Talos Linux is a modern Linux distribution built for Kubernetes.
MPL-2.0 License
Bot releases are visible (Hide)
Published by talos-bot over 1 year ago
Welcome to the v1.4.1 release of Talos!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
talosctl cp
to handle special files in /proc
Previous release can be found at v1.4.0
ghcr.io/siderolabs/flannel:v0.21.4
ghcr.io/siderolabs/install-cni:v1.4.0-1-g9b07505
docker.io/coredns/coredns:1.10.1
gcr.io/etcd-development/etcd:v3.5.8
registry.k8s.io/kube-apiserver:v1.27.1
registry.k8s.io/kube-controller-manager:v1.27.1
registry.k8s.io/kube-scheduler:v1.27.1
registry.k8s.io/kube-proxy:v1.27.1
ghcr.io/siderolabs/kubelet:v1.27.1
ghcr.io/siderolabs/installer:v1.4.1
registry.k8s.io/pause:3.6
Published by talos-bot over 1 year ago
Welcome to the v1.4.0 release of Talos!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Bond links can now be described using device selectors instead of explicit device names:
machine:
network:
interfaces:
- interface: bond0
bond:
deviceSelectors:
- hardwareAddr: '00:50:56:*'
- hardwareAddr: '00:50:57:9c:2c:2d'
talosctl logs -k
and talosctl containers -k
now support and output container display names with their ids.
This allows to distinguish between containers with the same name.
Talos now supports a catch-all option for registry mirrors:
machine:
registries:
mirrors:
docker.io:
- https://registry-1.docker.io/
"*":
- https://my-registry.example.com/
Talos now starts a text-based UI dashboard on virtual console /dev/tty2
and switches to it by default upon boot.
Kernel logs remain available on /dev/tty1
.
To switch TTYs, use the Alt+F1
through Alt+F2
keys.
You can disable this behavior by setting the kernel parameter talos.dashboard.disabled=1
.
This behavior is disabled by default on SBCs.
talos.environment
Talos now supports passing environment variables via talos.environment
kernel argument.
Example:
talos.environment=http_proxy=http://proxy.example.com:8080 talos.environment=https_proxy=http://proxy.example.com:8080
Talos adds new APIs to make it easier to perform etcd maintenance operations.
These APIs are available via new talosctl etcd
sub-commands:
talosctl etcd alarm list|disarm
talosctl etcd defrag
talosctl etcd status
See also etcd maintenance guide.
Talos now supports automatically loading kernel drivers built as modules.
If any system extensions or the Talos base kernel build provides kernel modules and if they matches the system hardware (via PCI IDs), they will be loaded automatically.
Modules can still be loaded explicitly by defining it in machine configuration.
Talos now supports re-building the kernel modules dependency tree information on upgrades.
This allows modules of same name to co-exist as in-tree and external modules.
System Extensions can provide modules installed into extras
directory and when loading it'll take precendence over the in-tree module.
Talos now supports talos.experimental.wipe=system:EPHEMERAL,STATE
kernel argument.
Talos now also supports the new GRUB boot option - "Reset Talos installation and return to maintenance mode".
Both of this options will reset EPHEMERAL and STATE partitions and will return Talos into maintenance mode after the reboot.
Strategic merge config patches correctly support merging .vlans
sections of the network interface.
Talos API was extended to support retrieving a list of network connections (sockets) from the node and pods.
talosctl netstat
command was added to retrieve the list of network connections.
Talos now supports resetting user disks through the Reset API,
the list of disks to wipe is set using the --user-disks-to-wipe
parameter in talosctl
.
Additionally, the Reset API can now function in maintenance mode
and has the capability to wipe the node's system disk (partial wipe is not supported).
Talos now supports a new os:operator
role for the Talos API.
This role allows everything os:reader
role allows plus access to maintenance APIs:
rebooting, shutting down a node, accessing packet capture, etcd alarm APIs, etcd backup, etc.
Talos is built with Go 1.20.3.
Talos now supports loading network configuration on VMWare platform from the metadata
key.
See CAPV IPAM Support and
Talos issue 6708 for details.
Disks API
talosctl logs
might be corruped${code}
--force
flag for talosctl gen
talosctl -k containers
and talosctl -k logs
--context
in talosctl config
cmd--force
flag to talosctl gen config
config.json
watchErr
from metal.getResource
slice.Filter
result slice cap to len/sys/block
/bin
in base
Previous release can be found at v1.3.0
ghcr.io/siderolabs/flannel:v0.21.4
ghcr.io/siderolabs/install-cni:v1.4.0-1-g9b07505
docker.io/coredns/coredns:1.10.1
gcr.io/etcd-development/etcd:v3.5.8
registry.k8s.io/kube-apiserver:v1.27.1
registry.k8s.io/kube-controller-manager:v1.27.1
registry.k8s.io/kube-scheduler:v1.27.1
registry.k8s.io/kube-proxy:v1.27.1
ghcr.io/siderolabs/kubelet:v1.27.1
ghcr.io/siderolabs/installer:v1.4.0
registry.k8s.io/pause:3.6
Published by talos-bot over 1 year ago
Welcome to the v1.4.0-beta.1 release of Talos!
This is a pre-release of Talos
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Bond links can now be described using device selectors instead of explicit device names:
machine:
network:
interfaces:
- interface: bond0
bond:
deviceSelectors:
- hardwareAddr: '00:50:56:*'
- hardwareAddr: '00:50:57:9c:2c:2d'
talosctl logs -k
and talosctl containers -k
now support and output container display names with their ids.
This allows to distinguish between containers with the same name.
Talos now supports a catch-all option for registry mirrors:
machine:
registries:
mirrors:
docker.io:
- https://registry-1.docker.io/
"*":
- https://my-registry.example.com/
Talos now starts a text-based UI dashboard on virtual console /dev/tty2
and switches to it by default upon boot.
Kernel logs remain available on /dev/tty1
.
To switch TTYs, use the Alt+F1
through Alt+F2
keys.
You can disable this behavior by setting the kernel parameter talos.dashboard.disabled=1
.
This behavior is disabled by default on SBCs.
talos.environment
Talos now supports passing environment variables via talos.environment
kernel argument.
Example:
talos.environment=http_proxy=http://proxy.example.com:8080 talos.environment=https_proxy=http://proxy.example.com:8080
Talos adds new APIs to make it easier to perform etcd maintenance operations.
These APIs are available via new talosctl etcd
sub-commands:
talosctl etcd alarm list|disarm
talosctl etcd defrag
talosctl etcd status
See also etcd maintenance guide.
Talos now supports automatically loading kernel drivers built as modules.
If any system extensions or the Talos base kernel build provides kernel modules and if they matches the system hardware (via PCI IDs), they will be loaded automatically.
Modules can still be loaded explicitly by defining it in machine configuration.
Talos now supports re-building the kernel modules dependency tree information on upgrades.
This allows modules of same name to co-exist as in-tree and external modules.
System Extensions can provide modules installed into extras
directory and when loading it'll take precendence over the in-tree module.
Talos now supports talos.experimental.wipe=system:EPHEMERAL,STATE
kernel argument.
Talos now also supports the new GRUB boot option - "Reset Talos installation and return to maintenance mode".
Both of this options will reset EPHEMERAL and STATE partitions and will return Talos into maintenance mode after the reboot.
Strategic merge config patches correctly support merging .vlans
sections of the network interface.
Talos API was extended to support retrieving a list of network connections (sockets) from the node and pods.
talosctl netstat
command was added to retrieve the list of network connections.
Talos now supports resetting user disks through the Reset API,
the list of disks to wipe is set using the --user-disks-to-wipe
parameter in talosctl
.
Additionally, the Reset API can now function in maintenance mode
and has the capability to wipe the node's system disk (partial wipe is not supported).
Talos now supports a new os:operator
role for the Talos API.
This role allows everything os:reader
role allows plus access to maintenance APIs:
rebooting, shutting down a node, accessing packet capture, etcd alarm APIs, etcd backup, etc.
Talos is built with Go 1.20.3.
Talos now supports loading network configuration on VMWare platform from the metadata
key.
See CAPV IPAM Support and
Talos issue 6708 for details.
Disks API
talosctl logs
might be corruped${code}
--force
flag for talosctl gen
talosctl -k containers
and talosctl -k logs
--context
in talosctl config
cmd--force
flag to talosctl gen config
config.json
watchErr
from metal.getResource
slice.Filter
result slice cap to len/sys/block
/bin
in base
Previous release can be found at v1.3.0
ghcr.io/siderolabs/flannel:v0.21.4
ghcr.io/siderolabs/install-cni:v1.4.0-1-g9b07505
docker.io/coredns/coredns:1.10.1
gcr.io/etcd-development/etcd:v3.5.7
registry.k8s.io/kube-apiserver:v1.27.0-rc.1
registry.k8s.io/kube-controller-manager:v1.27.0-rc.1
registry.k8s.io/kube-scheduler:v1.27.0-rc.1
registry.k8s.io/kube-proxy:v1.27.0-rc.1
ghcr.io/siderolabs/kubelet:v1.27.0-rc.1
ghcr.io/siderolabs/installer:v1.4.0-beta.1
registry.k8s.io/pause:3.6
Welcome to the v1.3.7 release of Talos!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Talos is built with Go 1.19.8.
talosctl logs
might be corrupedPrevious release can be found at v1.3.6
ghcr.io/siderolabs/flannel:v0.20.2
ghcr.io/siderolabs/install-cni:v1.3.0-5-g75d687a
docker.io/coredns/coredns:1.10.0
gcr.io/etcd-development/etcd:v3.5.7
registry.k8s.io/kube-apiserver:v1.26.3
registry.k8s.io/kube-controller-manager:v1.26.3
registry.k8s.io/kube-scheduler:v1.26.3
registry.k8s.io/kube-proxy:v1.26.3
ghcr.io/siderolabs/kubelet:v1.26.3
ghcr.io/siderolabs/installer:v1.3.7
registry.k8s.io/pause:3.6
Published by talos-bot over 1 year ago
Welcome to the v1.4.0-beta.0 release of Talos!
This is a pre-release of Talos
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Bond links can now be described using device selectors instead of explicit device names:
machine:
network:
interfaces:
- interface: bond0
bond:
deviceSelectors:
- hardwareAddr: '00:50:56:*'
- hardwareAddr: '00:50:57:9c:2c:2d'
talosctl logs -k
and talosctl containers -k
now support and output container display names with their ids.
This allows to distinguish between containers with the same name.
Talos now supports a catch-all option for registry mirrors:
machine:
registries:
mirrors:
docker.io:
- https://registry-1.docker.io/
"*":
- https://my-registry.example.com/
Talos now starts a text-based UI dashboard on virtual console /dev/tty2
and switches to it by default upon boot.
Kernel logs remain available on /dev/tty1
.
To switch TTYs, use the Alt+F1
through Alt+F2
keys.
You can disable this behavior by setting the kernel parameter talos.dashboard.disabled=1
.
This behavior is disabled by default on SBCs.
talos.environment
Talos now supports passing environment variables via talos.environment
kernel argument.
Example:
talos.environment=http_proxy=http://proxy.example.com:8080 talos.environment=https_proxy=http://proxy.example.com:8080
Talos adds new APIs to make it easier to perform etcd maintenance operations.
These APIs are available via new talosctl etcd
sub-commands:
talosctl etcd alarm list|disarm
talosctl etcd defrag
talosctl etcd status
See also etcd maintenance guide.
Talos now supports automatically loading kernel drivers built as modules.
If any system extensions or the Talos base kernel build provides kernel modules and if they matches the system hardware (via PCI IDs), they will be loaded automatically.
Modules can still be loaded explicitly by defining it in machine configuration.
Talos now supports re-building the kernel modules dependency tree information on upgrades.
This allows modules of same name to co-exist as in-tree and external modules.
System Extensions can provide modules installed into extras
directory and when loading it'll take precendence over the in-tree module.
Talos now supports talos.experimental.wipe=system:EPHEMERAL,STATE
kernel argument.
Talos now also supports the new GRUB boot option - "Reset Talos installation and return to maintenance mode".
Both of this options will reset EPHEMERAL and STATE partitions and will return Talos into maintenance mode after the reboot.
Strategic merge config patches correctly support merging .vlans
sections of the network interface.
Talos API was extended to support retrieving a list of network connections (sockets) from the node and pods.
talosctl netstat
command was added to retrieve the list of network connections.
Talos now supports resetting user disks through the Reset API,
the list of disks to wipe is set using the --user-disks-to-wipe
parameter in talosctl
.
Additionally, the Reset API can now function in maintenance mode
and has the capability to wipe the node's system disk (partial wipe is not supported).
Talos now supports a new os:operator
role for the Talos API.
This role allows everything os:reader
role allows plus access to maintenance APIs:
rebooting, shutting down a node, accessing packet capture, etcd alarm APIs, etcd backup, etc.
Talos is built with Go 1.20.2.
Talos now supports loading network configuration on VMWare platform from the metadata
key.
See CAPV IPAM Support and
Talos issue 6708 for details.
Disks API
talosctl logs
might be corruped${code}
--force
flag for talosctl gen
talosctl -k containers
and talosctl -k logs
--context
in talosctl config
cmd--force
flag to talosctl gen config
config.json
watchErr
from metal.getResource
slice.Filter
result slice cap to len/sys/block
/bin
in base
Previous release can be found at v1.3.0
ghcr.io/siderolabs/flannel:v0.21.4
ghcr.io/siderolabs/install-cni:v1.4.0
docker.io/coredns/coredns:1.10.1
gcr.io/etcd-development/etcd:v3.5.7
registry.k8s.io/kube-apiserver:v1.27.0-beta.0
registry.k8s.io/kube-controller-manager:v1.27.0-beta.0
registry.k8s.io/kube-scheduler:v1.27.0-beta.0
registry.k8s.io/kube-proxy:v1.27.0-beta.0
ghcr.io/siderolabs/kubelet:v1.27.0-beta.0
ghcr.io/siderolabs/installer:v1.4.0-beta.0
registry.k8s.io/pause:3.6
Published by talos-bot over 1 year ago
Welcome to the v1.4.0-alpha.4 release of Talos!
This is a pre-release of Talos
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Bond links can now be described using device selectors instead of explicit device names:
machine:
network:
interfaces:
- interface: bond0
bond:
deviceSelectors:
- hardwareAddr: '00:50:56:*'
- hardwareAddr: '00:50:57:9c:2c:2d'
talosctl logs -k
and talosctl containers -k
now support and output container display names with their ids.
This allows to distinguish between containers with the same name.
Talos now supports a catch-all option for registry mirrors:
machine:
registries:
mirrors:
docker.io:
- https://registry-1.docker.io/
"*":
- https://my-registry.example.com/
Talos now starts a text-based UI dashboard on virtual console /dev/tty2
and switches to it by default upon boot.
Kernel logs remain available on /dev/tty1
.
To switch TTYs, use the Alt+F1
through Alt+F2
keys.
You can disable this behavior by setting the kernel parameter talos.dashboard.disabled=1
.
This behavior is disabled by default on SBCs.
talos.environment
Talos now supports passing environment variables via talos.environment
kernel argument.
Example:
talos.environment=http_proxy=http://proxy.example.com:8080 talos.environment=https_proxy=http://proxy.example.com:8080
Talos adds new APIs to make it easier to perform etcd maintenance operations.
These APIs are available via new talosctl etcd
sub-commands:
talosctl etcd alarm list|disarm
talosctl etcd defrag
talosctl etcd status
See also etcd maintenance guide.
Talos now supports automatically loading kernel drivers built as modules.
If any system extensions or the Talos base kernel build provides kernel modules and if they matches the system hardware (via PCI IDs), they will be loaded automatically.
Modules can still be loaded explicitly by defining it in machine configuration.
Talos now supports re-building the kernel modules dependency tree information on upgrades.
This allows modules of same name to co-exist as in-tree and external modules.
System Extensions can provide modules installed into extras
directory and when loading it'll take precendence over the in-tree module.
Talos now supports talos.experimental.wipe=system:EPHEMERAL,STATE
kernel argument.
Talos now also supports the new GRUB boot option - "Reset Talos installation and return to maintenance mode".
Both of this options will reset EPHEMERAL and STATE partitions and will return Talos into maintenance mode after the reboot.
Strategic merge config patches correctly support merging .vlans
sections of the network interface.
Talos API was extended to support retrieving a list of network connections (sockets) from the node and pods.
talosctl netstat
command was added to retrieve the list of network connections.
Talos now supports resetting user disks through the Reset API,
the list of disks to wipe is set using the --user-disks-to-wipe
parameter in talosctl
.
Additionally, the Reset API can now function in maintenance mode
and has the capability to wipe the node's system disk (partial wipe is not supported).
Talos now supports a new os:operator
role for the Talos API.
This role allows everything os:reader
role allows plus access to maintenance APIs:
rebooting, shutting down a node, accessing packet capture, etcd alarm APIs, etcd backup, etc.
Talos is built with Go 1.20.2.
Talos now supports loading network configuration on VMWare platform from the metadata
key.
See CAPV IPAM Support and
Talos issue 6708 for details.
Disks API
talosctl logs
might be corruped${code}
--force
flag for talosctl gen
talosctl -k containers
and talosctl -k logs
--context
in talosctl config
cmd--force
flag to talosctl gen config
config.json
watchErr
from metal.getResource
Disks API
talosctl logs
might be corruped${code}
slice.Filter
result slice cap to len/sys/block
/bin
in base
Previous release can be found at v1.3.0
ghcr.io/siderolabs/flannel:v0.21.4
ghcr.io/siderolabs/install-cni:v1.4.0
docker.io/coredns/coredns:1.10.1
gcr.io/etcd-development/etcd:v3.5.7
registry.k8s.io/kube-apiserver:v1.27.0-rc.0
registry.k8s.io/kube-controller-manager:v1.27.0-rc.0
registry.k8s.io/kube-scheduler:v1.27.0-rc.0
registry.k8s.io/kube-proxy:v1.27.0-rc.0
ghcr.io/siderolabs/kubelet:v1.27.0-rc.0
ghcr.io/siderolabs/installer:v1.4.0-alpha.4
registry.k8s.io/pause:3.6
Welcome to the v1.4.0-alpha.3 release of Talos!
This is a pre-release of Talos
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
talosctl logs -k
and talosctl containers -k
now support and output container display names with their ids.
This allows to distinguish between containers with the same name.
Talos now supports a catch-all option for registry mirrors:
machine:
registries:
mirrors:
docker.io:
- https://registry-1.docker.io/
"*":
- https://my-registry.example.com/
Talos now starts a text-based UI dashboard on virtual console /dev/tty2
and switches to it by default upon boot.
Kernel logs remain available on /dev/tty1
.
To switch TTYs, use the Alt+F1
through Alt+F2
keys.
You can disable this behavior by setting the kernel parameter talos.dashboard.disabled=1
.
This behavior is disabled by default on SBCs.
Talos adds new APIs to make it easier to perform etcd maintenance operations.
These APIs are available via new talosctl etcd
sub-commands:
talosctl etcd alarm list|disarm
talosctl etcd defrag
talosctl etcd status
See also etcd maintenance guide.
Talos now supports automatically loading kernel drivers built as modules.
If any system extensions or the Talos base kernel build provides kernel modules and if they matches the system hardware (via PCI IDs), they will be loaded automatically.
Modules can still be loaded explicitly by defining it in machine configuration.
Talos now supports re-building the kernel modules dependency tree information on upgrades.
This allows modules of same name to co-exist as in-tree and external modules.
System Extensions can provide modules installed into extras
directory and when loading it'll take precendence over the in-tree module.
Talos now supports talos.experimental.wipe=system:EPHEMERAL,STATE
kernel argument.
Talos now also supports the new GRUB boot option - "Reset Talos installation and return to maintenance mode".
Both of this options will reset EPHEMERAL and STATE partitions and will return Talos into maintenance mode after the reboot.
Strategic merge config patches correctly support merging .vlans
sections of the network interface.
Talos API was extended to support retrieving a list of network connections (sockets) from the node.
talosctl netstat
command was added to retrieve the list of network connections.
Talos now supports resetting user disks through the Reset API,
the list of disks to wipe is set using the --user-disks-to-wipe
parameter in talosctl
.
Additionally, the Reset API can now function in maintenance mode
and has the capability to wipe the node's system disk (partial wipe is not supported).
Talos now supports a new os:operator
role for the Talos API.
This role allows everything os:reader
role allows plus access to maintenance APIs:
rebooting, shutting down a node, accessing packet capture, etcd alarm APIs, etcd backup, etc.
Talos is built with Go 1.20.2.
Talos now supports loading network configuration on VMWare platform from the metadata
key.
See CAPV IPAM Support and
Talos issue 6708 for details.
--force
flag for talosctl gen
talosctl -k containers
and talosctl -k logs
--context
in talosctl config
cmd--force
flag to talosctl gen config
config.json
watchErr
from metal.getResource
--force
flag for talosctl gen
talosctl -k containers
and talosctl -k logs
slice.Filter
result slice cap to len/bin
in base
Previous release can be found at v1.3.0
ghcr.io/siderolabs/flannel:v0.21.4
ghcr.io/siderolabs/install-cni:v1.4.0-alpha.0-7-g343956e
docker.io/coredns/coredns:1.10.1
gcr.io/etcd-development/etcd:v3.5.7
registry.k8s.io/kube-apiserver:v1.27.0-beta.0
registry.k8s.io/kube-controller-manager:v1.27.0-beta.0
registry.k8s.io/kube-scheduler:v1.27.0-beta.0
registry.k8s.io/kube-proxy:v1.27.0-beta.0
ghcr.io/siderolabs/kubelet:v1.27.0-beta.0
ghcr.io/siderolabs/installer:v1.4.0-alpha.3
registry.k8s.io/pause:3.6
Published by talos-bot over 1 year ago
Welcome to the v1.3.6 release of Talos!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Talos is built with Go 1.19.7.
Previous release can be found at v1.3.5
ghcr.io/siderolabs/flannel:v0.20.2
ghcr.io/siderolabs/install-cni:v1.3.0-4-gcb97438
docker.io/coredns/coredns:1.10.0
gcr.io/etcd-development/etcd:v3.5.7
registry.k8s.io/kube-apiserver:v1.26.2
registry.k8s.io/kube-controller-manager:v1.26.2
registry.k8s.io/kube-scheduler:v1.26.2
registry.k8s.io/kube-proxy:v1.26.2
ghcr.io/siderolabs/kubelet:v1.26.2
ghcr.io/siderolabs/installer:v1.3.6
registry.k8s.io/pause:3.6
Published by talos-bot over 1 year ago
Welcome to the v1.2.9 release of Talos!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Talos 1.2.9 provides easier upgrade path to Talos 1.3.x for users
of CRI custom configuration by allowing Talos 1.3-style config to be accepted before an ugprade.
Previous release can be found at v1.2.8
ghcr.io/siderolabs/flannel:v0.19.2
ghcr.io/siderolabs/install-cni:v1.2.0-2-gf14175f
docker.io/coredns/coredns:1.9.3
gcr.io/etcd-development/etcd:v3.5.5
k8s.gcr.io/kube-apiserver:v1.25.5
k8s.gcr.io/kube-controller-manager:v1.25.5
k8s.gcr.io/kube-scheduler:v1.25.5
k8s.gcr.io/kube-proxy:v1.25.5
ghcr.io/siderolabs/kubelet:v1.25.5
ghcr.io/siderolabs/installer:v1.2.9
registry.k8s.io/pause:3.6
Published by talos-bot over 1 year ago
Welcome to the v1.4.0-alpha.2 release of Talos!
This is a pre-release of Talos
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Talos now supports a catch-all option for registry mirrors:
machine:
registries:
mirrors:
docker.io:
- https://registry-1.docker.io/
"*":
- https://my-registry.example.com/
Talos now starts a text-based UI dashboard on virtual console /dev/tty2
and switches to it by default upon boot.
Kernel logs remain available on /dev/tty1
.
To switch TTYs, use the Alt+F1
through Alt+F2
keys.
You can disable this behavior by setting the kernel parameter talos.dashboard.disabled=1
.
This behavior is disabled by default on SBCs.
Talos adds new APIs to make it easier to perform etcd maintenance operations.
These APIs are available via new talosctl etcd
sub-commands:
talosctl etcd alarm list|disarm
talosctl etcd defrag
talosctl etcd status
See also etcd maintenance guide.
Talos now supports automatically loading kernel drivers built as modules.
If any system extensions or the Talos base kernel build provides kernel modules and if they matches the system hardware (via PCI IDs), they will be loaded automatically.
Modules can still be loaded explicitly by defining it in machine configuration.
Talos now supports re-building the kernel modules dependency tree information on upgrades.
This allows modules of same name to co-exist as in-tree and external modules.
System Extensions can provide modules installed into extras
directory and when loading it'll take precendence over the in-tree module.
Strategic merge config patches correctly support merging .vlans
sections of the network interface.
Talos now supports resetting user disks through the Reset API,
the list of disks to wipe is set using the --user-disks-to-wipe
parameter in talosctl
.
Additionally, the Reset API can now function in maintenance mode
and has the capability to wipe the node's system disk (partial wipe is not supported).
Talos is built with Go 1.20.1.
--context
in talosctl config
cmd--force
flag to talosctl gen config
config.json
watchErr
from metal.getResource
--context
in talosctl config
cmd--force
flag to talosctl gen config
config.json
slice.Filter
result slice cap to len/bin
in base
Previous release can be found at v1.3.0
ghcr.io/siderolabs/flannel:v0.20.2
ghcr.io/siderolabs/install-cni:v1.4.0-alpha.0-5-g8b28b6b
docker.io/coredns/coredns:1.10.1
gcr.io/etcd-development/etcd:v3.5.7
registry.k8s.io/kube-apiserver:v1.26.1
registry.k8s.io/kube-controller-manager:v1.26.1
registry.k8s.io/kube-scheduler:v1.26.1
registry.k8s.io/kube-proxy:v1.26.1
ghcr.io/siderolabs/kubelet:v1.26.1
ghcr.io/siderolabs/installer:v1.4.0-alpha.2
registry.k8s.io/pause:3.6
Published by talos-bot over 1 year ago
Welcome to the v1.3.5 release of Talos!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Talos is built with Go 1.19.6.
Previous release can be found at v1.3.4
ghcr.io/siderolabs/flannel:v0.20.2
ghcr.io/siderolabs/install-cni:v1.3.0-3-g527b5f7
docker.io/coredns/coredns:1.10.0
gcr.io/etcd-development/etcd:v3.5.7
registry.k8s.io/kube-apiserver:v1.26.1
registry.k8s.io/kube-controller-manager:v1.26.1
registry.k8s.io/kube-scheduler:v1.26.1
registry.k8s.io/kube-proxy:v1.26.1
ghcr.io/siderolabs/kubelet:v1.26.1
ghcr.io/siderolabs/installer:v1.3.5
registry.k8s.io/pause:3.6
Published by talos-bot over 1 year ago
Welcome to the v1.3.4 release of Talos!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Previous release can be found at v1.3.3
ghcr.io/siderolabs/flannel:v0.20.2
ghcr.io/siderolabs/install-cni:v1.3.0-2-g78b971c
docker.io/coredns/coredns:1.10.0
gcr.io/etcd-development/etcd:v3.5.7
registry.k8s.io/kube-apiserver:v1.26.1
registry.k8s.io/kube-controller-manager:v1.26.1
registry.k8s.io/kube-scheduler:v1.26.1
registry.k8s.io/kube-proxy:v1.26.1
ghcr.io/siderolabs/kubelet:v1.26.1
ghcr.io/siderolabs/installer:v1.3.4
registry.k8s.io/pause:3.6
Published by talos-bot over 1 year ago
Welcome to the v1.4.0-alpha.1 release of Talos!
This is a pre-release of Talos
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Talos adds new APIs to make it easier to perform etcd maintenance operations.
These APIs are available via new talosctl etcd
sub-commands:
talosctl etcd alarm list|disarm
talosctl etcd defrag
talosctl etcd status
See also etcd maintenance guide.
Talos is built with Go 1.19.5.
watchErr
from metal.getResource
slice.Filter
result slice cap to len/bin
in base
Previous release can be found at v1.3.0
ghcr.io/siderolabs/flannel:v0.20.2
ghcr.io/siderolabs/install-cni:v1.4.0-alpha.0-2-g8cb4792
docker.io/coredns/coredns:1.10.0
gcr.io/etcd-development/etcd:v3.5.7
registry.k8s.io/kube-apiserver:v1.26.1
registry.k8s.io/kube-controller-manager:v1.26.1
registry.k8s.io/kube-scheduler:v1.26.1
registry.k8s.io/kube-proxy:v1.26.1
ghcr.io/siderolabs/kubelet:v1.26.1
ghcr.io/siderolabs/installer:v1.4.0-alpha.1
registry.k8s.io/pause:3.6
Published by talos-bot over 1 year ago
Welcome to the v1.3.3 release of Talos!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Previous release can be found at v1.3.2
ghcr.io/siderolabs/flannel:v0.20.2
ghcr.io/siderolabs/install-cni:v1.3.0-1-g3773d71
docker.io/coredns/coredns:1.10.0
gcr.io/etcd-development/etcd:v3.5.7
registry.k8s.io/kube-apiserver:v1.26.1
registry.k8s.io/kube-controller-manager:v1.26.1
registry.k8s.io/kube-scheduler:v1.26.1
registry.k8s.io/kube-proxy:v1.26.1
ghcr.io/siderolabs/kubelet:v1.26.1
ghcr.io/siderolabs/installer:v1.3.3
registry.k8s.io/pause:3.6
Published by talos-bot almost 2 years ago
Welcome to the v1.3.2 release of Talos!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Previous release can be found at v1.3.1
ghcr.io/siderolabs/flannel:v0.20.2
ghcr.io/siderolabs/install-cni:v1.3.0-1-g3773d71
docker.io/coredns/coredns:1.10.0
gcr.io/etcd-development/etcd:v3.5.6
registry.k8s.io/kube-apiserver:v1.26.0
registry.k8s.io/kube-controller-manager:v1.26.0
registry.k8s.io/kube-scheduler:v1.26.0
registry.k8s.io/kube-proxy:v1.26.0
ghcr.io/siderolabs/kubelet:v1.26.0
ghcr.io/siderolabs/installer:v1.3.2
registry.k8s.io/pause:3.6
Published by talos-bot almost 2 years ago
Welcome to the v1.3.1 release of Talos!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Previous release can be found at v1.3.0
ghcr.io/siderolabs/flannel:v0.20.2
ghcr.io/siderolabs/install-cni:v1.3.0-1-g3773d71
docker.io/coredns/coredns:1.10.0
gcr.io/etcd-development/etcd:v3.5.6
registry.k8s.io/kube-apiserver:v1.26.0
registry.k8s.io/kube-controller-manager:v1.26.0
registry.k8s.io/kube-scheduler:v1.26.0
registry.k8s.io/kube-proxy:v1.26.0
ghcr.io/siderolabs/kubelet:v1.26.0
ghcr.io/siderolabs/installer:v1.3.1
registry.k8s.io/pause:3.6
Published by talos-bot almost 2 years ago
Welcome to the v1.4.0-alpha.0 release of Talos!
This is a pre-release of Talos
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Talos is built with Go 1.19.4.
watchErr
from metal.getResource
Previous release can be found at v1.3.0
ghcr.io/siderolabs/flannel:v0.20.2
ghcr.io/siderolabs/install-cni:v1.4.0-alpha.0
docker.io/coredns/coredns:1.10.0
gcr.io/etcd-development/etcd:v3.5.6
registry.k8s.io/kube-apiserver:v1.26.0
registry.k8s.io/kube-controller-manager:v1.26.0
registry.k8s.io/kube-scheduler:v1.26.0
registry.k8s.io/kube-proxy:v1.26.0
ghcr.io/siderolabs/kubelet:v1.26.0
ghcr.io/siderolabs/installer:v1.4.0-alpha.0
registry.k8s.io/pause:3.6
Published by talos-bot almost 2 years ago
Welcome to the v1.2.8 release of Talos!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Talos is built with Go 1.19.4.
Previous release can be found at v1.2.7
ghcr.io/siderolabs/flannel:v0.19.2
ghcr.io/siderolabs/install-cni:v1.2.0-2-gf14175f
docker.io/coredns/coredns:1.9.3
gcr.io/etcd-development/etcd:v3.5.5
k8s.gcr.io/kube-apiserver:v1.25.5
k8s.gcr.io/kube-controller-manager:v1.25.5
k8s.gcr.io/kube-scheduler:v1.25.5
k8s.gcr.io/kube-proxy:v1.25.5
ghcr.io/siderolabs/kubelet:v1.25.5
ghcr.io/siderolabs/installer:v1.2.8
registry.k8s.io/pause:3.6
Published by talos-bot almost 2 years ago
Welcome to the v1.3.0 release of Talos!
Release notes are also part of the documentation.
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Talos now supports setting custom audit policy for kube-apiserver
in the machine configuration.
Talos defaults to using cgroups v2 when Talos doesn't run in a container (when running in a container
Talos follows host cgroups mode).
Talos can now be forced to use cgroups v1 by setting boot kernel argument talos.unified_cgroup_hierarchy=0
:
machine:
install:
extraKernelArgs:
- "talos.unified_cgroup_hierarchy=0"
Current cgroups mode can be checked with talosctl ls /sys/fs/cgroup
:
cgroups v1:
blkio
cpu
cpuacct
cpuset
devices
freezer
hugetlb
memory
net_cls
net_prio
perf_event
pids
cgroups v2:
cgroup.controllers
cgroup.max.depth
cgroup.max.descendants
cgroup.procs
cgroup.stat
cgroup.subtree_control
cgroup.threads
cpu.stat
cpuset.cpus.effective
cpuset.mems.effective
init
io.stat
kubepods
memory.numa_stat
memory.stat
podruntime
system
Note:
cgroupsv1
is deprecated and it should be used only for compatibility with workloads which don't supportcgroupsv2
yet.
Talos now supports referencing interface name via enxMAC
address notation:
ip=172.20.0.2::172.20.0.1:255.255.255.0::enx7085c2dfbc59
Talos no longer supports CRI config overrides placed in /var/cri/conf.d
directory.
New way correctly handles merging of containerd/CRI plugin configuration.
Talos enables --experimental-compact-hash-check-enabled option by default to improve
etcd store consistency guarantees.
This options is only available with etcd >= v3.5.5, so Talos doesn't support version of etcd before v3.5.5.
Talos now internally handles etcd member removal by member ID instead of member name (hostname).
This resolves the case when member name is not accurate or empty (eg: when etcd hasn't fully joined yet).
Command talosctl etcd remove-member
now accepts member IDs instead of member names.
New resource can be used to get member ID of the Talos node:
talosctl get etcdmember
Talos now supports new platform: Exoscale.
Exoscale provides a firewall, TCP load balancer and autoscale groups.
It works well with CCM and Kubernetes node autoscaler.
Talos now supports settings kernel module parameters.
Eg:
machine:
kernel:
modules:
- name: "br_netfilter"
parameters:
- nf_conntrack_max=131072
KubeSpan MTU link size is now configurable via network.kubespan.mtu
setting in the machine configuration.
Talos now supports specifying node labels in the machine configuration:
machine:
nodeLabels:
rack: rack1a
zone: us-east-1a
Changes to the node labels will be applied immediately without kubelet
restart.
Talos keeps track of the owned node labels in the talos.dev/owned-labels
annotation.
Talos had an inconsistency in the way registry mirror endpoints are handled when compared with containerd
implementation:
machine:
registries:
mirrors:
docker.io:
endpoints:
- "https://mirror-registry/v2/mirror.docker.io"
Talos would use endpoint https://mirror-registry/v2/mirror.docker.io
, while containerd
would use https://mirror-registry/v2/mirror.docker.io/v2
.
This inconsistency is now fixed, and Talos uses same endpoint as containerd
.
New overridePath
configuration is introduced to skip appending /v2
both on Talos and containerd side:
machine:
registries:
mirrors:
docker.io:
endpoints:
- "https://mirror-registry/v2/mirror.docker.io"
overridePath: true
Talos now uses registry.k8s.io
instead of k8s.gcr.io
for Kubernetes container images.
See Kubernetes documentation for additional details.
If using registry mirrors, or in air-gapped installations you may need to update your configuration.
Talos now supports setting MTU for a specific route.
Talos now supports the Nano Pi R4S SBC.
The Raspberry Pi 4 specific image has been deprecated and will be removed in the v1.4 release of Talos.
Talos now ships a generic Raspberry Pi image that should support more Raspberry Pi variants.
Refer to the docs at https://www.talos.dev/v1.3/talos-guides/install/single-board-computers/rpi_generic/ to find which ones are supported.
By default new clusters will use secretbox for encryption instead of AESCBC.
If both are configured secretbox will take precedence.
Old clusters may keep using AESCBC.
To enable secretbox you may add an encryption secret at cluster.secretboxEncryptionSecret
.
You should keep aescbcEncryptionSecret
however, even if secretbox is enabled older data will still be encrypted with AESCBC.
How to generate the secret:
dd if=/dev/random of=/dev/stdout bs=32 count=1 | base64
The directory "/etc/kubernetes/manifests" is now deprecated.
Static pods should always be configured in machine.pods.
To reenable support you may set machine.kubelet.disableManifestsDirectory
.
Eg:
machine:
kubelet:
disableManifestsDirectory: no
A new subcommand, machineconfig patch
is added to talosctl
to allow patching of machine configuration.
It accepts a machineconfig file and a list of patches as input and outputs the patched machine configuration.
Patches can be sourced from the command line or from a file. Output can be written to a file or to stdout.
Example:
talosctl machineconfig patch controlplane.yaml --patch '[{"op":"replace","path":"/cluster/clusterName","value":"patch1"}]' --patch @/path/to/patch2.json
Additionally, talosctl machineconfig gen
subcommand is introduced as an alias to talosctl gen config
.
Talos is built with Go 1.19.4.
watchErr
from metal.getResource
metal-iso
configuration methodmachined
servicetalosctl gen secrets
configContext
being nil
in Talos clientConn
Revert
functioncancelCtxMu
leftovers in PriorityLockcancelCtx
with the mutexnil
pkg/grpc/tls
from github.com/talos-systems/talos
as ./tls
All
lookup method/dev/ram
devicesmmcblk
devicesInsertAt
method via interfaceerrors.Is
for all errors in the setcontext.Context
in RetrySetHeader
callsgrpc.Server
not found handler.grpc.Server
changes changing the dispatch logicprotobuf
from gogo
netip.Addr
instead of net.IP
wgDevice.Peers
from the wireguard.Device
wrapperPrevious release can be found at v1.2.0
ghcr.io/siderolabs/flannel:v0.20.2
ghcr.io/siderolabs/install-cni:v1.3.0-1-g3773d71
docker.io/coredns/coredns:1.10.0
gcr.io/etcd-development/etcd:v3.5.6
registry.k8s.io/kube-apiserver:v1.26.0
registry.k8s.io/kube-controller-manager:v1.26.0
registry.k8s.io/kube-scheduler:v1.26.0
registry.k8s.io/kube-proxy:v1.26.0
ghcr.io/siderolabs/kubelet:v1.26.0
ghcr.io/siderolabs/installer:v1.3.0
registry.k8s.io/pause:3.6
Published by talos-bot almost 2 years ago
Welcome to the v1.3.0-beta.2 release of Talos!
This is a pre-release of Talos
Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.
Talos now supports setting custom audit policy for kube-apiserver
in the machine configuration.
Talos defaults to using cgroups v2 when Talos doesn't run in a container (when running in a container
Talos follows host cgroups mode).
Talos can now be forced to use cgroups v1 by setting boot kernel argument talos.unified_cgroup_hierarchy=0
:
machine:
install:
extraKernelArgs:
- "talos.unified_cgroup_hierarchy=0"
Current cgroups mode can be checked with talosctl ls /sys/fs/cgroup
:
cgroups v1:
blkio
cpu
cpuacct
cpuset
devices
freezer
hugetlb
memory
net_cls
net_prio
perf_event
pids
cgroups v2:
cgroup.controllers
cgroup.max.depth
cgroup.max.descendants
cgroup.procs
cgroup.stat
cgroup.subtree_control
cgroup.threads
cpu.stat
cpuset.cpus.effective
cpuset.mems.effective
init
io.stat
kubepods
memory.numa_stat
memory.stat
podruntime
system
Note:
cgroupsv1
is deprecated and it should be used only for compatibility with workloads which don't supportcgroupsv2
yet.
Talos now supports referencing interface name via enxMAC
address notation:
ip=172.20.0.2::172.20.0.1:255.255.255.0::enx7085c2dfbc59
Talos no longer supports CRI config overrides placed in /var/cri/conf.d
directory.
New way correctly handles merging of containerd/CRI plugin configuration.
Talos enables --experimental-compact-hash-check-enabled option by default to improve
etcd store consistency guarantees.
This options is only available with etcd >= v3.5.5, so Talos doesn't support version of etcd before v3.5.5.
Talos now internally handles etcd member removal by member ID instead of member name (hostname).
This resolves the case when member name is not accurate or empty (eg: when etcd hasn't fully joined yet).
Command talosctl etcd remove-member
now accepts member IDs instead of member names.
New resource can be used to get member ID of the Talos node:
talosctl get etcdmember
Talos now supports new platform: Exoscale.
Exoscale provides a firewall, TCP load balancer and autoscale groups.
It works well with CCM and Kubernetes node autoscaler.
Talos now supports settings kernel module parameters.
Eg:
machine:
kernel:
modules:
- name: "br_netfilter"
parameters:
- nf_conntrack_max=131072
KubeSpan MTU link size is now configurable via network.kubespan.mtu
setting in the machine configuration.
Talos now supports specifying node labels in the machine configuration:
machine:
nodeLabels:
rack: rack1a
zone: us-east-1a
Changes to the node labels will be applied immediately without kubelet
restart.
Talos keeps track of the owned node labels in the talos.dev/owned-labels
annotation.
Talos had an inconsistency in the way registry mirror endpoints are handled when compared with containerd
implementation:
machine:
registries:
mirrors:
docker.io:
endpoints:
- "https://mirror-registry/v2/mirror.docker.io"
Talos would use endpoint https://mirror-registry/v2/mirror.docker.io
, while containerd
would use https://mirror-registry/v2/mirror.docker.io/v2
.
This inconsistency is now fixed, and Talos uses same endpoint as containerd
.
New overridePath
configuration is introduced to skip appending /v2
both on Talos and containerd side:
machine:
registries:
mirrors:
docker.io:
endpoints:
- "https://mirror-registry/v2/mirror.docker.io"
overridePath: true
Talos now uses registry.k8s.io
instead of k8s.gcr.io
for Kubernetes container images.
See Kubernetes documentation for additional details.
If using registry mirrors, or in air-gapped installations you may need to update your configuration.
Talos now supports setting MTU for a specific route.
Talos now supports the Nano Pi R4S SBC.
The Raspberry Pi 4 specific image has been deprecated and will be removed in the v1.4 release of Talos.
Talos now ships a generic Raspberry Pi image that should support more Raspberry Pi variants.
Refer to the docs at https://www.talos.dev/v1.3/talos-guides/install/single-board-computers/rpi_generic/ to find which ones are supported.
By default new clusters will use secretbox for encryption instead of AESCBC.
If both are configured secretbox will take precedence.
Old clusters may keep using AESCBC.
To enable secretbox you may add an encryption secret at cluster.secretboxEncryptionSecret
.
You should keep aescbcEncryptionSecret
however, even if secretbox is enabled older data will still be encrypted with AESCBC.
How to generate the secret:
dd if=/dev/random of=/dev/stdout bs=32 count=1 | base64
The directory "/etc/kubernetes/manifests" is now deprecated.
Static pods should always be configured in machine.pods.
To reenable support you may set machine.kubelet.disableManifestsDirectory
.
Eg:
machine:
kubelet:
disableManifestsDirectory: no
A new subcommand, machineconfig patch
is added to talosctl
to allow patching of machine configuration.
It accepts a machineconfig file and a list of patches as input and outputs the patched machine configuration.
Patches can be sourced from the command line or from a file. Output can be written to a file or to stdout.
Example:
talosctl machineconfig patch controlplane.yaml --patch '[{"op":"replace","path":"/cluster/clusterName","value":"patch1"}]' --patch @/path/to/patch2.json
Additionally, talosctl machineconfig gen
subcommand is introduced as an alias to talosctl gen config
.
Talos is built with Go 1.19.4.
watchErr
from metal.getResource
metal-iso
configuration methodmachined
servicetalosctl gen secrets
configContext
being nil
in Talos clientConn
Revert
functioncancelCtxMu
leftovers in PriorityLockcancelCtx
with the mutexnil
pkg/grpc/tls
from github.com/talos-systems/talos
as ./tls
All
lookup method/dev/ram
devicesmmcblk
devicesInsertAt
method via interfaceerrors.Is
for all errors in the setcontext.Context
in RetrySetHeader
callsgrpc.Server
not found handler.grpc.Server
changes changing the dispatch logicprotobuf
from gogo
netip.Addr
instead of net.IP
wgDevice.Peers
from the wireguard.Device
wrapperPrevious release can be found at v1.2.0
ghcr.io/siderolabs/flannel:v0.20.2
ghcr.io/siderolabs/install-cni:v1.3.0-1-g3773d71
docker.io/coredns/coredns:1.10.0
gcr.io/etcd-development/etcd:v3.5.6
registry.k8s.io/kube-apiserver:v1.26.0
registry.k8s.io/kube-controller-manager:v1.26.0
registry.k8s.io/kube-scheduler:v1.26.0
registry.k8s.io/kube-proxy:v1.26.0
ghcr.io/siderolabs/kubelet:v1.26.0
ghcr.io/siderolabs/installer:v1.3.0-beta.2
registry.k8s.io/pause:3.6