github siderolabs/talos v0.13.0-beta.1

latest releases: v1.8.3, pkg/machinery/v1.8.3, v1.9.0-alpha.2...
pre-release3 years ago

Talos 0.13.0-beta.1 (2021-10-08)

Welcome to the v0.13.0-beta.1 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/talos-systems/talos/issues.

Hetzner, Scaleway, Upcloud and Vultr

Talos now natively supports four new cloud platforms:

Also generic cloud-init nocloud platform is supported in both networking and storage-based modes.

Component Updates

Linux: 5.10.69
Kubernetes: 1.22.2
containerd: 1.5.6
runc: 1.0.2

Talos is built with Go 1.17.1.

etcd Advertised Address

The address advertised by etcd can now be controlled with new machine configuration option machine.etcd.subnet.

Reboots via kexec

Talos now reboots by default via kexec syscall which means BIOS POST process is skipped.
On bare-metal hardware BIOS POST process might take 10-15 minutes, so Talos reboots 10-15 minutes faster on bare-metal.

Kexec support can be disabled with the following change to the machine configuration:

machine:
  sysctls:
    kernel.kexec_load_disabled: "1"

kubelet Node IP

The addresses picked by kubelet can now be controlled with new machine configuration option machine.kubelet.nodeIP.validSubnets.

Cluster Discovery and KubeSpan

This release of Talos provides initial support for cluster membership discovery and KubeSpan.

These new features are not enabled by default, to enable them please make following changes to the machine configuration:

machine:
  network:
    kubespan:
      enabled: true
cluster:
  discovery:
    enabled: true

Windows Suport

CLI tool talosctl is now built for Windows and published as part of the release.

Contributors

  • Andrey Smirnov
  • Artem Chernyshev
  • Alexey Palazhchenko
  • Seán C McCord
  • Serge Logvinov
  • Andrew Rynhard
  • Olli Janatuinen
  • Spencer Smith
  • Andrey Smirnov
  • Lennard Klein
  • Rui Lopes

Changes

116 commits

  • 7457d7939 release(v0.13.0-beta.1): prepare release
  • 250529e19 fix: revert use ECDSA-SHA256 signature algorithm for Kubernetes certs
  • a3ac9bfd8 fix: sort output of the argument builder
  • 81c389926 fix: use ECDSA-SHA256 signature algorithm for Kubernetes certs
  • bc3e07f68 feat: suppress logging NTP sync to the console
  • 27a695be5 fix: add interface route if DHCP4 router is not directly routeable
  • c55b4a5ee fix: don't enable 'no new privs' on the system level
  • 3ecec6ecc chore: build using only amd64 builders
  • d2c7e855c chore: update docker image in the pipeline
  • e82a443e8 release(v0.13.0-beta.0): prepare release
  • 5f277713f chore: prepare for 0.13-beta release
  • 5e41dd4a6 feat: add an option to configure kubelet node IP based on subnets
  • 72e49029e chore: allow insecure discovery in debug builds
  • d52befd1a fix: ignore 404 for AWS external IPs
  • 44a63e9a4 feat: update containerd to 1.5.6
  • 0e0fb6847 release(v0.13.0-alpha.3): prepare release
  • 4044372e1 feat: harvest discovered endpoints and push them via discovery svc
  • 9a51aa835 feat: add an option to skip downed peers in KubeSpan
  • cbbd7c682 feat: publish node's ExternalIPs as node addresses
  • 0f60ef6d3 fix: reset inputs back to initial state in secrets.APIController
  • 64cb873ec feat: override static pods default args by extra Args
  • ecdd7757f test: workaround race in the tests with zaptest package
  • 9c67fde75 release(v0.13.0-alpha.2): prepare release
  • 30ae71424 feat: implement integration with Discovery Service
  • 353d632ae feat: add nocloud platform support
  • 628fbf9b4 chore: update Linux to 5.10.69
  • 62acd6251 fix: check trustd API CA on worker nodes
  • ba27bc366 feat: implement Hetzner Cloud support for virtual (shared) IP
  • 95f440eaa test: add fuzz test for configloader
  • d2cf021d8 chore: remove deprecated "join" term
  • 0e18e2800 chore: bump dependencies
  • b450b7cef chore: deprecate Interfaces and Routes APIs
  • cddcb9622 fix: find devices without partition table
  • b1b6d6136 fix: check for existence of dhcp6 FQDN first
  • 519999b84 fix: use readonly mode when probing devices with All lookup
  • 2b5204200 feat: enable resource API in the maintenance mode
  • 452893c26 fix: make probe open blockdevice in readonly mode
  • 96bccdd3b test: update CABPT provider to 0.3 release
  • d9eb18bfd fix: containerd log symlink
  • efa7f48e0 docs: quicklinks on landing page
  • 1cb9f282b fix: don't marshal clock with SecretsBundle
  • b27c75b30 release(v0.13.0-alpha.1): prepare release
  • 9d803d75b chore: bump dependencies and drop firecracker support
  • 50a241048 feat: add operating system version field to discovery
  • 085c61b2e chore: add a special condition to check for kubeconfig readiness
  • 21cdd8540 fix: add node address to the list of allowed IPs (kubespan)
  • fdd80a123 feat: add an option to continue booting on NTP timeout
  • ef3684989 feat: add routes, routing rules and nftables rules for KubeSpan
  • ed12379f2 fix: patch multi nodes support
  • d943bb0e2 feat: update Kubernetes to 1.22.2
  • d0585fb6b feat: reboot via kexec
  • 3de505c89 fix: skip bad cloud-config in OpenStack platform
  • a394d1e20 fix: tear down control plane static pods when etcd is stopped
  • 1c05089bb feat: implement KubeSpan manager for Wireguard peer state
  • ec7f44efe fix: completely prevent editing resources other than mc
  • 19a8ae97c feat: add vultr.com cloud support
  • 0ff4c7cdb fix: write KubernetesCACert chmodded 0400 instead of 0500
  • a1c9d6490 fix: update the way results are retrieved for certified conformance
  • a05945404 chore: build using Go 1.17
  • 7c5045bd9 release(v0.13.0-alpha.0): prepare release
  • ee2dce6c1 chore: bump dependencies
  • ef0229592 fix: print etcd member ID in hex
  • 5ca1fb822 fix: multiple fixes for KubeSpan and Wireguard implementation
  • b1bd64250 fix: build platform images
  • 3b5f4038d feat: add scaleway.com cloud support
  • f156ab184 feat: add upcloud.com cloud support
  • c3b2429ce fix: suppress spurious Kubernetes API server cert updates
  • ff90b5751 feat: implement KubeSpan peer generation controller
  • 14c69df50 fix: correctly parse multiple pod/service CIDRs
  • 69897dbba feat: drop some capabilities to be never available
  • 51e9836b0 docs: promote 0.12 docs to be the latest
  • 812d59c70 feat: add hetzner.com cloud support
  • d53e9e896 chore: use named constants
  • 2dfe7f1fc chore: bump tools to the latest version
  • 82b130e78 docs: document required options for extraMounts
  • af6622109 feat: implement Kubernetes cluster discovery registry
  • 2c66e1b3c feat: provide building of local Affiliate structure (for the node)
  • d69bd2af3 chore: enable GPG identity check for Talos
  • 8dbd851fd chore: update tools/pkgs/extras to the new version
  • 0b347570a feat: use dynamic NodeAddresses/HostnameStatus in Kubernetes certs
  • bd5b9c96e fix: correctly define example for extraMounts
  • 01cca099f docs: update docs for Talos 0.12 release
  • 668627d5b feat: add subnet filter for etcd address
  • 3c3c281bf chore: bump dependencies via dependabot
  • f8bebba2d fix: ignore error on duplicate for MountStatus
  • 6956edd0b feat: add node address filters, filter out k8s addresses for Talos API
  • caee24bf6 feat: implement KubeSpan identity controller
  • da0f6e7e1 fix: allow updating diskSelector option
  • 761ccaf32 feat: provide machine configuration for KubeSpan and cluster discovery
  • a81e30cb4 docs: add bootstrap command to VMware docs
  • 97da354cc fix: do not panic on invalid machine configs
  • c4048e263 fix: don't extract nil IPs in the GCP platform
  • ba169c6f9 feat: provide talosctl.exe for Windows
  • 6312f473e fix: properly handle omitempty fields in the validator
  • 7f22879af feat: provide random node identity
  • 032e7c6b8 chore: import yaml.v3 consistently
  • 80b5f0e7f fix: validate IP address returned as HTTP response in platform code
  • c9af8f7ff docs: fork docs for 0.13
  • 85cda1b95 feat: provide MountStatus resource for system partition mounts
  • 950f122c9 chore: update versions in upgrade tests
  • 83fdb7721 feat: provide first NIC hardware addr as a resource
  • 5f5ac12f1 fix: properly case the VMware name
  • 0a6048f46 fix: don't allow bootstrap if etcd data directory is not empty
  • e24b93b4e fix: cgroup delegate
  • 751f64f9b docs: add release notes for 0.12, support matrix
  • 57a77696e feat: update Kubernetes to 1.22.1
  • 244b08cc1 chore: bump dependencies
  • 576ba1957 fix: do not set KSPP kernel params in container mode
  • b8c92ede5 fix: don't support cgroups nesting in process runner
  • 9bb0b7970 test: adapt tests to the cgroupsv2
  • 1abc12be1 fix: extramount should have yaml:",inline" tag
  • 2b614e430 feat: check if cluster has deprecated resources versions
  • 0b86edab8 fix: don't panic if the machine config doesn't have network (EM)
  • 8bef41e4b fix: make sure file mode is same (reproducibility issue)
  • fcfca55a0 chore: do not check that go mod tidy gives empty output
  • 5ce92ca51 docs: ensure azure VMs are 0 indexed

Changes since v0.13.0-beta.0

9 commits

  • 7457d7939 release(v0.13.0-beta.1): prepare release
  • 250529e19 fix: revert use ECDSA-SHA256 signature algorithm for Kubernetes certs
  • a3ac9bfd8 fix: sort output of the argument builder
  • 81c389926 fix: use ECDSA-SHA256 signature algorithm for Kubernetes certs
  • bc3e07f68 feat: suppress logging NTP sync to the console
  • 27a695be5 fix: add interface route if DHCP4 router is not directly routeable
  • c55b4a5ee fix: don't enable 'no new privs' on the system level
  • 3ecec6ecc chore: build using only amd64 builders
  • d2c7e855c chore: update docker image in the pipeline

Changes from talos-systems/discovery-service

19 commits

Changes from talos-systems/extras

3 commits

Changes from talos-systems/go-blockdevice

6 commits

Changes from talos-systems/pkgs

9 commits

Changes from talos-systems/tools

6 commits

Dependency Changes

  • github.com/containerd/go-cni v1.0.2 -> v1.1.0
  • github.com/containernetworking/cni v0.8.1 -> v1.0.1
  • github.com/containernetworking/plugins v0.9.1 -> v1.0.1
  • github.com/cosi-project/runtime 25f235cd0682 -> 5cb7f5002d77
  • github.com/fatih/color v1.12.0 -> v1.13.0
  • github.com/fsnotify/fsnotify v1.4.9 -> v1.5.1
  • github.com/gdamore/tcell/v2 v2.4.0 -> f057f0a857a1
  • github.com/google/nftables 16a134723a96 new
  • github.com/hashicorp/go-getter v1.5.7 -> v1.5.8
  • github.com/hetznercloud/hcloud-go v1.32.0 new
  • github.com/insomniacslk/dhcp 1cac67f12b1e -> b95caade3eac
  • github.com/jsimonetti/rtnetlink 9c52e516c709 -> 435639c8e6a8
  • github.com/jxskiss/base62 4f11678b909b new
  • github.com/mattn/go-isatty v0.0.13 -> v0.0.14
  • github.com/mdlayher/netx 669a06fde734 new
  • github.com/packethost/packngo v0.19.0 -> v0.19.1
  • github.com/prometheus/procfs v0.7.2 -> v0.7.3
  • github.com/rivo/tview 29d673af0ce2 -> ee97a7ab3975
  • github.com/scaleway/scaleway-sdk-go v1.0.0-beta.7 new
  • github.com/talos-systems/discovery-service v0.1.0 new
  • github.com/talos-systems/extras v0.5.0 -> v0.6.0
  • github.com/talos-systems/go-blockdevice v0.2.3 -> v0.2.4
  • github.com/talos-systems/pkgs v0.7.0 -> v0.8.0
  • github.com/talos-systems/tools v0.7.0-1-ga33ccc1 -> v0.8.0
  • github.com/vishvananda/netlink f5de75959ad5 new
  • github.com/vmware-tanzu/sonobuoy v0.53.1 -> v0.53.2
  • github.com/vmware/govmomi v0.26.0 -> v0.26.1
  • github.com/vultr/metadata v1.0.3 new
  • go.uber.org/zap v1.19.0 -> v1.19.1
  • golang.org/x/net 853a461950ff -> 3ad01bbaa167
  • golang.org/x/sys 0f9fa26af87c -> 39ccf1dd6fa6
  • golang.org/x/term 6886f2dfbf5b -> 140adaaadfaf
  • golang.zx2c4.com/wireguard/wgctrl 92e472f520a5 -> 0a2f4901cba6
  • google.golang.org/grpc v1.40.0 -> v1.41.0
  • inet.af/netaddr ce7a8ad02cc1 -> 85fa6c94624e
  • k8s.io/api v0.22.1 -> v0.22.2
  • k8s.io/apimachinery v0.22.1 -> v0.22.2
  • k8s.io/client-go v0.22.1 -> v0.22.2
  • k8s.io/kubectl v0.22.1 -> v0.22.2
  • k8s.io/kubelet v0.22.1 -> v0.22.2
  • kernel.org/pub/linux/libs/security/libcap/cap v1.2.59 new

Previous release can be found at v0.12.0

Images

quay.io/coreos/flannel:v0.13.0
ghcr.io/talos-systems/install-cni:v0.6.0
docker.io/coredns/coredns:1.8.4
gcr.io/etcd-development/etcd:v3.4.16
k8s.gcr.io/kube-apiserver:v1.22.2
k8s.gcr.io/kube-controller-manager:v1.22.2
k8s.gcr.io/kube-scheduler:v1.22.2
k8s.gcr.io/kube-proxy:v1.22.2
ghcr.io/talos-systems/kubelet:v1.22.2
ghcr.io/talos-systems/installer:v0.13.0-beta.1
k8s.gcr.io/pause:3.2

Don't miss a new talos release

NewReleases is sending notifications on new releases.