4.0-0.ubuntu-bionic_amd64.deb

$ sha256sum sysbox-ee_0.4.0-0.ubuntu-focal_amd64.deb
14636a6902c9576d9dc1b8967c23140da045697b345db708e92fc39c452a117f  sysbox-ee_0.4.0-0.ubuntu-focal_amd64.deb

$ sha256sum sysbox-ee_0.4.0-0.debian-buster_amd64.deb
746cbcfbbb168f5ec20017e63028fb543a2d9f566917be63ff59e228972d717f  sysbox-ee_0.4.0-0.debian-buster_amd64.deb

$ sha256sum sysbox-ee_0.4.0-0.debian-bullseye_amd64.deb
8fc497c326a89de39ee30bd753df4c468e768fe562734cd86359444af2a7ff73  sysbox-ee_0.4.0-0.debian-bullseye_amd64.deb

Official Packages

📦  sysbox-ee_0.3.0-ubuntu-bionic_amd64.deb 📦  sysbox-ee_0.3.0-ubuntu-focal_amd64.deb 📦  sysbox-ee_0.3.0-debian-buster_amd64.deb 📦  sysbox-ee_0.3.0-debian-bullseye_amd64.deb

Changelog

Added

• Secured system container initial mounts (mount/remount/unmounts on these from within the container are now restricted). See here for details.
• Improved Sysbox systemd service unit files (dependencies, open-file limits).
• Improved logging by sysbox-mgr and sysbox-fs (json logging, more succint logs).
• Added support for systemd-managed cgroups v1 on the host (cgroups v2 still not supported).
• Added support for read-only Docker containers.
• Synced-up sysbox-runc to include the latest changes from the OCI runc.
• Added support for Debian distribution (Buster and Bullseye).
• Added ground-work to support Sysbox on RedHat, Fedora, and CentOS (next step is creating a package manager for these).
• Added config option to configure the Sysbox work directory (defaults to /var/lib/sysbox).
• Fixed sporadic session stalling issue during syscall interception handling.
• Fixed sysbox-mgr file descriptor leak (sysbox issue #195).
• Fixed problem with "docker --restart" on Sysbox containers (sysbox issue #184).
• Fixed race condition in sysbox-fs procfs & sysfs emulation.
• Fixed problem preventing kernel-headers from being properly imported within sys containers.
• Fixed inappropriate handling of mount instructions in chroot jail environments.

Removed

• None.

Checksums

$ sha256sum sysbox-ee_0.3.0-0.ubuntu-bionic_amd64.deb
82a10612ed3bf07c5cd6dd7bdae5bccb851650420f08d03833c58d35ac4461cb  sysbox-ee_0.3.0-0.ubuntu-bionic_amd64.deb

$ sha256sum sysbox-ee_0.3.0-0.ubuntu-focal_amd64.deb
c98e5f5adc90ef4279bdf05d32fa9052d62ac7b8a4de300ce4f78d513786c639  sysbox-ee_0.3.0-0.ubuntu-focal_amd64.deb

$ sha256sum sysbox-ee_0.3.0-0.debian-buster_amd64.deb
ae72439e4dc5a21da933ac51a3108bff9ba97c7b2ec830c285e0a5b4561eda8c  sysbox-ee_0.3.0-0.debian-buster_amd64.deb

$ sha256sum sysbox-ee_0.3.0-0.debian-bullseye_amd64.deb
53ce8771a3ef4e20659d2c0d90bacb4a6df470936e1b79124dc7baf9d7b7f41b  sysbox-ee_0.3.0-0.debian-bullseye_amd64.deb

Added

• Added initial Kubernetes-in-Docker support to enable secure, flexible and portable K8s clusters.
• Implemented inner Docker Image Sharing feature, to dramatically reduce host storage utilization for system containers that come preloaded with Docker images.
• Added support for running privileged-containers within secure system containers.
• Added support for containerd to run within system containers.
• Made multiple performance improvements to expedite container initialization and i/o operations.
• Added support for Ubuntu-Eoan (19.10) and Ubuntu-Focal (20.04).
• Extended support for Ubuntu-Cloud releases (Bionic, Eoan, Focal).
• Enhanced Sysbox documentation.

Removed

• Deprecated support of Ubuntu's EOL releases: Ubuntu-Disco (19.04) and Ubuntu-Cosmic (18.10).

Checksums

$ sha256sum sysbox_0.2.0-0.ubuntu-bionic_amd64.deb
8671be199f8fb00f24f1d85d6f8ef4a67e2feef4e9dc4a7e9217ac3542d175d4  sysbox_0.2.0-0.ubuntu-bionic_amd64.deb

$ sha256sum sysbox_0.2.0-0.ubuntu-eoan_amd64.deb
e1ae125e0ce3a1ccfd954eb30437b2846eff7b262ff884be66bba91abccf019b  sysbox_0.2.0-0.ubuntu-eoan_amd64.deb

$ sha256sum sysbox_0.2.0-0.ubuntu-focal_amd64.deb
736dba5645549ac0aabe11f29c6410bdbb76e717431a8a241833f20ce8b58a11  sysbox_0.2.0-0.ubuntu-focal_amd64.deb

$ sha256sum sysbox_0.1.3-0.ubuntu-bionic_amd64.deb
fc1e6780080e9ea774c0725c415927c0cd93fea7d8c623005752e7e013398dce  sysbox_0.1.3-0.ubuntu-bionic_amd64.deb

$ sha256sum sysbox_0.1.3-0.ubuntu-cosmic_amd64.deb
ac057322bf606ac0a594ce14d1cf35d67eb90e714d19c757b8e0cbc214dd0c5d  sysbox_0.1.3-0.ubuntu-cosmic_amd64.deb

$ sha256sum sysbox_0.1.3-0.ubuntu-disco_amd64.deb
774aa1442c9142a1e6c6db49f896439b989de3668926bccd91aa0a679fa3df87  sysbox_0.1.3-0.ubuntu-disco_amd64.deb

$ sha256sum sysbox_0.1.3-0.ubuntu-eoan_amd64.deb
4b1e091b8b78cb037f152de75a4b4433e0288c9256b194931a3ffa4ba90fe081  sysbox_0.1.3-0.ubuntu-eoan_amd64.deb

$ sha256sum sysbox_0.1.2-0.ubuntu-bionic_amd64.deb
ad61a5c00b990cb1c215f04ebb3d803e97171a921b535ff3de624568a33c6acb  sysbox_0.1.2-0.ubuntu-bionic_amd64.deb

$ sha256sum sysbox_0.1.2-0.ubuntu-cosmic_amd64.deb
addc523c45af7f2a89d92acd222c600d9e8b0aa657123b6c8f5c6fd0b79952e5  sysbox_0.1.2-0.ubuntu-cosmic_amd64.deb

$ sha256sum sysbox_0.1.2-0.ubuntu-disco_amd64.deb
1b90055e22748675dd2df43d0c56448fbf89f3fd07b0cf6a030e1dd93935d7d8  sysbox_0.1.2-0.ubuntu-disco_amd64.deb

$ sha256sum sysboxd_0.1.1-0.ubuntu-bionic_amd64.deb
fc50e58889c76c13528b6116aafe4bbd4dca0beae477d8a7521b9a5cb2da4a24  sysboxd_0.1.1-0.ubuntu-bionic_amd64.deb

$ sha256sum sysboxd_0.1.1-0.ubuntu-cosmic_amd64.deb
917a17e61b36b0a318530cbb5650be46c612f88efeb857d1f825b13c66af83a5  sysboxd_0.1.1-0.ubuntu-cosmic_amd64.deb

$ sha256sum sysboxd_0.1.1-0.ubuntu-disco_amd64.deb
572a548dbb0fc10badc1b796832bb4d9b14901b17827fa61bedc23d8c37a2826  sysboxd_0.1.1-0.ubuntu-disco_amd64.deb

$ sha256sum sysboxd_0.1.0-0~ubuntu-bionic_amd64.deb
359eae614b827b07cb331330b6bbef56d7f910316e2eb3616953411df24b2b16  sysboxd_0.1.0-0~ubuntu-bionic_amd64.deb

$ sha256sum sysboxd_0.1.0-0~ubuntu-cosmic_amd64.deb
e4bded100a13cb0374f9015106b541ddbced3b6d9e6f4429afcbf31d2c232d8c  sysboxd_0.1.0-0~ubuntu-cosmic_amd64.deb

$ sha256sum sysboxd_0.1.0-0~ubuntu-disco_amd64.deb
895d67153b0d5406db1a10595aad984884c6313e65c6e158e184982a4184ff3d  sysboxd_0.1.0-0~ubuntu-disco_amd64.deb