Skip to content
v0.14.0-alpha.2
f7c87d1
Compare
Choose a tag to compare

v0.14.0-alpha.2

Pre-release
Pre-release

Talos 0.14.0-alpha.2 (2021-11-30)

Welcome to the v0.14.0-alpha.2 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/talos-systems/talos/issues.

Kexec and capabilities

When kexec support is disabled
Talos no longer drops Linux capabilities (CAP_SYS_BOOT and CAP_SYS_MODULES) for child processes.
That is helpful for advanced use-cases like Docker-in-Docker.

If you want to permanently disable kexec and capabilities dropping, pass kexec_load_disabled=1 argument to the kernel.

For example:

install:
  extraKernelArgs:
    - sysctl.kernel.kexec_load_disabled=1

Please note that capabilities are dropped before machine configuration is loaded,
so disabling kexec via machine.sysctls will not be enough.

Cluster Discovery

Cluster Discovery is enabled by default for Talos 0.14.
Cluster Discovery can be disabled with talosctl gen config --with-cluster-discovery=false.

Kubelet

Kubelet service can now be restarted with talosctl service kubelet restart.

Kubelet node IP configuration (.machine.kubelet.nodeIP.validSubnets) can now include negative subnet matches (prefixed with !).

Log Shipping

Talos can now ship system logs
to the configured destination using either JSON-over-UDP or JSON-over-TCP:
see .machine.logging machine configuration option.

NTP Sync

Talos NTP sync process was improved to align better with kernel time adjustment periods and to filter out spikes.

SideroLink

A set of Talos ehancements is going to unlock a number of exciting features in the upcoming release of Sidero:

  • SideroLink: a point-to-point Wireguard tunnel connecting Talos node back to the provisioning platform (Sidero).
  • event sink (kernel arg talos.event.sink=http://10.0.0.1:4000) delivers Talos internal events to the specified destination.
  • kmsg log delivery (kernel arg talos.logging.kernel=tcp://10.0.0.1:4001) sends kernel logs as JSON lines over TCP or UDP.

talosctl support

talosctl CLI tool now has a new subcommand called support, that can gather all
cluster information that could help with future debugging in a single run.

Output of the command is a zip archive with all talos service logs, kubernetes pod logs and manifests,
talos resources manifests and so on.
Generated archive does not contain any secret information so it is safe to send it for analysis to a third party.

Component Updates

  • Linux: 5.15.5
  • etcd: 3.5.1
  • containerd: 1.5.8
  • Kubernetes: 1.23.0-rc.0
  • CoreDNS: 1.8.6

Talos is built with Go 1.17.3

Kubernetes Upgrade Enhancements

talosctl upgrade-k8s now syncs all Talos manifest resources generated from templates.

So there is no need to update CoreDNS, Flannel container manually after running upgrade-k8s anymore.

Contributors

  • Andrey Smirnov
  • Alexey Palazhchenko
  • Artem Chernyshev
  • Serge Logvinov
  • Noel Georgi
  • Nico Berlee
  • Spencer Smith
  • Alex Zero
  • Andrew Rynhard
  • Branden Cash
  • David Haines
  • Gerard de Leeuw
  • Michael Fornaro
  • Rui Lopes

Changes

137 commits

  • f7c87d1 release(v0.14.0-alpha.2): prepare release
  • e9f4b7b feat: update Linux to 5.15.5
  • 4d0a75a docs: add documentation about logging
  • 8d1cbee chore: add API breaking changes detector
  • ed7fb9d feat: move kubelet proccesses to /podruntime cgroup
  • 2cd3f9b feat: filter out SideroLink addresses by default
  • 0f169bf chore: add API deprecations mechanism
  • eaf6d47 refactor: use random port listener in kernel log delivery tests
  • bf4c81e feat: kernel log (kmsg) delivery controller
  • f314978 feat: update Kubernetes to 1.23.0-rc.0
  • b824909 fix: disable kexec on RPi4
  • 3257751 fix: initialize Drainer properly
  • e4bc68b fix: leave only a single IPv4/IPv6 address as kubelet's node IP
  • e6d0074 feat: update pkgs - Linux 5.15.4, LibreSSL 3.2.7
  • d5cbc36 feat: add GCP ccm
  • 7433150 feat: implement events sink controller
  • b4a406a test: pin cluster API templates version to tag v1alpha4
  • 9427e78 fix: catch panics in network operator runs
  • d1f55f9 fix: update blockdevice library to properly handle absent GPT
  • 5ac64b2 chore: set version in unit-tests
  • 20d39c0 chore: format .proto files
  • 852bf4a feat: talosctl fish completion support
  • 6bb7515 fix: allow add_key and request_key in kubelet seccomp profile
  • 6487b21 feat: update pkgs for u-boot, containerd, etc
  • f7d1e77 feat: provide SideroLink client implementation
  • 58892cd fix: unblock events watch on context cancel
  • caa76be fix: containerd failed to load plugin
  • 1ffa8e0 feat: add ULA prefix for SideroLink
  • c6a67b8 fix: ignore not existing nodes on cordoning
  • f730252 feat: add new event types
  • 7c9b082 feat: update Kubernetes to 1.23.0-beta.0
  • 750e31c fix: ignore EBUSY from kexec_file_load
  • 2d11b59 fix: ignore virtual IP as kubelet node IPs
  • 030fd34 fix: don't run kexec prepare on shutdown and reset
  • 6dcce20 test: set proper pod CIDR for Cilium tests
  • 695300d release(v0.14.0-alpha.1): prepare release
  • 753a821 refactor: move pkg/resources to machinery
  • 0102a64 refactor: remove pkg/resources dependencies on wgtypes, netx
  • 7462733 chore: update golangci-lint
  • 032c99a refactor: remove pkg/resources dependencies on k8s and base62
  • 4a5cff4 perf: raspberry PIs clockspeed as fast as firmware allows
  • a76f6d6 feat: allow kubelet to be restarted and provide negative nodeIP subnets
  • 189221d chore: update dependencies
  • 41f0aec docs: update partition info
  • 9510507 chore: fix simple issues found by golangci-lint
  • d4b0ca2 test: retry upgrade mutex lock failures
  • 4357e9a docs: add Talos partions info
  • 8e8687d fix: use temporary sonobuoy version
  • e4e8e87 test: disable e2e-misc test with Canal CNI
  • 897da2f docs: common typos
  • a50483d feat: update Linux to 5.15.1
  • a2233bf fix: improve NTP sync process
  • 7efc123 fix: parse partition size correctly
  • d6147eb chore: update sonobuoy
  • efbae78 fix: use etc folder for du cli tests
  • 198eea5 fix: wait for follow reader to start before writing to the file
  • e7f715e chore: log KubeSpan IPs overlaps
  • 82a1ad1 chore: bump dependencies
  • e8fccbf fix: clear time adjustment error when setting time to specific value
  • e6f90bb chore: remove unused parameters
  • 785161d feat: update k8s to 1.23.0-alpha.4
  • fe228d7 fix: do not use yaml.v2 in the support cmd
  • 9b48ca2 fix: endpoints and nodes in generated talosconfig
  • 6e16fd2 chore: update tools, pkgs, and extras
  • 261c497 feat: implement talosctl support command
  • fc7dc45 chore: check our API idiosyncrasies
  • b158442 feat: use GCP deployment manager
  • 3e7d4df chore: bump dependencies
  • 88f2422 refactor: get rid of prometheus/procfs dependency in pkg/resources
  • dd196d3 refactor: prepare for move of pkg/resources to machinery
  • f6110f8 fix: remove listening socket to fix Talos in a container restart
  • 53bbb13 docs: update docs with emmc boot guide
  • 8329d21 chore: split polymorphic RootSecret resource into specific types
  • c97becd chore: remove interfaces and routes APIs
  • d798635 feat: automatically limit kubelet node IP family based on service CIDRs
  • 205a8d6 chore: make nethelpers build on all OSes
  • 5b5dd49 feat: extract JSON fields from more log messages
  • eb4f118 docs: create cluster in hetzner cloud
  • 728164e docs: fix kexec_load_disabled param name in release notes
  • f6328f0 fix: fix filename typo
  • 01b0f0a release(v0.14.0-alpha.0): prepare release
  • 8b62065 fix: skip generating empty .machine.logging
  • 60ad006 fix: don't drop ability to use ambient capabilities
  • b6b78e7 test: add cluster discovery integration tests
  • 97d64d1 fix: hcloud network config changes
  • 4c76865 feat: multiple logging improvements
  • 1d1e1df fix: handle skipped mounts correctly
  • 0a964d9 test: fix openstack unit-test stability
  • 72f62ac chore: bump Go and Docker dependencies
  • 9c48ebe fix: gcp fetching externalIP
  • 6c29726 test: fix e2e k8s version
  • ae5af9d feat: update Kubernetes to 1.23.0-alpha.3
  • 28d3a69 feat: openstack config-drive support
  • 2258bc4 test: update GCP e2e script to work with new templates
  • 36b6ace feat: update Linux to 5.10.75
  • 38516a5 test: update Talos versions in upgrade tests
  • cff20ec fix: change services OOM score
  • 666a2b6 feat: azure platform ipv6 support
  • d32814e feat: extract JSON fields from log lines
  • e77d81f fix: treat literal 'unknown' as a valid machine type
  • c8e404e test: update vars for AWS cluster
  • ad23891 feat: update CoreDNS version 1.8.6
  • 41299ca feat: udev rules support
  • 5237fdc feat: send JSON logs over UDP
  • 6d44587 feat: coredns service dualstack
  • 12f7888 feat: feed control plane endpoints on workers from cluster discovery
  • 431e4fb chore: bump Go and Docker dependencies
  • 89f3b9f feat: update etcd to 3.5.1
  • e60469a feat: initial support for JSON logging
  • 68c420e feat: enable cluster discovery by default
  • 3e100aa test: workaround EventsWatch test flakiness
  • 9bd4838 chore: stop using sonobuoy CLI
  • 6ad4595 docs: fix field names for bonding configuration
  • d7a3b7b chore: use discovery-client and discovery-api modules
  • d6309ee docs: create docs for Talos 0.14
  • c0fda64 fix: attempt to clean up tasks in containerd runner
  • 8cf442d chore: bump tools, pkgs, extras
  • 0dad5f4 chore: small cleanup
  • e3e2113 feat: upgrade CoreDNS during upgrade-k8s call
  • d92c98e docs: fix discovery service documentation link
  • e44b11c feat: update containerd to 1.5.7, bump Go dependencies
  • 2412930 docs: make Talos 0.13 docs latest, update documentation
  • 31b6e39 fix: delete expired affiliates from the discovery service
  • 877a2b6 test: bump CAPI components to v1alpha4
  • 2ba0e0a docs: add KubeSpan documentation
  • 997873b fix: use ECDSA-SHA512 when generating certs for Talos < 0.13
  • 7137166 fix: allow overriding audit-policy-file in kube-apiserver static pod
  • 8fcd421 chore: fix integration-qemu-race
  • 91a858b fix: sort output of the argument builder
  • 657f7a5 fix: use ECDSA-SHA256 signature algorithm for Kubernetes certs
  • 983d245 feat: suppress logging NTP sync to the console
  • 022c733 fix: add interface route if DHCP4 router is not directly routeable
  • 66a1579 fix: don't enable 'no new privs' on the system level
  • 423861c feat: don't drop capabilities if kexec is disabled
  • facc8c3 docs: fix documentation for cluster discovery
  • ce65ca4 chore: build using only amd64 builders
  • e9b0f01 chore: update docker image in the pipeline

Changes since v0.14.0-alpha.1

35 commits

  • f7c87d1 release(v0.14.0-alpha.2): prepare release
  • e9f4b7b feat: update Linux to 5.15.5
  • 4d0a75a docs: add documentation about logging
  • 8d1cbee chore: add API breaking changes detector
  • ed7fb9d feat: move kubelet proccesses to /podruntime cgroup
  • 2cd3f9b feat: filter out SideroLink addresses by default
  • 0f169bf chore: add API deprecations mechanism
  • eaf6d47 refactor: use random port listener in kernel log delivery tests
  • bf4c81e feat: kernel log (kmsg) delivery controller
  • f314978 feat: update Kubernetes to 1.23.0-rc.0
  • b824909 fix: disable kexec on RPi4
  • 3257751 fix: initialize Drainer properly
  • e4bc68b fix: leave only a single IPv4/IPv6 address as kubelet's node IP
  • e6d0074 feat: update pkgs - Linux 5.15.4, LibreSSL 3.2.7
  • d5cbc36 feat: add GCP ccm
  • 7433150 feat: implement events sink controller
  • b4a406a test: pin cluster API templates version to tag v1alpha4
  • 9427e78 fix: catch panics in network operator runs
  • d1f55f9 fix: update blockdevice library to properly handle absent GPT
  • 5ac64b2 chore: set version in unit-tests
  • 20d39c0 chore: format .proto files
  • 852bf4a feat: talosctl fish completion support
  • 6bb7515 fix: allow add_key and request_key in kubelet seccomp profile
  • 6487b21 feat: update pkgs for u-boot, containerd, etc
  • f7d1e77 feat: provide SideroLink client implementation
  • 58892cd fix: unblock events watch on context cancel
  • caa76be fix: containerd failed to load plugin
  • 1ffa8e0 feat: add ULA prefix for SideroLink
  • c6a67b8 fix: ignore not existing nodes on cordoning
  • f730252 feat: add new event types
  • 7c9b082 feat: update Kubernetes to 1.23.0-beta.0
  • 750e31c fix: ignore EBUSY from kexec_file_load
  • 2d11b59 fix: ignore virtual IP as kubelet node IPs
  • 030fd34 fix: don't run kexec prepare on shutdown and reset
  • 6dcce20 test: set proper pod CIDR for Cilium tests

Changes from talos-systems/discovery-api

2 commits

Changes from talos-systems/discovery-client

2 commits

Changes from talos-systems/extras

2 commits

Changes from talos-systems/go-blockdevice

2 commits

Changes from talos-systems/go-smbios

1 commit

Changes from talos-systems/net

2 commits

Changes from talos-systems/pkgs

22 commits

Changes from talos-systems/siderolink

6 commits

Changes from talos-systems/tools

6 commits

Dependency Changes

  • github.com/AlekSi/pointer v1.1.0 -> v1.2.0
  • github.com/cenkalti/backoff/v4 v4.1.2 new
  • github.com/containerd/cgroups v1.0.1 -> v1.0.2
  • github.com/containerd/containerd v1.5.5 -> v1.5.8
  • github.com/docker/docker v20.10.8 -> v20.10.11
  • github.com/evanphx/json-patch v4.11.0 -> v5.6.0
  • github.com/gosuri/uiprogress v0.0.1 new
  • github.com/hashicorp/go-getter v1.5.8 -> v1.5.9
  • github.com/hetznercloud/hcloud-go v1.32.0 -> v1.33.1
  • github.com/insomniacslk/dhcp b95caade3eac -> ad197bcd36fd
  • github.com/jsimonetti/rtnetlink 435639c8e6a8 -> 93da33804786
  • github.com/jxskiss/base62 4f11678b909b -> v1.0.0
  • github.com/mdlayher/ethtool 2b88debcdd43 -> 288d040e9d60
  • github.com/rivo/tview ee97a7ab3975 -> badfa0f0b301
  • github.com/talos-systems/discovery-api v0.1.0 new
  • github.com/talos-systems/discovery-client v0.1.0 new
  • github.com/talos-systems/extras v0.6.0 -> v0.7.0-alpha.0-1-g2bb2efc
  • github.com/talos-systems/go-blockdevice v0.2.4 -> 15b182db0cd2
  • github.com/talos-systems/go-smbios v0.1.0 -> fd5ec8ce4873
  • github.com/talos-systems/net v0.3.0 -> b4b718179a1a
  • github.com/talos-systems/pkgs v0.8.0 -> v0.9.0-alpha.0-21-g422276d
  • github.com/talos-systems/siderolink v0.1.0 new
  • github.com/talos-systems/tools v0.8.0 -> v0.9.0-alpha.0-5-g96e0231
  • github.com/vmware-tanzu/sonobuoy v0.53.2 -> v0.55.1
  • github.com/vmware/govmomi v0.26.1 -> v0.27.2
  • github.com/vmware/vmw-guestinfo 687661b8bd8e -> cc1fd90d572c
  • go.etcd.io/etcd/api/v3 v3.5.0 -> v3.5.1
  • go.etcd.io/etcd/client/pkg/v3 v3.5.0 -> v3.5.1
  • go.etcd.io/etcd/client/v3 v3.5.0 -> v3.5.1
  • go.etcd.io/etcd/etcdutl/v3 v3.5.0 -> v3.5.1
  • go.uber.org/atomic v1.7.0 new
  • golang.org/x/net 3ad01bbaa167 -> d83791d6bcd9
  • golang.org/x/sys 39ccf1dd6fa6 -> fe61309f8881
  • golang.org/x/term 140adaaadfaf -> 03fcf44c2211
  • golang.org/x/time 1f47c861a9ac -> f0f3c7e86c11
  • golang.zx2c4.com/wireguard/wgctrl 0a2f4901cba6 -> dd7407c86d22
  • google.golang.org/grpc v1.41.0 -> v1.42.0
  • inet.af/netaddr 85fa6c94624e -> c74959edd3b6
  • k8s.io/api v0.22.2 -> v0.23.0-alpha.4
  • k8s.io/apimachinery v0.22.2 -> v0.23.0-alpha.4
  • k8s.io/client-go v0.22.2 -> v0.23.0-alpha.4
  • k8s.io/cri-api v0.22.2 -> v0.23.0-alpha.4
  • k8s.io/kubectl v0.22.2 -> v0.23.0-alpha.4
  • k8s.io/kubelet v0.22.2 -> v0.23.0-alpha.4
  • kernel.org/pub/linux/libs/security/libcap/cap v1.2.59 -> v1.2.61
  • sigs.k8s.io/yaml v1.3.0 new

Previous release can be found at v0.13.0

Images

quay.io/coreos/flannel:v0.13.0
ghcr.io/talos-systems/install-cni:v0.7.0-alpha.0-1-g2bb2efc
docker.io/coredns/coredns:1.8.6
gcr.io/etcd-development/etcd:v3.5.1
k8s.gcr.io/kube-apiserver:v1.23.0-rc.0
k8s.gcr.io/kube-controller-manager:v1.23.0-rc.0
k8s.gcr.io/kube-scheduler:v1.23.0-rc.0
k8s.gcr.io/kube-proxy:v1.23.0-rc.0
ghcr.io/talos-systems/kubelet:v1.23.0-rc.0
ghcr.io/talos-systems/installer:v0.14.0-alpha.2
k8s.gcr.io/pause:3.2
v0.13.4
02424e0
Compare
Choose a tag to compare

Talos 0.13.4 (2021-11-29)

Welcome to the v0.13.4 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/talos-systems/talos/issues.

Contributors

  • Andrey Smirnov

Changes

5 commits

  • 02424e0 release(v0.13.4): prepare release
  • 58560a0 fix: leave only a single IPv4/IPv6 address as kubelet's node IP
  • de4aeaf fix: catch panics in network operator runs
  • 774d3a9 fix: ignore EBUSY from kexec_file_load
  • 7d63349 fix: allow add_key and request_key in kubelet seccomp profile

Dependency Changes

  • github.com/cenkalti/backoff/v4 v4.1.1 new

Previous release can be found at v0.13.3

Images

quay.io/coreos/flannel:v0.13.0
ghcr.io/talos-systems/install-cni:v0.6.0
docker.io/coredns/coredns:1.8.4
gcr.io/etcd-development/etcd:v3.4.16
k8s.gcr.io/kube-apiserver:v1.22.3
k8s.gcr.io/kube-controller-manager:v1.22.3
k8s.gcr.io/kube-scheduler:v1.22.3
k8s.gcr.io/kube-proxy:v1.22.3
ghcr.io/talos-systems/kubelet:v1.22.3
ghcr.io/talos-systems/installer:v0.13.4
k8s.gcr.io/pause:3.2
v0.13.3
193599d
Compare
Choose a tag to compare

Talos 0.13.3 (2021-11-22)

Welcome to the v0.13.3 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/talos-systems/talos/issues.

Kubelet

Kubelet service can now be restarted with talosctl service kubelet restart.

Kubelet node IP configuration (.machine.kubelet.nodeIP.validSubnets) can now include negative subnet matches (prefixed with !).

Contributors

  • Andrey Smirnov

Changes

6 commits

  • 193599d release(v0.13.3): prepare release
  • f375ba1 fix: unblock events watch on context cancel
  • 8b5fcb1 fix: ignore not existing nodes on cordoning
  • f303a8c fix: ignore virtual IP as kubelet node IPs
  • 980cbc6 feat: allow kubelet to be restarted and provide negative nodeIP subnets
  • 0018fbf fix: don't run kexec prepare on shutdown and reset

Changes from talos-systems/net

1 commit

Dependency Changes

  • github.com/talos-systems/net v0.3.0 -> 0abe5bdae8f8

Previous release can be found at v0.13.2

Images

quay.io/coreos/flannel:v0.13.0
ghcr.io/talos-systems/install-cni:v0.6.0
docker.io/coredns/coredns:1.8.4
gcr.io/etcd-development/etcd:v3.4.16
k8s.gcr.io/kube-apiserver:v1.22.3
k8s.gcr.io/kube-controller-manager:v1.22.3
k8s.gcr.io/kube-scheduler:v1.22.3
k8s.gcr.io/kube-proxy:v1.22.3
ghcr.io/talos-systems/kubelet:v1.22.3
ghcr.io/talos-systems/installer:v0.13.3
k8s.gcr.io/pause:3.2
v0.14.0-alpha.1
695300d
Compare
Choose a tag to compare

v0.14.0-alpha.1

Pre-release
Pre-release

Talos 0.14.0-alpha.1 (2021-11-15)

Welcome to the v0.14.0-alpha.1 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/talos-systems/talos/issues.

Kexec and capabilities

When kexec support is disabled
Talos no longer drops Linux capabilities (CAP_SYS_BOOT and CAP_SYS_MODULES) for child processes.
That is helpful for advanced use-cases like Docker-in-Docker.

If you want to permanently disable kexec and capabilities dropping, pass kexec_load_disabled=1 argument to the kernel.

For example:

install:
  extraKernelArgs:
    - sysctl.kernel.kexec_load_disabled=1

Please note that capabilities are dropped before machine configuration is loaded,
so disabling kexec via machine.sysctls will not be enough.

Cluster Discovery

Cluster Discovery is enabled by default for Talos 0.14.
Cluster Discovery can be disabled with talosctl gen config --with-cluster-discovery=false.

Kubelet

Kubelet service can now be restarted with talosctl service kubelet restart.

Kubelet node IP configuration (.machine.kubelet.nodeIP.validSubnets) can now include negative subnet matches (prefixed with !).

Log Shipping

Talos can now ship system logs to the configured destination using either JSON-over-UDP or JSON-over-TCP:
see .machine.logging machine configuration option.

talosctl support

talosctl CLI tool now has a new subcommand called support, that can gather all
cluster information that could help with future debugging in a single run.

Output of the command is a zip archive with all talos service logs, kubernetes pod logs and manifests,
talos resources manifests and so on.
Generated archive does not contain any secret information so it is safe to send it for analysis to a third party.

Component Updates

  • Linux: 5.15.1
  • etcd: 3.5.1
  • containerd: 1.5.7
  • Kubernetes: 1.23.0-alpha.4
  • CoreDNS: 1.8.6

Talos is built with Go 1.17.2

Kubernetes Upgrade Enhancements

talosctl upgrade-k8s now syncs all Talos manifest resources generated from templates.

So there is no need to update CoreDNS, Flannel container manually after running upgrade-k8s anymore.

Contributors

  • Andrey Smirnov
  • Alexey Palazhchenko
  • Artem Chernyshev
  • Serge Logvinov
  • Noel Georgi
  • Spencer Smith
  • Nico Berlee
  • Alex Zero
  • Andrew Rynhard
  • Branden Cash
  • David Haines
  • Gerard de Leeuw
  • Michael Fornaro
  • Rui Lopes

Changes

102 commits

  • 695300d release(v0.14.0-alpha.1): prepare release
  • 753a821 refactor: move pkg/resources to machinery
  • 0102a64 refactor: remove pkg/resources dependencies on wgtypes, netx
  • 7462733 chore: update golangci-lint
  • 032c99a refactor: remove pkg/resources dependencies on k8s and base62
  • 4a5cff4 perf: raspberry PIs clockspeed as fast as firmware allows
  • a76f6d6 feat: allow kubelet to be restarted and provide negative nodeIP subnets
  • 189221d chore: update dependencies
  • 41f0aec docs: update partition info
  • 9510507 chore: fix simple issues found by golangci-lint
  • d4b0ca2 test: retry upgrade mutex lock failures
  • 4357e9a docs: add Talos partions info
  • 8e8687d fix: use temporary sonobuoy version
  • e4e8e87 test: disable e2e-misc test with Canal CNI
  • 897da2f docs: common typos
  • a50483d feat: update Linux to 5.15.1
  • a2233bf fix: improve NTP sync process
  • 7efc123 fix: parse partition size correctly
  • d6147eb chore: update sonobuoy
  • efbae78 fix: use etc folder for du cli tests
  • 198eea5 fix: wait for follow reader to start before writing to the file
  • e7f715e chore: log KubeSpan IPs overlaps
  • 82a1ad1 chore: bump dependencies
  • e8fccbf fix: clear time adjustment error when setting time to specific value
  • e6f90bb chore: remove unused parameters
  • 785161d feat: update k8s to 1.23.0-alpha.4
  • fe228d7 fix: do not use yaml.v2 in the support cmd
  • 9b48ca2 fix: endpoints and nodes in generated talosconfig
  • 6e16fd2 chore: update tools, pkgs, and extras
  • 261c497 feat: implement talosctl support command
  • fc7dc45 chore: check our API idiosyncrasies
  • b158442 feat: use GCP deployment manager
  • 3e7d4df chore: bump dependencies
  • 88f2422 refactor: get rid of prometheus/procfs dependency in pkg/resources
  • dd196d3 refactor: prepare for move of pkg/resources to machinery
  • f6110f8 fix: remove listening socket to fix Talos in a container restart
  • 53bbb13 docs: update docs with emmc boot guide
  • 8329d21 chore: split polymorphic RootSecret resource into specific types
  • c97becd chore: remove interfaces and routes APIs
  • d798635 feat: automatically limit kubelet node IP family based on service CIDRs
  • 205a8d6 chore: make nethelpers build on all OSes
  • 5b5dd49 feat: extract JSON fields from more log messages
  • eb4f118 docs: create cluster in hetzner cloud
  • 728164e docs: fix kexec_load_disabled param name in release notes
  • f6328f0 fix: fix filename typo
  • 01b0f0a release(v0.14.0-alpha.0): prepare release
  • 8b62065 fix: skip generating empty .machine.logging
  • 60ad006 fix: don't drop ability to use ambient capabilities
  • b6b78e7 test: add cluster discovery integration tests
  • 97d64d1 fix: hcloud network config changes
  • 4c76865 feat: multiple logging improvements
  • 1d1e1df fix: handle skipped mounts correctly
  • 0a964d9 test: fix openstack unit-test stability
  • 72f62ac chore: bump Go and Docker dependencies
  • 9c48ebe fix: gcp fetching externalIP
  • 6c29726 test: fix e2e k8s version
  • ae5af9d feat: update Kubernetes to 1.23.0-alpha.3
  • 28d3a69 feat: openstack config-drive support
  • 2258bc4 test: update GCP e2e script to work with new templates
  • 36b6ace feat: update Linux to 5.10.75
  • 38516a5 test: update Talos versions in upgrade tests
  • cff20ec fix: change services OOM score
  • 666a2b6 feat: azure platform ipv6 support
  • d32814e feat: extract JSON fields from log lines
  • e77d81f fix: treat literal 'unknown' as a valid machine type
  • c8e404e test: update vars for AWS cluster
  • ad23891 feat: update CoreDNS version 1.8.6
  • 41299ca feat: udev rules support
  • 5237fdc feat: send JSON logs over UDP
  • 6d44587 feat: coredns service dualstack
  • 12f7888 feat: feed control plane endpoints on workers from cluster discovery
  • 431e4fb chore: bump Go and Docker dependencies
  • 89f3b9f feat: update etcd to 3.5.1
  • e60469a feat: initial support for JSON logging
  • 68c420e feat: enable cluster discovery by default
  • 3e100aa test: workaround EventsWatch test flakiness
  • 9bd4838 chore: stop using sonobuoy CLI
  • 6ad4595 docs: fix field names for bonding configuration
  • d7a3b7b chore: use discovery-client and discovery-api modules
  • d6309ee docs: create docs for Talos 0.14
  • c0fda64 fix: attempt to clean up tasks in containerd runner
  • 8cf442d chore: bump tools, pkgs, extras
  • 0dad5f4 chore: small cleanup
  • e3e2113 feat: upgrade CoreDNS during upgrade-k8s call
  • d92c98e docs: fix discovery service documentation link
  • e44b11c feat: update containerd to 1.5.7, bump Go dependencies
  • 2412930 docs: make Talos 0.13 docs latest, update documentation
  • 31b6e39 fix: delete expired affiliates from the discovery service
  • 877a2b6 test: bump CAPI components to v1alpha4
  • 2ba0e0a docs: add KubeSpan documentation
  • 997873b fix: use ECDSA-SHA512 when generating certs for Talos < 0.13
  • 7137166 fix: allow overriding audit-policy-file in kube-apiserver static pod
  • 8fcd421 chore: fix integration-qemu-race
  • 91a858b fix: sort output of the argument builder
  • 657f7a5 fix: use ECDSA-SHA256 signature algorithm for Kubernetes certs
  • 983d245 feat: suppress logging NTP sync to the console
  • 022c733 fix: add interface route if DHCP4 router is not directly routeable
  • 66a1579 fix: don't enable 'no new privs' on the system level
  • 423861c feat: don't drop capabilities if kexec is disabled
  • facc8c3 docs: fix documentation for cluster discovery
  • ce65ca4 chore: build using only amd64 builders
  • e9b0f01 chore: update docker image in the pipeline

Changes since v0.14.0-alpha.0

45 commits

  • 695300d release(v0.14.0-alpha.1): prepare release
  • 753a821 refactor: move pkg/resources to machinery
  • 0102a64 refactor: remove pkg/resources dependencies on wgtypes, netx
  • 7462733 chore: update golangci-lint
  • 032c99a refactor: remove pkg/resources dependencies on k8s and base62
  • 4a5cff4 perf: raspberry PIs clockspeed as fast as firmware allows
  • a76f6d6 feat: allow kubelet to be restarted and provide negative nodeIP subnets
  • 189221d chore: update dependencies
  • 41f0aec docs: update partition info
  • 9510507 chore: fix simple issues found by golangci-lint
  • d4b0ca2 test: retry upgrade mutex lock failures
  • 4357e9a docs: add Talos partions info
  • 8e8687d fix: use temporary sonobuoy version
  • e4e8e87 test: disable e2e-misc test with Canal CNI
  • 897da2f docs: common typos
  • a50483d feat: update Linux to 5.15.1
  • a2233bf fix: improve NTP sync process
  • 7efc123 fix: parse partition size correctly
  • d6147eb chore: update sonobuoy
  • efbae78 fix: use etc folder for du cli tests
  • 198eea5 fix: wait for follow reader to start before writing to the file
  • e7f715e chore: log KubeSpan IPs overlaps
  • 82a1ad1 chore: bump dependencies
  • e8fccbf fix: clear time adjustment error when setting time to specific value
  • e6f90bb chore: remove unused parameters
  • 785161d feat: update k8s to 1.23.0-alpha.4
  • fe228d7 fix: do not use yaml.v2 in the support cmd
  • 9b48ca2 fix: endpoints and nodes in generated talosconfig
  • 6e16fd2 chore: update tools, pkgs, and extras
  • 261c497 feat: implement talosctl support command
  • fc7dc45 chore: check our API idiosyncrasies
  • b158442 feat: use GCP deployment manager
  • 3e7d4df chore: bump dependencies
  • 88f2422 refactor: get rid of prometheus/procfs dependency in pkg/resources
  • dd196d3 refactor: prepare for move of pkg/resources to machinery
  • f6110f8 fix: remove listening socket to fix Talos in a container restart
  • 53bbb13 docs: update docs with emmc boot guide
  • 8329d21 chore: split polymorphic RootSecret resource into specific types
  • c97becd chore: remove interfaces and routes APIs
  • d798635 feat: automatically limit kubelet node IP family based on service CIDRs
  • 205a8d6 chore: make nethelpers build on all OSes
  • 5b5dd49 feat: extract JSON fields from more log messages
  • eb4f118 docs: create cluster in hetzner cloud
  • 728164e docs: fix kexec_load_disabled param name in release notes
  • f6328f0 fix: fix filename typo

Changes from talos-systems/discovery-api

2 commits

Changes from talos-systems/discovery-client

2 commits

Changes from talos-systems/extras

2 commits

Changes from talos-systems/net

1 commit

Changes from talos-systems/pkgs

15 commits

Changes from talos-systems/tools

6 commits

Dependency Changes

  • github.com/AlekSi/pointer v1.1.0 -> v1.2.0
  • github.com/containerd/cgroups v1.0.1 -> v1.0.2
  • github.com/containerd/containerd v1.5.5 -> v1.5.7
  • github.com/docker/docker v20.10.8 -> v20.10.10
  • github.com/evanphx/json-patch v4.11.0 -> v4.12.0
  • github.com/gosuri/uiprogress v0.0.1 new
  • github.com/hashicorp/go-getter v1.5.8 -> v1.5.9
  • github.com/hetznercloud/hcloud-go v1.32.0 -> v1.33.1
  • github.com/insomniacslk/dhcp b95caade3eac -> ad197bcd36fd
  • github.com/jsimonetti/rtnetlink 435639c8e6a8 -> 93da33804786
  • github.com/jxskiss/base62 4f11678b909b -> v1.0.0
  • github.com/mdlayher/ethtool 2b88debcdd43 -> 288d040e9d60
  • github.com/rivo/tview ee97a7ab3975 -> badfa0f0b301
  • github.com/talos-systems/discovery-api v0.1.0 new
  • github.com/talos-systems/discovery-client v0.1.0 new
  • github.com/talos-systems/extras v0.6.0 -> v0.7.0-alpha.0-1-g2bb2efc
  • github.com/talos-systems/net v0.3.0 -> 0abe5bdae8f8
  • github.com/talos-systems/pkgs v0.8.0 -> v0.9.0-alpha.0-14-g740da24
  • github.com/talos-systems/talos/pkg/machinery v0.13.0 -> 000000000000
  • github.com/talos-systems/tools v0.8.0 -> v0.9.0-alpha.0-5-g96e0231
  • github.com/vmware-tanzu/sonobuoy v0.53.2 -> v0.55.0
  • github.com/vmware/govmomi v0.26.1 -> v0.27.1
  • github.com/vmware/vmw-guestinfo 687661b8bd8e -> cc1fd90d572c
  • go.etcd.io/etcd/api/v3 v3.5.0 -> v3.5.1
  • go.etcd.io/etcd/client/pkg/v3 v3.5.0 -> v3.5.1
  • go.etcd.io/etcd/client/v3 v3.5.0 -> v3.5.1
  • go.etcd.io/etcd/etcdutl/v3 v3.5.0 -> v3.5.1
  • golang.org/x/net 3ad01bbaa167 -> 69e39bad7dc2
  • golang.org/x/sys 39ccf1dd6fa6 -> 0c823b97ae02
  • golang.org/x/term 140adaaadfaf -> 03fcf44c2211
  • golang.zx2c4.com/wireguard/wgctrl 0a2f4901cba6 -> 0073765f69ba
  • google.golang.org/grpc v1.41.0 -> v1.42.0
  • inet.af/netaddr 85fa6c94624e -> c74959edd3b6
  • k8s.io/api v0.22.2 -> v0.23.0-alpha.4
  • k8s.io/apimachinery v0.22.2 -> v0.23.0-alpha.4
  • k8s.io/client-go v0.22.2 -> v0.23.0-alpha.4
  • k8s.io/cri-api v0.22.2 -> v0.23.0-alpha.4
  • k8s.io/kubectl v0.22.2 -> v0.23.0-alpha.4
  • k8s.io/kubelet v0.22.2 -> v0.23.0-alpha.4
  • kernel.org/pub/linux/libs/security/libcap/cap v1.2.59 -> v1.2.60
  • sigs.k8s.io/yaml v1.3.0 new

Previous release can be found at v0.13.0

Images

quay.io/coreos/flannel:v0.13.0
ghcr.io/talos-systems/install-cni:v0.7.0-alpha.0-1-g2bb2efc
docker.io/coredns/coredns:1.8.6
gcr.io/etcd-development/etcd:v3.5.1
k8s.gcr.io/kube-apiserver:v1.23.0-alpha.4
k8s.gcr.io/kube-controller-manager:v1.23.0-alpha.4
k8s.gcr.io/kube-scheduler:v1.23.0-alpha.4
k8s.gcr.io/kube-proxy:v1.23.0-alpha.4
ghcr.io/talos-systems/kubelet:v1.23.0-alpha.4
ghcr.io/talos-systems/installer:v0.14.0-alpha.1
k8s.gcr.io/pause:3.2
v0.13.2
b7fc1a6
Compare
Choose a tag to compare

Talos 0.13.2 (2021-11-02)

Welcome to the v0.13.2 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/talos-systems/talos/issues.

Kexec and capabilities

When kexec support is disabled Talos no longer drops Linux capabilities (CAP_SYS_BOOT and CAP_SYS_MODULES) for child processes.
That is helpful for advanced use-cases like Docker-in-Docker.

If you want to permanently disable kexec and capabilities dropping, pass kexec_load_disabled=1 argument to the kernel.
For example:

install:
  extraKernelArgs:
    - kexec_load_disabled=1

Please note that capabilities are dropped before machine configuration is loaded,
so disabling kexec via machine.sysctls (like in the section Reboots via kexec) will not be enough.

Contributors

  • Andrey Smirnov
  • Artem Chernyshev
  • Serge Logvinov

Changes

6 commits

  • b7fc1a6 release(v0.13.2): prepare release
  • a937e6f fix: remove listening socket to fix Talos in a container restart
  • 2698679 feat: automatically limit kubelet node IP family based on service CIDRs
  • c873dc5 fix: don't drop ability to use ambient capabilities
  • 2226a99 fix: hcloud network config changes
  • 7cb9813 feat: update Kubernetes to 1.22.3

Dependency Changes

  • k8s.io/api v0.22.2 -> v0.22.3
  • k8s.io/client-go v0.22.2 -> v0.22.3
  • k8s.io/kubectl v0.22.2 -> v0.22.3
  • k8s.io/kubelet v0.22.2 -> v0.22.3

Previous release can be found at v0.13.1

Images

quay.io/coreos/flannel:v0.13.0
ghcr.io/talos-systems/install-cni:v0.6.0
docker.io/coredns/coredns:1.8.4
gcr.io/etcd-development/etcd:v3.4.16
k8s.gcr.io/kube-apiserver:v1.22.3
k8s.gcr.io/kube-controller-manager:v1.22.3
k8s.gcr.io/kube-scheduler:v1.22.3
k8s.gcr.io/kube-proxy:v1.22.3
ghcr.io/talos-systems/kubelet:v1.22.3
ghcr.io/talos-systems/installer:v0.13.2
k8s.gcr.io/pause:3.2
v0.14.0-alpha.0
01b0f0a
Compare
Choose a tag to compare

v0.14.0-alpha.0

Pre-release
Pre-release

Talos 0.14.0-alpha.0 (2021-10-25)

Welcome to the v0.14.0-alpha.0 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/talos-systems/talos/issues.

Kexec and capabilities

When kexec support is disabled
Talos no longer drops Linux capabilities (CAP_SYS_BOOT and CAP_SYS_MODULES) for child processes.
That is helpful for advanced use-cases like Docker-in-Docker.

If you want to permanently disable kexec and capabilities dropping, pass kexec_load_disabled=1 argument to the kernel.

For example:

install:
  extraKernelArgs:
    - sysctl.kernel.kexec_load_disabled=1

Please note that capabilities are dropped before machine configuration is loaded,
so disabling kexec via machine.sysctls will not be enough.

Cluster Discovery

Cluster Discovery is enabled by default for Talos 0.14.
Cluster Discovery can be disabled with talosctl gen config --with-cluster-discovery=false.

Log Shipping

Talos can now ship system logs to the configured destination using either JSON-over-UDP or JSON-over-TCP:
see .machine.logging machine configuration option.

Component Updates

  • Linux: 5.10.75
  • etcd: 3.5.1
  • containerd: 1.5.7
  • Kubernetes: 1.23.0-alpha.0
  • CoreDNS: 1.8.6

Talos is built with Go 1.17.2

Kubernetes Upgrade Enhancements

talosctl upgrade-k8s now syncs all Talos manifest resources generated from templates.

So there is no need to update CoreDNS, Flannel container manually after running upgrade-k8s anymore.

Contributors

  • Andrey Smirnov
  • Alexey Palazhchenko
  • Serge Logvinov
  • Artem Chernyshev
  • Spencer Smith
  • Andrew Rynhard
  • Branden Cash
  • Gerard de Leeuw

Changes

57 commits

  • 01b0f0a release(v0.14.0-alpha.0): prepare release
  • 8b62065 fix: skip generating empty .machine.logging
  • 60ad006 fix: don't drop ability to use ambient capabilities
  • b6b78e7 test: add cluster discovery integration tests
  • 97d64d1 fix: hcloud network config changes
  • 4c76865 feat: multiple logging improvements
  • 1d1e1df fix: handle skipped mounts correctly
  • 0a964d9 test: fix openstack unit-test stability
  • 72f62ac chore: bump Go and Docker dependencies
  • 9c48ebe fix: gcp fetching externalIP
  • 6c29726 test: fix e2e k8s version
  • ae5af9d feat: update Kubernetes to 1.23.0-alpha.3
  • 28d3a69 feat: openstack config-drive support
  • 2258bc4 test: update GCP e2e script to work with new templates
  • 36b6ace feat: update Linux to 5.10.75
  • 38516a5 test: update Talos versions in upgrade tests
  • cff20ec fix: change services OOM score
  • 666a2b6 feat: azure platform ipv6 support
  • d32814e feat: extract JSON fields from log lines
  • e77d81f fix: treat literal 'unknown' as a valid machine type
  • c8e404e test: update vars for AWS cluster
  • ad23891 feat: update CoreDNS version 1.8.6
  • 41299ca feat: udev rules support
  • 5237fdc feat: send JSON logs over UDP
  • 6d44587 feat: coredns service dualstack
  • 12f7888 feat: feed control plane endpoints on workers from cluster discovery
  • 431e4fb chore: bump Go and Docker dependencies
  • 89f3b9f feat: update etcd to 3.5.1
  • e60469a feat: initial support for JSON logging
  • 68c420e feat: enable cluster discovery by default
  • 3e100aa test: workaround EventsWatch test flakiness
  • 9bd4838 chore: stop using sonobuoy CLI
  • 6ad4595 docs: fix field names for bonding configuration
  • d7a3b7b chore: use discovery-client and discovery-api modules
  • d6309ee docs: create docs for Talos 0.14
  • c0fda64 fix: attempt to clean up tasks in containerd runner
  • 8cf442d chore: bump tools, pkgs, extras
  • 0dad5f4 chore: small cleanup
  • e3e2113 feat: upgrade CoreDNS during upgrade-k8s call
  • d92c98e docs: fix discovery service documentation link
  • e44b11c feat: update containerd to 1.5.7, bump Go dependencies
  • 2412930 docs: make Talos 0.13 docs latest, update documentation
  • 31b6e39 fix: delete expired affiliates from the discovery service
  • 877a2b6 test: bump CAPI components to v1alpha4
  • 2ba0e0a docs: add KubeSpan documentation
  • 997873b fix: use ECDSA-SHA512 when generating certs for Talos < 0.13
  • 7137166 fix: allow overriding audit-policy-file in kube-apiserver static pod
  • 8fcd421 chore: fix integration-qemu-race
  • 91a858b fix: sort output of the argument builder
  • 657f7a5 fix: use ECDSA-SHA256 signature algorithm for Kubernetes certs
  • 983d245 feat: suppress logging NTP sync to the console
  • 022c733 fix: add interface route if DHCP4 router is not directly routeable
  • 66a1579 fix: don't enable 'no new privs' on the system level
  • 423861c feat: don't drop capabilities if kexec is disabled
  • facc8c3 docs: fix documentation for cluster discovery
  • ce65ca4 chore: build using only amd64 builders
  • e9b0f01 chore: update docker image in the pipeline

Changes from talos-systems/discovery-api

2 commits

Changes from talos-systems/discovery-client

2 commits

Changes from talos-systems/extras

1 commit

Changes from talos-systems/pkgs

8 commits

Changes from talos-systems/tools

1 commit

Dependency Changes

  • github.com/AlekSi/pointer v1.1.0 -> v1.2.0
  • github.com/containerd/cgroups v1.0.1 -> v1.0.2
  • github.com/containerd/containerd v1.5.5 -> v1.5.7
  • github.com/docker/docker v20.10.8 -> v20.10.9
  • github.com/hashicorp/go-getter v1.5.8 -> v1.5.9
  • github.com/insomniacslk/dhcp b95caade3eac -> 509557e9f781
  • github.com/jsimonetti/rtnetlink 435639c8e6a8 -> e34540a94caa
  • github.com/jxskiss/base62 4f11678b909b -> v1.0.0
  • github.com/rivo/tview ee97a7ab3975 -> 5508f4b00266
  • github.com/talos-systems/discovery-api v0.1.0 new
  • github.com/talos-systems/discovery-client v0.1.0 new
  • github.com/talos-systems/extras v0.6.0 -> v0.7.0-alpha.0
  • github.com/talos-systems/pkgs v0.8.0 -> v0.9.0-alpha.0-7-g80a63d4
  • github.com/talos-systems/talos/pkg/machinery v0.13.0 -> 000000000000
  • github.com/talos-systems/tools v0.8.0 -> v0.9.0-alpha.0
  • github.com/vmware-tanzu/sonobuoy v0.53.2 -> v0.54.0
  • github.com/vmware/govmomi v0.26.1 -> v0.27.1
  • github.com/vmware/vmw-guestinfo 687661b8bd8e -> cc1fd90d572c
  • go.etcd.io/etcd/api/v3 v3.5.0 -> v3.5.1
  • go.etcd.io/etcd/client/pkg/v3 v3.5.0 -> v3.5.1
  • go.etcd.io/etcd/client/v3 v3.5.0 -> v3.5.1
  • go.etcd.io/etcd/etcdutl/v3 v3.5.0 -> v3.5.1
  • golang.org/x/net 3ad01bbaa167 -> d418f374d309
  • golang.org/x/sys 39ccf1dd6fa6 -> d6a326fbbf70
  • golang.org/x/term 140adaaadfaf -> 03fcf44c2211
  • golang.zx2c4.com/wireguard/wgctrl 0a2f4901cba6 -> 5be1d6054c42
  • k8s.io/api v0.22.2 -> v0.23.0-alpha.3
  • k8s.io/apimachinery v0.22.2 -> v0.23.0-alpha.3
  • k8s.io/client-go v0.22.2 -> v0.23.0-alpha.3
  • k8s.io/cri-api v0.22.2 -> v0.23.0-alpha.3
  • k8s.io/kubectl v0.22.2 -> v0.23.0-alpha.3
  • k8s.io/kubelet v0.22.2 -> v0.23.0-alpha.3
  • kernel.org/pub/linux/libs/security/libcap/cap v1.2.59 -> v1.2.60
  • sigs.k8s.io/yaml v1.3.0 new

Previous release can be found at v0.13.0

Images

quay.io/coreos/flannel:v0.13.0
ghcr.io/talos-systems/install-cni:v0.7.0-alpha.0
docker.io/coredns/coredns:1.8.6
gcr.io/etcd-development/etcd:v3.5.1
k8s.gcr.io/kube-apiserver:v1.23.0-alpha.3
k8s.gcr.io/kube-controller-manager:v1.23.0-alpha.3
k8s.gcr.io/kube-scheduler:v1.23.0-alpha.3
k8s.gcr.io/kube-proxy:v1.23.0-alpha.3
ghcr.io/talos-systems/kubelet:v1.23.0-alpha.3
ghcr.io/talos-systems/installer:v0.14.0-alpha.0
k8s.gcr.io/pause:3.2
v0.13.1
de843ec
Compare
Choose a tag to compare

Talos 0.13.1 (2021-10-25)

Welcome to the v0.13.1 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/talos-systems/talos/issues.

Kexec and capabilities

When kexec support is disabled Talos no longer drops Linux capabilities (CAP_SYS_BOOT and CAP_SYS_MODULES) for child processes.
That is helpful for advanced use-cases like Docker-in-Docker.

If you want to permanently disable kexec and capabilities dropping, pass kexec_load_disabled=1 argument to the kernel.
For example:

install:
  extraKernelArgs:
    - sysctl.kernel.kexec_load_disabled=1

Please note that capabilities are dropped before machine configuration is loaded,
so disabling kexec via machine.sysctls (like in the section Reboots via kexec) will not be enough.

Contributors

  • Andrey Smirnov
  • Alexey Palazhchenko
  • Spencer Smith

Changes

7 commits

  • de843ec release(v0.13.1): prepare release
  • 39e9a6a test: update GCP e2e script to work with new templates
  • 0a51dcb test: update vars for AWS cluster
  • a770bbe fix: handle skipped mounts correctly
  • cdf9a5e fix: treat literal 'unknown' as a valid machine type
  • fc35c82 feat: don't drop capabilities if kexec is disabled
  • 4aa9885 fix: delete expired affiliates from the discovery service

Changes from talos-systems/discovery-service

5 commits

Dependency Changes

  • github.com/talos-systems/discovery-service v0.1.0 -> v0.1.1

Previous release can be found at v0.13.0

Images

quay.io/coreos/flannel:v0.13.0
ghcr.io/talos-systems/install-cni:v0.6.0
docker.io/coredns/coredns:1.8.4
gcr.io/etcd-development/etcd:v3.4.16
k8s.gcr.io/kube-apiserver:v1.22.2
k8s.gcr.io/kube-controller-manager:v1.22.2
k8s.gcr.io/kube-scheduler:v1.22.2
k8s.gcr.io/kube-proxy:v1.22.2
ghcr.io/talos-systems/kubelet:v1.22.2
ghcr.io/talos-systems/installer:v0.13.1
k8s.gcr.io/pause:3.2
v0.13.0
04ebab9
Compare
Choose a tag to compare

Talos 0.13.0 (2021-10-12)

Welcome to the v0.13.0 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/talos-systems/talos/issues.

Cluster Discovery and KubeSpan

This release of Talos provides initial support for cluster membership discovery and KubeSpan.

These new features are not enabled by default, to enable them please make following changes to the machine configuration:

machine:
  network:
    kubespan:
      enabled: true
cluster:
  discovery:
    enabled: true

Reboots via kexec

Talos now reboots by default via kexec syscall which means BIOS POST process is skipped.
On bare-metal hardware BIOS POST process might take 10-15 minutes, so Talos reboots 10-15 minutes faster on bare-metal.

Kexec support can be disabled with the following change to the machine configuration:

machine:
  sysctls:
    kernel.kexec_load_disabled: "1"

Hetzner, Scaleway, Upcloud and Vultr

Talos now natively supports four new cloud platforms:

Also generic cloud-init nocloud platform is supported in both networking and storage-based modes.

etcd Advertised Address

The address advertised by etcd can now be controlled with new machine configuration option machine.etcd.subnet.

kubelet Node IP

The addresses picked by kubelet can now be controlled with new machine configuration option machine.kubelet.nodeIP.validSubnets.

Windows Suport

CLI tool talosctl is now built for Windows and published as part of the release.

Component Updates

Linux: 5.10.69
Kubernetes: 1.22.2
containerd: 1.5.6
runc: 1.0.2

Talos is built with Go 1.17.1.

Contributors

  • Andrey Smirnov
  • Artem Chernyshev
  • Alexey Palazhchenko
  • Seán C McCord
  • Serge Logvinov
  • Andrew Rynhard
  • Olli Janatuinen
  • Spencer Smith
  • Andrey Smirnov
  • Lennard Klein
  • Rui Lopes

Changes

121 commits

  • 04ebab9 release(v0.13.0): prepare release
  • d507285 fix: allow overriding audit-policy-file in kube-apiserver static pod
  • 9875951 fix: use ECDSA-SHA512 when generating certs for Talos < 0.13
  • fd5c477 fix: use ECDSA-SHA256 signature algorithm for Kubernetes certs
  • ccc210e chore: fix integration-qemu-race
  • 7457d79 release(v0.13.0-beta.1): prepare release
  • 250529e fix: revert use ECDSA-SHA256 signature algorithm for Kubernetes certs
  • a3ac9bf fix: sort output of the argument builder
  • 81c3899 fix: use ECDSA-SHA256 signature algorithm for Kubernetes certs
  • bc3e07f feat: suppress logging NTP sync to the console
  • 27a695b fix: add interface route if DHCP4 router is not directly routeable
  • c55b4a5 fix: don't enable 'no new privs' on the system level
  • 3ecec6e chore: build using only amd64 builders
  • d2c7e85 chore: update docker image in the pipeline
  • e82a443 release(v0.13.0-beta.0): prepare release
  • 5f27771 chore: prepare for 0.13-beta release
  • 5e41dd4 feat: add an option to configure kubelet node IP based on subnets
  • 72e4902 chore: allow insecure discovery in debug builds
  • d52befd fix: ignore 404 for AWS external IPs
  • 44a63e9 feat: update containerd to 1.5.6
  • 0e0fb68 release(v0.13.0-alpha.3): prepare release
  • 4044372 feat: harvest discovered endpoints and push them via discovery svc
  • 9a51aa8 feat: add an option to skip downed peers in KubeSpan
  • cbbd7c6 feat: publish node's ExternalIPs as node addresses
  • 0f60ef6 fix: reset inputs back to initial state in secrets.APIController
  • 64cb873 feat: override static pods default args by extra Args
  • ecdd775 test: workaround race in the tests with zaptest package
  • 9c67fde release(v0.13.0-alpha.2): prepare release
  • 30ae714 feat: implement integration with Discovery Service
  • 353d632 feat: add nocloud platform support
  • 628fbf9 chore: update Linux to 5.10.69
  • 62acd62 fix: check trustd API CA on worker nodes
  • ba27bc3 feat: implement Hetzner Cloud support for virtual (shared) IP
  • 95f440e test: add fuzz test for configloader
  • d2cf021 chore: remove deprecated "join" term
  • 0e18e28 chore: bump dependencies
  • b450b7c chore: deprecate Interfaces and Routes APIs
  • cddcb96 fix: find devices without partition table
  • b1b6d61 fix: check for existence of dhcp6 FQDN first
  • 519999b fix: use readonly mode when probing devices with All lookup
  • 2b52042 feat: enable resource API in the maintenance mode
  • 452893c fix: make probe open blockdevice in readonly mode
  • 96bccdd test: update CABPT provider to 0.3 release
  • d9eb18b fix: containerd log symlink
  • efa7f48 docs: quicklinks on landing page
  • 1cb9f28 fix: don't marshal clock with SecretsBundle
  • b27c75b release(v0.13.0-alpha.1): prepare release
  • 9d803d7 chore: bump dependencies and drop firecracker support
  • 50a2410 feat: add operating system version field to discovery
  • 085c61b chore: add a special condition to check for kubeconfig readiness
  • 21cdd85 fix: add node address to the list of allowed IPs (kubespan)
  • fdd80a1 feat: add an option to continue booting on NTP timeout
  • ef36849 feat: add routes, routing rules and nftables rules for KubeSpan
  • ed12379 fix: patch multi nodes support
  • d943bb0 feat: update Kubernetes to 1.22.2
  • d0585fb feat: reboot via kexec
  • 3de505c fix: skip bad cloud-config in OpenStack platform
  • a394d1e fix: tear down control plane static pods when etcd is stopped
  • 1c05089 feat: implement KubeSpan manager for Wireguard peer state
  • ec7f44e fix: completely prevent editing resources other than mc
  • 19a8ae9 feat: add vultr.com cloud support
  • 0ff4c7c fix: write KubernetesCACert chmodded 0400 instead of 0500
  • a1c9d64 fix: update the way results are retrieved for certified conformance
  • a059454 chore: build using Go 1.17
  • 7c5045b release(v0.13.0-alpha.0): prepare release
  • ee2dce6 chore: bump dependencies
  • ef02295 fix: print etcd member ID in hex
  • 5ca1fb8 fix: multiple fixes for KubeSpan and Wireguard implementation
  • b1bd642 fix: build platform images
  • 3b5f403 feat: add scaleway.com cloud support
  • f156ab1 feat: add upcloud.com cloud support
  • c3b2429 fix: suppress spurious Kubernetes API server cert updates
  • ff90b57 feat: implement KubeSpan peer generation controller
  • 14c69df fix: correctly parse multiple pod/service CIDRs
  • 69897db feat: drop some capabilities to be never available
  • 51e9836 docs: promote 0.12 docs to be the latest
  • 812d59c feat: add hetzner.com cloud support
  • d53e9e8 chore: use named constants
  • 2dfe7f1 chore: bump tools to the latest version
  • 82b130e docs: document required options for extraMounts
  • af66221 feat: implement Kubernetes cluster discovery registry
  • 2c66e1b feat: provide building of local Affiliate structure (for the node)
  • d69bd2a chore: enable GPG identity check for Talos
  • 8dbd851 chore: update tools/pkgs/extras to the new version
  • 0b34757 feat: use dynamic NodeAddresses/HostnameStatus in Kubernetes certs
  • bd5b9c9 fix: correctly define example for extraMounts
  • 01cca09 docs: update docs for Talos 0.12 release
  • 668627d feat: add subnet filter for etcd address
  • 3c3c281 chore: bump dependencies via dependabot
  • f8bebba fix: ignore error on duplicate for MountStatus
  • 6956edd feat: add node address filters, filter out k8s addresses for Talos API
  • caee24b feat: implement KubeSpan identity controller
  • da0f6e7 fix: allow updating diskSelector option
  • 761ccaf feat: provide machine configuration for KubeSpan and cluster discovery
  • a81e30c docs: add bootstrap command to VMware docs
  • 97da354 fix: do not panic on invalid machine configs
  • c4048e2 fix: don't extract nil IPs in the GCP platform
  • ba169c6 feat: provide talosctl.exe for Windows
  • 6312f47 fix: properly handle omitempty fields in the validator
  • 7f22879 feat: provide random node identity
  • 032e7c6 chore: import yaml.v3 consistently
  • 80b5f0e fix: validate IP address returned as HTTP response in platform code
  • c9af8f7 docs: fork docs for 0.13
  • 85cda1b feat: provide MountStatus resource for system partition mounts
  • 950f122 chore: update versions in upgrade tests
  • 83fdb77 feat: provide first NIC hardware addr as a resource
  • 5f5ac12 fix: properly case the VMware name
  • 0a6048f fix: don't allow bootstrap if etcd data directory is not empty
  • e24b93b fix: cgroup delegate
  • 751f64f docs: add release notes for 0.12, support matrix
  • 57a7769 feat: update Kubernetes to 1.22.1
  • 244b08c chore: bump dependencies
  • 576ba19 fix: do not set KSPP kernel params in container mode
  • b8c92ed fix: don't support cgroups nesting in process runner
  • 9bb0b79 test: adapt tests to the cgroupsv2
  • 1abc12b fix: extramount should have yaml:",inline" tag
  • 2b614e4 feat: check if cluster has deprecated resources versions
  • 0b86eda fix: don't panic if the machine config doesn't have network (EM)
  • 8bef41e fix: make sure file mode is same (reproducibility issue)
  • fcfca55 chore: do not check that go mod tidy gives empty output
  • 5ce92ca docs: ensure azure VMs are 0 indexed

Changes since v0.13.0-beta.1

5 commits

  • 04ebab9 release(v0.13.0): prepare release
  • d507285 fix: allow overriding audit-policy-file in kube-apiserver static pod
  • 9875951 fix: use ECDSA-SHA512 when generating certs for Talos < 0.13
  • fd5c477 fix: use ECDSA-SHA256 signature algorithm for Kubernetes certs
  • ccc210e chore: fix integration-qemu-race

Changes from talos-systems/crypto

2 commits

Changes from talos-systems/discovery-service

19 commits

Changes from talos-systems/extras

3 commits

Changes from talos-systems/go-blockdevice

6 commits

Changes from talos-systems/pkgs

9 commits

Changes from talos-systems/tools

6 commits

Dependency Changes

  • github.com/containerd/go-cni v1.0.2 -> v1.1.0
  • github.com/containernetworking/cni v0.8.1 -> v1.0.1
  • github.com/containernetworking/plugins v0.9.1 -> v1.0.1
  • github.com/cosi-project/runtime 25f235cd0682 -> 5cb7f5002d77
  • github.com/fatih/color v1.12.0 -> v1.13.0
  • github.com/fsnotify/fsnotify v1.4.9 -> v1.5.1
  • github.com/gdamore/tcell/v2 v2.4.0 -> f057f0a857a1
  • github.com/google/nftables 16a134723a96 new
  • github.com/hashicorp/go-getter v1.5.7 -> v1.5.8
  • github.com/hetznercloud/hcloud-go v1.32.0 new
  • github.com/insomniacslk/dhcp 1cac67f12b1e -> b95caade3eac
  • github.com/jsimonetti/rtnetlink 9c52e516c709 -> 435639c8e6a8
  • github.com/jxskiss/base62 4f11678b909b new
  • github.com/mattn/go-isatty v0.0.13 -> v0.0.14
  • github.com/mdlayher/netx 669a06fde734 new
  • github.com/packethost/packngo v0.19.0 -> v0.19.1
  • github.com/prometheus/procfs v0.7.2 -> v0.7.3
  • github.com/rivo/tview 29d673af0ce2 -> ee97a7ab3975
  • github.com/scaleway/scaleway-sdk-go v1.0.0-beta.7 new
  • github.com/talos-systems/crypto v0.3.2 -> v0.3.4
  • github.com/talos-systems/discovery-service v0.1.0 new
  • github.com/talos-systems/extras v0.5.0 -> v0.6.0
  • github.com/talos-systems/go-blockdevice v0.2.3 -> v0.2.4
  • github.com/talos-systems/pkgs v0.7.0 -> v0.8.0
  • github.com/talos-systems/talos/pkg/machinery 000000000000 -> v0.13.0
  • github.com/talos-systems/tools v0.7.0-1-ga33ccc1 -> v0.8.0
  • github.com/vishvananda/netlink f5de75959ad5 new
  • github.com/vmware-tanzu/sonobuoy v0.53.1 -> v0.53.2
  • github.com/vmware/govmomi v0.26.0 -> v0.26.1
  • github.com/vultr/metadata v1.0.3 new
  • go.uber.org/zap v1.19.0 -> v1.19.1
  • golang.org/x/net 853a461950ff -> 3ad01bbaa167
  • golang.org/x/sys 0f9fa26af87c -> 39ccf1dd6fa6
  • golang.org/x/term 6886f2dfbf5b -> 140adaaadfaf
  • golang.zx2c4.com/wireguard/wgctrl 92e472f520a5 -> 0a2f4901cba6
  • google.golang.org/grpc v1.40.0 -> v1.41.0
  • inet.af/netaddr ce7a8ad02cc1 -> 85fa6c94624e
  • k8s.io/api v0.22.1 -> v0.22.2
  • k8s.io/apimachinery v0.22.1 -> v0.22.2
  • k8s.io/client-go v0.22.1 -> v0.22.2
  • k8s.io/kubectl v0.22.1 -> v0.22.2
  • k8s.io/kubelet v0.22.1 -> v0.22.2
  • kernel.org/pub/linux/libs/security/libcap/cap v1.2.59 new

Previous release can be found at v0.12.0

Images

quay.io/coreos/flannel:v0.13.0
ghcr.io/talos-systems/install-cni:v0.6.0
docker.io/coredns/coredns:1.8.4
gcr.io/etcd-development/etcd:v3.4.16
k8s.gcr.io/kube-apiserver:v1.22.2
k8s.gcr.io/kube-controller-manager:v1.22.2
k8s.gcr.io/kube-scheduler:v1.22.2
k8s.gcr.io/kube-proxy:v1.22.2
ghcr.io/talos-systems/kubelet:v1.22.2
ghcr.io/talos-systems/installer:v0.13.0
k8s.gcr.io/pause:3.2
v0.13.0-beta.1
7457d79
Compare
Choose a tag to compare

v0.13.0-beta.1

Pre-release
Pre-release

Talos 0.13.0-beta.1 (2021-10-08)

Welcome to the v0.13.0-beta.1 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/talos-systems/talos/issues.

Hetzner, Scaleway, Upcloud and Vultr

Talos now natively supports four new cloud platforms:

Also generic cloud-init nocloud platform is supported in both networking and storage-based modes.

Component Updates

Linux: 5.10.69
Kubernetes: 1.22.2
containerd: 1.5.6
runc: 1.0.2

Talos is built with Go 1.17.1.

etcd Advertised Address

The address advertised by etcd can now be controlled with new machine configuration option machine.etcd.subnet.

Reboots via kexec

Talos now reboots by default via kexec syscall which means BIOS POST process is skipped.
On bare-metal hardware BIOS POST process might take 10-15 minutes, so Talos reboots 10-15 minutes faster on bare-metal.

Kexec support can be disabled with the following change to the machine configuration:

machine:
  sysctls:
    kernel.kexec_load_disabled: "1"

kubelet Node IP

The addresses picked by kubelet can now be controlled with new machine configuration option machine.kubelet.nodeIP.validSubnets.

Cluster Discovery and KubeSpan

This release of Talos provides initial support for cluster membership discovery and KubeSpan.

These new features are not enabled by default, to enable them please make following changes to the machine configuration:

machine:
  network:
    kubespan:
      enabled: true
cluster:
  discovery:
    enabled: true

Windows Suport

CLI tool talosctl is now built for Windows and published as part of the release.

Contributors

  • Andrey Smirnov
  • Artem Chernyshev
  • Alexey Palazhchenko
  • Seán C McCord
  • Serge Logvinov
  • Andrew Rynhard
  • Olli Janatuinen
  • Spencer Smith
  • Andrey Smirnov
  • Lennard Klein
  • Rui Lopes

Changes

116 commits

  • 7457d79 release(v0.13.0-beta.1): prepare release
  • 250529e fix: revert use ECDSA-SHA256 signature algorithm for Kubernetes certs
  • a3ac9bf fix: sort output of the argument builder
  • 81c3899 fix: use ECDSA-SHA256 signature algorithm for Kubernetes certs
  • bc3e07f feat: suppress logging NTP sync to the console
  • 27a695b fix: add interface route if DHCP4 router is not directly routeable
  • c55b4a5 fix: don't enable 'no new privs' on the system level
  • 3ecec6e chore: build using only amd64 builders
  • d2c7e85 chore: update docker image in the pipeline
  • e82a443 release(v0.13.0-beta.0): prepare release
  • 5f27771 chore: prepare for 0.13-beta release
  • 5e41dd4 feat: add an option to configure kubelet node IP based on subnets
  • 72e4902 chore: allow insecure discovery in debug builds
  • d52befd fix: ignore 404 for AWS external IPs
  • 44a63e9 feat: update containerd to 1.5.6
  • 0e0fb68 release(v0.13.0-alpha.3): prepare release
  • 4044372 feat: harvest discovered endpoints and push them via discovery svc
  • 9a51aa8 feat: add an option to skip downed peers in KubeSpan
  • cbbd7c6 feat: publish node's ExternalIPs as node addresses
  • 0f60ef6 fix: reset inputs back to initial state in secrets.APIController
  • 64cb873 feat: override static pods default args by extra Args
  • ecdd775 test: workaround race in the tests with zaptest package
  • 9c67fde release(v0.13.0-alpha.2): prepare release
  • 30ae714 feat: implement integration with Discovery Service
  • 353d632 feat: add nocloud platform support
  • 628fbf9 chore: update Linux to 5.10.69
  • 62acd62 fix: check trustd API CA on worker nodes
  • ba27bc3 feat: implement Hetzner Cloud support for virtual (shared) IP
  • 95f440e test: add fuzz test for configloader
  • d2cf021 chore: remove deprecated "join" term
  • 0e18e28 chore: bump dependencies
  • b450b7c chore: deprecate Interfaces and Routes APIs
  • cddcb96 fix: find devices without partition table
  • b1b6d61 fix: check for existence of dhcp6 FQDN first
  • 519999b fix: use readonly mode when probing devices with All lookup
  • 2b52042 feat: enable resource API in the maintenance mode
  • 452893c fix: make probe open blockdevice in readonly mode
  • 96bccdd test: update CABPT provider to 0.3 release
  • d9eb18b fix: containerd log symlink
  • efa7f48 docs: quicklinks on landing page
  • 1cb9f28 fix: don't marshal clock with SecretsBundle
  • b27c75b release(v0.13.0-alpha.1): prepare release
  • 9d803d7 chore: bump dependencies and drop firecracker support
  • 50a2410 feat: add operating system version field to discovery
  • 085c61b chore: add a special condition to check for kubeconfig readiness
  • 21cdd85 fix: add node address to the list of allowed IPs (kubespan)
  • fdd80a1 feat: add an option to continue booting on NTP timeout
  • ef36849 feat: add routes, routing rules and nftables rules for KubeSpan
  • ed12379 fix: patch multi nodes support
  • d943bb0 feat: update Kubernetes to 1.22.2
  • d0585fb feat: reboot via kexec
  • 3de505c fix: skip bad cloud-config in OpenStack platform
  • a394d1e fix: tear down control plane static pods when etcd is stopped
  • 1c05089 feat: implement KubeSpan manager for Wireguard peer state
  • ec7f44e fix: completely prevent editing resources other than mc
  • 19a8ae9 feat: add vultr.com cloud support
  • 0ff4c7c fix: write KubernetesCACert chmodded 0400 instead of 0500
  • a1c9d64 fix: update the way results are retrieved for certified conformance
  • a059454 chore: build using Go 1.17
  • 7c5045b release(v0.13.0-alpha.0): prepare release
  • ee2dce6 chore: bump dependencies
  • ef02295 fix: print etcd member ID in hex
  • 5ca1fb8 fix: multiple fixes for KubeSpan and Wireguard implementation
  • b1bd642 fix: build platform images
  • 3b5f403 feat: add scaleway.com cloud support
  • f156ab1 feat: add upcloud.com cloud support
  • c3b2429 fix: suppress spurious Kubernetes API server cert updates
  • ff90b57 feat: implement KubeSpan peer generation controller
  • 14c69df fix: correctly parse multiple pod/service CIDRs
  • 69897db feat: drop some capabilities to be never available
  • 51e9836 docs: promote 0.12 docs to be the latest
  • 812d59c feat: add hetzner.com cloud support
  • d53e9e8 chore: use named constants
  • 2dfe7f1 chore: bump tools to the latest version
  • 82b130e docs: document required options for extraMounts
  • af66221 feat: implement Kubernetes cluster discovery registry
  • 2c66e1b feat: provide building of local Affiliate structure (for the node)
  • d69bd2a chore: enable GPG identity check for Talos
  • 8dbd851 chore: update tools/pkgs/extras to the new version
  • 0b34757 feat: use dynamic NodeAddresses/HostnameStatus in Kubernetes certs
  • bd5b9c9 fix: correctly define example for extraMounts
  • 01cca09 docs: update docs for Talos 0.12 release
  • 668627d feat: add subnet filter for etcd address
  • 3c3c281 chore: bump dependencies via dependabot
  • f8bebba fix: ignore error on duplicate for MountStatus
  • 6956edd feat: add node address filters, filter out k8s addresses for Talos API
  • caee24b feat: implement KubeSpan identity controller
  • da0f6e7 fix: allow updating diskSelector option
  • 761ccaf feat: provide machine configuration for KubeSpan and cluster discovery
  • a81e30c docs: add bootstrap command to VMware docs
  • 97da354 fix: do not panic on invalid machine configs
  • c4048e2 fix: don't extract nil IPs in the GCP platform
  • ba169c6 feat: provide talosctl.exe for Windows
  • 6312f47 fix: properly handle omitempty fields in the validator
  • 7f22879 feat: provide random node identity
  • 032e7c6 chore: import yaml.v3 consistently
  • 80b5f0e fix: validate IP address returned as HTTP response in platform code
  • c9af8f7 docs: fork docs for 0.13
  • 85cda1b feat: provide MountStatus resource for system partition mounts
  • 950f122 chore: update versions in upgrade tests
  • 83fdb77 feat: provide first NIC hardware addr as a resource
  • 5f5ac12 fix: properly case the VMware name
  • 0a6048f fix: don't allow bootstrap if etcd data directory is not empty
  • e24b93b fix: cgroup delegate
  • 751f64f docs: add release notes for 0.12, support matrix
  • 57a7769 feat: update Kubernetes to 1.22.1
  • 244b08c chore: bump dependencies
  • 576ba19 fix: do not set KSPP kernel params in container mode
  • b8c92ed fix: don't support cgroups nesting in process runner
  • 9bb0b79 test: adapt tests to the cgroupsv2
  • 1abc12b fix: extramount should have yaml:",inline" tag
  • 2b614e4 feat: check if cluster has deprecated resources versions
  • 0b86eda fix: don't panic if the machine config doesn't have network (EM)
  • 8bef41e fix: make sure file mode is same (reproducibility issue)
  • fcfca55 chore: do not check that go mod tidy gives empty output
  • 5ce92ca docs: ensure azure VMs are 0 indexed

Changes since v0.13.0-beta.0

9 commits

  • 7457d79 release(v0.13.0-beta.1): prepare release
  • 250529e fix: revert use ECDSA-SHA256 signature algorithm for Kubernetes certs
  • a3ac9bf fix: sort output of the argument builder
  • 81c3899 fix: use ECDSA-SHA256 signature algorithm for Kubernetes certs
  • bc3e07f feat: suppress logging NTP sync to the console
  • 27a695b fix: add interface route if DHCP4 router is not directly routeable
  • c55b4a5 fix: don't enable 'no new privs' on the system level
  • 3ecec6e chore: build using only amd64 builders
  • d2c7e85 chore: update docker image in the pipeline

Changes from talos-systems/discovery-service

19 commits

Changes from talos-systems/extras

3 commits

Changes from talos-systems/go-blockdevice

6 commits

Changes from talos-systems/pkgs

9 commits

Changes from talos-systems/tools

6 commits

Dependency Changes

  • github.com/containerd/go-cni v1.0.2 -> v1.1.0
  • github.com/containernetworking/cni v0.8.1 -> v1.0.1
  • github.com/containernetworking/plugins v0.9.1 -> v1.0.1
  • github.com/cosi-project/runtime 25f235cd0682 -> 5cb7f5002d77
  • github.com/fatih/color v1.12.0 -> v1.13.0
  • github.com/fsnotify/fsnotify v1.4.9 -> v1.5.1
  • github.com/gdamore/tcell/v2 v2.4.0 -> f057f0a857a1
  • github.com/google/nftables 16a134723a96 new
  • github.com/hashicorp/go-getter v1.5.7 -> v1.5.8
  • github.com/hetznercloud/hcloud-go v1.32.0 new
  • github.com/insomniacslk/dhcp 1cac67f12b1e -> b95caade3eac
  • github.com/jsimonetti/rtnetlink 9c52e516c709 -> 435639c8e6a8
  • github.com/jxskiss/base62 4f11678b909b new
  • github.com/mattn/go-isatty v0.0.13 -> v0.0.14
  • github.com/mdlayher/netx 669a06fde734 new
  • github.com/packethost/packngo v0.19.0 -> v0.19.1
  • github.com/prometheus/procfs v0.7.2 -> v0.7.3
  • github.com/rivo/tview 29d673af0ce2 -> ee97a7ab3975
  • github.com/scaleway/scaleway-sdk-go v1.0.0-beta.7 new
  • github.com/talos-systems/discovery-service v0.1.0 new
  • github.com/talos-systems/extras v0.5.0 -> v0.6.0
  • github.com/talos-systems/go-blockdevice v0.2.3 -> v0.2.4
  • github.com/talos-systems/pkgs v0.7.0 -> v0.8.0
  • github.com/talos-systems/tools v0.7.0-1-ga33ccc1 -> v0.8.0
  • github.com/vishvananda/netlink f5de75959ad5 new
  • github.com/vmware-tanzu/sonobuoy v0.53.1 -> v0.53.2
  • github.com/vmware/govmomi v0.26.0 -> v0.26.1
  • github.com/vultr/metadata v1.0.3 new
  • go.uber.org/zap v1.19.0 -> v1.19.1
  • golang.org/x/net 853a461950ff -> 3ad01bbaa167
  • golang.org/x/sys 0f9fa26af87c -> 39ccf1dd6fa6
  • golang.org/x/term 6886f2dfbf5b -> 140adaaadfaf
  • golang.zx2c4.com/wireguard/wgctrl 92e472f520a5 -> 0a2f4901cba6
  • google.golang.org/grpc v1.40.0 -> v1.41.0
  • inet.af/netaddr ce7a8ad02cc1 -> 85fa6c94624e
  • k8s.io/api v0.22.1 -> v0.22.2
  • k8s.io/apimachinery v0.22.1 -> v0.22.2
  • k8s.io/client-go v0.22.1 -> v0.22.2
  • k8s.io/kubectl v0.22.1 -> v0.22.2
  • k8s.io/kubelet v0.22.1 -> v0.22.2
  • kernel.org/pub/linux/libs/security/libcap/cap v1.2.59 new

Previous release can be found at v0.12.0

Images

quay.io/coreos/flannel:v0.13.0
ghcr.io/talos-systems/install-cni:v0.6.0
docker.io/coredns/coredns:1.8.4
gcr.io/etcd-development/etcd:v3.4.16
k8s.gcr.io/kube-apiserver:v1.22.2
k8s.gcr.io/kube-controller-manager:v1.22.2
k8s.gcr.io/kube-scheduler:v1.22.2
k8s.gcr.io/kube-proxy:v1.22.2
ghcr.io/talos-systems/kubelet:v1.22.2
ghcr.io/talos-systems/installer:v0.13.0-beta.1
k8s.gcr.io/pause:3.2
v0.13.0-beta.0