bottlerocket-os/bottlerocket v1.9.0

on GitHub

OS Changes

• SELinux policy now suppresses audit for tmpfs relabels (#2222)
• Restrict permissions for /boot and System.map (#2223)
• Remove unused crates growpart and servicedog (#2238)
• New mount in host containers for system logs (#2295)
• Apply strict mount options and enforce execution rules (#2239)
• Switch to a more commonly used syntax for disabling kernel config settings (#2290)
• Respect proxy settings when running setting generators (#2227)
• Add NET_CAP_ADMIN to bootstrap containers (#2266)
• Reduce log output for DHCP services (#2260)
• Fix invalid kernel config options (#2269)
• Improve support for container storage mounts (#2240)
• Disable uncommon filesystems and network protocols (#2255)
• Add support for blocking kernel modules (#2274)
• Fix ntp service restart when settings change (#2270)
• Add kernel 5.15 sources (#2226)
• Defer squashfs mounts to later in the boot process (#2276)
• Improve boot speed and rootfs size (#2296)
• Add "quiet" kernel parameter for some variants (#2277)

Orchestrator Changes

Kubernetes

• Make new instance types available (#2221 , thanks @cablespaghetti)
• Update Kubernetes versions (#2230, #2232, #2262, #2263, thanks @kschumy)
• Add kubelet image GC threshold settings (#2219)

ECS

• Add iptables rules for ECS introspection server (#2267)

Platform Changes

AWS

• Add support for AWS China regions (#2224, #2242, #2247, #2285)
• Migrate to using aws-sdk-rust for first-party OS Rust packages (#2300)

VMWare

• Remove console=ttyS0 from kernel params (#2248)

Metal

• Enable Mellanox modules in 5.10 kernel (#2241)
• Add bnxt module for Broadcom 10/25Gb network adapters in 5.10 kernel (#2243)
• Split out baremetal specific config options (#2264)
• Add driver support for Cisco UCS platforms (#2271)
• Only build baremetal variant specific drivers for baremetal variants (#2279)
• Enable the metal-dev build for the ARM architecture (#2272)

Build Changes

• Add Makefile targets to create and validate Boot Configuration (#2189)
• Create symlinks to images with friendly names (#2215)
• Add start-local-vm script (#2194)
• Add the testsys CLI and new cargo make tasks for testing aws-k8s variants (#2165)
• Update Rust and Go dependencies (#2303, #2299)
• Update third-party packages (#2309)

Documentation Changes

• Add NVIDIA ECS variant to README (#2244)
• Add documentation for metal variants (#2205)
• Add missing step in building packages guide (#2259)
• Add quickstart for running Bottlerocket in QEMU/KVM VMs (#2280)
• Address lints in README markdown caught by markdownlint (#2283)