siderolabs/talos v1.12.0-alpha.0 on GitHub

Talos 1.12.0-alpha.0 (2025-09-02)

Welcome to the v1.12.0-alpha.0 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

Linux: 6.16.4

Talos is built with Go 1.25.0.

Contributors

Andrey Smirnov
Dmitrii Sharshakov
Noel Georgi
Orzelius
Oguz Kilcan
Amarachi Iheanacho
Mateusz Urbanek
459below
Alp Celik
Andrew Longwill
Dmitry
George Gaál
Guillaume LEGRAIN
Justin Garrison
Misha Aksenov
MrMrRubic
Olivier Doucet
Tom
Utku Ozdemir
kassad

Changes

99 commits

b9fb09dcd release(v1.12.0-alpha.0): prepare release
6a389cad3 chore: update dependencies
9d98c2e89 feat: add a cgroup preset for PSI and --skip-cri-resolve
072f77b16 chore: prepare for future Talos 1.12-alpha.0 release
96f41ce88 docs: update qemu and docker docs
a751cd6b7 docs: activate Talos v1.11 docs by default
e8f1ec1c5 docs: fix broken create qemu command v1.11 docs
639f0dfdd feat: update Linux to 6.16.4
8aa7b3933 fix: bring back linux/armv7 build and update xz
9cae7ba6b feat: update CoreDNS to 1.12.3
cfef3ad45 fix: drop linux/armv7 build
42ea2ac50 fix: update xz module (security)
4fcfd35b9 docs: fix module name example
50824599a chore: update some tools
bcd297490 feat: allow Ed25119 in FIPS mode
5992138bb test: ignore one leaking goroutine
d155326c1 docs: add sbc unofficial ports docs
285fa7d22 docs: add the deploy application docs
527791f09 feat: update Kubernetes to 1.34.0
a1c0e237d feat: update Linux to 6.15.11, Go to 1.25
4d7fc25f8 docs: switch order of wipe disk command
7368a994d feat: add SOCKS5 proxy support to dynamic proxy dialer
d63591069 chore: silence linter warnings
07eb4d7ec fix: set default ram unit to MiB instead of MB
6b732adc4 feat: update Linux to 6.12.43
b6410914f feat: add human readable byte size cli flags
ec70cef99 feat: update NVIDIA drivers and kernel
0879efa69 feat: update Kubernetes default to v1.34.0-rc.2
f504639df feat: add a user-facing create qemu command
558e0b09a test: fix the Image Factory PXE boot test
d73f0a2e5 docs: make readme badges consistent
f1369af98 chore: use new filesystem api on STATE partition
366cedbe7 docs: link to kubernetes linux swap tuning
2f5a16f5e fix: make --with-uuid-hostnames functionality available to qemu provider
70612c1f9 refactor: split the PlatformConfigController
511748339 docs: add system extension tier documentation
009fb1540 test: don't run nvidia tests on integration/aws
99674ef20 docs: apply fixes for what is new
92db677b5 fix: image cache lockup on a missing volume
9c97ed886 fix: version contract parsing in encryption keys handling
1fc670a08 fix: dial with proxy
18447d0af feat: update Linux to 6.12.41
f65f39b78 fix: provide mitigation CVE-1999-0524
8817cc60c fix: actually use SIDEROV1_KEYS_DIR env var if it's provided
b08b20a10 feat: use key provider with fallback option for auth type SideroV1
7a52d7489 fix: kubernetes upgrade options for kubelet
ea8289f55 feat: add a user facing docker command
54ad64765 chore: re-enable vulncheck
26bbddea9 fix: darwin build
b5d5ef79e fix: set secs field in DHCPv4 packets
c07911933 chore: refactor how tools are being installed
34f25815c docs: fork docs for v1.12
b66b995d3 feat: update default Kubernetes to v1.34.0-rc.1
b967c587d docs: fix clone URL to include .git
b72c68398 docs: edit the insecure, etcd-metrics, inline and extramanifests
e5b9c1fff docs: remov RAS Syndrome
701fe774b docs: fix cilium links and bump to 1.18.0
d306713a1 feat: update Go to 1.24.6
721595a00 chore: add deadcode elimination linter
dc4865915 refactor: stop using text/template in machined code paths
545be55ed feat: add a pause function to dashboard
06a6c0fe3 refactor: fix deadcode elimination with godbus
2dce8f8d4 refactor: replace containerd/containerd/v2 module for proper DCE
9b11d8608 chore: rekres to configure slack notify workflow for CI failures
5ce6a660f docs: augment the pod security docs
ada51ff69 fix: unmarshal encryption STATE from META
b9e9b2e07 docs: add what is new notes for 1.11
53055bdf4 docs: fix typo in kubevirt page
8d12db480 fix: one more attempt to fix volume mount race on restart
34d37a268 chore: rekres to use correct slack channel for slack-notify
326a00538 feat: implement talos.config.early command line arg
a5f3000f2 feat: implement encryption locking to STATE
c1e65a342 docs: remove talos API flags from mgmt commands
181d0bbf5 feat: bootedentry resource
7ad439ac3 fix: enforce minimum size on user volumes if not set explicitly
50e37aefd fix: live reload of TLS client config for discovery client
87efd75ef feat: update containerd to 2.1.4
724b9de6d feat: add F71808E watchdog driver
8af96f7af docs: add ETCD downgrade documentation
44edd205d docs: add remark about 'exclude-from-external-load-balancers' label
727101926 fix(ci): use a random suffix for ami names
d621ce372 fix: grype scan
d62e255c2 fix: issues with reading GPT
5d0883e14 feat: update PCI DB module to v0.3.2
3751c8ccf test: wait for service account test job longer
a592eb9f9 feat: update Linux to 6.12.40
4c40e6d3f feat: update etcd to 3.6.4
2bc37bd2c docs: fix error in kernel module guide
bfc57fb86 chore: tag aws snapshots created via ci with the image name
06ef7108a fix: issue with volume remount on service restart
03efbff18 docs: add SBOM documentation
af8a2869d fix: do not download artifacts for cron Grype scan
5f442159b feat: unify disk encryption configuration
38e176e59 chore(ci): fix datasource versioning
85d6b9198 feat: update etcd to v3.5.22
dd7bd2dab docs: rewrite the getting started and prod docs for v1.10 and v1.11
136a899aa chore: regenerate release step with signing fixes
450b30d5a chore(ci): add more nvidia test matrix
451c2c4c3 test: add talosctl:latest to the image cache

Changes from siderolabs/go-debug

1 commit

siderolabs/go-debug@e21721b chore: add support for Go 1.25

Changes from siderolabs/go-loadbalancer

1 commit

siderolabs/go-loadbalancer@5e7a8b2 feat: add jitter and initial health check wait support to upstreams

Changes from siderolabs/pkgs

16 commits

siderolabs/pkgs@2447e11 feat: update Linux to 6.16, GCC to 15
siderolabs/pkgs@2cfb920 feat: update Linux to 6.15.11, update tools, rekres
siderolabs/pkgs@ab4e975 feat: update Linux to 6.12.43
siderolabs/pkgs@cd67e36 chore: update kernel config to support max SMP CPUs
siderolabs/pkgs@e3b2094 fix: fix build for new NVIDIA drivers
siderolabs/pkgs@fd5fdfd feat: update Nvidia LTS to 580.65.06 and production to 570.172.08
siderolabs/pkgs@0edf426 fix: backport CVE kernel patches to 6.12
siderolabs/pkgs@26d8fef feat: enable Infiniband IRDMA support
siderolabs/pkgs@16b5fac fix: re-enable CPUSETS_V1 cgroups controller
siderolabs/pkgs@fd53886 feat: update backportable dependencies
siderolabs/pkgs@d5f7467 feat: update Go to 1.24.6
siderolabs/pkgs@0bd019f feat: update containerd to 2.1.4
siderolabs/pkgs@0ba8b5b feat: enable F71808E watchdog driver
siderolabs/pkgs@895a86b fix: enable ISCSI IBFT
siderolabs/pkgs@a76a67c feat: update Linux to 6.12.40
siderolabs/pkgs@8b0a561 feat: enable bootloader control on amd64

Changes from siderolabs/tools

6 commits

siderolabs/tools@7c659e9 feat: update to GCC 15
siderolabs/tools@83fd7b7 feat: migrate from pkg-config to pkgconf
siderolabs/tools@edafd5f feat: update toolchain for new Go and Linux headers
siderolabs/tools@65789c7 chore: drop unused vars from Pkgfile
siderolabs/tools@52db66e chore: drop protobuf-related stuff from tools
siderolabs/tools@e3c3ef2 feat: update Go to 1.24.6

Dependency Changes

cloud.google.com/go/compute/metadata v0.7.0 -> v0.8.0
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.1 -> v1.19.0
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1 -> v1.11.0
github.com/aws/aws-sdk-go-v2/config v1.29.17 -> v1.31.6
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.32 -> v1.18.6
github.com/aws/aws-sdk-go-v2/service/kms v1.41.2 -> v1.45.1
github.com/aws/smithy-go v1.22.4 -> v1.23.0
github.com/containernetworking/plugins v1.7.1 -> v1.8.0
github.com/docker/go-connections v0.5.0 -> v0.6.0
github.com/gdamore/tcell/v2 v2.8.1 -> v2.9.0
github.com/google/cel-go v0.26.0 -> v0.26.1
github.com/gopacket/gopacket v1.3.1 -> v1.4.0
github.com/mdlayher/netlink fbb4dce95f42 -> v1.8.0
github.com/miekg/dns v1.1.67 -> v1.1.68
github.com/rivo/tview a4a78f1e05cb -> v0.42.0
github.com/safchain/ethtool v0.6.1 -> v0.6.2
github.com/siderolabs/go-debug v0.5.0 -> v0.6.0
github.com/siderolabs/go-loadbalancer v0.4.0 -> v0.5.0
github.com/siderolabs/pkgs v1.11.0-15-g2ac857a -> v1.12.0-alpha.0-14-g2447e11
github.com/siderolabs/talos/pkg/machinery v1.11.0 -> v1.12.0-alpha.0
github.com/siderolabs/tools v1.11.0-2-g8556c73 -> v1.12.0-alpha.0-5-g7c659e9
github.com/spf13/cobra v1.9.1 -> v1.10.1
github.com/spf13/pflag v1.0.7 -> v1.0.9
github.com/stretchr/testify v1.10.0 -> v1.11.1
github.com/u-root/u-root v0.14.0 -> v0.15.0
golang.org/x/net v0.42.0 -> v0.43.0
golang.org/x/sys v0.34.0 -> v0.35.0
golang.org/x/term v0.33.0 -> v0.34.0
golang.org/x/text v0.27.0 -> v0.28.0
google.golang.org/grpc v1.73.0 -> v1.75.0
google.golang.org/protobuf v1.36.6 -> v1.36.8
k8s.io/utils 4c0f3b243397 -> 0af2bda4dd1d

Previous release can be found at v1.11.0

Images

ghcr.io/siderolabs/flannel:v0.27.2
registry.k8s.io/coredns/coredns:v1.12.3
gcr.io/etcd-development/etcd:v3.6.4
registry.k8s.io/kube-apiserver:v1.34.0
registry.k8s.io/kube-controller-manager:v1.34.0
registry.k8s.io/kube-scheduler:v1.34.0
registry.k8s.io/kube-proxy:v1.34.0
ghcr.io/siderolabs/kubelet:v1.34.0
ghcr.io/siderolabs/installer:v1.12.0-alpha.0
registry.k8s.io/pause:3.10