v0.29.0

This is a quick security release to pickup the containerd 2.1.1 CVE-2025-47290 fix.
See v0.28.0 (release days ago!) for full release notes with recent changes:
https://github.com/kubernetes-sigs/kind/releases/tag/v0.28.0

Breaking Changes

The default node image is now kindest/node:v1.33.1@sha256:050072256b9a903bd914c0b2866828150cb229cea0efe5892e2b644d5dd3b34f

New Features

• Updated to containerd 2.1.1

Images pre-built for this release:

• v1.33.1: kindest/node:v1.33.1@sha256:050072256b9a903bd914c0b2866828150cb229cea0efe5892e2b644d5dd3b34f
• v1.32.5: kindest/node:v1.32.5@sha256:e3b2327e3a5ab8c76f5ece68936e4cafaa82edf58486b769727ab0b3b97a5b0d
• v1.31.9: kindest/node:v1.31.9@sha256:b94a3a6c06198d17f59cca8c6f486236fa05e2fb359cbd75dabbfc348a10b211
• v1.30.13: kindest/node:v1.30.13@sha256:397209b3d947d154f6641f2d0ce8d473732bd91c87d9575ade99049aa33cd648

NOTE: You must use the @sha256 digest to guarantee an image built for this release, until such a time as we switch to a different tagging scheme. Even then we will highly encourage digest pinning for security and reproducibility reasons.

See also:

• https://kind.sigs.k8s.io/docs/user/quick-start/#creating-a-cluster
• https://kind.sigs.k8s.io/docs/user/quick-start/#building-images

NOTE: These node images support amd64 and arm64, both of our supported platforms. You must use the same platform as your host, for more context see #2718

Fixes

• Fixes containerd CVE-2025-47290 / GHSA-cm76-qm8v-3j95

Contributors

Committers for this release:

• @BenTheElder
• @k8s-ci-robot
• @stmcginnis

(Please see v0.28.0 https://github.com/kubernetes-sigs/kind/releases/tag/v0.28.0#Contributors)