v0.8.7 release for Docker and containerd

This is the v0.8.7 release of hcsshim for Docker

hcsshim v1

• Improves internal wait patterns reducing HCS syscall overhead.
• Changes the syscall interface to properly contain call context.
• Improves error handling for process/container based patterns.

hcn

• Adds outbound NAT policies.
• Improves failure cases when a namespace is not found.
• Fixes the L4ProxyPolicySetting CompartmentID field.
• Added NatFlags to PortMappings.

This is the v0.8.7 release of containerd-shim-runhcs-v1.exe for containerd

There are significant changes since the last official release of hcsshim.

The most important change is that we are officially deprecating runhcs.exe as the containerd runtime of choice and have removed the v1 runtime bindings for it from containerd. It is now expected that for containerd on Windows you use Runtime V2 shim implemented in the cmd/containerd-shim-runhcs-v1 section of the repo.

containerd-shim-runhcs-v1.exe

With the move to containerd the containerd-shim-runhcs-v1.exe binary now replaces all OS level interaction with the gRPC interface implemented by the Runtime V2 interface as defined by containerd. This allows us to fully implement Windows process and Hyper-V containers on RS1+ with support for Windows v2 containers as well as LCOW on RS5+ releases of Windows.

The implementation is as follows for your HOST OS version of Windows:

	RS1 - RS4	RS5+
Windows Process Container	v1 (Argon)	v2
Windows Hyper-V (Server) Container	v1 (Xenon)	v2
LCOW	Not Supported	v2

The main difference with Windows v2 containers and LCOW v2 is the ability of the shim to support true Kubernetes pod's. On Windows this means a shared network namespace for process containers in the pod. For Windows hypervisor (including LCOW) containers it additionally means shared processor, memory, and storage for all containers in the pod within a single UtilityVM. This single UtilityVM provides higher performance and density while also providing greater lifetime guarantees for the set.