Talos 0.13.1 (2021-10-25)
Welcome to the v0.13.1 release of Talos!
Please try out the release binaries and report any issues at
https://github.com/talos-systems/talos/issues.
Kexec and capabilities
When kexec support is disabled Talos no longer drops Linux capabilities (CAP_SYS_BOOT and CAP_SYS_MODULES) for child processes.
That is helpful for advanced use-cases like Docker-in-Docker.
If you want to permanently disable kexec and capabilities dropping, pass kexec_load_disabled=1 argument to the kernel.
For example:
install:
extraKernelArgs:
- sysctl.kernel.kexec_load_disabled=1Please note that capabilities are dropped before machine configuration is loaded,
so disabling kexec via machine.sysctls (like in the section Reboots via kexec) will not be enough.
Contributors
- Andrey Smirnov
- Alexey Palazhchenko
- Spencer Smith
Changes
7 commits
- de843ecdf release(v0.13.1): prepare release
- 39e9a6ab4 test: update GCP e2e script to work with new templates
- 0a51dcb79 test: update vars for AWS cluster
- a770bbef7 fix: handle skipped mounts correctly
- cdf9a5ee6 fix: treat literal 'unknown' as a valid machine type
- fc35c82f6 feat: don't drop capabilities if kexec is disabled
- 4aa988507 fix: delete expired affiliates from the discovery service
Changes from talos-systems/discovery-service
5 commits
- siderolabs/discovery-service@95593b8 feat: implement landing page for the discovery service
- siderolabs/discovery-service@b579076 fix: update affiliate state correctly when they get deleted
- siderolabs/discovery-service@49e53b1 fix: cluster with some subscriptions isn't empty
- siderolabs/discovery-service@9b5eeae chore: add go-debug
- siderolabs/discovery-service@1655040 chore: improve state logging
Dependency Changes
- github.com/talos-systems/discovery-service v0.1.0 -> v0.1.1
Previous release can be found at v0.13.0
Images
quay.io/coreos/flannel:v0.13.0
ghcr.io/talos-systems/install-cni:v0.6.0
docker.io/coredns/coredns:1.8.4
gcr.io/etcd-development/etcd:v3.4.16
k8s.gcr.io/kube-apiserver:v1.22.2
k8s.gcr.io/kube-controller-manager:v1.22.2
k8s.gcr.io/kube-scheduler:v1.22.2
k8s.gcr.io/kube-proxy:v1.22.2
ghcr.io/talos-systems/kubelet:v1.22.2
ghcr.io/talos-systems/installer:v0.13.1
k8s.gcr.io/pause:3.2