github kinvolk/manifest v3139.1.0
on GitHub

latest releases: v3346.0.0, v3277.1.2, v3227.2.2...
2 years ago

New Beta Release 3139.1.0

Changes since Alpha 3139.0.0

Security fixes

Bug fixes

  • Disabled the systemd-networkd settings ManageForeignRoutes and ManageForeignRoutingPolicyRules by default to ensure that CNIs like Cilium don't get their routes or routing policy rules discarded on network reconfiguration events (Flatcar#620).
  • Prevented hitting races when creating filesystems in Ignition, these races caused boot failures like fsck[1343]: Failed to stat /dev/disk/by-label/ROOT: No such file or directory when creating a btrfs root filesystem (ignition#35)
  • Reverted the Linux kernel change to forbid xfrm id 0 for IPSec state because it broke Cilium (Flatcar#626, coreos-overlay#1682)

Changes

  • Added support for switching back to CGroupsV1 without requiring a reboot. Create /etc/flatcar-cgroupv1 through ignition. (coreos-overlay#1666)

Updates

Changes since Beta 3066.1.2

Security fixes

Bug fixes

  • Excluded the Kubenet cbr0 interface from networkd's DHCP config and set it to Unmanaged to prevent interference and ensure that it is not part of the network online check (init#55)
  • Fixed the dracut emergency Ignition log printing that had a scripting error causing the cat command to fail (bootengine#33)
  • network: Accept ICMPv6 Router Advertisements to fix IPv6 address assignment in the default DHCP setting (init#51, coreos-cloudinit#12, bootengine#30)
  • flatcar-update: Stopped checking for the USER environment variable which may not be set in all environments, causing the script to fail unless a workaround was used like prepending an additional sudo invocation (init#58)
  • Disabled the systemd-networkd settings ManageForeignRoutes and ManageForeignRoutingPolicyRules by default to ensure that CNIs like Cilium don't get their routes or routing policy rules discarded on network reconfiguration events (Flatcar#620).
  • Prevented hitting races when creating filesystems in Ignition, these races caused boot failures like fsck[1343]: Failed to stat /dev/disk/by-label/ROOT: No such file or directory when creating a btrfs root filesystem (ignition#35)
  • Reverted the Linux kernel change to forbid xfrm id 0 for IPSec state because it broke Cilium (Flatcar#626, coreos-overlay#1682)

Changes

  • Update-engine now creates the /run/reboot-required flag file for kured (update_engine#15)
  • Excluded special network interface devices like bridge, tunnel, vxlan, and veth devices from the default DHCP configuration to prevent networkd interference (init#56)
  • Added CONFIG_NF_CT_NETLINK_HELPER (for libnetfilter_cthelper), CONFIG_NET_VRF (for virtual routing and forwarding) and CONFIG_KEY_DH_OPERATIONS (for keyutils) to the kernel config (coreos-overlay#1524)
  • Enabled the FIPS support for the Linux kernel, which users can now choose through a kernel parameter in grub.cfg (check it taking effect with cat /proc/sys/crypto/fips_enabled) (coreos-overlay#1602)
  • Added support for switching back to CGroupsV1 without requiring a reboot. Create /etc/flatcar-cgroupv1 through ignition. (coreos-overlay#1666)
  • Removed the pre-shipped /etc/flatcar/update.conf file, leaving it totally to the user to define the contents as it was unnecessarily overwriting the /use/share/flatcar/update.conf (flatcar-linux/scripts#212)

Updates

Check out latest releases or
releases around kinvolk/manifest v3139.1.0

Don't miss a new manifest release

NewReleases is sending notifications on new releases.

Get notifications