Skip to content

Releases: siderolabs/talos

v1.7.0-alpha.0

01 Feb 19:45
@talos-bot talos-bot
v1.7.0-alpha.0
This tag was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
029d7f7
This commit was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.7.0-alpha.0 Pre-release
Pre-release

Talos 1.7.0-alpha.0 (2024-02-01)

Welcome to the v1.7.0-alpha.0 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Device Selectors

Talos Linux now supports physical: true qualifier for device selectors, it selects non-virtual network interfaces (i.e. en0 is selected, while bond0 is not).

DNS Caching

Talos Linux now provides a caching DNS resolver for host workloads (including host networking pods). It can be disabled with:

machine:
   features:
       localDNS: false

Known Problems

ZFS and DRBD extensions are disabled in this release due to incompatibility with the latest Linux kernel.

Kubernetes API Server Service Account Key

Talos Linux starting from this release uses RSA key for Kubernetes API Server Service Account instead of ECDSA key to provide better compatibility with external OpenID Connect implementations.

Component Updates

Linux: 6.6.14
etcd: 3.5.11
Kubernetes: 1.29.1
containerd: 1.7.13
runc: 1.1.12
Flannel: 0.24.1

Talos is built with Go 1.21.6.

Contributors

  • Andrey Smirnov
  • Dmitriy Matrenichev
  • Utku Ozdemir
  • Noel Georgi
  • Andrey Smirnov
  • Radosław Piliszek
  • Artem Chernyshev
  • Spencer Smith
  • Steve Francis
  • Anthony ARNAUD
  • Cas de Reuver
  • Christian Mohn
  • Drew Hess
  • ExtraClock
  • Hervé Werner
  • JJGadgets
  • Jacob McSwain
  • Jonomir
  • Sebastian Gaiser
  • Serge Logvinov
  • Tim Jones
  • edwinavalos
  • stereobutter

Changes

82 commits

  • 029d7f7b9 release(v1.7.0-alpha.0): prepare release
  • 2ff81c06b feat: update runc 1.1.12, containerd 1.7.13
  • 9d8cd4d05 chore: drop deprecated method EtcdRemoveMember
  • 17567f19b fix: take into account the moment seen when cleaning up CRI images
  • aa03204b8 docs: document the process of building custom kernel packages
  • 7af48bd55 feat: use RSA key for kube-apiserver service account key
  • a5e13c696 fix: retry blockdevice open in the installer
  • 593afeea3 fix: run the interactive installer loop to report errors
  • 87be76b87 fix: be more tolerant to error handling in Mounts API
  • 03add7503 docs: add section on using imager with extensions from tarball
  • ee0fb5eff docs: consolidate certificate management articles
  • 9c14dea20 chore: bump coredns
  • ebeef2852 feat: implement local caching dns server
  • 4a3691a27 docs: fix broken links in metal-network-configuration.md
  • c4ed189a6 docs: provide sane defaults for each release series in vmware script
  • 8138d54c6 docs: clarify node taints/labels for worker nodes
  • b44551ccd feat: update Linux to 6.6.13
  • 385707c5f docs: update vmware.sh
  • d1a79b845 docs: fix small typo in etcd maintenance guide
  • cf0603330 docs: copy generated JSON schema to host
  • f11139c22 docs: document local path provisioner install
  • e0dfbb8fb fix: allow META encoded values to be compressed
  • d677901b6 feat: implement device selector for 'physical'
  • 7d1117289 docs: add missing talosconfig flag
  • 8a1732bcb fix: pull in mptspi driver
  • c1e45071f refactor: use etcd configuration from the EtcdSpec resource
  • 4e9b688d3 fix: use correct TTL for talosconfig in talosctl config new
  • fb5ad0555 feat: update Kubernetes default to 1.29.1
  • fe24139f3 docs: fork docs for v1.7
  • 1c2d10ccc chore: bump dependencies
  • a599e3867 chore: allow custom registry to build installer/imager
  • 3911ddf7b docs: add how-to for cert management
  • b0ee0bfba fix: strategic patch merging for audit policy
  • 474eccdc4 fix: watch bufer overrun for RouteStatus
  • cc06b5d7a fix: fix .der output in talosctl gen secureboot
  • 1dbb4abf4 fix: update discovery service client to v0.1.6
  • 9782319c3 fix: support KubePrism settings in Kubernetes Discovery
  • 6c5a0c281 feat: generate a single JSON schema for multidoc config
  • f70b47ddd fix: force KubePrism to connect using IPv4
  • d5321e085 fix: update kmsg with utf-8 fix
  • 7fa7362dd fix: fix nodes on dashboard footer when node names are used in --nodes
  • ba88678f1 fix: merge ports and ingress configs correctly in NetworkRuleConfig
  • dea9bda2d fix: disk UUID & WWID always empty in talosctl disks
  • 8dc112f36 chore: pull in NBD modules
  • f6926faab fix: default priority for ipv6
  • e8758dcba chore: support http downloads for assets in talosctl cluster create
  • 265f21be0 fix: replace the filemap implementation to not buffer in memory
  • 8db3c5b3c fix: pick correctly base installer image layers
  • 0a30ef784 fix: imager should support different Talos versions
  • d6342cda5 docs: update latest version to v1.6.1
  • e6e422b92 chore: bump dependencies
  • 5a19d078a fix: properly overwrite files on install
  • 9eb6cea78 docs: secureboot sd-boot menu clarification
  • 01f0cbe61 feat: support iPXE direct booting in talosctl cluster create
  • 3ba84701d feat: pull in kernel modules for mlx Infiniband and VFIO
  • ba993e0ed docs: announce that SecureBoot is available
  • 241bc9312 fix: update the way secureboot signer fetches certificate (azure)
  • 59b62398f chore: modernize machined/pkg/controllers/k8s
  • 760f793d5 fix: use correct prefix when installing SBC files
  • 0b94550c4 chore: fix the gvisor test
  • 3a787c1d6 docs: update 1.6 docs with Noel's feedback
  • d803e40ef docs: provide documentation for Talos 1.6
  • 9a185a30f feat: update Kubernetes to v1.29.0
  • 5934815d2 chore: split more kernel modules on amd64
  • 10c59a6b9 fix: leave discovery service later in the reset sequence
  • 0c86ca1cc chore: enable kubespan+firewall for cilium tests
  • 98fd722d5 feat: provide compatibility for future Talos 1.7
  • 131a1b167 fix: add a KubeSpan option to disable extra endpoint harvesting
  • 4547ad9af feat: send actor id to the SideroLink events sink
  • 04e774547 docs: cap max heading level
  • 6bb1e99aa chore: optimize pcap dump
  • 4f9d3b975 feat: update Kubernetes to v1.29.0-rc.2
  • 46121c9fe docs: rework machine config documentation generation
  • e128d3c82 fix: talosctl cluster create not to enforce kubeprism always
  • 320064c5a feat: update Go 1.21.5, Linux 6.1.65, etcd 3.5.11
  • 270604bea fix: support user disks via symlinks
  • 4f195dd27 chore: fix the release.toml
  • 474fa0480 fix: store and execute desired action on emergency action
  • 515ae2a18 docs: extend hetzner-cloud docs for arm64
  • eecc4dbd5 fix: trim leading spaces\newlines in inline manifest contents
  • dbf274ddf fix: skip writing the file if the contents haven't changed
  • 6329222bd fix: do not panic in merge.Merge if map value is nil

Changes from siderolabs/discovery-client

1 commit

Changes from siderolabs/extras

1 commit

Changes from siderolabs/go-api-signature

20 commits

Read more
Assets 62
Loading
2 Join discussion

v1.6.4

01 Feb 16:44
@talos-bot talos-bot
v1.6.4
This tag was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
431bcad
This commit was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.6.4

Talos 1.6.4 (2024-02-01)

Welcome to the v1.6.4 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

containerd: 1.7.13
runc: 1.1.12

See CVE-2024-21626 for the runc update.

Talos is built with Go 1.21.6.

Contributors

  • Andrey Smirnov
  • Andrey Smirnov
  • Dmitriy Matrenichev
  • Utku Ozdemir
  • Noel Georgi
  • Artem Chernyshev

Changes

7 commits

  • 431bcada7 release(v1.6.4): prepare release
  • 040c535c6 fix: retry blockdevice open in the installer
  • 00b34b254 fix: take into account the moment seen when cleaning up CRI images
  • c5ad166be fix: be more tolerant to error handling in Mounts API
  • b438f8a9b fix: run the interactive installer loop to report errors
  • 12e83b7e3 docs: clarify node taints/labels for worker nodes
  • 7840f8a89 feat: update containerd 1.7.13, runc 1.1.12

Changes from siderolabs/go-api-signature

20 commits

Changes from siderolabs/pkgs

1 commit

Dependency Changes

  • github.com/containerd/containerd v1.7.11 -> v1.7.13
  • github.com/opencontainers/runtime-spec v1.1.0-rc.1 -> v1.1.0
  • github.com/siderolabs/go-api-signature v0.3.1 new
  • github.com/siderolabs/pkgs v1.6.0-15-gf51aedb -> v1.6.0-16-gb77ffb7
  • github.com/siderolabs/talos/pkg/machinery v1.6.3 -> v1.6.4

Previous release can be found at v1.6.3

Images

ghcr.io/siderolabs/flannel:v0.23.0
ghcr.io/siderolabs/install-cni:v1.6.0-1-g113887a
registry.k8s.io/coredns/coredns:v1.11.1
gcr.io/etcd-development/etcd:v3.5.11
registry.k8s.io/kube-apiserver:v1.29.1
registry.k8s.io/kube-controller-manager:v1.29.1
registry.k8s.io/kube-scheduler:v1.29.1
registry.k8s.io/kube-proxy:v1.29.1
ghcr.io/siderolabs/kubelet:v1.29.1
ghcr.io/siderolabs/installer:v1.6.4
registry.k8s.io/pause:3.8
Assets 62
Loading
0 Join discussion

v1.6.3

24 Jan 15:26
@talos-bot talos-bot
v1.6.3
This tag was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
d53e07c
This commit was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.6.3

Talos 1.6.3 (2024-01-24)

Welcome to the v1.6.3 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

Linux: 6.1.74
Kubernetes: 1.29.1

Talos is built with Go 1.21.6.

Contributors

  • Andrey Smirnov

Changes

4 commits

  • d53e07c1a release(v1.6.3): prepare release
  • 815fef8c3 fix: allow META encoded values to be compressed
  • 56e87f55b feat: update Kubernetes default to 1.29.1
  • 63fc46f0a feat: update Linux to 6.1.74

Changes from siderolabs/pkgs

3 commits

Dependency Changes

  • github.com/siderolabs/pkgs v1.6.0-12-g0078a66 -> v1.6.0-15-gf51aedb
  • github.com/siderolabs/talos/pkg/machinery v1.6.2 -> v1.6.3
  • k8s.io/api v0.29.0 -> v0.29.1
  • k8s.io/apimachinery v0.29.0 -> v0.29.1
  • k8s.io/apiserver v0.29.0 -> v0.29.1
  • k8s.io/client-go v0.29.0 -> v0.29.1
  • k8s.io/component-base v0.29.0 -> v0.29.1
  • k8s.io/cri-api v0.29.0 -> v0.29.1
  • k8s.io/kube-scheduler v0.29.0 -> v0.29.1
  • k8s.io/kubectl v0.29.0 -> v0.29.1
  • k8s.io/kubelet v0.29.0 -> v0.29.1

Previous release can be found at v1.6.2

Images

ghcr.io/siderolabs/flannel:v0.23.0
ghcr.io/siderolabs/install-cni:v1.6.0-1-g113887a
registry.k8s.io/coredns/coredns:v1.11.1
gcr.io/etcd-development/etcd:v3.5.11
registry.k8s.io/kube-apiserver:v1.29.1
registry.k8s.io/kube-controller-manager:v1.29.1
registry.k8s.io/kube-scheduler:v1.29.1
registry.k8s.io/kube-proxy:v1.29.1
ghcr.io/siderolabs/kubelet:v1.29.1
ghcr.io/siderolabs/installer:v1.6.3
registry.k8s.io/pause:3.8
Assets 62
Loading
0 Join discussion

v1.6.2

18 Jan 16:17
@talos-bot talos-bot
v1.6.2
This tag was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
26eee75
This commit was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.6.2

Talos 1.6.2 (2024-01-18)

Welcome to the v1.6.2 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

Linux: 6.1.73

Talos is built with Go 1.21.6.

Contributors

  • Andrey Smirnov
  • Utku Ozdemir
  • Dmitriy Matrenichev
  • Drew Hess
  • Hervé Werner
  • JJGadgets
  • Jonomir
  • Serge Logvinov

Changes

16 commits

  • 26eee7553 release(v1.6.2): prepare release
  • f87a0468b fix: strategic patch merging for audit policy
  • 36b913dba fix: watch bufer overrun for RouteStatus
  • 3576d113c fix: fix .der output in talosctl gen secureboot
  • 0191c3b2c fix: support KubePrism settings in Kubernetes Discovery
  • 8fa6e93f0 fix: force KubePrism to connect using IPv4
  • e05eebca1 fix: update kmsg with utf-8 fix
  • 37bfa60dd fix: merge ports and ingress configs correctly in NetworkRuleConfig
  • 306c5cad2 fix: fix nodes on dashboard footer when node names are used in --nodes
  • 530332d24 fix: disk UUID & WWID always empty in talosctl disks
  • 440f56341 chore: pull in NBD modules
  • 3ebdbabaf fix: default priority for ipv6
  • b47619543 fix: replace the filemap implementation to not buffer in memory
  • 0ec551597 fix: imager should support different Talos versions
  • 4b3168624 feat: support iPXE direct booting in talosctl cluster create
  • d98699c07 feat: update Linux 6.1.73, go 1.21.6

Changes from siderolabs/go-kmsg

2 commits

Changes from siderolabs/pkgs

3 commits

Changes from siderolabs/tools

1 commit

Dependency Changes

  • github.com/pin/tftp 2f79be2dba4e new
  • github.com/siderolabs/go-kmsg v0.1.3 -> v0.1.4
  • github.com/siderolabs/pkgs v1.6.0-9-g8fa73db -> v1.6.0-12-g0078a66
  • github.com/siderolabs/talos/pkg/machinery v1.6.1 -> v1.6.2
  • github.com/siderolabs/tools v1.6.0-1-g336d248 -> v1.6.0-2-g5e034ec
  • golang.org/x/sys v0.15.0 -> v0.16.0

Previous release can be found at v1.6.1

Images

ghcr.io/siderolabs/flannel:v0.23.0
ghcr.io/siderolabs/install-cni:v1.6.0-1-g113887a
registry.k8s.io/coredns/coredns:v1.11.1
gcr.io/etcd-development/etcd:v3.5.11
registry.k8s.io/kube-apiserver:v1.29.0
registry.k8s.io/kube-controller-manager:v1.29.0
registry.k8s.io/kube-scheduler:v1.29.0
registry.k8s.io/kube-proxy:v1.29.0
ghcr.io/siderolabs/kubelet:v1.29.0
ghcr.io/siderolabs/installer:v1.6.2
registry.k8s.io/pause:3.8
Assets 62
Loading
3 Join discussion

v1.6.1

22 Dec 11:24
@talos-bot talos-bot
v1.6.1
This tag was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
0af17af
This commit was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.6.1

Talos 1.6.1 (2023-12-22)

Welcome to the v1.6.1 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

Linux: 6.1.69
containerd: 1.7.11

Talos is built with Go 1.21.5.

Contributors

  • Andrey Smirnov
  • Radosław Piliszek

Changes

5 commits

  • 0af17af3a release(v1.6.1): prepare release
  • 8355c9eef fix: properly overwrite files on install
  • 2e9901751 fix: update the way secureboot signer fetches certificate (azure)
  • 4caffd383 fix: use correct prefix when installing SBC files
  • 9e56d539b feat: update Linux to 6.1.69, containerd to 1.7.11

Changes from siderolabs/pkgs

4 commits

Dependency Changes

  • github.com/containerd/containerd v1.7.9 -> v1.7.11
  • github.com/siderolabs/pkgs v1.6.0-5-g3ae2450 -> v1.6.0-9-g8fa73db
  • github.com/siderolabs/talos/pkg/machinery v1.6.0 -> v1.6.1

Previous release can be found at v1.6.0

Images

ghcr.io/siderolabs/flannel:v0.23.0
ghcr.io/siderolabs/install-cni:v1.6.0-1-g113887a
registry.k8s.io/coredns/coredns:v1.11.1
gcr.io/etcd-development/etcd:v3.5.11
registry.k8s.io/kube-apiserver:v1.29.0
registry.k8s.io/kube-controller-manager:v1.29.0
registry.k8s.io/kube-scheduler:v1.29.0
registry.k8s.io/kube-proxy:v1.29.0
ghcr.io/siderolabs/kubelet:v1.29.0
ghcr.io/siderolabs/installer:v1.6.1
registry.k8s.io/pause:3.8
Assets 62
Loading
2 Join discussion

v1.6.0

15 Dec 10:56
@talos-bot talos-bot
v1.6.0
This tag was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
eddd188
This commit was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.6.0

Talos 1.6.0 (2023-12-15)

Welcome to the v1.6.0 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

OAuth2 Machine Config Flow

Talos Linux when running on the metal platform can be configured to authenticate the machine configuration download using OAuth2 device flow.

Network Device Selectors

Previously, network device selectors only matched the first link, now the configuration is applied to all matching links.

Extension Services

Talos now starts Extension Services early in the boot process, this allows guest agents to be started in maintenance mode.

Linux Firmware

Starting with Talos 1.6, there is no Linux firmware included in the initramfs.
Customers who need Linux firmware can pull them as extension during install time using the image factory service.
If the initial boot requires firmware, a custom iso can be built with the firmware included using the image factory service.
This also ensures that the linux-firmware is not tied to a specific Talos version.

Flannel Configuration

Talos Linux now supports customizing default Flannel manifest with extra arguments for flanneld.

cluster:
  network:
    cni:
      flannel:
        extraArgs:
          - --iface-can-reach=192.168.1.1

Ingress Firewall

Talos Linux now supports configuring the ingress firewall rules.

Kernel Arguments

Talos and Imager now supports dropping kernel arguments specified in .machine.install.extraKernelArgs or as --extra-kernel-arg to imager.
Any kernel argument that starts with a - is dropped. Kernel arguments to be dropped can be specified either as -<key> which would remove all arguments that start with <key> or as -<key>=<value> which would remove the exact argument.

Kube-Scheduler Configuration

Talos now supports specifying the kube-scheduler configuration in the Talos configuration file.
It can be set under cluster.scheduler.config and kube-scheduler will be automatically configured to with the correct flags.

Kubelet Credential Provider Configuration

Talos now supports specifying the kubelet credential provider configuration in the Talos configuration file.
It can be set under machine.kubelet.credentialProviderConfig and kubelet will be automatically configured to with the correct flags.
The credential binaries are expected to be present under /usr/local/lib/kubelet/credentialproviders.
Talos System Extensions can be used to install the credential binaries.

KubePrism

KubePrism is enabled by default on port 7445.

Sysctl

Talos now handles sysctl/sysfs key names in line with sysctl.conf(5):

  • if the first separator is '/', no conversion is done
  • if the first separator is '.', dots and slashes are remapped

Example (both sysctls are equivalent):

machine:
  sysctls:
    net/ipv6/conf/eth0.100/disable_ipv6: "1"
    net.ipv6.conf.eth0/100.disable_ipv6: "1"

talosctl CLI

The command images deprecated in Talos 1.5 was removed, please use talosctl images default instead.

Component Updates

Linux: 6.1.67
containerd: 1.7.10
CoreDNS: 1.11.1
Kubernetes: 1.29.0
Flannel: 0.23.0
etcd: 3.5.11
runc: 1.1.10

Talos is built with Go 1.21.5.

User Disks

Talos Linux now supports specifying user disks in .machine.disks machine configuration links via udev symlinks, e.g. /dev/disk/by-id/XXXX.

Contributors

  • Andrey Smirnov
  • Noel Georgi
  • Dmitriy Matrenichev
  • Oscar Utbult
  • Serge Logvinov
  • Andrey Smirnov
  • Artem Chernyshev
  • Utku Ozdemir
  • Nico Berlee
  • Radosław Piliszek
  • Steve Francis
  • Thomas Way
  • ndbrew
  • Andrei Kvapil
  • Christian Rolland
  • Drew Hess
  • Enno Boland
  • Florian Berchtold
  • Henry Sachs
  • Jacob McSwain
  • Jacob McSwain
  • Jared Davenport
  • Mans Matulewicz
  • Nebula
  • Sascha Desch
  • Spencer Smith
  • Thomas Lemarchand
  • Tim Jones
  • Zachary Milonas
  • budimanjojo
  • guoguangwu
  • mikucat0309

Changes

218 commits

  • eddd188c9 release(v1.6.0): prepare release
  • d42fd10c0 chore: fix the gvisor test
  • 333c462c5 feat: update Kubernetes to v1.29.0
  • 61e6df169 fix: leave discovery service later in the reset sequence
  • ef15a1f23 feat: provide compatibility for future Talos 1.7
  • c155602ca fix: add a KubeSpan option to disable extra endpoint harvesting
  • 5371eedd6 feat: send actor id to the SideroLink events sink
  • 997f83f1f docs: cap max heading level
  • d9db4cf76 feat: update Kubernetes to v1.29.0-rc.2
  • d510df5df chore: enable kubespan+firewall for cilium tests
  • b61b30056 chore: optimize pcap dump
  • 007d9f673 feat: update Linux to 6.1.67
  • 7b7fb367e release(v1.6.0-beta.1): prepare release
  • fe6661128 fix: talosctl cluster create not to enforce kubeprism always
  • 41fc05438 fix: support user disks via symlinks
  • 1fe7f2840 docs: rework machine config documentation generation
  • e45794064 chore: fix the release.toml
  • 591cfb456 fix: store and execute desired action on emergency action
  • fee63ac26 fix: trim leading spaces\newlines in inline manifest contents
  • cc16b9689 fix: skip writing the file if the contents haven't changed
  • ecee92c90 fix: do not panic in merge.Merge if map value is nil
  • c2259bff3 feat: update Go 1.21.5, Linux 6.1.65, etcd 3.5.11
  • c4dff49b3 release(v1.6.0-beta.0): prepare release
  • d8a435f0e fix: initialize boot assets with defaults early
  • c6835de17 fix: pick etcd adverised addresses from 'current' addresses
  • 6b5bc8b85 feat: update Linux to 6.1.64
  • e71e3e416 feat: support extra arguments for flanneld
  • 36c8ddb5e feat: implement ingress firewall rules
  • 0b111ecb8 fix: support slices of enums and fix NfTablesConntrackStateMatch
  • 9a8521741 feat: improve nftables backend
  • db4e2539d feat: update Kubernetes 1.29.0-rc.1 and other bumps
  • 7a4a92854 feat: support sanitized kernel args
  • f041b2629 chore: add tests for mdadm extension
  • e46e6a312 feat: implement nftables backend
  • ba827bf8b chore: support getting multiple endpoints from the Provision rpc call
  • dd45dd06c chore: add custom node taints
  • 8e2307466 docs: fix talosctl pcap argument
  • e4a050cb1 docs: fix talosctl inspect dependencies example indentation
  • fbcf4264f docs: fix talosctl dashboard cli docs
  • 70d53ee13 chore: deprecate .persist and .extensions
  • 95e33f6fc release(v1.6.0-alpha.2): prepare release
  • 514e514ba feat: update Linux 6.1.63, containerd 1.7.9
  • aca8b5e17 fix: ignore kernel command line in container mode
  • 020a0eb63 docs: fix table formatting for bootstraprequest
  • 0eb245e04 docs: fix talosctl pcap example indentation
  • de6caf534 docs: fix table formatting for machineservice api
  • 27d208c26 feat: implement OAuth2 device flow for machine config
  • 5c8fa2a80 chore: start containerd early in boot
  • 95a252cfc docs: fix link in what is new page
  • 0d3c3ed71 feat: support kube scheduler config
  • 06941b7e5 fix: allow rootfs propagation configuration for extension services
  • 57dc796f3 docs: update lastRelease to v1.5.5 in _index.md
  • 21d944a64 docs: add timezone information
  • 4f1ad16c7 feat: support kubelet credentialprovider config
  • 71a3bf0e3 fix: allow extra kernel args for secureboot installer
  • f38eaaab8 feat: rework secureboot and PCR signing key
  • 6eade3d5e chore: add ability to rewrite uuids and set unique tokens for Talos
  • e9c7ac17a fix: set max msg recv size when proxying
  • e22ab440d feat: update Linux 6.1.61, containerd 1.7.8, runc 1.1.10
  • 8245361f9 feat: show first 32 bytes of response body on download error
  • 75d3987c0 chore: drop sha1 from genereated pcr json
  • 6f32d2990 feat: add .der output talosctl gen secureboot pcr
  • 87c40da6c fix: proper logging in machined on startup
  • a54da5f64 fix: image build for nanopi_4s
  • 6f3cd0593 refactor: update packet capture to use 'afpacket' interface
  • 813442dd7 fix: don't validate machine.install if installed
  • dff60069c feat: update Kubernetes to 1.29.0-alpha.3
  • c97db5dfe chore: bump Go dependencies
  • 807a9950a fix: use custom Talos/kernel version when generating UKI
  • eb94468a6 docs: add documentation for Image Factory
  • 2e78513e1 refactor: drop the dependency link platform -> network ctrl
  • 6dc776b8a fix: when writing to META in the installer/imager, use fixed name
  • 3703041e9 ch...
Read more
Assets 53
Loading
2 Join discussion

v1.6.0-beta.1

08 Dec 15:48
@talos-bot talos-bot
v1.6.0-beta.1
This tag was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
7b7fb36
This commit was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.6.0-beta.1 Pre-release
Pre-release

Talos 1.6.0-beta.1 (2023-12-08)

Welcome to the v1.6.0-beta.1 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

OAuth2 Machine Config Flow

Talos Linux when running on the metal platform can be configured to authenticate the machine configuration download using OAuth2 device flow.

Network Device Selectors

Previously, network device selectors only matched the first link, now the configuration is applied to all matching links.

Extension Services

Talos now starts Extension Services early in the boot process, this allows guest agents to be started in maintenance mode.

Linux Firmware

Starting with Talos 1.6, there is no Linux firmware included in the initramfs.
Customers who need Linux firmware can pull them as extension during install time using the image factory service.
If the initial boot requires firmware, a custom iso can be built with the firmware included using the image factory service.
This also ensures that the linux-firmware is not tied to a specific Talos version.

Flannel Configuration

Talos Linux now supports customizing default Flannel manifest with extra arguments for flanneld.

cluster:
  network:
    cni:
      flannel:
        extraArgs:
          - --iface-can-reach=192.168.1.1

Ingress Firewall

Talos Linux now supports configuring the ingress firewall rules.

Kernel Arguments

Talos and Imager now supports dropping kernel arguments specified in .machine.install.extraKernelArgs or as --extra-kernel-arg to imager.
Any kernel argument that starts with a - is dropped. Kernel arguments to be dropped can be specified either as -<key> which would remove all arguments that start with <key> or as -<key>=<value> which would remove the exact argument.

Kube-Scheduler Configuration

Talos now supports specifying the kube-scheduler configuration in the Talos configuration file.
It can be set under cluster.scheduler.config and kube-scheduler will be automatically configured to with the correct flags.

Kubelet Credential Provider Configuration

Talos now supports specifying the kubelet credential provider configuration in the Talos configuration file.
It can be set under machine.kubelet.credentialProviderConfig and kubelet will be automatically configured to with the correct flags.
The credential binaries are expected to be present under /usr/local/lib/kubelet/credentialproviders.
Talos System Extensions can be used to install the credential binaries.

KubePrism

KubePrism is enabled by default on port 7445.

Sysctl

Talos now handles sysctl/sysfs key names in line with sysctl.conf(5):

  • if the first separator is '/', no conversion is done
  • if the first separator is '.', dots and slashes are remapped

Example (both sysctls are equivalent):

machine:
  sysctls:
    net/ipv6/conf/eth0.100/disable_ipv6: "1"
    net.ipv6.conf.eth0/100.disable_ipv6: "1"

talosctl CLI

The command images deprecated in Talos 1.5 was removed, please use talosctl images default instead.

Component Updates

Linux: 6.1.65
containerd: 1.7.10
CoreDNS: 1.11.1
Kubernetes: 1.29.0-rc.1
Flannel: 0.23.0
etcd: 3.5.11
runc: 1.1.10

Talos is built with Go 1.21.4.

User Disks

Talos Linux now supports specifying user disks in .machine.disks machine configuration links via udev symlinks, e.g. /dev/disk/by-id/XXXX.

Contributors

  • Andrey Smirnov
  • Noel Georgi
  • Dmitriy Matrenichev
  • Oscar Utbult
  • Serge Logvinov
  • Andrey Smirnov
  • Utku Ozdemir
  • Artem Chernyshev
  • Nico Berlee
  • Radosław Piliszek
  • Steve Francis
  • Thomas Way
  • ndbrew
  • Andrei Kvapil
  • Christian Rolland
  • Drew Hess
  • Enno Boland
  • Florian Berchtold
  • Henry Sachs
  • Jacob McSwain
  • Jacob McSwain
  • Jared Davenport
  • Mans Matulewicz
  • Nebula
  • Sascha Desch
  • Spencer Smith
  • Thomas Lemarchand
  • Tim Jones
  • Zachary Milonas
  • budimanjojo
  • guoguangwu
  • mikucat0309

Changes

206 commits

  • 7b7fb367e release(v1.6.0-beta.1): prepare release
  • fe6661128 fix: talosctl cluster create not to enforce kubeprism always
  • 41fc05438 fix: support user disks via symlinks
  • 1fe7f2840 docs: rework machine config documentation generation
  • e45794064 chore: fix the release.toml
  • 591cfb456 fix: store and execute desired action on emergency action
  • fee63ac26 fix: trim leading spaces\newlines in inline manifest contents
  • cc16b9689 fix: skip writing the file if the contents haven't changed
  • ecee92c90 fix: do not panic in merge.Merge if map value is nil
  • c2259bff3 feat: update Go 1.21.5, Linux 6.1.65, etcd 3.5.11
  • c4dff49b3 release(v1.6.0-beta.0): prepare release
  • d8a435f0e fix: initialize boot assets with defaults early
  • c6835de17 fix: pick etcd adverised addresses from 'current' addresses
  • 6b5bc8b85 feat: update Linux to 6.1.64
  • e71e3e416 feat: support extra arguments for flanneld
  • 36c8ddb5e feat: implement ingress firewall rules
  • 0b111ecb8 fix: support slices of enums and fix NfTablesConntrackStateMatch
  • 9a8521741 feat: improve nftables backend
  • db4e2539d feat: update Kubernetes 1.29.0-rc.1 and other bumps
  • 7a4a92854 feat: support sanitized kernel args
  • f041b2629 chore: add tests for mdadm extension
  • e46e6a312 feat: implement nftables backend
  • ba827bf8b chore: support getting multiple endpoints from the Provision rpc call
  • dd45dd06c chore: add custom node taints
  • 8e2307466 docs: fix talosctl pcap argument
  • e4a050cb1 docs: fix talosctl inspect dependencies example indentation
  • fbcf4264f docs: fix talosctl dashboard cli docs
  • 70d53ee13 chore: deprecate .persist and .extensions
  • 95e33f6fc release(v1.6.0-alpha.2): prepare release
  • 514e514ba feat: update Linux 6.1.63, containerd 1.7.9
  • aca8b5e17 fix: ignore kernel command line in container mode
  • 020a0eb63 docs: fix table formatting for bootstraprequest
  • 0eb245e04 docs: fix talosctl pcap example indentation
  • de6caf534 docs: fix table formatting for machineservice api
  • 27d208c26 feat: implement OAuth2 device flow for machine config
  • 5c8fa2a80 chore: start containerd early in boot
  • 95a252cfc docs: fix link in what is new page
  • 0d3c3ed71 feat: support kube scheduler config
  • 06941b7e5 fix: allow rootfs propagation configuration for extension services
  • 57dc796f3 docs: update lastRelease to v1.5.5 in _index.md
  • 21d944a64 docs: add timezone information
  • 4f1ad16c7 feat: support kubelet credentialprovider config
  • 71a3bf0e3 fix: allow extra kernel args for secureboot installer
  • f38eaaab8 feat: rework secureboot and PCR signing key
  • 6eade3d5e chore: add ability to rewrite uuids and set unique tokens for Talos
  • e9c7ac17a fix: set max msg recv size when proxying
  • e22ab440d feat: update Linux 6.1.61, containerd 1.7.8, runc 1.1.10
  • 8245361f9 feat: show first 32 bytes of response body on download error
  • 75d3987c0 chore: drop sha1 from genereated pcr json
  • 6f32d2990 feat: add .der output talosctl gen secureboot pcr
  • 87c40da6c fix: proper logging in machined on startup
  • a54da5f64 fix: image build for nanopi_4s
  • 6f3cd0593 refactor: update packet capture to use 'afpacket' interface
  • 813442dd7 fix: don't validate machine.install if installed
  • dff60069c feat: update Kubernetes to 1.29.0-alpha.3
  • c97db5dfe chore: bump Go dependencies
  • 807a9950a fix: use custom Talos/kernel version when generating UKI
  • eb94468a6 docs: add documentation for Image Factory
  • 2e78513e1 refactor: drop the dependency link platform -> network ctrl
  • 6dc776b8a fix: when writing to META in the installer/imager, use fixed name
  • 3703041e9 chore: remove uneeded code
  • cbe6e7622 fix: generate images for SBCs using imager
  • 5dff164f1 fix: fix error output of cli action tracker
  • ef5056122 feat: update etcd to 3.5.10
  • 45ae80873 chore: bump go-api-signature dependency to v0.3.1
  • ffa5e05cb fix: make Talos work on Rockpi 4c boards again
  • 8eba4c599 feat: generate secrets bundle from the machine config
  • c7de745f6 chore: drop deprecated code
  • cc0c3ab69 docs: update rpi_generic.md
  • a009f5c60 fix: accept sysctl paths with dots
  • 4919f6ee2 feat: add GOMEMLIMIT to shipped manifests with memory limits
  • 73ee576ea chore: update ...
Read more
Assets 62
Loading
0 Join discussion

v1.6.0-beta.0

01 Dec 19:06
@talos-bot talos-bot
v1.6.0-beta.0
This tag was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
c4dff49
This commit was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.6.0-beta.0 Pre-release
Pre-release

Talos 1.6.0-beta.0 (2023-12-01)

Welcome to the v1.6.0-beta.0 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Kubelet Credential Provider Configuration

Talos now supports specifying the kubelet credential provider configuration in the Talos configuration file.
It can be set under machine.kubelet.credentialProviderConfig and kubelet will be automatically configured to with the correct flags.
The credential binaries are expected to be present under /usr/local/lib/kubelet/credentialproviders.
Talos System Extensions can be used to install the credential binaries.

Network Device Selectors

Previously, network device selectors only matched the first link, now the configuration is applied to all matching links.

Extension Services

Talos now starts Extension Services early in the boot process, this allows guest agents to be started in maintenance mode.

Linux Firmware

Starting with Talos 1.6, there is no Linux firmware included in the initramfs.
Customers who need Linux firmware can pull them as extension during install time using the image factory service.
If the initial boot requires firmware, a custom iso can be built with the firmware included using the image factory service.
This also ensures that the linux-firmware is not tied to a specific Talos version.

Kernel Arguments

Talos and Imager now supports dropping kernel arguments specified in .machine.install.extraKernelArgs or as --extra-kernel-arg to imager.
Any kernel argument that starts with a - is dropped. Kernel arguments to be dropped can be specified either as -<key> which would remove all arguments that start with <key> or as -<key>=<value> which would remove the exact argument.

Kube-Scheduler Configuration

Talos now supports specifying the kube-scheduler configuration in the Talos configuration file.
It can be set under cluster.scheduler.config and kube-scheduler will be automatically configured to with the correct flags.

KubePrism

KubePrism is enabled by default on port 7445.

Sysctl

Talos now handles sysctl/sysfs key names in line with sysctl.conf(5):

  • if the first separator is '/', no conversion is done
  • if the first separator is '.', dots and slashes are remapped

Example (both sysctls are equivalent):

machine:
  sysctls:
    net/ipv6/conf/eth0.100/disable_ipv6: "1"
    net.ipv6.conf.eth0/100.disable_ipv6: "1"

talosctl CLI

The command images deprecated in Talos 1.5 was removed, please use talosctl images default instead.

Component Updates

Linux: 6.1.64
containerd: 1.7.10
CoreDNS: 1.11.1
Kubernetes: 1.29.0-rc.1
Flannel: 0.23.0
etcd: 3.5.10
runc: 1.1.10

Talos is built with Go 1.21.4.

Contributors

  • Andrey Smirnov
  • Noel Georgi
  • Dmitriy Matrenichev
  • Oscar Utbult
  • Serge Logvinov
  • Andrey Smirnov
  • Utku Ozdemir
  • Artem Chernyshev
  • Nico Berlee
  • Radosław Piliszek
  • Steve Francis
  • Thomas Way
  • ndbrew
  • Andrei Kvapil
  • Christian Rolland
  • Drew Hess
  • Enno Boland
  • Florian Berchtold
  • Henry Sachs
  • Jacob McSwain
  • Jacob McSwain
  • Jared Davenport
  • Mans Matulewicz
  • Nebula
  • Sascha Desch
  • Spencer Smith
  • Thomas Lemarchand
  • Tim Jones
  • Zachary Milonas
  • budimanjojo
  • guoguangwu
  • mikucat0309

Changes

196 commits

  • c4dff49b3 release(v1.6.0-beta.0): prepare release
  • d8a435f0e fix: initialize boot assets with defaults early
  • c6835de17 fix: pick etcd adverised addresses from 'current' addresses
  • 6b5bc8b85 feat: update Linux to 6.1.64
  • e71e3e416 feat: support extra arguments for flanneld
  • 36c8ddb5e feat: implement ingress firewall rules
  • 0b111ecb8 fix: support slices of enums and fix NfTablesConntrackStateMatch
  • 9a8521741 feat: improve nftables backend
  • db4e2539d feat: update Kubernetes 1.29.0-rc.1 and other bumps
  • 7a4a92854 feat: support sanitized kernel args
  • f041b2629 chore: add tests for mdadm extension
  • e46e6a312 feat: implement nftables backend
  • ba827bf8b chore: support getting multiple endpoints from the Provision rpc call
  • dd45dd06c chore: add custom node taints
  • 8e2307466 docs: fix talosctl pcap argument
  • e4a050cb1 docs: fix talosctl inspect dependencies example indentation
  • fbcf4264f docs: fix talosctl dashboard cli docs
  • 70d53ee13 chore: deprecate .persist and .extensions
  • 95e33f6fc release(v1.6.0-alpha.2): prepare release
  • 514e514ba feat: update Linux 6.1.63, containerd 1.7.9
  • aca8b5e17 fix: ignore kernel command line in container mode
  • 020a0eb63 docs: fix table formatting for bootstraprequest
  • 0eb245e04 docs: fix talosctl pcap example indentation
  • de6caf534 docs: fix table formatting for machineservice api
  • 27d208c26 feat: implement OAuth2 device flow for machine config
  • 5c8fa2a80 chore: start containerd early in boot
  • 95a252cfc docs: fix link in what is new page
  • 0d3c3ed71 feat: support kube scheduler config
  • 06941b7e5 fix: allow rootfs propagation configuration for extension services
  • 57dc796f3 docs: update lastRelease to v1.5.5 in _index.md
  • 21d944a64 docs: add timezone information
  • 4f1ad16c7 feat: support kubelet credentialprovider config
  • 71a3bf0e3 fix: allow extra kernel args for secureboot installer
  • f38eaaab8 feat: rework secureboot and PCR signing key
  • 6eade3d5e chore: add ability to rewrite uuids and set unique tokens for Talos
  • e9c7ac17a fix: set max msg recv size when proxying
  • e22ab440d feat: update Linux 6.1.61, containerd 1.7.8, runc 1.1.10
  • 8245361f9 feat: show first 32 bytes of response body on download error
  • 75d3987c0 chore: drop sha1 from genereated pcr json
  • 6f32d2990 feat: add .der output talosctl gen secureboot pcr
  • 87c40da6c fix: proper logging in machined on startup
  • a54da5f64 fix: image build for nanopi_4s
  • 6f3cd0593 refactor: update packet capture to use 'afpacket' interface
  • 813442dd7 fix: don't validate machine.install if installed
  • dff60069c feat: update Kubernetes to 1.29.0-alpha.3
  • c97db5dfe chore: bump Go dependencies
  • 807a9950a fix: use custom Talos/kernel version when generating UKI
  • eb94468a6 docs: add documentation for Image Factory
  • 2e78513e1 refactor: drop the dependency link platform -> network ctrl
  • 6dc776b8a fix: when writing to META in the installer/imager, use fixed name
  • 3703041e9 chore: remove uneeded code
  • cbe6e7622 fix: generate images for SBCs using imager
  • 5dff164f1 fix: fix error output of cli action tracker
  • ef5056122 feat: update etcd to 3.5.10
  • 45ae80873 chore: bump go-api-signature dependency to v0.3.1
  • ffa5e05cb fix: make Talos work on Rockpi 4c boards again
  • 8eba4c599 feat: generate secrets bundle from the machine config
  • c7de745f6 chore: drop deprecated code
  • cc0c3ab69 docs: update rpi_generic.md
  • a009f5c60 fix: accept sysctl paths with dots
  • 4919f6ee2 feat: add GOMEMLIMIT to shipped manifests with memory limits
  • 73ee576ea chore: update sonobuouy library, drop the fork
  • c23bc2f4a chore: support OCI layout as a source for profile input
  • 154bbd70f docs: fix talos version in guide for docker
  • 11d1f6163 release(v1.6.0-alpha.1): prepare release
  • 9dfae8467 chore: update dependencies
  • 38ce3c827 feat: nocloud prefer mac address
  • 401e89411 feat: customize image size
  • 865f08f86 docs: kubeadm migration guide improvements
  • c3e418200 refactor: use COSI runtime with new controller runtime DB
  • c1ee24465 feat: update Kubernetes to v1.29.0-alpha.2
  • 0ff7350ab fix: oracle integration fixes
  • 675bada45 test: add config generation stability tests
  • f9639fb53 test: fix 'talosctl gen' tests
  • 6142d87a0 feat: hostname configuration improvements on the NoCloud platform
  • 7bb205ebe fix: don't use runtime-specs Mount struct in machine config
  • d1b27926c feat: update Go to 1.21.3
  • b87092ab6 fix: handle secure boot state policy pcr digest error
  • 498aeb8c3 docs: fix incorrect image suffix
  • c14a5d4f7 feat: support service account auth in cli
  • 336aee0fd fix: use tpm2 hash algorithm constants and allow non-SHA-256 PCRs
  • 69d8054c9 chore: drop UpdateEndpointSuite
  • ef7be16c8 fix: clear the encryption config in META when STATE is reset
  • 5fc60d2ca feat: add Solarflare S...
Read more
Assets 62
Loading
0 Join discussion

v1.6.0-alpha.2

21 Nov 23:21
@talos-bot talos-bot
v1.6.0-alpha.2
This tag was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
95e33f6
This commit was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.6.0-alpha.2 Pre-release
Pre-release

Talos 1.6.0-alpha.2 (2023-11-21)

Welcome to the v1.6.0-alpha.2 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Kubelet Credential Provider Configuration

Talos now supports specifying the kubelet credential provider configuration in the Talos configuration file.
It can be set under machine.kubelet.credentialProviderConfig and kubelet will be automatically configured to with the correct flags.
The credential binaries are expected to be present under /usr/local/lib/kubelet/credentialproviders.
Talos System Extensions can be used to install the credential binaries.

Network Device Selectors

Previously, network device selectors only matched the first link, now the configuration is applied to all matching links.

Linux Firmware

Starting with Talos 1.6, there is no Linux firmware included in the initramfs.
Customers who need Linux firmware can pull them as extension during install time using the image factory service.
If the initial boot requires firmware, a custom iso can be built with the firmware included using the image factory service.
This also ensures that the linux-firmware is not tied to a specific Talos version.

Kube-Scheduler Configuration

Talos now supports specifying the kube-scheduler configuration in the Talos configuration file.
It can be set under cluster.scheduler.config and kube-scheduler will be automatically configured to with the correct flags.

KubePrism

KubePrism is enabled by default on port 7445.

Sysctl

Talos now handles sysctl/sysfs key names in line with sysctl.conf(5):

  • if the first separator is '/', no conversion is done
  • if the first separator is '.', dots and slashes are remapped

Example (both sysctls are equivalent):

machine:
  sysctls:
    net/ipv6/conf/eth0.100/disable_ipv6: "1"
    net.ipv6.conf.eth0/100.disable_ipv6: "1"

talosctl CLI

The command images deprecated in Talos 1.5 was removed, please use talosctl images default instead.

Component Updates

Linux: 6.1.63
containerd: 1.7.9
CoreDNS: 1.11.1
Kubernetes: 1.29.0-alpha.3
Flannel: 0.22.3
etcd: 3.5.10
runc: 1.1.10

Talos is built with Go 1.21.4.

Contributors

  • Andrey Smirnov
  • Noel Georgi
  • Dmitriy Matrenichev
  • Andrey Smirnov
  • Oscar Utbult
  • Serge Logvinov
  • Utku Ozdemir
  • Artem Chernyshev
  • Nico Berlee
  • Radosław Piliszek
  • Steve Francis
  • Thomas Way
  • ndbrew
  • Andrei Kvapil
  • Christian Rolland
  • Drew Hess
  • Enno Boland
  • Florian Berchtold
  • Henry Sachs
  • Jacob McSwain
  • Jacob McSwain
  • Jared Davenport
  • Mans Matulewicz
  • Nebula
  • Sascha Desch
  • Spencer Smith
  • Thomas Lemarchand
  • Tim Jones
  • Zachary Milonas
  • budimanjojo
  • guoguangwu
  • mikucat0309

Changes

178 commits

  • 95e33f6fc release(v1.6.0-alpha.2): prepare release
  • 514e514ba feat: update Linux 6.1.63, containerd 1.7.9
  • aca8b5e17 fix: ignore kernel command line in container mode
  • 020a0eb63 docs: fix table formatting for bootstraprequest
  • 0eb245e04 docs: fix talosctl pcap example indentation
  • de6caf534 docs: fix table formatting for machineservice api
  • 27d208c26 feat: implement OAuth2 device flow for machine config
  • 5c8fa2a80 chore: start containerd early in boot
  • 95a252cfc docs: fix link in what is new page
  • 0d3c3ed71 feat: support kube scheduler config
  • 06941b7e5 fix: allow rootfs propagation configuration for extension services
  • 57dc796f3 docs: update lastRelease to v1.5.5 in _index.md
  • 21d944a64 docs: add timezone information
  • 4f1ad16c7 feat: support kubelet credentialprovider config
  • 71a3bf0e3 fix: allow extra kernel args for secureboot installer
  • f38eaaab8 feat: rework secureboot and PCR signing key
  • 6eade3d5e chore: add ability to rewrite uuids and set unique tokens for Talos
  • e9c7ac17a fix: set max msg recv size when proxying
  • e22ab440d feat: update Linux 6.1.61, containerd 1.7.8, runc 1.1.10
  • 8245361f9 feat: show first 32 bytes of response body on download error
  • 75d3987c0 chore: drop sha1 from genereated pcr json
  • 6f32d2990 feat: add .der output talosctl gen secureboot pcr
  • 87c40da6c fix: proper logging in machined on startup
  • a54da5f64 fix: image build for nanopi_4s
  • 6f3cd0593 refactor: update packet capture to use 'afpacket' interface
  • 813442dd7 fix: don't validate machine.install if installed
  • dff60069c feat: update Kubernetes to 1.29.0-alpha.3
  • c97db5dfe chore: bump Go dependencies
  • 807a9950a fix: use custom Talos/kernel version when generating UKI
  • eb94468a6 docs: add documentation for Image Factory
  • 2e78513e1 refactor: drop the dependency link platform -> network ctrl
  • 6dc776b8a fix: when writing to META in the installer/imager, use fixed name
  • 3703041e9 chore: remove uneeded code
  • cbe6e7622 fix: generate images for SBCs using imager
  • 5dff164f1 fix: fix error output of cli action tracker
  • ef5056122 feat: update etcd to 3.5.10
  • 45ae80873 chore: bump go-api-signature dependency to v0.3.1
  • ffa5e05cb fix: make Talos work on Rockpi 4c boards again
  • 8eba4c599 feat: generate secrets bundle from the machine config
  • c7de745f6 chore: drop deprecated code
  • cc0c3ab69 docs: update rpi_generic.md
  • a009f5c60 fix: accept sysctl paths with dots
  • 4919f6ee2 feat: add GOMEMLIMIT to shipped manifests with memory limits
  • 73ee576ea chore: update sonobuouy library, drop the fork
  • c23bc2f4a chore: support OCI layout as a source for profile input
  • 154bbd70f docs: fix talos version in guide for docker
  • 11d1f6163 release(v1.6.0-alpha.1): prepare release
  • 9dfae8467 chore: update dependencies
  • 38ce3c827 feat: nocloud prefer mac address
  • 401e89411 feat: customize image size
  • 865f08f86 docs: kubeadm migration guide improvements
  • c3e418200 refactor: use COSI runtime with new controller runtime DB
  • c1ee24465 feat: update Kubernetes to v1.29.0-alpha.2
  • 0ff7350ab fix: oracle integration fixes
  • 675bada45 test: add config generation stability tests
  • f9639fb53 test: fix 'talosctl gen' tests
  • 6142d87a0 feat: hostname configuration improvements on the NoCloud platform
  • 7bb205ebe fix: don't use runtime-specs Mount struct in machine config
  • d1b27926c feat: update Go to 1.21.3
  • b87092ab6 fix: handle secure boot state policy pcr digest error
  • 498aeb8c3 docs: fix incorrect image suffix
  • c14a5d4f7 feat: support service account auth in cli
  • 336aee0fd fix: use tpm2 hash algorithm constants and allow non-SHA-256 PCRs
  • 69d8054c9 chore: drop UpdateEndpointSuite
  • ef7be16c8 fix: clear the encryption config in META when STATE is reset
  • 5fc60d2ca feat: add Solarflare SFC9000 support
  • 9b5cfdd0b chore: add tests for iscsi
  • b897764f8 docs: update proxmox.md
  • 159f45bde docs: fix typos in CLI calls to endpoints
  • 0bd1bdd74 chore: allow insecure access to installer base image (imager)
  • 10ed13067 fix: the node IP for kubelet shouldn't change if nothing matches
  • e7575ecaa feat: support n-5 latest Kubernetes versions
  • e71508ec1 chore: update dependencies
  • 6d7fa4668 docs: add metal network configuration guide
  • 2b548ad0d feat: update containerd to 1.7.x
  • 62dcfe81e fix: update kubernetes library to support 1.29 upgrades
  • 52caf0763 feat: update Kubernetes to 1.29.0-alpha.1
  • 390137447 feat: enable KubePrism by default
  • 1beb5e86e docs: add KubePrism video
  • a52d3cda3 chore: update gen and COSI runtime
  • 29b201d61 feat: enable common h/w sensors
  • 9c2ba7c6f chore: add tests for chelsio drivers
  • 5ca4d58dc fix: generate of modules.dep when on the machine
  • 5efcccb6b chore: bump kernel to 6.1.54
  • 29c767a02 docs: add control plane nodes as users of apid also for control plane nodes
  • 4874cfb95 chore: fix typo
  • 96f2a62ea test: update upgrade tests versions
  • f3a370acb feat: update Flannel to 0.22.3
  • efdee6965 feat: update Kubernetes to 1.28.2
  • e3b494058 fix: build CPU ucode correctly for early loader
  • c5bd0ac5c refactor: reimplement the depmod extension rebuilder
  • 0b883f52a docs: add notes about stable addressing
  • 3ef670a9e chore: pull in dm module...
Read more
Assets 62
Loading
0 Join discussion

v1.5.5

09 Nov 14:02
@talos-bot talos-bot
v1.5.5
This tag was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
ad7361c
This commit was signed with the committer’s verified signature.
smira Andrey Smirnov
GPG key ID: FE042E3D4085A811
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.5.5

Talos 1.5.5 (2023-11-09)

Welcome to the v1.5.5 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

Linux: 6.1.61
Kubernetes: 1.28.3
etcd: 3.5.10

Talos is built with Go 1.20.11.

Contributors

  • Andrey Smirnov
  • Utku Ozdemir
  • Artem Chernyshev

Changes

9 commits

  • ad7361c72 release(v1.5.5): prepare release
  • 5f70f05e9 fix: don't validate machine.install if installed
  • 0b18d7403 fix: when writing to META in the installer/imager, use fixed name
  • 6be1e5836 fix: fix error output of cli action tracker
  • 059823c4b feat: update etcd to 3.5.10
  • 8c503f0df chore: bump go-api-signature dependency to v0.3.1
  • 61413ed11 fix: make Talos work on Rockpi 4c boards again
  • 6fd9a71b3 feat: update Go 1.20.11, Linux 6.1.61, Kubernetes 1.28.3
  • 9fe31bd42 fix: update gRPC library to 1.57.2

Changes from siderolabs/extras

1 commit

Changes from siderolabs/pkgs

2 commits

Changes from siderolabs/tools

1 commit

Dependency Changes

  • github.com/siderolabs/extras v1.5.0-2-g6241ac7 -> v1.5.0-3-gb43c4e4
  • github.com/siderolabs/pkgs v1.5.0-13-g45cf9b0 -> v1.5.0-15-gab5b0e5
  • github.com/siderolabs/talos/pkg/machinery v1.5.4 -> v1.5.5
  • github.com/siderolabs/tools v1.5.0-2-g8adf637 -> v1.5.0-3-gc95372c
  • go.etcd.io/etcd/api/v3 v3.5.9 -> v3.5.10
  • go.etcd.io/etcd/client/pkg/v3 v3.5.9 -> v3.5.10
  • go.etcd.io/etcd/client/v3 v3.5.9 -> v3.5.10
  • go.etcd.io/etcd/etcdutl/v3 v3.5.9 -> v3.5.10
  • google.golang.org/grpc v1.57.1 -> v1.58.3
  • k8s.io/api v0.28.2 -> v0.28.3
  • k8s.io/apimachinery v0.28.2 -> v0.28.3
  • k8s.io/apiserver v0.28.2 -> v0.28.3
  • k8s.io/client-go v0.28.2 -> v0.28.3
  • k8s.io/component-base v0.28.2 -> v0.28.3
  • k8s.io/cri-api v0.28.2 -> v0.28.3
  • k8s.io/kubectl v0.28.2 -> v0.28.3
  • k8s.io/kubelet v0.28.2 -> v0.28.3

Previous release can be found at v1.5.4

Images

ghcr.io/siderolabs/flannel:v0.22.1
ghcr.io/siderolabs/install-cni:v1.5.0-3-gb43c4e4
registry.k8s.io/coredns/coredns:v1.10.1
gcr.io/etcd-development/etcd:v3.5.10
registry.k8s.io/kube-apiserver:v1.28.3
registry.k8s.io/kube-controller-manager:v1.28.3
registry.k8s.io/kube-scheduler:v1.28.3
registry.k8s.io/kube-proxy:v1.28.3
ghcr.io/siderolabs/kubelet:v1.28.3
ghcr.io/siderolabs/installer:v1.5.5
registry.k8s.io/pause:3.6
Assets 62
Loading
0 Join discussion