Skip to content

Releases: siderolabs/talos

v1.6.1

22 Dec 11:24
v1.6.1
0af17af
Compare
Choose a tag to compare

Talos 1.6.1 (2023-12-22)

Welcome to the v1.6.1 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

Linux: 6.1.69
containerd: 1.7.11

Talos is built with Go 1.21.5.

Contributors

  • Andrey Smirnov
  • Radosław Piliszek

Changes

5 commits

  • 0af17af3a release(v1.6.1): prepare release
  • 8355c9eef fix: properly overwrite files on install
  • 2e9901751 fix: update the way secureboot signer fetches certificate (azure)
  • 4caffd383 fix: use correct prefix when installing SBC files
  • 9e56d539b feat: update Linux to 6.1.69, containerd to 1.7.11

Changes from siderolabs/pkgs

4 commits

Dependency Changes

  • github.com/containerd/containerd v1.7.9 -> v1.7.11
  • github.com/siderolabs/pkgs v1.6.0-5-g3ae2450 -> v1.6.0-9-g8fa73db
  • github.com/siderolabs/talos/pkg/machinery v1.6.0 -> v1.6.1

Previous release can be found at v1.6.0

Images

ghcr.io/siderolabs/flannel:v0.23.0
ghcr.io/siderolabs/install-cni:v1.6.0-1-g113887a
registry.k8s.io/coredns/coredns:v1.11.1
gcr.io/etcd-development/etcd:v3.5.11
registry.k8s.io/kube-apiserver:v1.29.0
registry.k8s.io/kube-controller-manager:v1.29.0
registry.k8s.io/kube-scheduler:v1.29.0
registry.k8s.io/kube-proxy:v1.29.0
ghcr.io/siderolabs/kubelet:v1.29.0
ghcr.io/siderolabs/installer:v1.6.1
registry.k8s.io/pause:3.8

v1.6.0

15 Dec 10:56
v1.6.0
eddd188
Compare
Choose a tag to compare

Talos 1.6.0 (2023-12-15)

Welcome to the v1.6.0 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

OAuth2 Machine Config Flow

Talos Linux when running on the metal platform can be configured to authenticate the machine configuration download using OAuth2 device flow.

Network Device Selectors

Previously, network device selectors only matched the first link, now the configuration is applied to all matching links.

Extension Services

Talos now starts Extension Services early in the boot process, this allows guest agents to be started in maintenance mode.

Linux Firmware

Starting with Talos 1.6, there is no Linux firmware included in the initramfs.
Customers who need Linux firmware can pull them as extension during install time using the image factory service.
If the initial boot requires firmware, a custom iso can be built with the firmware included using the image factory service.
This also ensures that the linux-firmware is not tied to a specific Talos version.

Flannel Configuration

Talos Linux now supports customizing default Flannel manifest with extra arguments for flanneld.

cluster:
  network:
    cni:
      flannel:
        extraArgs:
          - --iface-can-reach=192.168.1.1

Ingress Firewall

Talos Linux now supports configuring the ingress firewall rules.

Kernel Arguments

Talos and Imager now supports dropping kernel arguments specified in .machine.install.extraKernelArgs or as --extra-kernel-arg to imager.
Any kernel argument that starts with a - is dropped. Kernel arguments to be dropped can be specified either as -<key> which would remove all arguments that start with <key> or as -<key>=<value> which would remove the exact argument.

Kube-Scheduler Configuration

Talos now supports specifying the kube-scheduler configuration in the Talos configuration file.
It can be set under cluster.scheduler.config and kube-scheduler will be automatically configured to with the correct flags.

Kubelet Credential Provider Configuration

Talos now supports specifying the kubelet credential provider configuration in the Talos configuration file.
It can be set under machine.kubelet.credentialProviderConfig and kubelet will be automatically configured to with the correct flags.
The credential binaries are expected to be present under /usr/local/lib/kubelet/credentialproviders.
Talos System Extensions can be used to install the credential binaries.

KubePrism

KubePrism is enabled by default on port 7445.

Sysctl

Talos now handles sysctl/sysfs key names in line with sysctl.conf(5):

  • if the first separator is '/', no conversion is done
  • if the first separator is '.', dots and slashes are remapped

Example (both sysctls are equivalent):

machine:
  sysctls:
    net/ipv6/conf/eth0.100/disable_ipv6: "1"
    net.ipv6.conf.eth0/100.disable_ipv6: "1"

talosctl CLI

The command images deprecated in Talos 1.5 was removed, please use talosctl images default instead.

Component Updates

Linux: 6.1.67
containerd: 1.7.10
CoreDNS: 1.11.1
Kubernetes: 1.29.0
Flannel: 0.23.0
etcd: 3.5.11
runc: 1.1.10

Talos is built with Go 1.21.5.

User Disks

Talos Linux now supports specifying user disks in .machine.disks machine configuration links via udev symlinks, e.g. /dev/disk/by-id/XXXX.

Contributors

  • Andrey Smirnov
  • Noel Georgi
  • Dmitriy Matrenichev
  • Oscar Utbult
  • Serge Logvinov
  • Andrey Smirnov
  • Artem Chernyshev
  • Utku Ozdemir
  • Nico Berlee
  • Radosław Piliszek
  • Steve Francis
  • Thomas Way
  • ndbrew
  • Andrei Kvapil
  • Christian Rolland
  • Drew Hess
  • Enno Boland
  • Florian Berchtold
  • Henry Sachs
  • Jacob McSwain
  • Jacob McSwain
  • Jared Davenport
  • Mans Matulewicz
  • Nebula
  • Sascha Desch
  • Spencer Smith
  • Thomas Lemarchand
  • Tim Jones
  • Zachary Milonas
  • budimanjojo
  • guoguangwu
  • mikucat0309

Changes

218 commits

  • eddd188c9 release(v1.6.0): prepare release
  • d42fd10c0 chore: fix the gvisor test
  • 333c462c5 feat: update Kubernetes to v1.29.0
  • 61e6df169 fix: leave discovery service later in the reset sequence
  • ef15a1f23 feat: provide compatibility for future Talos 1.7
  • c155602ca fix: add a KubeSpan option to disable extra endpoint harvesting
  • 5371eedd6 feat: send actor id to the SideroLink events sink
  • 997f83f1f docs: cap max heading level
  • d9db4cf76 feat: update Kubernetes to v1.29.0-rc.2
  • d510df5df chore: enable kubespan+firewall for cilium tests
  • b61b30056 chore: optimize pcap dump
  • 007d9f673 feat: update Linux to 6.1.67
  • 7b7fb367e release(v1.6.0-beta.1): prepare release
  • fe6661128 fix: talosctl cluster create not to enforce kubeprism always
  • 41fc05438 fix: support user disks via symlinks
  • 1fe7f2840 docs: rework machine config documentation generation
  • e45794064 chore: fix the release.toml
  • 591cfb456 fix: store and execute desired action on emergency action
  • fee63ac26 fix: trim leading spaces\newlines in inline manifest contents
  • cc16b9689 fix: skip writing the file if the contents haven't changed
  • ecee92c90 fix: do not panic in merge.Merge if map value is nil
  • c2259bff3 feat: update Go 1.21.5, Linux 6.1.65, etcd 3.5.11
  • c4dff49b3 release(v1.6.0-beta.0): prepare release
  • d8a435f0e fix: initialize boot assets with defaults early
  • c6835de17 fix: pick etcd adverised addresses from 'current' addresses
  • 6b5bc8b85 feat: update Linux to 6.1.64
  • e71e3e416 feat: support extra arguments for flanneld
  • 36c8ddb5e feat: implement ingress firewall rules
  • 0b111ecb8 fix: support slices of enums and fix NfTablesConntrackStateMatch
  • 9a8521741 feat: improve nftables backend
  • db4e2539d feat: update Kubernetes 1.29.0-rc.1 and other bumps
  • 7a4a92854 feat: support sanitized kernel args
  • f041b2629 chore: add tests for mdadm extension
  • e46e6a312 feat: implement nftables backend
  • ba827bf8b chore: support getting multiple endpoints from the Provision rpc call
  • dd45dd06c chore: add custom node taints
  • 8e2307466 docs: fix talosctl pcap argument
  • e4a050cb1 docs: fix talosctl inspect dependencies example indentation
  • fbcf4264f docs: fix talosctl dashboard cli docs
  • 70d53ee13 chore: deprecate .persist and .extensions
  • 95e33f6fc release(v1.6.0-alpha.2): prepare release
  • 514e514ba feat: update Linux 6.1.63, containerd 1.7.9
  • aca8b5e17 fix: ignore kernel command line in container mode
  • 020a0eb63 docs: fix table formatting for bootstraprequest
  • 0eb245e04 docs: fix talosctl pcap example indentation
  • de6caf534 docs: fix table formatting for machineservice api
  • 27d208c26 feat: implement OAuth2 device flow for machine config
  • 5c8fa2a80 chore: start containerd early in boot
  • 95a252cfc docs: fix link in what is new page
  • 0d3c3ed71 feat: support kube scheduler config
  • 06941b7e5 fix: allow rootfs propagation configuration for extension services
  • 57dc796f3 docs: update lastRelease to v1.5.5 in _index.md
  • 21d944a64 docs: add timezone information
  • 4f1ad16c7 feat: support kubelet credentialprovider config
  • 71a3bf0e3 fix: allow extra kernel args for secureboot installer
  • f38eaaab8 feat: rework secureboot and PCR signing key
  • 6eade3d5e chore: add ability to rewrite uuids and set unique tokens for Talos
  • e9c7ac17a fix: set max msg recv size when proxying
  • e22ab440d feat: update Linux 6.1.61, containerd 1.7.8, runc 1.1.10
  • 8245361f9 feat: show first 32 bytes of response body on download error
  • 75d3987c0 chore: drop sha1 from genereated pcr json
  • 6f32d2990 feat: add .der output talosctl gen secureboot pcr
  • 87c40da6c fix: proper logging in machined on startup
  • a54da5f64 fix: image build for nanopi_4s
  • 6f3cd0593 refactor: update packet capture to use 'afpacket' interface
  • 813442dd7 fix: don't validate machine.install if installed
  • dff60069c feat: update Kubernetes to 1.29.0-alpha.3
  • c97db5dfe chore: bump Go dependencies
  • 807a9950a fix: use custom Talos/kernel version when generating UKI
  • eb94468a6 docs: add documentation for Image Factory
  • 2e78513e1 refactor: drop the dependency link platform -> network ctrl
  • 6dc776b8a fix: when writing to META in the installer/imager, use fixed name
  • 3703041e9 ch...
Read more

v1.6.0-beta.1

08 Dec 15:48
v1.6.0-beta.1
7b7fb36
Compare
Choose a tag to compare
v1.6.0-beta.1 Pre-release
Pre-release

Talos 1.6.0-beta.1 (2023-12-08)

Welcome to the v1.6.0-beta.1 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

OAuth2 Machine Config Flow

Talos Linux when running on the metal platform can be configured to authenticate the machine configuration download using OAuth2 device flow.

Network Device Selectors

Previously, network device selectors only matched the first link, now the configuration is applied to all matching links.

Extension Services

Talos now starts Extension Services early in the boot process, this allows guest agents to be started in maintenance mode.

Linux Firmware

Starting with Talos 1.6, there is no Linux firmware included in the initramfs.
Customers who need Linux firmware can pull them as extension during install time using the image factory service.
If the initial boot requires firmware, a custom iso can be built with the firmware included using the image factory service.
This also ensures that the linux-firmware is not tied to a specific Talos version.

Flannel Configuration

Talos Linux now supports customizing default Flannel manifest with extra arguments for flanneld.

cluster:
  network:
    cni:
      flannel:
        extraArgs:
          - --iface-can-reach=192.168.1.1

Ingress Firewall

Talos Linux now supports configuring the ingress firewall rules.

Kernel Arguments

Talos and Imager now supports dropping kernel arguments specified in .machine.install.extraKernelArgs or as --extra-kernel-arg to imager.
Any kernel argument that starts with a - is dropped. Kernel arguments to be dropped can be specified either as -<key> which would remove all arguments that start with <key> or as -<key>=<value> which would remove the exact argument.

Kube-Scheduler Configuration

Talos now supports specifying the kube-scheduler configuration in the Talos configuration file.
It can be set under cluster.scheduler.config and kube-scheduler will be automatically configured to with the correct flags.

Kubelet Credential Provider Configuration

Talos now supports specifying the kubelet credential provider configuration in the Talos configuration file.
It can be set under machine.kubelet.credentialProviderConfig and kubelet will be automatically configured to with the correct flags.
The credential binaries are expected to be present under /usr/local/lib/kubelet/credentialproviders.
Talos System Extensions can be used to install the credential binaries.

KubePrism

KubePrism is enabled by default on port 7445.

Sysctl

Talos now handles sysctl/sysfs key names in line with sysctl.conf(5):

  • if the first separator is '/', no conversion is done
  • if the first separator is '.', dots and slashes are remapped

Example (both sysctls are equivalent):

machine:
  sysctls:
    net/ipv6/conf/eth0.100/disable_ipv6: "1"
    net.ipv6.conf.eth0/100.disable_ipv6: "1"

talosctl CLI

The command images deprecated in Talos 1.5 was removed, please use talosctl images default instead.

Component Updates

Linux: 6.1.65
containerd: 1.7.10
CoreDNS: 1.11.1
Kubernetes: 1.29.0-rc.1
Flannel: 0.23.0
etcd: 3.5.11
runc: 1.1.10

Talos is built with Go 1.21.4.

User Disks

Talos Linux now supports specifying user disks in .machine.disks machine configuration links via udev symlinks, e.g. /dev/disk/by-id/XXXX.

Contributors

  • Andrey Smirnov
  • Noel Georgi
  • Dmitriy Matrenichev
  • Oscar Utbult
  • Serge Logvinov
  • Andrey Smirnov
  • Utku Ozdemir
  • Artem Chernyshev
  • Nico Berlee
  • Radosław Piliszek
  • Steve Francis
  • Thomas Way
  • ndbrew
  • Andrei Kvapil
  • Christian Rolland
  • Drew Hess
  • Enno Boland
  • Florian Berchtold
  • Henry Sachs
  • Jacob McSwain
  • Jacob McSwain
  • Jared Davenport
  • Mans Matulewicz
  • Nebula
  • Sascha Desch
  • Spencer Smith
  • Thomas Lemarchand
  • Tim Jones
  • Zachary Milonas
  • budimanjojo
  • guoguangwu
  • mikucat0309

Changes

206 commits

  • 7b7fb367e release(v1.6.0-beta.1): prepare release
  • fe6661128 fix: talosctl cluster create not to enforce kubeprism always
  • 41fc05438 fix: support user disks via symlinks
  • 1fe7f2840 docs: rework machine config documentation generation
  • e45794064 chore: fix the release.toml
  • 591cfb456 fix: store and execute desired action on emergency action
  • fee63ac26 fix: trim leading spaces\newlines in inline manifest contents
  • cc16b9689 fix: skip writing the file if the contents haven't changed
  • ecee92c90 fix: do not panic in merge.Merge if map value is nil
  • c2259bff3 feat: update Go 1.21.5, Linux 6.1.65, etcd 3.5.11
  • c4dff49b3 release(v1.6.0-beta.0): prepare release
  • d8a435f0e fix: initialize boot assets with defaults early
  • c6835de17 fix: pick etcd adverised addresses from 'current' addresses
  • 6b5bc8b85 feat: update Linux to 6.1.64
  • e71e3e416 feat: support extra arguments for flanneld
  • 36c8ddb5e feat: implement ingress firewall rules
  • 0b111ecb8 fix: support slices of enums and fix NfTablesConntrackStateMatch
  • 9a8521741 feat: improve nftables backend
  • db4e2539d feat: update Kubernetes 1.29.0-rc.1 and other bumps
  • 7a4a92854 feat: support sanitized kernel args
  • f041b2629 chore: add tests for mdadm extension
  • e46e6a312 feat: implement nftables backend
  • ba827bf8b chore: support getting multiple endpoints from the Provision rpc call
  • dd45dd06c chore: add custom node taints
  • 8e2307466 docs: fix talosctl pcap argument
  • e4a050cb1 docs: fix talosctl inspect dependencies example indentation
  • fbcf4264f docs: fix talosctl dashboard cli docs
  • 70d53ee13 chore: deprecate .persist and .extensions
  • 95e33f6fc release(v1.6.0-alpha.2): prepare release
  • 514e514ba feat: update Linux 6.1.63, containerd 1.7.9
  • aca8b5e17 fix: ignore kernel command line in container mode
  • 020a0eb63 docs: fix table formatting for bootstraprequest
  • 0eb245e04 docs: fix talosctl pcap example indentation
  • de6caf534 docs: fix table formatting for machineservice api
  • 27d208c26 feat: implement OAuth2 device flow for machine config
  • 5c8fa2a80 chore: start containerd early in boot
  • 95a252cfc docs: fix link in what is new page
  • 0d3c3ed71 feat: support kube scheduler config
  • 06941b7e5 fix: allow rootfs propagation configuration for extension services
  • 57dc796f3 docs: update lastRelease to v1.5.5 in _index.md
  • 21d944a64 docs: add timezone information
  • 4f1ad16c7 feat: support kubelet credentialprovider config
  • 71a3bf0e3 fix: allow extra kernel args for secureboot installer
  • f38eaaab8 feat: rework secureboot and PCR signing key
  • 6eade3d5e chore: add ability to rewrite uuids and set unique tokens for Talos
  • e9c7ac17a fix: set max msg recv size when proxying
  • e22ab440d feat: update Linux 6.1.61, containerd 1.7.8, runc 1.1.10
  • 8245361f9 feat: show first 32 bytes of response body on download error
  • 75d3987c0 chore: drop sha1 from genereated pcr json
  • 6f32d2990 feat: add .der output talosctl gen secureboot pcr
  • 87c40da6c fix: proper logging in machined on startup
  • a54da5f64 fix: image build for nanopi_4s
  • 6f3cd0593 refactor: update packet capture to use 'afpacket' interface
  • 813442dd7 fix: don't validate machine.install if installed
  • dff60069c feat: update Kubernetes to 1.29.0-alpha.3
  • c97db5dfe chore: bump Go dependencies
  • 807a9950a fix: use custom Talos/kernel version when generating UKI
  • eb94468a6 docs: add documentation for Image Factory
  • 2e78513e1 refactor: drop the dependency link platform -> network ctrl
  • 6dc776b8a fix: when writing to META in the installer/imager, use fixed name
  • 3703041e9 chore: remove uneeded code
  • cbe6e7622 fix: generate images for SBCs using imager
  • 5dff164f1 fix: fix error output of cli action tracker
  • ef5056122 feat: update etcd to 3.5.10
  • 45ae80873 chore: bump go-api-signature dependency to v0.3.1
  • ffa5e05cb fix: make Talos work on Rockpi 4c boards again
  • 8eba4c599 feat: generate secrets bundle from the machine config
  • c7de745f6 chore: drop deprecated code
  • cc0c3ab69 docs: update rpi_generic.md
  • a009f5c60 fix: accept sysctl paths with dots
  • 4919f6ee2 feat: add GOMEMLIMIT to shipped manifests with memory limits
  • 73ee576ea chore: update ...
Read more

v1.6.0-beta.0

01 Dec 19:06
v1.6.0-beta.0
c4dff49
Compare
Choose a tag to compare
v1.6.0-beta.0 Pre-release
Pre-release

Talos 1.6.0-beta.0 (2023-12-01)

Welcome to the v1.6.0-beta.0 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Kubelet Credential Provider Configuration

Talos now supports specifying the kubelet credential provider configuration in the Talos configuration file.
It can be set under machine.kubelet.credentialProviderConfig and kubelet will be automatically configured to with the correct flags.
The credential binaries are expected to be present under /usr/local/lib/kubelet/credentialproviders.
Talos System Extensions can be used to install the credential binaries.

Network Device Selectors

Previously, network device selectors only matched the first link, now the configuration is applied to all matching links.

Extension Services

Talos now starts Extension Services early in the boot process, this allows guest agents to be started in maintenance mode.

Linux Firmware

Starting with Talos 1.6, there is no Linux firmware included in the initramfs.
Customers who need Linux firmware can pull them as extension during install time using the image factory service.
If the initial boot requires firmware, a custom iso can be built with the firmware included using the image factory service.
This also ensures that the linux-firmware is not tied to a specific Talos version.

Kernel Arguments

Talos and Imager now supports dropping kernel arguments specified in .machine.install.extraKernelArgs or as --extra-kernel-arg to imager.
Any kernel argument that starts with a - is dropped. Kernel arguments to be dropped can be specified either as -<key> which would remove all arguments that start with <key> or as -<key>=<value> which would remove the exact argument.

Kube-Scheduler Configuration

Talos now supports specifying the kube-scheduler configuration in the Talos configuration file.
It can be set under cluster.scheduler.config and kube-scheduler will be automatically configured to with the correct flags.

KubePrism

KubePrism is enabled by default on port 7445.

Sysctl

Talos now handles sysctl/sysfs key names in line with sysctl.conf(5):

  • if the first separator is '/', no conversion is done
  • if the first separator is '.', dots and slashes are remapped

Example (both sysctls are equivalent):

machine:
  sysctls:
    net/ipv6/conf/eth0.100/disable_ipv6: "1"
    net.ipv6.conf.eth0/100.disable_ipv6: "1"

talosctl CLI

The command images deprecated in Talos 1.5 was removed, please use talosctl images default instead.

Component Updates

Linux: 6.1.64
containerd: 1.7.10
CoreDNS: 1.11.1
Kubernetes: 1.29.0-rc.1
Flannel: 0.23.0
etcd: 3.5.10
runc: 1.1.10

Talos is built with Go 1.21.4.

Contributors

  • Andrey Smirnov
  • Noel Georgi
  • Dmitriy Matrenichev
  • Oscar Utbult
  • Serge Logvinov
  • Andrey Smirnov
  • Utku Ozdemir
  • Artem Chernyshev
  • Nico Berlee
  • Radosław Piliszek
  • Steve Francis
  • Thomas Way
  • ndbrew
  • Andrei Kvapil
  • Christian Rolland
  • Drew Hess
  • Enno Boland
  • Florian Berchtold
  • Henry Sachs
  • Jacob McSwain
  • Jacob McSwain
  • Jared Davenport
  • Mans Matulewicz
  • Nebula
  • Sascha Desch
  • Spencer Smith
  • Thomas Lemarchand
  • Tim Jones
  • Zachary Milonas
  • budimanjojo
  • guoguangwu
  • mikucat0309

Changes

196 commits

  • c4dff49b3 release(v1.6.0-beta.0): prepare release
  • d8a435f0e fix: initialize boot assets with defaults early
  • c6835de17 fix: pick etcd adverised addresses from 'current' addresses
  • 6b5bc8b85 feat: update Linux to 6.1.64
  • e71e3e416 feat: support extra arguments for flanneld
  • 36c8ddb5e feat: implement ingress firewall rules
  • 0b111ecb8 fix: support slices of enums and fix NfTablesConntrackStateMatch
  • 9a8521741 feat: improve nftables backend
  • db4e2539d feat: update Kubernetes 1.29.0-rc.1 and other bumps
  • 7a4a92854 feat: support sanitized kernel args
  • f041b2629 chore: add tests for mdadm extension
  • e46e6a312 feat: implement nftables backend
  • ba827bf8b chore: support getting multiple endpoints from the Provision rpc call
  • dd45dd06c chore: add custom node taints
  • 8e2307466 docs: fix talosctl pcap argument
  • e4a050cb1 docs: fix talosctl inspect dependencies example indentation
  • fbcf4264f docs: fix talosctl dashboard cli docs
  • 70d53ee13 chore: deprecate .persist and .extensions
  • 95e33f6fc release(v1.6.0-alpha.2): prepare release
  • 514e514ba feat: update Linux 6.1.63, containerd 1.7.9
  • aca8b5e17 fix: ignore kernel command line in container mode
  • 020a0eb63 docs: fix table formatting for bootstraprequest
  • 0eb245e04 docs: fix talosctl pcap example indentation
  • de6caf534 docs: fix table formatting for machineservice api
  • 27d208c26 feat: implement OAuth2 device flow for machine config
  • 5c8fa2a80 chore: start containerd early in boot
  • 95a252cfc docs: fix link in what is new page
  • 0d3c3ed71 feat: support kube scheduler config
  • 06941b7e5 fix: allow rootfs propagation configuration for extension services
  • 57dc796f3 docs: update lastRelease to v1.5.5 in _index.md
  • 21d944a64 docs: add timezone information
  • 4f1ad16c7 feat: support kubelet credentialprovider config
  • 71a3bf0e3 fix: allow extra kernel args for secureboot installer
  • f38eaaab8 feat: rework secureboot and PCR signing key
  • 6eade3d5e chore: add ability to rewrite uuids and set unique tokens for Talos
  • e9c7ac17a fix: set max msg recv size when proxying
  • e22ab440d feat: update Linux 6.1.61, containerd 1.7.8, runc 1.1.10
  • 8245361f9 feat: show first 32 bytes of response body on download error
  • 75d3987c0 chore: drop sha1 from genereated pcr json
  • 6f32d2990 feat: add .der output talosctl gen secureboot pcr
  • 87c40da6c fix: proper logging in machined on startup
  • a54da5f64 fix: image build for nanopi_4s
  • 6f3cd0593 refactor: update packet capture to use 'afpacket' interface
  • 813442dd7 fix: don't validate machine.install if installed
  • dff60069c feat: update Kubernetes to 1.29.0-alpha.3
  • c97db5dfe chore: bump Go dependencies
  • 807a9950a fix: use custom Talos/kernel version when generating UKI
  • eb94468a6 docs: add documentation for Image Factory
  • 2e78513e1 refactor: drop the dependency link platform -> network ctrl
  • 6dc776b8a fix: when writing to META in the installer/imager, use fixed name
  • 3703041e9 chore: remove uneeded code
  • cbe6e7622 fix: generate images for SBCs using imager
  • 5dff164f1 fix: fix error output of cli action tracker
  • ef5056122 feat: update etcd to 3.5.10
  • 45ae80873 chore: bump go-api-signature dependency to v0.3.1
  • ffa5e05cb fix: make Talos work on Rockpi 4c boards again
  • 8eba4c599 feat: generate secrets bundle from the machine config
  • c7de745f6 chore: drop deprecated code
  • cc0c3ab69 docs: update rpi_generic.md
  • a009f5c60 fix: accept sysctl paths with dots
  • 4919f6ee2 feat: add GOMEMLIMIT to shipped manifests with memory limits
  • 73ee576ea chore: update sonobuouy library, drop the fork
  • c23bc2f4a chore: support OCI layout as a source for profile input
  • 154bbd70f docs: fix talos version in guide for docker
  • 11d1f6163 release(v1.6.0-alpha.1): prepare release
  • 9dfae8467 chore: update dependencies
  • 38ce3c827 feat: nocloud prefer mac address
  • 401e89411 feat: customize image size
  • 865f08f86 docs: kubeadm migration guide improvements
  • c3e418200 refactor: use COSI runtime with new controller runtime DB
  • c1ee24465 feat: update Kubernetes to v1.29.0-alpha.2
  • 0ff7350ab fix: oracle integration fixes
  • 675bada45 test: add config generation stability tests
  • f9639fb53 test: fix 'talosctl gen' tests
  • 6142d87a0 feat: hostname configuration improvements on the NoCloud platform
  • 7bb205ebe fix: don't use runtime-specs Mount struct in machine config
  • d1b27926c feat: update Go to 1.21.3
  • b87092ab6 fix: handle secure boot state policy pcr digest error
  • 498aeb8c3 docs: fix incorrect image suffix
  • c14a5d4f7 feat: support service account auth in cli
  • 336aee0fd fix: use tpm2 hash algorithm constants and allow non-SHA-256 PCRs
  • 69d8054c9 chore: drop UpdateEndpointSuite
  • ef7be16c8 fix: clear the encryption config in META when STATE is reset
  • 5fc60d2ca feat: add Solarflare S...
Read more

v1.6.0-alpha.2

21 Nov 23:21
v1.6.0-alpha.2
95e33f6
Compare
Choose a tag to compare
v1.6.0-alpha.2 Pre-release
Pre-release

Talos 1.6.0-alpha.2 (2023-11-21)

Welcome to the v1.6.0-alpha.2 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Kubelet Credential Provider Configuration

Talos now supports specifying the kubelet credential provider configuration in the Talos configuration file.
It can be set under machine.kubelet.credentialProviderConfig and kubelet will be automatically configured to with the correct flags.
The credential binaries are expected to be present under /usr/local/lib/kubelet/credentialproviders.
Talos System Extensions can be used to install the credential binaries.

Network Device Selectors

Previously, network device selectors only matched the first link, now the configuration is applied to all matching links.

Linux Firmware

Starting with Talos 1.6, there is no Linux firmware included in the initramfs.
Customers who need Linux firmware can pull them as extension during install time using the image factory service.
If the initial boot requires firmware, a custom iso can be built with the firmware included using the image factory service.
This also ensures that the linux-firmware is not tied to a specific Talos version.

Kube-Scheduler Configuration

Talos now supports specifying the kube-scheduler configuration in the Talos configuration file.
It can be set under cluster.scheduler.config and kube-scheduler will be automatically configured to with the correct flags.

KubePrism

KubePrism is enabled by default on port 7445.

Sysctl

Talos now handles sysctl/sysfs key names in line with sysctl.conf(5):

  • if the first separator is '/', no conversion is done
  • if the first separator is '.', dots and slashes are remapped

Example (both sysctls are equivalent):

machine:
  sysctls:
    net/ipv6/conf/eth0.100/disable_ipv6: "1"
    net.ipv6.conf.eth0/100.disable_ipv6: "1"

talosctl CLI

The command images deprecated in Talos 1.5 was removed, please use talosctl images default instead.

Component Updates

Linux: 6.1.63
containerd: 1.7.9
CoreDNS: 1.11.1
Kubernetes: 1.29.0-alpha.3
Flannel: 0.22.3
etcd: 3.5.10
runc: 1.1.10

Talos is built with Go 1.21.4.

Contributors

  • Andrey Smirnov
  • Noel Georgi
  • Dmitriy Matrenichev
  • Andrey Smirnov
  • Oscar Utbult
  • Serge Logvinov
  • Utku Ozdemir
  • Artem Chernyshev
  • Nico Berlee
  • Radosław Piliszek
  • Steve Francis
  • Thomas Way
  • ndbrew
  • Andrei Kvapil
  • Christian Rolland
  • Drew Hess
  • Enno Boland
  • Florian Berchtold
  • Henry Sachs
  • Jacob McSwain
  • Jacob McSwain
  • Jared Davenport
  • Mans Matulewicz
  • Nebula
  • Sascha Desch
  • Spencer Smith
  • Thomas Lemarchand
  • Tim Jones
  • Zachary Milonas
  • budimanjojo
  • guoguangwu
  • mikucat0309

Changes

178 commits

  • 95e33f6fc release(v1.6.0-alpha.2): prepare release
  • 514e514ba feat: update Linux 6.1.63, containerd 1.7.9
  • aca8b5e17 fix: ignore kernel command line in container mode
  • 020a0eb63 docs: fix table formatting for bootstraprequest
  • 0eb245e04 docs: fix talosctl pcap example indentation
  • de6caf534 docs: fix table formatting for machineservice api
  • 27d208c26 feat: implement OAuth2 device flow for machine config
  • 5c8fa2a80 chore: start containerd early in boot
  • 95a252cfc docs: fix link in what is new page
  • 0d3c3ed71 feat: support kube scheduler config
  • 06941b7e5 fix: allow rootfs propagation configuration for extension services
  • 57dc796f3 docs: update lastRelease to v1.5.5 in _index.md
  • 21d944a64 docs: add timezone information
  • 4f1ad16c7 feat: support kubelet credentialprovider config
  • 71a3bf0e3 fix: allow extra kernel args for secureboot installer
  • f38eaaab8 feat: rework secureboot and PCR signing key
  • 6eade3d5e chore: add ability to rewrite uuids and set unique tokens for Talos
  • e9c7ac17a fix: set max msg recv size when proxying
  • e22ab440d feat: update Linux 6.1.61, containerd 1.7.8, runc 1.1.10
  • 8245361f9 feat: show first 32 bytes of response body on download error
  • 75d3987c0 chore: drop sha1 from genereated pcr json
  • 6f32d2990 feat: add .der output talosctl gen secureboot pcr
  • 87c40da6c fix: proper logging in machined on startup
  • a54da5f64 fix: image build for nanopi_4s
  • 6f3cd0593 refactor: update packet capture to use 'afpacket' interface
  • 813442dd7 fix: don't validate machine.install if installed
  • dff60069c feat: update Kubernetes to 1.29.0-alpha.3
  • c97db5dfe chore: bump Go dependencies
  • 807a9950a fix: use custom Talos/kernel version when generating UKI
  • eb94468a6 docs: add documentation for Image Factory
  • 2e78513e1 refactor: drop the dependency link platform -> network ctrl
  • 6dc776b8a fix: when writing to META in the installer/imager, use fixed name
  • 3703041e9 chore: remove uneeded code
  • cbe6e7622 fix: generate images for SBCs using imager
  • 5dff164f1 fix: fix error output of cli action tracker
  • ef5056122 feat: update etcd to 3.5.10
  • 45ae80873 chore: bump go-api-signature dependency to v0.3.1
  • ffa5e05cb fix: make Talos work on Rockpi 4c boards again
  • 8eba4c599 feat: generate secrets bundle from the machine config
  • c7de745f6 chore: drop deprecated code
  • cc0c3ab69 docs: update rpi_generic.md
  • a009f5c60 fix: accept sysctl paths with dots
  • 4919f6ee2 feat: add GOMEMLIMIT to shipped manifests with memory limits
  • 73ee576ea chore: update sonobuouy library, drop the fork
  • c23bc2f4a chore: support OCI layout as a source for profile input
  • 154bbd70f docs: fix talos version in guide for docker
  • 11d1f6163 release(v1.6.0-alpha.1): prepare release
  • 9dfae8467 chore: update dependencies
  • 38ce3c827 feat: nocloud prefer mac address
  • 401e89411 feat: customize image size
  • 865f08f86 docs: kubeadm migration guide improvements
  • c3e418200 refactor: use COSI runtime with new controller runtime DB
  • c1ee24465 feat: update Kubernetes to v1.29.0-alpha.2
  • 0ff7350ab fix: oracle integration fixes
  • 675bada45 test: add config generation stability tests
  • f9639fb53 test: fix 'talosctl gen' tests
  • 6142d87a0 feat: hostname configuration improvements on the NoCloud platform
  • 7bb205ebe fix: don't use runtime-specs Mount struct in machine config
  • d1b27926c feat: update Go to 1.21.3
  • b87092ab6 fix: handle secure boot state policy pcr digest error
  • 498aeb8c3 docs: fix incorrect image suffix
  • c14a5d4f7 feat: support service account auth in cli
  • 336aee0fd fix: use tpm2 hash algorithm constants and allow non-SHA-256 PCRs
  • 69d8054c9 chore: drop UpdateEndpointSuite
  • ef7be16c8 fix: clear the encryption config in META when STATE is reset
  • 5fc60d2ca feat: add Solarflare SFC9000 support
  • 9b5cfdd0b chore: add tests for iscsi
  • b897764f8 docs: update proxmox.md
  • 159f45bde docs: fix typos in CLI calls to endpoints
  • 0bd1bdd74 chore: allow insecure access to installer base image (imager)
  • 10ed13067 fix: the node IP for kubelet shouldn't change if nothing matches
  • e7575ecaa feat: support n-5 latest Kubernetes versions
  • e71508ec1 chore: update dependencies
  • 6d7fa4668 docs: add metal network configuration guide
  • 2b548ad0d feat: update containerd to 1.7.x
  • 62dcfe81e fix: update kubernetes library to support 1.29 upgrades
  • 52caf0763 feat: update Kubernetes to 1.29.0-alpha.1
  • 390137447 feat: enable KubePrism by default
  • 1beb5e86e docs: add KubePrism video
  • a52d3cda3 chore: update gen and COSI runtime
  • 29b201d61 feat: enable common h/w sensors
  • 9c2ba7c6f chore: add tests for chelsio drivers
  • 5ca4d58dc fix: generate of modules.dep when on the machine
  • 5efcccb6b chore: bump kernel to 6.1.54
  • 29c767a02 docs: add control plane nodes as users of apid also for control plane nodes
  • 4874cfb95 chore: fix typo
  • 96f2a62ea test: update upgrade tests versions
  • f3a370acb feat: update Flannel to 0.22.3
  • efdee6965 feat: update Kubernetes to 1.28.2
  • e3b494058 fix: build CPU ucode correctly for early loader
  • c5bd0ac5c refactor: reimplement the depmod extension rebuilder
  • 0b883f52a docs: add notes about stable addressing
  • 3ef670a9e chore: pull in dm module...
Read more

v1.5.5

09 Nov 14:02
v1.5.5
ad7361c
Compare
Choose a tag to compare

Talos 1.5.5 (2023-11-09)

Welcome to the v1.5.5 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

Linux: 6.1.61
Kubernetes: 1.28.3
etcd: 3.5.10

Talos is built with Go 1.20.11.

Contributors

  • Andrey Smirnov
  • Utku Ozdemir
  • Artem Chernyshev

Changes

9 commits

  • ad7361c72 release(v1.5.5): prepare release
  • 5f70f05e9 fix: don't validate machine.install if installed
  • 0b18d7403 fix: when writing to META in the installer/imager, use fixed name
  • 6be1e5836 fix: fix error output of cli action tracker
  • 059823c4b feat: update etcd to 3.5.10
  • 8c503f0df chore: bump go-api-signature dependency to v0.3.1
  • 61413ed11 fix: make Talos work on Rockpi 4c boards again
  • 6fd9a71b3 feat: update Go 1.20.11, Linux 6.1.61, Kubernetes 1.28.3
  • 9fe31bd42 fix: update gRPC library to 1.57.2

Changes from siderolabs/extras

1 commit

Changes from siderolabs/pkgs

2 commits

Changes from siderolabs/tools

1 commit

Dependency Changes

  • github.com/siderolabs/extras v1.5.0-2-g6241ac7 -> v1.5.0-3-gb43c4e4
  • github.com/siderolabs/pkgs v1.5.0-13-g45cf9b0 -> v1.5.0-15-gab5b0e5
  • github.com/siderolabs/talos/pkg/machinery v1.5.4 -> v1.5.5
  • github.com/siderolabs/tools v1.5.0-2-g8adf637 -> v1.5.0-3-gc95372c
  • go.etcd.io/etcd/api/v3 v3.5.9 -> v3.5.10
  • go.etcd.io/etcd/client/pkg/v3 v3.5.9 -> v3.5.10
  • go.etcd.io/etcd/client/v3 v3.5.9 -> v3.5.10
  • go.etcd.io/etcd/etcdutl/v3 v3.5.9 -> v3.5.10
  • google.golang.org/grpc v1.57.1 -> v1.58.3
  • k8s.io/api v0.28.2 -> v0.28.3
  • k8s.io/apimachinery v0.28.2 -> v0.28.3
  • k8s.io/apiserver v0.28.2 -> v0.28.3
  • k8s.io/client-go v0.28.2 -> v0.28.3
  • k8s.io/component-base v0.28.2 -> v0.28.3
  • k8s.io/cri-api v0.28.2 -> v0.28.3
  • k8s.io/kubectl v0.28.2 -> v0.28.3
  • k8s.io/kubelet v0.28.2 -> v0.28.3

Previous release can be found at v1.5.4

Images

ghcr.io/siderolabs/flannel:v0.22.1
ghcr.io/siderolabs/install-cni:v1.5.0-3-gb43c4e4
registry.k8s.io/coredns/coredns:v1.10.1
gcr.io/etcd-development/etcd:v3.5.10
registry.k8s.io/kube-apiserver:v1.28.3
registry.k8s.io/kube-controller-manager:v1.28.3
registry.k8s.io/kube-scheduler:v1.28.3
registry.k8s.io/kube-proxy:v1.28.3
ghcr.io/siderolabs/kubelet:v1.28.3
ghcr.io/siderolabs/installer:v1.5.5
registry.k8s.io/pause:3.6

v1.6.0-alpha.1

17 Oct 18:56
v1.6.0-alpha.1
11d1f61
Compare
Choose a tag to compare
v1.6.0-alpha.1 Pre-release
Pre-release

Talos 1.6.0-alpha.1 (2023-10-17)

Welcome to the v1.6.0-alpha.1 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Network Device Selectors

Previously, network device selectors only matched the first link, now the configuration is applied to all matching links.

Linux Firmware

Starting with Talos 1.6, there is no Linux firmware included in the initramfs.
Customers who need Linux firmware can pull them as extension during install time using the image factory service.
If the initial boot requires firmware, a custom iso can be built with the firmware included using the image factory service.
This also ensures that the linux-firmware is not tied to a specific Talos version.

KubePrism

KubePrism is enabled by default on port 7445.

talosctl CLI

The command images deprecated in Talos 1.5 was removed, please use talosctl images default instead.

Component Updates

Linux: 6.1.58
containerd: 1.7.7
CoreDNS: 1.11.1
Kubernetes: 1.29.0-alpha.2
Flannel: 0.22.3

Talos is built with Go 1.21.3.

Contributors

  • Andrey Smirnov
  • Noel Georgi
  • Andrey Smirnov
  • Dmitriy Matrenichev
  • Serge Logvinov
  • Radosław Piliszek
  • Artem Chernyshev
  • Thomas Way
  • Utku Ozdemir
  • Andrei Kvapil
  • Christian Rolland
  • Drew Hess
  • Enno Boland
  • Henry Sachs
  • Jacob McSwain
  • Jacob McSwain
  • Jared Davenport
  • Mans Matulewicz
  • Nebula
  • Nico Berlee
  • Sascha Desch
  • Spencer Smith
  • Steve Francis
  • Thomas Lemarchand
  • Tim Jones
  • Zachary Milonas
  • guoguangwu
  • mikucat0309
  • ndbrew

Changes

132 commits

  • 11d1f6163 release(v1.6.0-alpha.1): prepare release
  • 9dfae8467 chore: update dependencies
  • 38ce3c827 feat: nocloud prefer mac address
  • 401e89411 feat: customize image size
  • 865f08f86 docs: kubeadm migration guide improvements
  • c3e418200 refactor: use COSI runtime with new controller runtime DB
  • c1ee24465 feat: update Kubernetes to v1.29.0-alpha.2
  • 0ff7350ab fix: oracle integration fixes
  • 675bada45 test: add config generation stability tests
  • f9639fb53 test: fix 'talosctl gen' tests
  • 6142d87a0 feat: hostname configuration improvements on the NoCloud platform
  • 7bb205ebe fix: don't use runtime-specs Mount struct in machine config
  • d1b27926c feat: update Go to 1.21.3
  • b87092ab6 fix: handle secure boot state policy pcr digest error
  • 498aeb8c3 docs: fix incorrect image suffix
  • c14a5d4f7 feat: support service account auth in cli
  • 336aee0fd fix: use tpm2 hash algorithm constants and allow non-SHA-256 PCRs
  • 69d8054c9 chore: drop UpdateEndpointSuite
  • ef7be16c8 fix: clear the encryption config in META when STATE is reset
  • 5fc60d2ca feat: add Solarflare SFC9000 support
  • 9b5cfdd0b chore: add tests for iscsi
  • b897764f8 docs: update proxmox.md
  • 159f45bde docs: fix typos in CLI calls to endpoints
  • 0bd1bdd74 chore: allow insecure access to installer base image (imager)
  • 10ed13067 fix: the node IP for kubelet shouldn't change if nothing matches
  • e7575ecaa feat: support n-5 latest Kubernetes versions
  • e71508ec1 chore: update dependencies
  • 6d7fa4668 docs: add metal network configuration guide
  • 2b548ad0d feat: update containerd to 1.7.x
  • 62dcfe81e fix: update kubernetes library to support 1.29 upgrades
  • 52caf0763 feat: update Kubernetes to 1.29.0-alpha.1
  • 390137447 feat: enable KubePrism by default
  • 1beb5e86e docs: add KubePrism video
  • a52d3cda3 chore: update gen and COSI runtime
  • 29b201d61 feat: enable common h/w sensors
  • 9c2ba7c6f chore: add tests for chelsio drivers
  • 5ca4d58dc fix: generate of modules.dep when on the machine
  • 5efcccb6b chore: bump kernel to 6.1.54
  • 29c767a02 docs: add control plane nodes as users of apid also for control plane nodes
  • 4874cfb95 chore: fix typo
  • 96f2a62ea test: update upgrade tests versions
  • f3a370acb feat: update Flannel to 0.22.3
  • efdee6965 feat: update Kubernetes to 1.28.2
  • e3b494058 fix: build CPU ucode correctly for early loader
  • c5bd0ac5c refactor: reimplement the depmod extension rebuilder
  • 0b883f52a docs: add notes about stable addressing
  • 3ef670a9e chore: pull in dm modules
  • 8f4a36b0d docs: update aws to add command to allow KubeSpan wireguard port
  • a7edd0523 fix: set default route priority for hcloud platform
  • 87c1b3ddd fix: calculate UKI ISO size dynamically
  • 9698e4547 fix: handle correctly change of listen address for maintenance service
  • a096f05a5 chore: update gRPC library and enable shared write buffers
  • 9e78fecca chore: improve image signing process
  • f00567e20 chore: add PKG_KERNEL arg to customize used kernel
  • 2960f93ba feat: add readonly information to the disks API response
  • 735bf9ed0 feat: bring in Google vNIC driver
  • 3f5232075 feat: upgrade-k8s without comments
  • e44875106 docs: update deploying-cilium.md
  • 7046cae43 chore: update gopacket to reduce init memory allocs
  • da73b563d chore: update Go to 1.21.1
  • 5e11f08a6 fix: trim file path in the container image
  • 3d2dad4e6 chore: show securtiystate on dashboard
  • b48510874 chore: e2e-aws cleanup
  • 1eebbce35 chore: add output flag for talosctl config info
  • 3fbed806c chore: add tests for util-linux extensions
  • 7c514a1a6 docs: update header links
  • 6058c3602 fix: shorten VLAN link names to fit into the limit of 15 characters
  • 9c2f765c8 fix: allow network device selector to match multiple links
  • a04b98637 fix: update kubernetes library for 1.28 upgrade pre-checks
  • f7473e477 feat: update default Kubernetes to 1.28.1
  • d693604a1 chore: fix default image list in the release notes
  • d91b5b3a3 feat: set environment variables early in the boot
  • c918c0855 fix: set correct (1 year) talosconfig expiration
  • 79bbdf454 fix: set proper timeouts for KubePrism loadbalancer
  • b8fb55d5c fix: use a mount prefix when installing a bootloader
  • 44f59a804 feat: improve imager APIs
  • 2d3ac925e refactor: update NTP spike detector
  • af0cc70e3 test: update e2e-aws to use worker groups
  • d03dc7a8a chore: validate new system extensions
  • bbeb489aa chore: drop firmware from initramfs
  • 3c9f7a7de chore: re-enable nolintlint and typecheck linters
  • c51e2c9b4 feat: update CoreDNS to 1.11.1
  • 8670450d2 release(v1.6.0-alpha.0): prepare release
  • 6778ded29 feat: add e2e-aws for nvidia extensions
  • 74c07ed71 chore: update Go to 1.21
  • a28d72e9c fix: ova contents to be named disk.*
  • c0ea4d7ba fix: properly calculate overal of node address with subnet filters
  • d6b2719e2 chore: drone: move extensions step to a function
  • 9608ef56d chore: allow bridge traffic with DHCP broadcast traffic
  • c99316457 docs: fix the installing system extensions doc
  • 833895940 chore: add tests for zfs extension
  • cb468c41c fix: copy proper modules to arm64 squashfs
  • ea0d6e8c6 fix: prevent dashboard crashes when process info is not available
  • e9077a6fb feat: filter the hostname to produce nodename
  • dc8361c1d fix: properly GC images supplied with both tag and digest
  • ccfa8de11 fix: automatically change rpi_4 board on upgrade
  • b56e8b7d9 fix: support 'List' type manifests
  • 574d48e54 fix: use image digest when starting a container
  • 175747cea fix: ntp query error with bare IPv6 address
  • c8b507fb2 docs: fix kubeprism typo
  • 0cdcb2e0e docs: restructure docs for nvidia drivers for v1.4
  • 676db9768 docs: fork docs for Talos 1.6
  • 92ad18c18 fix: write correct capacity to the ovf
  • 6b0373ebe chore: move bash tests to integration
  • 52b3d8d37 docs: make Talos 1.5 documentation the default one
  • dc873df9b chore: fix the filenames of openstack images
  • b5c0e7b24 docs: update nvidia docs
  • 9606e871e docs: update Jiva Pod Security Policy
  • a86ed4362 chore: update Kubernetes Go modules to 0.28.0
  • 97b4e3e91 feat: update Kubernetes to 1.28.0
  • 79ca1a3...
Read more

v1.5.4

17 Oct 15:53
v1.5.4
9cf7980
Compare
Choose a tag to compare

Talos 1.5.4 (2023-10-17)

Welcome to the v1.5.4 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

Linux: 6.1.58

Talos is built with Go 1.21.3.

Contributors

  • Andrey Smirnov
  • Thomas Way
  • Utku Ozdemir

Changes

9 commits

  • 9cf7980e5 release(v1.5.4): prepare release
  • b72abb613 test: fix 'talosctl gen' tests
  • 69f1ea283 fix: handle secure boot state policy pcr digest error
  • 738092fda fix: use tpm2 hash algorithm constants and allow non-SHA-256 PCRs
  • 21d874a8a fix: clear the encryption config in META when STATE is reset
  • 58b16b9dc feat: support service account auth in cli
  • 124c2ff13 fix: the node IP for kubelet shouldn't change if nothing matches
  • 8f8392595 feat: update Linux to 6.1.58
  • db4c5ce99 feat: update Go to 1.20.10

Changes from siderolabs/extras

1 commit

Changes from siderolabs/pkgs

2 commits

Changes from siderolabs/tools

1 commit

Dependency Changes

  • github.com/siderolabs/extras v1.5.0-1-g9d5f16f -> v1.5.0-2-g6241ac7
  • github.com/siderolabs/pkgs v1.5.0-11-gd6d7236 -> v1.5.0-13-g45cf9b0
  • github.com/siderolabs/talos/pkg/machinery v1.5.3 -> v1.5.4
  • github.com/siderolabs/tools v1.5.0-1-g4d58a1b -> v1.5.0-2-g8adf637
  • golang.org/x/net v0.13.0 -> v0.17.0
  • golang.org/x/sys v0.10.0 -> v0.13.0
  • golang.org/x/term v0.10.0 -> v0.13.0
  • golang.org/x/text v0.11.0 -> v0.13.0
  • google.golang.org/grpc v1.57.0 -> v1.57.1

Previous release can be found at v1.5.3

Images

ghcr.io/siderolabs/flannel:v0.22.1
ghcr.io/siderolabs/install-cni:v1.5.0-2-g6241ac7
registry.k8s.io/coredns/coredns:v1.10.1
gcr.io/etcd-development/etcd:v3.5.9
registry.k8s.io/kube-apiserver:v1.28.2
registry.k8s.io/kube-controller-manager:v1.28.2
registry.k8s.io/kube-scheduler:v1.28.2
registry.k8s.io/kube-proxy:v1.28.2
ghcr.io/siderolabs/kubelet:v1.28.2
ghcr.io/siderolabs/installer:v1.5.4
registry.k8s.io/pause:3.6

v1.5.3

22 Sep 12:03
v1.5.3
cb21c67
Compare
Choose a tag to compare

Talos 1.5.3 (2023-09-22)

Welcome to the v1.5.3 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

cgroups v1

Talos Linux is incompatible with cgroups v1 due to the Kubernetes issue
kubernetes/kubernetes#120813 and new version of Linux kernel.

Talos Linux doesn't use cgroups v1 by default, and it has to be explicitly enabled with
a kernel argument: talos.unified_cgroup_hierarchy=0, so if you are not using cgroups v1,
you are not affected.

Component Updates

Kubernetes: v1.28.2
Linux: 6.1.54

Contributors

  • Andrey Smirnov
  • Noel Georgi

Changes

11 commits

  • cb21c6710 release(v1.5.3): prepare release
  • c4c33fb9e feat: update Linux to 6.1.54
  • 88c97678c feat: update Kubernetes to 1.28.2
  • 721b69b40 fix: generate of modules.dep when on the machine
  • 802aedd21 fix: build CPU ucode correctly for early loader
  • 1a1472033 refactor: reimplement the depmod extension rebuilder
  • 6e27fe3a6 fix: calculate UKI ISO size dynamically
  • 43d4afc92 fix: set default route priority for hcloud platform
  • 63a4257a9 fix: handle correctly change of listen address for maintenance service
  • e9c9dc50d chore: improve image signing process
  • 2e13558ac fix: trim file path in the container image

Changes from siderolabs/pkgs

2 commits

Dependency Changes

  • github.com/siderolabs/pkgs v1.5.0-9-g7f9d6eb -> v1.5.0-11-gd6d7236
  • github.com/siderolabs/talos/pkg/machinery v1.5.2 -> v1.5.3
  • k8s.io/api v0.28.1 -> v0.28.2
  • k8s.io/apimachinery v0.28.1 -> v0.28.2
  • k8s.io/apiserver v0.28.1 -> v0.28.2
  • k8s.io/client-go v0.28.1 -> v0.28.2
  • k8s.io/component-base v0.28.1 -> v0.28.2
  • k8s.io/cri-api v0.28.1 -> v0.28.2
  • k8s.io/kubectl v0.28.1 -> v0.28.2
  • k8s.io/kubelet v0.28.1 -> v0.28.2

Previous release can be found at v1.5.2

Images

ghcr.io/siderolabs/flannel:v0.22.1
ghcr.io/siderolabs/install-cni:v1.5.0-1-g9d5f16f
registry.k8s.io/coredns/coredns:v1.10.1
gcr.io/etcd-development/etcd:v3.5.9
registry.k8s.io/kube-apiserver:v1.28.2
registry.k8s.io/kube-controller-manager:v1.28.2
registry.k8s.io/kube-scheduler:v1.28.2
registry.k8s.io/kube-proxy:v1.28.2
ghcr.io/siderolabs/kubelet:v1.28.2
ghcr.io/siderolabs/installer:v1.5.3
registry.k8s.io/pause:3.6

v1.5.2

07 Sep 11:33
v1.5.2
318c66b
Compare
Choose a tag to compare

Talos 1.5.2 (2023-09-07)

Welcome to the v1.5.2 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

Kubernetes: v1.28.1
Linux: 6.1.51

Talos is now built with Go 1.20.8.

Contributors

  • Andrey Smirnov

Changes

12 commits

  • 318c66b98 release(v1.5.2): prepare release
  • 614e4e892 feat: update Go to 1.20.8
  • cb8eb9da1 feat: update Linux to 6.1.51
  • 45c88aedd fix: update kubernetes library for 1.28 upgrade pre-checks
  • b8bd8ee43 fix: shorten VLAN link names to fit into the limit of 15 characters
  • 2a2b64eee feat: update default Kubernetes to 1.28.1
  • e713043ff feat: set environment variables early in the boot
  • 4552014b9 fix: set correct (1 year) talosconfig expiration
  • 1804906c7 fix: set proper timeouts for KubePrism loadbalancer
  • dbfbeb7c9 refactor: update NTP spike detector
  • 6ae5b1289 fix: ova contents to be named disk.*
  • 9d6d580f4 fix: properly calculate overal of node address with subnet filters

Changes from siderolabs/extras

1 commit

Changes from siderolabs/go-kubernetes

1 commit

Changes from siderolabs/pkgs

2 commits

Changes from siderolabs/tools

1 commit

Dependency Changes

  • github.com/siderolabs/extras v1.5.0 -> v1.5.0-1-g9d5f16f
  • github.com/siderolabs/go-kubernetes v0.2.2 -> v0.2.3
  • github.com/siderolabs/pkgs v1.5.0-7-gf62fa2c -> v1.5.0-9-g7f9d6eb
  • github.com/siderolabs/talos/pkg/machinery v1.5.1 -> v1.5.2
  • github.com/siderolabs/tools v1.5.0 -> v1.5.0-1-g4d58a1b
  • k8s.io/api v0.28.0 -> v0.28.1
  • k8s.io/apiserver v0.28.0 -> v0.28.1
  • k8s.io/client-go v0.28.0 -> v0.28.1
  • k8s.io/component-base v0.28.0 -> v0.28.1
  • k8s.io/kubectl v0.28.0 -> v0.28.1
  • k8s.io/kubelet v0.28.0 -> v0.28.1

Previous release can be found at v1.5.1

Images

ghcr.io/siderolabs/flannel:v0.22.1
ghcr.io/siderolabs/install-cni:v1.5.0-1-g9d5f16f
registry.k8s.io/coredns/coredns:v1.10.1
gcr.io/etcd-development/etcd:v3.5.9
registry.k8s.io/kube-apiserver:v1.28.1
registry.k8s.io/kube-controller-manager:v1.28.1
registry.k8s.io/kube-scheduler:v1.28.1
registry.k8s.io/kube-proxy:v1.28.1
ghcr.io/siderolabs/kubelet:v1.28.1
ghcr.io/siderolabs/installer:v1.5.2
registry.k8s.io/pause:3.6