Talos 1.3.0-alpha.2 (2022-11-17)
Welcome to the v1.3.0-alpha.2 release of Talos!
This is a pre-release of Talos
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
kube-apiserver Audit Policy
Talos now supports setting custom audit policy for kube-apiserver
in the machine configuration.
cgroups v1
Talos defaults to using cgroups v2 when Talos doesn't run in a container (when running in a container
Talos follows host cgroups mode).
Talos can now be forced to use cgroups v1 by setting boot kernel argument talos.unified_cgroup_hierarchy=0
:
machine:
install:
extraKernelArgs:
- "talos.unified_cgroup_hierarchy=0"
Current cgroups mode can be checked with talosctl ls /sys/fs/cgroup
:
cgroups v1:
blkio
cpu
cpuacct
cpuset
devices
freezer
hugetlb
memory
net_cls
net_prio
perf_event
pids
cgroups v2:
cgroup.controllers
cgroup.max.depth
cgroup.max.descendants
cgroup.procs
cgroup.stat
cgroup.subtree_control
cgroup.threads
cpu.stat
cpuset.cpus.effective
cpuset.mems.effective
init
io.stat
kubepods
memory.numa_stat
memory.stat
podruntime
system
Note:
cgroupsv1
is deprecated and it should be used only for compatibility with workloads which don't supportcgroupsv2
yet.
Kernel Command Line ip= Argument
Talos now supports referencing interface name via enxMAC
address notation:
ip=172.20.0.2::172.20.0.1:255.255.255.0::enx7085c2dfbc59
CRI Configuration Overrides
Talos no longer supports CRI config overrides placed in /var/cri/conf.d
directory.
New way correctly handles merging of containerd/CRI plugin configuration.
etcd Consistency Check
Talos enables --experimental-compact-hash-check-enabled option by default to improve
etcd store consistency guarantees.
This options is only available with etcd >= v3.5.5, so Talos doesn't support version of etcd before v3.5.5.
etcd Member ID
Talos now internally handles etcd member removal by member ID instead of member name (hostname).
This resolves the case when member name is not accurate or empty (eg: when etcd hasn't fully joined yet).
Command talosctl etcd remove-member
now accepts member IDs instead of member names.
New resource can be used to get member ID of the Talos node:
talosctl get etcdmember
Exocale Platform
Talos now supports new platform: Exoscale.
Exoscale provides a firewall, TCP load balancer and autoscale groups.
It works well with CCM and Kubernetes node autoscaler.
Kernel Modules
Talos now supports settings kernel module parameters.
Eg:
machine:
kernel:
modules:
- name: "br_netfilter"
parameters:
- nf_conntrack_max=131072
KubeSpan
KubeSpan MTU link size is now configurable via network.kubespan.mtu
setting in the machine configuration.
Node Labels
Talos now supports specifying node labels in the machine configuration:
machine:
nodeLabels:
rack: rack1a
zone: us-east-1a
Changes to the node labels will be applied immediately without kubelet
restart.
Talos keeps track of the owned node labels in the talos.dev/owned-labels
annotation.
Routes
Talos now supports setting MTU for a specific route.
Nano Pi R4S
Talos now supports the Nano Pi R4S SBC.
Raspberry Generic Images
The Raspberry Pi 4 specific image has been deprecated and will be removed in the v1.4 release of Talos.
Talos now ships a generic Raspberry Pi image that should support more Raspberry Pi variants.
Refer to the docs at https://www.talos.dev/v1.3/talos-guides/install/single-board-computers/rpi_generic/ to find which ones are supported.
Encryption with secretbox
By default new clusters will use secretbox for encryption instead of AESCBC.
If both are configured secretbox will take precedence.
Old clusters may keep using AESCBC.
To enable secretbox you may add an encryption secret at cluster.secretboxEncryptionSecret
.
You should keep aescbcEncryptionSecret
however, even if secretbox is enabled older data will still be encrypted with AESCBC.
How to generate the secret:
dd if=/dev/random of=/dev/stdout bs=32 count=1 | base64
Static Pod Manifests
The directory "/etc/kubernetes/manifests" is now deprecated.
Static pods should always be configured in machine.pods.
To reenable support you may set machine.kubelet.disableManifestsDirectory
.
Eg:
machine:
kubelet:
disableManifestsDirectory: no
Component Updates
- Kubernetes: v1.26.0-rc.0
- Flannel: v0.20.1
- CoreDNS: v1.10.0
- etcd: v3.5.5
- Linux: 5.15.77
- containerd: v1.6.9
Talos is built with Go 1.19.3.
Contributors
- Andrey Smirnov
- Noel Georgi
- Andrey Smirnov
- Michal Witkowski
- Artem Chernyshev
- Artem Chernyshev
- Dmitriy Matrenichev
- Alexey Palazhchenko
- Serge Logvinov
- Andrey Smirnov
- Philipp Sauter
- Andrew Rynhard
- Steve Francis
- Utku Ozdemir
- Andrew Rynhard
- Tim Jones
- Seán C McCord
- Kris Reeves
- Marvin Drees
- Spencer Smith
- Branden Cash
- Brandon Nason
- Cameron Brunner
- DJAlPee
- Daniel Low
- Gerard de Leeuw
- Jack Wink
- Jon Stelly
- Martin Stone
- Matt Zahorik
- Maxim Makarov
- Olli Janatuinen
- Pau Campana
- Rubens Farias
- Sander Maijers
- Spencer Smith
- ankitm123
- emattiza
- killcity
Changes
174 commits
- 9e44341c4 release(v1.3.0-alpha.2): prepare release
- aa56aed79 feat: publish discovered public IP as one of the KubeSpan endpoint
- 9382443ba feat: update Kubernetes to v1.26.0-rc.0
- 6ffc381c5 feat: implement CRI configuration customization
- e1e340bdd feat: expose Talos node labels as a machine configuration field
- c78bbbfda docs: specify that only XFS partitions are detected
- b881a9a79 chore: bump dependencies
- 5bfd7dbfa test: fix assertion on reboot test
- 1cfb6188b feat: implement support for cgroupsv1
- 3866d0e33 feat: update Kubernetes to v1.26.0-beta.0
- e1590ba7b fix: lifecycle action tracking
- 804762c59 feat: add timeout to cli action tracking, track by default & refactor
- 4e114ca12 feat: use the etcd member id for etcd operations instead of hostname
- 06fea2441 feat: expand platform metadata resources
- 03a20da9d fix: filter up duplicate IPs out of NodeAddresses
- 6b771bc73 chore: bump deps
- 96aa9638f chore: rename talos-systems/talos to siderolabs/talos
- 30bbf6463 refactor: use siderolabs/net version with netip.Addr
- 343c55762 chore: replace talos-systems Go modules with siderolabs
- 0301bbe93 fix: check if processes is nil to avoid panic
- 08e7e49a2 test: update versions for upgrade tests
- 0b41923c3 fix: restore the StaticPodStatus resource
- 1947092ae chore: introduce a healthcheck for
machined
service - 3333cd93c fix: generate correct Flannel config for IPv6-only clusters
- d7070f5e7 release(v1.3.0-alpha.1): prepare release
- 869f3b5a5 feat: network configuration improvements on the OpenStack platform
- 29f2195e1 feat: support exoscale cloud
- 8b4ae08d1 fix: etcd snapshot command on Windows
- 8bfa7ac1d feat: platform metadata resource
- 7e50e24c0 fix: properly cleanup legacy static pod manifests directory
- 6ee47bcc6 fix: support serving config for qemu launcher on IPv6
- 6c3d11b49 docs: admission control patch note
- 4ea3b99b5 fix: serve static pod files on 127.0.0.1 instead of localhost
- 23842114f feat: support encryption with secretbox
- f6773c472 docs: talos support on equinix metal
- b307160f6 chore: bump dependencies
- d7edd0e2e refactor: use go-circular, go-kubeconfig, and go-tail
- c6e1702ec feat: use URL-based manifests to present static pods to the kubelet
- 136a795e5 docs: update system requirements to mention dedicated disk usage
- 879e8c0bf chore: update kernel with BTF support
- ceb0cd99a feat: implement Talos API auth using SideroV1 signatures
- e6fba7d3b chore: update dependencies
- 93e55b85f chore: bump golangci-lint to v1.50.0
- aa3d9b4ca fix: regenerate cert on node labeling retry
- 021c73c35 fix: lowercase nodename
- b902036e1 docs: update office hours time link
- 7fcb8c681 feat: update Flannel to v0.20.0
- dc70d892a fix: support setting KubeSpan link MTU
- 7d52bad37 feat: update Linux to 5.15.73
- 9c78b3aff feat: update Kubernetes to v1.26.0-alpha.2
- 94913a672 docs: add lofty to talos adopters
- 0a0bdfe16 docs: add Tremor Video to adopters
- b7b1d4fd6 feat: use readonly containers
- d210338e3 fix: skip protobuf full unmarshaling for some talosctl commands
- b3c679d18 chore: bump dependencies
- 993743f63 fix: skip hostname via DHCP on OpenStack platform
- db076e7b5 feat: pin interface by mac address in cmdline args
- 63de93722 fix: update go-smbios to v0.3.1
- 49e9f808e chore: bump kernel and go
- c7372144d docs: add constraints to upgrade docs
- c71c8ca18 docs: consolidate, simplify and correct various docs
- 06f76bfeb chore: bump dependencies
- b1c421b9a chore: publish ami's with imds v2 enabled
- 195c40ab5 docs: add information about applicable use cases of disk encryption
- 54a687fb8 docs: consolidate and expand on discovery service
- 139c62d76 feat: allow upgrades in maintenance mode (only over SideroLink)
- 48dee4805 feat: support mtu for routes
- 1c43c72ae docs: fix talos required kernel params
- 67cc45ae3 release(v1.3.0-alpha.0): prepare release
- 18c377a4d feat: customize audit policy
- 23c9ea46b fix: raspberry pi install
- f17cdee16 feat: jsonpath filter for talosctl get outputs
- 6bd3cca1a chore: generic raspberry pi images
- d914ab8bb chore: add vulncheck tool as a linter
- a0151aa13 feat: add generic rpi u-boot support
- 30f851d09 chore: bump dependences
- 8b2235c3b fix: lookup Equinix Metal bond slaves using 'permanent addr'
- b3257ebb1 chore: bump kernel to 5.15.70
- 0b2767c16 feat: implement 'permanent addr' in link statuses
- c90e20251 fix: kubeconfig permission
- fc48849d0 chore: move maps/slices/ordered to gen module
- 8b09bd4b0 feat: update Kubernetes to v1.26.0-alpha.1
- 276d4175b chore: bump extension versions in testing
- 357b770cb fix: cryptsetup delete slot
- 711128839 fix: continue applying bootstrap manifests on some errors
- ce12c7b38 chore: update COSI runtime to v0.2.0-alpha.1
- 1b435c0b3 chore: bump kernel + ice drivers
- 18e041f1e docs: fix typo in patching example
- 0ad6452ca feat: update CoreDNS to v1.10.0
- 479f3f52e chore: bump dependencies
- e07c6ae99 feat: update Kubernetes to v1.25.1
- 13fdfaffc test: fix up default branch name
- ef181321a docs: add component diagram; K8s & Talos Linux
- aade73643 docs: fix missing variable in OpenEBS docs
- 472590aa8 chore: return InvalidArgument on invalid config in maintenance mode
- e5cabd42c feat: enable etcd consistency hashcheck
- 015535d90 fix: update discovery client with the redirect fix
- d0c8e7699 chore: bump kernel and go
- 985b0c2e7 chore: remove go.work.sum
- 69124f102 feat: update etcd to v3.5.5
- 1985a796c docs: update docs for pod security
- 94b088f02 fix: set etcd options consistently
- 92ae7ef4b fix: fix protoenc encoding for enums and types with custom encoders
- 93809017c docs: cpu scaling governor knowledgebase
- 7b270ff33 test: fix api controller test
- 2dadcd669 fix: stop worker nodes from acting as apid routers
- 9eaf33f3f fix: never sign client certificate requests in trustd
- 436749124 feat: environment vars for extension service
- 0c0cb671e chore: mark machine configuration validation failure as InvalidArgument
- f424e5340 fix: stop containers more thoroughly
- 12827b861 chore: move "implements" checks to compile time
- 3a67c42cb fix: kill the task processes when cleaning up stale task
- 14a79e325 chore: bump dependencies
- 9beee92e7 docs: fix double vv in Kubernetes version
- 688272515 fix: use different username for Talos Kubernetes API access
- 161a52a9e feat: check apid client certificate extended key usage
- 9dadc4a59 fix: include all node addresses into etcd cert SANs
- 71bfd3e43 feat: update CoreDNS to 1.9.4
- 9df8f1ff1 fix: list COSI APIs for the apid authenticator
- 31462450f fix: pass a pointer to specs.Mount into protoenc.Marshal
- e626540df chore: avoid double API request logging in trustd
- f62d17125 chore: update crypto to use new import path siderolabs/crypto
- ef27dd855 chore: bump dependencies
- 6472ae00b fix: automatically discard VIPs for etcd advertised addresses
- 5e21cca52 feat: support setting kernel parameters
- bd56621cd feat: add structprotogen tool
- cdb6bb2cc feat: add Nano Pi R4S support
- 36c1f1d6e fix: flip the client-server version check
- cd6c53a97 docs: fork docs for v1.3
- 0847400f7 fix: prevent panic on health check if a member has no IPs
- 7471d7f01 feat: update Flannel to v0.19.2
- 148c75cfb docs: consolidate the control-plane documentation
- 353154281 fix: drop kube-system SA default binding
- 4f37b668b chore: remove capi hacks
- 1369afea8 docs: make 1.2.0 docs default ones
- 7627cb0e3 docs: add new
talosctl gen secrets
- 8aa60a37a chore: bump kernel to 5.15.64
- a798dbd5d docs: update docs for upcoming 1.2.0 release
- b2fec3c97 fix: properly handle
configContext
beingnil
in Talos client - 1c0977b3a fix: change the type of returned gRPC connection object from the client
- 41848e421 fix: expose Talos client gRPC connection via the function
Conn
- 2e9be4af8 chore: bump dependencies
- d283aba3a test: fix cli reboot test
- 0b339a9dc feat: track progress of action API calls
- 072349812 fix: update COSI to the version with gRPC Wait fix
- 89d57aa81 fix: always abort the maintenance service
- f6fa74619 fix: limit apid backoff max delay
- d7ef346db fix: get command in the case 'nodes' are not set in the context
- 4e9c32256 fix: correctly render hosts.toml with multiple endpoints
- cdd0f08bc feat: check client <> server version in some Talos commands
- 446b0af58 chore: bump kernel and runc
- 8c203ce9b feat: remove the machine from the discovery service on reset
- b59ca5810 chore: move from inet.af/netaddr to net/netip and go4.org/netipx
- 053af1d59 fix: update etcd certificates when node addresses changes
- 11edb2c6f test: re-enable upgrade tests
- 0310e2089 chore: bump github.com/siderolabs/protoenc to v0.1.5
- 29bd63240 chore: remove old build tags syntax
- b500d0aa9 chore: bump k8s to v1.25.0
- 29e574be7 docs: update to v1.2.0-beta.1
- 26b549f2a chore: bump dependencies
- 8c3ac4c42 chore: limit GOMAXPROCS for Talos services
- 361e85b74 fix: properly read kexec disabled sysctl
- cfe6c2bc2 docs: nvidia oss drivers
- 2f2d97b6b fix: don't wait for the hostname in maintenance mode
- b15a63924 chore: bump kernel to 5.15.62
- a0d94be30 fix: stable default hostname bias
- da4cd34ef feat: update etcd advertised peer addresses on the fly
- faf92ce01 chore: bump kubernetes to v1.25.0-rc.1
- 52de919e3 chore: bump containerd to v1.6.8
- 7d43fc79b fix: make 'ca', 'crt' and 'key' flags optional for 'talosctl config add'
- fd467e02c fix: handle grub config being empty in the
Revert
function - 9492aca65 fix: clean up
cancelCtxMu
leftovers in PriorityLock - 61e3eb2ea fix: talosctl edit mc loop
- 32db7a7f5 fix: surround
cancelCtx
with the mutex
Changes since v1.3.0-alpha.1
24 commits
- 9e44341c4 release(v1.3.0-alpha.2): prepare release
- aa56aed79 feat: publish discovered public IP as one of the KubeSpan endpoint
- 9382443ba feat: update Kubernetes to v1.26.0-rc.0
- 6ffc381c5 feat: implement CRI configuration customization
- e1e340bdd feat: expose Talos node labels as a machine configuration field
- c78bbbfda docs: specify that only XFS partitions are detected
- b881a9a79 chore: bump dependencies
- 5bfd7dbfa test: fix assertion on reboot test
- 1cfb6188b feat: implement support for cgroupsv1
- 3866d0e33 feat: update Kubernetes to v1.26.0-beta.0
- e1590ba7b fix: lifecycle action tracking
- 804762c59 feat: add timeout to cli action tracking, track by default & refactor
- 4e114ca12 feat: use the etcd member id for etcd operations instead of hostname
- 06fea2441 feat: expand platform metadata resources
- 03a20da9d fix: filter up duplicate IPs out of NodeAddresses
- 6b771bc73 chore: bump deps
- 96aa9638f chore: rename talos-systems/talos to siderolabs/talos
- 30bbf6463 refactor: use siderolabs/net version with netip.Addr
- 343c55762 chore: replace talos-systems Go modules with siderolabs
- 0301bbe93 fix: check if processes is nil to avoid panic
- 08e7e49a2 test: update versions for upgrade tests
- 0b41923c3 fix: restore the StaticPodStatus resource
- 1947092ae chore: introduce a healthcheck for
machined
service - 3333cd93c fix: generate correct Flannel config for IPv6-only clusters
Changes from siderolabs/crypto
27 commits
- siderolabs/crypto@c3225ee feat: allow CSR template subject field to be overridden
- siderolabs/crypto@8570669 chore: rename to siderolabs/crypto
- siderolabs/crypto@e9df1b8 feat: add support for generating keys from RSA-SHA256 CAs
- siderolabs/crypto@510b0d2 chore: add json tags
- siderolabs/crypto@6fa2d93 fix: deepcopy nil fields as
nil
- siderolabs/crypto@9a63cba fix: add back support for generating ECDSA keys with P-256 and SHA512
- siderolabs/crypto@893bc66 fix: use SHA256 for ECDSA-P256
- siderolabs/crypto@deec8d4 chore: implement DeepCopy methods for PEMEncoded* types
- siderolabs/crypto@d3cb772 feat: make possible to change KeyUsage
- siderolabs/crypto@6bc5bb5 chore: remove unused argument
- siderolabs/crypto@cd18ef6 feat: add support for several organizations
- siderolabs/crypto@97c888b chore: add options to CSR
- siderolabs/crypto@7776057 chore: fix typos
- siderolabs/crypto@80df078 chore: remove named result parameters
- siderolabs/crypto@15bdd28 chore: minor updates
- siderolabs/crypto@4f80b97 fix: verify CSR signature before issuing a certificate
- siderolabs/crypto@39584f1 feat: support for key/certificate types RSA, Ed25519, ECDSA
- siderolabs/crypto@cf75519 fix: function NewKeyPair should create certificate with proper subject
- siderolabs/crypto@751c95a feat: add 'PEMEncodedKey' which allows to transport keys in YAML
- siderolabs/crypto@562c3b6 feat: add support for public RSA key in RSAKey
- siderolabs/crypto@bda0e9c feat: enable more conversions between encoded and raw versions
- siderolabs/crypto@e0dd56a feat: add NotBefore option for x509 cert creation
- siderolabs/crypto@12a4897 feat: add support for SPKI fingerprint generation and matching
- siderolabs/crypto@d0c3eef fix: implement NewKeyPair
- siderolabs/crypto@196679e feat: move
pkg/grpc/tls
fromgithub.com/talos-systems/talos
as./tls
- siderolabs/crypto@1ff6242 chore: initial version as imported from talos-systems/talos
- siderolabs/crypto@835063e chore: initial commit
Changes from siderolabs/discovery-api
3 commits
- siderolabs/discovery-api@5b0c5e7 chore: rename to siderolabs, rekres, etc
- siderolabs/discovery-api@db279ef feat: initial set of APIs and generated files
- siderolabs/discovery-api@ac52a37 chore: initial commit
Changes from siderolabs/discovery-client
2 commits
- siderolabs/discovery-client@a5c19c6 feat: provide public IP discovered from the server
- siderolabs/discovery-client@230f317 fix: reconnect the client on update failure
Changes from siderolabs/extras
3 commits
- siderolabs/extras@b155fa0 chore: enable renovate
- siderolabs/extras@8f00d77 feat: update tc-redirect-tap to the latest version
- siderolabs/extras@7c91844 chore: bump go to 1.19.2
Changes from siderolabs/gen
6 commits
- siderolabs/gen@b3b6db8 fix: fix Copy documentation and implementation
- siderolabs/gen@521f737 feat: add xerrors package which contains additions to the std errors
- siderolabs/gen@726e066 fix: rename tuples.go to pair.go and set proper package name
- siderolabs/gen@d8d7d25 chore: minor additions
- siderolabs/gen@338a650 chore: add initial implementation and documentation
- siderolabs/gen@4fd8667 Initial commit
Changes from siderolabs/go-blockdevice
56 commits
- siderolabs/go-blockdevice@694ac62 chore: update imports to siderolabs, rekres
- siderolabs/go-blockdevice@dcf6044 chore: rekres and rename
- siderolabs/go-blockdevice@9c4af49 fix: cryptsetup remove slot
- siderolabs/go-blockdevice@74ea471 feat: add freebsd stubs
- siderolabs/go-blockdevice@9fa801c feat: add ReadOnly attribute to Disk
- siderolabs/go-blockdevice@fccee8b chore: rekres the source, fix issues
- siderolabs/go-blockdevice@d9c3a27 feat: support probing FAT12/FAT16 filesystems
- siderolabs/go-blockdevice@b374eb4 fix: align partition to 1M boundary by default
- siderolabs/go-blockdevice@ec428fe fix: lookup filesystem labels on the actual device path
- siderolabs/go-blockdevice@7b9de26 feat: read symlink fullpath in block device list function
- siderolabs/go-blockdevice@6928ee4 refactor: rewrite GPT serialize/deserialize functions
- siderolabs/go-blockdevice@0c7e429 refactor: simplify middle endian functions
- siderolabs/go-blockdevice@15b182d fix: return partition table not exist when trying to read an empty dev
- siderolabs/go-blockdevice@b9517d5 fix: resize partition
- siderolabs/go-blockdevice@70d2865 fix: try to find cdrom disks
- siderolabs/go-blockdevice@667bf53 fix: revert gpt partition not found
- siderolabs/go-blockdevice@d7d4cdd fix: gpt partition not found
- siderolabs/go-blockdevice@33afba3 fix: also open in readonly mode when running
All
lookup method - siderolabs/go-blockdevice@e367f9d feat: make probe always open blockdevices in readonly mode
- siderolabs/go-blockdevice@d981156 fix: allow Build for Windows
- siderolabs/go-blockdevice@fe24303 fix: perform correct PMBR partition calculations
- siderolabs/go-blockdevice@2ec0c3c fix: preserve the PMBR bootable flag when opening GPT partition
- siderolabs/go-blockdevice@87816a8 feat: align partition to minimum I/O size
- siderolabs/go-blockdevice@c34b59f feat: expose more encryption options in the LUKS module
- siderolabs/go-blockdevice@30c2bc3 feat: mark MBR bootable
- siderolabs/go-blockdevice@1292574 fix: make disk type matcher parser case insensitive
- siderolabs/go-blockdevice@b77400e fix: properly detect nvme and sd card disk types
- siderolabs/go-blockdevice@1d830a2 fix: revert mark the EFI partition in PMBR as bootable
- siderolabs/go-blockdevice@bec914f fix: mark the EFI partition in PMBR as bootable
- siderolabs/go-blockdevice@776b37d feat: add options to probe disk by various sysblock parameters
- siderolabs/go-blockdevice@bb3ad73 fix: align partition start to physical sector size
- siderolabs/go-blockdevice@8f976c2 feat: replace exec.Command with go-cmd module
- siderolabs/go-blockdevice@1cf7f25 fix: properly handle no child processes error from cmd.Wait
- siderolabs/go-blockdevice@04a9851 feat: implement luks encryption provider
- siderolabs/go-blockdevice@b0375e4 feat: add an option to open block device with exclusive flock
- siderolabs/go-blockdevice@5a1c7f7 refactor: add devname into gpt.Partition, refactor probe package
- siderolabs/go-blockdevice@f2728a5 fix: keep contents of PMBR when writing it
- siderolabs/go-blockdevice@2878460 fix: write second copy of partition entries
- siderolabs/go-blockdevice@943b08b fix: blockdevice reset should read partition table from disk
- siderolabs/go-blockdevice@5b4ee44 fix: ignore
/dev/ram
devices - siderolabs/go-blockdevice@98754ec refactor: rewrite GPT library
- siderolabs/go-blockdevice@2a1baad fix: correctly build paths for
mmcblk
devices - siderolabs/go-blockdevice@8076344 fix: return proper disk size from GetDisks function
- siderolabs/go-blockdevice@8742133 chore: add common method to list available disks using /sys/block
- siderolabs/go-blockdevice@c4b5833 feat: implement "fast" wipe
- siderolabs/go-blockdevice@b4e67d7 feat: return resize status from Resize() function
- siderolabs/go-blockdevice@ceae64e fix: sync kernel partition table incrementally
- siderolabs/go-blockdevice@2cb9516 fix: return correct error value from blkpg functions
- siderolabs/go-blockdevice@cebe43d refactor: expose
InsertAt
method via interface - siderolabs/go-blockdevice@c40dcd8 fix: properly inform kernel about partition deletion
- siderolabs/go-blockdevice@bb8ac5d feat: implement disk wiping via several methods
- siderolabs/go-blockdevice@23fb7dc feat: expose partition name (label)
- siderolabs/go-blockdevice@ff3a821 feat: implement 'InsertAt' method to insert partitions at any position
- siderolabs/go-blockdevice@3d1ce4f fix: calculate last lba of partition correctly
- siderolabs/go-blockdevice@b71540f feat: copy initial version from talos-systems/talos
- siderolabs/go-blockdevice@ca3c078 Initial commit
Changes from siderolabs/go-circular
2 commits
- siderolabs/go-circular@507e0ec refactor: extract circular Go module
- siderolabs/go-circular@2234b3a docs: add README
Changes from siderolabs/go-cmd
5 commits
- siderolabs/go-cmd@0aea518 chore: rekres and update
- siderolabs/go-cmd@68eb006 feat: return typed error for exit error
- siderolabs/go-cmd@333ccf1 feat: add stdin support into the Run methods
- siderolabs/go-cmd@c5c8f1c feat: extract cmd module from Talos into a separate module
- siderolabs/go-cmd@77685fc Initial commit
Changes from siderolabs/go-debug
6 commits
- siderolabs/go-debug@c1bc4bf chore: rekres, rename, etc
- siderolabs/go-debug@3d0a6e1 feat: race build tag flag detector
- siderolabs/go-debug@5b292e5 feat: disable memory profiling by default
- siderolabs/go-debug@c6d0ae2 fix: linters and CI
- siderolabs/go-debug@d969f95 feat: initial implementation
- siderolabs/go-debug@b2044b7 Initial commit
Changes from siderolabs/go-kmsg
4 commits
- siderolabs/go-kmsg@e2a0000 chore: rekres, rename
- siderolabs/go-kmsg@b08e4d3 feat: replace tab character with space in console output
- siderolabs/go-kmsg@2edcd3a feat: add initial version
- siderolabs/go-kmsg@53cdd8d chore: initial commit
Changes from siderolabs/go-kubeconfig
2 commits
- siderolabs/go-kubeconfig@e7fdd94 refactor: extract kubeconfig library as a Go module
- siderolabs/go-kubeconfig@50e91b8 docs: add REAMDE
Changes from siderolabs/go-loadbalancer
12 commits
- siderolabs/go-loadbalancer@f54e3c9 chore: update dependencies to siderolabs, rekres
- siderolabs/go-loadbalancer@438b71d chore: update package path and rekres
- siderolabs/go-loadbalancer@5341eec feat: implement public method to check if the route is Healthy
- siderolabs/go-loadbalancer@b578d47 feat: add a way to configure loadbalancer options
- siderolabs/go-loadbalancer@c54d95d feat: implement control plane loadbalancer
- siderolabs/go-loadbalancer@4a6e29e refactor: clean up names, fix the lingering goroutines
- siderolabs/go-loadbalancer@af87d1c chore: apply new Kres rules
- siderolabs/go-loadbalancer@a445702 feat: allow dial timeout and keep alive period to be configurable
- siderolabs/go-loadbalancer@3c8f347 feat: provide a way to configure logger for the loadbalancer
- siderolabs/go-loadbalancer@da8e987 feat: implement Reconcile - ability to change upstream list on the fly
- siderolabs/go-loadbalancer@8b1dfa6 feat: copy initial version from talos-systems/talos
- siderolabs/go-loadbalancer@c2f6a8f Initial commit
Changes from siderolabs/go-procfs
10 commits
- siderolabs/go-procfs@a062a4c chore: rekres, rename
- siderolabs/go-procfs@8cbc42d feat: provide an option to overwrite some args in AppendAll
- siderolabs/go-procfs@24d06a9 refactor: remove talos kernel default args
- siderolabs/go-procfs@a82654e feat: implement SetAll method
- siderolabs/go-procfs@16ce2ef fix: update cmdline.Set() to drop the value being overwritten
- siderolabs/go-procfs@5a9a4a7 feat: update kernel args for new KSPP requirements
- siderolabs/go-procfs@57c7311 refactor: change directory layout
- siderolabs/go-procfs@a077c96 fix: fix go module name
- siderolabs/go-procfs@698666f chore: move package to new repo
- siderolabs/go-procfs@dabb425 Initial commit
Changes from siderolabs/go-retry
9 commits
- siderolabs/go-retry@6d45449 chore: rekres, rename
- siderolabs/go-retry@c78cc95 fix: implement
errors.Is
for all errors in the set - siderolabs/go-retry@7885e16 feat: add ExpectedErrorf
- siderolabs/go-retry@3d83f61 feat: deprecate UnexpectedError
- siderolabs/go-retry@b9dc1a9 feat: add support for
context.Context
in Retry - siderolabs/go-retry@8c63d29 fix: correctly implement error interfaces on wrapped errors
- siderolabs/go-retry@752f081 feat: add an option to log errors being retried
- siderolabs/go-retry@073067b feat: copy initial version from talos-systems/talos
- siderolabs/go-retry@c7968c5 Initial commit
Changes from siderolabs/go-smbios
11 commits
- siderolabs/go-smbios@10c1dd8 fix: check for end of the slice properly
- siderolabs/go-smbios@9ca8ce7 chore: treat invalid strings as empty
- siderolabs/go-smbios@dbc5f79 chore: rekres+rename
- siderolabs/go-smbios@3f1e775 feat: rework destructuring of SMBIOS information and added some tests
- siderolabs/go-smbios@fd5ec8c fix: remove useless (?) goroutines leading to data race error
- siderolabs/go-smbios@d3a32be fix: return UUID in middle endian only on SMBIOS >= 2.6
- siderolabs/go-smbios@fb425d4 feat: add memory device
- siderolabs/go-smbios@0bb4f96 feat: add physical memory array
- siderolabs/go-smbios@8019619 feat: supply wake-up type in SMBIOS info
- siderolabs/go-smbios@94b8c4e feat: initial implementation
- siderolabs/go-smbios@864ed80 Initial commit
Changes from siderolabs/go-tail
2 commits
- siderolabs/go-tail@962ae43 refactor: extract go-tail module
- siderolabs/go-tail@359c3cb docs: initial commit
Changes from siderolabs/grpc-proxy
51 commits
- siderolabs/grpc-proxy@4cc7bbe chore: rename to siderolabs/grpc-proxy, rekres
- siderolabs/grpc-proxy@2c586db feat: pass fullMethodName to GetConnection
- siderolabs/grpc-proxy@6dfa2cc fix: ignore errors on duplicate
SetHeader
calls - siderolabs/grpc-proxy@b076302 fix: use io.EOF error when no backend connections are available
- siderolabs/grpc-proxy@82daca0 docs: update README
- siderolabs/grpc-proxy@fa6843a chore: fix spelling
- siderolabs/grpc-proxy@c0a87d9 chore: major cleanup of the code and build
- siderolabs/grpc-proxy@ca3bc61 fix: ignore some errors so that we don't spam the logs
- siderolabs/grpc-proxy@5c579a7 feat: allow different formats for messages streaming/unary
- siderolabs/grpc-proxy@6c9f7b3 fix: allow mode to be set for each request being proxied
- siderolabs/grpc-proxy@cc91c09 refactor: provide better public API, enforce proxying mode
- siderolabs/grpc-proxy@d8d3a75 chore: update import paths after repo move
- siderolabs/grpc-proxy@dbf07a4 Merge pull request #7 from smira/one2many-4
- siderolabs/grpc-proxy@fc0d27d More tests, small code fixes, updated README.
- siderolabs/grpc-proxy@d9ce0b1 Merge pull request #6 from smira/one2many-3
- siderolabs/grpc-proxy@2d37ba4 Support for one2many streaming calls, tests.
- siderolabs/grpc-proxy@817b035 Merge pull request #5 from smira/one2many-2
- siderolabs/grpc-proxy@436b338 More unary one-2-many tests, error propagation.
- siderolabs/grpc-proxy@1f0cb46 Merge pull request #4 from smira/one2many-1
- siderolabs/grpc-proxy@992a975 Proxying one to many: first iteration
- siderolabs/grpc-proxy@a0988ff Merge pull request #3 from smira/small-fixups
- siderolabs/grpc-proxy@e3111ef Small fixups in preparation to add one-to-many proxying.
- siderolabs/grpc-proxy@6d76ffc Merge pull request #2 from smira/backend-concept
- siderolabs/grpc-proxy@2aad63a Add concept of a 'Backend', but still one to one proxying
- siderolabs/grpc-proxy@7cc4610 Merge pull request #1 from smira/build
- siderolabs/grpc-proxy@37f01f3 Rework build to use GitHub Actions, linting updates.
- siderolabs/grpc-proxy@0f1106e Move error checking further up (#34)
- siderolabs/grpc-proxy@d5b35f6 Update gRPC and fix tests (#27)
- siderolabs/grpc-proxy@67591eb Break StreamDirector interface, fix metadata propagation for gRPC-Go>1.5. (#20)
- siderolabs/grpc-proxy@97396d9 Merge pull request #11 from mwitkow/fix-close-bug
- siderolabs/grpc-proxy@3fcbd37 fixup closing conns
- siderolabs/grpc-proxy@a8f5f87 fixup tests, extend readme
- siderolabs/grpc-proxy@428fa1c Fix a channel closing bug
- siderolabs/grpc-proxy@af55d61 Merge pull request #10 from mwitkow/bugfix/streaming-fix
- siderolabs/grpc-proxy@de4d3db remove spurious printfs
- siderolabs/grpc-proxy@84242c4 fix the "i don't know who finished" case
- siderolabs/grpc-proxy@9b22f41 fix full duplex streaming
- siderolabs/grpc-proxy@c2f7c98 update readme
- siderolabs/grpc-proxy@d654141 update README
- siderolabs/grpc-proxy@f457856 move to proxy subdirectory
- siderolabs/grpc-proxy@4889d78 Add fixup scripts
- siderolabs/grpc-proxy@ef60a37 version 2 of the grpc-proxy, this time with fewer grpc upstream deps
- siderolabs/grpc-proxy@07aeac1 Merge pull request #2 from daniellowtw/master
- siderolabs/grpc-proxy@e5c3df5 Fix compatibility with latest grpc library
- siderolabs/grpc-proxy@52be0a5 bugfix: fix gRPC Java deadlock, due to different dispatch logic
- siderolabs/grpc-proxy@822df7d Fix reference to mwitkow.
- siderolabs/grpc-proxy@28341d1 move out forward logic to method, allowing for use as
grpc.Server
not found handler. - siderolabs/grpc-proxy@89e28b4 add reference to upstream grpc bug
- siderolabs/grpc-proxy@00dd588 merge upstream
grpc.Server
changes changing the dispatch logic - siderolabs/grpc-proxy@77edc97 move to upstream
protobuf
fromgogo
- siderolabs/grpc-proxy@db71c3e initial commit, tested and working.
Changes from siderolabs/net
12 commits
- siderolabs/net@19eb1c4 feat: switch to use
netip.Addr
instead ofnet.IP
- siderolabs/net@5b21171 chore: rename, rekres
- siderolabs/net@409926a fix: parse correctly some IPv6 CIDRs
- siderolabs/net@b4b7181 feat: add a way to filter list of IPs for the machine
- siderolabs/net@0abe5bd feat: implement FilterIPs function
- siderolabs/net@0519054 feat: add ParseCIDR
- siderolabs/net@52c7509 feat: add a function to format IPs in CIDR notation
- siderolabs/net@005a94f feat: add methods to manage CIDR list, check for non-local IPv6
- siderolabs/net@8b56890 feat: add ValidateEndpointURI
- siderolabs/net@402fa79 chore: apply kres to get the latest build scripts
- siderolabs/net@c7bc477 chore: initial version of the package
- siderolabs/net@393246a chore: initial commit
Changes from siderolabs/pkgs
39 commits
- siderolabs/pkgs@8b975a7 chore: bump deps
- siderolabs/pkgs@b153ce6 chore: bump deps
- siderolabs/pkgs@535b8f9 chore: update packages version
- siderolabs/pkgs@66c77e9 feat: re-enable build kernel with BTF enabled
- siderolabs/pkgs@98ef073 feat: enable INET_DIAG and FANOTFY_PERMISSIONS
- siderolabs/pkgs@8fe5cbc chore: update dependencies
- siderolabs/pkgs@554c0fe feat: add fanotify and kprobes kernel options
- siderolabs/pkgs@54d7e5c fix: drbd package name
- siderolabs/pkgs@b4cb9e2 feat: add 'drbd' package
- siderolabs/pkgs@91e73b3 feat: update dependencies
- siderolabs/pkgs@b6d0d96 chore: bump kernel to 5.15.72
- siderolabs/pkgs@b16dfe9 chore: bump go to 1.19.2
- siderolabs/pkgs@861cc32 chore: bump kernel to 5.15.71
- siderolabs/pkgs@0ac7773 chore: use generic raspberry pi u-boot
- siderolabs/pkgs@d5633d4 chore: bump kernel to 5.15.70
- siderolabs/pkgs@39c0d43 feat: add generic rpi_arm64_defconfig configuration
- siderolabs/pkgs@ed269ca chore: bump kernel to 5.15.69
- siderolabs/pkgs@f2f8333 fix: no slack notifications on failure
- siderolabs/pkgs@6f0af33 chore: disable drone slack pipeline for renovate
- siderolabs/pkgs@32aea3f chore: disable drone for renovate/dependabot
- siderolabs/pkgs@44579f0 fix: rollback xfsprogs to 5.18.0
- siderolabs/pkgs@792c0e3 feat: add gasket driver package
- siderolabs/pkgs@07f1898 chore: update deps
- siderolabs/pkgs@f78f410 chore: enable conntrack zones and timestamps
- siderolabs/pkgs@049b3c6 chore: enable intel ice drivers
- siderolabs/pkgs@606ff32 chore: bump deps
- siderolabs/pkgs@eee5c8a chore: disable irc in conntrack
- siderolabs/pkgs@70e6c46 chore: bump kernel to 5.15.64
- siderolabs/pkgs@e510321 chore: update renovate config
- siderolabs/pkgs@d1fa510 feat: enable renovate bot
- siderolabs/pkgs@e427a77 chore: bump runc to v1.1.4
- siderolabs/pkgs@40e1215 chore: enable nfsv4.2 client support
- siderolabs/pkgs@15efada chore: bump kernel to 5.15.63
- siderolabs/pkgs@e70e3c1 fix: nvidia oss pkg name
- siderolabs/pkgs@30b8d79 chore: bump kernel to 5.15.62
- siderolabs/pkgs@862c392 chore: bump gcc to 12.2.0
- siderolabs/pkgs@2ecd14e fix: containerd version
- siderolabs/pkgs@01df058 feat: add NanoPi R4S configuration
- siderolabs/pkgs@d4cb33b chore: bump containerd to v1.6.8
Changes from siderolabs/siderolink
19 commits
- siderolabs/siderolink@575c5cc refactor: drop dependency on Talos machinery package
- siderolabs/siderolink@61ab1c4 fix: include MachineStatusEvent into the list of supported events
- siderolabs/siderolink@16a84eb chore: rename to siderolabs/siderolink
- siderolabs/siderolink@ca470c7 chore: update Talos to the latest master, migrate netaddr -> netip/x
- siderolabs/siderolink@93b65f0 fix: ignore 'exist' error on interface managmeent
- siderolabs/siderolink@3c4d9e0 chore: move IP to interface binding into NewDevice
- siderolabs/siderolink@f0b5e39 feat: use kernel wireguard implementation when available
- siderolabs/siderolink@1d2b7e1 feat: allow setting peer endpoint using peer event
- siderolabs/siderolink@5d085d6 feat: expose
wgDevice.Peers
from thewireguard.Device
wrapper - siderolabs/siderolink@3a5be65 fix: use correct method to generate Wireguard private key
- siderolabs/siderolink@8318a7e feat: accept join token in Provision payload
- siderolabs/siderolink@b38c192 fix: build on Windows
- siderolabs/siderolink@9902ad2 feat: pass request context and node address to the events sink adapter
- siderolabs/siderolink@d0612a7 refactor: pass in listener to the log receiver
- siderolabs/siderolink@d86cdd5 feat: implement logreceiver for kernel logs
- siderolabs/siderolink@f7cadbc fix: handle duplicate peer updates
- siderolabs/siderolink@0755b24 feat: initial implementation of SideroLink
- siderolabs/siderolink@ee73ea9 feat: add Talos events sink proto files and the reference implementation
- siderolabs/siderolink@1e2cd9d Initial commit
Changes from siderolabs/tools
22 commits
- siderolabs/tools@e8f92b3 chore: bump tools
- siderolabs/tools@3b5f89a chore: update dependencies
- siderolabs/tools@6402b99 feat: update OpenSSL to 1.1.1r
- siderolabs/tools@00e91b1 feat: update releases
- siderolabs/tools@a264809 chore: bump go to 1.19.2
- siderolabs/tools@858cfe7 fix: no slack notifications on failure
- siderolabs/tools@ed85950 chore: disable drone slack pipeline for renovate
- siderolabs/tools@5df6589 chore: disable drone for renovate/dependabot
- siderolabs/tools@1f00d2e fix: revert gawk to 5.1.1
- siderolabs/tools@feeda1f chore: bump grpc-go
- siderolabs/tools@8542014 chore: bump deps
- siderolabs/tools@e5c4968 chore: update renovate config
- siderolabs/tools@f34f94d chore: update renovate config
- siderolabs/tools@cef4cc6 chore: update renovate config
- siderolabs/tools@bab8e9e chore: add libbpf to tools
- siderolabs/tools@0a15f7b chore: build pahole properly
- siderolabs/tools@a322d06 chore: remove img
- siderolabs/tools@c7ff47b feat: enable renovate dependency updates (3/3)
- siderolabs/tools@6e095cf feat: enable renovate dependency updates (2/n)
- siderolabs/tools@bad1ad1 feat: add renovatebot
- siderolabs/tools@7d6f9c3 chore: bump gcc to 12.2.0
- siderolabs/tools@2719b4b chore: bump toolchain
Dependency Changes
- cloud.google.com/go/compute/metadata v0.2.1 new
- github.com/BurntSushi/toml v1.2.0 -> v1.2.1
- github.com/aws/aws-sdk-go v1.44.76 -> v1.44.136
- github.com/containerd/containerd v1.6.8 -> v1.6.9
- github.com/cosi-project/runtime v0.1.1 -> v0.2.0-alpha.3
- github.com/docker/docker v20.10.17 -> v20.10.21
- github.com/emicklei/dot v1.0.0 -> v1.1.0
- github.com/fsnotify/fsnotify v1.5.4 -> v1.6.0
- github.com/gdamore/tcell/v2 v2.5.2 -> v2.5.3
- github.com/google/go-cmp v0.5.8 -> v0.5.9
- github.com/google/nftables 2eca00135732 -> 130caa4c31c9
- github.com/hetznercloud/hcloud-go v1.35.2 -> v1.37.0
- github.com/insomniacslk/dhcp 509691fd59ec -> 5308ebe5334c
- github.com/jsimonetti/rtnetlink v1.2.2 -> v1.2.3
- github.com/mdlayher/ethtool 856bd6cb8a38 -> 0e16326d06d1
- github.com/mdlayher/genetlink v1.2.0 -> v1.3.0
- github.com/mdlayher/netlink v1.6.0 -> v1.7.0
- github.com/opencontainers/image-spec c5a74bcca799 -> v1.1.0-rc2
- github.com/packethost/packngo v0.25.0 -> v0.29.0
- github.com/pmorjan/kmod v1.0.0 -> v1.1.0
- github.com/rivo/tview 0e6b21a48e96 -> 04a46906d2e9
- github.com/scaleway/scaleway-sdk-go v1.0.0-beta.9 -> v1.0.0-beta.10
- github.com/siderolabs/crypto v0.4.0 new
- github.com/siderolabs/discovery-api v0.1.1 new
- github.com/siderolabs/discovery-client v0.1.1 -> v0.1.3
- github.com/siderolabs/extras v1.2.0 -> v1.3.0-alpha.0-2-gb155fa0
- github.com/siderolabs/gen v0.4.0 new
- github.com/siderolabs/go-blockdevice v0.4.1 new
- github.com/siderolabs/go-circular v0.1.0 new
- github.com/siderolabs/go-cmd v0.1.1 new
- github.com/siderolabs/go-debug v0.2.2 new
- github.com/siderolabs/go-kmsg v0.1.2 new
- github.com/siderolabs/go-kubeconfig v0.1.0 new
- github.com/siderolabs/go-loadbalancer v0.2.1 new
- github.com/siderolabs/go-procfs v0.1.1 new
- github.com/siderolabs/go-retry v0.3.2 new
- github.com/siderolabs/go-smbios v0.3.1 new
- github.com/siderolabs/go-tail v0.1.0 new
- github.com/siderolabs/grpc-proxy v0.4.0 new
- github.com/siderolabs/net v0.4.0 new
- github.com/siderolabs/pkgs v1.2.0-8-g970860d -> v1.3.0-alpha.0-38-g8b975a7
- github.com/siderolabs/siderolink v0.3.0 new
- github.com/siderolabs/talos/pkg/machinery v1.3.0-alpha.2 new
- github.com/siderolabs/tools v1.2.0 -> v1.3.0-alpha.0-21-ge8f92b3
- github.com/spf13/cobra v1.5.0 -> v1.6.1
- github.com/stretchr/testify v1.8.0 -> v1.8.1
- github.com/u-root/u-root v0.9.0 -> v0.10.0
- github.com/vmware-tanzu/sonobuoy v0.56.9 -> v0.56.11
- go.etcd.io/etcd/api/v3 v3.5.4 -> v3.5.5
- go.etcd.io/etcd/client/pkg/v3 v3.5.4 -> v3.5.5
- go.etcd.io/etcd/client/v3 v3.5.4 -> v3.5.5
- go.etcd.io/etcd/etcdutl/v3 v3.5.4 -> v3.5.5
- go.uber.org/atomic v1.9.0 -> v1.10.0
- go.uber.org/zap v1.22.0 -> v1.23.0
- go4.org/netipx 797b0c90d8ab new
- golang.org/x/net 3211cb980234 -> v0.2.0
- golang.org/x/sync 886fb9371eb4 -> v0.1.0
- golang.org/x/sys fbc7d0a398ab -> v0.2.0
- golang.org/x/term a9ba230a4035 -> v0.2.0
- golang.org/x/time e5dcc9cfc0b9 -> v0.2.0
- golang.zx2c4.com/wireguard/wgctrl 3d4a969bb56b -> 97bc4ad4a1cb
- google.golang.org/grpc v1.48.0 -> v1.50.1
- k8s.io/api v0.25.0 -> v0.26.0-beta.0
- k8s.io/apimachinery v0.25.0 -> v0.26.0-beta.0
- k8s.io/apiserver v0.25.0 -> v0.26.0-beta.0
- k8s.io/client-go v0.25.0 -> v0.26.0-beta.0
- k8s.io/component-base v0.25.0 -> v0.26.0-beta.0
- k8s.io/cri-api v0.25.0 -> v0.26.0-beta.0
- k8s.io/klog/v2 v2.70.1 -> v2.80.1
- k8s.io/kubectl v0.25.0 -> v0.26.0-beta.0
- k8s.io/kubelet v0.25.0 -> v0.26.0-beta.0
- kernel.org/pub/linux/libs/security/libcap/cap v1.2.65 -> v1.2.66
Previous release can be found at v1.2.0
Images
ghcr.io/siderolabs/flannel:v0.20.1
ghcr.io/siderolabs/install-cni:v1.3.0-alpha.0-2-gb155fa0
docker.io/coredns/coredns:1.10.0
gcr.io/etcd-development/etcd:v3.5.5
k8s.gcr.io/kube-apiserver:v1.26.0-rc.0
k8s.gcr.io/kube-controller-manager:v1.26.0-rc.0
k8s.gcr.io/kube-scheduler:v1.26.0-rc.0
k8s.gcr.io/kube-proxy:v1.26.0-rc.0
ghcr.io/siderolabs/kubelet:v1.26.0-rc.0
ghcr.io/siderolabs/installer:v1.3.0-alpha.2
registry.k8s.io/pause:3.6