github siderolabs/talos v1.3.0-alpha.0

latest releases: v1.8.3, pkg/machinery/v1.8.3, v1.9.0-alpha.2...
pre-release2 years ago

Talos 1.3.0-alpha.0 (2022-09-28)

Welcome to the v1.3.0-alpha.0 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

kube-apiserver Audit Policy

Talos now supports setting custom audit policy for kube-apiserver in the machine configuration.

etcd Consistency Check

Talos enables --experimental-compact-hash-check-enabled option by default to improve
etcd store consistency guarantees.

This options is only available with etcd >= v3.5.5, so Talos doesn't support version of etcd before v3.5.5.

Kernel Modules

Talos now supports settings kernel module parameters.

Eg:

machine:
  kernel:
    modules:
      - name: "br_netfilter"
        parameters:
          - nf_conntrack_max=131072

Nano Pi R4S

Talos now supports the Nano Pi R4S SBC.

Raspberry Generic Images

The Raspberry Pi 4 specific image has been deprecated and will be removed in the v1.4 release of Talos.
Talos now ships a generic Raspberry Pi image that should support more Raspberry Pi variants.
Refer to the docs at https://www.talos.dev/v1.3/talos-guides/install/single-board-computers/rpi_generic/ to find which ones are supported.

Component Updates

  • Kubernetes: v1.26.0-alpha.1
  • Flannel: v0.19.2
  • CoreDNS: v1.10.0
  • etcd: v3.5.5
  • Linux: 5.15.70

Contributors

  • Andrey Smirnov
  • Noel Georgi
  • Andrey Smirnov
  • Artem Chernyshev
  • Dmitriy Matrenichev
  • Artem Chernyshev
  • Alexey Palazhchenko
  • Serge Logvinov
  • Andrew Rynhard
  • Utku Ozdemir
  • Kris Reeves
  • Marvin Drees
  • Philipp Sauter
  • Andrew Rynhard
  • Branden Cash
  • Matt Zahorik
  • Olli Janatuinen
  • Pau Campana
  • Sander Maijers
  • Seán C McCord
  • Spencer Smith
  • Steve Francis
  • Tim Jones

Changes

106 commits

  • 67cc45ae3 release(v1.3.0-alpha.0): prepare release
  • 18c377a4d feat: customize audit policy
  • 23c9ea46b fix: raspberry pi install
  • f17cdee16 feat: jsonpath filter for talosctl get outputs
  • 6bd3cca1a chore: generic raspberry pi images
  • d914ab8bb chore: add vulncheck tool as a linter
  • a0151aa13 feat: add generic rpi u-boot support
  • 30f851d09 chore: bump dependences
  • 8b2235c3b fix: lookup Equinix Metal bond slaves using 'permanent addr'
  • b3257ebb1 chore: bump kernel to 5.15.70
  • 0b2767c16 feat: implement 'permanent addr' in link statuses
  • c90e20251 fix: kubeconfig permission
  • fc48849d0 chore: move maps/slices/ordered to gen module
  • 8b09bd4b0 feat: update Kubernetes to v1.26.0-alpha.1
  • 276d4175b chore: bump extension versions in testing
  • 357b770cb fix: cryptsetup delete slot
  • 711128839 fix: continue applying bootstrap manifests on some errors
  • ce12c7b38 chore: update COSI runtime to v0.2.0-alpha.1
  • 1b435c0b3 chore: bump kernel + ice drivers
  • 18e041f1e docs: fix typo in patching example
  • 0ad6452ca feat: update CoreDNS to v1.10.0
  • 479f3f52e chore: bump dependencies
  • e07c6ae99 feat: update Kubernetes to v1.25.1
  • 13fdfaffc test: fix up default branch name
  • ef181321a docs: add component diagram; K8s & Talos Linux
  • aade73643 docs: fix missing variable in OpenEBS docs
  • 472590aa8 chore: return InvalidArgument on invalid config in maintenance mode
  • e5cabd42c feat: enable etcd consistency hashcheck
  • 015535d90 fix: update discovery client with the redirect fix
  • d0c8e7699 chore: bump kernel and go
  • 985b0c2e7 chore: remove go.work.sum
  • 69124f102 feat: update etcd to v3.5.5
  • 1985a796c docs: update docs for pod security
  • 94b088f02 fix: set etcd options consistently
  • 92ae7ef4b fix: fix protoenc encoding for enums and types with custom encoders
  • 93809017c docs: cpu scaling governor knowledgebase
  • 7b270ff33 test: fix api controller test
  • 2dadcd669 fix: stop worker nodes from acting as apid routers
  • 9eaf33f3f fix: never sign client certificate requests in trustd
  • 436749124 feat: environment vars for extension service
  • 0c0cb671e chore: mark machine configuration validation failure as InvalidArgument
  • f424e5340 fix: stop containers more thoroughly
  • 12827b861 chore: move "implements" checks to compile time
  • 3a67c42cb fix: kill the task processes when cleaning up stale task
  • 14a79e325 chore: bump dependencies
  • 9beee92e7 docs: fix double vv in Kubernetes version
  • 688272515 fix: use different username for Talos Kubernetes API access
  • 161a52a9e feat: check apid client certificate extended key usage
  • 9dadc4a59 fix: include all node addresses into etcd cert SANs
  • 71bfd3e43 feat: update CoreDNS to 1.9.4
  • 9df8f1ff1 fix: list COSI APIs for the apid authenticator
  • 31462450f fix: pass a pointer to specs.Mount into protoenc.Marshal
  • e626540df chore: avoid double API request logging in trustd
  • f62d17125 chore: update crypto to use new import path siderolabs/crypto
  • ef27dd855 chore: bump dependencies
  • 6472ae00b fix: automatically discard VIPs for etcd advertised addresses
  • 5e21cca52 feat: support setting kernel parameters
  • bd56621cd feat: add structprotogen tool
  • cdb6bb2cc feat: add Nano Pi R4S support
  • 36c1f1d6e fix: flip the client-server version check
  • cd6c53a97 docs: fork docs for v1.3
  • 0847400f7 fix: prevent panic on health check if a member has no IPs
  • 7471d7f01 feat: update Flannel to v0.19.2
  • 148c75cfb docs: consolidate the control-plane documentation
  • 353154281 fix: drop kube-system SA default binding
  • 4f37b668b chore: remove capi hacks
  • 1369afea8 docs: make 1.2.0 docs default ones
  • 7627cb0e3 docs: add new talosctl gen secrets
  • 8aa60a37a chore: bump kernel to 5.15.64
  • a798dbd5d docs: update docs for upcoming 1.2.0 release
  • b2fec3c97 fix: properly handle configContext being nil in Talos client
  • 1c0977b3a fix: change the type of returned gRPC connection object from the client
  • 41848e421 fix: expose Talos client gRPC connection via the function Conn
  • 2e9be4af8 chore: bump dependencies
  • d283aba3a test: fix cli reboot test
  • 0b339a9dc feat: track progress of action API calls
  • 072349812 fix: update COSI to the version with gRPC Wait fix
  • 89d57aa81 fix: always abort the maintenance service
  • f6fa74619 fix: limit apid backoff max delay
  • d7ef346db fix: get command in the case 'nodes' are not set in the context
  • 4e9c32256 fix: correctly render hosts.toml with multiple endpoints
  • cdd0f08bc feat: check client <> server version in some Talos commands
  • 446b0af58 chore: bump kernel and runc
  • 8c203ce9b feat: remove the machine from the discovery service on reset
  • b59ca5810 chore: move from inet.af/netaddr to net/netip and go4.org/netipx
  • 053af1d59 fix: update etcd certificates when node addresses changes
  • 11edb2c6f test: re-enable upgrade tests
  • 0310e2089 chore: bump github.com/siderolabs/protoenc to v0.1.5
  • 29bd63240 chore: remove old build tags syntax
  • b500d0aa9 chore: bump k8s to v1.25.0
  • 29e574be7 docs: update to v1.2.0-beta.1
  • 26b549f2a chore: bump dependencies
  • 8c3ac4c42 chore: limit GOMAXPROCS for Talos services
  • 361e85b74 fix: properly read kexec disabled sysctl
  • cfe6c2bc2 docs: nvidia oss drivers
  • 2f2d97b6b fix: don't wait for the hostname in maintenance mode
  • b15a63924 chore: bump kernel to 5.15.62
  • a0d94be30 fix: stable default hostname bias
  • da4cd34ef feat: update etcd advertised peer addresses on the fly
  • faf92ce01 chore: bump kubernetes to v1.25.0-rc.1
  • 52de919e3 chore: bump containerd to v1.6.8
  • 7d43fc79b fix: make 'ca', 'crt' and 'key' flags optional for 'talosctl config add'
  • fd467e02c fix: handle grub config being empty in the Revert function
  • 9492aca65 fix: clean up cancelCtxMu leftovers in PriorityLock
  • 61e3eb2ea fix: talosctl edit mc loop
  • 32db7a7f5 fix: surround cancelCtx with the mutex

Changes from siderolabs/crypto

27 commits

Changes from siderolabs/discovery-api

3 commits

Changes from siderolabs/discovery-client

1 commit

Changes from siderolabs/gen

4 commits

Changes from siderolabs/go-blockdevice

55 commits

Changes from siderolabs/pkgs

26 commits

Changes from siderolabs/tools

15 commits

Dependency Changes

  • cloud.google.com/go/compute v1.8.0 -> v1.10.0
  • github.com/aws/aws-sdk-go v1.44.76 -> v1.44.105
  • github.com/cosi-project/runtime v0.1.1 -> v0.2.0-alpha.1
  • github.com/docker/docker v20.10.17 -> v20.10.18
  • github.com/google/go-cmp v0.5.8 -> v0.5.9
  • github.com/google/nftables 2eca00135732 -> cbeb0fb1eccf
  • github.com/hetznercloud/hcloud-go v1.35.2 -> v1.35.3
  • github.com/insomniacslk/dhcp 509691fd59ec -> 043f1726f02e
  • github.com/mdlayher/ethtool 856bd6cb8a38 -> 0e16326d06d1
  • github.com/mdlayher/netlink v1.6.0 -> v1.6.2
  • github.com/opencontainers/image-spec c5a74bcca799 -> v1.1.0-rc1
  • github.com/packethost/packngo v0.25.0 -> v0.26.0
  • github.com/rivo/tview 0e6b21a48e96 -> 2e69b7385a37
  • github.com/siderolabs/crypto v0.4.0 new
  • github.com/siderolabs/discovery-api v0.1.1 new
  • github.com/siderolabs/discovery-client v0.1.1 -> v0.1.2
  • github.com/siderolabs/gen v0.2.0 new
  • github.com/siderolabs/go-blockdevice v0.4.0 new
  • github.com/siderolabs/pkgs v1.2.0-8-g970860d -> v1.3.0-alpha.0-25-g0ac7773
  • github.com/siderolabs/tools v1.2.0 -> v1.3.0-alpha.0-14-g5df6589
  • github.com/vmware-tanzu/sonobuoy v0.56.9 -> v0.56.10
  • go.etcd.io/etcd/api/v3 v3.5.4 -> v3.5.5
  • go.etcd.io/etcd/client/pkg/v3 v3.5.4 -> v3.5.5
  • go.etcd.io/etcd/client/v3 v3.5.4 -> v3.5.5
  • go.etcd.io/etcd/etcdutl/v3 v3.5.4 -> v3.5.5
  • go.uber.org/atomic v1.9.0 -> v1.10.0
  • go.uber.org/zap v1.22.0 -> v1.23.0
  • go4.org/netipx 797b0c90d8ab new
  • golang.org/x/net 3211cb980234 -> 8be639271d50
  • golang.org/x/sync 886fb9371eb4 -> 7f9b1623fab7
  • golang.org/x/sys fbc7d0a398ab -> fb04ddd9f9c8
  • golang.org/x/term a9ba230a4035 -> 7a66f970e087
  • golang.org/x/time e5dcc9cfc0b9 -> f3bd1da661af
  • golang.zx2c4.com/wireguard/wgctrl 3d4a969bb56b -> 473347a5e6e3
  • google.golang.org/grpc v1.48.0 -> v1.49.0
  • k8s.io/api v0.25.0 -> v0.26.0-alpha.1
  • k8s.io/apimachinery v0.25.0 -> v0.26.0-alpha.1
  • k8s.io/apiserver v0.25.0 -> v0.26.0-alpha.1
  • k8s.io/client-go v0.25.0 -> v0.26.0-alpha.1
  • k8s.io/component-base v0.25.0 -> v0.26.0-alpha.1
  • k8s.io/cri-api v0.25.0 -> v0.26.0-alpha.1
  • k8s.io/kubectl v0.25.0 -> v0.26.0-alpha.1
  • k8s.io/kubelet v0.25.0 -> v0.26.0-alpha.1
  • kernel.org/pub/linux/libs/security/libcap/cap v1.2.65 -> v1.2.66

Previous release can be found at v1.2.0

Images

ghcr.io/siderolabs/flannel:v0.19.2
ghcr.io/siderolabs/install-cni:v1.2.0
docker.io/coredns/coredns:1.10.0
gcr.io/etcd-development/etcd:v3.5.5
k8s.gcr.io/kube-apiserver:v1.26.0-alpha.1
k8s.gcr.io/kube-controller-manager:v1.26.0-alpha.1
k8s.gcr.io/kube-scheduler:v1.26.0-alpha.1
k8s.gcr.io/kube-proxy:v1.26.0-alpha.1
ghcr.io/siderolabs/kubelet:v1.26.0-alpha.1
ghcr.io/siderolabs/installer:v1.3.0-alpha.0
k8s.gcr.io/pause:3.6

Don't miss a new talos release

NewReleases is sending notifications on new releases.