- Swarm: Fixed `start_interval` not being passed to the container config. [moby/moby#47163](https://github.com/moby/moby/pull/47163)

### Packaging updates

- Upgrade Compose to `2.24.2`. [docker/docker-ce-packaging#981](https://github.com/docker/docker-ce-packaging/pull/981)

## 25.0.0

{{< release-date date="2024-01-19" >}}

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

- [docker/cli, 25.0.0 milestone](https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A25.0.0)
- [moby/moby, 25.0.0 milestone](https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A25.0.0)

> [!NOTE]
>
> In earlier versions of Docker Engine, recursive mounts (submounts) would
> always be mounted as writable, even when specifying a read-only mount. This
> behavior has changed in v25.0.0, for hosts running on kernel version 5.12 or
> later. Now, read-only bind mounts are **recursively read-only** by default.
>
> To get the same behavior as earlier releases, you can specify the
> `bind-recursive` option for the `--mount` flag.
>
> ```console
> $ docker run --mount type=bind,src=SRC,dst=DST,readonly,bind-recursive=writable IMAGE
> ```
>
> This option isn't supported with the `-v` or `--volume` flag.
> For more information, see
> [Recursive mounts](/manuals/engine/storage/bind-mounts.md#recursive-mounts).

### New

- The daemon now uses systemd's default `LimitNOFILE`. In earlier versions of
  Docker Engine, this limit was set to `infinity`. This would cause issues with
  recent versions of systemd, where the hard limit was increased, causing
  programs that adjusted their behaviors based on ulimits to consume a high
  amount of memory. [moby/moby#45534](https://github.com/moby/moby/pull/45534)

  The new setting makes containers behave the same way as programs running on
  the host, but may cause programs that make incorrect assumptions based on the
  soft limit to misbehave. To get the previous behavior, you can set
  `LimitNOFILE=1048576`.

  This change currently only affects build containers created with `docker
  build` when using BuildKit with the `docker` driver. Future versions of
  containerd will also use this limit, which will cause this behavior to affect
  all containers, not only build containers.

  If you're experiencing issues with the higher ulimit in systemd v240 or later,
  consider adding a system `drop-in` or `override` file to configure the ulimit
  settings for your setup. The [Flatcar Container Linux documentation](https://www.flatcar.org/docs/latest/setup/systemd/drop-in-units/)
  has a great article covering this topic in detail.

- Add OpenTelemetry tracing. [moby/moby#45652](https://github.com/moby/moby/pull/45652), [moby/moby#45579](https://github.com/moby/moby/pull/45579)
- Add support for CDI devices under Linux. [moby/moby#45134](https://github.com/moby/moby/pull/45134), [docker/cli#4510](https://github.com/docker/cli/pull/4510), [moby/moby#46004](https://github.com/moby/moby/pull/46004)
- Add an additional interval to be used by healthchecks during the container start period. [moby/moby#40894](https://github.com/moby/moby/pull/40894), [docker/cli#4405](https://github.com/docker/cli/pull/4405), [moby/moby#45965](https://github.com/moby/moby/pull/45965)
- Add a `--log-format` flag to `dockerd` to control the logging format: text (default) or JSON. [moby/moby#45737](https://github.com/moby/moby/pull/45737)
- Add support for recursive read-only mounts. [moby/moby#45278](https://github.com/moby/moby/pull/45278), [moby/moby#46037](https://github.com/moby/moby/pull/46037)
- Add support for filtering images based on timestamp with `docker image ls --filter=until=<timestamp>`. [moby/moby#46577](https://github.com/moby/moby/pull/46577)

### Bug fixes and enhancements

- API: Fix error message for invalid policies at `ValidateRestartPolicy`. [moby/moby#46352](https://github.com/moby/moby/pull/46352)
- API: Update `/info` endpoint to use singleflight. [moby/moby#45847](https://github.com/moby/moby/pull/45847)