v1.0.0-beta.3

[smira]

Talos 1.0.0-beta.3 (2022-03-25)

Welcome to the v1.0.0-beta.3 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Admission Plugin Configuration

Talos now supports Kubernetes API server admission plugin configuration via the .cluster.apiServer.admissionControl machine configuration field.

This configuration can be used to enable Pod Security Admission plugin and
define cluster-wide default Pod Security Standards.

Apply Config Enhancements

talosctl apply/patch/edit cli commands got revamped.
Separate flags --on-reboot, --immediate, --interactive were replaced
with a single --mode flag that can take the following values:

• auto new mode that automatically applies the configuration in immediate/reboot mode.
• no-reboot force apply immediately, if not possible, then fail.
• reboot force reboot with apply config.
• staged write new machine configuration to STATE, but don't apply it (it will be applied after a reboot).
• interactive starts interactive installer, only for apply.

API Server Audit Logs

kube-apiserver is now configured to store its audit logs separately from the kube-apiserver standard logs and directly to file.
The kube-apiserver will maintain the rotation and retirement of these logs, which are stored in /var/log/audit/.
Previously, the audit logs were sent to kube-apiserver's stdout, along with the rest of its logs, to be collected in the usual manner by Kubernetes.

Equinix Metal Platform

talos.platform for Equinix Metal is renamed from packet to equinixMetal, the older name is still supported for backwards compatibility.

Extension Services

Talos now provides a way to extend set of system services Talos runs with extension services.
Extension services should be included in the Talos root filesystem (e.g. via system extensions).

Pinned Kubernetes Version

Command talosctl gen config now defaults to Kubernetes version pinning in the generate machine configuration.
Previously default was to omit explicit Kubernetes version, so Talos picked up the default version it was built against.
Old behavior can be achieved by specifiying empty flag value: --kubernetes-version=.

Kernel Parameters

Talos now supports setting bond interface from Kernel cmdline using the bond= option.
Reference: https://man7.org/linux/man-pages/man7/dracut.cmdline.7.html

Kubelet

Kubelet configuration can now be overridden with the .machine.kubelet.extraConfig machine configuration field.
As most of the kubelet command line arguments are being deprecated, it is recommended to migrate to extraConfig
instead of using extraArgs.

A number of conformance tweaks have been made to the kubelet to allow it to run without
protectKernelDefaults.
This includes both kubelet configuration options and sysctls.
Of particular note is that Talos now sets the kernel.panic reboot interval to 10s instead of 1s.
If your kubelet fails to start after the upgrade, please check the kubelet logs to determine the problem.

Talos now performs graceful kubelet shutdown by default on node reboot/shutdown.
Default shutdown timeouts: 20s for regular priority pods and 10s for critical priority pods.
Timeouts can be overridden with the .machine.kubelet.extraConfig machine configuration key:
shutdownGracePeriod and shutdownGracePeriodCriticalPods.

Machine Configuration

Talos now preserves machine configuration as it was submitted to the node.

Machine Configuration Patching

talosctl commands which accept JSON patches (gen config, cluster create, patch machineconfig) now support multiple patches, loading patches
from files with @file.json syntax, and support loading from YAML format.

Platform Support

Talos now supports Oracle Cloud.

Platform network configuration was rewritten to avoid modifying Talos machine configuration.
Network configuration is performed independent of the machine configuration presence, so it works
even if Talos is booted in maintenance mode (without machine configuration is platform userdata).

Pod Security Policy

Pod Security Policy Kubernetes feature is deprecated and is going to be removed in Kubernetes 1.25.
Talos by default skips setting up PSP now (see machine configuration .cluster.apiServer.disablePodSecurityPolicy).

SBC Support

Talos now supports Jetson Nano SBC.

Static Pods in the Machine Configuration

Talos now accepts static pod definitions in the .machine.pods key of the machine configuration.
Please note that static pod definitions are not validated by Talos.
Static pod definitions can be updated without a node reboot.

Sysfs Kernel Parameters

Talos now supports setting sysfs kernel parameters (/sys/...).
Use machine configuration field .machine.sysfs to set sysfs kernel parameters.

System Extensions

System extensions allow extending Talos root filesystem, which enables a set of different features, including custom
container runtimes, additional firmware, etc.

System extensions are only activated during Talos installation (or upgrade), and with system extensions installed, Talos
root filesystem is still immutable and read-only.

Please see extensions repository and documentation for more information.

Component Updates

• Linux: 5.15.31
• Kubernetes: 1.23.5
• CoreDNS: 1.9.1
• etcd: 3.5.2
• containerd: 1.6.2
• runc: 1.1.0

Talos is built with Go 1.17.8

Wipe System Kernel Parameter

Added new kernel parameter talos.experimental.wipe=system which can help resetting system disk for the machine
and start over with a fresh installation.
See Resetting a Machine on how to use it.

Contributors

• Andrey Smirnov
• Noel Georgi
• Serge Logvinov
• Seán C McCord
• Artem Chernyshev
• Spencer Smith
• Steve Francis
• Florian Klink
• Andrey Smirnov
• Andrew Rynhard
• Anthony Rabbito
• Bernard Sébastien
• Charlie Haley
• Eric Wohltman
• Jori Huisman
• Matt Layher
• Niklas Metje
• Philipp Sauter
• Shahar Naveh
• Tim Jones
• Utku Ozdemir
• nebulait

Changes

216 commits

• 7e386357b release(v1.0.0-beta.3): prepare release
• eb6822ab4 feat: update containerd to 1.6.2, Linux to 5.15.31
• c8f5523ee chore: update the talosctl CNI download url
• 698c0e488 feat: update CoreDNS to 1.9.1
• cc986136b test: use clusterctl.yaml overrides after org rename
• 411dd1994 chore: rename github organization to siderolabs
• 7ad030a0b fix: the etcd recovery client and tests
• 4adae5e4a fix: trigger properly udevd on types and actions
• 6c0f8c704 fix: clean up custom udev rules if the config is cleared
• 65dad2488 feat: update Linux to 5.15.30
• d31fed839 release(v1.0.0-beta.2): prepare release
• 4a2e65a74 feat: pause the boot process on some failures instead of rebooting
• b6d71d49e fix: ignore connection reset errors on k8s upgrade
• 4557d01b0 feat: allow hardlinks in the system extension images
• 5bfc16cfe fix: ignore pod CIDRs for kubelet node IPs
• cb97369e5 fix: split regular network operation configuration and virtual IP
• cb61e5953 fix: ignore terminated pods in pod health checks
• 974f02e2d feat: update Kubernetes to 1.23.5
• 426921a6b fix: invert the condition to skip kubelet kernel checks
• a60575984 feat: relax extensions file structure validation
• eb16019eb fix: refresh etcd certs on startup/join
• 11e435a69 chore: add dependency images-essential -> images
• 4f142cc4e feat: implement D-Bus systemd-compatible shutdown for kubelet
• 3345cde26 chore: bump kernel to 5.15.28
• 602e049d9 release(v1.0.0-beta.1): prepare release
• 06647da34 chore: fix equinixMetal platform name
• 7e31e7d8f feat: bump boot partition size to 1000 MiB
• 83d7aebe1 fix: check for IPv6 before applying accept_ra
• d785204aa chore: disable one commit per PR
• f7ad1b982 release(v1.0.0-beta.0): prepare release
• 0aa23cb32 feat: update pkgs to 1.0 versions, Go 1.17.8
• dc8e9ed4a feat: bond interfaces from kernel cmdline
• 947c77b60 docs: update cilium inline install
• 654472005 chore: update talos-systems modules to released version
• 77158a61f chore: rename v0.15 to v1.0
• 22a4d6b3e feat: update containerd to 1.6.1
• a50747a64 fix: align list and diskusage command flags with their Linux analogs
• d29e9202f chore: remove iSCSI packages from the rootfs image
• 09efa62f6 chore: re-enable kexec and default to UEFI booting in tests
• 8975a56eb docs: fix typo in release notes
• 61461de63 feat: define resource reservation
• 7ddc7f605 feat: support specifying env vars for control plane pods
• 7c1924a3a docs: update cilium docs
• 7b33ffbd8 chore: update pkgs and extras
• c5992c2bf chore: bump dependencies
• de69ab790 fix: scaleway network config
• f81fb9f7c feat: implement sysfs
• 79d9720a3 fix: set route to metaserver for scaleway platform
• eb40b9254 feat: add a way to override kubelet configuration via machine config
• dc2371547 chore: update packet to equinix
• 7917b1aca feat: support admission control configuration and Pod Security admission
• 45feb72a4 feat: fluent-bit example
• 9b0b5501d docs: add katacoda link
• b2bf3117f feat: implement extension services
• 063a9e165 test: pre-fetch CLI tools
• d749643e7 feat: download metadata on Scaleway using low source port
• 1800b4c70 chore: fix kernel reference errata
• 743a03002 chore: bump github.com/mdlayher/arp@latest
• 614adf0ff feat: update xfsprogs to 5.14.2, replace LibreSSL with OpenSSL
• 28c3b495d docs: updates to troubleshooting doc
• 673fe2ebf feat: disable PSP by default for Talos >= 0.15
• 4d419a007 feat: store audit logs to disk
• 8ef3d85bc chore: bump dependencies
• 8a634d564 chore: bump tools, pkgs, extras
• f40b480bd chore: expand Cilium deployment docs
• 3ba8eb00d docs: design concepts page
• a5fb271ac feat: enable protectKernelDefaults in kubelet_spec
• b7a1e0431 chore: don't append initrd= to the kernel command line
• 4d5cd6653 feat: add new grub parser and descriptive grub menu entries
• 6ccfdbaf1 fix: avoid replacing default gRPC codec in machinery
• 0fe34b358 feat: update Kubernetes to 1.23.4
• 95a564ba2 fix: prefer logical on merging link specs
• 8b7091a06 fix: correct vultr interface IP calculation
• 5a0fd63c8 fix: determine openstack interface IP correctly
• 00ccaf13f feat: update CoreDNS to 1.9.0
• a9a47b755 feat: update containerd to 1.6.0
• 961067e8b docs: update getting-started.md
• bddd53fc4 chore: bump dependencies
• f1a93d28f release(v0.15.0-alpha.2): prepare release
• 1e9f0ad4c feat: update Go to 1.17.7, Linux to 5.15.23
• fef99892d chore: pin kubernetes version to talosctl gen config
• bcf928134 feat: udev extensions support
• 47619f832 docs: update system extensions guide with grammar fixes
• 2bcceb6e4 chore: disable TIPC and B.A.T.M.A.N
• c6bca1b33 docs: add guide on system extensions
• 492b156da feat: implement static pods via machine configuration
• 6fadfa8db fix: parse properly IPv6 address in the cmdline ip= arg
• d991f3982 chore: update the kernel with IGC driver enabled
• cbc9610be feat: sysctl system optimization
• 8b6d6220d fix: parse interface ip correctly (nocloud)
• 54632b1be docs: fix developing Talos docs
• 0da370dfe test: unlock CABPT/CACPPT provider versions
• df0e388a4 feat: extract firmware part of system extensions into initramfs
• 8899dd349 chore: add json-tags for SecretsBundle
• 4f391cd5c chore: bump kernel to 5.15.22
• 6bd07406e feat: disable reboots via kexec
• 1e3f2f952 fix: validate kubelet node IP subnets correctly
• d211bff47 feat: enable accept_ra when IPv6 forwarding
• 930205831 chore: update kernel to 5.15.21
• c7186ed08 chore: bump dependencies
• 9ee470f95 feat: set /etc/localtime to UTC
• c34768367 fix: disable auto-tls for etcd
• 9bffc7e8d fix: pass proper sequence to shutdown sequence on ACPI shutdown
• e47387e41 chore: bump CAPI to 1.0.4
• 5462f5ed1 feat: update etcd to 3.5.2
• f6fa12e53 docs: update upgrading Talos, Kubernetes, and Docker guides
• 5484579c1 feat: allow link scope routes in the machine config
• 56b83b087 feat: enable persistence for docker provider
• 949464e4b fix: use leaf certificate in the apid RBAC check
• 446972f21 chore: bump kernel to 5.15.19
• fe40e7b1b feat: drain node on shutdown
• 7f0b3aae0 feat: add multiple config patches, patches from files, YAML support
• 202290be7 docs: update Kubernetes upgrade video
• 036644f7a chore: bump kernel to 5.15.18
• dcde2c4f6 chore: update k8s upgrade message
• 1c949335c docs: add documentation for Hyper-V
• 7f9790912 fix: clean up containerd state on installer run/validate
• 8b98d8eb3 docs: clarify Filebeat example
• 74c03120c docs: replace Talos upgrades video
• 65e64d425 chore: update kernel to stable 5.15.17
• 4245f72d3 feat: add --extra-uefi-search-paths option
• 7ffeb6c2e docs: update oracle cloud example
• 151c9df09 chore: add CSI tests for e2e-qemu
• cdb621c82 feat: provide a way to list installed system extensions
• abfb25812 feat: share /lib/firmware across initramfs and rootfs
• ebec5d4a0 feat: support full disk path in the diskSelector
• 831f65a07 fix: close client provider instead of Talos client in the upgrade module
• 0bf161dff test: add integration test for system extensions
• 7b3962745 fix: handle 404 errors from AWS IMDS correctly
• 85782faa2 feat: update Kubernetes to 1.23.3
• c5e5922e5 chore: bump dependencies
• b3c3ef29b feat: install system extensions
• a0889600f chore: fix golangci-lint install
• a50c42980 fix: use #!/usr/bin/env bash as shebang instead of #!/bin/bash
• 4464b725c fix: qemu: always use runtime.GOARCH for CNI bundle
• e7379c81b release(v0.15.0-alpha.1): prepare release
• 58eb3600f fix: enforce reasonable TLS min tls-min-version
• b8d4c5dfa fix: use correct error in kernel_param_spec Modify call handling
• 4961d6867 docs: drop talos.interface kernel arg
• b1e61fa5b chore: update Linux to 5.15.16
• d4b844593 feat: support CRI configuration merging and reimplement registry config
• f94c8c6e1 feat: update Kubernetes to 1.23.2
• 21f497b3e feat: install readonly overlay mounts during talos chroot sequence
• 9ad5a67d2 feat: inject platform network configuration as network resources
• 907f8cbfb docs: fix patch flag
• caa434426 docs: add documentation on developing Talos
• 16eeb6776 docs: readme updates
• 3c0737027 chore: update release notes
• 6d8bea5d5 feat: jetson nano SoC
• 1d8955ebe feat: update CoreDNS to 1.8.7
• 6af83afd5 fix: handle multiple-IP cluster nodes
• 43b2d8137 chore: bump dependencies
• 529e80f4f docs: update home page and footer
• 37630e70c Update twitter link
• af440919b fix: avoid panic in config loading/validation
• 4b8e9de59 docs: add guide on adding proprietary kernel modules
• 833dc4169 docs: rework vmware assets
• 2869b5eea feat: add oraclecloud.com platform support
• f3ec24beb fix: vmware documentation typo
• 2f2bdb26a feat: replace flags with --mode in apply, edit and patch commands
• b09be2a69 docs: update index.md and sync across versions
• ca65b918a docs: add nocloud documentation
• 59437d6d8 fix: filter down nameservers for docker-based cluster create
• 194eaa6f2 chore: clean up /usr/bin from unneeded files
• 74e727240 docs: update office office
• 539af338c docs: update vmware docs
• 279a3fda7 feat: update Go to 1.17.6, containerd to 1.5.9
• 3d3088941 chore: bump Go dependencies
• d02d944ec chore: provide umarshal from YAML methods for network resource specs
• 2e735714d fix: derive machine-id from node identity
• d8a2721e1 test: update CAPI components to latest
• 7dff8a53e fix: ignore missing init.yaml for cluster create
• f4516c7d8 chore: bump dependencies
• 944f13221 chore: fix release pipeline
• cb548a368 release(v0.15.0-alpha.0): prepare release
• da0b36e61 feat: introduce talos.exp.wipe kernel param to wipe system disk
• c079eb32b refactor: use AWS SDK to access AWS metadata service
• 2f4b9d8d6 feat: make machine configuration read-only in Talos (almost)
• 524f83d3d feat: use official Go SDK to fetch GCP instance metadata
• d2a7e082c test: retry in discovery tests
• f4219e530 chore: remove unused methods in AWS platform
• 35bc2940e fix: kexec on RPI4
• f235cfbae fix: multiple usability fixes
• b3fbb2f31 test: don't build all images in the default CI pipeline
• dac550a50 docs: fix troubleshooting guide
• 83e8bec6b feat: update Linux to 5.15.11
• d5a82b37e feat: remove ApplyDynamicConfig
• 3623da136 feat: provide a way to load Linux kernel modules
• 4d1514add docs: update Mayastor deployment process
• cff1ff6d5 feat: shell completion for list, read
• 19728437e feat: output IPs when etcd needs to be bootstrapped
• c297d66a1 test: attempt number on two on proper retries in CLI time tests
• dc299da9e docs: add arm64 option to talosctl download
• f49f40a33 fix: pass path to conformance retrieve results
• 942c8074f docs: fork docs for 0.15
• 880a7782c docs: update documentation for 0.14.0 release
• dc9a0cfe9 chore: bump Go dependencies
• 773496935 fix: config apply immediate
• 17c147488 test: retry talosctl time call in the tests
• acf1ac0f1 feat: show human-readable aliases in talosctl get rd
• 5532867b0 refactor: rewrite the implementation of Processes API
• 80350861a feat: update Kubernetes to 1.23.1
• 4c96e936e docs: add cilium guide
• e3f2acb5e refactor: rewrite the check for unknown keys in the machine configuration
• 4175396a8 refactor: use update go-blockdevice library with allocation fixes
• b58f567a1 refactor: optimize Runtime config interface to avoid config marshaling
• bb355c9ab chore: remove govalidator library
• 3af56bd2e test: update capi templates to v1beta1
• 936b4c4ce fix: update DHCP library with the panic fix
• ab42886bf fix: allow kubelet to be started via the API
• ec641f729 fix: use default time servers in time API if none are configured
• 79f213eec fix: cleanup affiliates
• 2dd0b5b68 chore: update Go to 1.17.5
• 97ffa7a64 feat: upgrade kubelet version in talosctl upgrade-k8s
• 5bc5123eb docs: document ip= kernel argument
• 8e1d0bfb5 feat: update Kubernetes to 1.23.0

Changes since v1.0.0-beta.2

10 commits

• 7e386357b release(v1.0.0-beta.3): prepare release
• eb6822ab4 feat: update containerd to 1.6.2, Linux to 5.15.31
• c8f5523ee chore: update the talosctl CNI download url
• 698c0e488 feat: update CoreDNS to 1.9.1
• cc986136b test: use clusterctl.yaml overrides after org rename
• 411dd1994 chore: rename github organization to siderolabs
• 7ad030a0b fix: the etcd recovery client and tests
• 4adae5e4a fix: trigger properly udevd on types and actions
• 6c0f8c704 fix: clean up custom udev rules if the config is cleared
• 65dad2488 feat: update Linux to 5.15.30

Changes from siderolabs/extras

6 commits

• siderolabs/extras@4a6ff33 chore: reproducible builds, use pkgs base
• siderolabs/extras@9238bc7 feat: bump pkgs for CNI 1.1.0 update
• siderolabs/extras@2d9d430 chore: bump tools
• siderolabs/extras@8f607fc chore: bump to Go 1.17.7
• siderolabs/extras@7c1f3cc feat: update Go to 1.17.6
• siderolabs/extras@495a5b2 feat: update Go to 1.17.5

Changes from siderolabs/pkgs

42 commits

• siderolabs/pkgs@615d1a0 feat: update containerd to 1.6.2
• siderolabs/pkgs@fab0d43 chore: bump kernel to 5.15.31
• siderolabs/pkgs@e7c458c chore: org update
• siderolabs/pkgs@9d4e9ae feat: update Linux to 5.15.30
• siderolabs/pkgs@cd86ab5 chore: bump kernel to 5.15.28
• siderolabs/pkgs@5f97726 chore: reproducible builds
• siderolabs/pkgs@325439e feat: update containerd to 1.6.1
• siderolabs/pkgs@1b0a12e chore: bump kernel to 5.15.26
• siderolabs/pkgs@9d61f59 feat: update CNI plugins to v1.1.0
• siderolabs/pkgs@b3aae71 chore: enable Adaptec RAID controllers
• siderolabs/pkgs@0c6e9e6 chore: bump kenrel to 5.15.25
• siderolabs/pkgs@679b49d chore: disable Remote NDIS
• siderolabs/pkgs@8f03136 feat: replace LibreSSL with OpenSSL
• siderolabs/pkgs@0a3b5e3 feat: upgrade xfsprogs to the latest version
• siderolabs/pkgs@3af05f6 chore: bump tools
• siderolabs/pkgs@b32ccd1 chore: bump kernel to 5.15.24
• siderolabs/pkgs@aafafb5 feat: update containerd to 1.6.0
• siderolabs/pkgs@6019223 chore: bump kernel to 5.15.23
• siderolabs/pkgs@ff4b2d8 chore: bump tools for Go 1.17.7
• siderolabs/pkgs@e34f883 chore: disable TIPC and B.A.T.M.A.N
• siderolabs/pkgs@2b8cd88 feat: add Intel Ethernet Controller I225-V driver
• siderolabs/pkgs@407459d feat: enable zstd squashfs compression and firmware (xz) compression
• siderolabs/pkgs@81a4b1c chore: bump kernel to 5.15.22
• siderolabs/pkgs@c9a6415 chore: bump kernel to 5.15.21
• siderolabs/pkgs@90dcd00 chore: bump kernel to 5.15.19
• siderolabs/pkgs@d457b87 chore: bump kernel to 5.15.18
• siderolabs/pkgs@dd69678 chore: disable ATA-over-Ethernet driver for arm64
• siderolabs/pkgs@388ce13 chore: bump kernel to 5.15.17
• siderolabs/pkgs@c14eb99 feat: update Linux to 5.15.16
• siderolabs/pkgs@5d4d8d6 feat: bump containerd to 1.6.0-rc.0, runc to 1.1.0
• siderolabs/pkgs@5dd08a7 feat: jetson nano SoC
• siderolabs/pkgs@402b960 chore: bump u-boot to 2022.01
• siderolabs/pkgs@6ce1a40 feat: update Go to 1.17.6
• siderolabs/pkgs@08f2519 feat: update containerd to 1.5.9
• siderolabs/pkgs@fbb5c5c feat: add qlcnic drivers to kernel
• siderolabs/pkgs@0505e01 chore: fix =m kernel build options
• siderolabs/pkgs@54aa902 feat: enable amdgpu in kernel
• siderolabs/pkgs@2779c3f fix: kexec on rpi4
• siderolabs/pkgs@950361f feat: update Linux to 5.15.11
• siderolabs/pkgs@ad611bc feat: provide build instructions for NVIDIA kernel module
• siderolabs/pkgs@b22723d feat: update iPXE to the latest available version
• siderolabs/pkgs@a675c67 feat: update Go to 1.17.5

Changes from siderolabs/tools

8 commits

• siderolabs/tools@4c77d96 chore: update golang to 1.17.8
• siderolabs/tools@2d4771e chore: reproducible builds
• siderolabs/tools@8197edb chore: bump expat to 2.4.5
• siderolabs/tools@74e3a95 feat: add meson
• siderolabs/tools@4c9e7a4 chore: bump go to 1.17.7
• siderolabs/tools@d33b4b6 feat: support zstd compression
• siderolabs/tools@67314b1 feat: update Go to 1.17.6
• siderolabs/tools@9c2b9df feat: update Go to 1.17.5

Changes from talos-systems/crypto

2 commits

• siderolabs/crypto@510b0d2 chore: add json tags
• siderolabs/crypto@6fa2d93 fix: deepcopy nil fields as nil

Changes from talos-systems/go-blockdevice

3 commits

• siderolabs/go-blockdevice@7b9de26 feat: read symlink fullpath in block device list function
• siderolabs/go-blockdevice@6928ee4 refactor: rewrite GPT serialize/deserialize functions
• siderolabs/go-blockdevice@0c7e429 refactor: simplify middle endian functions

Changes from talos-systems/grpc-proxy

4 commits

• siderolabs/grpc-proxy@b076302 fix: use io.EOF error when no backend connections are available
• siderolabs/grpc-proxy@82daca0 docs: update README
• siderolabs/grpc-proxy@fa6843a chore: fix spelling
• siderolabs/grpc-proxy@c0a87d9 chore: major cleanup of the code and build

Changes from talos-systems/net

1 commit

• siderolabs/net@409926a fix: parse correctly some IPv6 CIDRs

Dependency Changes

• cloud.google.com/go/compute v1.5.0 new
• github.com/BurntSushi/toml v0.4.1 -> v1.0.0
• github.com/aws/aws-sdk-go v1.43.8 new
• github.com/containerd/cgroups v1.0.2 -> 2e502f6b9e43
• github.com/containerd/containerd v1.5.8 -> v1.6.2
• github.com/containernetworking/plugins v1.0.1 -> v1.1.0
• github.com/docker/distribution v2.7.1 -> v2.8.0
• github.com/docker/docker v20.10.11 -> v20.10.12
• github.com/godbus/dbus/v5 v5.0.6 new
• github.com/google/go-cmp v0.5.6 -> v0.5.7
• github.com/google/nftables 16a134723a96 -> 211824995dcb
• github.com/hashicorp/go-cleanhttp v0.5.2 new
• github.com/hashicorp/go-getter v1.5.9 -> v1.5.11
• github.com/hashicorp/go-version v1.4.0 new
• github.com/insomniacslk/dhcp 5297eed8f489 -> 3c283ff8b7dd
• github.com/jsimonetti/rtnetlink fd9a11f42291 -> v1.1.0
• github.com/jxskiss/base62 v1.0.0 -> v1.1.0
• github.com/mdlayher/arp f72070a231fc -> c37aaafac7f9
• github.com/mdlayher/ethtool 288d040e9d60 -> 856bd6cb8a38
• github.com/mdlayher/genetlink v1.0.0 -> v1.2.0
• github.com/mdlayher/netlink v1.4.2 -> v1.6.0
• github.com/opencontainers/image-spec v1.0.2 new
• github.com/packethost/packngo v0.20.0 -> v0.22.0
• github.com/pelletier/go-toml v1.9.4 new
• github.com/pmorjan/kmod v1.0.0 new
• github.com/rivo/tview 2a6de950f73b -> 96063d6082f3
• github.com/scaleway/scaleway-sdk-go v1.0.0-beta.7 -> v1.0.0-beta.9
• github.com/siderolabs/extras v0.7.0-1-gd6b73a7 -> v1.0.0
• github.com/siderolabs/pkgs v0.9.0-1-g7a3419a -> v1.0.0-5-g615d1a0
• github.com/siderolabs/tools v0.9.0-1-gb1146f9 -> v1.0.0-1-g4c77d96
• github.com/spf13/cobra v1.2.1 -> v1.3.0
• github.com/talos-systems/crypto v0.3.4 -> v0.3.5
• github.com/talos-systems/go-blockdevice v0.2.5 -> v0.3.0
• github.com/talos-systems/grpc-proxy v0.2.0 -> v0.3.0
• github.com/talos-systems/net v0.3.1 -> v0.3.2
• github.com/u-root/u-root v7.0.0 -> v0.8.0
• github.com/vishvananda/netlink f5de75959ad5 -> 650dca95af54
• github.com/vmware-tanzu/sonobuoy v0.55.1 -> v0.56.2
• github.com/vmware/govmomi v0.27.2 -> v0.27.4
• go.etcd.io/etcd/api/v3 v3.5.1 -> v3.5.2
• go.etcd.io/etcd/client/pkg/v3 v3.5.1 -> v3.5.2
• go.etcd.io/etcd/client/v3 v3.5.1 -> v3.5.2
• go.etcd.io/etcd/etcdutl/v3 v3.5.1 -> v3.5.2
• go.uber.org/zap v1.19.1 -> v1.21.0
• golang.org/x/net 491a49abca63 -> 27dd8689420f
• golang.org/x/sys 97ca703d548d -> 4e6760a101f9
• golang.org/x/time f0f3c7e86c11 -> 0e9765cccd65
• golang.zx2c4.com/wireguard/wgctrl dd7407c86d22 -> fde48d68ee68
• google.golang.org/grpc v1.42.0 -> v1.44.0
• k8s.io/api v0.23.1 -> v0.23.5
• k8s.io/apimachinery v0.23.1 -> v0.23.5
• k8s.io/apiserver v0.23.5 new
• k8s.io/client-go v0.23.1 -> v0.23.5
• k8s.io/component-base v0.23.1 -> v0.23.5
• k8s.io/cri-api v0.23.1 -> v0.23.5
• k8s.io/kubectl v0.23.1 -> v0.23.5
• k8s.io/kubelet v0.23.1 -> v0.23.5
• kernel.org/pub/linux/libs/security/libcap/cap v1.2.61 -> v1.2.63

Previous release can be found at v0.14.0

Images

quay.io/coreos/flannel:v0.15.1
ghcr.io/siderolabs/install-cni:v1.0.0
docker.io/coredns/coredns:1.9.1
gcr.io/etcd-development/etcd:v3.5.2
k8s.gcr.io/kube-apiserver:v1.23.5
k8s.gcr.io/kube-controller-manager:v1.23.5
k8s.gcr.io/kube-scheduler:v1.23.5
k8s.gcr.io/kube-proxy:v1.23.5
ghcr.io/siderolabs/kubelet:v1.23.5
ghcr.io/siderolabs/installer:v1.0.0-beta.3
k8s.gcr.io/pause:3.2

---

This discussion was created from the release v1.0.0-beta.3.