github kinvolk/manifest v3115.0.0

latest releases: v3346.0.0, v3277.1.2, v3227.2.2...
2 years ago

New Alpha release 3115.0.0

Changes since Alpha 3066.0.0

Known issues

  • calico is crashing with Kubernetes 1.23 and Linux 5.15 - it's recommended to switch over iptables instead of ipvs for kube-proxy mode. (projectcalico/calico#5011)
  • The SELinux policy store update fix resulted in some files leaked to the root filesystem top directory (Flatcar#596)

Security fixes

Bug fixes

  • Added configuration files for logrotate (flatcar-linux/coreos-overlay#1442)
  • Fixed ETCD_NAME conflicting with --name for etcd-member to start (flatcar-linux/coreos-overlay#1444)
  • The Torcx profile docker-1.12-no got fixed to reference the current Docker version instead of 19.03 which wasn't found on the image, causing Torcx to fail to provide Docker (flatcar-linux/coreos-overlay#1456)
  • Fix vim warnings on missing file, when built with USE=”minimal” (portage-stable#260)
  • Excluded the Kubenet cbr0 interface from networkd's DHCP config and set it to Unmanaged to prevent interference and ensure that it is not part of the network online check (flatcar-linux/init#55)
  • Ensured that the /run/xtables.lock coordination file exists for modifications of the xtables backend from containers (must be bind-mounted) or the iptables-legacy binaries on the host (flatcar-linux/init#57)
  • AWS: Published missing arm64 AMIs for stable & beta (flatcar-linux/scripts#188, flatcar-linux/scripts#189)
  • dev container: Fixed github URL for coreos-overlay and portage-stable to use repos from flatcar-linux org directly instead of relying on redirects from the kinvolk org. This fixes checkouts with emerge-gitclone inside dev-container. (flatcar-linux/scripts#194)
  • SDK: Fixed build error popping up in the new SDK Container because policycoreutils used the wrong ROOT to update the SELinux store (flatcar-linux/coreos-overlay#1502)

Changes

  • Flatcar is in the NIST CPE dictionary. Programmatically build the CPE_NAME in the build process in order to be scanned (flatcar-linux/Flatcar#536)
  • Added a new flatcar-update tool to the image to ease manual updates, rollbacks, channel/release jumping, and airgapped updates (flatcar-linux/init#53)
  • Update-engine now creates the /run/reboot-required flag file for kured (flatcar-linux/update_engine#15)
  • Excluded special network interface devices like bridge, tunnel, vxlan, and veth devices from the default DHCP configuration to prevent networkd interference (flatcar-linux/init#56)
  • Backported elf support for iproute2 (flatcar-linux/coreos-overlay#1256)
  • Added CONFIG_NF_CT_NETLINK_HELPER (for libnetfilter_cthelper), CONFIG_NET_VRF (for virtual routing and forwarding) and CONFIG_KEY_DH_OPERATIONS (for keyutils) to the kernel config (flatcar-linux/coreos-overlay#1524)

Updates

Don't miss a new manifest release

NewReleases is sending notifications on new releases.