-
Notifications
You must be signed in to change notification settings - Fork 458
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
docs: add release notes for 0.12, support matrix
Also provide new way to fetch AMI IDs for 0.12. Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
- Loading branch information
Showing
3 changed files
with
98 additions
and
34 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| --- | ||
| title: Support Matrix | ||
| weight: 6 | ||
| --- | ||
|
|
||
| | Talos Version | 0.12 | 0.11 | | ||
| |----------------------------------------------------------------------------------------------------------------|------------------------------------|------------------------------------| | ||
| | Release Date | 2021-08-30 (TBD) | 2021-07-08 (0.11.0) | | ||
| | End of Community Support | 0.13.0 release (2021-10-15, TBD) | 2021-09-15 | | ||
| | Enterprise Support | [offered by Talos Systems Inc.](https://www.talos-systems.com/support/) | | ||
| | Kubernetes | 1.22, 1.21, 1.20 | 1.21, 1.20, 1.19 | | ||
| | Architecture | amd64, arm64 | | ||
| | **Platforms** | | | | ||
| | - cloud | AWS, GCP, Azure, Digital Ocean, OpenStack | | ||
| | - bare metal | x86: BIOS, UEFI; arm64: UEFI; boot: ISO, PXE, disk image | | ||
| | - virtualized | VMWare, Hyper-V, KVM, Proxmox, Xen | | ||
| | - SBCs | Raspberry Pi4, Banana Pi M64, Pine64, and other | | ||
| | - local | Docker, QEMU | | ||
| | **Cluster API** | | | | ||
| | [CAPI Bootstrap Provider Talos](https://github.com/talos-systems/cluster-api-bootstrap-provider-talos) | >= 0.2.0 | >= 0.2.0 | | ||
| | [CAPI Control Plane Provider Talos](https://github.com/talos-systems/cluster-api-control-plane-provider-talos) | >= 0.1.1 | >= 0.1.1 | | ||
| | [Sidero](https://www.sidero.dev/) | >= 0.3.0 | >= 0.3.0 | | ||
| | **UI** | | | | ||
| | [Theila](https://github.com/talos-systems/theila) | ✓ | ✓ | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,55 +1,84 @@ | ||
| --- | ||
| title: What's New in Talos 0.10 | ||
| title: What's New in Talos 0.12 | ||
| weight: 5 | ||
| --- | ||
|
|
||
| ## Disaster Recovery | ||
| ### Security | ||
|
|
||
| Talos now supports `etcd` [snapshots and recovery](../../guides/disaster-recovery/) from the snapshotted state. | ||
| Periodic snapshots of `etcd` data can be taken with `talosctl etcd snapshot` command, and in case of catastrophic control plane | ||
| failure `etcd` contents can be recovered from the latest snapshot with `talosctl bootstrap --recover-from=` command. | ||
| * `etcd` PKI moved to `/system/secrets` | ||
| * `kubelet` bootstrap CSR auto-signing scoped to `kubelet` bootstrap tokens only | ||
| * enforce default `seccomp` profile on all system containers | ||
| * run system services apid, trustd, and etcd as non-root users | ||
|
|
||
| ## Time Synchronization | ||
| ### Performance | ||
|
|
||
| The `timed` service was replaced with a new time sync controller without any machine configuration changes. | ||
| There should be no user-visible changes in the way new time synchronization process works, logs are now | ||
| available via `talosctl logs controller-runtime`. | ||
| Talos now prefers last successful time server (by IP address) on each sync attempt, which improves sync accuracy. | ||
| * machined uses less memory and CPU time | ||
| * more disk encryption options are exposed via the machine configuration | ||
| * disk partitions are now aligned properly with minimum I/O size | ||
| * Talos system processes are moved under proper cgroups, resource metrics are now available via the kubelet | ||
| * OOM score is set on the system processes making sure they are killed last under memory pressure | ||
|
|
||
| ## Single Board Computers | ||
| ### etcd | ||
|
|
||
| Talos added support for the [Radxa Rock PI 4c](../../single-board-computers/rockpi_4/) board. | ||
| `u-boot` version was updated to fix the boot and USB issues on Raspberry Pi 4 8GiB version. | ||
| New etcd cluster members are now joined in [learner mode](https://etcd.io/docs/v3.4/learning/design-learner/), which improves cluster resiliency | ||
| to member join issues. | ||
|
|
||
| ## Optimizations | ||
| ### Machine Configuration | ||
|
|
||
| Multiple optimizations were applied to reduce Talos `initramfs` size and memory footprint. | ||
| As a result, we see a reduction of memory usage of around 100 MiB for the core Talos components which leaves more resources available for you workloads. | ||
| Machine configuration is validated now for unsupported keys. | ||
| This change allows to catch issues with YAML indentation. | ||
|
|
||
| ## Install Disk Selector | ||
| ### Networking | ||
|
|
||
| Install section of the machine config now has `diskSelector` [field](../../reference/configuration/#installconfig) that allows querying install disk using the list of qualifiers: | ||
| * multiple static addresses can be specified for the interface with new `.addresses` field (old `.cidr` field is deprecated now) | ||
| * static addresses can be set on interfaces configured with DHCP | ||
|
|
||
| ```yaml | ||
| ... | ||
| install: | ||
| diskSelector: | ||
| size: >= 500GB | ||
| model: WDC* | ||
| ... | ||
| ``` | ||
| ### Kubernetes Upgrades | ||
|
|
||
| `talosctl -n <IP> disks -i` can be used to check allowed disk qualifiers when the node is running in the maintenance mode. | ||
| `talosctl upgrade-k8s` now checks if cluster has any resources which are going to be removed or migrated to the new version after upgrade | ||
| and shows that as a warning before the upgrade. | ||
| Additionally, `upgrade-k8s` command now has `--dry-run` flag that only prints out warnings and upgrade summary. | ||
|
|
||
| ## Inline Kubernetes Manifests | ||
| ### Sysctl Configuration | ||
|
|
||
| Kubernetes manifests can now be submitted in the machine configuration using the `cluster.inlineManifests` [field](../../reference/configuration/#clusterconfig), | ||
| which works same way as `cluster.extraManifests` field, but manifest contents are passed inline in the machine configuration. | ||
| Sysctl Kernel Params configuration was completely rewritten to be based on controllers and resources, | ||
| which makes it possible to apply `.machine.sysctls` in immediate mode (without a reboot). | ||
| `talosctl get kernelparams` returns merged list of KSPP, Kubernetes and user defined params along with | ||
| the default values overwritten by Talos. | ||
|
|
||
| ## Updated Components | ||
| ### Equinix Metal | ||
|
|
||
| Linux: 5.10.19 -> 5.10.29 | ||
| Added support for Equinix Metal IPs for the Talos virtual (shared) IP (option `equnixMetal` under `vip` in the machine configuration). | ||
| Talos automatically re-assigns IP using the Equinix Metal API when leadership changes. | ||
|
|
||
| Kubernetes: 1.20.5 -> 1.21.0 | ||
| ### Support for Self-hosted Control Plane Dropped | ||
|
|
||
| Go: 1.15 -> 1.16 | ||
| > **Note**: This item only applies to clusters bootstrapped with Talos <= 0.8. | ||
| Talos 0.12 completely removes support for self-hosted Kubernetes control plane (bootkube-based). | ||
| Talos 0.9 introduced support for Talos-managed control plane and provided migration path to convert self-hosted control plane | ||
| to Talos-managed static pods. | ||
| Automated and manual conversion process is available in Talos from 0.9.x to 0.11.x. | ||
| For clusters bootstrapped with bootkube (Talos <= 0.8), please make sure control plane is converted to Talos-managed | ||
| before upgrading to Talos 0.12. | ||
| Current control plane status can be checked with `talosctl get bootstrapstatus` before performing upgrade to Talos 0.12. | ||
|
|
||
| ### Cluster API v0.3.x | ||
|
|
||
| Cluster API v0.3.x (v1alpha3) is not compatible with Kubernetes 1.22 used by default in Talos 0.12. | ||
| Talos can be configued to use Kubernetes 1.21 or CAPI v0.4.x components can be used instead. | ||
|
|
||
| ### Join Node Type | ||
|
|
||
| Node type `join` was renamed to `worker` for clarity. | ||
| The old value is still accepted in the machine configuration but deprecated. | ||
| `talosctl gen config` now generates `worker.yaml` instead of `join.yaml`. | ||
|
|
||
| ### Component Updates | ||
|
|
||
| * Linux: 5.10.58 | ||
| * Kubernetes: 1.22.1 | ||
| * containerd: 1.5.5 | ||
| * runc: 1.0.1 | ||
| * GRUB: 2.06 | ||
| * Talos is built with Go 1.16.7 |