New Alpha release 2983.0.0
Update to CGroupsV2
As of Alpha version 2969.0.0, Flatcar Container Linux migrates to the unified cgroup hierarchy (aka CGroupsV2)! New nodes will utilize CGroupsV2 by default. Existing nodes remain on CGroupsV1 and need to be manually migrated to CGroupsV2. To learn more about CGroupsV2 on Flatcar Container Linux and the migration guide, please refer to https://kinvolk.io/docs/flatcar-container-linux/latest/container-runtimes/switching-to-unified-cgroups/
Changes since Alpha 2969.0.0
Security fixes
- Linux (CVE-2021-3653, CVE-2021-3656, CVE-2021-38166)
- openssl (CVE-2021-3711, CVE-2021-3712)
- c-ares (CVE-2021-3672)
Bug Fixes
- Re-enabled kernel config FS_ENCRYPTION (coreos-overlay#1212)
- Fixed Perl in dev-container (coreos-overlay#1238)
- Fixed containerd config after introduction of CGroupsV2 (coreos-overlay#1214)
- Fixed path for amazon-ssm-agent in base-ec2.ign (coreos-overlay#1228)
- flatcar-install: randomized OEM filesystem UUID if mounting fails (init#47)
- Fixed null-pointer deref crash in Ignition when specifying the OEM filesystem without a label (ignition#25)
- Fixed locksmith adhering to reboot window when getting the etcd lock (locksmith#10)
Changes
- Added Azure Generation 2 VM support (coreos-overlay#1198)
- Switched Docker ecosystem packages to go1.16 (coreos-overlay#1217)
- Added lbzip2 binary to the image (coreos-overlay#1221)
- flatcar-install uses lbzip2 if present, falls back on bzip2 if not (init#46)
- Added Intel E800 series network adapter driver (coreos-overlay#1237)
- Enabled 'audit' use flag for sys-libs/pam (coreos-overlay#1233)
- Bumped etcd and flannel to respectively
3.5.0
,0.14.0
to get multiarch images for arm64 support. Note for users of the old etcd v2 support:ETCDCTL_API=2
must be set to use v2 store as well asETCD_ENABLE_V2=true
in theetcd-member.service
- this support will be removed in3.6.0
(coreos-overlay#1179)
Updates
- Linux (5.10.61)
- Linux firmware (20210818)
- openssl (1.1.1l)
- c-ares (1.17.2)
- docker (20.10.8)
- etcd (3.5.0)
- flannel (0.14.0)
- runc (1.0.2)
- strace (5.12)
- wa-linux-agent (2.3.1.1)
Note: Please note that ARM images remain experimental for now.