talos

Talos 1.2.0-alpha.0 (2022-06-30)

Welcome to the v1.2.0-alpha.0 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Network bridge support

Talos now supports configuring Linux bridges. It can be configured in the machine config like the following:

spec:
  machine:
    network:
      interfaces:
        - interface: br0
          bridge:
            stp:
              enabled: true
            interfaces:
              - eth0
              - eth1

See documentation for more details.

Variable substitution for URL query parameter in the talos.config kernel parameter

The kernel parameter talos.config can now substitute system information into placeholders inside its URL query values. This example shows all supported variables:

http://example.com/metadata?h=${hostname}&m=${mac}&s=${serial}&u=${uuid}

Component Updates

• Linux: 5.15.51

Contributors

• Noel Georgi
• Andrey Smirnov
• Utku Ozdemir
• Philipp Sauter
• Tim Jones
• Dmitriy Matrenichev
• Davincible
• Han Cen
• Rio Kierkels
• RyanSquared
• Serge Logvinov
• Spencer Smith
• hobyte
• nett_hier

Changes

• siderolabs/talos@022581d80 release(v1.2.0-alpha.0): prepare release
• siderolabs/talos@643e81cfe feat: add SenseLabs to ADOPTERS.md
• siderolabs/talos@bdfee2b3b chore: bump kernel to 5.15.51
• siderolabs/talos@36c44a651 fix: provide CA certificates in /etc/ssl/certs/ca-certificates.crt
• siderolabs/talos@7ebd9bcce docs: fix pod security talos resource name
• siderolabs/talos@57b625e0a refactor: avoid recreating grpc clients in service health checks
• siderolabs/talos@a68a00f1b docs: recommend setting "host" Processor Type on proxmox
• siderolabs/talos@923600a73 chore: bump kernel to 5.15.50
• siderolabs/talos@758a9bf59 docs: add theila ui
• siderolabs/talos@b81016e62 chore: update blockdevice library to v0.3.3
• siderolabs/talos@284a2f959 fix: filter static pods correctly and optimize fetching
• siderolabs/talos@61abf3111 docs: change command for cluster create to keep $HOME with sudo
• siderolabs/talos@6ae1e9bf2 chore: bump dependencies
• siderolabs/talos@2deff6b6e feat: add support for variable substitution in talos.config kernel parameter
• siderolabs/talos@103c94225 fix: update crypto library with support for RSA-SHA*
• siderolabs/talos@448de7194 docs: add UpCloud installation guide
• siderolabs/talos@07014e0a8 fix: generate correct bootstrap manifests when only IPv6 CIDR is used
• siderolabs/talos@465edbb47 fix: look for qemu-kvm binary
• siderolabs/talos@63caa281a fix: create native image format for DigitalOcean
• siderolabs/talos@f15ce549e fix: siderlink api assume port 443 with https schema
• siderolabs/talos@797596229 feat: add support for configuring network bridges
• siderolabs/talos@2b23fabcc docs: use SVG image for K8s conformance
• siderolabs/talos@d4606c33e chore: bump kernel to 5.15.49
• siderolabs/talos@cfb640222 docs: update docs for release 1.1
• siderolabs/talos@b816d0b60 docs: fix the vendor information for Kubernetes conformance tests
• siderolabs/talos@a167a5402 test: fix CLI nodes discovery without provisioner data
• siderolabs/talos@916a30682 docs: add twitter meta info
• siderolabs/talos@80090a3ed test: fix health endpoint cli test when discovery is disabled
• siderolabs/talos@3c263bb44 chore: bump dependencies
• siderolabs/talos@e8113527f chore: bump kubernetes to v1.24.2
• siderolabs/talos@068f1b6d0 feat: add ctest package and base for test suite
• siderolabs/talos@2aad3a1e4 chore: bump kernel to 5.15.48
• siderolabs/talos@a31a858e0 docs: snippets for logging api server audit logs
• siderolabs/talos@89aaaef9f chore: bump kernel to 5.15.47
• siderolabs/talos@6759fcd4a feat: use discovery service on cluster health checks
• siderolabs/talos@f54d90787 fix: enable orderly poweroff in hyper-v on Azure
• siderolabs/talos@35475ce45 docs: openebs jiva example with iscsi-tools extension
• siderolabs/talos@8d2be5e31 feat: extend node definition used in health checks
• siderolabs/talos@7a11b4def fix: make talosctl bootstrap accept only single node
• siderolabs/talos@217fba288 test: fix csi tests
• siderolabs/talos@90bf34fed docs: fork docs for Talos 1.2
• siderolabs/talos@a0dd010a8 docs: add link to discovery service in kubespan
• siderolabs/talos@c0371410e fix: support SideroLink "secure" gRPC connection
• siderolabs/talos@b03709620 feat: build Talos images with system extensions included
• siderolabs/talos@43def7490 chore: bump kernel and runc
• siderolabs/talos@4dbbf4ac5 chore: add generic methods and use them part #2
• siderolabs/talos@7114292b6 docs: fix latest release version in docs
• siderolabs/talos@da2985fe1 fix: respect local API server port
• siderolabs/talos@e03266667 fix: correctly validate reboot mode in CLI
• siderolabs/talos@70fc42409 chore: add generic methods and use them
• siderolabs/talos@3ae8bdd92 chore: run xfs_repair on xfs filesystem returing EUCLEAN
• siderolabs/talos@0c91c89f4 chore: revert day-two tests for csi tests
• siderolabs/talos@f71b58312 feat: disallow anonymous requests by default (kube-apiserver)
• siderolabs/talos@c19dd1b89 feat: add 'etcd members should be control plane nodes' health check
• siderolabs/talos@f2997c0f2 chore: bump dependencies
• siderolabs/talos@f3efec4b5 feat: update containerd 1.6.6, Linux 5.15.45, Flannel 0.18.1
• siderolabs/talos@27f8e50ce fix: add ovmf image path for rhel
• siderolabs/talos@87e7de30c docs: fix required ports
• siderolabs/talos@c126f2ee8 chore: bump golang to 1.18.3
• siderolabs/talos@c1aed6240 fix: wait for /var to be mounted in kubelet service controller
• siderolabs/talos@d7a64f5d2 fix: improve vip operator shutdown sequence
• siderolabs/talos@7b9dfcb85 chore: add 'make go-mod-outdated'

Changes from siderolabs/extras

• siderolabs/extras@892407f chore: bump golang to 1.18.3

Changes from siderolabs/pkgs

• siderolabs/pkgs@4412db8 chore: bump kernel to 5.15.51
• siderolabs/pkgs@6fedbdc chore: bump tools
• siderolabs/pkgs@f1f44e6 chore: bump kernel to 5.15.50
• siderolabs/pkgs@388af5e chore: bump openssl to 1.1.1p
• siderolabs/pkgs@ed75c50 chore: enable RANDOM_TRUST_BOOTLOADER by default
• siderolabs/pkgs@7c243f6 chore: bump kernel to 5.15.49
• siderolabs/pkgs@6e1269e chore: bump kernel to 5.15.48
• siderolabs/pkgs@5d671a3 chore: bump nvidia drivers to 515.48.07
• siderolabs/pkgs@b35d835 chore: bump kernel to 5.15.47
• siderolabs/pkgs@6604d6b feat: hyperv arm64
• siderolabs/pkgs@c474058 chore: bump nvidia driver to 515.43.04
• siderolabs/pkgs@5bc7e34 feat: update runc to 1.1.3, libseccomp to 2.5.4
• siderolabs/pkgs@c02cd7a chore: bump kernel to 5.15.46
• siderolabs/pkgs@b9c72a5 feat: update containerd to 1.6.6
• siderolabs/pkgs@f7786a3 chore: bump kernel to 5.15.45
• siderolabs/pkgs@b1c207d feat: update containerd to 1.6.5
• siderolabs/pkgs@4d47830 chore: bump golang to 1.18.3
• siderolabs/pkgs@dc21e30 chore: bump kernel to 5.15.44

Changes from siderolabs/tools

• siderolabs/tools@3df9e13 chore: bump golang to 1.18.3

Changes from talos-systems/crypto

• talos-systems/crypto@e9df1b8 feat: add support for generating keys from RSA-SHA256 CAs

Changes from talos-systems/grpc-proxy

• talos-systems/grpc-proxy@6dfa2cc fix: ignore errors on duplicate SetHeader calls

Dependency Changes

• cloud.google.com/go/compute v1.6.1 -> v1.7.0
• github.com/aws/aws-sdk-go v1.44.24 -> v1.44.42
• github.com/containerd/containerd v1.6.4 -> v1.6.6
• github.com/containernetworking/cni v1.1.0 -> v1.1.1
• github.com/cosi-project/runtime 95d06feaf8b5 -> ee09cee2aab7
• github.com/docker/docker v20.10.16 -> v20.10.17
• github.com/emicklei/dot v0.16.0 -> v1.0.0
• github.com/google/nftables a9775fb167d2 -> a346d51f53b3
• github.com/hashicorp/go-getter v1.6.1 -> v1.6.2
• github.com/hetznercloud/hcloud-go v1.33.2 -> v1.34.0
• github.com/packethost/packngo v0.24.0 -> v0.25.0
• github.com/rivo/tview 9994674d60a8 -> 691f46d6f500
• github.com/siderolabs/extras v1.1.0-1-g5800284 -> v1.2.0-alpha.0
• github.com/siderolabs/pkgs v1.1.0-8-gfa9a488 -> v1.2.0-alpha.0-17-g4412db8
• github.com/siderolabs/tools v1.1.0-1-g134974c -> v1.2.0-alpha.0
• github.com/spf13/cobra v1.4.0 -> v1.5.0
• github.com/stretchr/testify v1.7.1 -> v1.7.5
• github.com/talos-systems/crypto v0.3.5 -> e9df1b8ca74c
• github.com/talos-systems/grpc-proxy v0.3.0 -> v0.3.1
• github.com/vishvananda/netlink v1.2.0-beta -> v1.2.1-beta.2
• github.com/vmware-tanzu/sonobuoy v0.56.6 -> v0.56.7
• golang.org/x/net 5463443f8c37 -> 1bab6f366d9e
• golang.org/x/sync 0976fa681c29 -> 0de741cfad7f
• golang.org/x/sys bc2c85ada10a -> 87e55d714810
• golang.org/x/time 583f2d630306 -> 579cf78fd858
• google.golang.org/grpc v1.46.2 -> v1.47.0
• gopkg.in/yaml.v3 496545a6307b -> v3.0.1
• inet.af/netaddr c74959edd3b6 -> 097006376321

Previous release can be found at v1.1.0

Images

ghcr.io/siderolabs/flannel:v0.18.1
ghcr.io/siderolabs/install-cni:v1.2.0-alpha.0
docker.io/coredns/coredns:1.9.3
gcr.io/etcd-development/etcd:v3.5.4
k8s.gcr.io/kube-apiserver:v1.24.2
k8s.gcr.io/kube-controller-manager:v1.24.2
k8s.gcr.io/kube-scheduler:v1.24.2
k8s.gcr.io/kube-proxy:v1.24.2
ghcr.io/siderolabs/kubelet:v1.24.2
ghcr.io/siderolabs/installer:v1.2.0-alpha.0
k8s.gcr.io/pause:3.6

Talos 1.1.0 (2022-06-22)

Welcome to the v1.1.0 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Kubernetes API Server Anonymous Auth

Anonymous authentication is now disabled by default for the kube-apiserver (CIS compliance).

To enable anonymous authentication, update the machine config with:

cluster:
    apiServer:
        extraArgs:
            anonymous-auth: true

Apply Config --dry-run

The commands talosctl apply-config, talosctl patch mc and talosctl edit mc now support --dry-run flag.
If enabled it just prints out the selected config application mode and the configuration diff.

Apply Config --mode=try

The commands talosctl apply-config, talosctl patch mc and talosctl edit mc now support the new mode called try.
In this mode the config change is applied for a period of time and then reverted back to the state it was before the change.
--timeout parameter can be used to customize the config rollback timeout.
This new mode can be used only with the parts of the config that can be changed without a reboot and can help to check that
the new configuration doesn't break the node.
Can be especially useful to check network interfaces changes that may lead to the loss of connectivity to the node.

IPv6 in Docker-based Talos Clusters

The command talosctl cluster create now enables IPv6 by default for the Docker containers
created for Talos nodes. This allows to use IPv6 addresses in Kubernetes networking.

If talosctl cluster create fails to work on Linux due to the lack of IPv6 support,
please use the flag --disable-docker-ipv6 to revert the change.

drop some default rules shipped by eudev

Drops some default eudev rules that doesn't make sense in the context of Talos OS.
Especially the ones around sound devices, cd-roms and renaming the network interfaces to be predictable

Network Device Selector

Talos machine configuration supports specifying network interfaces by selectors instead of interface name.
See documentation for more details.

Pod Security Admission

Pod Security Admission controller is enabled by default with the following policy:

apiVersion: apiserver.config.k8s.io/v1
kind: AdmissionConfiguration
plugins:
- configuration:
    apiVersion: pod-security.admission.config.k8s.io/v1alpha1
    defaults:
      audit: restricted
      audit-version: latest
      enforce: baseline
      enforce-version: latest
      warn: restricted
      warn-version: latest
    exemptions:
      namespaces:
      - kube-system
      runtimeClasses: []
      usernames: []
    kind: PodSecurityConfiguration
  name: PodSecurity
  path: ""

The policy is part of the Talos machine configuration, and it can be modified to suite your needs.

Support RockPi 4 variants A and B

Talos now supports RockPi variants A and B in addition to RockPi 4C

Raspberry Pi PoE hat fan

Talos now enables the Raspberry Pi PoE fan control by pulling in the poe overlay that works with upstream kernel

Component Updates

• Linux: 5.15.48
• Containerd: v1.6.6
• Kubernetes: 1.24.2
• Flannel: 0.18.1
• runc: 1.1.2
• CoreDNS: v1.9.3

Talos is built with Go 1.18.3

x86-64 Architecture

Talos is built for x86-64 architecture with support for x86-64-v2 microarchitecture level,
so Talos no longer runs on processors supporting only baseline x86-64 microarchitecture (before 2009).

Contributors

• Andrey Smirnov
• Noel Georgi
• Tim Jones
• Dmitriy Matrenichev
• Spencer Smith
• Artem Chernyshev
• Serge Logvinov
• Philipp Sauter
• Andrew Rynhard
• Steve Francis
• Steve Francis
• Andrei Dobre
• Bastiaan Schaap
• Bᴇʀɴᴅ Sᴄʜᴏʀɢᴇʀs
• Caleb Woodbine
• Daniel Höxtermann
• Gerard de Leeuw
• Han Cen
• Jori Huisman
• Jorik Jonker
• Nat Allan
• Nico Berlee
• Philipp Sauter
• Rio Kierkels
• Sebastian Hasler
• Seán C McCord
• Suraj Shirvankar
• Tames McTigue
• Tim Jones
• Tomasz Zurkowski
• William Ashton

Changes

• siderolabs/talos@d55a18714 release(v1.1.0): prepare release
• siderolabs/talos@6d6567512 docs: fix the vendor information for Kubernetes conformance tests
• siderolabs/talos@707f2a3e9 chore: bump kubernetes to v1.24.2
• siderolabs/talos@ed09dee4f fix: make talosctl bootstrap accept only single node
• siderolabs/talos@86352abe0 test: fix csi tests
• siderolabs/talos@9409975b1 fix: support SideroLink "secure" gRPC connection
• siderolabs/talos@6cd38e519 chore: bump kernel to 5.15.48
• siderolabs/talos@08f2ea1e3 chore: bump kernel to 5.15.47
• siderolabs/talos@83b430ac5 release(v1.1.0-beta.2): prepare release
• siderolabs/talos@2d1a94e08 fix: correctly validate reboot mode in CLI
• siderolabs/talos@4eeb6ebe1 feat: build Talos images with system extensions included
• siderolabs/talos@b94a4ec5f chore: run xfs_repair on xfs filesystem returing EUCLEAN
• siderolabs/talos@09e4f38ba chore: revert day-two tests for csi tests
• siderolabs/talos@10ac9dc95 fix: respect local API server port
• siderolabs/talos@1e4417d1a feat: disallow anonymous requests by default (kube-apiserver)
• siderolabs/talos@d5f16f067 chore: bump kernel to 5.15.46
• siderolabs/talos@9289c4ca8 release(v1.1.0-beta.1): prepare release
• siderolabs/talos@b75318520 feat: update containerd 1.6.6, Linux 5.15.45, Flannel 0.18.1
• siderolabs/talos@e23d1979b fix: add ovmf image path for rhel
• siderolabs/talos@6229eefe7 fix: wait for /var to be mounted in kubelet service controller
• siderolabs/talos@4712e73c4 fix: improve vip operator shutdown sequence
• siderolabs/talos@3860129d7 chore: bump golang to 1.18.3
• siderolabs/talos@f8422f217 release(v1.1.0-beta.0): prepare release
• siderolabs/talos@98bbab12e chore: bump dependencies
• siderolabs/talos@0a6fc906f fix: table align hosts file
• siderolabs/talos@be644c96e fix: flannel ipv6 compatibility
• siderolabs/talos@99e8f1261 feat: add support for equinix metal events
• siderolabs/talos@1ba8a6b94 chore: update go yaml to the latest version
• siderolabs/talos@400a88dc5 chore: disable kexec on rpi4 and rockpi
• siderolabs/talos@48423a983 chore: bump kernel to 5.15.44
• siderolabs/talos@458e44c27 feat: include azure public IPs from standard LB SKU into extips
• siderolabs/talos@19edbb5bd docs: fix typo in main page
• siderolabs/talos@4ad773f01 feat: update CoreDNS to 1.9.3
• siderolabs/talos@7a4062904 chore: update Sidero Labs go modules to released versions
• siderolabs/talos@e40153aef fix: introduce more route protocols as constants
• siderolabs/talos@3ed254976 feat: update Kubernetes to 1.24.1
• siderolabs/talos@ceae420a8 chore: update tools/pkgs/extras to 1.1.0
• siderolabs/talos@f9c46fb18 fix: unmarshal HardwareAddr without stdlib help
• siderolabs/talos@f2e94d602 fix: implement unmarshaling from YAML for LinkStatus
• siderolabs/talos@fe858041b feat: enable version API in maintenance mode
• siderolabs/talos@875f67a6e fix: correctly parse empty route flags from YAML
• siderolabs/talos@00515b4ba chore: rename memory to memorymodules
• siderolabs/talos@9c4b7d6e8 feat: update Flannel to 0.18.0
• siderolabs/talos@c5297009e feat: support join token as part of siderolink kernel parameter
• siderolabs/talos@0dc4ad58e chore: bump kernel to 5.15.43
• siderolabs/talos@610884aa0 docs: correct the install-image tag in the Developing Talos section
• siderolabs/talos@af5ac30a7 feat: enable passing custom kernel args to the ISO creator
• siderolabs/talos@b7d068f60 chore: add cloud-image-uploader to go workspace
• siderolabs/talos@88efd75d3 docs: fix install script url
• siderolabs/talos@3f88030ca test: use use correct method to generate Wireguard private key
• siderolabs/talos@8c675c669 chore: siderolink maintenance mode
• siderolabs/talos@4551cbd7f fix: cluster creation error message formatting
• siderolabs/talos@bafa1f49d fix: improve error message when creating cluster
• siderolabs/talos@f03002ec6 feat: add support for disabling search domains
• siderolabs/talos@a1b6f21a8 chore: bump dependencies
• siderolabs/talos@1156daac2 fix: azure hostname definition
• siderolabs/talos@33a631f02 feat: look up Links PCI vendor/product via PCI ID database
• siderolabs/talos@40e57efa4 chore: fix reference to talosconfig
• siderolabs/talos@30eeb851b docs: extension service security options
• siderolabs/talos@bf7a6443e feat: add 'etcd membership is consistent across nodes' health check
• siderolabs/talos@4b3935fa4 docs: fix 1.1.x support matrix
• siderolabs/talos@efcdc16c5 chore: add go.work
• siderolabs/talos@20286c908 feat: add cpu/ram info as resource
• siderolabs/talos@c3f29031b feat: add ethtool ioctl as additional source of information
• siderolabs/talos@34d9a875a chore: go-smbios updates
• siderolabs/talos@f477eb882 chore: bump kernel to 5.15.41
• siderolabs/talos@5bac5e91a docs: fix "double-base64-encode" in cert/key examples
• siderolabs/talos@396e1386c feat: implement network device selector
• siderolabs/talos@5a8e011db fix: match for WSL platform in case-insentive way
• siderolabs/talos@ee8113b5f docs: add vector logging example
• siderolabs/talos@14985674c fix: allow SideroLink IPs in NodeAddresses
• siderolabs/talos@63f23e905 feat: openstack dhcp-v6 types
• siderolabs/talos@5ec4e9096 chore: bump kernel to 5.15.40
• siderolabs/talos@8cef958dd docs: update jetson nano docs
• siderolabs/talos@554edd3e8 chore: bump dependencies
• siderolabs/talos@f2d89735f feat: extend the extension service spec with container security options
• siderolabs/talos@850cfba72 chore: fix type order in deep-copy generation line
• siderolabs/talos@5a91f6076 fix: ignore completed pods in cluster health check
• siderolabs/talos@488ce753f docs: tidy up adopters
• siderolabs/talos@290f968fe release(v1.1.0-alpha.2): prepare release
• siderolabs/talos@a6e436582 feat: implement DeepCopy using code generation
• siderolabs/talos@91a49c4e7 fix: dhcpv6 leasetime segfault loop
• siderolabs/talos@afb679586 fix: reset certificate SANs on update
• siderolabs/talos@c87432fe1 fix: detect WSL for talosctl cluster create on Docker
• siderolabs/talos@166d2585c chore: bump kernel and runc
• siderolabs/talos@8d9b0cde0 chore: update deps to go 1.18.2
• siderolabs/talos@86741d998 fix: append hostname to cluster SANs when port is not specified
• siderolabs/talos@9885bbe17 docs: fix typos, edited for clarity
• siderolabs/talos@7fd1c80c3 fix: ignore failures to dial wireguard client
• siderolabs/talos@b8e7cdb70 docs: add vultr guide
• siderolabs/talos@c2be65b66 fix: openstack unable to parseIP
• siderolabs/talos@2ae0e3a56 test: add a test for version of Go Talos was built with
• siderolabs/talos@bef1a13fa docs: update latest Talos in 1.0 docs to 1.0.4
• siderolabs/talos@b52962c44 chore: bump dependencies
• siderolabs/talos@79ae76a6f fix: properly set allowSchedulingOnMasters in the interactive install
• siderolabs/talos@2b7e7d4dc feat: print the status of services during boot
• siderolabs/talos@802d4a23c fix: load kubelet system service in StartAllServices task
• siderolabs/talos@67019c434 fix: add source path for ovmf flash image
• siderolabs/talos@da7b24ba5 chore: bump kernel to 5.15.38
• siderolabs/talos@8ca8effd6 chore: add Equinix Managed Services NL to adopters
• siderolabs/talos@8bc97a30f fix: remove D-Bus sockets before listen attempts
• siderolabs/talos@54cfa039a fix: use json.Unmarshal instead of yaml.Unmarshal
• siderolabs/talos@6d30c4822 docs: update networking resource documentation
• siderolabs/talos@bc88de729 chore: bump coredns to v1.9.2
• siderolabs/talos@c6722b637 docs: when mentioning partitions, link to partition docs
• siderolabs/talos@b189e8426 chore: fix incorrect ManifestSpec.MarshalYAML signature
• siderolabs/talos@5d5280200 feat: add more hardware information to the link status resources
• siderolabs/talos@2ff6db749 chore: add Nedap Security Atlas as adopter
• siderolabs/talos@89cab200b chore: bump kubernetes to v1.24.0
• siderolabs/talos@09d16349f chore: refactor StaticPod and StaticPodStatus into typed.Resource
• siderolabs/talos@d2935f98c chore: refactor LinkRefresh and LinkStatus into typed.Resource
• siderolabs/talos@b52e0b9b9 fix: talosctl throws error if gen option and --input-dir flags are combined
• siderolabs/talos@0e15de3a8 docs: add adopters file
• siderolabs/talos@bb932c297 chore: bump containerd to v1.6.4
• siderolabs/talos@4eaaa2d59 chore: bump kernel to 5.15.37
• siderolabs/talos@89dde8f2c chore: refactor remaining resources into typed.Resource
• siderolabs/talos@bd089e702 chore: bump dependencies
• siderolabs/talos@3136334b9 docs: fix links in VMware documentation
• siderolabs/talos@403df0e18 docs: provide example on using config generation package
• siderolabs/talos@635192861 chore: redo pointer with github.com/siderolabs/go-pointer module
• siderolabs/talos@a269f740c docs: copy knowledge base to v1.0 docs
• siderolabs/talos@483201026 fix: return an error if there is no byte slice in ReadonlyProvider
• siderolabs/talos@6e7486f09 fix: allow graceful node shutdown to be overridden
• siderolabs/talos@867d38f28 feat: add bond slaves ordering
• siderolabs/talos@03ef62ad8 fix: include Go primitive types into unstructured deepcopy
• siderolabs/talos@f06e6acf2 chore: bump kernel to 5.15.36
• siderolabs/talos@c0d386abb fix: don't mount D-Bus socket via mount under recursive bind mount
• siderolabs/talos@9a8ff76df refactor: rewrite perf resource to use typed.Resource
• siderolabs/talos@71d04c4d5 refactor: rewrite runtime resources to use typed.Resource
• siderolabs/talos@7568d51fc fix: trigger CRI config merge on correct resource update
• siderolabs/talos@c456dbcb9 docs: remove references to init nodes
• siderolabs/talos@1973095d1 feat: update containerd to 1.6.3
• siderolabs/talos@b51292d88 docs: reformat config reference
• siderolabs/talos@c0709d970 feat: increase aio-max-nr and inotify.max_user_instances
• siderolabs/talos@85b328e99 refactor: convert secrets resources to use typed.Resource
• siderolabs/talos@e91350acd refactor: convert time & v1alpha1 resources to use typed.Resource
• siderolabs/talos@45464412e chore: bump dependencies
• siderolabs/talos@0af6b35a6 feat: update etcd to 3.5.4
• siderolabs/talos@7ad27751c docs: fix analytics and sitemap
• siderolabs/talos@55ff876dc chore: bump K8s Go modules to 1.24.0-rc.0
• siderolabs/talos@f1f43131f fix: strip 'v' prefix from versions on Kubernetes upgrade
• siderolabs/talos@ec621477b chore: tune QEMU disk provisioner options
• siderolabs/talos@b085343dc feat: use discovery information for etcd join (and other etcd calls)
• siderolabs/talos@2b03057b9 feat: implement a new mode try in the config manipulation commands
• siderolabs/talos@51a68c31f chore: allow mounting files from the host
• siderolabs/talos@f3e330a0a docs: fix network dependency
• siderolabs/talos@7ba39bd60 docs: clarify discovery service
• siderolabs/talos@8057d076a release(v1.1.0-alpha.1): prepare release
• siderolabs/talos@1d5c08e74 chore: bump kernel to 5.15.35
• siderolabs/talos@9bf23e516 feat: update Kubernetes to 1.24.0-rc.0
• siderolabs/talos@d78ed320b docs: fix the docs reference to star registry redirects
• siderolabs/talos@257dfb870 fix: run the 'post' stage of the service always
• siderolabs/talos@992e23023 fix: correctly handle stopping services with reverse dependencies
• siderolabs/talos@bb7a50bd5 docs: fix netlify redirects
• siderolabs/talos@486f79bc7 docs: fix netlify deploy url
• siderolabs/talos@e8cbedb05 docs: add canonical link ref
• siderolabs/talos@0fe4a7832 docs: improve latest-version banner
• siderolabs/talos@23984efcd fix: detect lingering mounts in the installer correctly
• siderolabs/talos@54dba925f chore: refactor network resource to use typed resource
• siderolabs/talos@4eb9f45cc refactor: split polymorphic K8sControlPlane into typed resources
• siderolabs/talos@68dfdd331 fix: provide logger to the etcd snapshot restore
• siderolabs/talos@f190403f0 docs: add how to get config after interactive setup
• siderolabs/talos@fac7b9466 docs: improve vip caveats documentation
• siderolabs/talos@250df9e67 docs: improve rook-ceph description
• siderolabs/talos@b5c1d868d docs: add talos/kubernetes config faq
• siderolabs/talos@39721ee93 chore: bump dependencies
• siderolabs/talos@610945774 chore: bump tools and pkgs
• siderolabs/talos@2b68c8b67 fix: enable long timestamps for xfs
• siderolabs/talos@be00d7749 chore: implement cluster resources using cosi typed resource
• siderolabs/talos@460d5ab13 docs: fix extension services alias
• siderolabs/talos@bbdfda2dd chore: xfs quota support in kernel
• siderolabs/talos@8ff8fc77f chore: enable rpi4 poe hat fan control
• siderolabs/talos@2b9722d1f feat: add dry-run flag in apply-config and edit commands
• siderolabs/talos@8af50fcd2 fix: correct cri package import path
• siderolabs/talos@ce09ede83 feat: update etcd to 3.5.3
• siderolabs/talos@13f41badd chore: bump kernel to 5.15.34
• siderolabs/talos@fa57b5d92 docs: reorganize documentation
• siderolabs/talos@a91eb9358 chore: bump deps
• siderolabs/talos@0aad0df2e refactor: remove String() for resource implementation
• siderolabs/talos@a4060513c feat: build Talos with support for x86-64-v2 microarchitecture
• siderolabs/talos@8faebd410 chore: bump tools and pkgs
• siderolabs/talos@8499b7e7d chore: bump dependencies
• siderolabs/talos@a7ba7ea67 feat: migrate to go 1.18
• siderolabs/talos@9dace93b5 feat: enable Pod Security Admission by default
• siderolabs/talos@c382cb8cd docs: update vmware docs
• siderolabs/talos@da0e638f0 docs: stableize tools versioning
• siderolabs/talos@f2d2267e7 docs: use template for netlify redirects
• siderolabs/talos@88f1d8fcc docs: update sitemap to point to direct url
• siderolabs/talos@a6eebee36 chore: update eudev
• siderolabs/talos@0cb84e8c1 fix: correctly parse tags out of images
• siderolabs/talos@17d09739f docs: enable nested arrow
• siderolabs/talos@1e4320b64 chore: add support for rockpi 4A and 4B
• siderolabs/talos@d1869d948 docs: update to Sidero Metal, mention clusterctl
• siderolabs/talos@18d0038ec fix: avoid panic in DHCPv6 operator on nil dereference
• siderolabs/talos@9e3d438db docs: fix code fence formatting
• siderolabs/talos@b3f1bb2cf fix: add support for FAT12/16 filesystems
• siderolabs/talos@8619f95c5 chore: bump dependencies
• siderolabs/talos@8c4f72004 docs: override sitemap.xml to only include latest results
• siderolabs/talos@5192ba4e2 docs: fix a typo in QEMU VM setup guide
• siderolabs/talos@663e3e879 refactor: change the stages for embed files generation
• siderolabs/talos@19bf12af0 fix: enable IPv6 in Docker-based Talos clusters
• siderolabs/talos@3889a5839 docs: update config.yaml, storage.md, digital-rebar.md
• siderolabs/talos@25d19131d release(v1.1.0-alpha.0): prepare release
• siderolabs/talos@2ca5279e5 fix: retry manifest updates in upgrade-k8s
• siderolabs/talos@eeb756168 feat: use kexec when resetting a node
• siderolabs/talos@1ed1f73e5 test: bump CAPI to 1.1.3
• siderolabs/talos@2ee1d2c72 feat: update Kuberentes to 1.24.0-beta.0
• siderolabs/talos@c26fa4ccc test: push GITHUB_TOKEN to the e2e-aws/gcp steps
• siderolabs/talos@95d900de7 feat: use kubeconfig env var
• siderolabs/talos@0b407dd17 feat: add dhcp-v6 NTP/DHCP-DUID
• siderolabs/talos@a140a6bad docs: update releases shortcode in upgrade guide
• siderolabs/talos@12931dced fix: align partitions on 1M boundary
• siderolabs/talos@37f868e37 fix: validate empty TLS config for registries
• siderolabs/talos@ca8b9c0a3 feat: update Kubernetes to 1.24.0-alpha.4
• siderolabs/talos@d9ec6b215 chore: drop dirty from abbreviated tag
• siderolabs/talos@08624fd0b docs: add banner to main page
• siderolabs/talos@fc23c7a59 test: bump versions for upgrade tests
• siderolabs/talos@4bfe68610 feat: update runc to 1.1.1
• siderolabs/talos@b315ed953 chore: use go:embed instead of ldflags
• siderolabs/talos@a5d64fc81 feat: update Flannel to 0.17.0
• siderolabs/talos@6d6eb3f6a docs: fork docs for 1.1
• siderolabs/talos@1d55f05d1 docs: update index page
• siderolabs/talos@ad6b7ec1a fix: enable etcd consistency on check startup
• siderolabs/talos@65a31f753 docs: re-add GA token
• siderolabs/talos@741c04832 docs: mark 1.0 docs as latest
• siderolabs/talos@e97433c8a docs: update jetson nano
• siderolabs/talos@6665e0f00 docs: code block copying
• siderolabs/talos@c41f2b216 docs: update whats-new-v1.0
• siderolabs/talos@0a36fbbf3 docs: add release notes for 1.0
• siderolabs/talos@bd0035f6a docs: add NVIDIA docs
• siderolabs/talos@efa3f2898 fix: correctly find partitions with config data (metal-iso)
• siderolabs/talos@9ebeec0d0 docs: fix incorrect path for talosconfig
• siderolabs/talos@9fef4540e docs: fix non-latest download links
• siderolabs/talos@f8ef6a081 docs: add rook ceph configuration guide
• siderolabs/talos@e2666f58f chore: bump kernel to 5.15.32
• siderolabs/talos@957b2f233 chore: bump dependencies
• siderolabs/talos@0fd2aa08b fix: correctly escape '.' in volume names
• siderolabs/talos@108fd03a7 fix: give up virtual IPs before the kubelet workloads are shut down
• siderolabs/talos@856e1333d fix: use 'localhost' endpoint in docker provisioner on Windows
• siderolabs/talos@c5da38609 docs: use variables and templates in the docs
• siderolabs/talos@4c83847b9 docs: target search results
• siderolabs/talos@67fb72d96 docs: add algolia versions to all content
• siderolabs/talos@5344d6e7c docs: fix extension service path dependency
• siderolabs/talos@9b9191c5e fix: increase intiial window and connection window sizes
• siderolabs/talos@7a88a0224 docs: show archived/pre-release banner based on version
• siderolabs/talos@e403470bf docs: filter algolia results by latest
• siderolabs/talos@0497d5f9f docs: tag latest docs for search
• siderolabs/talos@a25425483 feat: update containerd to 1.6.2, Linux to 5.15.31
• siderolabs/talos@9b6422fcc feat: update CoreDNS to 1.9.1
• siderolabs/talos@020856f80 docs: remove second search bar
• siderolabs/talos@5f27f4c63 docs: update asset links
• siderolabs/talos@9ff42b432 docs: fix redirects for /docs URLs
• siderolabs/talos@7283efd56 chore: update the talosctl CNI download url
• siderolabs/talos@e0eee7fcc test: use clusterctl.yaml overrides after org rename
• siderolabs/talos@73966f51e docs: fix extensions
• siderolabs/talos@f9766edb5 docs: remove empty doc file
• siderolabs/talos@e06e1473b feat: update golangci-lint to 1.45.0 and gofumpt to 0.3.0
• siderolabs/talos@a92c614b2 docs: add enterprise link to docs header
• siderolabs/talos@0ae7174ba docs: update search settings and redirects
• siderolabs/talos@883d401f9 chore: rename github organization to siderolabs
• siderolabs/talos@d1294d014 chore: add day-two tests for e2e-qemu
• siderolabs/talos@a6240e4b6 feat: update Linux to 5.15.30
• siderolabs/talos@e3fda049f docs: overhaul all the docs
• siderolabs/talos@f47750726 fix: the etcd recovery client and tests
• siderolabs/talos@69e07cddc fix: trigger properly udevd on types and actions
• siderolabs/talos@47d0e629d fix: clean up custom udev rules if the config is cleared
• siderolabs/talos@b6691b350 chore: bump dependencies
• siderolabs/talos@27af5d41c feat: pause the boot process on some failures instead of rebooting
• siderolabs/talos@58cb9db1e feat: allow hardlinks in the system extension images
• siderolabs/talos@1e982808f fix: ignore pod CIDRs for kubelet node IPs
• siderolabs/talos@5e0c80f61 fix: ignore connection reset errors on k8s upgrade
• siderolabs/talos@c156580a3 fix: split regular network operation configuration and virtual IP
• siderolabs/talos@cd4d4c605 feat: relax extensions file structure validation
• siderolabs/talos@50594ab1a fix: ignore terminated pods in pod health checks
• siderolabs/talos@9d69fb6b4 feat: update Kubernetes to 1.23.5
• siderolabs/talos@327ce5aba fix: invert the condition to skip kubelet kernel checks
• siderolabs/talos@cf85b3f07 docs: update cilium inline install
• siderolabs/talos@84ee1795d docs: update logo
• siderolabs/talos@cc7719c9d docs: improve comments in security proto
• siderolabs/talos@caf800fe8 feat: implement D-Bus systemd-compatible shutdown for kubelet
• siderolabs/talos@6bec08429 feat: add talosctl completions to copy, usage, logs, restart and service
• siderolabs/talos@355b1a4be fix: refresh etcd certs on startup/join
• siderolabs/talos@d256b5c5e docs: fix spelling mistakes
• siderolabs/talos@5fdedae20 chore: bump kernel to 5.15.28
• siderolabs/talos@18a21b5f2 chore: add dependency images-essential -> images
• siderolabs/talos@714e5eca6 chore: bump dependencies
• siderolabs/talos@58be4067e docs: update README.md
• siderolabs/talos@c5fb20930 docs: add loki note
• siderolabs/talos@f448cb4f3 feat: bump boot partition size to 1000 MiB
• siderolabs/talos@a095acb09 chore: fix equinixMetal platform name
• siderolabs/talos@2a7f9a445 fix: check for IPv6 before applying accept_ra
• siderolabs/talos@59681b8c9 fix: backport fixes from release-1.0 branch

Changes since v1.1.0-beta.2

• siderolabs/talos@d55a18714 release(v1.1.0): prepare release
• siderolabs/talos@6d6567512 docs: fix the vendor information for Kubernetes conformance tests
• siderolabs/talos@707f2a3e9 chore: bump kubernetes to v1.24.2
• siderolabs/talos@ed09dee4f fix: make talosctl bootstrap accept only single node
• siderolabs/talos@86352abe0 test: fix csi tests
• siderolabs/talos@9409975b1 fix: support SideroLink "secure" gRPC connection
• siderolabs/talos@6cd38e519 chore: bump kernel to 5.15.48
• siderolabs/talos@08f2ea1e3 chore: bump kernel to 5.15.47

Changes from siderolabs/extras

• siderolabs/extras@5800284 chore: bump golang to 1.18.3
• siderolabs/extras@913188a chore: update pkg to 1.1.0
• siderolabs/extras@e2bb56e chore: stable source date epoch
• siderolabs/extras@a77a6f4 chore: bump Go to 1.18.2
• siderolabs/extras@ac3b9a4 chore: bump pkgs
• siderolabs/extras@d4f8e88 chore: update references after org rename

Changes from siderolabs/go-pcidb

• siderolabs/go-pcidb@4c9f656 feat: initial implementation
• siderolabs/go-pcidb@be468ce Initial commit

Changes from siderolabs/go-pointer

• siderolabs/go-pointer@71ccdf0 chore: implement main functionality
• siderolabs/go-pointer@c1c3b23 Initial commit

Changes from siderolabs/pkgs

• siderolabs/pkgs@fa9a488 chore: bump kernel to 5.15.48
• siderolabs/pkgs@5016a9d chore: bump kernel to 5.15.47
• siderolabs/pkgs@0e456be chore: bump kernel to 5.15.46
• siderolabs/pkgs@d523948 feat: update containerd to 1.6.6
• siderolabs/pkgs@a876600 chore: bump kernel to 5.15.45
• siderolabs/pkgs@43644d4 feat: update containerd to 1.6.5
• siderolabs/pkgs@9f61c50 chore: bump golang to 1.18.3
• siderolabs/pkgs@b8ecee8 chore: bump kernel to 5.15.44
• siderolabs/pkgs@f5db31f chore: bump tools to final v1.1.0 release
• siderolabs/pkgs@6b14046 feat: update Flannel CNI to 1.1.0
• siderolabs/pkgs@9b70e9f chore: bump kernel to 5.15.43
• siderolabs/pkgs@1f48da7 chore: stable source date epoch
• siderolabs/pkgs@24e545e feat: azure boot disk defenition
• siderolabs/pkgs@e72fe55 chore: bump kernel to 5.15.41
• siderolabs/pkgs@7305bd7 chore: bump kernel to 5.15.40
• siderolabs/pkgs@cd05ae8 chore: bump u-boot v2022.04
• siderolabs/pkgs@7add479 chore: bump kernel to 5.15.39
• siderolabs/pkgs@0886699 chore: bump runc to v1.1.2
• siderolabs/pkgs@dd06fa9 chore: bump nvidia drivers to 510.68.02
• siderolabs/pkgs@91bb939 chore: bump Go to 1.18.2
• siderolabs/pkgs@8bd8397 chore: bump kernel to 5.15.38
• siderolabs/pkgs@de96a44 chore: bump containerd to v1.6.4
• siderolabs/pkgs@45906c1 chore: bump ca-certificates to 2022-04-26
• siderolabs/pkgs@d847adc chore: bump kernel to 5.15.37
• siderolabs/pkgs@c4cfa72 chore: bump util-linux to 2.38
• siderolabs/pkgs@e22317d chore: bump tools
• siderolabs/pkgs@422ed8e chore: bump kernel to 5.15.36
• siderolabs/pkgs@1e833c6 chore: enable nvme hardware monitor
• siderolabs/pkgs@fe7c46f feat: update containerd to 1.6.3
• siderolabs/pkgs@95f4418 chore: bump kernel to 5.15.35
• siderolabs/pkgs@201af71 chore: bump tools and bldr
• siderolabs/pkgs@3de14d7 chore: enable xfs quota support
• siderolabs/pkgs@6955fd0 chore: bump raspberrypi-firmware to 1.20220331
• siderolabs/pkgs@5b498d8 chore: bump linux-firmware 20220401
• siderolabs/pkgs@9cda5c0 chore: bump kernel to 5.15.34
• siderolabs/pkgs@8b48af6 chore: bump tools
• siderolabs/pkgs@ff13660 chore: bump kernel to 5.15.33
• siderolabs/pkgs@415020f chore: bump eudev, remove non-relevant default rules
• siderolabs/pkgs@6691342 chore: add rockpi4c
• siderolabs/pkgs@5bd5fad chore: build u-boot spi image for rockpi
• siderolabs/pkgs@4dace49 fix: ipxe prompt arm64
• siderolabs/pkgs@6041fd7 chore: update to use latest tools (specifically go 1.18)
• siderolabs/pkgs@4b3e70e chore: upstream u-boot for jetson nano
• siderolabs/pkgs@cc1c8c7 feat: update runc to 1.1.1
• siderolabs/pkgs@3baf4e4 chore: enable random trust CPU
• siderolabs/pkgs@df31920 chore: disable sound
• siderolabs/pkgs@c27751b chore: bump nvidia drivers to 510.60.02
• siderolabs/pkgs@ba98e20 chore: bump kernel to 5.15.32
• siderolabs/pkgs@a76edfd feat: update containerd to 1.6.2
• siderolabs/pkgs@0c38670 chore: bump kernel to 5.15.31
• siderolabs/pkgs@bc4fb0c chore: org update
• siderolabs/pkgs@41f291d feat: update Flannel CNI to 1.0.1
• siderolabs/pkgs@58603ba chore: bump kernel to 5.15.30
• siderolabs/pkgs@d3bb262 chore: bump kernel to 5.15.29
• siderolabs/pkgs@76a24b5 chore: update openssl to 1.1.1n
• siderolabs/pkgs@490c7b7 chore: enable aarch64 NVIDIA drivers
• siderolabs/pkgs@b794b7a chore: bump linux-firmware to 20220310
• siderolabs/pkgs@acda207 chore: bump kernel to 5.15.28
• siderolabs/pkgs@e0fec11 chore: bump nvidia driver to 510.54
• siderolabs/pkgs@0407f05 chore: bump kernel to 5.15.27

Changes from siderolabs/tools

• siderolabs/tools@134974c chore: bump golang to 1.18.3
• siderolabs/tools@4a5c229 chore: bump toolchain to v0.6.0
• siderolabs/tools@50e535a chore: stable source date epoch
• siderolabs/tools@967ebd9 chore: bump curl to 7.83.1
• siderolabs/tools@e61f856 chore: bump go to 1.18.2
• siderolabs/tools@315890f chore: bump ca-certificates to 2022-04-26
• siderolabs/tools@a1d3530 chore: bump util-linux to 2.38
• siderolabs/tools@d229fe1 chore: update bldr
• siderolabs/tools@e9f123c chore: bump curl to 7.83.0
• siderolabs/tools@8473ef2 chore: bump git to 2.36.0
• siderolabs/tools@8c1f801 chore: bump coreutils to 9.1
• siderolabs/tools@533d5c9 chore: bump git to 2.35.2
• siderolabs/tools@a15cbee chore: bump go to 1.18.1
• siderolabs/tools@718ec10 chore: enable conform
• siderolabs/tools@a60a332 chore: bump xz and gzip
• siderolabs/tools@c8a3d4d chore: update go to 1.18
• siderolabs/tools@1684fdc chore: bump expat to 2.4.8
• siderolabs/tools@7f5e44c chore: bump zlib to 1.2.12
• siderolabs/tools@bfc99ca chore: rename org
• siderolabs/tools@99be089 chore: update openssl to 1.1.1n
• siderolabs/tools@b63872b chore: update golang to 1.17.8

Changes from talos-systems/go-blockdevice

• talos-systems/go-blockdevice@fccee8b chore: rekres the source, fix issues
• talos-systems/go-blockdevice@d9c3a27 feat: support probing FAT12/FAT16 filesystems
• talos-systems/go-blockdevice@b374eb4 fix: align partition to 1M boundary by default

Changes from talos-systems/go-loadbalancer

• talos-systems/go-loadbalancer@c54d95d feat: implement control plane loadbalancer
• talos-systems/go-loadbalancer@4a6e29e refactor: clean up names, fix the lingering goroutines
• talos-systems/go-loadbalancer@af87d1c chore: apply new Kres rules

Changes from talos-systems/go-smbios

• talos-systems/go-smbios@3f1e775 feat: rework destructuring of SMBIOS information and added some tests

Changes from talos-systems/siderolink

• talos-systems/siderolink@1d2b7e1 feat: allow setting peer endpoint using peer event
• talos-systems/siderolink@5d085d6 feat: expose wgDevice.Peers from the wireguard.Device wrapper
• talos-systems/siderolink@3a5be65 fix: use correct method to generate Wireguard private key
• talos-systems/siderolink@8318a7e feat: accept join token in Provision payload
• talos-systems/siderolink@b38c192 fix: build on Windows
• talos-systems/siderolink@9902ad2 feat: pass request context and node address to the events sink adapter

Dependency Changes

• cloud.google.com/go/compute v1.5.0 -> v1.6.1
• github.com/BurntSushi/toml v1.0.0 -> v1.1.0
• github.com/aws/aws-sdk-go v1.43.8 -> v1.44.24
• github.com/containerd/cgroups 2e502f6b9e43 -> v1.0.4
• github.com/containerd/containerd v1.6.2 -> v1.6.4
• github.com/containernetworking/cni v1.0.1 -> v1.1.0
• github.com/containernetworking/plugins v1.1.0 -> v1.1.1
• github.com/cosi-project/runtime 264f8fcd1a4f -> 95d06feaf8b5
• github.com/docker/distribution v2.8.0 -> v2.8.1
• github.com/docker/docker v20.10.12 -> v20.10.16
• github.com/fsnotify/fsnotify v1.5.1 -> v1.5.4
• github.com/gdamore/tcell/v2 f057f0a857a1 -> v2.5.1
• github.com/golang/mock v1.6.0 new
• github.com/google/go-cmp v0.5.7 -> v0.5.8
• github.com/google/nftables 211824995dcb -> a9775fb167d2
• github.com/hashicorp/go-getter v1.5.11 -> v1.6.1
• github.com/hashicorp/go-version v1.4.0 -> v1.5.0
• github.com/hetznercloud/hcloud-go v1.33.1 -> v1.33.2
• github.com/insomniacslk/dhcp 3c283ff8b7dd -> 1ca156eafb9f
• github.com/jsimonetti/rtnetlink v1.1.0 -> v1.2.0
• github.com/mdlayher/arp c37aaafac7f9 -> 6706a2966875
• github.com/mdlayher/netx 669a06fde734 -> c711c2f8512f
• github.com/opencontainers/image-spec v1.0.2 -> c5a74bcca799
• github.com/packethost/packngo v0.22.0 -> v0.24.0
• github.com/pelletier/go-toml v1.9.4 -> v1.9.5
• github.com/rivo/tview 96063d6082f3 -> 9994674d60a8
• github.com/rs/xid v1.3.0 -> v1.4.0
• github.com/ryanuber/go-glob v1.0.0 new
• github.com/safchain/ethtool v0.2.0 new
• github.com/siderolabs/extras v1.0.0 -> v1.1.0-1-g5800284
• github.com/siderolabs/go-pcidb v0.1.0 new
• github.com/siderolabs/go-pointer v1.0.0 new
• github.com/siderolabs/pkgs v1.0.0-6-g7c293d5 -> v1.1.0-8-gfa9a488
• github.com/siderolabs/tools v1.0.0-1-g4c77d96 -> v1.1.0-1-g134974c
• github.com/spf13/cobra v1.3.0 -> v1.4.0
• github.com/spf13/pflag v1.0.5 new
• github.com/stretchr/testify v1.7.0 -> v1.7.1
• github.com/talos-systems/go-blockdevice v0.3.1 -> v0.3.2
• github.com/talos-systems/go-loadbalancer v0.1.1 -> v0.1.2
• github.com/talos-systems/go-smbios v0.1.1 -> v0.2.0
• github.com/talos-systems/siderolink v0.1.0 -> v0.1.2
• github.com/vishvananda/netlink 650dca95af54 -> v1.2.0-beta
• github.com/vmware-tanzu/sonobuoy v0.56.2 -> v0.56.6
• github.com/vmware/govmomi v0.27.4 -> v0.28.0
• github.com/vmware/vmw-guestinfo cc1fd90d572c -> 510905f0efa3
• github.com/vultr/metadata v1.0.3 -> v1.1.0
• go.etcd.io/etcd/api/v3 v3.5.2 -> v3.5.4
• go.etcd.io/etcd/client/pkg/v3 v3.5.2 -> v3.5.4
• go.etcd.io/etcd/client/v3 v3.5.2 -> v3.5.4
• go.etcd.io/etcd/etcdutl/v3 v3.5.2 -> v3.5.4
• golang.org/x/net 27dd8689420f -> 5463443f8c37
• golang.org/x/sync 036812b2e83c -> 0976fa681c29
• golang.org/x/sys 4e6760a101f9 -> bc2c85ada10a
• golang.org/x/term 03fcf44c2211 -> 065cf7ba2467
• golang.org/x/time 0e9765cccd65 -> 583f2d630306
• golang.zx2c4.com/wireguard/wgctrl fde48d68ee68 -> 3d4a969bb56b
• google.golang.org/grpc v1.44.0 -> v1.46.2
• google.golang.org/protobuf v1.27.1 -> v1.28.0
• k8s.io/api v0.23.5 -> v0.24.2
• k8s.io/apimachinery v0.23.5 -> v0.24.2
• k8s.io/apiserver v0.23.5 -> v0.24.2
• k8s.io/client-go v0.23.5 -> v0.24.2
• k8s.io/component-base v0.23.5 -> v0.24.2
• k8s.io/cri-api v0.23.5 -> v0.24.2
• k8s.io/klog/v2 v2.60.1 new
• k8s.io/kubectl v0.23.5 -> v0.24.2
• k8s.io/kubelet v0.23.5 -> v0.24.2
• kernel.org/pub/linux/libs/security/libcap/cap v1.2.63 -> v1.2.64

Previous release can be found at v1.0.0

Images

ghcr.io/siderolabs/flannel:v0.18.1
ghcr.io/siderolabs/install-cni:v1.1.0-1-g5800284
docker.io/coredns/coredns:1.9.3
gcr.io/etcd-development/etcd:v3.5.4
k8s.gcr.io/kube-apiserver:v1.24.2
k8s.gcr.io/kube-controller-manager:v1.24.2
k8s.gcr.io/kube-scheduler:v1.24.2
k8s.gcr.io/kube-proxy:v1.24.2
ghcr.io/siderolabs/kubelet:v1.24.2
ghcr.io/siderolabs/installer:v1.1.0
k8s.gcr.io/pause:3.6

Talos 1.1.0-beta.2 (2022-06-10)

Welcome to the v1.1.0-beta.2 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Kubernetes API Server Anonymous Auth

Anonymous authentication is now disabled by default for the kube-apiserver (CIS compliance).

To enable anonymous authentication, update the machine config with:

cluster:
    apiServer:
        extraArgs:
            anonymous-auth: true

Apply Config --dry-run

The commands talosctl apply-config, talosctl patch mc and talosctl edit mc now support --dry-run flag.
If enabled it just prints out the selected config application mode and the configuration diff.

Apply Config --mode=try

The commands talosctl apply-config, talosctl patch mc and talosctl edit mc now support the new mode called try.
In this mode the config change is applied for a period of time and then reverted back to the state it was before the change.
--timeout parameter can be used to customize the config rollback timeout.
This new mode can be used only with the parts of the config that can be changed without a reboot and can help to check that
the new configuration doesn't break the node.
Can be especially useful to check network interfaces changes that may lead to the loss of connectivity to the node.

IPv6 in Docker-based Talos Clusters

The command talosctl cluster create now enables IPv6 by default for the Docker containers
created for Talos nodes. This allows to use IPv6 addresses in Kubernetes networking.

If talosctl cluster create fails to work on Linux due to the lack of IPv6 support,
please use the flag --disable-docker-ipv6 to revert the change.

drop some default rules shipped by eudev

Drops some default eudev rules that doesn't make sense in the context of Talos OS.
Especially the ones around sound devices, cd-roms and renaming the network interfaces to be predictable

Network Device Selector

Talos machine configuration supports specifying network interfaces by selectors instead of interface name.
See documentation for more details.

Pod Security Admission

Pod Security Admission controller is enabled by default with the following policy:

apiVersion: apiserver.config.k8s.io/v1
kind: AdmissionConfiguration
plugins:
- configuration:
    apiVersion: pod-security.admission.config.k8s.io/v1alpha1
    defaults:
      audit: restricted
      audit-version: latest
      enforce: baseline
      enforce-version: latest
      warn: restricted
      warn-version: latest
    exemptions:
      namespaces:
      - kube-system
      runtimeClasses: []
      usernames: []
    kind: PodSecurityConfiguration
  name: PodSecurity
  path: ""

The policy is part of the Talos machine configuration, and it can be modified to suite your needs.

Support RockPi 4 variants A and B

Talos now supports RockPi variants A and B in addition to RockPi 4C

Raspberry Pi PoE hat fan

Talos now enables the Raspberry Pi PoE fan control by pulling in the poe overlay that works with upstream kernel

Component Updates

• Linux: 5.15.46
• Containerd: v1.6.6
• Kubernetes: 1.24.1
• Flannel: 0.18.1
• runc: 1.1.2
• CoreDNS: v1.9.3

Talos is built with Go 1.18.3

x86-64 Architecture

Talos is built for x86-64 architecture with support for x86-64-v2 microarchitecture level,
so Talos no longer runs on processors supporting only baseline x86-64 microarchitecture (before 2009).

Contributors

• Andrey Smirnov
• Noel Georgi
• Tim Jones
• Dmitriy Matrenichev
• Spencer Smith
• Artem Chernyshev
• Serge Logvinov
• Philipp Sauter
• Andrew Rynhard
• Steve Francis
• Steve Francis
• Andrei Dobre
• Bastiaan Schaap
• Bᴇʀɴᴅ Sᴄʜᴏʀɢᴇʀs
• Caleb Woodbine
• Daniel Höxtermann
• Gerard de Leeuw
• Han Cen
• Jori Huisman
• Jorik Jonker
• Nat Allan
• Nico Berlee
• Philipp Sauter
• Rio Kierkels
• Sebastian Hasler
• Seán C McCord
• Suraj Shirvankar
• Tames McTigue
• Tim Jones
• Tomasz Zurkowski
• William Ashton

Changes

• siderolabs/talos@83b430ac5 release(v1.1.0-beta.2): prepare release
• siderolabs/talos@2d1a94e08 fix: correctly validate reboot mode in CLI
• siderolabs/talos@4eeb6ebe1 feat: build Talos images with system extensions included
• siderolabs/talos@b94a4ec5f chore: run xfs_repair on xfs filesystem returing EUCLEAN
• siderolabs/talos@09e4f38ba chore: revert day-two tests for csi tests
• siderolabs/talos@10ac9dc95 fix: respect local API server port
• siderolabs/talos@1e4417d1a feat: disallow anonymous requests by default (kube-apiserver)
• siderolabs/talos@d5f16f067 chore: bump kernel to 5.15.46
• siderolabs/talos@9289c4ca8 release(v1.1.0-beta.1): prepare release
• siderolabs/talos@b75318520 feat: update containerd 1.6.6, Linux 5.15.45, Flannel 0.18.1
• siderolabs/talos@e23d1979b fix: add ovmf image path for rhel
• siderolabs/talos@6229eefe7 fix: wait for /var to be mounted in kubelet service controller
• siderolabs/talos@4712e73c4 fix: improve vip operator shutdown sequence
• siderolabs/talos@3860129d7 chore: bump golang to 1.18.3
• siderolabs/talos@f8422f217 release(v1.1.0-beta.0): prepare release
• siderolabs/talos@98bbab12e chore: bump dependencies
• siderolabs/talos@0a6fc906f fix: table align hosts file
• siderolabs/talos@be644c96e fix: flannel ipv6 compatibility
• siderolabs/talos@99e8f1261 feat: add support for equinix metal events
• siderolabs/talos@1ba8a6b94 chore: update go yaml to the latest version
• siderolabs/talos@400a88dc5 chore: disable kexec on rpi4 and rockpi
• siderolabs/talos@48423a983 chore: bump kernel to 5.15.44
• siderolabs/talos@458e44c27 feat: include azure public IPs from standard LB SKU into extips
• siderolabs/talos@19edbb5bd docs: fix typo in main page
• siderolabs/talos@4ad773f01 feat: update CoreDNS to 1.9.3
• siderolabs/talos@7a4062904 chore: update Sidero Labs go modules to released versions
• siderolabs/talos@e40153aef fix: introduce more route protocols as constants
• siderolabs/talos@3ed254976 feat: update Kubernetes to 1.24.1
• siderolabs/talos@ceae420a8 chore: update tools/pkgs/extras to 1.1.0
• siderolabs/talos@f9c46fb18 fix: unmarshal HardwareAddr without stdlib help
• siderolabs/talos@f2e94d602 fix: implement unmarshaling from YAML for LinkStatus
• siderolabs/talos@fe858041b feat: enable version API in maintenance mode
• siderolabs/talos@875f67a6e fix: correctly parse empty route flags from YAML
• siderolabs/talos@00515b4ba chore: rename memory to memorymodules
• siderolabs/talos@9c4b7d6e8 feat: update Flannel to 0.18.0
• siderolabs/talos@c5297009e feat: support join token as part of siderolink kernel parameter
• siderolabs/talos@0dc4ad58e chore: bump kernel to 5.15.43
• siderolabs/talos@610884aa0 docs: correct the install-image tag in the Developing Talos section
• siderolabs/talos@af5ac30a7 feat: enable passing custom kernel args to the ISO creator
• siderolabs/talos@b7d068f60 chore: add cloud-image-uploader to go workspace
• siderolabs/talos@88efd75d3 docs: fix install script url
• siderolabs/talos@3f88030ca test: use use correct method to generate Wireguard private key
• siderolabs/talos@8c675c669 chore: siderolink maintenance mode
• siderolabs/talos@4551cbd7f fix: cluster creation error message formatting
• siderolabs/talos@bafa1f49d fix: improve error message when creating cluster
• siderolabs/talos@f03002ec6 feat: add support for disabling search domains
• siderolabs/talos@a1b6f21a8 chore: bump dependencies
• siderolabs/talos@1156daac2 fix: azure hostname definition
• siderolabs/talos@33a631f02 feat: look up Links PCI vendor/product via PCI ID database
• siderolabs/talos@40e57efa4 chore: fix reference to talosconfig
• siderolabs/talos@30eeb851b docs: extension service security options
• siderolabs/talos@bf7a6443e feat: add 'etcd membership is consistent across nodes' health check
• siderolabs/talos@4b3935fa4 docs: fix 1.1.x support matrix
• siderolabs/talos@efcdc16c5 chore: add go.work
• siderolabs/talos@20286c908 feat: add cpu/ram info as resource
• siderolabs/talos@c3f29031b feat: add ethtool ioctl as additional source of information
• siderolabs/talos@34d9a875a chore: go-smbios updates
• siderolabs/talos@f477eb882 chore: bump kernel to 5.15.41
• siderolabs/talos@5bac5e91a docs: fix "double-base64-encode" in cert/key examples
• siderolabs/talos@396e1386c feat: implement network device selector
• siderolabs/talos@5a8e011db fix: match for WSL platform in case-insentive way
• siderolabs/talos@ee8113b5f docs: add vector logging example
• siderolabs/talos@14985674c fix: allow SideroLink IPs in NodeAddresses
• siderolabs/talos@63f23e905 feat: openstack dhcp-v6 types
• siderolabs/talos@5ec4e9096 chore: bump kernel to 5.15.40
• siderolabs/talos@8cef958dd docs: update jetson nano docs
• siderolabs/talos@554edd3e8 chore: bump dependencies
• siderolabs/talos@f2d89735f feat: extend the extension service spec with container security options
• siderolabs/talos@850cfba72 chore: fix type order in deep-copy generation line
• siderolabs/talos@5a91f6076 fix: ignore completed pods in cluster health check
• siderolabs/talos@488ce753f docs: tidy up adopters
• siderolabs/talos@290f968fe release(v1.1.0-alpha.2): prepare release
• siderolabs/talos@a6e436582 feat: implement DeepCopy using code generation
• siderolabs/talos@91a49c4e7 fix: dhcpv6 leasetime segfault loop
• siderolabs/talos@afb679586 fix: reset certificate SANs on update
• siderolabs/talos@c87432fe1 fix: detect WSL for talosctl cluster create on Docker
• siderolabs/talos@166d2585c chore: bump kernel and runc
• siderolabs/talos@8d9b0cde0 chore: update deps to go 1.18.2
• siderolabs/talos@86741d998 fix: append hostname to cluster SANs when port is not specified
• siderolabs/talos@9885bbe17 docs: fix typos, edited for clarity
• siderolabs/talos@7fd1c80c3 fix: ignore failures to dial wireguard client
• siderolabs/talos@b8e7cdb70 docs: add vultr guide
• siderolabs/talos@c2be65b66 fix: openstack unable to parseIP
• siderolabs/talos@2ae0e3a56 test: add a test for version of Go Talos was built with
• siderolabs/talos@bef1a13fa docs: update latest Talos in 1.0 docs to 1.0.4
• siderolabs/talos@b52962c44 chore: bump dependencies
• siderolabs/talos@79ae76a6f fix: properly set allowSchedulingOnMasters in the interactive install
• siderolabs/talos@2b7e7d4dc feat: print the status of services during boot
• siderolabs/talos@802d4a23c fix: load kubelet system service in StartAllServices task
• siderolabs/talos@67019c434 fix: add source path for ovmf flash image
• siderolabs/talos@da7b24ba5 chore: bump kernel to 5.15.38
• siderolabs/talos@8ca8effd6 chore: add Equinix Managed Services NL to adopters
• siderolabs/talos@8bc97a30f fix: remove D-Bus sockets before listen attempts
• siderolabs/talos@54cfa039a fix: use json.Unmarshal instead of yaml.Unmarshal
• siderolabs/talos@6d30c4822 docs: update networking resource documentation
• siderolabs/talos@bc88de729 chore: bump coredns to v1.9.2
• siderolabs/talos@c6722b637 docs: when mentioning partitions, link to partition docs
• siderolabs/talos@b189e8426 chore: fix incorrect ManifestSpec.MarshalYAML signature
• siderolabs/talos@5d5280200 feat: add more hardware information to the link status resources
• siderolabs/talos@2ff6db749 chore: add Nedap Security Atlas as adopter
• siderolabs/talos@89cab200b chore: bump kubernetes to v1.24.0
• siderolabs/talos@09d16349f chore: refactor StaticPod and StaticPodStatus into typed.Resource
• siderolabs/talos@d2935f98c chore: refactor LinkRefresh and LinkStatus into typed.Resource
• siderolabs/talos@b52e0b9b9 fix: talosctl throws error if gen option and --input-dir flags are combined
• siderolabs/talos@0e15de3a8 docs: add adopters file
• siderolabs/talos@bb932c297 chore: bump containerd to v1.6.4
• siderolabs/talos@4eaaa2d59 chore: bump kernel to 5.15.37
• siderolabs/talos@89dde8f2c chore: refactor remaining resources into typed.Resource
• siderolabs/talos@bd089e702 chore: bump dependencies
• siderolabs/talos@3136334b9 docs: fix links in VMware documentation
• siderolabs/talos@403df0e18 docs: provide example on using config generation package
• siderolabs/talos@635192861 chore: redo pointer with github.com/siderolabs/go-pointer module
• siderolabs/talos@a269f740c docs: copy knowledge base to v1.0 docs
• siderolabs/talos@483201026 fix: return an error if there is no byte slice in ReadonlyProvider
• siderolabs/talos@6e7486f09 fix: allow graceful node shutdown to be overridden
• siderolabs/talos@867d38f28 feat: add bond slaves ordering
• siderolabs/talos@03ef62ad8 fix: include Go primitive types into unstructured deepcopy
• siderolabs/talos@f06e6acf2 chore: bump kernel to 5.15.36
• siderolabs/talos@c0d386abb fix: don't mount D-Bus socket via mount under recursive bind mount
• siderolabs/talos@9a8ff76df refactor: rewrite perf resource to use typed.Resource
• siderolabs/talos@71d04c4d5 refactor: rewrite runtime resources to use typed.Resource
• siderolabs/talos@7568d51fc fix: trigger CRI config merge on correct resource update
• siderolabs/talos@c456dbcb9 docs: remove references to init nodes
• siderolabs/talos@1973095d1 feat: update containerd to 1.6.3
• siderolabs/talos@b51292d88 docs: reformat config reference
• siderolabs/talos@c0709d970 feat: increase aio-max-nr and inotify.max_user_instances
• siderolabs/talos@85b328e99 refactor: convert secrets resources to use typed.Resource
• siderolabs/talos@e91350acd refactor: convert time & v1alpha1 resources to use typed.Resource
• siderolabs/talos@45464412e chore: bump dependencies
• siderolabs/talos@0af6b35a6 feat: update etcd to 3.5.4
• siderolabs/talos@7ad27751c docs: fix analytics and sitemap
• siderolabs/talos@55ff876dc chore: bump K8s Go modules to 1.24.0-rc.0
• siderolabs/talos@f1f43131f fix: strip 'v' prefix from versions on Kubernetes upgrade
• siderolabs/talos@ec621477b chore: tune QEMU disk provisioner options
• siderolabs/talos@b085343dc feat: use discovery information for etcd join (and other etcd calls)
• siderolabs/talos@2b03057b9 feat: implement a new mode try in the config manipulation commands
• siderolabs/talos@51a68c31f chore: allow mounting files from the host
• siderolabs/talos@f3e330a0a docs: fix network dependency
• siderolabs/talos@7ba39bd60 docs: clarify discovery service
• siderolabs/talos@8057d076a release(v1.1.0-alpha.1): prepare release
• siderolabs/talos@1d5c08e74 chore: bump kernel to 5.15.35
• siderolabs/talos@9bf23e516 feat: update Kubernetes to 1.24.0-rc.0
• siderolabs/talos@d78ed320b docs: fix the docs reference to star registry redirects
• siderolabs/talos@257dfb870 fix: run the 'post' stage of the service always
• siderolabs/talos@992e23023 fix: correctly handle stopping services with reverse dependencies
• siderolabs/talos@bb7a50bd5 docs: fix netlify redirects
• siderolabs/talos@486f79bc7 docs: fix netlify deploy url
• siderolabs/talos@e8cbedb05 docs: add canonical link ref
• siderolabs/talos@0fe4a7832 docs: improve latest-version banner
• siderolabs/talos@23984efcd fix: detect lingering mounts in the installer correctly
• siderolabs/talos@54dba925f chore: refactor network resource to use typed resource
• siderolabs/talos@4eb9f45cc refactor: split polymorphic K8sControlPlane into typed resources
• siderolabs/talos@68dfdd331 fix: provide logger to the etcd snapshot restore
• siderolabs/talos@f190403f0 docs: add how to get config after interactive setup
• siderolabs/talos@fac7b9466 docs: improve vip caveats documentation
• siderolabs/talos@250df9e67 docs: improve rook-ceph description
• siderolabs/talos@b5c1d868d docs: add talos/kubernetes config faq
• siderolabs/talos@39721ee93 chore: bump dependencies
• siderolabs/talos@610945774 chore: bump tools and pkgs
• siderolabs/talos@2b68c8b67 fix: enable long timestamps for xfs
• siderolabs/talos@be00d7749 chore: implement cluster resources using cosi typed resource
• siderolabs/talos@460d5ab13 docs: fix extension services alias
• siderolabs/talos@bbdfda2dd chore: xfs quota support in kernel
• siderolabs/talos@8ff8fc77f chore: enable rpi4 poe hat fan control
• siderolabs/talos@2b9722d1f feat: add dry-run flag in apply-config and edit commands
• siderolabs/talos@8af50fcd2 fix: correct cri package import path
• siderolabs/talos@ce09ede83 feat: update etcd to 3.5.3
• siderolabs/talos@13f41badd chore: bump kernel to 5.15.34
• siderolabs/talos@fa57b5d92 docs: reorganize documentation
• siderolabs/talos@a91eb9358 chore: bump deps
• siderolabs/talos@0aad0df2e refactor: remove String() for resource implementation
• siderolabs/talos@a4060513c feat: build Talos with support for x86-64-v2 microarchitecture
• siderolabs/talos@8faebd410 chore: bump tools and pkgs
• siderolabs/talos@8499b7e7d chore: bump dependencies
• siderolabs/talos@a7ba7ea67 feat: migrate to go 1.18
• siderolabs/talos@9dace93b5 feat: enable Pod Security Admission by default
• siderolabs/talos@c382cb8cd docs: update vmware docs
• siderolabs/talos@da0e638f0 docs: stableize tools versioning
• siderolabs/talos@f2d2267e7 docs: use template for netlify redirects
• siderolabs/talos@88f1d8fcc docs: update sitemap to point to direct url
• siderolabs/talos@a6eebee36 chore: update eudev
• siderolabs/talos@0cb84e8c1 fix: correctly parse tags out of images
• siderolabs/talos@17d09739f docs: enable nested arrow
• siderolabs/talos@1e4320b64 chore: add support for rockpi 4A and 4B
• siderolabs/talos@d1869d948 docs: update to Sidero Metal, mention clusterctl
• siderolabs/talos@18d0038ec fix: avoid panic in DHCPv6 operator on nil dereference
• siderolabs/talos@9e3d438db docs: fix code fence formatting
• siderolabs/talos@b3f1bb2cf fix: add support for FAT12/16 filesystems
• siderolabs/talos@8619f95c5 chore: bump dependencies
• siderolabs/talos@8c4f72004 docs: override sitemap.xml to only include latest results
• siderolabs/talos@5192ba4e2 docs: fix a typo in QEMU VM setup guide
• siderolabs/talos@663e3e879 refactor: change the stages for embed files generation
• siderolabs/talos@19bf12af0 fix: enable IPv6 in Docker-based Talos clusters
• siderolabs/talos@3889a5839 docs: update config.yaml, storage.md, digital-rebar.md
• siderolabs/talos@25d19131d release(v1.1.0-alpha.0): prepare release
• siderolabs/talos@2ca5279e5 fix: retry manifest updates in upgrade-k8s
• siderolabs/talos@eeb756168 feat: use kexec when resetting a node
• siderolabs/talos@1ed1f73e5 test: bump CAPI to 1.1.3
• siderolabs/talos@2ee1d2c72 feat: update Kuberentes to 1.24.0-beta.0
• siderolabs/talos@c26fa4ccc test: push GITHUB_TOKEN to the e2e-aws/gcp steps
• siderolabs/talos@95d900de7 feat: use kubeconfig env var
• siderolabs/talos@0b407dd17 feat: add dhcp-v6 NTP/DHCP-DUID
• siderolabs/talos@a140a6bad docs: update releases shortcode in upgrade guide
• siderolabs/talos@12931dced fix: align partitions on 1M boundary
• siderolabs/talos@37f868e37 fix: validate empty TLS config for registries
• siderolabs/talos@ca8b9c0a3 feat: update Kubernetes to 1.24.0-alpha.4
• siderolabs/talos@d9ec6b215 chore: drop dirty from abbreviated tag
• siderolabs/talos@08624fd0b docs: add banner to main page
• siderolabs/talos@fc23c7a59 test: bump versions for upgrade tests
• siderolabs/talos@4bfe68610 feat: update runc to 1.1.1
• siderolabs/talos@b315ed953 chore: use go:embed instead of ldflags
• siderolabs/talos@a5d64fc81 feat: update Flannel to 0.17.0
• siderolabs/talos@6d6eb3f6a docs: fork docs for 1.1
• siderolabs/talos@1d55f05d1 docs: update index page
• siderolabs/talos@ad6b7ec1a fix: enable etcd consistency on check startup
• siderolabs/talos@65a31f753 docs: re-add GA token
• siderolabs/talos@741c04832 docs: mark 1.0 docs as latest
• siderolabs/talos@e97433c8a docs: update jetson nano
• siderolabs/talos@6665e0f00 docs: code block copying
• siderolabs/talos@c41f2b216 docs: update whats-new-v1.0
• siderolabs/talos@0a36fbbf3 docs: add release notes for 1.0
• siderolabs/talos@bd0035f6a docs: add NVIDIA docs
• siderolabs/talos@efa3f2898 fix: correctly find partitions with config data (metal-iso)
• siderolabs/talos@9ebeec0d0 docs: fix incorrect path for talosconfig
• siderolabs/talos@9fef4540e docs: fix non-latest download links
• siderolabs/talos@f8ef6a081 docs: add rook ceph configuration guide
• siderolabs/talos@e2666f58f chore: bump kernel to 5.15.32
• siderolabs/talos@957b2f233 chore: bump dependencies
• siderolabs/talos@0fd2aa08b fix: correctly escape '.' in volume names
• siderolabs/talos@108fd03a7 fix: give up virtual IPs before the kubelet workloads are shut down
• siderolabs/talos@856e1333d fix: use 'localhost' endpoint in docker provisioner on Windows
• siderolabs/talos@c5da38609 docs: use variables and templates in the docs
• siderolabs/talos@4c83847b9 docs: target search results
• siderolabs/talos@67fb72d96 docs: add algolia versions to all content
• siderolabs/talos@5344d6e7c docs: fix extension service path dependency
• siderolabs/talos@9b9191c5e fix: increase intiial window and connection window sizes
• siderolabs/talos@7a88a0224 docs: show archived/pre-release banner based on version
• siderolabs/talos@e403470bf docs: filter algolia results by latest
• siderolabs/talos@0497d5f9f docs: tag latest docs for search
• siderolabs/talos@a25425483 feat: update containerd to 1.6.2, Linux to 5.15.31
• siderolabs/talos@9b6422fcc feat: update CoreDNS to 1.9.1
• siderolabs/talos@020856f80 docs: remove second search bar
• siderolabs/talos@5f27f4c63 docs: update asset links
• siderolabs/talos@9ff42b432 docs: fix redirects for /docs URLs
• siderolabs/talos@7283efd56 chore: update the talosctl CNI download url
• siderolabs/talos@e0eee7fcc test: use clusterctl.yaml overrides after org rename
• siderolabs/talos@73966f51e docs: fix extensions
• siderolabs/talos@f9766edb5 docs: remove empty doc file
• siderolabs/talos@e06e1473b feat: update golangci-lint to 1.45.0 and gofumpt to 0.3.0
• siderolabs/talos@a92c614b2 docs: add enterprise link to docs header
• siderolabs/talos@0ae7174ba docs: update search settings and redirects
• siderolabs/talos@883d401f9 chore: rename github organization to siderolabs
• siderolabs/talos@d1294d014 chore: add day-two tests for e2e-qemu
• siderolabs/talos@a6240e4b6 feat: update Linux to 5.15.30
• siderolabs/talos@e3fda049f docs: overhaul all the docs
• siderolabs/talos@f47750726 fix: the etcd recovery client and tests
• siderolabs/talos@69e07cddc fix: trigger properly udevd on types and actions
• siderolabs/talos@47d0e629d fix: clean up custom udev rules if the config is cleared
• siderolabs/talos@b6691b350 chore: bump dependencies
• siderolabs/talos@27af5d41c feat: pause the boot process on some failures instead of rebooting
• siderolabs/talos@58cb9db1e feat: allow hardlinks in the system extension images
• siderolabs/talos@1e982808f fix: ignore pod CIDRs for kubelet node IPs
• siderolabs/talos@5e0c80f61 fix: ignore connection reset errors on k8s upgrade
• siderolabs/talos@c156580a3 fix: split regular network operation configuration and virtual IP
• siderolabs/talos@cd4d4c605 feat: relax extensions file structure validation
• siderolabs/talos@50594ab1a fix: ignore terminated pods in pod health checks
• siderolabs/talos@9d69fb6b4 feat: update Kubernetes to 1.23.5
• siderolabs/talos@327ce5aba fix: invert the condition to skip kubelet kernel checks
• siderolabs/talos@cf85b3f07 docs: update cilium inline install
• siderolabs/talos@84ee1795d docs: update logo
• siderolabs/talos@cc7719c9d docs: improve comments in security proto
• siderolabs/talos@caf800fe8 feat: implement D-Bus systemd-compatible shutdown for kubelet
• siderolabs/talos@6bec08429 feat: add talosctl completions to copy, usage, logs, restart and service
• siderolabs/talos@355b1a4be fix: refresh etcd certs on startup/join
• siderolabs/talos@d256b5c5e docs: fix spelling mistakes
• siderolabs/talos@5fdedae20 chore: bump kernel to 5.15.28
• siderolabs/talos@18a21b5f2 chore: add dependency images-essential -> images
• siderolabs/talos@714e5eca6 chore: bump dependencies
• siderolabs/talos@58be4067e docs: update README.md
• siderolabs/talos@c5fb20930 docs: add loki note
• siderolabs/talos@f448cb4f3 feat: bump boot partition size to 1000 MiB
• siderolabs/talos@a095acb09 chore: fix equinixMetal platform name
• siderolabs/talos@2a7f9a445 fix: check for IPv6 before applying accept_ra
• siderolabs/talos@59681b8c9 fix: backport fixes from release-1.0 branch

Changes since v1.1.0-beta.1

• siderolabs/talos@83b430ac5 release(v1.1.0-beta.2): prepare release
• siderolabs/talos@2d1a94e08 fix: correctly validate reboot mode in CLI
• siderolabs/talos@4eeb6ebe1 feat: build Talos images with system extensions included
• siderolabs/talos@b94a4ec5f chore: run xfs_repair on xfs filesystem returing EUCLEAN
• siderolabs/talos@09e4f38ba chore: revert day-two tests for csi tests
• siderolabs/talos@10ac9dc95 fix: respect local API server port
• siderolabs/talos@1e4417d1a feat: disallow anonymous requests by default (kube-apiserver)
• siderolabs/talos@d5f16f067 chore: bump kernel to 5.15.46

Changes from siderolabs/extras

• siderolabs/extras@5800284 chore: bump golang to 1.18.3
• siderolabs/extras@913188a chore: update pkg to 1.1.0
• siderolabs/extras@e2bb56e chore: stable source date epoch
• siderolabs/extras@a77a6f4 chore: bump Go to 1.18.2
• siderolabs/extras@ac3b9a4 chore: bump pkgs
• siderolabs/extras@d4f8e88 chore: update references after org rename

Changes from siderolabs/go-pcidb

• siderolabs/go-pcidb@4c9f656 feat: initial implementation
• siderolabs/go-pcidb@be468ce Initial commit

Changes from siderolabs/go-pointer

• siderolabs/go-pointer@71ccdf0 chore: implement main functionality
• siderolabs/go-pointer@c1c3b23 Initial commit

Changes from siderolabs/pkgs

• siderolabs/pkgs@0e456be chore: bump kernel to 5.15.46
• siderolabs/pkgs@d523948 feat: update containerd to 1.6.6
• siderolabs/pkgs@a876600 chore: bump kernel to 5.15.45
• siderolabs/pkgs@43644d4 feat: update containerd to 1.6.5
• siderolabs/pkgs@9f61c50 chore: bump golang to 1.18.3
• siderolabs/pkgs@b8ecee8 chore: bump kernel to 5.15.44
• siderolabs/pkgs@f5db31f chore: bump tools to final v1.1.0 release
• siderolabs/pkgs@6b14046 feat: update Flannel CNI to 1.1.0
• siderolabs/pkgs@9b70e9f chore: bump kernel to 5.15.43
• siderolabs/pkgs@1f48da7 chore: stable source date epoch
• siderolabs/pkgs@24e545e feat: azure boot disk defenition
• siderolabs/pkgs@e72fe55 chore: bump kernel to 5.15.41
• siderolabs/pkgs@7305bd7 chore: bump kernel to 5.15.40
• siderolabs/pkgs@cd05ae8 chore: bump u-boot v2022.04
• siderolabs/pkgs@7add479 chore: bump kernel to 5.15.39
• siderolabs/pkgs@0886699 chore: bump runc to v1.1.2
• siderolabs/pkgs@dd06fa9 chore: bump nvidia drivers to 510.68.02
• siderolabs/pkgs@91bb939 chore: bump Go to 1.18.2
• siderolabs/pkgs@8bd8397 chore: bump kernel to 5.15.38
• siderolabs/pkgs@de96a44 chore: bump containerd to v1.6.4
• siderolabs/pkgs@45906c1 chore: bump ca-certificates to 2022-04-26
• siderolabs/pkgs@d847adc chore: bump kernel to 5.15.37
• siderolabs/pkgs@c4cfa72 chore: bump util-linux to 2.38
• siderolabs/pkgs@e22317d chore: bump tools
• siderolabs/pkgs@422ed8e chore: bump kernel to 5.15.36
• siderolabs/pkgs@1e833c6 chore: enable nvme hardware monitor
• siderolabs/pkgs@fe7c46f feat: update containerd to 1.6.3
• siderolabs/pkgs@95f4418 chore: bump kernel to 5.15.35
• siderolabs/pkgs@201af71 chore: bump tools and bldr
• siderolabs/pkgs@3de14d7 chore: enable xfs quota support
• siderolabs/pkgs@6955fd0 chore: bump raspberrypi-firmware to 1.20220331
• siderolabs/pkgs@5b498d8 chore: bump linux-firmware 20220401
• siderolabs/pkgs@9cda5c0 chore: bump kernel to 5.15.34
• siderolabs/pkgs@8b48af6 chore: bump tools
• siderolabs/pkgs@ff13660 chore: bump kernel to 5.15.33
• siderolabs/pkgs@415020f chore: bump eudev, remove non-relevant default rules
• siderolabs/pkgs@6691342 chore: add rockpi4c
• siderolabs/pkgs@5bd5fad chore: build u-boot spi image for rockpi
• siderolabs/pkgs@4dace49 fix: ipxe prompt arm64
• siderolabs/pkgs@6041fd7 chore: update to use latest tools (specifically go 1.18)
• siderolabs/pkgs@4b3e70e chore: upstream u-boot for jetson nano
• siderolabs/pkgs@cc1c8c7 feat: update runc to 1.1.1
• siderolabs/pkgs@3baf4e4 chore: enable random trust CPU
• siderolabs/pkgs@df31920 chore: disable sound
• siderolabs/pkgs@c27751b chore: bump nvidia drivers to 510.60.02
• siderolabs/pkgs@ba98e20 chore: bump kernel to 5.15.32
• siderolabs/pkgs@a76edfd feat: update containerd to 1.6.2
• siderolabs/pkgs@0c38670 chore: bump kernel to 5.15.31
• siderolabs/pkgs@bc4fb0c chore: org update
• siderolabs/pkgs@41f291d feat: update Flannel CNI to 1.0.1
• siderolabs/pkgs@58603ba chore: bump kernel to 5.15.30
• siderolabs/pkgs@d3bb262 chore: bump kernel to 5.15.29
• siderolabs/pkgs@76a24b5 chore: update openssl to 1.1.1n
• siderolabs/pkgs@490c7b7 chore: enable aarch64 NVIDIA drivers
• siderolabs/pkgs@b794b7a chore: bump linux-firmware to 20220310
• siderolabs/pkgs@acda207 chore: bump kernel to 5.15.28
• siderolabs/pkgs@e0fec11 chore: bump nvidia driver to 510.54
• siderolabs/pkgs@0407f05 chore: bump kernel to 5.15.27

Changes from siderolabs/tools

• siderolabs/tools@134974c chore: bump golang to 1.18.3
• siderolabs/tools@4a5c229 chore: bump toolchain to v0.6.0
• siderolabs/tools@50e535a chore: stable source date epoch
• siderolabs/tools@967ebd9 chore: bump curl to 7.83.1
• siderolabs/tools@e61f856 chore: bump go to 1.18.2
• siderolabs/tools@315890f chore: bump ca-certificates to 2022-04-26
• siderolabs/tools@a1d3530 chore: bump util-linux to 2.38
• siderolabs/tools@d229fe1 chore: update bldr
• siderolabs/tools@e9f123c chore: bump curl to 7.83.0
• siderolabs/tools@8473ef2 chore: bump git to 2.36.0
• siderolabs/tools@8c1f801 chore: bump coreutils to 9.1
• siderolabs/tools@533d5c9 chore: bump git to 2.35.2
• siderolabs/tools@a15cbee chore: bump go to 1.18.1
• siderolabs/tools@718ec10 chore: enable conform
• siderolabs/tools@a60a332 chore: bump xz and gzip
• siderolabs/tools@c8a3d4d chore: update go to 1.18
• siderolabs/tools@1684fdc chore: bump expat to 2.4.8
• siderolabs/tools@7f5e44c chore: bump zlib to 1.2.12
• siderolabs/tools@bfc99ca chore: rename org
• siderolabs/tools@99be089 chore: update openssl to 1.1.1n
• siderolabs/tools@b63872b chore: update golang to 1.17.8

Changes from talos-systems/go-blockdevice

• talos-systems/go-blockdevice@fccee8b chore: rekres the source, fix issues
• talos-systems/go-blockdevice@d9c3a27 feat: support probing FAT12/FAT16 filesystems
• talos-systems/go-blockdevice@b374eb4 fix: align partition to 1M boundary by default

Changes from talos-systems/go-loadbalancer

• talos-systems/go-loadbalancer@c54d95d feat: implement control plane loadbalancer
• talos-systems/go-loadbalancer@4a6e29e refactor: clean up names, fix the lingering goroutines
• talos-systems/go-loadbalancer@af87d1c chore: apply new Kres rules

Changes from talos-systems/go-smbios

• talos-systems/go-smbios@3f1e775 feat: rework destructuring of SMBIOS information and added some tests

Changes from talos-systems/siderolink

• talos-systems/siderolink@1d2b7e1 feat: allow setting peer endpoint using peer event
• talos-systems/siderolink@5d085d6 feat: expose wgDevice.Peers from the wireguard.Device wrapper
• talos-systems/siderolink@3a5be65 fix: use correct method to generate Wireguard private key
• talos-systems/siderolink@8318a7e feat: accept join token in Provision payload
• talos-systems/siderolink@b38c192 fix: build on Windows
• talos-systems/siderolink@9902ad2 feat: pass request context and node address to the events sink adapter

Dependency Changes

• cloud.google.com/go/compute v1.5.0 -> v1.6.1
• github.com/BurntSushi/toml v1.0.0 -> v1.1.0
• github.com/aws/aws-sdk-go v1.43.8 -> v1.44.24
• github.com/containerd/cgroups 2e502f6b9e43 -> v1.0.4
• github.com/containerd/containerd v1.6.2 -> v1.6.4
• github.com/containernetworking/cni v1.0.1 -> v1.1.0
• github.com/containernetworking/plugins v1.1.0 -> v1.1.1
• github.com/cosi-project/runtime 264f8fcd1a4f -> 95d06feaf8b5
• github.com/docker/distribution v2.8.0 -> v2.8.1
• github.com/docker/docker v20.10.12 -> v20.10.16
• github.com/fsnotify/fsnotify v1.5.1 -> v1.5.4
• github.com/gdamore/tcell/v2 f057f0a857a1 -> v2.5.1
• github.com/golang/mock v1.6.0 new
• github.com/google/go-cmp v0.5.7 -> v0.5.8
• github.com/google/nftables 211824995dcb -> a9775fb167d2
• github.com/hashicorp/go-getter v1.5.11 -> v1.6.1
• github.com/hashicorp/go-version v1.4.0 -> v1.5.0
• github.com/hetznercloud/hcloud-go v1.33.1 -> v1.33.2
• github.com/insomniacslk/dhcp 3c283ff8b7dd -> 1ca156eafb9f
• github.com/jsimonetti/rtnetlink v1.1.0 -> v1.2.0
• github.com/mdlayher/arp c37aaafac7f9 -> 6706a2966875
• github.com/mdlayher/netx 669a06fde734 -> c711c2f8512f
• github.com/opencontainers/image-spec v1.0.2 -> c5a74bcca799
• github.com/packethost/packngo v0.22.0 -> v0.24.0
• github.com/pelletier/go-toml v1.9.4 -> v1.9.5
• github.com/rivo/tview 96063d6082f3 -> 9994674d60a8
• github.com/rs/xid v1.3.0 -> v1.4.0
• github.com/ryanuber/go-glob v1.0.0 new
• github.com/safchain/ethtool v0.2.0 new
• github.com/siderolabs/extras v1.0.0 -> v1.1.0-1-g5800284
• github.com/siderolabs/go-pcidb v0.1.0 new
• github.com/siderolabs/go-pointer v1.0.0 new
• github.com/siderolabs/pkgs v1.0.0-6-g7c293d5 -> v1.1.0-6-g0e456be
• github.com/siderolabs/tools v1.0.0-1-g4c77d96 -> v1.1.0-1-g134974c
• github.com/spf13/cobra v1.3.0 -> v1.4.0
• github.com/spf13/pflag v1.0.5 new
• github.com/stretchr/testify v1.7.0 -> v1.7.1
• github.com/talos-systems/go-blockdevice v0.3.1 -> v0.3.2
• github.com/talos-systems/go-loadbalancer v0.1.1 -> v0.1.2
• github.com/talos-systems/go-smbios v0.1.1 -> v0.2.0
• github.com/talos-systems/siderolink v0.1.0 -> v0.1.2
• github.com/vishvananda/netlink 650dca95af54 -> v1.2.0-beta
• github.com/vmware-tanzu/sonobuoy v0.56.2 -> v0.56.6
• github.com/vmware/govmomi v0.27.4 -> v0.28.0
• github.com/vmware/vmw-guestinfo cc1fd90d572c -> 510905f0efa3
• github.com/vultr/metadata v1.0.3 -> v1.1.0
• go.etcd.io/etcd/api/v3 v3.5.2 -> v3.5.4
• go.etcd.io/etcd/client/pkg/v3 v3.5.2 -> v3.5.4
• go.etcd.io/etcd/client/v3 v3.5.2 -> v3.5.4
• go.etcd.io/etcd/etcdutl/v3 v3.5.2 -> v3.5.4
• golang.org/x/net 27dd8689420f -> 5463443f8c37
• golang.org/x/sync 036812b2e83c -> 0976fa681c29
• golang.org/x/sys 4e6760a101f9 -> bc2c85ada10a
• golang.org/x/term 03fcf44c2211 -> 065cf7ba2467
• golang.org/x/time 0e9765cccd65 -> 583f2d630306
• golang.zx2c4.com/wireguard/wgctrl fde48d68ee68 -> 3d4a969bb56b
• google.golang.org/grpc v1.44.0 -> v1.46.2
• google.golang.org/protobuf v1.27.1 -> v1.28.0
• k8s.io/api v0.23.5 -> v0.24.1
• k8s.io/apimachinery v0.23.5 -> v0.24.1
• k8s.io/apiserver v0.23.5 -> v0.24.1
• k8s.io/client-go v0.23.5 -> v0.24.1
• k8s.io/component-base v0.23.5 -> v0.24.1
• k8s.io/cri-api v0.23.5 -> v0.24.1
• k8s.io/klog/v2 v2.60.1 new
• k8s.io/kubectl v0.23.5 -> v0.24.1
• k8s.io/kubelet v0.23.5 -> v0.24.1
• kernel.org/pub/linux/libs/security/libcap/cap v1.2.63 -> v1.2.64

Previous release can be found at v1.0.0

Images

ghcr.io/siderolabs/flannel:v0.18.1
ghcr.io/siderolabs/install-cni:v1.1.0-1-g5800284
docker.io/coredns/coredns:1.9.3
gcr.io/etcd-development/etcd:v3.5.4
k8s.gcr.io/kube-apiserver:v1.24.1
k8s.gcr.io/kube-controller-manager:v1.24.1
k8s.gcr.io/kube-scheduler:v1.24.1
k8s.gcr.io/kube-proxy:v1.24.1
ghcr.io/siderolabs/kubelet:v1.24.1
ghcr.io/siderolabs/installer:v1.1.0-beta.2
k8s.gcr.io/pause:3.6

Talos 1.1.0-beta.1 (2022-06-07)

Welcome to the v1.1.0-beta.1 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Apply Config --dry-run

The commands talosctl apply-config, talosctl patch mc and talosctl edit mc now support --dry-run flag.
If enabled it just prints out the selected config application mode and the configuration diff.

Apply Config --mode=try

The commands talosctl apply-config, talosctl patch mc and talosctl edit mc now support the new mode called try.
In this mode the config change is applied for a period of time and then reverted back to the state it was before the change.
--timeout parameter can be used to customize the config rollback timeout.
This new mode can be used only with the parts of the config that can be changed without a reboot and can help to check that
the new configuration doesn't break the node.
Can be especially useful to check network interfaces changes that may lead to the loss of connectivity to the node.

IPv6 in Docker-based Talos Clusters

The command talosctl cluster create now enables IPv6 by default for the Docker containers
created for Talos nodes. This allows to use IPv6 addresses in Kubernetes networking.

If talosctl cluster create fails to work on Linux due to the lack of IPv6 support,
please use the flag --disable-docker-ipv6 to revert the change.

drop some default rules shipped by eudev

Drops some default eudev rules that doesn't make sense in the context of Talos OS.
Especially the ones around sound devices, cd-roms and renaming the network interfaces to be predictable

Network Device Selector

Talos machine configuration supports specifying network interfaces by selectors instead of interface name.
See documentation for more details.

Pod Security Admission

Pod Security Admission controller is enabled by default with the following policy:

apiVersion: apiserver.config.k8s.io/v1
kind: AdmissionConfiguration
plugins:
- configuration:
    apiVersion: pod-security.admission.config.k8s.io/v1alpha1
    defaults:
      audit: restricted
      audit-version: latest
      enforce: baseline
      enforce-version: latest
      warn: restricted
      warn-version: latest
    exemptions:
      namespaces:
      - kube-system
      runtimeClasses: []
      usernames: []
    kind: PodSecurityConfiguration
  name: PodSecurity
  path: ""

The policy is part of the Talos machine configuration, and it can be modified to suite your needs.

Support RockPi 4 variants A and B

Talos now supports RockPi variants A and B in addition to RockPi 4C

Raspberry Pi PoE hat fan

Talos now enables the Raspberry Pi PoE fan control by pulling in the poe overlay that works with upstream kernel

Component Updates

• Linux: 5.15.45
• Containerd: v1.6.6
• Kubernetes: 1.24.1
• Flannel: 0.18.1
• runc: 1.1.2
• CoreDNS: v1.9.3

Talos is built with Go 1.18.3

x86-64 Architecture

Talos is built for x86-64 architecture with support for x86-64-v2 microarchitecture level,
so Talos no longer runs on processors supporting only baseline x86-64 microarchitecture (before 2009).

Contributors

• Andrey Smirnov
• Noel Georgi
• Dmitriy Matrenichev
• Tim Jones
• Spencer Smith
• Artem Chernyshev
• Serge Logvinov
• Philipp Sauter
• Andrew Rynhard
• Steve Francis
• Steve Francis
• Andrei Dobre
• Bastiaan Schaap
• Bᴇʀɴᴅ Sᴄʜᴏʀɢᴇʀs
• Caleb Woodbine
• Daniel Höxtermann
• Gerard de Leeuw
• Han Cen
• Jori Huisman
• Jorik Jonker
• Nat Allan
• Nico Berlee
• Philipp Sauter
• Sebastian Hasler
• Seán C McCord
• Suraj Shirvankar
• Tames McTigue
• Tim Jones
• Tomasz Zurkowski
• William Ashton

Changes

• siderolabs/talos@9289c4ca8 release(v1.1.0-beta.1): prepare release
• siderolabs/talos@b75318520 feat: update containerd 1.6.6, Linux 5.15.45, Flannel 0.18.1
• siderolabs/talos@e23d1979b fix: add ovmf image path for rhel
• siderolabs/talos@6229eefe7 fix: wait for /var to be mounted in kubelet service controller
• siderolabs/talos@4712e73c4 fix: improve vip operator shutdown sequence
• siderolabs/talos@3860129d7 chore: bump golang to 1.18.3
• siderolabs/talos@f8422f217 release(v1.1.0-beta.0): prepare release
• siderolabs/talos@98bbab12e chore: bump dependencies
• siderolabs/talos@0a6fc906f fix: table align hosts file
• siderolabs/talos@be644c96e fix: flannel ipv6 compatibility
• siderolabs/talos@99e8f1261 feat: add support for equinix metal events
• siderolabs/talos@1ba8a6b94 chore: update go yaml to the latest version
• siderolabs/talos@400a88dc5 chore: disable kexec on rpi4 and rockpi
• siderolabs/talos@48423a983 chore: bump kernel to 5.15.44
• siderolabs/talos@458e44c27 feat: include azure public IPs from standard LB SKU into extips
• siderolabs/talos@19edbb5bd docs: fix typo in main page
• siderolabs/talos@4ad773f01 feat: update CoreDNS to 1.9.3
• siderolabs/talos@7a4062904 chore: update Sidero Labs go modules to released versions
• siderolabs/talos@e40153aef fix: introduce more route protocols as constants
• siderolabs/talos@3ed254976 feat: update Kubernetes to 1.24.1
• siderolabs/talos@ceae420a8 chore: update tools/pkgs/extras to 1.1.0
• siderolabs/talos@f9c46fb18 fix: unmarshal HardwareAddr without stdlib help
• siderolabs/talos@f2e94d602 fix: implement unmarshaling from YAML for LinkStatus
• siderolabs/talos@fe858041b feat: enable version API in maintenance mode
• siderolabs/talos@875f67a6e fix: correctly parse empty route flags from YAML
• siderolabs/talos@00515b4ba chore: rename memory to memorymodules
• siderolabs/talos@9c4b7d6e8 feat: update Flannel to 0.18.0
• siderolabs/talos@c5297009e feat: support join token as part of siderolink kernel parameter
• siderolabs/talos@0dc4ad58e chore: bump kernel to 5.15.43
• siderolabs/talos@610884aa0 docs: correct the install-image tag in the Developing Talos section
• siderolabs/talos@af5ac30a7 feat: enable passing custom kernel args to the ISO creator
• siderolabs/talos@b7d068f60 chore: add cloud-image-uploader to go workspace
• siderolabs/talos@88efd75d3 docs: fix install script url
• siderolabs/talos@3f88030ca test: use use correct method to generate Wireguard private key
• siderolabs/talos@8c675c669 chore: siderolink maintenance mode
• siderolabs/talos@4551cbd7f fix: cluster creation error message formatting
• siderolabs/talos@bafa1f49d fix: improve error message when creating cluster
• siderolabs/talos@f03002ec6 feat: add support for disabling search domains
• siderolabs/talos@a1b6f21a8 chore: bump dependencies
• siderolabs/talos@1156daac2 fix: azure hostname definition
• siderolabs/talos@33a631f02 feat: look up Links PCI vendor/product via PCI ID database
• siderolabs/talos@40e57efa4 chore: fix reference to talosconfig
• siderolabs/talos@30eeb851b docs: extension service security options
• siderolabs/talos@bf7a6443e feat: add 'etcd membership is consistent across nodes' health check
• siderolabs/talos@4b3935fa4 docs: fix 1.1.x support matrix
• siderolabs/talos@efcdc16c5 chore: add go.work
• siderolabs/talos@20286c908 feat: add cpu/ram info as resource
• siderolabs/talos@c3f29031b feat: add ethtool ioctl as additional source of information
• siderolabs/talos@34d9a875a chore: go-smbios updates
• siderolabs/talos@f477eb882 chore: bump kernel to 5.15.41
• siderolabs/talos@5bac5e91a docs: fix "double-base64-encode" in cert/key examples
• siderolabs/talos@396e1386c feat: implement network device selector
• siderolabs/talos@5a8e011db fix: match for WSL platform in case-insentive way
• siderolabs/talos@ee8113b5f docs: add vector logging example
• siderolabs/talos@14985674c fix: allow SideroLink IPs in NodeAddresses
• siderolabs/talos@63f23e905 feat: openstack dhcp-v6 types
• siderolabs/talos@5ec4e9096 chore: bump kernel to 5.15.40
• siderolabs/talos@8cef958dd docs: update jetson nano docs
• siderolabs/talos@554edd3e8 chore: bump dependencies
• siderolabs/talos@f2d89735f feat: extend the extension service spec with container security options
• siderolabs/talos@850cfba72 chore: fix type order in deep-copy generation line
• siderolabs/talos@5a91f6076 fix: ignore completed pods in cluster health check
• siderolabs/talos@488ce753f docs: tidy up adopters
• siderolabs/talos@290f968fe release(v1.1.0-alpha.2): prepare release
• siderolabs/talos@a6e436582 feat: implement DeepCopy using code generation
• siderolabs/talos@91a49c4e7 fix: dhcpv6 leasetime segfault loop
• siderolabs/talos@afb679586 fix: reset certificate SANs on update
• siderolabs/talos@c87432fe1 fix: detect WSL for talosctl cluster create on Docker
• siderolabs/talos@166d2585c chore: bump kernel and runc
• siderolabs/talos@8d9b0cde0 chore: update deps to go 1.18.2
• siderolabs/talos@86741d998 fix: append hostname to cluster SANs when port is not specified
• siderolabs/talos@9885bbe17 docs: fix typos, edited for clarity
• siderolabs/talos@7fd1c80c3 fix: ignore failures to dial wireguard client
• siderolabs/talos@b8e7cdb70 docs: add vultr guide
• siderolabs/talos@c2be65b66 fix: openstack unable to parseIP
• siderolabs/talos@2ae0e3a56 test: add a test for version of Go Talos was built with
• siderolabs/talos@bef1a13fa docs: update latest Talos in 1.0 docs to 1.0.4
• siderolabs/talos@b52962c44 chore: bump dependencies
• siderolabs/talos@79ae76a6f fix: properly set allowSchedulingOnMasters in the interactive install
• siderolabs/talos@2b7e7d4dc feat: print the status of services during boot
• siderolabs/talos@802d4a23c fix: load kubelet system service in StartAllServices task
• siderolabs/talos@67019c434 fix: add source path for ovmf flash image
• siderolabs/talos@da7b24ba5 chore: bump kernel to 5.15.38
• siderolabs/talos@8ca8effd6 chore: add Equinix Managed Services NL to adopters
• siderolabs/talos@8bc97a30f fix: remove D-Bus sockets before listen attempts
• siderolabs/talos@54cfa039a fix: use json.Unmarshal instead of yaml.Unmarshal
• siderolabs/talos@6d30c4822 docs: update networking resource documentation
• siderolabs/talos@bc88de729 chore: bump coredns to v1.9.2
• siderolabs/talos@c6722b637 docs: when mentioning partitions, link to partition docs
• siderolabs/talos@b189e8426 chore: fix incorrect ManifestSpec.MarshalYAML signature
• siderolabs/talos@5d5280200 feat: add more hardware information to the link status resources
• siderolabs/talos@2ff6db749 chore: add Nedap Security Atlas as adopter
• siderolabs/talos@89cab200b chore: bump kubernetes to v1.24.0
• siderolabs/talos@09d16349f chore: refactor StaticPod and StaticPodStatus into typed.Resource
• siderolabs/talos@d2935f98c chore: refactor LinkRefresh and LinkStatus into typed.Resource
• siderolabs/talos@b52e0b9b9 fix: talosctl throws error if gen option and --input-dir flags are combined
• siderolabs/talos@0e15de3a8 docs: add adopters file
• siderolabs/talos@bb932c297 chore: bump containerd to v1.6.4
• siderolabs/talos@4eaaa2d59 chore: bump kernel to 5.15.37
• siderolabs/talos@89dde8f2c chore: refactor remaining resources into typed.Resource
• siderolabs/talos@bd089e702 chore: bump dependencies
• siderolabs/talos@3136334b9 docs: fix links in VMware documentation
• siderolabs/talos@403df0e18 docs: provide example on using config generation package
• siderolabs/talos@635192861 chore: redo pointer with github.com/siderolabs/go-pointer module
• siderolabs/talos@a269f740c docs: copy knowledge base to v1.0 docs
• siderolabs/talos@483201026 fix: return an error if there is no byte slice in ReadonlyProvider
• siderolabs/talos@6e7486f09 fix: allow graceful node shutdown to be overridden
• siderolabs/talos@867d38f28 feat: add bond slaves ordering
• siderolabs/talos@03ef62ad8 fix: include Go primitive types into unstructured deepcopy
• siderolabs/talos@f06e6acf2 chore: bump kernel to 5.15.36
• siderolabs/talos@c0d386abb fix: don't mount D-Bus socket via mount under recursive bind mount
• siderolabs/talos@9a8ff76df refactor: rewrite perf resource to use typed.Resource
• siderolabs/talos@71d04c4d5 refactor: rewrite runtime resources to use typed.Resource
• siderolabs/talos@7568d51fc fix: trigger CRI config merge on correct resource update
• siderolabs/talos@c456dbcb9 docs: remove references to init nodes
• siderolabs/talos@1973095d1 feat: update containerd to 1.6.3
• siderolabs/talos@b51292d88 docs: reformat config reference
• siderolabs/talos@c0709d970 feat: increase aio-max-nr and inotify.max_user_instances
• siderolabs/talos@85b328e99 refactor: convert secrets resources to use typed.Resource
• siderolabs/talos@e91350acd refactor: convert time & v1alpha1 resources to use typed.Resource
• siderolabs/talos@45464412e chore: bump dependencies
• siderolabs/talos@0af6b35a6 feat: update etcd to 3.5.4
• siderolabs/talos@7ad27751c docs: fix analytics and sitemap
• siderolabs/talos@55ff876dc chore: bump K8s Go modules to 1.24.0-rc.0
• siderolabs/talos@f1f43131f fix: strip 'v' prefix from versions on Kubernetes upgrade
• siderolabs/talos@ec621477b chore: tune QEMU disk provisioner options
• siderolabs/talos@b085343dc feat: use discovery information for etcd join (and other etcd calls)
• siderolabs/talos@2b03057b9 feat: implement a new mode try in the config manipulation commands
• siderolabs/talos@51a68c31f chore: allow mounting files from the host
• siderolabs/talos@f3e330a0a docs: fix network dependency
• siderolabs/talos@7ba39bd60 docs: clarify discovery service
• siderolabs/talos@8057d076a release(v1.1.0-alpha.1): prepare release
• siderolabs/talos@1d5c08e74 chore: bump kernel to 5.15.35
• siderolabs/talos@9bf23e516 feat: update Kubernetes to 1.24.0-rc.0
• siderolabs/talos@d78ed320b docs: fix the docs reference to star registry redirects
• siderolabs/talos@257dfb870 fix: run the 'post' stage of the service always
• siderolabs/talos@992e23023 fix: correctly handle stopping services with reverse dependencies
• siderolabs/talos@bb7a50bd5 docs: fix netlify redirects
• siderolabs/talos@486f79bc7 docs: fix netlify deploy url
• siderolabs/talos@e8cbedb05 docs: add canonical link ref
• siderolabs/talos@0fe4a7832 docs: improve latest-version banner
• siderolabs/talos@23984efcd fix: detect lingering mounts in the installer correctly
• siderolabs/talos@54dba925f chore: refactor network resource to use typed resource
• siderolabs/talos@4eb9f45cc refactor: split polymorphic K8sControlPlane into typed resources
• siderolabs/talos@68dfdd331 fix: provide logger to the etcd snapshot restore
• siderolabs/talos@f190403f0 docs: add how to get config after interactive setup
• siderolabs/talos@fac7b9466 docs: improve vip caveats documentation
• siderolabs/talos@250df9e67 docs: improve rook-ceph description
• siderolabs/talos@b5c1d868d docs: add talos/kubernetes config faq
• siderolabs/talos@39721ee93 chore: bump dependencies
• siderolabs/talos@610945774 chore: bump tools and pkgs
• siderolabs/talos@2b68c8b67 fix: enable long timestamps for xfs
• siderolabs/talos@be00d7749 chore: implement cluster resources using cosi typed resource
• siderolabs/talos@460d5ab13 docs: fix extension services alias
• siderolabs/talos@bbdfda2dd chore: xfs quota support in kernel
• siderolabs/talos@8ff8fc77f chore: enable rpi4 poe hat fan control
• siderolabs/talos@2b9722d1f feat: add dry-run flag in apply-config and edit commands
• siderolabs/talos@8af50fcd2 fix: correct cri package import path
• siderolabs/talos@ce09ede83 feat: update etcd to 3.5.3
• siderolabs/talos@13f41badd chore: bump kernel to 5.15.34
• siderolabs/talos@fa57b5d92 docs: reorganize documentation
• siderolabs/talos@a91eb9358 chore: bump deps
• siderolabs/talos@0aad0df2e refactor: remove String() for resource implementation
• siderolabs/talos@a4060513c feat: build Talos with support for x86-64-v2 microarchitecture
• siderolabs/talos@8faebd410 chore: bump tools and pkgs
• siderolabs/talos@8499b7e7d chore: bump dependencies
• siderolabs/talos@a7ba7ea67 feat: migrate to go 1.18
• siderolabs/talos@9dace93b5 feat: enable Pod Security Admission by default
• siderolabs/talos@c382cb8cd docs: update vmware docs
• siderolabs/talos@da0e638f0 docs: stableize tools versioning
• siderolabs/talos@f2d2267e7 docs: use template for netlify redirects
• siderolabs/talos@88f1d8fcc docs: update sitemap to point to direct url
• siderolabs/talos@a6eebee36 chore: update eudev
• siderolabs/talos@0cb84e8c1 fix: correctly parse tags out of images
• siderolabs/talos@17d09739f docs: enable nested arrow
• siderolabs/talos@1e4320b64 chore: add support for rockpi 4A and 4B
• siderolabs/talos@d1869d948 docs: update to Sidero Metal, mention clusterctl
• siderolabs/talos@18d0038ec fix: avoid panic in DHCPv6 operator on nil dereference
• siderolabs/talos@9e3d438db docs: fix code fence formatting
• siderolabs/talos@b3f1bb2cf fix: add support for FAT12/16 filesystems
• siderolabs/talos@8619f95c5 chore: bump dependencies
• siderolabs/talos@8c4f72004 docs: override sitemap.xml to only include latest results
• siderolabs/talos@5192ba4e2 docs: fix a typo in QEMU VM setup guide
• siderolabs/talos@663e3e879 refactor: change the stages for embed files generation
• siderolabs/talos@19bf12af0 fix: enable IPv6 in Docker-based Talos clusters
• siderolabs/talos@3889a5839 docs: update config.yaml, storage.md, digital-rebar.md
• siderolabs/talos@25d19131d release(v1.1.0-alpha.0): prepare release
• siderolabs/talos@2ca5279e5 fix: retry manifest updates in upgrade-k8s
• siderolabs/talos@eeb756168 feat: use kexec when resetting a node
• siderolabs/talos@1ed1f73e5 test: bump CAPI to 1.1.3
• siderolabs/talos@2ee1d2c72 feat: update Kuberentes to 1.24.0-beta.0
• siderolabs/talos@c26fa4ccc test: push GITHUB_TOKEN to the e2e-aws/gcp steps
• siderolabs/talos@95d900de7 feat: use kubeconfig env var
• siderolabs/talos@0b407dd17 feat: add dhcp-v6 NTP/DHCP-DUID
• siderolabs/talos@a140a6bad docs: update releases shortcode in upgrade guide
• siderolabs/talos@12931dced fix: align partitions on 1M boundary
• siderolabs/talos@37f868e37 fix: validate empty TLS config for registries
• siderolabs/talos@ca8b9c0a3 feat: update Kubernetes to 1.24.0-alpha.4
• siderolabs/talos@d9ec6b215 chore: drop dirty from abbreviated tag
• siderolabs/talos@08624fd0b docs: add banner to main page
• siderolabs/talos@fc23c7a59 test: bump versions for upgrade tests
• siderolabs/talos@4bfe68610 feat: update runc to 1.1.1
• siderolabs/talos@b315ed953 chore: use go:embed instead of ldflags
• siderolabs/talos@a5d64fc81 feat: update Flannel to 0.17.0
• siderolabs/talos@6d6eb3f6a docs: fork docs for 1.1
• siderolabs/talos@1d55f05d1 docs: update index page
• siderolabs/talos@ad6b7ec1a fix: enable etcd consistency on check startup
• siderolabs/talos@65a31f753 docs: re-add GA token
• siderolabs/talos@741c04832 docs: mark 1.0 docs as latest
• siderolabs/talos@e97433c8a docs: update jetson nano
• siderolabs/talos@6665e0f00 docs: code block copying
• siderolabs/talos@c41f2b216 docs: update whats-new-v1.0
• siderolabs/talos@0a36fbbf3 docs: add release notes for 1.0
• siderolabs/talos@bd0035f6a docs: add NVIDIA docs
• siderolabs/talos@efa3f2898 fix: correctly find partitions with config data (metal-iso)
• siderolabs/talos@9ebeec0d0 docs: fix incorrect path for talosconfig
• siderolabs/talos@9fef4540e docs: fix non-latest download links
• siderolabs/talos@f8ef6a081 docs: add rook ceph configuration guide
• siderolabs/talos@e2666f58f chore: bump kernel to 5.15.32
• siderolabs/talos@957b2f233 chore: bump dependencies
• siderolabs/talos@0fd2aa08b fix: correctly escape '.' in volume names
• siderolabs/talos@108fd03a7 fix: give up virtual IPs before the kubelet workloads are shut down
• siderolabs/talos@856e1333d fix: use 'localhost' endpoint in docker provisioner on Windows
• siderolabs/talos@c5da38609 docs: use variables and templates in the docs
• siderolabs/talos@4c83847b9 docs: target search results
• siderolabs/talos@67fb72d96 docs: add algolia versions to all content
• siderolabs/talos@5344d6e7c docs: fix extension service path dependency
• siderolabs/talos@9b9191c5e fix: increase intiial window and connection window sizes
• siderolabs/talos@7a88a0224 docs: show archived/pre-release banner based on version
• siderolabs/talos@e403470bf docs: filter algolia results by latest
• siderolabs/talos@0497d5f9f docs: tag latest docs for search
• siderolabs/talos@a25425483 feat: update containerd to 1.6.2, Linux to 5.15.31
• siderolabs/talos@9b6422fcc feat: update CoreDNS to 1.9.1
• siderolabs/talos@020856f80 docs: remove second search bar
• siderolabs/talos@5f27f4c63 docs: update asset links
• siderolabs/talos@9ff42b432 docs: fix redirects for /docs URLs
• siderolabs/talos@7283efd56 chore: update the talosctl CNI download url
• siderolabs/talos@e0eee7fcc test: use clusterctl.yaml overrides after org rename
• siderolabs/talos@73966f51e docs: fix extensions
• siderolabs/talos@f9766edb5 docs: remove empty doc file
• siderolabs/talos@e06e1473b feat: update golangci-lint to 1.45.0 and gofumpt to 0.3.0
• siderolabs/talos@a92c614b2 docs: add enterprise link to docs header
• siderolabs/talos@0ae7174ba docs: update search settings and redirects
• siderolabs/talos@883d401f9 chore: rename github organization to siderolabs
• siderolabs/talos@d1294d014 chore: add day-two tests for e2e-qemu
• siderolabs/talos@a6240e4b6 feat: update Linux to 5.15.30
• siderolabs/talos@e3fda049f docs: overhaul all the docs
• siderolabs/talos@f47750726 fix: the etcd recovery client and tests
• siderolabs/talos@69e07cddc fix: trigger properly udevd on types and actions
• siderolabs/talos@47d0e629d fix: clean up custom udev rules if the config is cleared
• siderolabs/talos@b6691b350 chore: bump dependencies
• siderolabs/talos@27af5d41c feat: pause the boot process on some failures instead of rebooting
• siderolabs/talos@58cb9db1e feat: allow hardlinks in the system extension images
• siderolabs/talos@1e982808f fix: ignore pod CIDRs for kubelet node IPs
• siderolabs/talos@5e0c80f61 fix: ignore connection reset errors on k8s upgrade
• siderolabs/talos@c156580a3 fix: split regular network operation configuration and virtual IP
• siderolabs/talos@cd4d4c605 feat: relax extensions file structure validation
• siderolabs/talos@50594ab1a fix: ignore terminated pods in pod health checks
• siderolabs/talos@9d69fb6b4 feat: update Kubernetes to 1.23.5
• siderolabs/talos@327ce5aba fix: invert the condition to skip kubelet kernel checks
• siderolabs/talos@cf85b3f07 docs: update cilium inline install
• siderolabs/talos@84ee1795d docs: update logo
• siderolabs/talos@cc7719c9d docs: improve comments in security proto
• siderolabs/talos@caf800fe8 feat: implement D-Bus systemd-compatible shutdown for kubelet
• siderolabs/talos@6bec08429 feat: add talosctl completions to copy, usage, logs, restart and service
• siderolabs/talos@355b1a4be fix: refresh etcd certs on startup/join
• siderolabs/talos@d256b5c5e docs: fix spelling mistakes
• siderolabs/talos@5fdedae20 chore: bump kernel to 5.15.28
• siderolabs/talos@18a21b5f2 chore: add dependency images-essential -> images
• siderolabs/talos@714e5eca6 chore: bump dependencies
• siderolabs/talos@58be4067e docs: update README.md
• siderolabs/talos@c5fb20930 docs: add loki note
• siderolabs/talos@f448cb4f3 feat: bump boot partition size to 1000 MiB
• siderolabs/talos@a095acb09 chore: fix equinixMetal platform name
• siderolabs/talos@2a7f9a445 fix: check for IPv6 before applying accept_ra
• siderolabs/talos@59681b8c9 fix: backport fixes from release-1.0 branch

Changes since v1.1.0-beta.0

• siderolabs/talos@9289c4ca8 release(v1.1.0-beta.1): prepare release
• siderolabs/talos@b75318520 feat: update containerd 1.6.6, Linux 5.15.45, Flannel 0.18.1
• siderolabs/talos@e23d1979b fix: add ovmf image path for rhel
• siderolabs/talos@6229eefe7 fix: wait for /var to be mounted in kubelet service controller
• siderolabs/talos@4712e73c4 fix: improve vip operator shutdown sequence
• siderolabs/talos@3860129d7 chore: bump golang to 1.18.3

Changes from siderolabs/extras

• siderolabs/extras@5800284 chore: bump golang to 1.18.3
• siderolabs/extras@913188a chore: update pkg to 1.1.0
• siderolabs/extras@e2bb56e chore: stable source date epoch
• siderolabs/extras@a77a6f4 chore: bump Go to 1.18.2
• siderolabs/extras@ac3b9a4 chore: bump pkgs
• siderolabs/extras@d4f8e88 chore: update references after org rename

Changes from siderolabs/go-pcidb

• siderolabs/go-pcidb@4c9f656 feat: initial implementation
• siderolabs/go-pcidb@be468ce Initial commit

Changes from siderolabs/go-pointer

• siderolabs/go-pointer@71ccdf0 chore: implement main functionality
• siderolabs/go-pointer@c1c3b23 Initial commit

Changes from siderolabs/pkgs

• siderolabs/pkgs@d523948 feat: update containerd to 1.6.6
• siderolabs/pkgs@a876600 chore: bump kernel to 5.15.45
• siderolabs/pkgs@43644d4 feat: update containerd to 1.6.5
• siderolabs/pkgs@9f61c50 chore: bump golang to 1.18.3
• siderolabs/pkgs@b8ecee8 chore: bump kernel to 5.15.44
• siderolabs/pkgs@f5db31f chore: bump tools to final v1.1.0 release
• siderolabs/pkgs@6b14046 feat: update Flannel CNI to 1.1.0
• siderolabs/pkgs@9b70e9f chore: bump kernel to 5.15.43
• siderolabs/pkgs@1f48da7 chore: stable source date epoch
• siderolabs/pkgs@24e545e feat: azure boot disk defenition
• siderolabs/pkgs@e72fe55 chore: bump kernel to 5.15.41
• siderolabs/pkgs@7305bd7 chore: bump kernel to 5.15.40
• siderolabs/pkgs@cd05ae8 chore: bump u-boot v2022.04
• siderolabs/pkgs@7add479 chore: bump kernel to 5.15.39
• siderolabs/pkgs@0886699 chore: bump runc to v1.1.2
• siderolabs/pkgs@dd06fa9 chore: bump nvidia drivers to 510.68.02
• siderolabs/pkgs@91bb939 chore: bump Go to 1.18.2
• siderolabs/pkgs@8bd8397 chore: bump kernel to 5.15.38
• siderolabs/pkgs@de96a44 chore: bump containerd to v1.6.4
• siderolabs/pkgs@45906c1 chore: bump ca-certificates to 2022-04-26
• siderolabs/pkgs@d847adc chore: bump kernel to 5.15.37
• siderolabs/pkgs@c4cfa72 chore: bump util-linux to 2.38
• siderolabs/pkgs@e22317d chore: bump tools
• siderolabs/pkgs@422ed8e chore: bump kernel to 5.15.36
• siderolabs/pkgs@1e833c6 chore: enable nvme hardware monitor
• siderolabs/pkgs@fe7c46f feat: update containerd to 1.6.3
• siderolabs/pkgs@95f4418 chore: bump kernel to 5.15.35
• siderolabs/pkgs@201af71 chore: bump tools and bldr
• siderolabs/pkgs@3de14d7 chore: enable xfs quota support
• siderolabs/pkgs@6955fd0 chore: bump raspberrypi-firmware to 1.20220331
• siderolabs/pkgs@5b498d8 chore: bump linux-firmware 20220401
• siderolabs/pkgs@9cda5c0 chore: bump kernel to 5.15.34
• siderolabs/pkgs@8b48af6 chore: bump tools
• siderolabs/pkgs@ff13660 chore: bump kernel to 5.15.33
• siderolabs/pkgs@415020f chore: bump eudev, remove non-relevant default rules
• siderolabs/pkgs@6691342 chore: add rockpi4c
• siderolabs/pkgs@5bd5fad chore: build u-boot spi image for rockpi
• siderolabs/pkgs@4dace49 fix: ipxe prompt arm64
• siderolabs/pkgs@6041fd7 chore: update to use latest tools (specifically go 1.18)
• siderolabs/pkgs@4b3e70e chore: upstream u-boot for jetson nano
• siderolabs/pkgs@cc1c8c7 feat: update runc to 1.1.1
• siderolabs/pkgs@3baf4e4 chore: enable random trust CPU
• siderolabs/pkgs@df31920 chore: disable sound
• siderolabs/pkgs@c27751b chore: bump nvidia drivers to 510.60.02
• siderolabs/pkgs@ba98e20 chore: bump kernel to 5.15.32
• siderolabs/pkgs@a76edfd feat: update containerd to 1.6.2
• siderolabs/pkgs@0c38670 chore: bump kernel to 5.15.31
• siderolabs/pkgs@bc4fb0c chore: org update
• siderolabs/pkgs@41f291d feat: update Flannel CNI to 1.0.1
• siderolabs/pkgs@58603ba chore: bump kernel to 5.15.30
• siderolabs/pkgs@d3bb262 chore: bump kernel to 5.15.29
• siderolabs/pkgs@76a24b5 chore: update openssl to 1.1.1n
• siderolabs/pkgs@490c7b7 chore: enable aarch64 NVIDIA drivers
• siderolabs/pkgs@b794b7a chore: bump linux-firmware to 20220310
• siderolabs/pkgs@acda207 chore: bump kernel to 5.15.28
• siderolabs/pkgs@e0fec11 chore: bump nvidia driver to 510.54
• siderolabs/pkgs@0407f05 chore: bump kernel to 5.15.27

Changes from siderolabs/tools

• siderolabs/tools@134974c chore: bump golang to 1.18.3
• siderolabs/tools@4a5c229 chore: bump toolchain to v0.6.0
• siderolabs/tools@50e535a chore: stable source date epoch
• siderolabs/tools@967ebd9 chore: bump curl to 7.83.1
• siderolabs/tools@e61f856 chore: bump go to 1.18.2
• siderolabs/tools@315890f chore: bump ca-certificates to 2022-04-26
• siderolabs/tools@a1d3530 chore: bump util-linux to 2.38
• siderolabs/tools@d229fe1 chore: update bldr
• siderolabs/tools@e9f123c chore: bump curl to 7.83.0
• siderolabs/tools@8473ef2 chore: bump git to 2.36.0
• siderolabs/tools@8c1f801 chore: bump coreutils to 9.1
• siderolabs/tools@533d5c9 chore: bump git to 2.35.2
• siderolabs/tools@a15cbee chore: bump go to 1.18.1
• siderolabs/tools@718ec10 chore: enable conform
• siderolabs/tools@a60a332 chore: bump xz and gzip
• siderolabs/tools@c8a3d4d chore: update go to 1.18
• siderolabs/tools@1684fdc chore: bump expat to 2.4.8
• siderolabs/tools@7f5e44c chore: bump zlib to 1.2.12
• siderolabs/tools@bfc99ca chore: rename org
• siderolabs/tools@99be089 chore: update openssl to 1.1.1n
• siderolabs/tools@b63872b chore: update golang to 1.17.8

Changes from talos-systems/go-blockdevice

• talos-systems/go-blockdevice@fccee8b chore: rekres the source, fix issues
• talos-systems/go-blockdevice@d9c3a27 feat: support probing FAT12/FAT16 filesystems
• talos-systems/go-blockdevice@b374eb4 fix: align partition to 1M boundary by default

Changes from talos-systems/go-loadbalancer

• talos-systems/go-loadbalancer@c54d95d feat: implement control plane loadbalancer
• talos-systems/go-loadbalancer@4a6e29e refactor: clean up names, fix the lingering goroutines
• talos-systems/go-loadbalancer@af87d1c chore: apply new Kres rules

Changes from talos-systems/go-smbios

• talos-systems/go-smbios@3f1e775 feat: rework destructuring of SMBIOS information and added some tests

Changes from talos-systems/siderolink

• talos-systems/siderolink@1d2b7e1 feat: allow setting peer endpoint using peer event
• talos-systems/siderolink@5d085d6 feat: expose wgDevice.Peers from the wireguard.Device wrapper
• talos-systems/siderolink@3a5be65 fix: use correct method to generate Wireguard private key
• talos-systems/siderolink@8318a7e feat: accept join token in Provision payload
• talos-systems/siderolink@b38c192 fix: build on Windows
• talos-systems/siderolink@9902ad2 feat: pass request context and node address to the events sink adapter

Dependency Changes

• cloud.google.com/go/compute v1.5.0 -> v1.6.1
• github.com/BurntSushi/toml v1.0.0 -> v1.1.0
• github.com/aws/aws-sdk-go v1.43.8 -> v1.44.24
• github.com/containerd/cgroups 2e502f6b9e43 -> v1.0.4
• github.com/containerd/containerd v1.6.2 -> v1.6.4
• github.com/containernetworking/cni v1.0.1 -> v1.1.0
• github.com/containernetworking/plugins v1.1.0 -> v1.1.1
• github.com/cosi-project/runtime 264f8fcd1a4f -> 95d06feaf8b5
• github.com/docker/distribution v2.8.0 -> v2.8.1
• github.com/docker/docker v20.10.12 -> v20.10.16
• github.com/fsnotify/fsnotify v1.5.1 -> v1.5.4
• github.com/gdamore/tcell/v2 f057f0a857a1 -> v2.5.1
• github.com/golang/mock v1.6.0 new
• github.com/google/go-cmp v0.5.7 -> v0.5.8
• github.com/google/nftables 211824995dcb -> a9775fb167d2
• github.com/hashicorp/go-getter v1.5.11 -> v1.6.1
• github.com/hashicorp/go-version v1.4.0 -> v1.5.0
• github.com/hetznercloud/hcloud-go v1.33.1 -> v1.33.2
• github.com/insomniacslk/dhcp 3c283ff8b7dd -> 1ca156eafb9f
• github.com/jsimonetti/rtnetlink v1.1.0 -> v1.2.0
• github.com/mdlayher/arp c37aaafac7f9 -> 6706a2966875
• github.com/mdlayher/netx 669a06fde734 -> c711c2f8512f
• github.com/opencontainers/image-spec v1.0.2 -> c5a74bcca799
• github.com/packethost/packngo v0.22.0 -> v0.24.0
• github.com/pelletier/go-toml v1.9.4 -> v1.9.5
• github.com/rivo/tview 96063d6082f3 -> 9994674d60a8
• github.com/rs/xid v1.3.0 -> v1.4.0
• github.com/ryanuber/go-glob v1.0.0 new
• github.com/safchain/ethtool v0.2.0 new
• github.com/siderolabs/extras v1.0.0 -> v1.1.0-1-g5800284
• github.com/siderolabs/go-pcidb v0.1.0 new
• github.com/siderolabs/go-pointer v1.0.0 new
• github.com/siderolabs/pkgs v1.0.0-6-g7c293d5 -> v1.1.0-5-gd523948
• github.com/siderolabs/tools v1.0.0-1-g4c77d96 -> v1.1.0-1-g134974c
• github.com/spf13/cobra v1.3.0 -> v1.4.0
• github.com/spf13/pflag v1.0.5 new
• github.com/stretchr/testify v1.7.0 -> v1.7.1
• github.com/talos-systems/go-blockdevice v0.3.1 -> v0.3.2
• github.com/talos-systems/go-loadbalancer v0.1.1 -> v0.1.2
• github.com/talos-systems/go-smbios v0.1.1 -> v0.2.0
• github.com/talos-systems/siderolink v0.1.0 -> v0.1.2
• github.com/vishvananda/netlink 650dca95af54 -> v1.2.0-beta
• github.com/vmware-tanzu/sonobuoy v0.56.2 -> v0.56.6
• github.com/vmware/govmomi v0.27.4 -> v0.28.0
• github.com/vmware/vmw-guestinfo cc1fd90d572c -> 510905f0efa3
• github.com/vultr/metadata v1.0.3 -> v1.1.0
• go.etcd.io/etcd/api/v3 v3.5.2 -> v3.5.4
• go.etcd.io/etcd/client/pkg/v3 v3.5.2 -> v3.5.4
• go.etcd.io/etcd/client/v3 v3.5.2 -> v3.5.4
• go.etcd.io/etcd/etcdutl/v3 v3.5.2 -> v3.5.4
• golang.org/x/net 27dd8689420f -> 5463443f8c37
• golang.org/x/sync 036812b2e83c -> 0976fa681c29
• golang.org/x/sys 4e6760a101f9 -> bc2c85ada10a
• golang.org/x/term 03fcf44c2211 -> 065cf7ba2467
• golang.org/x/time 0e9765cccd65 -> 583f2d630306
• golang.zx2c4.com/wireguard/wgctrl fde48d68ee68 -> 3d4a969bb56b
• google.golang.org/grpc v1.44.0 -> v1.46.2
• google.golang.org/protobuf v1.27.1 -> v1.28.0
• k8s.io/api v0.23.5 -> v0.24.1
• k8s.io/apimachinery v0.23.5 -> v0.24.1
• k8s.io/apiserver v0.23.5 -> v0.24.1
• k8s.io/client-go v0.23.5 -> v0.24.1
• k8s.io/component-base v0.23.5 -> v0.24.1
• k8s.io/cri-api v0.23.5 -> v0.24.1
• k8s.io/klog/v2 v2.60.1 new
• k8s.io/kubectl v0.23.5 -> v0.24.1
• k8s.io/kubelet v0.23.5 -> v0.24.1
• kernel.org/pub/linux/libs/security/libcap/cap v1.2.63 -> v1.2.64

Previous release can be found at v1.0.0

Images

ghcr.io/siderolabs/flannel:v0.18.1
ghcr.io/siderolabs/install-cni:v1.1.0-1-g5800284
docker.io/coredns/coredns:1.9.3
gcr.io/etcd-development/etcd:v3.5.4
k8s.gcr.io/kube-apiserver:v1.24.1
k8s.gcr.io/kube-controller-manager:v1.24.1
k8s.gcr.io/kube-scheduler:v1.24.1
k8s.gcr.io/kube-proxy:v1.24.1
ghcr.io/siderolabs/kubelet:v1.24.1
ghcr.io/siderolabs/installer:v1.1.0-beta.1
k8s.gcr.io/pause:3.6

Talos 1.0.6 (2022-06-07)

Welcome to the v1.0.6 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

• Linux: 5.15.45
• Containerd: v1.6.6

Talos is built with Go 1.17.11

Contributors

• Noel Georgi
• Andrey Smirnov

Changes

• siderolabs/talos@0c30c029f release(v1.0.6): prepare release
• siderolabs/talos@ca18010a9 feat: update containerd 1.6.6, Linux 5.15.45
• siderolabs/talos@e65638ef4 fix: wait for /var to be mounted in kubelet service controller
• siderolabs/talos@8e4f58f3e fix: improve vip operator shutdown sequence
• siderolabs/talos@097d89e6c feat: enable passing custom kernel args to the ISO creator
• siderolabs/talos@ed4147b60 docs: fix "double-base64-encode" in cert/key examples
• siderolabs/talos@71ddb2ee2 fix: match for WSL platform in case-insentive way
• siderolabs/talos@9f476c47f fix: ignore completed pods in cluster health check
• siderolabs/talos@365dbd70d chore: bump golang to 1.17.11
• siderolabs/talos@d2a63238d chore: bump kernel to 5.15.44
• siderolabs/talos@f1953a23a chore: bump kernel to 5.15.43
• siderolabs/talos@937e37763 chore: bump kernel to 5.15.41
• siderolabs/talos@79abbbdd3 chore: bump kernel to 5.15.40

Changes from siderolabs/extras

• siderolabs/extras@05b0920 chore: bump golang to 1.17.11

Changes from siderolabs/pkgs

• siderolabs/pkgs@cf9709e feat: update containerd to 1.6.6
• siderolabs/pkgs@600529e chore: bump kernel to 5.15.45
• siderolabs/pkgs@ebfac13 feat: update containerd to 1.6.5
• siderolabs/pkgs@b01e120 chore: bump golang to 1.17.11
• siderolabs/pkgs@80fca56 chore: bump kernel to 5.15.44
• siderolabs/pkgs@7e779c7 chore: bump kernel to 5.15.43
• siderolabs/pkgs@33d694c chore: bump kernel to 5.15.41
• siderolabs/pkgs@56540b2 chore: bump kernel to 5.15.40

Changes from siderolabs/tools

• siderolabs/tools@06e7ef3 chore: bump golang to 1.17.11

Dependency Changes

• github.com/containerd/containerd v1.6.4 -> v1.6.6
• github.com/containernetworking/cni v1.1.0 -> v1.1.1
• github.com/siderolabs/extras v1.0.0-3-g6327c36 -> v1.0.0-4-g05b0920
• github.com/siderolabs/pkgs v1.0.0-17-g7567bf4 -> v1.0.0-25-gcf9709e
• github.com/siderolabs/tools v1.0.0-4-g943b5d0 -> v1.0.0-5-g06e7ef3
• golang.org/x/sys 4e6760a101f9 -> 33da011f77ad

Previous release can be found at v1.0.5

Images

quay.io/coreos/flannel:v0.15.1
ghcr.io/siderolabs/install-cni:v1.0.0-4-g05b0920
docker.io/coredns/coredns:1.9.2
gcr.io/etcd-development/etcd:v3.5.3
k8s.gcr.io/kube-apiserver:v1.23.6
k8s.gcr.io/kube-controller-manager:v1.23.6
k8s.gcr.io/kube-scheduler:v1.23.6
k8s.gcr.io/kube-proxy:v1.23.6
ghcr.io/siderolabs/kubelet:v1.23.6
ghcr.io/siderolabs/installer:v1.0.6
k8s.gcr.io/pause:3.6

Talos 1.1.0-beta.0 (2022-05-31)

Welcome to the v1.1.0-beta.0 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Apply Config --dry-run

The commands talosctl apply-config, talosctl patch mc and talosctl edit mc now support --dry-run flag.
If enabled it just prints out the selected config application mode and the configuration diff.

Apply Config --mode=try

The commands talosctl apply-config, talosctl patch mc and talosctl edit mc now support the new mode called try.
In this mode the config change is applied for a period of time and then reverted back to the state it was before the change.
--timeout parameter can be used to customize the config rollback timeout.
This new mode can be used only with the parts of the config that can be changed without a reboot and can help to check that
the new configuration doesn't break the node.
Can be especially useful to check network interfaces changes that may lead to the loss of connectivity to the node.

IPv6 in Docker-based Talos Clusters

The command talosctl cluster create now enables IPv6 by default for the Docker containers
created for Talos nodes. This allows to use IPv6 addresses in Kubernetes networking.

If talosctl cluster create fails to work on Linux due to the lack of IPv6 support,
please use the flag --disable-docker-ipv6 to revert the change.

drop some default rules shipped by eudev

Drops some default eudev rules that doesn't make sense in the context of Talos OS.
Especially the ones around sound devices, cd-roms and renaming the network interfaces to be predictable

Network Device Selector

Talos machine configuration supports specifying network interfaces by selectors instead of interface name.
See documentation for more details.

Pod Security Admission

Pod Security Admission controller is enabled by default with the following policy:

apiVersion: apiserver.config.k8s.io/v1
kind: AdmissionConfiguration
plugins:
- configuration:
    apiVersion: pod-security.admission.config.k8s.io/v1alpha1
    defaults:
      audit: restricted
      audit-version: latest
      enforce: baseline
      enforce-version: latest
      warn: restricted
      warn-version: latest
    exemptions:
      namespaces:
      - kube-system
      runtimeClasses: []
      usernames: []
    kind: PodSecurityConfiguration
  name: PodSecurity
  path: ""

The policy is part of the Talos machine configuration, and it can be modified to suite your needs.

Support RockPi 4 variants A and B

Talos now supports RockPi variants A and B in addition to RockPi 4C

Raspberry Pi PoE hat fan

Talos now enables the Raspberry Pi PoE fan control by pulling in the poe overlay that works with upstream kernel

Component Updates

• Linux: 5.15.44
• Containerd: v1.6.4
• Kubernetes: 1.24.1
• Flannel: 0.17.0
• runc: 1.1.2
• CoreDNS: v1.9.3

Talos is built with Go 1.18.2

x86-64 Architecture

Talos is built for x86-64 architecture with support for x86-64-v2 microarchitecture level,
so Talos no longer runs on processors supporting only baseline x86-64 microarchitecture (before 2009).

Contributors

• Andrey Smirnov
• Noel Georgi
• Dmitriy Matrenichev
• Tim Jones
• Spencer Smith
• Artem Chernyshev
• Serge Logvinov
• Philipp Sauter
• Andrew Rynhard
• Steve Francis
• Steve Francis
• Andrei Dobre
• Bastiaan Schaap
• Bᴇʀɴᴅ Sᴄʜᴏʀɢᴇʀs
• Caleb Woodbine
• Daniel Höxtermann
• Gerard de Leeuw
• Jori Huisman
• Jorik Jonker
• Nat Allan
• Nico Berlee
• Philipp Sauter
• Sebastian Hasler
• Seán C McCord
• Suraj Shirvankar
• Tames McTigue
• Tim Jones
• Tomasz Zurkowski
• William Ashton

Changes

• siderolabs/talos@f8422f217 release(v1.1.0-beta.0): prepare release
• siderolabs/talos@98bbab12e chore: bump dependencies
• siderolabs/talos@0a6fc906f fix: table align hosts file
• siderolabs/talos@be644c96e fix: flannel ipv6 compatibility
• siderolabs/talos@99e8f1261 feat: add support for equinix metal events
• siderolabs/talos@1ba8a6b94 chore: update go yaml to the latest version
• siderolabs/talos@400a88dc5 chore: disable kexec on rpi4 and rockpi
• siderolabs/talos@48423a983 chore: bump kernel to 5.15.44
• siderolabs/talos@458e44c27 feat: include azure public IPs from standard LB SKU into extips
• siderolabs/talos@19edbb5bd docs: fix typo in main page
• siderolabs/talos@4ad773f01 feat: update CoreDNS to 1.9.3
• siderolabs/talos@7a4062904 chore: update Sidero Labs go modules to released versions
• siderolabs/talos@e40153aef fix: introduce more route protocols as constants
• siderolabs/talos@3ed254976 feat: update Kubernetes to 1.24.1
• siderolabs/talos@ceae420a8 chore: update tools/pkgs/extras to 1.1.0
• siderolabs/talos@f9c46fb18 fix: unmarshal HardwareAddr without stdlib help
• siderolabs/talos@f2e94d602 fix: implement unmarshaling from YAML for LinkStatus
• siderolabs/talos@fe858041b feat: enable version API in maintenance mode
• siderolabs/talos@875f67a6e fix: correctly parse empty route flags from YAML
• siderolabs/talos@00515b4ba chore: rename memory to memorymodules
• siderolabs/talos@9c4b7d6e8 feat: update Flannel to 0.18.0
• siderolabs/talos@c5297009e feat: support join token as part of siderolink kernel parameter
• siderolabs/talos@0dc4ad58e chore: bump kernel to 5.15.43
• siderolabs/talos@610884aa0 docs: correct the install-image tag in the Developing Talos section
• siderolabs/talos@af5ac30a7 feat: enable passing custom kernel args to the ISO creator
• siderolabs/talos@b7d068f60 chore: add cloud-image-uploader to go workspace
• siderolabs/talos@88efd75d3 docs: fix install script url
• siderolabs/talos@3f88030ca test: use use correct method to generate Wireguard private key
• siderolabs/talos@8c675c669 chore: siderolink maintenance mode
• siderolabs/talos@4551cbd7f fix: cluster creation error message formatting
• siderolabs/talos@bafa1f49d fix: improve error message when creating cluster
• siderolabs/talos@f03002ec6 feat: add support for disabling search domains
• siderolabs/talos@a1b6f21a8 chore: bump dependencies
• siderolabs/talos@1156daac2 fix: azure hostname definition
• siderolabs/talos@33a631f02 feat: look up Links PCI vendor/product via PCI ID database
• siderolabs/talos@40e57efa4 chore: fix reference to talosconfig
• siderolabs/talos@30eeb851b docs: extension service security options
• siderolabs/talos@bf7a6443e feat: add 'etcd membership is consistent across nodes' health check
• siderolabs/talos@4b3935fa4 docs: fix 1.1.x support matrix
• siderolabs/talos@efcdc16c5 chore: add go.work
• siderolabs/talos@20286c908 feat: add cpu/ram info as resource
• siderolabs/talos@c3f29031b feat: add ethtool ioctl as additional source of information
• siderolabs/talos@34d9a875a chore: go-smbios updates
• siderolabs/talos@f477eb882 chore: bump kernel to 5.15.41
• siderolabs/talos@5bac5e91a docs: fix "double-base64-encode" in cert/key examples
• siderolabs/talos@396e1386c feat: implement network device selector
• siderolabs/talos@5a8e011db fix: match for WSL platform in case-insentive way
• siderolabs/talos@ee8113b5f docs: add vector logging example
• siderolabs/talos@14985674c fix: allow SideroLink IPs in NodeAddresses
• siderolabs/talos@63f23e905 feat: openstack dhcp-v6 types
• siderolabs/talos@5ec4e9096 chore: bump kernel to 5.15.40
• siderolabs/talos@8cef958dd docs: update jetson nano docs
• siderolabs/talos@554edd3e8 chore: bump dependencies
• siderolabs/talos@f2d89735f feat: extend the extension service spec with container security options
• siderolabs/talos@850cfba72 chore: fix type order in deep-copy generation line
• siderolabs/talos@5a91f6076 fix: ignore completed pods in cluster health check
• siderolabs/talos@488ce753f docs: tidy up adopters
• siderolabs/talos@290f968fe release(v1.1.0-alpha.2): prepare release
• siderolabs/talos@a6e436582 feat: implement DeepCopy using code generation
• siderolabs/talos@91a49c4e7 fix: dhcpv6 leasetime segfault loop
• siderolabs/talos@afb679586 fix: reset certificate SANs on update
• siderolabs/talos@c87432fe1 fix: detect WSL for talosctl cluster create on Docker
• siderolabs/talos@166d2585c chore: bump kernel and runc
• siderolabs/talos@8d9b0cde0 chore: update deps to go 1.18.2
• siderolabs/talos@86741d998 fix: append hostname to cluster SANs when port is not specified
• siderolabs/talos@9885bbe17 docs: fix typos, edited for clarity
• siderolabs/talos@7fd1c80c3 fix: ignore failures to dial wireguard client
• siderolabs/talos@b8e7cdb70 docs: add vultr guide
• siderolabs/talos@c2be65b66 fix: openstack unable to parseIP
• siderolabs/talos@2ae0e3a56 test: add a test for version of Go Talos was built with
• siderolabs/talos@bef1a13fa docs: update latest Talos in 1.0 docs to 1.0.4
• siderolabs/talos@b52962c44 chore: bump dependencies
• siderolabs/talos@79ae76a6f fix: properly set allowSchedulingOnMasters in the interactive install
• siderolabs/talos@2b7e7d4dc feat: print the status of services during boot
• siderolabs/talos@802d4a23c fix: load kubelet system service in StartAllServices task
• siderolabs/talos@67019c434 fix: add source path for ovmf flash image
• siderolabs/talos@da7b24ba5 chore: bump kernel to 5.15.38
• siderolabs/talos@8ca8effd6 chore: add Equinix Managed Services NL to adopters
• siderolabs/talos@8bc97a30f fix: remove D-Bus sockets before listen attempts
• siderolabs/talos@54cfa039a fix: use json.Unmarshal instead of yaml.Unmarshal
• siderolabs/talos@6d30c4822 docs: update networking resource documentation
• siderolabs/talos@bc88de729 chore: bump coredns to v1.9.2
• siderolabs/talos@c6722b637 docs: when mentioning partitions, link to partition docs
• siderolabs/talos@b189e8426 chore: fix incorrect ManifestSpec.MarshalYAML signature
• siderolabs/talos@5d5280200 feat: add more hardware information to the link status resources
• siderolabs/talos@2ff6db749 chore: add Nedap Security Atlas as adopter
• siderolabs/talos@89cab200b chore: bump kubernetes to v1.24.0
• siderolabs/talos@09d16349f chore: refactor StaticPod and StaticPodStatus into typed.Resource
• siderolabs/talos@d2935f98c chore: refactor LinkRefresh and LinkStatus into typed.Resource
• siderolabs/talos@b52e0b9b9 fix: talosctl throws error if gen option and --input-dir flags are combined
• siderolabs/talos@0e15de3a8 docs: add adopters file
• siderolabs/talos@bb932c297 chore: bump containerd to v1.6.4
• siderolabs/talos@4eaaa2d59 chore: bump kernel to 5.15.37
• siderolabs/talos@89dde8f2c chore: refactor remaining resources into typed.Resource
• siderolabs/talos@bd089e702 chore: bump dependencies
• siderolabs/talos@3136334b9 docs: fix links in VMware documentation
• siderolabs/talos@403df0e18 docs: provide example on using config generation package
• siderolabs/talos@635192861 chore: redo pointer with github.com/siderolabs/go-pointer module
• siderolabs/talos@a269f740c docs: copy knowledge base to v1.0 docs
• siderolabs/talos@483201026 fix: return an error if there is no byte slice in ReadonlyProvider
• siderolabs/talos@6e7486f09 fix: allow graceful node shutdown to be overridden
• siderolabs/talos@867d38f28 feat: add bond slaves ordering
• siderolabs/talos@03ef62ad8 fix: include Go primitive types into unstructured deepcopy
• siderolabs/talos@f06e6acf2 chore: bump kernel to 5.15.36
• siderolabs/talos@c0d386abb fix: don't mount D-Bus socket via mount under recursive bind mount
• siderolabs/talos@9a8ff76df refactor: rewrite perf resource to use typed.Resource
• siderolabs/talos@71d04c4d5 refactor: rewrite runtime resources to use typed.Resource
• siderolabs/talos@7568d51fc fix: trigger CRI config merge on correct resource update
• siderolabs/talos@c456dbcb9 docs: remove references to init nodes
• siderolabs/talos@1973095d1 feat: update containerd to 1.6.3
• siderolabs/talos@b51292d88 docs: reformat config reference
• siderolabs/talos@c0709d970 feat: increase aio-max-nr and inotify.max_user_instances
• siderolabs/talos@85b328e99 refactor: convert secrets resources to use typed.Resource
• siderolabs/talos@e91350acd refactor: convert time & v1alpha1 resources to use typed.Resource
• siderolabs/talos@45464412e chore: bump dependencies
• siderolabs/talos@0af6b35a6 feat: update etcd to 3.5.4
• siderolabs/talos@7ad27751c docs: fix analytics and sitemap
• siderolabs/talos@55ff876dc chore: bump K8s Go modules to 1.24.0-rc.0
• siderolabs/talos@f1f43131f fix: strip 'v' prefix from versions on Kubernetes upgrade
• siderolabs/talos@ec621477b chore: tune QEMU disk provisioner options
• siderolabs/talos@b085343dc feat: use discovery information for etcd join (and other etcd calls)
• siderolabs/talos@2b03057b9 feat: implement a new mode try in the config manipulation commands
• siderolabs/talos@51a68c31f chore: allow mounting files from the host
• siderolabs/talos@f3e330a0a docs: fix network dependency
• siderolabs/talos@7ba39bd60 docs: clarify discovery service
• siderolabs/talos@8057d076a release(v1.1.0-alpha.1): prepare release
• siderolabs/talos@1d5c08e74 chore: bump kernel to 5.15.35
• siderolabs/talos@9bf23e516 feat: update Kubernetes to 1.24.0-rc.0
• siderolabs/talos@d78ed320b docs: fix the docs reference to star registry redirects
• siderolabs/talos@257dfb870 fix: run the 'post' stage of the service always
• siderolabs/talos@992e23023 fix: correctly handle stopping services with reverse dependencies
• siderolabs/talos@bb7a50bd5 docs: fix netlify redirects
• siderolabs/talos@486f79bc7 docs: fix netlify deploy url
• siderolabs/talos@e8cbedb05 docs: add canonical link ref
• siderolabs/talos@0fe4a7832 docs: improve latest-version banner
• siderolabs/talos@23984efcd fix: detect lingering mounts in the installer correctly
• siderolabs/talos@54dba925f chore: refactor network resource to use typed resource
• siderolabs/talos@4eb9f45cc refactor: split polymorphic K8sControlPlane into typed resources
• siderolabs/talos@68dfdd331 fix: provide logger to the etcd snapshot restore
• siderolabs/talos@f190403f0 docs: add how to get config after interactive setup
• siderolabs/talos@fac7b9466 docs: improve vip caveats documentation
• siderolabs/talos@250df9e67 docs: improve rook-ceph description
• siderolabs/talos@b5c1d868d docs: add talos/kubernetes config faq
• siderolabs/talos@39721ee93 chore: bump dependencies
• siderolabs/talos@610945774 chore: bump tools and pkgs
• siderolabs/talos@2b68c8b67 fix: enable long timestamps for xfs
• siderolabs/talos@be00d7749 chore: implement cluster resources using cosi typed resource
• siderolabs/talos@460d5ab13 docs: fix extension services alias
• siderolabs/talos@bbdfda2dd chore: xfs quota support in kernel
• siderolabs/talos@8ff8fc77f chore: enable rpi4 poe hat fan control
• siderolabs/talos@2b9722d1f feat: add dry-run flag in apply-config and edit commands
• siderolabs/talos@8af50fcd2 fix: correct cri package import path
• siderolabs/talos@ce09ede83 feat: update etcd to 3.5.3
• siderolabs/talos@13f41badd chore: bump kernel to 5.15.34
• siderolabs/talos@fa57b5d92 docs: reorganize documentation
• siderolabs/talos@a91eb9358 chore: bump deps
• siderolabs/talos@0aad0df2e refactor: remove String() for resource implementation
• siderolabs/talos@a4060513c feat: build Talos with support for x86-64-v2 microarchitecture
• siderolabs/talos@8faebd410 chore: bump tools and pkgs
• siderolabs/talos@8499b7e7d chore: bump dependencies
• siderolabs/talos@a7ba7ea67 feat: migrate to go 1.18
• siderolabs/talos@9dace93b5 feat: enable Pod Security Admission by default
• siderolabs/talos@c382cb8cd docs: update vmware docs
• siderolabs/talos@da0e638f0 docs: stableize tools versioning
• siderolabs/talos@f2d2267e7 docs: use template for netlify redirects
• siderolabs/talos@88f1d8fcc docs: update sitemap to point to direct url
• siderolabs/talos@a6eebee36 chore: update eudev
• siderolabs/talos@0cb84e8c1 fix: correctly parse tags out of images
• siderolabs/talos@17d09739f docs: enable nested arrow
• siderolabs/talos@1e4320b64 chore: add support for rockpi 4A and 4B
• siderolabs/talos@d1869d948 docs: update to Sidero Metal, mention clusterctl
• siderolabs/talos@18d0038ec fix: avoid panic in DHCPv6 operator on nil dereference
• siderolabs/talos@9e3d438db docs: fix code fence formatting
• siderolabs/talos@b3f1bb2cf fix: add support for FAT12/16 filesystems
• siderolabs/talos@8619f95c5 chore: bump dependencies
• siderolabs/talos@8c4f72004 docs: override sitemap.xml to only include latest results
• siderolabs/talos@5192ba4e2 docs: fix a typo in QEMU VM setup guide
• siderolabs/talos@663e3e879 refactor: change the stages for embed files generation
• siderolabs/talos@19bf12af0 fix: enable IPv6 in Docker-based Talos clusters
• siderolabs/talos@3889a5839 docs: update config.yaml, storage.md, digital-rebar.md
• siderolabs/talos@25d19131d release(v1.1.0-alpha.0): prepare release
• siderolabs/talos@2ca5279e5 fix: retry manifest updates in upgrade-k8s
• siderolabs/talos@eeb756168 feat: use kexec when resetting a node
• siderolabs/talos@1ed1f73e5 test: bump CAPI to 1.1.3
• siderolabs/talos@2ee1d2c72 feat: update Kuberentes to 1.24.0-beta.0
• siderolabs/talos@c26fa4ccc test: push GITHUB_TOKEN to the e2e-aws/gcp steps
• siderolabs/talos@95d900de7 feat: use kubeconfig env var
• siderolabs/talos@0b407dd17 feat: add dhcp-v6 NTP/DHCP-DUID
• siderolabs/talos@a140a6bad docs: update releases shortcode in upgrade guide
• siderolabs/talos@12931dced fix: align partitions on 1M boundary
• siderolabs/talos@37f868e37 fix: validate empty TLS config for registries
• siderolabs/talos@ca8b9c0a3 feat: update Kubernetes to 1.24.0-alpha.4
• siderolabs/talos@d9ec6b215 chore: drop dirty from abbreviated tag
• siderolabs/talos@08624fd0b docs: add banner to main page
• siderolabs/talos@fc23c7a59 test: bump versions for upgrade tests
• siderolabs/talos@4bfe68610 feat: update runc to 1.1.1
• siderolabs/talos@b315ed953 chore: use go:embed instead of ldflags
• siderolabs/talos@a5d64fc81 feat: update Flannel to 0.17.0
• siderolabs/talos@6d6eb3f6a docs: fork docs for 1.1
• siderolabs/talos@1d55f05d1 docs: update index page
• siderolabs/talos@ad6b7ec1a fix: enable etcd consistency on check startup
• siderolabs/talos@65a31f753 docs: re-add GA token
• siderolabs/talos@741c04832 docs: mark 1.0 docs as latest
• siderolabs/talos@e97433c8a docs: update jetson nano
• siderolabs/talos@6665e0f00 docs: code block copying
• siderolabs/talos@c41f2b216 docs: update whats-new-v1.0
• siderolabs/talos@0a36fbbf3 docs: add release notes for 1.0
• siderolabs/talos@bd0035f6a docs: add NVIDIA docs
• siderolabs/talos@efa3f2898 fix: correctly find partitions with config data (metal-iso)
• siderolabs/talos@9ebeec0d0 docs: fix incorrect path for talosconfig
• siderolabs/talos@9fef4540e docs: fix non-latest download links
• siderolabs/talos@f8ef6a081 docs: add rook ceph configuration guide
• siderolabs/talos@e2666f58f chore: bump kernel to 5.15.32
• siderolabs/talos@957b2f233 chore: bump dependencies
• siderolabs/talos@0fd2aa08b fix: correctly escape '.' in volume names
• siderolabs/talos@108fd03a7 fix: give up virtual IPs before the kubelet workloads are shut down
• siderolabs/talos@856e1333d fix: use 'localhost' endpoint in docker provisioner on Windows
• siderolabs/talos@c5da38609 docs: use variables and templates in the docs
• siderolabs/talos@4c83847b9 docs: target search results
• siderolabs/talos@67fb72d96 docs: add algolia versions to all content
• siderolabs/talos@5344d6e7c docs: fix extension service path dependency
• siderolabs/talos@9b9191c5e fix: increase intiial window and connection window sizes
• siderolabs/talos@7a88a0224 docs: show archived/pre-release banner based on version
• siderolabs/talos@e403470bf docs: filter algolia results by latest
• siderolabs/talos@0497d5f9f docs: tag latest docs for search
• siderolabs/talos@a25425483 feat: update containerd to 1.6.2, Linux to 5.15.31
• siderolabs/talos@9b6422fcc feat: update CoreDNS to 1.9.1
• siderolabs/talos@020856f80 docs: remove second search bar
• siderolabs/talos@5f27f4c63 docs: update asset links
• siderolabs/talos@9ff42b432 docs: fix redirects for /docs URLs
• siderolabs/talos@7283efd56 chore: update the talosctl CNI download url
• siderolabs/talos@e0eee7fcc test: use clusterctl.yaml overrides after org rename
• siderolabs/talos@73966f51e docs: fix extensions
• siderolabs/talos@f9766edb5 docs: remove empty doc file
• siderolabs/talos@e06e1473b feat: update golangci-lint to 1.45.0 and gofumpt to 0.3.0
• siderolabs/talos@a92c614b2 docs: add enterprise link to docs header
• siderolabs/talos@0ae7174ba docs: update search settings and redirects
• siderolabs/talos@883d401f9 chore: rename github organization to siderolabs
• siderolabs/talos@d1294d014 chore: add day-two tests for e2e-qemu
• siderolabs/talos@a6240e4b6 feat: update Linux to 5.15.30
• siderolabs/talos@e3fda049f docs: overhaul all the docs
• siderolabs/talos@f47750726 fix: the etcd recovery client and tests
• siderolabs/talos@69e07cddc fix: trigger properly udevd on types and actions
• siderolabs/talos@47d0e629d fix: clean up custom udev rules if the config is cleared
• siderolabs/talos@b6691b350 chore: bump dependencies
• siderolabs/talos@27af5d41c feat: pause the boot process on some failures instead of rebooting
• siderolabs/talos@58cb9db1e feat: allow hardlinks in the system extension images
• siderolabs/talos@1e982808f fix: ignore pod CIDRs for kubelet node IPs
• siderolabs/talos@5e0c80f61 fix: ignore connection reset errors on k8s upgrade
• siderolabs/talos@c156580a3 fix: split regular network operation configuration and virtual IP
• siderolabs/talos@cd4d4c605 feat: relax extensions file structure validation
• siderolabs/talos@50594ab1a fix: ignore terminated pods in pod health checks
• siderolabs/talos@9d69fb6b4 feat: update Kubernetes to 1.23.5
• siderolabs/talos@327ce5aba fix: invert the condition to skip kubelet kernel checks
• siderolabs/talos@cf85b3f07 docs: update cilium inline install
• siderolabs/talos@84ee1795d docs: update logo
• siderolabs/talos@cc7719c9d docs: improve comments in security proto
• siderolabs/talos@caf800fe8 feat: implement D-Bus systemd-compatible shutdown for kubelet
• siderolabs/talos@6bec08429 feat: add talosctl completions to copy, usage, logs, restart and service
• siderolabs/talos@355b1a4be fix: refresh etcd certs on startup/join
• siderolabs/talos@d256b5c5e docs: fix spelling mistakes
• siderolabs/talos@5fdedae20 chore: bump kernel to 5.15.28
• siderolabs/talos@18a21b5f2 chore: add dependency images-essential -> images
• siderolabs/talos@714e5eca6 chore: bump dependencies
• siderolabs/talos@58be4067e docs: update README.md
• siderolabs/talos@c5fb20930 docs: add loki note
• siderolabs/talos@f448cb4f3 feat: bump boot partition size to 1000 MiB
• siderolabs/talos@a095acb09 chore: fix equinixMetal platform name
• siderolabs/talos@2a7f9a445 fix: check for IPv6 before applying accept_ra
• siderolabs/talos@59681b8c9 fix: backport fixes from release-1.0 branch

Changes since v1.1.0-alpha.2

• siderolabs/talos@f8422f217 release(v1.1.0-beta.0): prepare release
• siderolabs/talos@98bbab12e chore: bump dependencies
• siderolabs/talos@0a6fc906f fix: table align hosts file
• siderolabs/talos@be644c96e fix: flannel ipv6 compatibility
• siderolabs/talos@99e8f1261 feat: add support for equinix metal events
• siderolabs/talos@1ba8a6b94 chore: update go yaml to the latest version
• siderolabs/talos@400a88dc5 chore: disable kexec on rpi4 and rockpi
• siderolabs/talos@48423a983 chore: bump kernel to 5.15.44
• siderolabs/talos@458e44c27 feat: include azure public IPs from standard LB SKU into extips
• siderolabs/talos@19edbb5bd docs: fix typo in main page
• siderolabs/talos@4ad773f01 feat: update CoreDNS to 1.9.3
• siderolabs/talos@7a4062904 chore: update Sidero Labs go modules to released versions
• siderolabs/talos@e40153aef fix: introduce more route protocols as constants
• siderolabs/talos@3ed254976 feat: update Kubernetes to 1.24.1
• siderolabs/talos@ceae420a8 chore: update tools/pkgs/extras to 1.1.0
• siderolabs/talos@f9c46fb18 fix: unmarshal HardwareAddr without stdlib help
• siderolabs/talos@f2e94d602 fix: implement unmarshaling from YAML for LinkStatus
• siderolabs/talos@fe858041b feat: enable version API in maintenance mode
• siderolabs/talos@875f67a6e fix: correctly parse empty route flags from YAML
• siderolabs/talos@00515b4ba chore: rename memory to memorymodules
• siderolabs/talos@9c4b7d6e8 feat: update Flannel to 0.18.0
• siderolabs/talos@c5297009e feat: support join token as part of siderolink kernel parameter
• siderolabs/talos@0dc4ad58e chore: bump kernel to 5.15.43
• siderolabs/talos@610884aa0 docs: correct the install-image tag in the Developing Talos section
• siderolabs/talos@af5ac30a7 feat: enable passing custom kernel args to the ISO creator
• siderolabs/talos@b7d068f60 chore: add cloud-image-uploader to go workspace
• siderolabs/talos@88efd75d3 docs: fix install script url
• siderolabs/talos@3f88030ca test: use use correct method to generate Wireguard private key
• siderolabs/talos@8c675c669 chore: siderolink maintenance mode
• siderolabs/talos@4551cbd7f fix: cluster creation error message formatting
• siderolabs/talos@bafa1f49d fix: improve error message when creating cluster
• siderolabs/talos@f03002ec6 feat: add support for disabling search domains
• siderolabs/talos@a1b6f21a8 chore: bump dependencies
• siderolabs/talos@1156daac2 fix: azure hostname definition
• siderolabs/talos@33a631f02 feat: look up Links PCI vendor/product via PCI ID database
• siderolabs/talos@40e57efa4 chore: fix reference to talosconfig
• siderolabs/talos@30eeb851b docs: extension service security options
• siderolabs/talos@bf7a6443e feat: add 'etcd membership is consistent across nodes' health check
• siderolabs/talos@4b3935fa4 docs: fix 1.1.x support matrix
• siderolabs/talos@efcdc16c5 chore: add go.work
• siderolabs/talos@20286c908 feat: add cpu/ram info as resource
• siderolabs/talos@c3f29031b feat: add ethtool ioctl as additional source of information
• siderolabs/talos@34d9a875a chore: go-smbios updates
• siderolabs/talos@f477eb882 chore: bump kernel to 5.15.41
• siderolabs/talos@5bac5e91a docs: fix "double-base64-encode" in cert/key examples
• siderolabs/talos@396e1386c feat: implement network device selector
• siderolabs/talos@5a8e011db fix: match for WSL platform in case-insentive way
• siderolabs/talos@ee8113b5f docs: add vector logging example
• siderolabs/talos@14985674c fix: allow SideroLink IPs in NodeAddresses
• siderolabs/talos@63f23e905 feat: openstack dhcp-v6 types
• siderolabs/talos@5ec4e9096 chore: bump kernel to 5.15.40
• siderolabs/talos@8cef958dd docs: update jetson nano docs
• siderolabs/talos@554edd3e8 chore: bump dependencies
• siderolabs/talos@f2d89735f feat: extend the extension service spec with container security options
• siderolabs/talos@850cfba72 chore: fix type order in deep-copy generation line
• siderolabs/talos@5a91f6076 fix: ignore completed pods in cluster health check
• siderolabs/talos@488ce753f docs: tidy up adopters

Changes from siderolabs/extras

• siderolabs/extras@913188a chore: update pkg to 1.1.0
• siderolabs/extras@e2bb56e chore: stable source date epoch
• siderolabs/extras@a77a6f4 chore: bump Go to 1.18.2
• siderolabs/extras@ac3b9a4 chore: bump pkgs
• siderolabs/extras@d4f8e88 chore: update references after org rename

Changes from siderolabs/go-pcidb

• siderolabs/go-pcidb@4c9f656 feat: initial implementation
• siderolabs/go-pcidb@be468ce Initial commit

Changes from siderolabs/go-pointer

• siderolabs/go-pointer@71ccdf0 chore: implement main functionality
• siderolabs/go-pointer@c1c3b23 Initial commit

Changes from siderolabs/pkgs

• siderolabs/pkgs@dc21e30 chore: bump kernel to 5.15.44
• siderolabs/pkgs@f5db31f chore: bump tools to final v1.1.0 release
• siderolabs/pkgs@6b14046 feat: update Flannel CNI to 1.1.0
• siderolabs/pkgs@9b70e9f chore: bump kernel to 5.15.43
• siderolabs/pkgs@1f48da7 chore: stable source date epoch
• siderolabs/pkgs@24e545e feat: azure boot disk defenition
• siderolabs/pkgs@e72fe55 chore: bump kernel to 5.15.41
• siderolabs/pkgs@7305bd7 chore: bump kernel to 5.15.40
• siderolabs/pkgs@cd05ae8 chore: bump u-boot v2022.04
• siderolabs/pkgs@7add479 chore: bump kernel to 5.15.39
• siderolabs/pkgs@0886699 chore: bump runc to v1.1.2
• siderolabs/pkgs@dd06fa9 chore: bump nvidia drivers to 510.68.02
• siderolabs/pkgs@91bb939 chore: bump Go to 1.18.2
• siderolabs/pkgs@8bd8397 chore: bump kernel to 5.15.38
• siderolabs/pkgs@de96a44 chore: bump containerd to v1.6.4
• siderolabs/pkgs@45906c1 chore: bump ca-certificates to 2022-04-26
• siderolabs/pkgs@d847adc chore: bump kernel to 5.15.37
• siderolabs/pkgs@c4cfa72 chore: bump util-linux to 2.38
• siderolabs/pkgs@e22317d chore: bump tools
• siderolabs/pkgs@422ed8e chore: bump kernel to 5.15.36
• siderolabs/pkgs@1e833c6 chore: enable nvme hardware monitor
• siderolabs/pkgs@fe7c46f feat: update containerd to 1.6.3
• siderolabs/pkgs@95f4418 chore: bump kernel to 5.15.35
• siderolabs/pkgs@201af71 chore: bump tools and bldr
• siderolabs/pkgs@3de14d7 chore: enable xfs quota support
• siderolabs/pkgs@6955fd0 chore: bump raspberrypi-firmware to 1.20220331
• siderolabs/pkgs@5b498d8 chore: bump linux-firmware 20220401
• siderolabs/pkgs@9cda5c0 chore: bump kernel to 5.15.34
• siderolabs/pkgs@8b48af6 chore: bump tools
• siderolabs/pkgs@ff13660 chore: bump kernel to 5.15.33
• siderolabs/pkgs@415020f chore: bump eudev, remove non-relevant default rules
• siderolabs/pkgs@6691342 chore: add rockpi4c
• siderolabs/pkgs@5bd5fad chore: build u-boot spi image for rockpi
• siderolabs/pkgs@4dace49 fix: ipxe prompt arm64
• siderolabs/pkgs@6041fd7 chore: update to use latest tools (specifically go 1.18)
• siderolabs/pkgs@4b3e70e chore: upstream u-boot for jetson nano
• siderolabs/pkgs@cc1c8c7 feat: update runc to 1.1.1
• siderolabs/pkgs@3baf4e4 chore: enable random trust CPU
• siderolabs/pkgs@df31920 chore: disable sound
• siderolabs/pkgs@c27751b chore: bump nvidia drivers to 510.60.02
• siderolabs/pkgs@ba98e20 chore: bump kernel to 5.15.32
• siderolabs/pkgs@a76edfd feat: update containerd to 1.6.2
• siderolabs/pkgs@0c38670 chore: bump kernel to 5.15.31
• siderolabs/pkgs@bc4fb0c chore: org update
• siderolabs/pkgs@41f291d feat: update Flannel CNI to 1.0.1
• siderolabs/pkgs@58603ba chore: bump kernel to 5.15.30
• siderolabs/pkgs@d3bb262 chore: bump kernel to 5.15.29
• siderolabs/pkgs@76a24b5 chore: update openssl to 1.1.1n
• siderolabs/pkgs@490c7b7 chore: enable aarch64 NVIDIA drivers
• siderolabs/pkgs@b794b7a chore: bump linux-firmware to 20220310
• siderolabs/pkgs@acda207 chore: bump kernel to 5.15.28
• siderolabs/pkgs@e0fec11 chore: bump nvidia driver to 510.54
• siderolabs/pkgs@0407f05 chore: bump kernel to 5.15.27

Changes from siderolabs/tools

• siderolabs/tools@4a5c229 chore: bump toolchain to v0.6.0
• siderolabs/tools@50e535a chore: stable source date epoch
• siderolabs/tools@967ebd9 chore: bump curl to 7.83.1
• siderolabs/tools@e61f856 chore: bump go to 1.18.2
• siderolabs/tools@315890f chore: bump ca-certificates to 2022-04-26
• siderolabs/tools@a1d3530 chore: bump util-linux to 2.38
• siderolabs/tools@d229fe1 chore: update bldr
• siderolabs/tools@e9f123c chore: bump curl to 7.83.0
• siderolabs/tools@8473ef2 chore: bump git to 2.36.0
• siderolabs/tools@8c1f801 chore: bump coreutils to 9.1
• siderolabs/tools@533d5c9 chore: bump git to 2.35.2
• siderolabs/tools@a15cbee chore: bump go to 1.18.1
• siderolabs/tools@718ec10 chore: enable conform
• siderolabs/tools@a60a332 chore: bump xz and gzip
• siderolabs/tools@c8a3d4d chore: update go to 1.18
• siderolabs/tools@1684fdc chore: bump expat to 2.4.8
• siderolabs/tools@7f5e44c chore: bump zlib to 1.2.12
• siderolabs/tools@bfc99ca chore: rename org
• siderolabs/tools@99be089 chore: update openssl to 1.1.1n
• siderolabs/tools@b63872b chore: update golang to 1.17.8

Changes from talos-systems/go-blockdevice

• talos-systems/go-blockdevice@fccee8b chore: rekres the source, fix issues
• talos-systems/go-blockdevice@d9c3a27 feat: support probing FAT12/FAT16 filesystems
• talos-systems/go-blockdevice@b374eb4 fix: align partition to 1M boundary by default

Changes from talos-systems/go-loadbalancer

• talos-systems/go-loadbalancer@c54d95d feat: implement control plane loadbalancer
• talos-systems/go-loadbalancer@4a6e29e refactor: clean up names, fix the lingering goroutines
• talos-systems/go-loadbalancer@af87d1c chore: apply new Kres rules

Changes from talos-systems/go-smbios

• talos-systems/go-smbios@3f1e775 feat: rework destructuring of SMBIOS information and added some tests

Changes from talos-systems/siderolink

• talos-systems/siderolink@1d2b7e1 feat: allow setting peer endpoint using peer event
• talos-systems/siderolink@5d085d6 feat: expose wgDevice.Peers from the wireguard.Device wrapper
• talos-systems/siderolink@3a5be65 fix: use correct method to generate Wireguard private key
• talos-systems/siderolink@8318a7e feat: accept join token in Provision payload
• talos-systems/siderolink@b38c192 fix: build on Windows
• talos-systems/siderolink@9902ad2 feat: pass request context and node address to the events sink adapter

Dependency Changes

• cloud.google.com/go/compute v1.5.0 -> v1.6.1
• github.com/BurntSushi/toml v1.0.0 -> v1.1.0
• github.com/aws/aws-sdk-go v1.43.8 -> v1.44.24
• github.com/containerd/cgroups 2e502f6b9e43 -> v1.0.4
• github.com/containerd/containerd v1.6.2 -> v1.6.4
• github.com/containernetworking/cni v1.0.1 -> v1.1.0
• github.com/containernetworking/plugins v1.1.0 -> v1.1.1
• github.com/cosi-project/runtime 264f8fcd1a4f -> 95d06feaf8b5
• github.com/docker/distribution v2.8.0 -> v2.8.1
• github.com/docker/docker v20.10.12 -> v20.10.16
• github.com/fsnotify/fsnotify v1.5.1 -> v1.5.4
• github.com/gdamore/tcell/v2 f057f0a857a1 -> v2.5.1
• github.com/golang/mock v1.6.0 new
• github.com/google/go-cmp v0.5.7 -> v0.5.8
• github.com/google/nftables 211824995dcb -> a9775fb167d2
• github.com/hashicorp/go-getter v1.5.11 -> v1.6.1
• github.com/hashicorp/go-version v1.4.0 -> v1.5.0
• github.com/hetznercloud/hcloud-go v1.33.1 -> v1.33.2
• github.com/insomniacslk/dhcp 3c283ff8b7dd -> 1ca156eafb9f
• github.com/jsimonetti/rtnetlink v1.1.0 -> v1.2.0
• github.com/mdlayher/arp c37aaafac7f9 -> 6706a2966875
• github.com/mdlayher/netx 669a06fde734 -> c711c2f8512f
• github.com/opencontainers/image-spec v1.0.2 -> c5a74bcca799
• github.com/packethost/packngo v0.22.0 -> v0.24.0
• github.com/pelletier/go-toml v1.9.4 -> v1.9.5
• github.com/rivo/tview 96063d6082f3 -> 9994674d60a8
• github.com/rs/xid v1.3.0 -> v1.4.0
• github.com/ryanuber/go-glob v1.0.0 new
• github.com/safchain/ethtool v0.2.0 new
• github.com/siderolabs/extras v1.0.0 -> v1.1.0
• github.com/siderolabs/go-pcidb v0.1.0 new
• github.com/siderolabs/go-pointer v1.0.0 new
• github.com/siderolabs/pkgs v1.0.0-6-g7c293d5 -> v1.1.0-1-gdc21e30
• github.com/siderolabs/tools v1.0.0-1-g4c77d96 -> v1.1.0
• github.com/spf13/cobra v1.3.0 -> v1.4.0
• github.com/spf13/pflag v1.0.5 new
• github.com/stretchr/testify v1.7.0 -> v1.7.1
• github.com/talos-systems/go-blockdevice v0.3.1 -> v0.3.2
• github.com/talos-systems/go-loadbalancer v0.1.1 -> v0.1.2
• github.com/talos-systems/go-smbios v0.1.1 -> v0.2.0
• github.com/talos-systems/siderolink v0.1.0 -> v0.1.2
• github.com/vishvananda/netlink 650dca95af54 -> v1.2.0-beta
• github.com/vmware-tanzu/sonobuoy v0.56.2 -> v0.56.6
• github.com/vmware/govmomi v0.27.4 -> v0.28.0
• github.com/vmware/vmw-guestinfo cc1fd90d572c -> 510905f0efa3
• github.com/vultr/metadata v1.0.3 -> v1.1.0
• go.etcd.io/etcd/api/v3 v3.5.2 -> v3.5.4
• go.etcd.io/etcd/client/pkg/v3 v3.5.2 -> v3.5.4
• go.etcd.io/etcd/client/v3 v3.5.2 -> v3.5.4
• go.etcd.io/etcd/etcdutl/v3 v3.5.2 -> v3.5.4
• golang.org/x/net 27dd8689420f -> 5463443f8c37
• golang.org/x/sync 036812b2e83c -> 0976fa681c29
• golang.org/x/sys 4e6760a101f9 -> bc2c85ada10a
• golang.org/x/term 03fcf44c2211 -> 065cf7ba2467
• golang.org/x/time 0e9765cccd65 -> 583f2d630306
• golang.zx2c4.com/wireguard/wgctrl fde48d68ee68 -> 3d4a969bb56b
• google.golang.org/grpc v1.44.0 -> v1.46.2
• google.golang.org/protobuf v1.27.1 -> v1.28.0
• k8s.io/api v0.23.5 -> v0.24.1
• k8s.io/apimachinery v0.23.5 -> v0.24.1
• k8s.io/apiserver v0.23.5 -> v0.24.1
• k8s.io/client-go v0.23.5 -> v0.24.1
• k8s.io/component-base v0.23.5 -> v0.24.1
• k8s.io/cri-api v0.23.5 -> v0.24.1
• k8s.io/klog/v2 v2.60.1 new
• k8s.io/kubectl v0.23.5 -> v0.24.1
• k8s.io/kubelet v0.23.5 -> v0.24.1
• kernel.org/pub/linux/libs/security/libcap/cap v1.2.63 -> v1.2.64

Previous release can be found at v1.0.0

Images

ghcr.io/siderolabs/flannel:v0.18.0
ghcr.io/siderolabs/install-cni:v1.1.0
docker.io/coredns/coredns:1.9.3
gcr.io/etcd-development/etcd:v3.5.4
k8s.gcr.io/kube-apiserver:v1.24.1
k8s.gcr.io/kube-controller-manager:v1.24.1
k8s.gcr.io/kube-scheduler:v1.24.1
k8s.gcr.io/kube-proxy:v1.24.1
ghcr.io/siderolabs/kubelet:v1.24.1
ghcr.io/siderolabs/installer:v1.1.0-beta.0
k8s.gcr.io/pause:3.6

Talos 1.0.5 (2022-05-13)

Welcome to the v1.0.5 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

• Linux: 5.15.39
• Containerd: v1.6.4
• Runc: 1.1.2
• CoreDNS: v1.9.2

Talos is built with Go 1.17.10

Contributors

• Andrey Smirnov
• Noel Georgi
• Dmitriy Matrenichev
• Philipp Sauter
• Serge Logvinov
• Artem Chernyshev

Changes

• siderolabs/talos@9f2bfac2f release(v1.0.5): prepare release
• siderolabs/talos@07729c402 fix: detect WSL for talosctl cluster create on Docker
• siderolabs/talos@23274efe6 fix: dhcpv6 leasetime segfault loop
• siderolabs/talos@0523c63ba fix: reset certificate SANs on update
• siderolabs/talos@89d928516 fix: append hostname to cluster SANs when port is not specified
• siderolabs/talos@a73fccb79 fix: ignore failures to dial wireguard client
• siderolabs/talos@011093439 test: add a test for version of Go Talos was built with
• siderolabs/talos@cfb5572d7 fix: properly set allowSchedulingOnMasters in the interactive install
• siderolabs/talos@ad84c2137 fix: load kubelet system service in StartAllServices task
• siderolabs/talos@c32946212 fix: openstack unable to parseIP
• siderolabs/talos@e8f1234c5 chore: bump coredns to v1.9.2
• siderolabs/talos@c91205e1f fix: remove D-Bus sockets before listen attempts
• siderolabs/talos@a5cda5df8 fix: use json.Unmarshal instead of yaml.Unmarshal
• siderolabs/talos@20c10a470 fix: add source path for ovmf flash image
• siderolabs/talos@805804e73 chore: allow mounting files from the host
• siderolabs/talos@75e93e7b8 docs: provide example on using config generation package
• siderolabs/talos@1fa3513d9 chore: bump kernel and runc
• siderolabs/talos@546b22480 chore: update deps to go 1.17.10
• siderolabs/talos@9f3e6276b chore: bump kernel to 5.15.38
• siderolabs/talos@118bbd99d feat: update containerd to 1.6.4
• siderolabs/talos@b7a275694 chore: bump kernel and containerd

Changes from siderolabs/extras

• siderolabs/extras@6327c36 chore: bump Go to 1.17.10

Changes from siderolabs/pkgs

• siderolabs/pkgs@7567bf4 chore: bump kernel to 5.15.39
• siderolabs/pkgs@774fa72 chore: bump runc to v1.1.2
• siderolabs/pkgs@1dd581a chore: bump Go to 1.17.10
• siderolabs/pkgs@de04341 chore: bump kernel to 5.15.38
• siderolabs/pkgs@b4a98c4 chore: bump containerd to v1.6.4
• siderolabs/pkgs@ebf74f9 chore: bump kernel to 5.15.37
• siderolabs/pkgs@ebdc549 feat: update containerd to 1.6.3

Changes from siderolabs/tools

• siderolabs/tools@943b5d0 chore: bump go to 1.17.10

Dependency Changes

• github.com/containerd/containerd v1.6.2 -> v1.6.4
• github.com/containernetworking/cni v1.0.1 -> v1.1.0
• github.com/containernetworking/plugins v1.1.0 -> v1.1.1
• github.com/opencontainers/image-spec v1.0.2 -> c5a74bcca799
• github.com/siderolabs/extras v1.0.0-2-gc5d3ab0 -> v1.0.0-3-g6327c36
• github.com/siderolabs/pkgs v1.0.0-10-gbf81bd2 -> v1.0.0-17-g7567bf4
• github.com/siderolabs/tools v1.0.0-3-ga8fb702 -> v1.0.0-4-g943b5d0

Previous release can be found at v1.0.4

Images

quay.io/coreos/flannel:v0.15.1
ghcr.io/siderolabs/install-cni:v1.0.0-3-g6327c36
docker.io/coredns/coredns:1.9.2
gcr.io/etcd-development/etcd:v3.5.3
k8s.gcr.io/kube-apiserver:v1.23.6
k8s.gcr.io/kube-controller-manager:v1.23.6
k8s.gcr.io/kube-scheduler:v1.23.6
k8s.gcr.io/kube-proxy:v1.23.6
ghcr.io/siderolabs/kubelet:v1.23.6
ghcr.io/siderolabs/installer:v1.0.5
k8s.gcr.io/pause:3.6

Talos 1.1.0-alpha.2 (2022-05-13)

Welcome to the v1.1.0-alpha.2 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Apply Config --dry-run

The commands talosctl apply-config, talosctl patch mc and talosctl edit mc now support --dry-run flag.
If enabled it just prints out the selected config application mode and the configuration diff.

Apply Config --mode=try

The commands talosctl apply-config, talosctl patch mc and talosctl edit mc now support the new mode called try.
In this mode the config change is applied for a period of time and then reverted back to the state it was before the change.
--timeout parameter can be used to customize the config rollback timeout.
This new mode can be used only with the parts of the config that can be changed without a reboot and can help to check that
the new configuration doesn't break the node.
Can be especially useful to check network interfaces changes that may lead to the loss of connectivity to the node.

IPv6 in Docker-based Talos Clusters

The command talosctl cluster create now enables IPv6 by default for the Docker containers
created for Talos nodes. This allows to use IPv6 addresses in Kubernetes networking.

If talosctl cluster create fails to work on Linux due to the lack of IPv6 support,
please use the flag --disable-docker-ipv6 to revert the change.

drop some default rules shipped by eudev

Drops some default eudev rules that doesn't make sense in the context of Talos OS.
Especially the ones around sound devices, cd-roms and renaming the network interfaces to be predictable

Pod Security Admission

Pod Security Admission controller is enabled by default with the following policy:

apiVersion: apiserver.config.k8s.io/v1
kind: AdmissionConfiguration
plugins:
- configuration:
    apiVersion: pod-security.admission.config.k8s.io/v1alpha1
    defaults:
      audit: restricted
      audit-version: latest
      enforce: baseline
      enforce-version: latest
      warn: restricted
      warn-version: latest
    exemptions:
      namespaces:
      - kube-system
      runtimeClasses: []
      usernames: []
    kind: PodSecurityConfiguration
  name: PodSecurity
  path: ""

The policy is part of the Talos machine configuration, and it can be modified to suite your needs.

Support RockPi 4 variants A and B

Talos now supports RockPi variants A and B in addition to RockPi 4C

Raspberry Pi PoE hat fan

Talos now enables the Raspberry Pi PoE fan control by pulling in the poe overlay that works with upstream kernel

Component Updates

• Linux: 5.15.39
• Containerd: v1.6.4
• Kubernetes: 1.24.0
• Flannel: 0.17.0
• runc: 1.1.2
• CoreDNS: v1.9.2

Talos is built with Go 1.18.2

x86-64 Architecture

Talos is built for x86-64 architecture with support for x86-64-v2 microarchitecture level,
so Talos no longer runs on processors supporting only baseline x86-64 microarchitecture (before 2009).

Contributors

• Andrey Smirnov
• Noel Georgi
• Dmitriy Matrenichev
• Tim Jones
• Spencer Smith
• Artem Chernyshev
• Andrew Rynhard
• Serge Logvinov
• Steve Francis
• Philipp Sauter
• Steve Francis
• Andrei Dobre
• Bastiaan Schaap
• Caleb Woodbine
• Daniel Höxtermann
• Jori Huisman
• Jorik Jonker
• Nico Berlee
• Philipp Sauter
• Sebastian Hasler
• Seán C McCord
• Suraj Shirvankar
• Tames McTigue
• Tim Jones
• Tomasz Zurkowski
• William Ashton

Changes

• siderolabs/talos@290f968fe release(v1.1.0-alpha.2): prepare release
• siderolabs/talos@a6e436582 feat: implement DeepCopy using code generation
• siderolabs/talos@91a49c4e7 fix: dhcpv6 leasetime segfault loop
• siderolabs/talos@afb679586 fix: reset certificate SANs on update
• siderolabs/talos@c87432fe1 fix: detect WSL for talosctl cluster create on Docker
• siderolabs/talos@166d2585c chore: bump kernel and runc
• siderolabs/talos@8d9b0cde0 chore: update deps to go 1.18.2
• siderolabs/talos@86741d998 fix: append hostname to cluster SANs when port is not specified
• siderolabs/talos@9885bbe17 docs: fix typos, edited for clarity
• siderolabs/talos@7fd1c80c3 fix: ignore failures to dial wireguard client
• siderolabs/talos@b8e7cdb70 docs: add vultr guide
• siderolabs/talos@c2be65b66 fix: openstack unable to parseIP
• siderolabs/talos@2ae0e3a56 test: add a test for version of Go Talos was built with
• siderolabs/talos@bef1a13fa docs: update latest Talos in 1.0 docs to 1.0.4
• siderolabs/talos@b52962c44 chore: bump dependencies
• siderolabs/talos@79ae76a6f fix: properly set allowSchedulingOnMasters in the interactive install
• siderolabs/talos@2b7e7d4dc feat: print the status of services during boot
• siderolabs/talos@802d4a23c fix: load kubelet system service in StartAllServices task
• siderolabs/talos@67019c434 fix: add source path for ovmf flash image
• siderolabs/talos@da7b24ba5 chore: bump kernel to 5.15.38
• siderolabs/talos@8ca8effd6 chore: add Equinix Managed Services NL to adopters
• siderolabs/talos@8bc97a30f fix: remove D-Bus sockets before listen attempts
• siderolabs/talos@54cfa039a fix: use json.Unmarshal instead of yaml.Unmarshal
• siderolabs/talos@6d30c4822 docs: update networking resource documentation
• siderolabs/talos@bc88de729 chore: bump coredns to v1.9.2
• siderolabs/talos@c6722b637 docs: when mentioning partitions, link to partition docs
• siderolabs/talos@b189e8426 chore: fix incorrect ManifestSpec.MarshalYAML signature
• siderolabs/talos@5d5280200 feat: add more hardware information to the link status resources
• siderolabs/talos@2ff6db749 chore: add Nedap Security Atlas as adopter
• siderolabs/talos@89cab200b chore: bump kubernetes to v1.24.0
• siderolabs/talos@09d16349f chore: refactor StaticPod and StaticPodStatus into typed.Resource
• siderolabs/talos@d2935f98c chore: refactor LinkRefresh and LinkStatus into typed.Resource
• siderolabs/talos@b52e0b9b9 fix: talosctl throws error if gen option and --input-dir flags are combined
• siderolabs/talos@0e15de3a8 docs: add adopters file
• siderolabs/talos@bb932c297 chore: bump containerd to v1.6.4
• siderolabs/talos@4eaaa2d59 chore: bump kernel to 5.15.37
• siderolabs/talos@89dde8f2c chore: refactor remaining resources into typed.Resource
• siderolabs/talos@bd089e702 chore: bump dependencies
• siderolabs/talos@3136334b9 docs: fix links in VMware documentation
• siderolabs/talos@403df0e18 docs: provide example on using config generation package
• siderolabs/talos@635192861 chore: redo pointer with github.com/siderolabs/go-pointer module
• siderolabs/talos@a269f740c docs: copy knowledge base to v1.0 docs
• siderolabs/talos@483201026 fix: return an error if there is no byte slice in ReadonlyProvider
• siderolabs/talos@6e7486f09 fix: allow graceful node shutdown to be overridden
• siderolabs/talos@867d38f28 feat: add bond slaves ordering
• siderolabs/talos@03ef62ad8 fix: include Go primitive types into unstructured deepcopy
• siderolabs/talos@f06e6acf2 chore: bump kernel to 5.15.36
• siderolabs/talos@c0d386abb fix: don't mount D-Bus socket via mount under recursive bind mount
• siderolabs/talos@9a8ff76df refactor: rewrite perf resource to use typed.Resource
• siderolabs/talos@71d04c4d5 refactor: rewrite runtime resources to use typed.Resource
• siderolabs/talos@7568d51fc fix: trigger CRI config merge on correct resource update
• siderolabs/talos@c456dbcb9 docs: remove references to init nodes
• siderolabs/talos@1973095d1 feat: update containerd to 1.6.3
• siderolabs/talos@b51292d88 docs: reformat config reference
• siderolabs/talos@c0709d970 feat: increase aio-max-nr and inotify.max_user_instances
• siderolabs/talos@85b328e99 refactor: convert secrets resources to use typed.Resource
• siderolabs/talos@e91350acd refactor: convert time & v1alpha1 resources to use typed.Resource
• siderolabs/talos@45464412e chore: bump dependencies
• siderolabs/talos@0af6b35a6 feat: update etcd to 3.5.4
• siderolabs/talos@7ad27751c docs: fix analytics and sitemap
• siderolabs/talos@55ff876dc chore: bump K8s Go modules to 1.24.0-rc.0
• siderolabs/talos@f1f43131f fix: strip 'v' prefix from versions on Kubernetes upgrade
• siderolabs/talos@ec621477b chore: tune QEMU disk provisioner options
• siderolabs/talos@b085343dc feat: use discovery information for etcd join (and other etcd calls)
• siderolabs/talos@2b03057b9 feat: implement a new mode try in the config manipulation commands
• siderolabs/talos@51a68c31f chore: allow mounting files from the host
• siderolabs/talos@f3e330a0a docs: fix network dependency
• siderolabs/talos@7ba39bd60 docs: clarify discovery service
• siderolabs/talos@8057d076a release(v1.1.0-alpha.1): prepare release
• siderolabs/talos@1d5c08e74 chore: bump kernel to 5.15.35
• siderolabs/talos@9bf23e516 feat: update Kubernetes to 1.24.0-rc.0
• siderolabs/talos@d78ed320b docs: fix the docs reference to star registry redirects
• siderolabs/talos@257dfb870 fix: run the 'post' stage of the service always
• siderolabs/talos@992e23023 fix: correctly handle stopping services with reverse dependencies
• siderolabs/talos@bb7a50bd5 docs: fix netlify redirects
• siderolabs/talos@486f79bc7 docs: fix netlify deploy url
• siderolabs/talos@e8cbedb05 docs: add canonical link ref
• siderolabs/talos@0fe4a7832 docs: improve latest-version banner
• siderolabs/talos@23984efcd fix: detect lingering mounts in the installer correctly
• siderolabs/talos@54dba925f chore: refactor network resource to use typed resource
• siderolabs/talos@4eb9f45cc refactor: split polymorphic K8sControlPlane into typed resources
• siderolabs/talos@68dfdd331 fix: provide logger to the etcd snapshot restore
• siderolabs/talos@f190403f0 docs: add how to get config after interactive setup
• siderolabs/talos@fac7b9466 docs: improve vip caveats documentation
• siderolabs/talos@250df9e67 docs: improve rook-ceph description
• siderolabs/talos@b5c1d868d docs: add talos/kubernetes config faq
• siderolabs/talos@39721ee93 chore: bump dependencies
• siderolabs/talos@610945774 chore: bump tools and pkgs
• siderolabs/talos@2b68c8b67 fix: enable long timestamps for xfs
• siderolabs/talos@be00d7749 chore: implement cluster resources using cosi typed resource
• siderolabs/talos@460d5ab13 docs: fix extension services alias
• siderolabs/talos@bbdfda2dd chore: xfs quota support in kernel
• siderolabs/talos@8ff8fc77f chore: enable rpi4 poe hat fan control
• siderolabs/talos@2b9722d1f feat: add dry-run flag in apply-config and edit commands
• siderolabs/talos@8af50fcd2 fix: correct cri package import path
• siderolabs/talos@ce09ede83 feat: update etcd to 3.5.3
• siderolabs/talos@13f41badd chore: bump kernel to 5.15.34
• siderolabs/talos@fa57b5d92 docs: reorganize documentation
• siderolabs/talos@a91eb9358 chore: bump deps
• siderolabs/talos@0aad0df2e refactor: remove String() for resource implementation
• siderolabs/talos@a4060513c feat: build Talos with support for x86-64-v2 microarchitecture
• siderolabs/talos@8faebd410 chore: bump tools and pkgs
• siderolabs/talos@8499b7e7d chore: bump dependencies
• siderolabs/talos@a7ba7ea67 feat: migrate to go 1.18
• siderolabs/talos@9dace93b5 feat: enable Pod Security Admission by default
• siderolabs/talos@c382cb8cd docs: update vmware docs
• siderolabs/talos@da0e638f0 docs: stableize tools versioning
• siderolabs/talos@f2d2267e7 docs: use template for netlify redirects
• siderolabs/talos@88f1d8fcc docs: update sitemap to point to direct url
• siderolabs/talos@a6eebee36 chore: update eudev
• siderolabs/talos@0cb84e8c1 fix: correctly parse tags out of images
• siderolabs/talos@17d09739f docs: enable nested arrow
• siderolabs/talos@1e4320b64 chore: add support for rockpi 4A and 4B
• siderolabs/talos@d1869d948 docs: update to Sidero Metal, mention clusterctl
• siderolabs/talos@18d0038ec fix: avoid panic in DHCPv6 operator on nil dereference
• siderolabs/talos@9e3d438db docs: fix code fence formatting
• siderolabs/talos@b3f1bb2cf fix: add support for FAT12/16 filesystems
• siderolabs/talos@8619f95c5 chore: bump dependencies
• siderolabs/talos@8c4f72004 docs: override sitemap.xml to only include latest results
• siderolabs/talos@5192ba4e2 docs: fix a typo in QEMU VM setup guide
• siderolabs/talos@663e3e879 refactor: change the stages for embed files generation
• siderolabs/talos@19bf12af0 fix: enable IPv6 in Docker-based Talos clusters
• siderolabs/talos@3889a5839 docs: update config.yaml, storage.md, digital-rebar.md
• siderolabs/talos@25d19131d release(v1.1.0-alpha.0): prepare release
• siderolabs/talos@2ca5279e5 fix: retry manifest updates in upgrade-k8s
• siderolabs/talos@eeb756168 feat: use kexec when resetting a node
• siderolabs/talos@1ed1f73e5 test: bump CAPI to 1.1.3
• siderolabs/talos@2ee1d2c72 feat: update Kuberentes to 1.24.0-beta.0
• siderolabs/talos@c26fa4ccc test: push GITHUB_TOKEN to the e2e-aws/gcp steps
• siderolabs/talos@95d900de7 feat: use kubeconfig env var
• siderolabs/talos@0b407dd17 feat: add dhcp-v6 NTP/DHCP-DUID
• siderolabs/talos@a140a6bad docs: update releases shortcode in upgrade guide
• siderolabs/talos@12931dced fix: align partitions on 1M boundary
• siderolabs/talos@37f868e37 fix: validate empty TLS config for registries
• siderolabs/talos@ca8b9c0a3 feat: update Kubernetes to 1.24.0-alpha.4
• siderolabs/talos@d9ec6b215 chore: drop dirty from abbreviated tag
• siderolabs/talos@08624fd0b docs: add banner to main page
• siderolabs/talos@fc23c7a59 test: bump versions for upgrade tests
• siderolabs/talos@4bfe68610 feat: update runc to 1.1.1
• siderolabs/talos@b315ed953 chore: use go:embed instead of ldflags
• siderolabs/talos@a5d64fc81 feat: update Flannel to 0.17.0
• siderolabs/talos@6d6eb3f6a docs: fork docs for 1.1
• siderolabs/talos@1d55f05d1 docs: update index page
• siderolabs/talos@ad6b7ec1a fix: enable etcd consistency on check startup
• siderolabs/talos@65a31f753 docs: re-add GA token
• siderolabs/talos@741c04832 docs: mark 1.0 docs as latest
• siderolabs/talos@e97433c8a docs: update jetson nano
• siderolabs/talos@6665e0f00 docs: code block copying
• siderolabs/talos@c41f2b216 docs: update whats-new-v1.0
• siderolabs/talos@0a36fbbf3 docs: add release notes for 1.0
• siderolabs/talos@bd0035f6a docs: add NVIDIA docs
• siderolabs/talos@efa3f2898 fix: correctly find partitions with config data (metal-iso)
• siderolabs/talos@9ebeec0d0 docs: fix incorrect path for talosconfig
• siderolabs/talos@9fef4540e docs: fix non-latest download links
• siderolabs/talos@f8ef6a081 docs: add rook ceph configuration guide
• siderolabs/talos@e2666f58f chore: bump kernel to 5.15.32
• siderolabs/talos@957b2f233 chore: bump dependencies
• siderolabs/talos@0fd2aa08b fix: correctly escape '.' in volume names
• siderolabs/talos@108fd03a7 fix: give up virtual IPs before the kubelet workloads are shut down
• siderolabs/talos@856e1333d fix: use 'localhost' endpoint in docker provisioner on Windows
• siderolabs/talos@c5da38609 docs: use variables and templates in the docs
• siderolabs/talos@4c83847b9 docs: target search results
• siderolabs/talos@67fb72d96 docs: add algolia versions to all content
• siderolabs/talos@5344d6e7c docs: fix extension service path dependency
• siderolabs/talos@9b9191c5e fix: increase intiial window and connection window sizes
• siderolabs/talos@7a88a0224 docs: show archived/pre-release banner based on version
• siderolabs/talos@e403470bf docs: filter algolia results by latest
• siderolabs/talos@0497d5f9f docs: tag latest docs for search
• siderolabs/talos@a25425483 feat: update containerd to 1.6.2, Linux to 5.15.31
• siderolabs/talos@9b6422fcc feat: update CoreDNS to 1.9.1
• siderolabs/talos@020856f80 docs: remove second search bar
• siderolabs/talos@5f27f4c63 docs: update asset links
• siderolabs/talos@9ff42b432 docs: fix redirects for /docs URLs
• siderolabs/talos@7283efd56 chore: update the talosctl CNI download url
• siderolabs/talos@e0eee7fcc test: use clusterctl.yaml overrides after org rename
• siderolabs/talos@73966f51e docs: fix extensions
• siderolabs/talos@f9766edb5 docs: remove empty doc file
• siderolabs/talos@e06e1473b feat: update golangci-lint to 1.45.0 and gofumpt to 0.3.0
• siderolabs/talos@a92c614b2 docs: add enterprise link to docs header
• siderolabs/talos@0ae7174ba docs: update search settings and redirects
• siderolabs/talos@883d401f9 chore: rename github organization to siderolabs
• siderolabs/talos@d1294d014 chore: add day-two tests for e2e-qemu
• siderolabs/talos@a6240e4b6 feat: update Linux to 5.15.30
• siderolabs/talos@e3fda049f docs: overhaul all the docs
• siderolabs/talos@f47750726 fix: the etcd recovery client and tests
• siderolabs/talos@69e07cddc fix: trigger properly udevd on types and actions
• siderolabs/talos@47d0e629d fix: clean up custom udev rules if the config is cleared
• siderolabs/talos@b6691b350 chore: bump dependencies
• siderolabs/talos@27af5d41c feat: pause the boot process on some failures instead of rebooting
• siderolabs/talos@58cb9db1e feat: allow hardlinks in the system extension images
• siderolabs/talos@1e982808f fix: ignore pod CIDRs for kubelet node IPs
• siderolabs/talos@5e0c80f61 fix: ignore connection reset errors on k8s upgrade
• siderolabs/talos@c156580a3 fix: split regular network operation configuration and virtual IP
• siderolabs/talos@cd4d4c605 feat: relax extensions file structure validation
• siderolabs/talos@50594ab1a fix: ignore terminated pods in pod health checks
• siderolabs/talos@9d69fb6b4 feat: update Kubernetes to 1.23.5
• siderolabs/talos@327ce5aba fix: invert the condition to skip kubelet kernel checks
• siderolabs/talos@cf85b3f07 docs: update cilium inline install
• siderolabs/talos@84ee1795d docs: update logo
• siderolabs/talos@cc7719c9d docs: improve comments in security proto
• siderolabs/talos@caf800fe8 feat: implement D-Bus systemd-compatible shutdown for kubelet
• siderolabs/talos@6bec08429 feat: add talosctl completions to copy, usage, logs, restart and service
• siderolabs/talos@355b1a4be fix: refresh etcd certs on startup/join
• siderolabs/talos@d256b5c5e docs: fix spelling mistakes
• siderolabs/talos@5fdedae20 chore: bump kernel to 5.15.28
• siderolabs/talos@18a21b5f2 chore: add dependency images-essential -> images
• siderolabs/talos@714e5eca6 chore: bump dependencies
• siderolabs/talos@58be4067e docs: update README.md
• siderolabs/talos@c5fb20930 docs: add loki note
• siderolabs/talos@f448cb4f3 feat: bump boot partition size to 1000 MiB
• siderolabs/talos@a095acb09 chore: fix equinixMetal platform name
• siderolabs/talos@2a7f9a445 fix: check for IPv6 before applying accept_ra
• siderolabs/talos@59681b8c9 fix: backport fixes from release-1.0 branch

Changes since v1.1.0-alpha.1

• siderolabs/talos@290f968fe release(v1.1.0-alpha.2): prepare release
• siderolabs/talos@a6e436582 feat: implement DeepCopy using code generation
• siderolabs/talos@91a49c4e7 fix: dhcpv6 leasetime segfault loop
• siderolabs/talos@afb679586 fix: reset certificate SANs on update
• siderolabs/talos@c87432fe1 fix: detect WSL for talosctl cluster create on Docker
• siderolabs/talos@166d2585c chore: bump kernel and runc
• siderolabs/talos@8d9b0cde0 chore: update deps to go 1.18.2
• siderolabs/talos@86741d998 fix: append hostname to cluster SANs when port is not specified
• siderolabs/talos@9885bbe17 docs: fix typos, edited for clarity
• siderolabs/talos@7fd1c80c3 fix: ignore failures to dial wireguard client
• siderolabs/talos@b8e7cdb70 docs: add vultr guide
• siderolabs/talos@c2be65b66 fix: openstack unable to parseIP
• siderolabs/talos@2ae0e3a56 test: add a test for version of Go Talos was built with
• siderolabs/talos@bef1a13fa docs: update latest Talos in 1.0 docs to 1.0.4
• siderolabs/talos@b52962c44 chore: bump dependencies
• siderolabs/talos@79ae76a6f fix: properly set allowSchedulingOnMasters in the interactive install
• siderolabs/talos@2b7e7d4dc feat: print the status of services during boot
• siderolabs/talos@802d4a23c fix: load kubelet system service in StartAllServices task
• siderolabs/talos@67019c434 fix: add source path for ovmf flash image
• siderolabs/talos@da7b24ba5 chore: bump kernel to 5.15.38
• siderolabs/talos@8ca8effd6 chore: add Equinix Managed Services NL to adopters
• siderolabs/talos@8bc97a30f fix: remove D-Bus sockets before listen attempts
• siderolabs/talos@54cfa039a fix: use json.Unmarshal instead of yaml.Unmarshal
• siderolabs/talos@6d30c4822 docs: update networking resource documentation
• siderolabs/talos@bc88de729 chore: bump coredns to v1.9.2
• siderolabs/talos@c6722b637 docs: when mentioning partitions, link to partition docs
• siderolabs/talos@b189e8426 chore: fix incorrect ManifestSpec.MarshalYAML signature
• siderolabs/talos@5d5280200 feat: add more hardware information to the link status resources
• siderolabs/talos@2ff6db749 chore: add Nedap Security Atlas as adopter
• siderolabs/talos@89cab200b chore: bump kubernetes to v1.24.0
• siderolabs/talos@09d16349f chore: refactor StaticPod and StaticPodStatus into typed.Resource
• siderolabs/talos@d2935f98c chore: refactor LinkRefresh and LinkStatus into typed.Resource
• siderolabs/talos@b52e0b9b9 fix: talosctl throws error if gen option and --input-dir flags are combined
• siderolabs/talos@0e15de3a8 docs: add adopters file
• siderolabs/talos@bb932c297 chore: bump containerd to v1.6.4
• siderolabs/talos@4eaaa2d59 chore: bump kernel to 5.15.37
• siderolabs/talos@89dde8f2c chore: refactor remaining resources into typed.Resource
• siderolabs/talos@bd089e702 chore: bump dependencies
• siderolabs/talos@3136334b9 docs: fix links in VMware documentation
• siderolabs/talos@403df0e18 docs: provide example on using config generation package
• siderolabs/talos@635192861 chore: redo pointer with github.com/siderolabs/go-pointer module
• siderolabs/talos@a269f740c docs: copy knowledge base to v1.0 docs
• siderolabs/talos@483201026 fix: return an error if there is no byte slice in ReadonlyProvider
• siderolabs/talos@6e7486f09 fix: allow graceful node shutdown to be overridden
• siderolabs/talos@867d38f28 feat: add bond slaves ordering
• siderolabs/talos@03ef62ad8 fix: include Go primitive types into unstructured deepcopy
• siderolabs/talos@f06e6acf2 chore: bump kernel to 5.15.36
• siderolabs/talos@c0d386abb fix: don't mount D-Bus socket via mount under recursive bind mount
• siderolabs/talos@9a8ff76df refactor: rewrite perf resource to use typed.Resource
• siderolabs/talos@71d04c4d5 refactor: rewrite runtime resources to use typed.Resource
• siderolabs/talos@7568d51fc fix: trigger CRI config merge on correct resource update
• siderolabs/talos@c456dbcb9 docs: remove references to init nodes
• siderolabs/talos@1973095d1 feat: update containerd to 1.6.3
• siderolabs/talos@b51292d88 docs: reformat config reference
• siderolabs/talos@c0709d970 feat: increase aio-max-nr and inotify.max_user_instances
• siderolabs/talos@85b328e99 refactor: convert secrets resources to use typed.Resource
• siderolabs/talos@e91350acd refactor: convert time & v1alpha1 resources to use typed.Resource
• siderolabs/talos@45464412e chore: bump dependencies
• siderolabs/talos@0af6b35a6 feat: update etcd to 3.5.4
• siderolabs/talos@7ad27751c docs: fix analytics and sitemap
• siderolabs/talos@55ff876dc chore: bump K8s Go modules to 1.24.0-rc.0
• siderolabs/talos@f1f43131f fix: strip 'v' prefix from versions on Kubernetes upgrade
• siderolabs/talos@ec621477b chore: tune QEMU disk provisioner options
• siderolabs/talos@b085343dc feat: use discovery information for etcd join (and other etcd calls)
• siderolabs/talos@2b03057b9 feat: implement a new mode try in the config manipulation commands
• siderolabs/talos@51a68c31f chore: allow mounting files from the host
• siderolabs/talos@f3e330a0a docs: fix network dependency
• siderolabs/talos@7ba39bd60 docs: clarify discovery service

Changes from siderolabs/extras

• siderolabs/extras@a77a6f4 chore: bump Go to 1.18.2
• siderolabs/extras@ac3b9a4 chore: bump pkgs
• siderolabs/extras@d4f8e88 chore: update references after org rename

Changes from siderolabs/go-pointer

• siderolabs/go-pointer@71ccdf0 chore: implement main functionality
• siderolabs/go-pointer@c1c3b23 Initial commit

Changes from siderolabs/pkgs

• siderolabs/pkgs@7add479 chore: bump kernel to 5.15.39
• siderolabs/pkgs@0886699 chore: bump runc to v1.1.2
• siderolabs/pkgs@dd06fa9 chore: bump nvidia drivers to 510.68.02
• siderolabs/pkgs@91bb939 chore: bump Go to 1.18.2
• siderolabs/pkgs@8bd8397 chore: bump kernel to 5.15.38
• siderolabs/pkgs@de96a44 chore: bump containerd to v1.6.4
• siderolabs/pkgs@45906c1 chore: bump ca-certificates to 2022-04-26
• siderolabs/pkgs@d847adc chore: bump kernel to 5.15.37
• siderolabs/pkgs@c4cfa72 chore: bump util-linux to 2.38
• siderolabs/pkgs@e22317d chore: bump tools
• siderolabs/pkgs@422ed8e chore: bump kernel to 5.15.36
• siderolabs/pkgs@1e833c6 chore: enable nvme hardware monitor
• siderolabs/pkgs@fe7c46f feat: update containerd to 1.6.3
• siderolabs/pkgs@95f4418 chore: bump kernel to 5.15.35
• siderolabs/pkgs@201af71 chore: bump tools and bldr
• siderolabs/pkgs@3de14d7 chore: enable xfs quota support
• siderolabs/pkgs@6955fd0 chore: bump raspberrypi-firmware to 1.20220331
• siderolabs/pkgs@5b498d8 chore: bump linux-firmware 20220401
• siderolabs/pkgs@9cda5c0 chore: bump kernel to 5.15.34
• siderolabs/pkgs@8b48af6 chore: bump tools
• siderolabs/pkgs@ff13660 chore: bump kernel to 5.15.33
• siderolabs/pkgs@415020f chore: bump eudev, remove non-relevant default rules
• siderolabs/pkgs@6691342 chore: add rockpi4c
• siderolabs/pkgs@5bd5fad chore: build u-boot spi image for rockpi
• siderolabs/pkgs@4dace49 fix: ipxe prompt arm64
• siderolabs/pkgs@6041fd7 chore: update to use latest tools (specifically go 1.18)
• siderolabs/pkgs@4b3e70e chore: upstream u-boot for jetson nano
• siderolabs/pkgs@cc1c8c7 feat: update runc to 1.1.1
• siderolabs/pkgs@3baf4e4 chore: enable random trust CPU
• siderolabs/pkgs@df31920 chore: disable sound
• siderolabs/pkgs@c27751b chore: bump nvidia drivers to 510.60.02
• siderolabs/pkgs@ba98e20 chore: bump kernel to 5.15.32
• siderolabs/pkgs@a76edfd feat: update containerd to 1.6.2
• siderolabs/pkgs@0c38670 chore: bump kernel to 5.15.31
• siderolabs/pkgs@bc4fb0c chore: org update
• siderolabs/pkgs@41f291d feat: update Flannel CNI to 1.0.1
• siderolabs/pkgs@58603ba chore: bump kernel to 5.15.30
• siderolabs/pkgs@d3bb262 chore: bump kernel to 5.15.29
• siderolabs/pkgs@76a24b5 chore: update openssl to 1.1.1n
• siderolabs/pkgs@490c7b7 chore: enable aarch64 NVIDIA drivers
• siderolabs/pkgs@b794b7a chore: bump linux-firmware to 20220310
• siderolabs/pkgs@acda207 chore: bump kernel to 5.15.28
• siderolabs/pkgs@e0fec11 chore: bump nvidia driver to 510.54
• siderolabs/pkgs@0407f05 chore: bump kernel to 5.15.27

Changes from siderolabs/tools

• siderolabs/tools@967ebd9 chore: bump curl to 7.83.1
• siderolabs/tools@e61f856 chore: bump go to 1.18.2
• siderolabs/tools@315890f chore: bump ca-certificates to 2022-04-26
• siderolabs/tools@a1d3530 chore: bump util-linux to 2.38
• siderolabs/tools@d229fe1 chore: update bldr
• siderolabs/tools@e9f123c chore: bump curl to 7.83.0
• siderolabs/tools@8473ef2 chore: bump git to 2.36.0
• siderolabs/tools@8c1f801 chore: bump coreutils to 9.1
• siderolabs/tools@533d5c9 chore: bump git to 2.35.2
• siderolabs/tools@a15cbee chore: bump go to 1.18.1
• siderolabs/tools@718ec10 chore: enable conform
• siderolabs/tools@a60a332 chore: bump xz and gzip
• siderolabs/tools@c8a3d4d chore: update go to 1.18
• siderolabs/tools@1684fdc chore: bump expat to 2.4.8
• siderolabs/tools@7f5e44c chore: bump zlib to 1.2.12
• siderolabs/tools@bfc99ca chore: rename org
• siderolabs/tools@99be089 chore: update openssl to 1.1.1n
• siderolabs/tools@b63872b chore: update golang to 1.17.8

Changes from talos-systems/go-blockdevice

• talos-systems/go-blockdevice@d9c3a27 feat: support probing FAT12/FAT16 filesystems
• talos-systems/go-blockdevice@b374eb4 fix: align partition to 1M boundary by default

Dependency Changes

• cloud.google.com/go/compute v1.5.0 -> v1.6.1
• github.com/BurntSushi/toml v1.0.0 -> v1.1.0
• github.com/aws/aws-sdk-go v1.43.8 -> v1.44.11
• github.com/containerd/containerd v1.6.2 -> v1.6.4
• github.com/containernetworking/cni v1.0.1 -> v1.1.0
• github.com/containernetworking/plugins v1.1.0 -> v1.1.1
• github.com/cosi-project/runtime 264f8fcd1a4f -> e22a85955e81
• github.com/docker/distribution v2.8.0 -> v2.8.1
• github.com/docker/docker v20.10.12 -> v20.10.15
• github.com/fsnotify/fsnotify v1.5.1 -> v1.5.4
• github.com/gdamore/tcell/v2 f057f0a857a1 -> v2.5.1
• github.com/google/go-cmp v0.5.7 -> v0.5.8
• github.com/google/nftables 211824995dcb -> eeaebcf55295
• github.com/hetznercloud/hcloud-go v1.33.1 -> v1.33.2
• github.com/insomniacslk/dhcp 3c283ff8b7dd -> 1ca156eafb9f
• github.com/jsimonetti/rtnetlink v1.1.0 -> v1.2.0
• github.com/mdlayher/netx 669a06fde734 -> c711c2f8512f
• github.com/opencontainers/image-spec v1.0.2 -> c5a74bcca799
• github.com/packethost/packngo v0.22.0 -> v0.24.0
• github.com/pelletier/go-toml v1.9.4 -> v1.9.5
• github.com/rivo/tview 96063d6082f3 -> 9994674d60a8
• github.com/rs/xid v1.3.0 -> v1.4.0
• github.com/siderolabs/extras v1.0.0 -> v1.1.0-alpha.0-2-ga77a6f4
• github.com/siderolabs/go-pointer v1.0.0 new
• github.com/siderolabs/pkgs v1.0.0-6-g7c293d5 -> v1.1.0-alpha.0-41-g7add479
• github.com/siderolabs/tools v1.0.0-1-g4c77d96 -> v1.1.0-alpha.0-17-g967ebd9
• github.com/spf13/cobra v1.3.0 -> v1.4.0
• github.com/spf13/pflag v1.0.5 new
• github.com/stretchr/testify v1.7.0 -> v1.7.1
• github.com/talos-systems/go-blockdevice v0.3.1 -> d9c3a2738861
• github.com/vishvananda/netlink 650dca95af54 -> v1.2.0-beta
• github.com/vmware-tanzu/sonobuoy v0.56.2 -> v0.56.5
• github.com/vmware/govmomi v0.27.4 -> v0.28.0
• github.com/vmware/vmw-guestinfo cc1fd90d572c -> 510905f0efa3
• go.etcd.io/etcd/api/v3 v3.5.2 -> v3.5.4
• go.etcd.io/etcd/client/pkg/v3 v3.5.2 -> v3.5.4
• go.etcd.io/etcd/client/v3 v3.5.2 -> v3.5.4
• go.etcd.io/etcd/etcdutl/v3 v3.5.2 -> v3.5.4
• golang.org/x/net 27dd8689420f -> 2871e0cb64e4
• golang.org/x/sys 4e6760a101f9 -> 988cb79eb6c6
• golang.org/x/term 03fcf44c2211 -> e5f449aeb171
• golang.org/x/time 0e9765cccd65 -> 583f2d630306
• golang.zx2c4.com/wireguard/wgctrl fde48d68ee68 -> 3d4a969bb56b
• google.golang.org/grpc v1.44.0 -> v1.46.0
• google.golang.org/protobuf v1.27.1 -> v1.28.0
• k8s.io/api v0.23.5 -> v0.24.0
• k8s.io/apimachinery v0.23.5 -> v0.24.0
• k8s.io/apiserver v0.23.5 -> v0.24.0
• k8s.io/client-go v0.23.5 -> v0.24.0
• k8s.io/component-base v0.23.5 -> v0.24.0
• k8s.io/cri-api v0.23.5 -> v0.24.0
• k8s.io/klog/v2 v2.60.1 new
• k8s.io/kubectl v0.23.5 -> v0.24.0
• k8s.io/kubelet v0.23.5 -> v0.24.0
• kernel.org/pub/linux/libs/security/libcap/cap v1.2.63 -> v1.2.64

Previous release can be found at v1.0.0

Images

ghcr.io/siderolabs/flannel:v0.17.0
ghcr.io/siderolabs/install-cni:v1.1.0-alpha.0-2-ga77a6f4
docker.io/coredns/coredns:1.9.2
gcr.io/etcd-development/etcd:v3.5.4
k8s.gcr.io/kube-apiserver:v1.24.0
k8s.gcr.io/kube-controller-manager:v1.24.0
k8s.gcr.io/kube-scheduler:v1.24.0
k8s.gcr.io/kube-proxy:v1.24.0
ghcr.io/siderolabs/kubelet:v1.24.0
ghcr.io/siderolabs/installer:v1.1.0-alpha.2
k8s.gcr.io/pause:3.6

Talos 1.0.4 (2022-04-29)

Welcome to the v1.0.4 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

• Linux: 5.15.36
• Kubernetes: 1.23.6

Contributors

• Andrey Smirnov
• Noel Georgi

Changes

• siderolabs/talos@f6696063e release(v1.0.4): prepare release
• siderolabs/talos@39979ac90 fix: allow graceful node shutdown to be overridden
• siderolabs/talos@78dab0182 fix: include Go primitive types into unstructured deepcopy
• siderolabs/talos@2a359d243 fix: don't mount D-Bus socket via mount under recursive bind mount
• siderolabs/talos@ebcf50442 fix: trigger CRI config merge on correct resource update
• siderolabs/talos@84c10017b fix: strip 'v' prefix from versions on Kubernetes upgrade
• siderolabs/talos@d5a823ab6 fix: run the 'post' stage of the service always
• siderolabs/talos@71991a9f6 fix: correctly handle stopping services with reverse dependencies
• siderolabs/talos@f881f2f11 fix: detect lingering mounts in the installer correctly
• siderolabs/talos@47ede0c74 chore: bump kernel to 5.15.36
• siderolabs/talos@bd3e77633 feat: update Kubernetes to 1.23.6
• siderolabs/talos@2c6de5fad chore: bump kernel to 5.15.35

Changes from siderolabs/pkgs

• siderolabs/pkgs@bf81bd2 chore: bump kernel to 5.15.36
• siderolabs/pkgs@da97b13 chore: bump kernel to 5.15.35

Dependency Changes

• github.com/siderolabs/pkgs v1.0.0-8-g76f8c5b -> v1.0.0-10-gbf81bd2
• k8s.io/api v0.23.5 -> v0.23.6
• k8s.io/apiserver v0.23.5 -> v0.23.6
• k8s.io/client-go v0.23.5 -> v0.23.6
• k8s.io/component-base v0.23.5 -> v0.23.6
• k8s.io/kubectl v0.23.5 -> v0.23.6
• k8s.io/kubelet v0.23.5 -> v0.23.6

Previous release can be found at v1.0.3

Images

quay.io/coreos/flannel:v0.15.1
ghcr.io/siderolabs/install-cni:v1.0.0-2-gc5d3ab0
docker.io/coredns/coredns:1.9.1
gcr.io/etcd-development/etcd:v3.5.3
k8s.gcr.io/kube-apiserver:v1.23.6
k8s.gcr.io/kube-controller-manager:v1.23.6
k8s.gcr.io/kube-scheduler:v1.23.6
k8s.gcr.io/kube-proxy:v1.23.6
ghcr.io/siderolabs/kubelet:v1.23.6
ghcr.io/siderolabs/installer:v1.0.4
k8s.gcr.io/pause:3.6

Talos 1.1.0-alpha.1 (2022-04-21)

Welcome to the v1.1.0-alpha.1 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Apply Config --dry-run

The commands talosctl apply-config, talosctl patch mc and talosctl edit mc now support --dry-run flag.
If enabled it just prints out the selected config application mode and the configuration diff.

IPv6 in Docker-based Talos Clusters

The command talosctl cluster create now enables IPv6 by default for the Docker containers
created for Talos nodes. This allows to use IPv6 addresses in Kubernetes networking.

If talosctl cluster create fails to work on Linux due to the lack of IPv6 support,
please use the flag --disable-docker-ipv6 to revert the change.

drop some default rules shipped by eudev

Drops some default eudev rules that doesn't make sense in the context of Talos OS.
Especially the ones around sound devices, cd-roms and renaming the network interfaces to be predictable

Pod Security Admission

Pod Security Admission controller is enabled by default with the following policy:

apiVersion: apiserver.config.k8s.io/v1
kind: AdmissionConfiguration
plugins:
- configuration:
    apiVersion: pod-security.admission.config.k8s.io/v1alpha1
    defaults:
      audit: restricted
      audit-version: latest
      enforce: baseline
      enforce-version: latest
      warn: restricted
      warn-version: latest
    exemptions:
      namespaces:
      - kube-system
      runtimeClasses: []
      usernames: []
    kind: PodSecurityConfiguration
  name: PodSecurity
  path: ""

The policy is part of the Talos machine configuration, and it can be modified to suite your needs.

Support RockPi 4 variants A and B

Talos now supports RockPi variants A and B in addition to RockPi 4C

Raspberry Pi PoE hat fan

Talos now enables the Raspberry Pi PoE fan control by pulling in the poe overlay that works with upstream kernel

Component Updates

• Linux: 5.15.35
• Kubernetes: 1.24.0-rc.0
• Flannel: 0.17.0
• runc: 1.1.1

Talos is built with Go 1.18.1.

x86-64 Architecture

Talos is built for x86-64 architecture with support for x86-64-v2 microarchitecture level,
so Talos no longer runs on processors supporting only baseline x86-64 microarchitecture (before 2009).

Contributors

• Andrey Smirnov
• Noel Georgi
• Tim Jones
• Spencer Smith
• Dmitriy Matrenichev
• Andrew Rynhard
• Artem Chernyshev
• Steve Francis
• Andrei Dobre
• Caleb Woodbine
• Daniel Höxtermann
• Jori Huisman
• Nico Berlee
• Serge Logvinov
• Seán C McCord
• Steve Francis
• Suraj Shirvankar
• Tim Jones
• Tomasz Zurkowski
• William Ashton

Changes

• siderolabs/talos@8057d076a release(v1.1.0-alpha.1): prepare release
• siderolabs/talos@1d5c08e74 chore: bump kernel to 5.15.35
• siderolabs/talos@9bf23e516 feat: update Kubernetes to 1.24.0-rc.0
• siderolabs/talos@d78ed320b docs: fix the docs reference to star registry redirects
• siderolabs/talos@257dfb870 fix: run the 'post' stage of the service always
• siderolabs/talos@992e23023 fix: correctly handle stopping services with reverse dependencies
• siderolabs/talos@bb7a50bd5 docs: fix netlify redirects
• siderolabs/talos@486f79bc7 docs: fix netlify deploy url
• siderolabs/talos@e8cbedb05 docs: add canonical link ref
• siderolabs/talos@0fe4a7832 docs: improve latest-version banner
• siderolabs/talos@23984efcd fix: detect lingering mounts in the installer correctly
• siderolabs/talos@54dba925f chore: refactor network resource to use typed resource
• siderolabs/talos@4eb9f45cc refactor: split polymorphic K8sControlPlane into typed resources
• siderolabs/talos@68dfdd331 fix: provide logger to the etcd snapshot restore
• siderolabs/talos@f190403f0 docs: add how to get config after interactive setup
• siderolabs/talos@fac7b9466 docs: improve vip caveats documentation
• siderolabs/talos@250df9e67 docs: improve rook-ceph description
• siderolabs/talos@b5c1d868d docs: add talos/kubernetes config faq
• siderolabs/talos@39721ee93 chore: bump dependencies
• siderolabs/talos@610945774 chore: bump tools and pkgs
• siderolabs/talos@2b68c8b67 fix: enable long timestamps for xfs
• siderolabs/talos@be00d7749 chore: implement cluster resources using cosi typed resource
• siderolabs/talos@460d5ab13 docs: fix extension services alias
• siderolabs/talos@bbdfda2dd chore: xfs quota support in kernel
• siderolabs/talos@8ff8fc77f chore: enable rpi4 poe hat fan control
• siderolabs/talos@2b9722d1f feat: add dry-run flag in apply-config and edit commands
• siderolabs/talos@8af50fcd2 fix: correct cri package import path
• siderolabs/talos@ce09ede83 feat: update etcd to 3.5.3
• siderolabs/talos@13f41badd chore: bump kernel to 5.15.34
• siderolabs/talos@fa57b5d92 docs: reorganize documentation
• siderolabs/talos@a91eb9358 chore: bump deps
• siderolabs/talos@0aad0df2e refactor: remove String() for resource implementation
• siderolabs/talos@a4060513c feat: build Talos with support for x86-64-v2 microarchitecture
• siderolabs/talos@8faebd410 chore: bump tools and pkgs
• siderolabs/talos@8499b7e7d chore: bump dependencies
• siderolabs/talos@a7ba7ea67 feat: migrate to go 1.18
• siderolabs/talos@9dace93b5 feat: enable Pod Security Admission by default
• siderolabs/talos@c382cb8cd docs: update vmware docs
• siderolabs/talos@da0e638f0 docs: stableize tools versioning
• siderolabs/talos@f2d2267e7 docs: use template for netlify redirects
• siderolabs/talos@88f1d8fcc docs: update sitemap to point to direct url
• siderolabs/talos@a6eebee36 chore: update eudev
• siderolabs/talos@0cb84e8c1 fix: correctly parse tags out of images
• siderolabs/talos@17d09739f docs: enable nested arrow
• siderolabs/talos@1e4320b64 chore: add support for rockpi 4A and 4B
• siderolabs/talos@d1869d948 docs: update to Sidero Metal, mention clusterctl
• siderolabs/talos@18d0038ec fix: avoid panic in DHCPv6 operator on nil dereference
• siderolabs/talos@9e3d438db docs: fix code fence formatting
• siderolabs/talos@b3f1bb2cf fix: add support for FAT12/16 filesystems
• siderolabs/talos@8619f95c5 chore: bump dependencies
• siderolabs/talos@8c4f72004 docs: override sitemap.xml to only include latest results
• siderolabs/talos@5192ba4e2 docs: fix a typo in QEMU VM setup guide
• siderolabs/talos@663e3e879 refactor: change the stages for embed files generation
• siderolabs/talos@19bf12af0 fix: enable IPv6 in Docker-based Talos clusters
• siderolabs/talos@3889a5839 docs: update config.yaml, storage.md, digital-rebar.md
• siderolabs/talos@25d19131d release(v1.1.0-alpha.0): prepare release
• siderolabs/talos@2ca5279e5 fix: retry manifest updates in upgrade-k8s
• siderolabs/talos@eeb756168 feat: use kexec when resetting a node
• siderolabs/talos@1ed1f73e5 test: bump CAPI to 1.1.3
• siderolabs/talos@2ee1d2c72 feat: update Kuberentes to 1.24.0-beta.0
• siderolabs/talos@c26fa4ccc test: push GITHUB_TOKEN to the e2e-aws/gcp steps
• siderolabs/talos@95d900de7 feat: use kubeconfig env var
• siderolabs/talos@0b407dd17 feat: add dhcp-v6 NTP/DHCP-DUID
• siderolabs/talos@a140a6bad docs: update releases shortcode in upgrade guide
• siderolabs/talos@12931dced fix: align partitions on 1M boundary
• siderolabs/talos@37f868e37 fix: validate empty TLS config for registries
• siderolabs/talos@ca8b9c0a3 feat: update Kubernetes to 1.24.0-alpha.4
• siderolabs/talos@d9ec6b215 chore: drop dirty from abbreviated tag
• siderolabs/talos@08624fd0b docs: add banner to main page
• siderolabs/talos@fc23c7a59 test: bump versions for upgrade tests
• siderolabs/talos@4bfe68610 feat: update runc to 1.1.1
• siderolabs/talos@b315ed953 chore: use go:embed instead of ldflags
• siderolabs/talos@a5d64fc81 feat: update Flannel to 0.17.0
• siderolabs/talos@6d6eb3f6a docs: fork docs for 1.1
• siderolabs/talos@1d55f05d1 docs: update index page
• siderolabs/talos@ad6b7ec1a fix: enable etcd consistency on check startup
• siderolabs/talos@65a31f753 docs: re-add GA token
• siderolabs/talos@741c04832 docs: mark 1.0 docs as latest
• siderolabs/talos@e97433c8a docs: update jetson nano
• siderolabs/talos@6665e0f00 docs: code block copying
• siderolabs/talos@c41f2b216 docs: update whats-new-v1.0
• siderolabs/talos@0a36fbbf3 docs: add release notes for 1.0
• siderolabs/talos@bd0035f6a docs: add NVIDIA docs
• siderolabs/talos@efa3f2898 fix: correctly find partitions with config data (metal-iso)
• siderolabs/talos@9ebeec0d0 docs: fix incorrect path for talosconfig
• siderolabs/talos@9fef4540e docs: fix non-latest download links
• siderolabs/talos@f8ef6a081 docs: add rook ceph configuration guide
• siderolabs/talos@e2666f58f chore: bump kernel to 5.15.32
• siderolabs/talos@957b2f233 chore: bump dependencies
• siderolabs/talos@0fd2aa08b fix: correctly escape '.' in volume names
• siderolabs/talos@108fd03a7 fix: give up virtual IPs before the kubelet workloads are shut down
• siderolabs/talos@856e1333d fix: use 'localhost' endpoint in docker provisioner on Windows
• siderolabs/talos@c5da38609 docs: use variables and templates in the docs
• siderolabs/talos@4c83847b9 docs: target search results
• siderolabs/talos@67fb72d96 docs: add algolia versions to all content
• siderolabs/talos@5344d6e7c docs: fix extension service path dependency
• siderolabs/talos@9b9191c5e fix: increase intiial window and connection window sizes
• siderolabs/talos@7a88a0224 docs: show archived/pre-release banner based on version
• siderolabs/talos@e403470bf docs: filter algolia results by latest
• siderolabs/talos@0497d5f9f docs: tag latest docs for search
• siderolabs/talos@a25425483 feat: update containerd to 1.6.2, Linux to 5.15.31
• siderolabs/talos@9b6422fcc feat: update CoreDNS to 1.9.1
• siderolabs/talos@020856f80 docs: remove second search bar
• siderolabs/talos@5f27f4c63 docs: update asset links
• siderolabs/talos@9ff42b432 docs: fix redirects for /docs URLs
• siderolabs/talos@7283efd56 chore: update the talosctl CNI download url
• siderolabs/talos@e0eee7fcc test: use clusterctl.yaml overrides after org rename
• siderolabs/talos@73966f51e docs: fix extensions
• siderolabs/talos@f9766edb5 docs: remove empty doc file
• siderolabs/talos@e06e1473b feat: update golangci-lint to 1.45.0 and gofumpt to 0.3.0
• siderolabs/talos@a92c614b2 docs: add enterprise link to docs header
• siderolabs/talos@0ae7174ba docs: update search settings and redirects
• siderolabs/talos@883d401f9 chore: rename github organization to siderolabs
• siderolabs/talos@d1294d014 chore: add day-two tests for e2e-qemu
• siderolabs/talos@a6240e4b6 feat: update Linux to 5.15.30
• siderolabs/talos@e3fda049f docs: overhaul all the docs
• siderolabs/talos@f47750726 fix: the etcd recovery client and tests
• siderolabs/talos@69e07cddc fix: trigger properly udevd on types and actions
• siderolabs/talos@47d0e629d fix: clean up custom udev rules if the config is cleared
• siderolabs/talos@b6691b350 chore: bump dependencies
• siderolabs/talos@27af5d41c feat: pause the boot process on some failures instead of rebooting
• siderolabs/talos@58cb9db1e feat: allow hardlinks in the system extension images
• siderolabs/talos@1e982808f fix: ignore pod CIDRs for kubelet node IPs
• siderolabs/talos@5e0c80f61 fix: ignore connection reset errors on k8s upgrade
• siderolabs/talos@c156580a3 fix: split regular network operation configuration and virtual IP
• siderolabs/talos@cd4d4c605 feat: relax extensions file structure validation
• siderolabs/talos@50594ab1a fix: ignore terminated pods in pod health checks
• siderolabs/talos@9d69fb6b4 feat: update Kubernetes to 1.23.5
• siderolabs/talos@327ce5aba fix: invert the condition to skip kubelet kernel checks
• siderolabs/talos@cf85b3f07 docs: update cilium inline install
• siderolabs/talos@84ee1795d docs: update logo
• siderolabs/talos@cc7719c9d docs: improve comments in security proto
• siderolabs/talos@caf800fe8 feat: implement D-Bus systemd-compatible shutdown for kubelet
• siderolabs/talos@6bec08429 feat: add talosctl completions to copy, usage, logs, restart and service
• siderolabs/talos@355b1a4be fix: refresh etcd certs on startup/join
• siderolabs/talos@d256b5c5e docs: fix spelling mistakes
• siderolabs/talos@5fdedae20 chore: bump kernel to 5.15.28
• siderolabs/talos@18a21b5f2 chore: add dependency images-essential -> images
• siderolabs/talos@714e5eca6 chore: bump dependencies
• siderolabs/talos@58be4067e docs: update README.md
• siderolabs/talos@c5fb20930 docs: add loki note
• siderolabs/talos@f448cb4f3 feat: bump boot partition size to 1000 MiB
• siderolabs/talos@a095acb09 chore: fix equinixMetal platform name
• siderolabs/talos@2a7f9a445 fix: check for IPv6 before applying accept_ra
• siderolabs/talos@59681b8c9 fix: backport fixes from release-1.0 branch

Changes since v1.1.0-alpha.0

• siderolabs/talos@8057d076a release(v1.1.0-alpha.1): prepare release
• siderolabs/talos@1d5c08e74 chore: bump kernel to 5.15.35
• siderolabs/talos@9bf23e516 feat: update Kubernetes to 1.24.0-rc.0
• siderolabs/talos@d78ed320b docs: fix the docs reference to star registry redirects
• siderolabs/talos@257dfb870 fix: run the 'post' stage of the service always
• siderolabs/talos@992e23023 fix: correctly handle stopping services with reverse dependencies
• siderolabs/talos@bb7a50bd5 docs: fix netlify redirects
• siderolabs/talos@486f79bc7 docs: fix netlify deploy url
• siderolabs/talos@e8cbedb05 docs: add canonical link ref
• siderolabs/talos@0fe4a7832 docs: improve latest-version banner
• siderolabs/talos@23984efcd fix: detect lingering mounts in the installer correctly
• siderolabs/talos@54dba925f chore: refactor network resource to use typed resource
• siderolabs/talos@4eb9f45cc refactor: split polymorphic K8sControlPlane into typed resources
• siderolabs/talos@68dfdd331 fix: provide logger to the etcd snapshot restore
• siderolabs/talos@f190403f0 docs: add how to get config after interactive setup
• siderolabs/talos@fac7b9466 docs: improve vip caveats documentation
• siderolabs/talos@250df9e67 docs: improve rook-ceph description
• siderolabs/talos@b5c1d868d docs: add talos/kubernetes config faq
• siderolabs/talos@39721ee93 chore: bump dependencies
• siderolabs/talos@610945774 chore: bump tools and pkgs
• siderolabs/talos@2b68c8b67 fix: enable long timestamps for xfs
• siderolabs/talos@be00d7749 chore: implement cluster resources using cosi typed resource
• siderolabs/talos@460d5ab13 docs: fix extension services alias
• siderolabs/talos@bbdfda2dd chore: xfs quota support in kernel
• siderolabs/talos@8ff8fc77f chore: enable rpi4 poe hat fan control
• siderolabs/talos@2b9722d1f feat: add dry-run flag in apply-config and edit commands
• siderolabs/talos@8af50fcd2 fix: correct cri package import path
• siderolabs/talos@ce09ede83 feat: update etcd to 3.5.3
• siderolabs/talos@13f41badd chore: bump kernel to 5.15.34
• siderolabs/talos@fa57b5d92 docs: reorganize documentation
• siderolabs/talos@a91eb9358 chore: bump deps
• siderolabs/talos@0aad0df2e refactor: remove String() for resource implementation
• siderolabs/talos@a4060513c feat: build Talos with support for x86-64-v2 microarchitecture
• siderolabs/talos@8faebd410 chore: bump tools and pkgs
• siderolabs/talos@8499b7e7d chore: bump dependencies
• siderolabs/talos@a7ba7ea67 feat: migrate to go 1.18
• siderolabs/talos@9dace93b5 feat: enable Pod Security Admission by default
• siderolabs/talos@c382cb8cd docs: update vmware docs
• siderolabs/talos@da0e638f0 docs: stableize tools versioning
• siderolabs/talos@f2d2267e7 docs: use template for netlify redirects
• siderolabs/talos@88f1d8fcc docs: update sitemap to point to direct url
• siderolabs/talos@a6eebee36 chore: update eudev
• siderolabs/talos@0cb84e8c1 fix: correctly parse tags out of images
• siderolabs/talos@17d09739f docs: enable nested arrow
• siderolabs/talos@1e4320b64 chore: add support for rockpi 4A and 4B
• siderolabs/talos@d1869d948 docs: update to Sidero Metal, mention clusterctl
• siderolabs/talos@18d0038ec fix: avoid panic in DHCPv6 operator on nil dereference
• siderolabs/talos@9e3d438db docs: fix code fence formatting
• siderolabs/talos@b3f1bb2cf fix: add support for FAT12/16 filesystems
• siderolabs/talos@8619f95c5 chore: bump dependencies
• siderolabs/talos@8c4f72004 docs: override sitemap.xml to only include latest results
• siderolabs/talos@5192ba4e2 docs: fix a typo in QEMU VM setup guide
• siderolabs/talos@663e3e879 refactor: change the stages for embed files generation
• siderolabs/talos@19bf12af0 fix: enable IPv6 in Docker-based Talos clusters
• siderolabs/talos@3889a5839 docs: update config.yaml, storage.md, digital-rebar.md

Changes from siderolabs/extras

• siderolabs/extras@ac3b9a4 chore: bump pkgs
• siderolabs/extras@d4f8e88 chore: update references after org rename

Changes from siderolabs/pkgs

• siderolabs/pkgs@95f4418 chore: bump kernel to 5.15.35
• siderolabs/pkgs@201af71 chore: bump tools and bldr
• siderolabs/pkgs@3de14d7 chore: enable xfs quota support
• siderolabs/pkgs@6955fd0 chore: bump raspberrypi-firmware to 1.20220331
• siderolabs/pkgs@5b498d8 chore: bump linux-firmware 20220401
• siderolabs/pkgs@9cda5c0 chore: bump kernel to 5.15.34
• siderolabs/pkgs@8b48af6 chore: bump tools
• siderolabs/pkgs@ff13660 chore: bump kernel to 5.15.33
• siderolabs/pkgs@415020f chore: bump eudev, remove non-relevant default rules
• siderolabs/pkgs@6691342 chore: add rockpi4c
• siderolabs/pkgs@5bd5fad chore: build u-boot spi image for rockpi
• siderolabs/pkgs@4dace49 fix: ipxe prompt arm64
• siderolabs/pkgs@6041fd7 chore: update to use latest tools (specifically go 1.18)
• siderolabs/pkgs@4b3e70e chore: upstream u-boot for jetson nano
• siderolabs/pkgs@cc1c8c7 feat: update runc to 1.1.1
• siderolabs/pkgs@3baf4e4 chore: enable random trust CPU
• siderolabs/pkgs@df31920 chore: disable sound
• siderolabs/pkgs@c27751b chore: bump nvidia drivers to 510.60.02
• siderolabs/pkgs@ba98e20 chore: bump kernel to 5.15.32
• siderolabs/pkgs@a76edfd feat: update containerd to 1.6.2
• siderolabs/pkgs@0c38670 chore: bump kernel to 5.15.31
• siderolabs/pkgs@bc4fb0c chore: org update
• siderolabs/pkgs@41f291d feat: update Flannel CNI to 1.0.1
• siderolabs/pkgs@58603ba chore: bump kernel to 5.15.30
• siderolabs/pkgs@d3bb262 chore: bump kernel to 5.15.29
• siderolabs/pkgs@76a24b5 chore: update openssl to 1.1.1n
• siderolabs/pkgs@490c7b7 chore: enable aarch64 NVIDIA drivers
• siderolabs/pkgs@b794b7a chore: bump linux-firmware to 20220310
• siderolabs/pkgs@acda207 chore: bump kernel to 5.15.28
• siderolabs/pkgs@e0fec11 chore: bump nvidia driver to 510.54
• siderolabs/pkgs@0407f05 chore: bump kernel to 5.15.27

Changes from siderolabs/tools

• siderolabs/tools@8c1f801 chore: bump coreutils to 9.1
• siderolabs/tools@533d5c9 chore: bump git to 2.35.2
• siderolabs/tools@a15cbee chore: bump go to 1.18.1
• siderolabs/tools@718ec10 chore: enable conform
• siderolabs/tools@a60a332 chore: bump xz and gzip
• siderolabs/tools@c8a3d4d chore: update go to 1.18
• siderolabs/tools@1684fdc chore: bump expat to 2.4.8
• siderolabs/tools@7f5e44c chore: bump zlib to 1.2.12
• siderolabs/tools@bfc99ca chore: rename org
• siderolabs/tools@99be089 chore: update openssl to 1.1.1n
• siderolabs/tools@b63872b chore: update golang to 1.17.8

Changes from talos-systems/go-blockdevice

• talos-systems/go-blockdevice@d9c3a27 feat: support probing FAT12/FAT16 filesystems
• talos-systems/go-blockdevice@b374eb4 fix: align partition to 1M boundary by default

Dependency Changes

• cloud.google.com/go/compute v1.5.0 -> v1.6.0
• github.com/BurntSushi/toml v1.0.0 -> v1.1.0
• github.com/aws/aws-sdk-go v1.43.8 -> v1.43.41
• github.com/containernetworking/plugins v1.1.0 -> v1.1.1
• github.com/cosi-project/runtime 264f8fcd1a4f -> 639b4a2e6120
• github.com/docker/distribution v2.8.0 -> v2.8.1
• github.com/docker/docker v20.10.12 -> v20.10.14
• github.com/gdamore/tcell/v2 f057f0a857a1 -> v2.5.1
• github.com/google/nftables 211824995dcb -> 950e408d48c6
• github.com/insomniacslk/dhcp 3c283ff8b7dd -> 12fbdcb11b41
• github.com/jsimonetti/rtnetlink v1.1.0 -> v1.2.0
• github.com/rivo/tview 96063d6082f3 -> 9994674d60a8
• github.com/rs/xid v1.3.0 -> v1.4.0
• github.com/siderolabs/extras v1.0.0 -> v1.1.0-alpha.0-1-gac3b9a4
• github.com/siderolabs/pkgs v1.0.0-6-g7c293d5 -> v1.1.0-alpha.0-28-g95f4418
• github.com/siderolabs/tools v1.0.0-1-g4c77d96 -> v1.1.0-alpha.0-10-g8c1f801
• github.com/spf13/cobra v1.3.0 -> v1.4.0
• github.com/stretchr/testify v1.7.0 -> v1.7.1
• github.com/talos-systems/go-blockdevice v0.3.1 -> d9c3a2738861
• github.com/vishvananda/netlink 650dca95af54 -> v1.2.0-beta
• github.com/vmware-tanzu/sonobuoy v0.56.2 -> v0.56.4
• github.com/vmware/vmw-guestinfo cc1fd90d572c -> 510905f0efa3
• go.etcd.io/etcd/api/v3 v3.5.2 -> v3.5.3
• go.etcd.io/etcd/client/pkg/v3 v3.5.2 -> v3.5.3
• go.etcd.io/etcd/client/v3 v3.5.2 -> v3.5.3
• go.etcd.io/etcd/etcdutl/v3 v3.5.2 -> v3.5.3
• golang.org/x/net 27dd8689420f -> 290c469a71a5
• golang.org/x/sys 4e6760a101f9 -> 33da011f77ad
• golang.org/x/term 03fcf44c2211 -> e5f449aeb171
• golang.org/x/time 0e9765cccd65 -> 583f2d630306
• golang.zx2c4.com/wireguard/wgctrl fde48d68ee68 -> fec8f2be4827
• google.golang.org/grpc v1.44.0 -> v1.45.0
• google.golang.org/protobuf v1.27.1 -> v1.28.0
• k8s.io/api v0.23.5 -> v0.24.0-beta.0
• k8s.io/apimachinery v0.23.5 -> v0.24.0-beta.0
• k8s.io/apiserver v0.23.5 -> v0.24.0-beta.0
• k8s.io/client-go v0.23.5 -> v0.24.0-beta.0
• k8s.io/component-base v0.23.5 -> v0.24.0-beta.0
• k8s.io/cri-api v0.23.5 -> v0.24.0-beta.0
• k8s.io/kubectl v0.23.5 -> v0.24.0-beta.0
• k8s.io/kubelet v0.23.5 -> v0.24.0-beta.0
• kernel.org/pub/linux/libs/security/libcap/cap v1.2.63 -> v1.2.64

Previous release can be found at v1.0.0

Images

ghcr.io/siderolabs/flannel:v0.17.0
ghcr.io/siderolabs/install-cni:v1.1.0-alpha.0-1-gac3b9a4
docker.io/coredns/coredns:1.9.1
gcr.io/etcd-development/etcd:v3.5.3
k8s.gcr.io/kube-apiserver:v1.24.0-rc.0
k8s.gcr.io/kube-controller-manager:v1.24.0-rc.0
k8s.gcr.io/kube-scheduler:v1.24.0-rc.0
k8s.gcr.io/kube-proxy:v1.24.0-rc.0
ghcr.io/siderolabs/kubelet:v1.24.0-rc.0
ghcr.io/siderolabs/installer:v1.1.0-alpha.1
k8s.gcr.io/pause:3.6

Talos 1.0.3 (2022-04-19)

Welcome to the v1.0.3 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

• Linux: 5.15.34
• etcd: 3.5.3

Contributors

• Andrey Smirnov
• Noel Georgi

Changes

• siderolabs/talos@689c6e54b release(v1.0.3): prepare release
• siderolabs/talos@989367f93 fix: provide logger to the etcd snapshot restore
• siderolabs/talos@d4c88b3de feat: update etcd to 3.5.3
• siderolabs/talos@ac50a42c8 fix: correct cri package import path
• siderolabs/talos@0fce96866 chore: update release.toml
• siderolabs/talos@826decf6c chore: bump kernel to 5.15.34

Changes from siderolabs/pkgs

• siderolabs/pkgs@76f8c5b chore: bump kernel to 5.15.34

Dependency Changes

• github.com/siderolabs/pkgs v1.0.0-7-ge6eb485 -> v1.0.0-8-g76f8c5b
• go.etcd.io/etcd/api/v3 v3.5.2 -> v3.5.3
• go.etcd.io/etcd/client/pkg/v3 v3.5.2 -> v3.5.3
• go.etcd.io/etcd/client/v3 v3.5.2 -> v3.5.3
• go.etcd.io/etcd/etcdutl/v3 v3.5.2 -> v3.5.3

Previous release can be found at v1.0.2

Images

quay.io/coreos/flannel:v0.15.1
ghcr.io/siderolabs/install-cni:v1.0.0-2-gc5d3ab0
docker.io/coredns/coredns:1.9.1
gcr.io/etcd-development/etcd:v3.5.3
k8s.gcr.io/kube-apiserver:v1.23.5
k8s.gcr.io/kube-controller-manager:v1.23.5
k8s.gcr.io/kube-scheduler:v1.23.5
k8s.gcr.io/kube-proxy:v1.23.5
ghcr.io/siderolabs/kubelet:v1.23.5
ghcr.io/siderolabs/installer:v1.0.3
k8s.gcr.io/pause:3.6

Talos 1.0.2 (2022-04-13)

Welcome to the v1.0.2 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

Talos is built with Go 1.17.9.

Contributors

• Andrey Smirnov
• Noel Georgi

Changes

• siderolabs/talos@e5f5c6c00 release(v1.0.2): prepare release
• siderolabs/talos@aae68c92f fix: avoid panic in DHCPv6 operator on nil dereference
• siderolabs/talos@36f60ea70 fix: correctly parse tags out of images
• siderolabs/talos@05b40075a chore: update Go to 1.17.9

Changes from siderolabs/extras

• siderolabs/extras@c5d3ab0 chore: rename organization
• siderolabs/extras@61a6b5f feat: update pkgs for Go 1.17.9

Changes from siderolabs/pkgs

• siderolabs/pkgs@e6eb485 feat: update Go to 1.17.9

Changes from siderolabs/tools

• siderolabs/tools@a8fb702 chore: rename org
• siderolabs/tools@5a97af0 chore: bump go to 1.17.9

Dependency Changes

• github.com/siderolabs/extras v1.0.0 -> v1.0.0-2-gc5d3ab0
• github.com/siderolabs/pkgs v1.0.0-6-g7c293d5 -> v1.0.0-7-ge6eb485
• github.com/siderolabs/tools v1.0.0-1-g4c77d96 -> v1.0.0-3-ga8fb702

Previous release can be found at v1.0.1

Images

quay.io/coreos/flannel:v0.15.1
ghcr.io/siderolabs/install-cni:v1.0.0-2-gc5d3ab0
docker.io/coredns/coredns:1.9.1
gcr.io/etcd-development/etcd:v3.5.2
k8s.gcr.io/kube-apiserver:v1.23.5
k8s.gcr.io/kube-controller-manager:v1.23.5
k8s.gcr.io/kube-scheduler:v1.23.5
k8s.gcr.io/kube-proxy:v1.23.5
ghcr.io/siderolabs/kubelet:v1.23.5
ghcr.io/siderolabs/installer:v1.0.2
k8s.gcr.io/pause:3.2

Talos 1.0.1 (2022-04-04)

Welcome to the v1.0.1 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

IPv6 in Docker-based Talos Clusters

The command talosctl cluster create now enables IPv6 by default for the Docker containers
created for Talos nodes. This allows to use IPv6 addresses in Kubernetes networking.

If talosctl cluster create fails to work on Linux due to the lack of IPv6 support,
please use the flag --disable-docker-ipv6 to revert the change.

Contributors

• Andrey Smirnov
• Noel Georgi

Changes

• siderolabs/talos@65d872edf release(v1.0.1): prepare release
• siderolabs/talos@4d9baa450 fix: enable IPv6 in Docker-based Talos clusters
• siderolabs/talos@3bad0e5a4 fix: retry manifest updates in upgrade-k8s
• siderolabs/talos@686e77cef test: push GITHUB_TOKEN to the e2e-aws/gcp steps
• siderolabs/talos@119eecfe7 fix: validate empty TLS config for registries
• siderolabs/talos@41c48a68e fix: enable etcd consistency on check startup

Dependency Changes

This release has no dependency changes

Previous release can be found at v1.0.0

Images

quay.io/coreos/flannel:v0.15.1
ghcr.io/siderolabs/install-cni:v1.0.0
docker.io/coredns/coredns:1.9.1
gcr.io/etcd-development/etcd:v3.5.2
k8s.gcr.io/kube-apiserver:v1.23.5
k8s.gcr.io/kube-controller-manager:v1.23.5
k8s.gcr.io/kube-scheduler:v1.23.5
k8s.gcr.io/kube-proxy:v1.23.5
ghcr.io/siderolabs/kubelet:v1.23.5
ghcr.io/siderolabs/installer:v1.0.1
k8s.gcr.io/pause:3.2

Talos 1.1.0-alpha.0 (2022-04-01)

Welcome to the v1.1.0-alpha.0 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

• Kubernetes: 1.24.0-beta.0
• Flannel: 0.17.0
• runc: 1.1.1

Contributors

• Andrey Smirnov
• Noel Georgi
• Spencer Smith
• Tim Jones
• Andrew Rynhard
• Dmitriy Matrenichev
• Steve Francis
• Artem Chernyshev
• Caleb Woodbine
• Daniel Höxtermann
• Jori Huisman
• Nico Berlee
• Serge Logvinov
• Seán C McCord
• Suraj Shirvankar
• Tomasz Zurkowski

Changes

• siderolabs/talos@25d19131d release(v1.1.0-alpha.0): prepare release
• siderolabs/talos@2ca5279e5 fix: retry manifest updates in upgrade-k8s
• siderolabs/talos@eeb756168 feat: use kexec when resetting a node
• siderolabs/talos@1ed1f73e5 test: bump CAPI to 1.1.3
• siderolabs/talos@2ee1d2c72 feat: update Kuberentes to 1.24.0-beta.0
• siderolabs/talos@c26fa4ccc test: push GITHUB_TOKEN to the e2e-aws/gcp steps
• siderolabs/talos@95d900de7 feat: use kubeconfig env var
• siderolabs/talos@0b407dd17 feat: add dhcp-v6 NTP/DHCP-DUID
• siderolabs/talos@a140a6bad docs: update releases shortcode in upgrade guide
• siderolabs/talos@12931dced fix: align partitions on 1M boundary
• siderolabs/talos@37f868e37 fix: validate empty TLS config for registries
• siderolabs/talos@ca8b9c0a3 feat: update Kubernetes to 1.24.0-alpha.4
• siderolabs/talos@d9ec6b215 chore: drop dirty from abbreviated tag
• siderolabs/talos@08624fd0b docs: add banner to main page
• siderolabs/talos@fc23c7a59 test: bump versions for upgrade tests
• siderolabs/talos@4bfe68610 feat: update runc to 1.1.1
• siderolabs/talos@b315ed953 chore: use go:embed instead of ldflags
• siderolabs/talos@a5d64fc81 feat: update Flannel to 0.17.0
• siderolabs/talos@6d6eb3f6a docs: fork docs for 1.1
• siderolabs/talos@1d55f05d1 docs: update index page
• siderolabs/talos@ad6b7ec1a fix: enable etcd consistency on check startup
• siderolabs/talos@65a31f753 docs: re-add GA token
• siderolabs/talos@741c04832 docs: mark 1.0 docs as latest
• siderolabs/talos@e97433c8a docs: update jetson nano
• siderolabs/talos@6665e0f00 docs: code block copying
• siderolabs/talos@c41f2b216 docs: update whats-new-v1.0
• siderolabs/talos@0a36fbbf3 docs: add release notes for 1.0
• siderolabs/talos@bd0035f6a docs: add NVIDIA docs
• siderolabs/talos@efa3f2898 fix: correctly find partitions with config data (metal-iso)
• siderolabs/talos@9ebeec0d0 docs: fix incorrect path for talosconfig
• siderolabs/talos@9fef4540e docs: fix non-latest download links
• siderolabs/talos@f8ef6a081 docs: add rook ceph configuration guide
• siderolabs/talos@e2666f58f chore: bump kernel to 5.15.32
• siderolabs/talos@957b2f233 chore: bump dependencies
• siderolabs/talos@0fd2aa08b fix: correctly escape '.' in volume names
• siderolabs/talos@108fd03a7 fix: give up virtual IPs before the kubelet workloads are shut down
• siderolabs/talos@856e1333d fix: use 'localhost' endpoint in docker provisioner on Windows
• siderolabs/talos@c5da38609 docs: use variables and templates in the docs
• siderolabs/talos@4c83847b9 docs: target search results
• siderolabs/talos@67fb72d96 docs: add algolia versions to all content
• siderolabs/talos@5344d6e7c docs: fix extension service path dependency
• siderolabs/talos@9b9191c5e fix: increase intiial window and connection window sizes
• siderolabs/talos@7a88a0224 docs: show archived/pre-release banner based on version
• siderolabs/talos@e403470bf docs: filter algolia results by latest
• siderolabs/talos@0497d5f9f docs: tag latest docs for search
• siderolabs/talos@a25425483 feat: update containerd to 1.6.2, Linux to 5.15.31
• siderolabs/talos@9b6422fcc feat: update CoreDNS to 1.9.1
• siderolabs/talos@020856f80 docs: remove second search bar
• siderolabs/talos@5f27f4c63 docs: update asset links
• siderolabs/talos@9ff42b432 docs: fix redirects for /docs URLs
• siderolabs/talos@7283efd56 chore: update the talosctl CNI download url
• siderolabs/talos@e0eee7fcc test: use clusterctl.yaml overrides after org rename
• siderolabs/talos@73966f51e docs: fix extensions
• siderolabs/talos@f9766edb5 docs: remove empty doc file
• siderolabs/talos@e06e1473b feat: update golangci-lint to 1.45.0 and gofumpt to 0.3.0
• siderolabs/talos@a92c614b2 docs: add enterprise link to docs header
• siderolabs/talos@0ae7174ba docs: update search settings and redirects
• siderolabs/talos@883d401f9 chore: rename github organization to siderolabs
• siderolabs/talos@d1294d014 chore: add day-two tests for e2e-qemu
• siderolabs/talos@a6240e4b6 feat: update Linux to 5.15.30
• siderolabs/talos@e3fda049f docs: overhaul all the docs
• siderolabs/talos@f47750726 fix: the etcd recovery client and tests
• siderolabs/talos@69e07cddc fix: trigger properly udevd on types and actions
• siderolabs/talos@47d0e629d fix: clean up custom udev rules if the config is cleared
• siderolabs/talos@b6691b350 chore: bump dependencies
• siderolabs/talos@27af5d41c feat: pause the boot process on some failures instead of rebooting
• siderolabs/talos@58cb9db1e feat: allow hardlinks in the system extension images
• siderolabs/talos@1e982808f fix: ignore pod CIDRs for kubelet node IPs
• siderolabs/talos@5e0c80f61 fix: ignore connection reset errors on k8s upgrade
• siderolabs/talos@c156580a3 fix: split regular network operation configuration and virtual IP
• siderolabs/talos@cd4d4c605 feat: relax extensions file structure validation
• siderolabs/talos@50594ab1a fix: ignore terminated pods in pod health checks
• siderolabs/talos@9d69fb6b4 feat: update Kubernetes to 1.23.5
• siderolabs/talos@327ce5aba fix: invert the condition to skip kubelet kernel checks
• siderolabs/talos@cf85b3f07 docs: update cilium inline install
• siderolabs/talos@84ee1795d docs: update logo
• siderolabs/talos@cc7719c9d docs: improve comments in security proto
• siderolabs/talos@caf800fe8 feat: implement D-Bus systemd-compatible shutdown for kubelet
• siderolabs/talos@6bec08429 feat: add talosctl completions to copy, usage, logs, restart and service
• siderolabs/talos@355b1a4be fix: refresh etcd certs on startup/join
• siderolabs/talos@d256b5c5e docs: fix spelling mistakes
• siderolabs/talos@5fdedae20 chore: bump kernel to 5.15.28
• siderolabs/talos@18a21b5f2 chore: add dependency images-essential -> images
• siderolabs/talos@714e5eca6 chore: bump dependencies
• siderolabs/talos@58be4067e docs: update README.md
• siderolabs/talos@c5fb20930 docs: add loki note
• siderolabs/talos@f448cb4f3 feat: bump boot partition size to 1000 MiB
• siderolabs/talos@a095acb09 chore: fix equinixMetal platform name
• siderolabs/talos@2a7f9a445 fix: check for IPv6 before applying accept_ra
• siderolabs/talos@59681b8c9 fix: backport fixes from release-1.0 branch

Changes from siderolabs/extras

• siderolabs/extras@d4f8e88 chore: update references after org rename

Changes from siderolabs/pkgs

• siderolabs/pkgs@4b3e70e chore: upstream u-boot for jetson nano
• siderolabs/pkgs@cc1c8c7 feat: update runc to 1.1.1
• siderolabs/pkgs@3baf4e4 chore: enable random trust CPU
• siderolabs/pkgs@df31920 chore: disable sound
• siderolabs/pkgs@c27751b chore: bump nvidia drivers to 510.60.02
• siderolabs/pkgs@ba98e20 chore: bump kernel to 5.15.32
• siderolabs/pkgs@a76edfd feat: update containerd to 1.6.2
• siderolabs/pkgs@0c38670 chore: bump kernel to 5.15.31
• siderolabs/pkgs@bc4fb0c chore: org update
• siderolabs/pkgs@41f291d feat: update Flannel CNI to 1.0.1
• siderolabs/pkgs@58603ba chore: bump kernel to 5.15.30
• siderolabs/pkgs@d3bb262 chore: bump kernel to 5.15.29
• siderolabs/pkgs@76a24b5 chore: update openssl to 1.1.1n
• siderolabs/pkgs@490c7b7 chore: enable aarch64 NVIDIA drivers
• siderolabs/pkgs@b794b7a chore: bump linux-firmware to 20220310
• siderolabs/pkgs@acda207 chore: bump kernel to 5.15.28
• siderolabs/pkgs@e0fec11 chore: bump nvidia driver to 510.54
• siderolabs/pkgs@0407f05 chore: bump kernel to 5.15.27

Changes from siderolabs/tools

• siderolabs/tools@99be089 chore: update openssl to 1.1.1n
• siderolabs/tools@b63872b chore: update golang to 1.17.8

Changes from talos-systems/go-blockdevice

• talos-systems/go-blockdevice@b374eb4 fix: align partition to 1M boundary by default

Dependency Changes

• github.com/aws/aws-sdk-go v1.43.8 -> v1.43.26
• github.com/containernetworking/plugins v1.1.0 -> v1.1.1
• github.com/docker/distribution v2.8.0 -> v2.8.1
• github.com/docker/docker v20.10.12 -> v20.10.14
• github.com/jsimonetti/rtnetlink v1.1.0 -> v1.1.1
• github.com/rivo/tview 96063d6082f3 -> 9994674d60a8
• github.com/rs/xid v1.3.0 -> v1.4.0
• github.com/siderolabs/extras v1.0.0 -> v1.1.0-alpha.0
• github.com/siderolabs/pkgs v1.0.0-6-g7c293d5 -> v1.1.0-alpha.0-15-g4b3e70e
• github.com/siderolabs/tools v1.0.0-1-g4c77d96 -> v1.1.0-alpha.0-1-g99be089
• github.com/spf13/cobra v1.3.0 -> v1.4.0
• github.com/stretchr/testify v1.7.0 -> v1.7.1
• github.com/talos-systems/go-blockdevice v0.3.1 -> b374eb48148d
• github.com/vmware-tanzu/sonobuoy v0.56.2 -> v0.56.3
• github.com/vmware/vmw-guestinfo cc1fd90d572c -> 510905f0efa3
• golang.org/x/net 27dd8689420f -> de3da57026de
• golang.org/x/sys 4e6760a101f9 -> 530d0810a4d0
• golang.zx2c4.com/wireguard/wgctrl fde48d68ee68 -> 056925b7df31
• google.golang.org/grpc v1.44.0 -> v1.45.0
• google.golang.org/protobuf v1.27.1 -> v1.28.0
• k8s.io/api v0.23.5 -> v0.24.0-beta.0
• k8s.io/apimachinery v0.23.5 -> v0.24.0-beta.0
• k8s.io/apiserver v0.23.5 -> v0.24.0-beta.0
• k8s.io/client-go v0.23.5 -> v0.24.0-beta.0
• k8s.io/component-base v0.23.5 -> v0.24.0-beta.0
• k8s.io/cri-api v0.23.5 -> v0.24.0-beta.0
• k8s.io/kubectl v0.23.5 -> v0.24.0-beta.0
• k8s.io/kubelet v0.23.5 -> v0.24.0-beta.0

Previous release can be found at v1.0.0

Images

ghcr.io/siderolabs/flannel:v0.17.0
ghcr.io/siderolabs/install-cni:v1.1.0-alpha.0
docker.io/coredns/coredns:1.9.1
gcr.io/etcd-development/etcd:v3.5.2
k8s.gcr.io/kube-apiserver:v1.24.0-beta.0
k8s.gcr.io/kube-controller-manager:v1.24.0-beta.0
k8s.gcr.io/kube-scheduler:v1.24.0-beta.0
k8s.gcr.io/kube-proxy:v1.24.0-beta.0
ghcr.io/siderolabs/kubelet:v1.24.0-beta.0
ghcr.io/siderolabs/installer:v1.1.0-alpha.0
k8s.gcr.io/pause:3.2

Talos 1.0.0 (2022-03-29)

Welcome to the v1.0.0 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

GitHub Organization Change

Talos Linux and other repositories were migrated from the talos-systems GitHub organization
to the siderolabs organization (github.com/talos-systems -> github.com/siderolabs).

Existing Talos Linux container images (installer, talos, etc.) are mirrored across both organizations,
but please use the new organization name going forward.

For example, when upgrading Talos use ghcr.io/siderolabs instead of ghcr.io/talos-systems:

talosctl upgrade --image ghcr.io/siderolabs/installer:v1.0.0

Admission Plugin Configuration

Talos now supports Kubernetes API server admission plugin configuration via the .cluster.apiServer.admissionControl machine configuration field.

This configuration can be used to enable Pod Security Admission plugin and
define cluster-wide default Pod Security Standards.

Apply Config Enhancements

talosctl apply/patch/edit cli commands got revamped.
Separate flags --on-reboot, --immediate, --interactive were replaced
with a single --mode flag that can take the following values:

• auto new mode that automatically applies the configuration in immediate/reboot mode.
• no-reboot force apply immediately, if not possible, then fail.
• reboot force reboot with apply config.
• staged write new machine configuration to STATE, but don't apply it (it will be applied after a reboot).
• interactive starts interactive installer, only for apply.

API Server Audit Logs

kube-apiserver is now configured to store its audit logs separately from the kube-apiserver standard logs and directly to file.
The kube-apiserver will maintain the rotation and retirement of these logs, which are stored in /var/log/audit/.
Previously, the audit logs were sent to kube-apiserver's stdout, along with the rest of its logs, to be collected in the usual manner by Kubernetes.

Equinix Metal Platform

talos.platform for Equinix Metal is renamed from packet to equinixMetal, the older name is still supported for backwards compatibility.

Extension Services

Talos now provides a way to extend set of system services Talos runs with extension services.
Extension services should be included in the Talos root filesystem (e.g. via system extensions).

NVIDIA GPU alpha support

Talos now has alpha support for NVIDIA GPU based workloads.
Check the NVIDA GPU support guide at https://www.talos.dev/v1.0/guides/nvidia-gpu/

Pinned Kubernetes Version

Command talosctl gen config now defaults to Kubernetes version pinning in the generate machine configuration.
Previously default was to omit explicit Kubernetes version, so Talos picked up the default version it was built against.
Old behavior can be achieved by specifying empty flag value: --kubernetes-version=.

Kernel Parameters

Talos now supports setting bond interface from Kernel cmdline using the bond= option.
Reference: https://man7.org/linux/man-pages/man7/dracut.cmdline.7.html

Kubelet

Kubelet configuration can now be overridden with the .machine.kubelet.extraConfig machine configuration field.
As most of the kubelet command line arguments are being deprecated, it is recommended to migrate to extraConfig
instead of using extraArgs.

A number of conformance tweaks have been made to the kubelet to allow it to run without
protectKernelDefaults.
This includes both kubelet configuration options and sysctls.
Of particular note is that Talos now sets the kernel.panic reboot interval to 10s instead of 1s.
If your kubelet fails to start after the upgrade, please check the kubelet logs to determine the problem.

Talos now performs graceful kubelet shutdown by default on node reboot/shutdown.
Default shutdown timeouts: 20s for regular priority pods and 10s for critical priority pods.
Timeouts can be overridden with the .machine.kubelet.extraConfig machine configuration key:
shutdownGracePeriod and shutdownGracePeriodCriticalPods.

Machine Configuration

Talos now preserves machine configuration as it was submitted to the node.

Machine Configuration Patching

talosctl commands which accept JSON patches (gen config, cluster create, patch machineconfig) now support multiple patches, loading patches
from files with @file.json syntax, and support loading from YAML format.

Platform Support

Talos now supports Oracle Cloud.

Platform network configuration was rewritten to avoid modifying Talos machine configuration.
Network configuration is performed independent of the machine configuration presence, so it works
even if Talos is booted in maintenance mode (without machine configuration is platform userdata).

Pod Security Policy

Pod Security Policy Kubernetes feature is deprecated and is going to be removed in Kubernetes 1.25.
Talos by default skips setting up PSP now (see machine configuration .cluster.apiServer.disablePodSecurityPolicy).

SBC Support

Talos now supports Jetson Nano SBC.

Static Pods in the Machine Configuration

Talos now accepts static pod definitions in the .machine.pods key of the machine configuration.
Please note that static pod definitions are not validated by Talos.
Static pod definitions can be updated without a node reboot.

Sysfs Kernel Parameters

Talos now supports setting sysfs kernel parameters (/sys/...).
Use machine configuration field .machine.sysfs to set sysfs kernel parameters.

System Extensions

System extensions allow extending Talos root filesystem, which enables a set of different features, including custom
container runtimes, additional firmware, etc.

System extensions are only activated during Talos installation (or upgrade), and with system extensions installed, Talos
root filesystem is still immutable and read-only.

Please see extensions repository and documentation for more information.

Component Updates

• Linux: 5.15.32
• Kubernetes: 1.23.5
• CoreDNS: 1.9.1
• etcd: 3.5.2
• containerd: 1.6.2
• runc: 1.1.0

Talos is built with Go 1.17.8

Wipe System Kernel Parameter

Added new kernel parameter talos.experimental.wipe=system which can help resetting system disk for the machine
and start over with a fresh installation.
See Resetting a Machine on how to use it.

Contributors

• Andrey Smirnov
• Noel Georgi
• Serge Logvinov
• Seán C McCord
• Artem Chernyshev
• Spencer Smith
• Steve Francis
• Florian Klink
• Andrey Smirnov
• Andrew Rynhard
• Anthony Rabbito
• Bernard Sébastien
• Charlie Haley
• Eric Wohltman
• Jori Huisman
• Matt Layher
• Niklas Metje
• Philipp Sauter
• Shahar Naveh
• Tim Jones
• Utku Ozdemir
• nebulait

Changes

• siderolabs/talos@80167fd23 release(v1.0.0): prepare release
• siderolabs/talos@f2e031ccb docs: update release notes
• siderolabs/talos@7bcd15c08 fix: correctly find partitions with config data (metal-iso)
• siderolabs/talos@9cf5d3e48 fix: correctly escape '.' in volume names
• siderolabs/talos@f822f6896 fix: give up virtual IPs before the kubelet workloads are shut down
• siderolabs/talos@5ded170a1 fix: use 'localhost' endpoint in docker provisioner on Windows
• siderolabs/talos@d491a4e13 chore: bump kernel to 5.15.32
• siderolabs/talos@7e386357b release(v1.0.0-beta.3): prepare release
• siderolabs/talos@eb6822ab4 feat: update containerd to 1.6.2, Linux to 5.15.31
• siderolabs/talos@c8f5523ee chore: update the talosctl CNI download url
• siderolabs/talos@698c0e488 feat: update CoreDNS to 1.9.1
• siderolabs/talos@cc986136b test: use clusterctl.yaml overrides after org rename
• siderolabs/talos@411dd1994 chore: rename github organization to siderolabs
• siderolabs/talos@7ad030a0b fix: the etcd recovery client and tests
• siderolabs/talos@4adae5e4a fix: trigger properly udevd on types and actions
• siderolabs/talos@6c0f8c704 fix: clean up custom udev rules if the config is cleared
• siderolabs/talos@65dad2488 feat: update Linux to 5.15.30
• siderolabs/talos@d31fed839 release(v1.0.0-beta.2): prepare release
• siderolabs/talos@4a2e65a74 feat: pause the boot process on some failures instead of rebooting
• siderolabs/talos@b6d71d49e fix: ignore connection reset errors on k8s upgrade
• siderolabs/talos@4557d01b0 feat: allow hardlinks in the system extension images
• siderolabs/talos@5bfc16cfe fix: ignore pod CIDRs for kubelet node IPs
• siderolabs/talos@cb97369e5 fix: split regular network operation configuration and virtual IP
• siderolabs/talos@cb61e5953 fix: ignore terminated pods in pod health checks
• siderolabs/talos@974f02e2d feat: update Kubernetes to 1.23.5
• siderolabs/talos@426921a6b fix: invert the condition to skip kubelet kernel checks
• siderolabs/talos@a60575984 feat: relax extensions file structure validation
• siderolabs/talos@eb16019eb fix: refresh etcd certs on startup/join
• siderolabs/talos@11e435a69 chore: add dependency images-essential -> images
• siderolabs/talos@4f142cc4e feat: implement D-Bus systemd-compatible shutdown for kubelet
• siderolabs/talos@3345cde26 chore: bump kernel to 5.15.28
• siderolabs/talos@602e049d9 release(v1.0.0-beta.1): prepare release
• siderolabs/talos@06647da34 chore: fix equinixMetal platform name
• siderolabs/talos@7e31e7d8f feat: bump boot partition size to 1000 MiB
• siderolabs/talos@83d7aebe1 fix: check for IPv6 before applying accept_ra
• siderolabs/talos@d785204aa chore: disable one commit per PR
• siderolabs/talos@f7ad1b982 release(v1.0.0-beta.0): prepare release
• siderolabs/talos@0aa23cb32 feat: update pkgs to 1.0 versions, Go 1.17.8
• siderolabs/talos@dc8e9ed4a feat: bond interfaces from kernel cmdline
• siderolabs/talos@947c77b60 docs: update cilium inline install
• siderolabs/talos@654472005 chore: update talos-systems modules to released version
• siderolabs/talos@77158a61f chore: rename v0.15 to v1.0
• siderolabs/talos@22a4d6b3e feat: update containerd to 1.6.1
• siderolabs/talos@a50747a64 fix: align list and diskusage command flags with their Linux analogs
• siderolabs/talos@d29e9202f chore: remove iSCSI packages from the rootfs image
• siderolabs/talos@09efa62f6 chore: re-enable kexec and default to UEFI booting in tests
• siderolabs/talos@8975a56eb docs: fix typo in release notes
• siderolabs/talos@61461de63 feat: define resource reservation
• siderolabs/talos@7ddc7f605 feat: support specifying env vars for control plane pods
• siderolabs/talos@7c1924a3a docs: update cilium docs
• siderolabs/talos@7b33ffbd8 chore: update pkgs and extras
• siderolabs/talos@c5992c2bf chore: bump dependencies
• siderolabs/talos@de69ab790 fix: scaleway network config
• siderolabs/talos@f81fb9f7c feat: implement sysfs
• siderolabs/talos@79d9720a3 fix: set route to metaserver for scaleway platform
• siderolabs/talos@eb40b9254 feat: add a way to override kubelet configuration via machine config
• siderolabs/talos@dc2371547 chore: update packet to equinix
• siderolabs/talos@7917b1aca feat: support admission control configuration and Pod Security admission
• siderolabs/talos@45feb72a4 feat: fluent-bit example
• siderolabs/talos@9b0b5501d docs: add katacoda link
• siderolabs/talos@b2bf3117f feat: implement extension services
• siderolabs/talos@063a9e165 test: pre-fetch CLI tools
• siderolabs/talos@d749643e7 feat: download metadata on Scaleway using low source port
• siderolabs/talos@1800b4c70 chore: fix kernel reference errata
• siderolabs/talos@743a03002 chore: bump github.com/mdlayher/arp@latest
• siderolabs/talos@614adf0ff feat: update xfsprogs to 5.14.2, replace LibreSSL with OpenSSL
• siderolabs/talos@28c3b495d docs: updates to troubleshooting doc
• siderolabs/talos@673fe2ebf feat: disable PSP by default for Talos >= 0.15
• siderolabs/talos@4d419a007 feat: store audit logs to disk
• siderolabs/talos@8ef3d85bc chore: bump dependencies
• siderolabs/talos@8a634d564 chore: bump tools, pkgs, extras
• siderolabs/talos@f40b480bd chore: expand Cilium deployment docs
• siderolabs/talos@3ba8eb00d docs: design concepts page
• siderolabs/talos@a5fb271ac feat: enable protectKernelDefaults in kubelet_spec
• siderolabs/talos@b7a1e0431 chore: don't append initrd= to the kernel command line
• siderolabs/talos@4d5cd6653 feat: add new grub parser and descriptive grub menu entries
• siderolabs/talos@6ccfdbaf1 fix: avoid replacing default gRPC codec in machinery
• siderolabs/talos@0fe34b358 feat: update Kubernetes to 1.23.4
• siderolabs/talos@95a564ba2 fix: prefer logical on merging link specs
• siderolabs/talos@8b7091a06 fix: correct vultr interface IP calculation
• siderolabs/talos@5a0fd63c8 fix: determine openstack interface IP correctly
• siderolabs/talos@00ccaf13f feat: update CoreDNS to 1.9.0
• siderolabs/talos@a9a47b755 feat: update containerd to 1.6.0
• siderolabs/talos@961067e8b docs: update getting-started.md
• siderolabs/talos@bddd53fc4 chore: bump dependencies
• siderolabs/talos@f1a93d28f release(v0.15.0-alpha.2): prepare release
• siderolabs/talos@1e9f0ad4c feat: update Go to 1.17.7, Linux to 5.15.23
• siderolabs/talos@fef99892d chore: pin kubernetes version to talosctl gen config
• siderolabs/talos@bcf928134 feat: udev extensions support
• siderolabs/talos@47619f832 docs: update system extensions guide with grammar fixes
• siderolabs/talos@2bcceb6e4 chore: disable TIPC and B.A.T.M.A.N
• siderolabs/talos@c6bca1b33 docs: add guide on system extensions
• siderolabs/talos@492b156da feat: implement static pods via machine configuration
• siderolabs/talos@6fadfa8db fix: parse properly IPv6 address in the cmdline ip= arg
• siderolabs/talos@d991f3982 chore: update the kernel with IGC driver enabled
• siderolabs/talos@cbc9610be feat: sysctl system optimization
• siderolabs/talos@8b6d6220d fix: parse interface ip correctly (nocloud)
• siderolabs/talos@54632b1be docs: fix developing Talos docs
• siderolabs/talos@0da370dfe test: unlock CABPT/CACPPT provider versions
• siderolabs/talos@df0e388a4 feat: extract firmware part of system extensions into initramfs
• siderolabs/talos@8899dd349 chore: add json-tags for SecretsBundle
• siderolabs/talos@4f391cd5c chore: bump kernel to 5.15.22
• siderolabs/talos@6bd07406e feat: disable reboots via kexec
• siderolabs/talos@1e3f2f952 fix: validate kubelet node IP subnets correctly
• siderolabs/talos@d211bff47 feat: enable accept_ra when IPv6 forwarding
• siderolabs/talos@930205831 chore: update kernel to 5.15.21
• siderolabs/talos@c7186ed08 chore: bump dependencies
• siderolabs/talos@9ee470f95 feat: set /etc/localtime to UTC
• siderolabs/talos@c34768367 fix: disable auto-tls for etcd
• siderolabs/talos@9bffc7e8d fix: pass proper sequence to shutdown sequence on ACPI shutdown
• siderolabs/talos@e47387e41 chore: bump CAPI to 1.0.4
• siderolabs/talos@5462f5ed1 feat: update etcd to 3.5.2
• siderolabs/talos@f6fa12e53 docs: update upgrading Talos, Kubernetes, and Docker guides
• siderolabs/talos@5484579c1 feat: allow link scope routes in the machine config
• siderolabs/talos@56b83b087 feat: enable persistence for docker provider
• siderolabs/talos@949464e4b fix: use leaf certificate in the apid RBAC check
• siderolabs/talos@446972f21 chore: bump kernel to 5.15.19
• siderolabs/talos@fe40e7b1b feat: drain node on shutdown
• siderolabs/talos@7f0b3aae0 feat: add multiple config patches, patches from files, YAML support
• siderolabs/talos@202290be7 docs: update Kubernetes upgrade video
• siderolabs/talos@036644f7a chore: bump kernel to 5.15.18
• siderolabs/talos@dcde2c4f6 chore: update k8s upgrade message
• siderolabs/talos@1c949335c docs: add documentation for Hyper-V
• siderolabs/talos@7f9790912 fix: clean up containerd state on installer run/validate
• siderolabs/talos@8b98d8eb3 docs: clarify Filebeat example
• siderolabs/talos@74c03120c docs: replace Talos upgrades video
• siderolabs/talos@65e64d425 chore: update kernel to stable 5.15.17
• siderolabs/talos@4245f72d3 feat: add --extra-uefi-search-paths option
• siderolabs/talos@7ffeb6c2e docs: update oracle cloud example
• siderolabs/talos@151c9df09 chore: add CSI tests for e2e-qemu
• siderolabs/talos@cdb621c82 feat: provide a way to list installed system extensions
• siderolabs/talos@abfb25812 feat: share /lib/firmware across initramfs and rootfs
• siderolabs/talos@ebec5d4a0 feat: support full disk path in the diskSelector
• siderolabs/talos@831f65a07 fix: close client provider instead of Talos client in the upgrade module
• siderolabs/talos@0bf161dff test: add integration test for system extensions
• siderolabs/talos@7b3962745 fix: handle 404 errors from AWS IMDS correctly
• siderolabs/talos@85782faa2 feat: update Kubernetes to 1.23.3
• siderolabs/talos@c5e5922e5 chore: bump dependencies
• siderolabs/talos@b3c3ef29b feat: install system extensions
• siderolabs/talos@a0889600f chore: fix golangci-lint install
• siderolabs/talos@a50c42980 fix: use #!/usr/bin/env bash as shebang instead of #!/bin/bash
• siderolabs/talos@4464b725c fix: qemu: always use runtime.GOARCH for CNI bundle
• siderolabs/talos@e7379c81b release(v0.15.0-alpha.1): prepare release
• siderolabs/talos@58eb3600f fix: enforce reasonable TLS min tls-min-version
• siderolabs/talos@b8d4c5dfa fix: use correct error in kernel_param_spec Modify call handling
• siderolabs/talos@4961d6867 docs: drop talos.interface kernel arg
• siderolabs/talos@b1e61fa5b chore: update Linux to 5.15.16
• siderolabs/talos@d4b844593 feat: support CRI configuration merging and reimplement registry config
• siderolabs/talos@f94c8c6e1 feat: update Kubernetes to 1.23.2
• siderolabs/talos@21f497b3e feat: install readonly overlay mounts during talos chroot sequence
• siderolabs/talos@9ad5a67d2 feat: inject platform network configuration as network resources
• siderolabs/talos@907f8cbfb docs: fix patch flag
• siderolabs/talos@caa434426 docs: add documentation on developing Talos
• siderolabs/talos@16eeb6776 docs: readme updates
• siderolabs/talos@3c0737027 chore: update release notes
• siderolabs/talos@6d8bea5d5 feat: jetson nano SoC
• siderolabs/talos@1d8955ebe feat: update CoreDNS to 1.8.7
• siderolabs/talos@6af83afd5 fix: handle multiple-IP cluster nodes
• siderolabs/talos@43b2d8137 chore: bump dependencies
• siderolabs/talos@529e80f4f docs: update home page and footer
• siderolabs/talos@37630e70c Update twitter link
• siderolabs/talos@af440919b fix: avoid panic in config loading/validation
• siderolabs/talos@4b8e9de59 docs: add guide on adding proprietary kernel modules
• siderolabs/talos@833dc4169 docs: rework vmware assets
• siderolabs/talos@2869b5eea feat: add oraclecloud.com platform support
• siderolabs/talos@f3ec24beb fix: vmware documentation typo
• siderolabs/talos@2f2bdb26a feat: replace flags with --mode in apply, edit and patch commands
• siderolabs/talos@b09be2a69 docs: update index.md and sync across versions
• siderolabs/talos@ca65b918a docs: add nocloud documentation
• siderolabs/talos@59437d6d8 fix: filter down nameservers for docker-based cluster create
• siderolabs/talos@194eaa6f2 chore: clean up /usr/bin from unneeded files
• siderolabs/talos@74e727240 docs: update office office
• siderolabs/talos@539af338c docs: update vmware docs
• siderolabs/talos@279a3fda7 feat: update Go to 1.17.6, containerd to 1.5.9
• siderolabs/talos@3d3088941 chore: bump Go dependencies
• siderolabs/talos@d02d944ec chore: provide umarshal from YAML methods for network resource specs
• siderolabs/talos@2e735714d fix: derive machine-id from node identity
• siderolabs/talos@d8a2721e1 test: update CAPI components to latest
• siderolabs/talos@7dff8a53e fix: ignore missing init.yaml for cluster create
• siderolabs/talos@f4516c7d8 chore: bump dependencies
• siderolabs/talos@944f13221 chore: fix release pipeline
• siderolabs/talos@cb548a368 release(v0.15.0-alpha.0): prepare release
• siderolabs/talos@da0b36e61 feat: introduce talos.exp.wipe kernel param to wipe system disk
• siderolabs/talos@c079eb32b refactor: use AWS SDK to access AWS metadata service
• siderolabs/talos@2f4b9d8d6 feat: make machine configuration read-only in Talos (almost)
• siderolabs/talos@524f83d3d feat: use official Go SDK to fetch GCP instance metadata
• siderolabs/talos@d2a7e082c test: retry in discovery tests
• siderolabs/talos@f4219e530 chore: remove unused methods in AWS platform
• siderolabs/talos@35bc2940e fix: kexec on RPI4
• siderolabs/talos@f235cfbae fix: multiple usability fixes
• siderolabs/talos@b3fbb2f31 test: don't build all images in the default CI pipeline
• siderolabs/talos@dac550a50 docs: fix troubleshooting guide
• siderolabs/talos@83e8bec6b feat: update Linux to 5.15.11
• siderolabs/talos@d5a82b37e feat: remove ApplyDynamicConfig
• siderolabs/talos@3623da136 feat: provide a way to load Linux kernel modules
• siderolabs/talos@4d1514add docs: update Mayastor deployment process
• siderolabs/talos@cff1ff6d5 feat: shell completion for list, read
• siderolabs/talos@19728437e feat: output IPs when etcd needs to be bootstrapped
• siderolabs/talos@c297d66a1 test: attempt number on two on proper retries in CLI time tests
• siderolabs/talos@dc299da9e docs: add arm64 option to talosctl download
• siderolabs/talos@f49f40a33 fix: pass path to conformance retrieve results
• siderolabs/talos@942c8074f docs: fork docs for 0.15
• siderolabs/talos@880a7782c docs: update documentation for 0.14.0 release
• siderolabs/talos@dc9a0cfe9 chore: bump Go dependencies
• siderolabs/talos@773496935 fix: config apply immediate
• siderolabs/talos@17c147488 test: retry talosctl time call in the tests
• siderolabs/talos@acf1ac0f1 feat: show human-readable aliases in talosctl get rd
• siderolabs/talos@5532867b0 refactor: rewrite the implementation of Processes API
• siderolabs/talos@80350861a feat: update Kubernetes to 1.23.1
• siderolabs/talos@4c96e936e docs: add cilium guide
• siderolabs/talos@e3f2acb5e refactor: rewrite the check for unknown keys in the machine configuration
• siderolabs/talos@4175396a8 refactor: use update go-blockdevice library with allocation fixes
• siderolabs/talos@b58f567a1 refactor: optimize Runtime config interface to avoid config marshaling
• siderolabs/talos@bb355c9ab chore: remove govalidator library
• siderolabs/talos@3af56bd2e test: update capi templates to v1beta1
• siderolabs/talos@936b4c4ce fix: update DHCP library with the panic fix
• siderolabs/talos@ab42886bf fix: allow kubelet to be started via the API
• siderolabs/talos@ec641f729 fix: use default time servers in time API if none are configured
• siderolabs/talos@79f213eec fix: cleanup affiliates
• siderolabs/talos@2dd0b5b68 chore: update Go to 1.17.5
• siderolabs/talos@97ffa7a64 feat: upgrade kubelet version in talosctl upgrade-k8s
• siderolabs/talos@5bc5123eb docs: document ip= kernel argument
• siderolabs/talos@8e1d0bfb5 feat: update Kubernetes to 1.23.0

Changes since v1.0.0-beta.3

• siderolabs/talos@80167fd23 release(v1.0.0): prepare release
• siderolabs/talos@f2e031ccb docs: update release notes
• siderolabs/talos@7bcd15c08 fix: correctly find partitions with config data (metal-iso)
• siderolabs/talos@9cf5d3e48 fix: correctly escape '.' in volume names
• siderolabs/talos@f822f6896 fix: give up virtual IPs before the kubelet workloads are shut down
• siderolabs/talos@5ded170a1 fix: use 'localhost' endpoint in docker provisioner on Windows
• siderolabs/talos@d491a4e13 chore: bump kernel to 5.15.32

Changes from siderolabs/extras

• siderolabs/extras@4a6ff33 chore: reproducible builds, use pkgs base
• siderolabs/extras@9238bc7 feat: bump pkgs for CNI 1.1.0 update
• siderolabs/extras@2d9d430 chore: bump tools
• siderolabs/extras@8f607fc chore: bump to Go 1.17.7
• siderolabs/extras@7c1f3cc feat: update Go to 1.17.6
• siderolabs/extras@495a5b2 feat: update Go to 1.17.5

Changes from siderolabs/pkgs

• siderolabs/pkgs@7c293d5 chore: bump kernel to 5.15.32
• siderolabs/pkgs@615d1a0 feat: update containerd to 1.6.2
• siderolabs/pkgs@fab0d43 chore: bump kernel to 5.15.31
• siderolabs/pkgs@e7c458c chore: org update
• siderolabs/pkgs@9d4e9ae feat: update Linux to 5.15.30
• siderolabs/pkgs@cd86ab5 chore: bump kernel to 5.15.28
• siderolabs/pkgs@5f97726 chore: reproducible builds
• siderolabs/pkgs@325439e feat: update containerd to 1.6.1
• siderolabs/pkgs@1b0a12e chore: bump kernel to 5.15.26
• siderolabs/pkgs@9d61f59 feat: update CNI plugins to v1.1.0
• siderolabs/pkgs@b3aae71 chore: enable Adaptec RAID controllers
• siderolabs/pkgs@0c6e9e6 chore: bump kenrel to 5.15.25
• siderolabs/pkgs@679b49d chore: disable Remote NDIS
• siderolabs/pkgs@8f03136 feat: replace LibreSSL with OpenSSL
• siderolabs/pkgs@0a3b5e3 feat: upgrade xfsprogs to the latest version
• siderolabs/pkgs@3af05f6 chore: bump tools
• siderolabs/pkgs@b32ccd1 chore: bump kernel to 5.15.24
• siderolabs/pkgs@aafafb5 feat: update containerd to 1.6.0
• siderolabs/pkgs@6019223 chore: bump kernel to 5.15.23
• siderolabs/pkgs@ff4b2d8 chore: bump tools for Go 1.17.7
• siderolabs/pkgs@e34f883 chore: disable TIPC and B.A.T.M.A.N
• siderolabs/pkgs@2b8cd88 feat: add Intel Ethernet Controller I225-V driver
• siderolabs/pkgs@407459d feat: enable zstd squashfs compression and firmware (xz) compression
• siderolabs/pkgs@81a4b1c chore: bump kernel to 5.15.22
• siderolabs/pkgs@c9a6415 chore: bump kernel to 5.15.21
• siderolabs/pkgs@90dcd00 chore: bump kernel to 5.15.19
• siderolabs/pkgs@d457b87 chore: bump kernel to 5.15.18
• siderolabs/pkgs@dd69678 chore: disable ATA-over-Ethernet driver for arm64
• siderolabs/pkgs@388ce13 chore: bump kernel to 5.15.17
• siderolabs/pkgs@c14eb99 feat: update Linux to 5.15.16
• siderolabs/pkgs@5d4d8d6 feat: bump containerd to 1.6.0-rc.0, runc to 1.1.0
• siderolabs/pkgs@5dd08a7 feat: jetson nano SoC
• siderolabs/pkgs@402b960 chore: bump u-boot to 2022.01
• siderolabs/pkgs@6ce1a40 feat: update Go to 1.17.6
• siderolabs/pkgs@08f2519 feat: update containerd to 1.5.9
• siderolabs/pkgs@fbb5c5c feat: add qlcnic drivers to kernel
• siderolabs/pkgs@0505e01 chore: fix =m kernel build options
• siderolabs/pkgs@54aa902 feat: enable amdgpu in kernel
• siderolabs/pkgs@2779c3f fix: kexec on rpi4
• siderolabs/pkgs@950361f feat: update Linux to 5.15.11
• siderolabs/pkgs@ad611bc feat: provide build instructions for NVIDIA kernel module
• siderolabs/pkgs@b22723d feat: update iPXE to the latest available version
• siderolabs/pkgs@a675c67 feat: update Go to 1.17.5

Changes from siderolabs/tools

• siderolabs/tools@4c77d96 chore: update golang to 1.17.8
• siderolabs/tools@2d4771e chore: reproducible builds
• siderolabs/tools@8197edb chore: bump expat to 2.4.5
• siderolabs/tools@74e3a95 feat: add meson
• siderolabs/tools@4c9e7a4 chore: bump go to 1.17.7
• siderolabs/tools@d33b4b6 feat: support zstd compression
• siderolabs/tools@67314b1 feat: update Go to 1.17.6
• siderolabs/tools@9c2b9df feat: update Go to 1.17.5

Changes from talos-systems/crypto

• talos-systems/crypto@510b0d2 chore: add json tags
• talos-systems/crypto@6fa2d93 fix: deepcopy nil fields as nil

Changes from talos-systems/go-blockdevice

• talos-systems/go-blockdevice@ec428fe fix: lookup filesystem labels on the actual device path
• talos-systems/go-blockdevice@7b9de26 feat: read symlink fullpath in block device list function
• talos-systems/go-blockdevice@6928ee4 refactor: rewrite GPT serialize/deserialize functions
• talos-systems/go-blockdevice@0c7e429 refactor: simplify middle endian functions

Changes from talos-systems/grpc-proxy

• talos-systems/grpc-proxy@b076302 fix: use io.EOF error when no backend connections are available
• talos-systems/grpc-proxy@82daca0 docs: update README
• talos-systems/grpc-proxy@fa6843a chore: fix spelling
• talos-systems/grpc-proxy@c0a87d9 chore: major cleanup of the code and build

Changes from talos-systems/net

• talos-systems/net@409926a fix: parse correctly some IPv6 CIDRs

Dependency Changes

• cloud.google.com/go/compute v1.5.0 new
• github.com/BurntSushi/toml v0.4.1 -> v1.0.0
• github.com/aws/aws-sdk-go v1.43.8 new
• github.com/containerd/cgroups v1.0.2 -> 2e502f6b9e43
• github.com/containerd/containerd v1.5.8 -> v1.6.2
• github.com/containernetworking/plugins v1.0.1 -> v1.1.0
• github.com/docker/distribution v2.7.1 -> v2.8.0
• github.com/docker/docker v20.10.11 -> v20.10.12
• github.com/godbus/dbus/v5 v5.0.6 new
• github.com/google/go-cmp v0.5.6 -> v0.5.7
• github.com/google/nftables 16a134723a96 -> 211824995dcb
• github.com/hashicorp/go-cleanhttp v0.5.2 new
• github.com/hashicorp/go-getter v1.5.9 -> v1.5.11
• github.com/hashicorp/go-version v1.4.0 new
• github.com/insomniacslk/dhcp 5297eed8f489 -> 3c283ff8b7dd
• github.com/jsimonetti/rtnetlink fd9a11f42291 -> v1.1.0
• github.com/jxskiss/base62 v1.0.0 -> v1.1.0
• github.com/mdlayher/arp f72070a231fc -> c37aaafac7f9
• github.com/mdlayher/ethtool 288d040e9d60 -> 856bd6cb8a38
• github.com/mdlayher/genetlink v1.0.0 -> v1.2.0
• github.com/mdlayher/netlink v1.4.2 -> v1.6.0
• github.com/opencontainers/image-spec v1.0.2 new
• github.com/packethost/packngo v0.20.0 -> v0.22.0
• github.com/pelletier/go-toml v1.9.4 new
• github.com/pmorjan/kmod v1.0.0 new
• github.com/rivo/tview 2a6de950f73b -> 96063d6082f3
• github.com/scaleway/scaleway-sdk-go v1.0.0-beta.7 -> v1.0.0-beta.9
• github.com/siderolabs/extras v0.7.0-1-gd6b73a7 -> v1.0.0
• github.com/siderolabs/pkgs v0.9.0-1-g7a3419a -> v1.0.0-6-g7c293d5
• github.com/siderolabs/tools v0.9.0-1-gb1146f9 -> v1.0.0-1-g4c77d96
• github.com/spf13/cobra v1.2.1 -> v1.3.0
• github.com/talos-systems/crypto v0.3.4 -> v0.3.5
• github.com/talos-systems/go-blockdevice v0.2.5 -> v0.3.1
• github.com/talos-systems/grpc-proxy v0.2.0 -> v0.3.0
• github.com/talos-systems/net v0.3.1 -> v0.3.2
• github.com/u-root/u-root v7.0.0 -> v0.8.0
• github.com/vishvananda/netlink f5de75959ad5 -> 650dca95af54
• github.com/vmware-tanzu/sonobuoy v0.55.1 -> v0.56.2
• github.com/vmware/govmomi v0.27.2 -> v0.27.4
• go.etcd.io/etcd/api/v3 v3.5.1 -> v3.5.2
• go.etcd.io/etcd/client/pkg/v3 v3.5.1 -> v3.5.2
• go.etcd.io/etcd/client/v3 v3.5.1 -> v3.5.2
• go.etcd.io/etcd/etcdutl/v3 v3.5.1 -> v3.5.2
• go.uber.org/zap v1.19.1 -> v1.21.0
• golang.org/x/net 491a49abca63 -> 27dd8689420f
• golang.org/x/sys 97ca703d548d -> 4e6760a101f9
• golang.org/x/time f0f3c7e86c11 -> 0e9765cccd65
• golang.zx2c4.com/wireguard/wgctrl dd7407c86d22 -> fde48d68ee68
• google.golang.org/grpc v1.42.0 -> v1.44.0
• k8s.io/api v0.23.1 -> v0.23.5
• k8s.io/apimachinery v0.23.1 -> v0.23.5
• k8s.io/apiserver v0.23.5 new
• k8s.io/client-go v0.23.1 -> v0.23.5
• k8s.io/component-base v0.23.1 -> v0.23.5
• k8s.io/cri-api v0.23.1 -> v0.23.5
• k8s.io/kubectl v0.23.1 -> v0.23.5
• k8s.io/kubelet v0.23.1 -> v0.23.5
• kernel.org/pub/linux/libs/security/libcap/cap v1.2.61 -> v1.2.63

Previous release can be found at v0.14.0

Images

quay.io/coreos/flannel:v0.15.1
ghcr.io/siderolabs/install-cni:v1.0.0
docker.io/coredns/coredns:1.9.1
gcr.io/etcd-development/etcd:v3.5.2
k8s.gcr.io/kube-apiserver:v1.23.5
k8s.gcr.io/kube-controller-manager:v1.23.5
k8s.gcr.io/kube-scheduler:v1.23.5
k8s.gcr.io/kube-proxy:v1.23.5
ghcr.io/siderolabs/kubelet:v1.23.5
ghcr.io/siderolabs/installer:v1.0.0
k8s.gcr.io/pause:3.2

Talos 1.0.0-beta.3 (2022-03-25)

Welcome to the v1.0.0-beta.3 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Admission Plugin Configuration

Talos now supports Kubernetes API server admission plugin configuration via the .cluster.apiServer.admissionControl machine configuration field.

This configuration can be used to enable Pod Security Admission plugin and
define cluster-wide default Pod Security Standards.

Apply Config Enhancements

talosctl apply/patch/edit cli commands got revamped.
Separate flags --on-reboot, --immediate, --interactive were replaced
with a single --mode flag that can take the following values:

• auto new mode that automatically applies the configuration in immediate/reboot mode.
• no-reboot force apply immediately, if not possible, then fail.
• reboot force reboot with apply config.
• staged write new machine configuration to STATE, but don't apply it (it will be applied after a reboot).
• interactive starts interactive installer, only for apply.

API Server Audit Logs

kube-apiserver is now configured to store its audit logs separately from the kube-apiserver standard logs and directly to file.
The kube-apiserver will maintain the rotation and retirement of these logs, which are stored in /var/log/audit/.
Previously, the audit logs were sent to kube-apiserver's stdout, along with the rest of its logs, to be collected in the usual manner by Kubernetes.

Equinix Metal Platform

talos.platform for Equinix Metal is renamed from packet to equinixMetal, the older name is still supported for backwards compatibility.

Extension Services

Talos now provides a way to extend set of system services Talos runs with extension services.
Extension services should be included in the Talos root filesystem (e.g. via system extensions).

Pinned Kubernetes Version

Command talosctl gen config now defaults to Kubernetes version pinning in the generate machine configuration.
Previously default was to omit explicit Kubernetes version, so Talos picked up the default version it was built against.
Old behavior can be achieved by specifiying empty flag value: --kubernetes-version=.

Kernel Parameters

Talos now supports setting bond interface from Kernel cmdline using the bond= option.
Reference: https://man7.org/linux/man-pages/man7/dracut.cmdline.7.html

Kubelet

Kubelet configuration can now be overridden with the .machine.kubelet.extraConfig machine configuration field.
As most of the kubelet command line arguments are being deprecated, it is recommended to migrate to extraConfig
instead of using extraArgs.

A number of conformance tweaks have been made to the kubelet to allow it to run without
protectKernelDefaults.
This includes both kubelet configuration options and sysctls.
Of particular note is that Talos now sets the kernel.panic reboot interval to 10s instead of 1s.
If your kubelet fails to start after the upgrade, please check the kubelet logs to determine the problem.

Talos now performs graceful kubelet shutdown by default on node reboot/shutdown.
Default shutdown timeouts: 20s for regular priority pods and 10s for critical priority pods.
Timeouts can be overridden with the .machine.kubelet.extraConfig machine configuration key:
shutdownGracePeriod and shutdownGracePeriodCriticalPods.

Machine Configuration

Talos now preserves machine configuration as it was submitted to the node.

Machine Configuration Patching

talosctl commands which accept JSON patches (gen config, cluster create, patch machineconfig) now support multiple patches, loading patches
from files with @file.json syntax, and support loading from YAML format.

Platform Support

Talos now supports Oracle Cloud.

Platform network configuration was rewritten to avoid modifying Talos machine configuration.
Network configuration is performed independent of the machine configuration presence, so it works
even if Talos is booted in maintenance mode (without machine configuration is platform userdata).

Pod Security Policy

Pod Security Policy Kubernetes feature is deprecated and is going to be removed in Kubernetes 1.25.
Talos by default skips setting up PSP now (see machine configuration .cluster.apiServer.disablePodSecurityPolicy).

SBC Support

Talos now supports Jetson Nano SBC.

Static Pods in the Machine Configuration

Talos now accepts static pod definitions in the .machine.pods key of the machine configuration.
Please note that static pod definitions are not validated by Talos.
Static pod definitions can be updated without a node reboot.

Sysfs Kernel Parameters

Talos now supports setting sysfs kernel parameters (/sys/...).
Use machine configuration field .machine.sysfs to set sysfs kernel parameters.

System Extensions

System extensions allow extending Talos root filesystem, which enables a set of different features, including custom
container runtimes, additional firmware, etc.

System extensions are only activated during Talos installation (or upgrade), and with system extensions installed, Talos
root filesystem is still immutable and read-only.

Please see extensions repository and documentation for more information.

Component Updates

• Linux: 5.15.31
• Kubernetes: 1.23.5
• CoreDNS: 1.9.1
• etcd: 3.5.2
• containerd: 1.6.2
• runc: 1.1.0

Talos is built with Go 1.17.8

Wipe System Kernel Parameter

Added new kernel parameter talos.experimental.wipe=system which can help resetting system disk for the machine
and start over with a fresh installation.
See Resetting a Machine on how to use it.

Contributors

• Andrey Smirnov
• Noel Georgi
• Serge Logvinov
• Seán C McCord
• Artem Chernyshev
• Spencer Smith
• Steve Francis
• Florian Klink
• Andrey Smirnov
• Andrew Rynhard
• Anthony Rabbito
• Bernard Sébastien
• Charlie Haley
• Eric Wohltman
• Jori Huisman
• Matt Layher
• Niklas Metje
• Philipp Sauter
• Shahar Naveh
• Tim Jones
• Utku Ozdemir
• nebulait

Changes

• siderolabs/talos@7e386357b release(v1.0.0-beta.3): prepare release
• siderolabs/talos@eb6822ab4 feat: update containerd to 1.6.2, Linux to 5.15.31
• siderolabs/talos@c8f5523ee chore: update the talosctl CNI download url
• siderolabs/talos@698c0e488 feat: update CoreDNS to 1.9.1
• siderolabs/talos@cc986136b test: use clusterctl.yaml overrides after org rename
• siderolabs/talos@411dd1994 chore: rename github organization to siderolabs
• siderolabs/talos@7ad030a0b fix: the etcd recovery client and tests
• siderolabs/talos@4adae5e4a fix: trigger properly udevd on types and actions
• siderolabs/talos@6c0f8c704 fix: clean up custom udev rules if the config is cleared
• siderolabs/talos@65dad2488 feat: update Linux to 5.15.30
• siderolabs/talos@d31fed839 release(v1.0.0-beta.2): prepare release
• siderolabs/talos@4a2e65a74 feat: pause the boot process on some failures instead of rebooting
• siderolabs/talos@b6d71d49e fix: ignore connection reset errors on k8s upgrade
• siderolabs/talos@4557d01b0 feat: allow hardlinks in the system extension images
• siderolabs/talos@5bfc16cfe fix: ignore pod CIDRs for kubelet node IPs
• siderolabs/talos@cb97369e5 fix: split regular network operation configuration and virtual IP
• siderolabs/talos@cb61e5953 fix: ignore terminated pods in pod health checks
• siderolabs/talos@974f02e2d feat: update Kubernetes to 1.23.5
• siderolabs/talos@426921a6b fix: invert the condition to skip kubelet kernel checks
• siderolabs/talos@a60575984 feat: relax extensions file structure validation
• siderolabs/talos@eb16019eb fix: refresh etcd certs on startup/join
• siderolabs/talos@11e435a69 chore: add dependency images-essential -> images
• siderolabs/talos@4f142cc4e feat: implement D-Bus systemd-compatible shutdown for kubelet
• siderolabs/talos@3345cde26 chore: bump kernel to 5.15.28
• siderolabs/talos@602e049d9 release(v1.0.0-beta.1): prepare release
• siderolabs/talos@06647da34 chore: fix equinixMetal platform name
• siderolabs/talos@7e31e7d8f feat: bump boot partition size to 1000 MiB
• siderolabs/talos@83d7aebe1 fix: check for IPv6 before applying accept_ra
• siderolabs/talos@d785204aa chore: disable one commit per PR
• siderolabs/talos@f7ad1b982 release(v1.0.0-beta.0): prepare release
• siderolabs/talos@0aa23cb32 feat: update pkgs to 1.0 versions, Go 1.17.8
• siderolabs/talos@dc8e9ed4a feat: bond interfaces from kernel cmdline
• siderolabs/talos@947c77b60 docs: update cilium inline install
• siderolabs/talos@654472005 chore: update talos-systems modules to released version
• siderolabs/talos@77158a61f chore: rename v0.15 to v1.0
• siderolabs/talos@22a4d6b3e feat: update containerd to 1.6.1
• siderolabs/talos@a50747a64 fix: align list and diskusage command flags with their Linux analogs
• siderolabs/talos@d29e9202f chore: remove iSCSI packages from the rootfs image
• siderolabs/talos@09efa62f6 chore: re-enable kexec and default to UEFI booting in tests
• siderolabs/talos@8975a56eb docs: fix typo in release notes
• siderolabs/talos@61461de63 feat: define resource reservation
• siderolabs/talos@7ddc7f605 feat: support specifying env vars for control plane pods
• siderolabs/talos@7c1924a3a docs: update cilium docs
• siderolabs/talos@7b33ffbd8 chore: update pkgs and extras
• siderolabs/talos@c5992c2bf chore: bump dependencies
• siderolabs/talos@de69ab790 fix: scaleway network config
• siderolabs/talos@f81fb9f7c feat: implement sysfs
• siderolabs/talos@79d9720a3 fix: set route to metaserver for scaleway platform
• siderolabs/talos@eb40b9254 feat: add a way to override kubelet configuration via machine config
• siderolabs/talos@dc2371547 chore: update packet to equinix
• siderolabs/talos@7917b1aca feat: support admission control configuration and Pod Security admission
• siderolabs/talos@45feb72a4 feat: fluent-bit example
• siderolabs/talos@9b0b5501d docs: add katacoda link
• siderolabs/talos@b2bf3117f feat: implement extension services
• siderolabs/talos@063a9e165 test: pre-fetch CLI tools
• siderolabs/talos@d749643e7 feat: download metadata on Scaleway using low source port
• siderolabs/talos@1800b4c70 chore: fix kernel reference errata
• siderolabs/talos@743a03002 chore: bump github.com/mdlayher/arp@latest
• siderolabs/talos@614adf0ff feat: update xfsprogs to 5.14.2, replace LibreSSL with OpenSSL
• siderolabs/talos@28c3b495d docs: updates to troubleshooting doc
• siderolabs/talos@673fe2ebf feat: disable PSP by default for Talos >= 0.15
• siderolabs/talos@4d419a007 feat: store audit logs to disk
• siderolabs/talos@8ef3d85bc chore: bump dependencies
• siderolabs/talos@8a634d564 chore: bump tools, pkgs, extras
• siderolabs/talos@f40b480bd chore: expand Cilium deployment docs
• siderolabs/talos@3ba8eb00d docs: design concepts page
• siderolabs/talos@a5fb271ac feat: enable protectKernelDefaults in kubelet_spec
• siderolabs/talos@b7a1e0431 chore: don't append initrd= to the kernel command line
• siderolabs/talos@4d5cd6653 feat: add new grub parser and descriptive grub menu entries
• siderolabs/talos@6ccfdbaf1 fix: avoid replacing default gRPC codec in machinery
• siderolabs/talos@0fe34b358 feat: update Kubernetes to 1.23.4
• siderolabs/talos@95a564ba2 fix: prefer logical on merging link specs
• siderolabs/talos@8b7091a06 fix: correct vultr interface IP calculation
• siderolabs/talos@5a0fd63c8 fix: determine openstack interface IP correctly
• siderolabs/talos@00ccaf13f feat: update CoreDNS to 1.9.0
• siderolabs/talos@a9a47b755 feat: update containerd to 1.6.0
• siderolabs/talos@961067e8b docs: update getting-started.md
• siderolabs/talos@bddd53fc4 chore: bump dependencies
• siderolabs/talos@f1a93d28f release(v0.15.0-alpha.2): prepare release
• siderolabs/talos@1e9f0ad4c feat: update Go to 1.17.7, Linux to 5.15.23
• siderolabs/talos@fef99892d chore: pin kubernetes version to talosctl gen config
• siderolabs/talos@bcf928134 feat: udev extensions support
• siderolabs/talos@47619f832 docs: update system extensions guide with grammar fixes
• siderolabs/talos@2bcceb6e4 chore: disable TIPC and B.A.T.M.A.N
• siderolabs/talos@c6bca1b33 docs: add guide on system extensions
• siderolabs/talos@492b156da feat: implement static pods via machine configuration
• siderolabs/talos@6fadfa8db fix: parse properly IPv6 address in the cmdline ip= arg
• siderolabs/talos@d991f3982 chore: update the kernel with IGC driver enabled
• siderolabs/talos@cbc9610be feat: sysctl system optimization
• siderolabs/talos@8b6d6220d fix: parse interface ip correctly (nocloud)
• siderolabs/talos@54632b1be docs: fix developing Talos docs
• siderolabs/talos@0da370dfe test: unlock CABPT/CACPPT provider versions
• siderolabs/talos@df0e388a4 feat: extract firmware part of system extensions into initramfs
• siderolabs/talos@8899dd349 chore: add json-tags for SecretsBundle
• siderolabs/talos@4f391cd5c chore: bump kernel to 5.15.22
• siderolabs/talos@6bd07406e feat: disable reboots via kexec
• siderolabs/talos@1e3f2f952 fix: validate kubelet node IP subnets correctly
• siderolabs/talos@d211bff47 feat: enable accept_ra when IPv6 forwarding
• siderolabs/talos@930205831 chore: update kernel to 5.15.21
• siderolabs/talos@c7186ed08 chore: bump dependencies
• siderolabs/talos@9ee470f95 feat: set /etc/localtime to UTC
• siderolabs/talos@c34768367 fix: disable auto-tls for etcd
• siderolabs/talos@9bffc7e8d fix: pass proper sequence to shutdown sequence on ACPI shutdown
• siderolabs/talos@e47387e41 chore: bump CAPI to 1.0.4
• siderolabs/talos@5462f5ed1 feat: update etcd to 3.5.2
• siderolabs/talos@f6fa12e53 docs: update upgrading Talos, Kubernetes, and Docker guides
• siderolabs/talos@5484579c1 feat: allow link scope routes in the machine config
• siderolabs/talos@56b83b087 feat: enable persistence for docker provider
• siderolabs/talos@949464e4b fix: use leaf certificate in the apid RBAC check
• siderolabs/talos@446972f21 chore: bump kernel to 5.15.19
• siderolabs/talos@fe40e7b1b feat: drain node on shutdown
• siderolabs/talos@7f0b3aae0 feat: add multiple config patches, patches from files, YAML support
• siderolabs/talos@202290be7 docs: update Kubernetes upgrade video
• siderolabs/talos@036644f7a chore: bump kernel to 5.15.18
• siderolabs/talos@dcde2c4f6 chore: update k8s upgrade message
• siderolabs/talos@1c949335c docs: add documentation for Hyper-V
• siderolabs/talos@7f9790912 fix: clean up containerd state on installer run/validate
• siderolabs/talos@8b98d8eb3 docs: clarify Filebeat example
• siderolabs/talos@74c03120c docs: replace Talos upgrades video
• siderolabs/talos@65e64d425 chore: update kernel to stable 5.15.17
• siderolabs/talos@4245f72d3 feat: add --extra-uefi-search-paths option
• siderolabs/talos@7ffeb6c2e docs: update oracle cloud example
• siderolabs/talos@151c9df09 chore: add CSI tests for e2e-qemu
• siderolabs/talos@cdb621c82 feat: provide a way to list installed system extensions
• siderolabs/talos@abfb25812 feat: share /lib/firmware across initramfs and rootfs
• siderolabs/talos@ebec5d4a0 feat: support full disk path in the diskSelector
• siderolabs/talos@831f65a07 fix: close client provider instead of Talos client in the upgrade module
• siderolabs/talos@0bf161dff test: add integration test for system extensions
• siderolabs/talos@7b3962745 fix: handle 404 errors from AWS IMDS correctly
• siderolabs/talos@85782faa2 feat: update Kubernetes to 1.23.3
• siderolabs/talos@c5e5922e5 chore: bump dependencies
• siderolabs/talos@b3c3ef29b feat: install system extensions
• siderolabs/talos@a0889600f chore: fix golangci-lint install
• siderolabs/talos@a50c42980 fix: use #!/usr/bin/env bash as shebang instead of #!/bin/bash
• siderolabs/talos@4464b725c fix: qemu: always use runtime.GOARCH for CNI bundle
• siderolabs/talos@e7379c81b release(v0.15.0-alpha.1): prepare release
• siderolabs/talos@58eb3600f fix: enforce reasonable TLS min tls-min-version
• siderolabs/talos@b8d4c5dfa fix: use correct error in kernel_param_spec Modify call handling
• siderolabs/talos@4961d6867 docs: drop talos.interface kernel arg
• siderolabs/talos@b1e61fa5b chore: update Linux to 5.15.16
• siderolabs/talos@d4b844593 feat: support CRI configuration merging and reimplement registry config
• siderolabs/talos@f94c8c6e1 feat: update Kubernetes to 1.23.2
• siderolabs/talos@21f497b3e feat: install readonly overlay mounts during talos chroot sequence
• siderolabs/talos@9ad5a67d2 feat: inject platform network configuration as network resources
• siderolabs/talos@907f8cbfb docs: fix patch flag
• siderolabs/talos@caa434426 docs: add documentation on developing Talos
• siderolabs/talos@16eeb6776 docs: readme updates
• siderolabs/talos@3c0737027 chore: update release notes
• siderolabs/talos@6d8bea5d5 feat: jetson nano SoC
• siderolabs/talos@1d8955ebe feat: update CoreDNS to 1.8.7
• siderolabs/talos@6af83afd5 fix: handle multiple-IP cluster nodes
• siderolabs/talos@43b2d8137 chore: bump dependencies
• siderolabs/talos@529e80f4f docs: update home page and footer
• siderolabs/talos@37630e70c Update twitter link
• siderolabs/talos@af440919b fix: avoid panic in config loading/validation
• siderolabs/talos@4b8e9de59 docs: add guide on adding proprietary kernel modules
• siderolabs/talos@833dc4169 docs: rework vmware assets
• siderolabs/talos@2869b5eea feat: add oraclecloud.com platform support
• siderolabs/talos@f3ec24beb fix: vmware documentation typo
• siderolabs/talos@2f2bdb26a feat: replace flags with --mode in apply, edit and patch commands
• siderolabs/talos@b09be2a69 docs: update index.md and sync across versions
• siderolabs/talos@ca65b918a docs: add nocloud documentation
• siderolabs/talos@59437d6d8 fix: filter down nameservers for docker-based cluster create
• siderolabs/talos@194eaa6f2 chore: clean up /usr/bin from unneeded files
• siderolabs/talos@74e727240 docs: update office office
• siderolabs/talos@539af338c docs: update vmware docs
• siderolabs/talos@279a3fda7 feat: update Go to 1.17.6, containerd to 1.5.9
• siderolabs/talos@3d3088941 chore: bump Go dependencies
• siderolabs/talos@d02d944ec chore: provide umarshal from YAML methods for network resource specs
• siderolabs/talos@2e735714d fix: derive machine-id from node identity
• siderolabs/talos@d8a2721e1 test: update CAPI components to latest
• siderolabs/talos@7dff8a53e fix: ignore missing init.yaml for cluster create
• siderolabs/talos@f4516c7d8 chore: bump dependencies
• siderolabs/talos@944f13221 chore: fix release pipeline
• siderolabs/talos@cb548a368 release(v0.15.0-alpha.0): prepare release
• siderolabs/talos@da0b36e61 feat: introduce talos.exp.wipe kernel param to wipe system disk
• siderolabs/talos@c079eb32b refactor: use AWS SDK to access AWS metadata service
• siderolabs/talos@2f4b9d8d6 feat: make machine configuration read-only in Talos (almost)
• siderolabs/talos@524f83d3d feat: use official Go SDK to fetch GCP instance metadata
• siderolabs/talos@d2a7e082c test: retry in discovery tests
• siderolabs/talos@f4219e530 chore: remove unused methods in AWS platform
• siderolabs/talos@35bc2940e fix: kexec on RPI4
• siderolabs/talos@f235cfbae fix: multiple usability fixes
• siderolabs/talos@b3fbb2f31 test: don't build all images in the default CI pipeline
• siderolabs/talos@dac550a50 docs: fix troubleshooting guide
• siderolabs/talos@83e8bec6b feat: update Linux to 5.15.11
• siderolabs/talos@d5a82b37e feat: remove ApplyDynamicConfig
• siderolabs/talos@3623da136 feat: provide a way to load Linux kernel modules
• siderolabs/talos@4d1514add docs: update Mayastor deployment process
• siderolabs/talos@cff1ff6d5 feat: shell completion for list, read
• siderolabs/talos@19728437e feat: output IPs when etcd needs to be bootstrapped
• siderolabs/talos@c297d66a1 test: attempt number on two on proper retries in CLI time tests
• siderolabs/talos@dc299da9e docs: add arm64 option to talosctl download
• siderolabs/talos@f49f40a33 fix: pass path to conformance retrieve results
• siderolabs/talos@942c8074f docs: fork docs for 0.15
• siderolabs/talos@880a7782c docs: update documentation for 0.14.0 release
• siderolabs/talos@dc9a0cfe9 chore: bump Go dependencies
• siderolabs/talos@773496935 fix: config apply immediate
• siderolabs/talos@17c147488 test: retry talosctl time call in the tests
• siderolabs/talos@acf1ac0f1 feat: show human-readable aliases in talosctl get rd
• siderolabs/talos@5532867b0 refactor: rewrite the implementation of Processes API
• siderolabs/talos@80350861a feat: update Kubernetes to 1.23.1
• siderolabs/talos@4c96e936e docs: add cilium guide
• siderolabs/talos@e3f2acb5e refactor: rewrite the check for unknown keys in the machine configuration
• siderolabs/talos@4175396a8 refactor: use update go-blockdevice library with allocation fixes
• siderolabs/talos@b58f567a1 refactor: optimize Runtime config interface to avoid config marshaling
• siderolabs/talos@bb355c9ab chore: remove govalidator library
• siderolabs/talos@3af56bd2e test: update capi templates to v1beta1
• siderolabs/talos@936b4c4ce fix: update DHCP library with the panic fix
• siderolabs/talos@ab42886bf fix: allow kubelet to be started via the API
• siderolabs/talos@ec641f729 fix: use default time servers in time API if none are configured
• siderolabs/talos@79f213eec fix: cleanup affiliates
• siderolabs/talos@2dd0b5b68 chore: update Go to 1.17.5
• siderolabs/talos@97ffa7a64 feat: upgrade kubelet version in talosctl upgrade-k8s
• siderolabs/talos@5bc5123eb docs: document ip= kernel argument
• siderolabs/talos@8e1d0bfb5 feat: update Kubernetes to 1.23.0

Changes since v1.0.0-beta.2

• siderolabs/talos@7e386357b release(v1.0.0-beta.3): prepare release
• siderolabs/talos@eb6822ab4 feat: update containerd to 1.6.2, Linux to 5.15.31
• siderolabs/talos@c8f5523ee chore: update the talosctl CNI download url
• siderolabs/talos@698c0e488 feat: update CoreDNS to 1.9.1
• siderolabs/talos@cc986136b test: use clusterctl.yaml overrides after org rename
• siderolabs/talos@411dd1994 chore: rename github organization to siderolabs
• siderolabs/talos@7ad030a0b fix: the etcd recovery client and tests
• siderolabs/talos@4adae5e4a fix: trigger properly udevd on types and actions
• siderolabs/talos@6c0f8c704 fix: clean up custom udev rules if the config is cleared
• siderolabs/talos@65dad2488 feat: update Linux to 5.15.30

Changes from siderolabs/extras

• siderolabs/extras@4a6ff33 chore: reproducible builds, use pkgs base
• siderolabs/extras@9238bc7 feat: bump pkgs for CNI 1.1.0 update
• siderolabs/extras@2d9d430 chore: bump tools
• siderolabs/extras@8f607fc chore: bump to Go 1.17.7
• siderolabs/extras@7c1f3cc feat: update Go to 1.17.6
• siderolabs/extras@495a5b2 feat: update Go to 1.17.5

Changes from siderolabs/pkgs

• siderolabs/pkgs@615d1a0 feat: update containerd to 1.6.2
• siderolabs/pkgs@fab0d43 chore: bump kernel to 5.15.31
• siderolabs/pkgs@e7c458c chore: org update
• siderolabs/pkgs@9d4e9ae feat: update Linux to 5.15.30
• siderolabs/pkgs@cd86ab5 chore: bump kernel to 5.15.28
• siderolabs/pkgs@5f97726 chore: reproducible builds
• siderolabs/pkgs@325439e feat: update containerd to 1.6.1
• siderolabs/pkgs@1b0a12e chore: bump kernel to 5.15.26
• siderolabs/pkgs@9d61f59 feat: update CNI plugins to v1.1.0
• siderolabs/pkgs@b3aae71 chore: enable Adaptec RAID controllers
• siderolabs/pkgs@0c6e9e6 chore: bump kenrel to 5.15.25
• siderolabs/pkgs@679b49d chore: disable Remote NDIS
• siderolabs/pkgs@8f03136 feat: replace LibreSSL with OpenSSL
• siderolabs/pkgs@0a3b5e3 feat: upgrade xfsprogs to the latest version
• siderolabs/pkgs@3af05f6 chore: bump tools
• siderolabs/pkgs@b32ccd1 chore: bump kernel to 5.15.24
• siderolabs/pkgs@aafafb5 feat: update containerd to 1.6.0
• siderolabs/pkgs@6019223 chore: bump kernel to 5.15.23
• siderolabs/pkgs@ff4b2d8 chore: bump tools for Go 1.17.7
• siderolabs/pkgs@e34f883 chore: disable TIPC and B.A.T.M.A.N
• siderolabs/pkgs@2b8cd88 feat: add Intel Ethernet Controller I225-V driver
• siderolabs/pkgs@407459d feat: enable zstd squashfs compression and firmware (xz) compression
• siderolabs/pkgs@81a4b1c chore: bump kernel to 5.15.22
• siderolabs/pkgs@c9a6415 chore: bump kernel to 5.15.21
• siderolabs/pkgs@90dcd00 chore: bump kernel to 5.15.19
• siderolabs/pkgs@d457b87 chore: bump kernel to 5.15.18
• siderolabs/pkgs@dd69678 chore: disable ATA-over-Ethernet driver for arm64
• siderolabs/pkgs@388ce13 chore: bump kernel to 5.15.17
• siderolabs/pkgs@c14eb99 feat: update Linux to 5.15.16
• siderolabs/pkgs@5d4d8d6 feat: bump containerd to 1.6.0-rc.0, runc to 1.1.0
• siderolabs/pkgs@5dd08a7 feat: jetson nano SoC
• siderolabs/pkgs@402b960 chore: bump u-boot to 2022.01
• siderolabs/pkgs@6ce1a40 feat: update Go to 1.17.6
• siderolabs/pkgs@08f2519 feat: update containerd to 1.5.9
• siderolabs/pkgs@fbb5c5c feat: add qlcnic drivers to kernel
• siderolabs/pkgs@0505e01 chore: fix =m kernel build options
• siderolabs/pkgs@54aa902 feat: enable amdgpu in kernel
• siderolabs/pkgs@2779c3f fix: kexec on rpi4
• siderolabs/pkgs@950361f feat: update Linux to 5.15.11
• siderolabs/pkgs@ad611bc feat: provide build instructions for NVIDIA kernel module
• siderolabs/pkgs@b22723d feat: update iPXE to the latest available version
• siderolabs/pkgs@a675c67 feat: update Go to 1.17.5

Changes from siderolabs/tools

• siderolabs/tools@4c77d96 chore: update golang to 1.17.8
• siderolabs/tools@2d4771e chore: reproducible builds
• siderolabs/tools@8197edb chore: bump expat to 2.4.5
• siderolabs/tools@74e3a95 feat: add meson
• siderolabs/tools@4c9e7a4 chore: bump go to 1.17.7
• siderolabs/tools@d33b4b6 feat: support zstd compression
• siderolabs/tools@67314b1 feat: update Go to 1.17.6
• siderolabs/tools@9c2b9df feat: update Go to 1.17.5

Changes from talos-systems/crypto

• talos-systems/crypto@510b0d2 chore: add json tags
• talos-systems/crypto@6fa2d93 fix: deepcopy nil fields as nil

Changes from talos-systems/go-blockdevice

• talos-systems/go-blockdevice@7b9de26 feat: read symlink fullpath in block device list function
• talos-systems/go-blockdevice@6928ee4 refactor: rewrite GPT serialize/deserialize functions
• talos-systems/go-blockdevice@0c7e429 refactor: simplify middle endian functions

Changes from talos-systems/grpc-proxy

• talos-systems/grpc-proxy@b076302 fix: use io.EOF error when no backend connections are available
• talos-systems/grpc-proxy@82daca0 docs: update README
• talos-systems/grpc-proxy@fa6843a chore: fix spelling
• talos-systems/grpc-proxy@c0a87d9 chore: major cleanup of the code and build

Changes from talos-systems/net

• talos-systems/net@409926a fix: parse correctly some IPv6 CIDRs

Dependency Changes

• cloud.google.com/go/compute v1.5.0 new
• github.com/BurntSushi/toml v0.4.1 -> v1.0.0
• github.com/aws/aws-sdk-go v1.43.8 new
• github.com/containerd/cgroups v1.0.2 -> 2e502f6b9e43
• github.com/containerd/containerd v1.5.8 -> v1.6.2
• github.com/containernetworking/plugins v1.0.1 -> v1.1.0
• github.com/docker/distribution v2.7.1 -> v2.8.0
• github.com/docker/docker v20.10.11 -> v20.10.12
• github.com/godbus/dbus/v5 v5.0.6 new
• github.com/google/go-cmp v0.5.6 -> v0.5.7
• github.com/google/nftables 16a134723a96 -> 211824995dcb
• github.com/hashicorp/go-cleanhttp v0.5.2 new
• github.com/hashicorp/go-getter v1.5.9 -> v1.5.11
• github.com/hashicorp/go-version v1.4.0 new
• github.com/insomniacslk/dhcp 5297eed8f489 -> 3c283ff8b7dd
• github.com/jsimonetti/rtnetlink fd9a11f42291 -> v1.1.0
• github.com/jxskiss/base62 v1.0.0 -> v1.1.0
• github.com/mdlayher/arp f72070a231fc -> c37aaafac7f9
• github.com/mdlayher/ethtool 288d040e9d60 -> 856bd6cb8a38
• github.com/mdlayher/genetlink v1.0.0 -> v1.2.0
• github.com/mdlayher/netlink v1.4.2 -> v1.6.0
• github.com/opencontainers/image-spec v1.0.2 new
• github.com/packethost/packngo v0.20.0 -> v0.22.0
• github.com/pelletier/go-toml v1.9.4 new
• github.com/pmorjan/kmod v1.0.0 new
• github.com/rivo/tview 2a6de950f73b -> 96063d6082f3
• github.com/scaleway/scaleway-sdk-go v1.0.0-beta.7 -> v1.0.0-beta.9
• github.com/siderolabs/extras v0.7.0-1-gd6b73a7 -> v1.0.0
• github.com/siderolabs/pkgs v0.9.0-1-g7a3419a -> v1.0.0-5-g615d1a0
• github.com/siderolabs/tools v0.9.0-1-gb1146f9 -> v1.0.0-1-g4c77d96
• github.com/spf13/cobra v1.2.1 -> v1.3.0
• github.com/talos-systems/crypto v0.3.4 -> v0.3.5
• github.com/talos-systems/go-blockdevice v0.2.5 -> v0.3.0
• github.com/talos-systems/grpc-proxy v0.2.0 -> v0.3.0
• github.com/talos-systems/net v0.3.1 -> v0.3.2
• github.com/u-root/u-root v7.0.0 -> v0.8.0
• github.com/vishvananda/netlink f5de75959ad5 -> 650dca95af54
• github.com/vmware-tanzu/sonobuoy v0.55.1 -> v0.56.2
• github.com/vmware/govmomi v0.27.2 -> v0.27.4
• go.etcd.io/etcd/api/v3 v3.5.1 -> v3.5.2
• go.etcd.io/etcd/client/pkg/v3 v3.5.1 -> v3.5.2
• go.etcd.io/etcd/client/v3 v3.5.1 -> v3.5.2
• go.etcd.io/etcd/etcdutl/v3 v3.5.1 -> v3.5.2
• go.uber.org/zap v1.19.1 -> v1.21.0
• golang.org/x/net 491a49abca63 -> 27dd8689420f
• golang.org/x/sys 97ca703d548d -> 4e6760a101f9
• golang.org/x/time f0f3c7e86c11 -> 0e9765cccd65
• golang.zx2c4.com/wireguard/wgctrl dd7407c86d22 -> fde48d68ee68
• google.golang.org/grpc v1.42.0 -> v1.44.0
• k8s.io/api v0.23.1 -> v0.23.5
• k8s.io/apimachinery v0.23.1 -> v0.23.5
• k8s.io/apiserver v0.23.5 new
• k8s.io/client-go v0.23.1 -> v0.23.5
• k8s.io/component-base v0.23.1 -> v0.23.5
• k8s.io/cri-api v0.23.1 -> v0.23.5
• k8s.io/kubectl v0.23.1 -> v0.23.5
• k8s.io/kubelet v0.23.1 -> v0.23.5
• kernel.org/pub/linux/libs/security/libcap/cap v1.2.61 -> v1.2.63

Previous release can be found at v0.14.0

Images

quay.io/coreos/flannel:v0.15.1
ghcr.io/siderolabs/install-cni:v1.0.0
docker.io/coredns/coredns:1.9.1
gcr.io/etcd-development/etcd:v3.5.2
k8s.gcr.io/kube-apiserver:v1.23.5
k8s.gcr.io/kube-controller-manager:v1.23.5
k8s.gcr.io/kube-scheduler:v1.23.5
k8s.gcr.io/kube-proxy:v1.23.5
ghcr.io/siderolabs/kubelet:v1.23.5
ghcr.io/siderolabs/installer:v1.0.0-beta.3
k8s.gcr.io/pause:3.2

Talos 1.0.0-beta.2 (2022-03-22)

Welcome to the v1.0.0-beta.2 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/talos-systems/talos/issues.

Admission Plugin Configuration

Talos now supports Kubernetes API server admission plugin configuration via the .cluster.apiServer.admissionControl machine configuration field.

This configuration can be used to enable Pod Security Admission plugin and
define cluster-wide default Pod Security Standards.

Apply Config Enhancements

talosctl apply/patch/edit cli commands got revamped.
Separate flags --on-reboot, --immediate, --interactive were replaced
with a single --mode flag that can take the following values:

• auto new mode that automatically applies the configuration in immediate/reboot mode.
• no-reboot force apply immediately, if not possible, then fail.
• reboot force reboot with apply config.
• staged write new machine configuration to STATE, but don't apply it (it will be applied after a reboot).
• interactive starts interactive installer, only for apply.

API Server Audit Logs

kube-apiserver is now configured to store its audit logs separately from the kube-apiserver standard logs and directly to file.
The kube-apiserver will maintain the rotation and retirement of these logs, which are stored in /var/log/audit/.
Previously, the audit logs were sent to kube-apiserver's stdout, along with the rest of its logs, to be collected in the usual manner by Kubernetes.

Equinix Metal Platform

talos.platform for Equinix Metal is renamed from packet to equinixMetal, the older name is still supported for backwards compatibility.

Extension Services

Talos now provides a way to extend set of system services Talos runs with extension services.
Extension services should be included in the Talos root filesystem (e.g. via system extensions).

Pinned Kubernetes Version

Command talosctl gen config now defaults to Kubernetes version pinning in the generate machine configuration.
Previously default was to omit explicit Kubernetes version, so Talos picked up the default version it was built against.
Old behavior can be achieved by specifiying empty flag value: --kubernetes-version=.

Kernel Parameters

Talos now supports setting bond interface from Kernel cmdline using the bond= option.
Reference: https://man7.org/linux/man-pages/man7/dracut.cmdline.7.html

Kubelet

Kubelet configuration can now be overridden with the .machine.kubelet.extraConfig machine configuration field.
As most of the kubelet command line arguments are being deprecated, it is recommended to migrate to extraConfig
instead of using extraArgs.

A number of conformance tweaks have been made to the kubelet to allow it to run without
protectKernelDefaults.
This includes both kubelet configuration options and sysctls.
Of particular note is that Talos now sets the kernel.panic reboot interval to 10s instead of 1s.
If your kubelet fails to start after the upgrade, please check the kubelet logs to determine the problem.

Talos now performs graceful kubelet shutdown by default on node reboot/shutdown.
Default shutdown timeouts: 20s for regular priority pods and 10s for critical priority pods.
Timeouts can be overridden with the .machine.kubelet.extraConfig machine configuration key:
shutdownGracePeriod and shutdownGracePeriodCriticalPods.

Machine Configuration

Talos now preserves machine configuration as it was submitted to the node.

Machine Configuration Patching

talosctl commands which accept JSON patches (gen config, cluster create, patch machineconfig) now support multiple patches, loading patches
from files with @file.json syntax, and support loading from YAML format.

Platform Support

Talos now supports Oracle Cloud.

Platform network configuration was rewritten to avoid modifying Talos machine configuration.
Network configuration is performed independent of the machine configuration presence, so it works
even if Talos is booted in maintenance mode (without machine configuration is platform userdata).

Pod Security Policy

Pod Security Policy Kubernetes feature is deprecated and is going to be removed in Kubernetes 1.25.
Talos by default skips setting up PSP now (see machine configuration .cluster.apiServer.disablePodSecurityPolicy).

SBC Support

Talos now supports Jetson Nano SBC.

Static Pods in the Machine Configuration

Talos now accepts static pod definitions in the .machine.pods key of the machine configuration.
Please note that static pod definitions are not validated by Talos.
Static pod definitions can be updated without a node reboot.

Sysfs Kernel Parameters

Talos now supports setting sysfs kernel parameters (/sys/...).
Use machine configuration field .machine.sysfs to set sysfs kernel parameters.

System Extensions

System extensions allow extending Talos root filesystem, which enables a set of different features, including custom
container runtimes, additional firmware, etc.

System extensions are only activated during Talos installation (or upgrade), and with system extensions installed, Talos
root filesystem is still immutable and read-only.

Please see extensions repository and documentation for more information.

Component Updates

• Linux: 5.15.28
• Kubernetes: 1.23.5
• CoreDNS: 1.9.0
• etcd: 3.5.2
• containerd: 1.6.1
• runc: 1.1.0

Talos is built with Go 1.17.8

Wipe System Kernel Parameter

Added new kernel parameter talos.experimental.wipe=system which can help resetting system disk for the machine
and start over with a fresh installation.
See Resetting a Machine on how to use it.

Contributors

• Andrey Smirnov
• Noel Georgi
• Serge Logvinov
• Seán C McCord
• Artem Chernyshev
• Spencer Smith
• Steve Francis
• Florian Klink
• Andrew Rynhard
• Anthony Rabbito
• Bernard Sébastien
• Charlie Haley
• Eric Wohltman
• Jori Huisman
• Matt Layher
• Niklas Metje
• Philipp Sauter
• Shahar Naveh
• Tim Jones
• Utku Ozdemir
• nebulait

Changes

• talos-systems/talos@d31fed839 release(v1.0.0-beta.2): prepare release
• talos-systems/talos@4a2e65a74 feat: pause the boot process on some failures instead of rebooting
• talos-systems/talos@b6d71d49e fix: ignore connection reset errors on k8s upgrade
• talos-systems/talos@4557d01b0 feat: allow hardlinks in the system extension images
• talos-systems/talos@5bfc16cfe fix: ignore pod CIDRs for kubelet node IPs
• talos-systems/talos@cb97369e5 fix: split regular network operation configuration and virtual IP
• talos-systems/talos@cb61e5953 fix: ignore terminated pods in pod health checks
• talos-systems/talos@974f02e2d feat: update Kubernetes to 1.23.5
• talos-systems/talos@426921a6b fix: invert the condition to skip kubelet kernel checks
• talos-systems/talos@a60575984 feat: relax extensions file structure validation
• talos-systems/talos@eb16019eb fix: refresh etcd certs on startup/join
• talos-systems/talos@11e435a69 chore: add dependency images-essential -> images
• talos-systems/talos@4f142cc4e feat: implement D-Bus systemd-compatible shutdown for kubelet
• talos-systems/talos@3345cde26 chore: bump kernel to 5.15.28
• talos-systems/talos@602e049d9 release(v1.0.0-beta.1): prepare release
• talos-systems/talos@06647da34 chore: fix equinixMetal platform name
• talos-systems/talos@7e31e7d8f feat: bump boot partition size to 1000 MiB
• talos-systems/talos@83d7aebe1 fix: check for IPv6 before applying accept_ra
• talos-systems/talos@d785204aa chore: disable one commit per PR
• talos-systems/talos@f7ad1b982 release(v1.0.0-beta.0): prepare release
• talos-systems/talos@0aa23cb32 feat: update pkgs to 1.0 versions, Go 1.17.8
• talos-systems/talos@dc8e9ed4a feat: bond interfaces from kernel cmdline
• talos-systems/talos@947c77b60 docs: update cilium inline install
• talos-systems/talos@654472005 chore: update talos-systems modules to released version
• talos-systems/talos@77158a61f chore: rename v0.15 to v1.0
• talos-systems/talos@22a4d6b3e feat: update containerd to 1.6.1
• talos-systems/talos@a50747a64 fix: align list and diskusage command flags with their Linux analogs
• talos-systems/talos@d29e9202f chore: remove iSCSI packages from the rootfs image
• talos-systems/talos@09efa62f6 chore: re-enable kexec and default to UEFI booting in tests
• talos-systems/talos@8975a56eb docs: fix typo in release notes
• talos-systems/talos@61461de63 feat: define resource reservation
• talos-systems/talos@7ddc7f605 feat: support specifying env vars for control plane pods
• talos-systems/talos@7c1924a3a docs: update cilium docs
• talos-systems/talos@7b33ffbd8 chore: update pkgs and extras
• talos-systems/talos@c5992c2bf chore: bump dependencies
• talos-systems/talos@de69ab790 fix: scaleway network config
• talos-systems/talos@f81fb9f7c feat: implement sysfs
• talos-systems/talos@79d9720a3 fix: set route to metaserver for scaleway platform
• talos-systems/talos@eb40b9254 feat: add a way to override kubelet configuration via machine config
• talos-systems/talos@dc2371547 chore: update packet to equinix
• talos-systems/talos@7917b1aca feat: support admission control configuration and Pod Security admission
• talos-systems/talos@45feb72a4 feat: fluent-bit example
• talos-systems/talos@9b0b5501d docs: add katacoda link
• talos-systems/talos@b2bf3117f feat: implement extension services
• talos-systems/talos@063a9e165 test: pre-fetch CLI tools
• talos-systems/talos@d749643e7 feat: download metadata on Scaleway using low source port
• talos-systems/talos@1800b4c70 chore: fix kernel reference errata
• talos-systems/talos@743a03002 chore: bump github.com/mdlayher/arp@latest
• talos-systems/talos@614adf0ff feat: update xfsprogs to 5.14.2, replace LibreSSL with OpenSSL
• talos-systems/talos@28c3b495d docs: updates to troubleshooting doc
• talos-systems/talos@673fe2ebf feat: disable PSP by default for Talos >= 0.15
• talos-systems/talos@4d419a007 feat: store audit logs to disk
• talos-systems/talos@8ef3d85bc chore: bump dependencies
• talos-systems/talos@8a634d564 chore: bump tools, pkgs, extras
• talos-systems/talos@f40b480bd chore: expand Cilium deployment docs
• talos-systems/talos@3ba8eb00d docs: design concepts page
• talos-systems/talos@a5fb271ac feat: enable protectKernelDefaults in kubelet_spec
• talos-systems/talos@b7a1e0431 chore: don't append initrd= to the kernel command line
• talos-systems/talos@4d5cd6653 feat: add new grub parser and descriptive grub menu entries
• talos-systems/talos@6ccfdbaf1 fix: avoid replacing default gRPC codec in machinery
• talos-systems/talos@0fe34b358 feat: update Kubernetes to 1.23.4
• talos-systems/talos@95a564ba2 fix: prefer logical on merging link specs
• talos-systems/talos@8b7091a06 fix: correct vultr interface IP calculation
• talos-systems/talos@5a0fd63c8 fix: determine openstack interface IP correctly
• talos-systems/talos@00ccaf13f feat: update CoreDNS to 1.9.0
• talos-systems/talos@a9a47b755 feat: update containerd to 1.6.0
• talos-systems/talos@961067e8b docs: update getting-started.md
• talos-systems/talos@bddd53fc4 chore: bump dependencies
• talos-systems/talos@f1a93d28f release(v0.15.0-alpha.2): prepare release
• talos-systems/talos@1e9f0ad4c feat: update Go to 1.17.7, Linux to 5.15.23
• talos-systems/talos@fef99892d chore: pin kubernetes version to talosctl gen config
• talos-systems/talos@bcf928134 feat: udev extensions support
• talos-systems/talos@47619f832 docs: update system extensions guide with grammar fixes
• talos-systems/talos@2bcceb6e4 chore: disable TIPC and B.A.T.M.A.N
• talos-systems/talos@c6bca1b33 docs: add guide on system extensions
• talos-systems/talos@492b156da feat: implement static pods via machine configuration
• talos-systems/talos@6fadfa8db fix: parse properly IPv6 address in the cmdline ip= arg
• talos-systems/talos@d991f3982 chore: update the kernel with IGC driver enabled
• talos-systems/talos@cbc9610be feat: sysctl system optimization
• talos-systems/talos@8b6d6220d fix: parse interface ip correctly (nocloud)
• talos-systems/talos@54632b1be docs: fix developing Talos docs
• talos-systems/talos@0da370dfe test: unlock CABPT/CACPPT provider versions
• talos-systems/talos@df0e388a4 feat: extract firmware part of system extensions into initramfs
• talos-systems/talos@8899dd349 chore: add json-tags for SecretsBundle
• talos-systems/talos@4f391cd5c chore: bump kernel to 5.15.22
• talos-systems/talos@6bd07406e feat: disable reboots via kexec
• talos-systems/talos@1e3f2f952 fix: validate kubelet node IP subnets correctly
• talos-systems/talos@d211bff47 feat: enable accept_ra when IPv6 forwarding
• talos-systems/talos@930205831 chore: update kernel to 5.15.21
• talos-systems/talos@c7186ed08 chore: bump dependencies
• talos-systems/talos@9ee470f95 feat: set /etc/localtime to UTC
• talos-systems/talos@c34768367 fix: disable auto-tls for etcd
• talos-systems/talos@9bffc7e8d fix: pass proper sequence to shutdown sequence on ACPI shutdown
• talos-systems/talos@e47387e41 chore: bump CAPI to 1.0.4
• talos-systems/talos@5462f5ed1 feat: update etcd to 3.5.2
• talos-systems/talos@f6fa12e53 docs: update upgrading Talos, Kubernetes, and Docker guides
• talos-systems/talos@5484579c1 feat: allow link scope routes in the machine config
• talos-systems/talos@56b83b087 feat: enable persistence for docker provider
• talos-systems/talos@949464e4b fix: use leaf certificate in the apid RBAC check
• talos-systems/talos@446972f21 chore: bump kernel to 5.15.19
• talos-systems/talos@fe40e7b1b feat: drain node on shutdown
• talos-systems/talos@7f0b3aae0 feat: add multiple config patches, patches from files, YAML support
• talos-systems/talos@202290be7 docs: update Kubernetes upgrade video
• talos-systems/talos@036644f7a chore: bump kernel to 5.15.18
• talos-systems/talos@dcde2c4f6 chore: update k8s upgrade message
• talos-systems/talos@1c949335c docs: add documentation for Hyper-V
• talos-systems/talos@7f9790912 fix: clean up containerd state on installer run/validate
• talos-systems/talos@8b98d8eb3 docs: clarify Filebeat example
• talos-systems/talos@74c03120c docs: replace Talos upgrades video
• talos-systems/talos@65e64d425 chore: update kernel to stable 5.15.17
• talos-systems/talos@4245f72d3 feat: add --extra-uefi-search-paths option
• talos-systems/talos@7ffeb6c2e docs: update oracle cloud example
• talos-systems/talos@151c9df09 chore: add CSI tests for e2e-qemu
• talos-systems/talos@cdb621c82 feat: provide a way to list installed system extensions
• talos-systems/talos@abfb25812 feat: share /lib/firmware across initramfs and rootfs
• talos-systems/talos@ebec5d4a0 feat: support full disk path in the diskSelector
• talos-systems/talos@831f65a07 fix: close client provider instead of Talos client in the upgrade module
• talos-systems/talos@0bf161dff test: add integration test for system extensions
• talos-systems/talos@7b3962745 fix: handle 404 errors from AWS IMDS correctly
• talos-systems/talos@85782faa2 feat: update Kubernetes to 1.23.3
• talos-systems/talos@c5e5922e5 chore: bump dependencies
• talos-systems/talos@b3c3ef29b feat: install system extensions
• talos-systems/talos@a0889600f chore: fix golangci-lint install
• talos-systems/talos@a50c42980 fix: use #!/usr/bin/env bash as shebang instead of #!/bin/bash
• talos-systems/talos@4464b725c fix: qemu: always use runtime.GOARCH for CNI bundle
• talos-systems/talos@e7379c81b release(v0.15.0-alpha.1): prepare release
• talos-systems/talos@58eb3600f fix: enforce reasonable TLS min tls-min-version
• talos-systems/talos@b8d4c5dfa fix: use correct error in kernel_param_spec Modify call handling
• talos-systems/talos@4961d6867 docs: drop talos.interface kernel arg
• talos-systems/talos@b1e61fa5b chore: update Linux to 5.15.16
• talos-systems/talos@d4b844593 feat: support CRI configuration merging and reimplement registry config
• talos-systems/talos@f94c8c6e1 feat: update Kubernetes to 1.23.2
• talos-systems/talos@21f497b3e feat: install readonly overlay mounts during talos chroot sequence
• talos-systems/talos@9ad5a67d2 feat: inject platform network configuration as network resources
• talos-systems/talos@907f8cbfb docs: fix patch flag
• talos-systems/talos@caa434426 docs: add documentation on developing Talos
• talos-systems/talos@16eeb6776 docs: readme updates
• talos-systems/talos@3c0737027 chore: update release notes
• talos-systems/talos@6d8bea5d5 feat: jetson nano SoC
• talos-systems/talos@1d8955ebe feat: update CoreDNS to 1.8.7
• talos-systems/talos@6af83afd5 fix: handle multiple-IP cluster nodes
• talos-systems/talos@43b2d8137 chore: bump dependencies
• talos-systems/talos@529e80f4f docs: update home page and footer
• talos-systems/talos@37630e70c Update twitter link
• talos-systems/talos@af440919b fix: avoid panic in config loading/validation
• talos-systems/talos@4b8e9de59 docs: add guide on adding proprietary kernel modules
• talos-systems/talos@833dc4169 docs: rework vmware assets
• talos-systems/talos@2869b5eea feat: add oraclecloud.com platform support
• talos-systems/talos@f3ec24beb fix: vmware documentation typo
• talos-systems/talos@2f2bdb26a feat: replace flags with --mode in apply, edit and patch commands
• talos-systems/talos@b09be2a69 docs: update index.md and sync across versions
• talos-systems/talos@ca65b918a docs: add nocloud documentation
• talos-systems/talos@59437d6d8 fix: filter down nameservers for docker-based cluster create
• talos-systems/talos@194eaa6f2 chore: clean up /usr/bin from unneeded files
• talos-systems/talos@74e727240 docs: update office office
• talos-systems/talos@539af338c docs: update vmware docs
• talos-systems/talos@279a3fda7 feat: update Go to 1.17.6, containerd to 1.5.9
• talos-systems/talos@3d3088941 chore: bump Go dependencies
• talos-systems/talos@d02d944ec chore: provide umarshal from YAML methods for network resource specs
• talos-systems/talos@2e735714d fix: derive machine-id from node identity
• talos-systems/talos@d8a2721e1 test: update CAPI components to latest
• talos-systems/talos@7dff8a53e fix: ignore missing init.yaml for cluster create
• talos-systems/talos@f4516c7d8 chore: bump dependencies
• talos-systems/talos@944f13221 chore: fix release pipeline
• talos-systems/talos@cb548a368 release(v0.15.0-alpha.0): prepare release
• talos-systems/talos@da0b36e61 feat: introduce talos.exp.wipe kernel param to wipe system disk
• talos-systems/talos@c079eb32b refactor: use AWS SDK to access AWS metadata service
• talos-systems/talos@2f4b9d8d6 feat: make machine configuration read-only in Talos (almost)
• talos-systems/talos@524f83d3d feat: use official Go SDK to fetch GCP instance metadata
• talos-systems/talos@d2a7e082c test: retry in discovery tests
• talos-systems/talos@f4219e530 chore: remove unused methods in AWS platform
• talos-systems/talos@35bc2940e fix: kexec on RPI4
• talos-systems/talos@f235cfbae fix: multiple usability fixes
• talos-systems/talos@b3fbb2f31 test: don't build all images in the default CI pipeline
• talos-systems/talos@dac550a50 docs: fix troubleshooting guide
• talos-systems/talos@83e8bec6b feat: update Linux to 5.15.11
• talos-systems/talos@d5a82b37e feat: remove ApplyDynamicConfig
• talos-systems/talos@3623da136 feat: provide a way to load Linux kernel modules
• talos-systems/talos@4d1514add docs: update Mayastor deployment process
• talos-systems/talos@cff1ff6d5 feat: shell completion for list, read
• talos-systems/talos@19728437e feat: output IPs when etcd needs to be bootstrapped
• talos-systems/talos@c297d66a1 test: attempt number on two on proper retries in CLI time tests
• talos-systems/talos@dc299da9e docs: add arm64 option to talosctl download
• talos-systems/talos@f49f40a33 fix: pass path to conformance retrieve results
• talos-systems/talos@942c8074f docs: fork docs for 0.15
• talos-systems/talos@880a7782c docs: update documentation for 0.14.0 release
• talos-systems/talos@dc9a0cfe9 chore: bump Go dependencies
• talos-systems/talos@773496935 fix: config apply immediate
• talos-systems/talos@17c147488 test: retry talosctl time call in the tests
• talos-systems/talos@acf1ac0f1 feat: show human-readable aliases in talosctl get rd
• talos-systems/talos@5532867b0 refactor: rewrite the implementation of Processes API
• talos-systems/talos@80350861a feat: update Kubernetes to 1.23.1
• talos-systems/talos@4c96e936e docs: add cilium guide
• talos-systems/talos@e3f2acb5e refactor: rewrite the check for unknown keys in the machine configuration
• talos-systems/talos@4175396a8 refactor: use update go-blockdevice library with allocation fixes
• talos-systems/talos@b58f567a1 refactor: optimize Runtime config interface to avoid config marshaling
• talos-systems/talos@bb355c9ab chore: remove govalidator library
• talos-systems/talos@3af56bd2e test: update capi templates to v1beta1
• talos-systems/talos@936b4c4ce fix: update DHCP library with the panic fix
• talos-systems/talos@ab42886bf fix: allow kubelet to be started via the API
• talos-systems/talos@ec641f729 fix: use default time servers in time API if none are configured
• talos-systems/talos@79f213eec fix: cleanup affiliates
• talos-systems/talos@2dd0b5b68 chore: update Go to 1.17.5
• talos-systems/talos@97ffa7a64 feat: upgrade kubelet version in talosctl upgrade-k8s
• talos-systems/talos@5bc5123eb docs: document ip= kernel argument
• talos-systems/talos@8e1d0bfb5 feat: update Kubernetes to 1.23.0

Changes since v1.0.0-beta.1

• talos-systems/talos@d31fed839 release(v1.0.0-beta.2): prepare release
• talos-systems/talos@4a2e65a74 feat: pause the boot process on some failures instead of rebooting
• talos-systems/talos@b6d71d49e fix: ignore connection reset errors on k8s upgrade
• talos-systems/talos@4557d01b0 feat: allow hardlinks in the system extension images
• talos-systems/talos@5bfc16cfe fix: ignore pod CIDRs for kubelet node IPs
• talos-systems/talos@cb97369e5 fix: split regular network operation configuration and virtual IP
• talos-systems/talos@cb61e5953 fix: ignore terminated pods in pod health checks
• talos-systems/talos@974f02e2d feat: update Kubernetes to 1.23.5
• talos-systems/talos@426921a6b fix: invert the condition to skip kubelet kernel checks
• talos-systems/talos@a60575984 feat: relax extensions file structure validation
• talos-systems/talos@eb16019eb fix: refresh etcd certs on startup/join
• talos-systems/talos@11e435a69 chore: add dependency images-essential -> images
• talos-systems/talos@4f142cc4e feat: implement D-Bus systemd-compatible shutdown for kubelet
• talos-systems/talos@3345cde26 chore: bump kernel to 5.15.28

Changes from talos-systems/crypto

• talos-systems/crypto@510b0d2 chore: add json tags
• talos-systems/crypto@6fa2d93 fix: deepcopy nil fields as nil

Changes from talos-systems/extras

• talos-systems/extras@4a6ff33 chore: reproducible builds, use pkgs base
• talos-systems/extras@9238bc7 feat: bump pkgs for CNI 1.1.0 update
• talos-systems/extras@2d9d430 chore: bump tools
• talos-systems/extras@8f607fc chore: bump to Go 1.17.7
• talos-systems/extras@7c1f3cc feat: update Go to 1.17.6
• talos-systems/extras@495a5b2 feat: update Go to 1.17.5

Changes from talos-systems/go-blockdevice

• talos-systems/go-blockdevice@7b9de26 feat: read symlink fullpath in block device list function
• talos-systems/go-blockdevice@6928ee4 refactor: rewrite GPT serialize/deserialize functions
• talos-systems/go-blockdevice@0c7e429 refactor: simplify middle endian functions

Changes from talos-systems/net

• talos-systems/net@409926a fix: parse correctly some IPv6 CIDRs

Changes from talos-systems/pkgs

• talos-systems/pkgs@cd86ab5 chore: bump kernel to 5.15.28
• talos-systems/pkgs@5f97726 chore: reproducible builds
• talos-systems/pkgs@325439e feat: update containerd to 1.6.1
• talos-systems/pkgs@1b0a12e chore: bump kernel to 5.15.26
• talos-systems/pkgs@9d61f59 feat: update CNI plugins to v1.1.0
• talos-systems/pkgs@b3aae71 chore: enable Adaptec RAID controllers
• talos-systems/pkgs@0c6e9e6 chore: bump kenrel to 5.15.25
• talos-systems/pkgs@679b49d chore: disable Remote NDIS
• talos-systems/pkgs@8f03136 feat: replace LibreSSL with OpenSSL
• talos-systems/pkgs@0a3b5e3 feat: upgrade xfsprogs to the latest version
• talos-systems/pkgs@3af05f6 chore: bump tools
• talos-systems/pkgs@b32ccd1 chore: bump kernel to 5.15.24
• talos-systems/pkgs@aafafb5 feat: update containerd to 1.6.0
• talos-systems/pkgs@6019223 chore: bump kernel to 5.15.23
• talos-systems/pkgs@ff4b2d8 chore: bump tools for Go 1.17.7
• talos-systems/pkgs@e34f883 chore: disable TIPC and B.A.T.M.A.N
• talos-systems/pkgs@2b8cd88 feat: add Intel Ethernet Controller I225-V driver
• talos-systems/pkgs@407459d feat: enable zstd squashfs compression and firmware (xz) compression
• talos-systems/pkgs@81a4b1c chore: bump kernel to 5.15.22
• talos-systems/pkgs@c9a6415 chore: bump kernel to 5.15.21
• talos-systems/pkgs@90dcd00 chore: bump kernel to 5.15.19
• talos-systems/pkgs@d457b87 chore: bump kernel to 5.15.18
• talos-systems/pkgs@dd69678 chore: disable ATA-over-Ethernet driver for arm64
• talos-systems/pkgs@388ce13 chore: bump kernel to 5.15.17
• talos-systems/pkgs@c14eb99 feat: update Linux to 5.15.16
• talos-systems/pkgs@5d4d8d6 feat: bump containerd to 1.6.0-rc.0, runc to 1.1.0
• talos-systems/pkgs@5dd08a7 feat: jetson nano SoC
• talos-systems/pkgs@402b960 chore: bump u-boot to 2022.01
• talos-systems/pkgs@6ce1a40 feat: update Go to 1.17.6
• talos-systems/pkgs@08f2519 feat: update containerd to 1.5.9
• talos-systems/pkgs@fbb5c5c feat: add qlcnic drivers to kernel
• talos-systems/pkgs@0505e01 chore: fix =m kernel build options
• talos-systems/pkgs@54aa902 feat: enable amdgpu in kernel
• talos-systems/pkgs@2779c3f fix: kexec on rpi4
• talos-systems/pkgs@950361f feat: update Linux to 5.15.11
• talos-systems/pkgs@ad611bc feat: provide build instructions for NVIDIA kernel module
• talos-systems/pkgs@b22723d feat: update iPXE to the latest available version
• talos-systems/pkgs@a675c67 feat: update Go to 1.17.5

Changes from talos-systems/tools

• talos-systems/tools@4c77d96 chore: update golang to 1.17.8
• talos-systems/tools@2d4771e chore: reproducible builds
• talos-systems/tools@8197edb chore: bump expat to 2.4.5
• talos-systems/tools@74e3a95 feat: add meson
• talos-systems/tools@4c9e7a4 chore: bump go to 1.17.7
• talos-systems/tools@d33b4b6 feat: support zstd compression
• talos-systems/tools@67314b1 feat: update Go to 1.17.6
• talos-systems/tools@9c2b9df feat: update Go to 1.17.5

Dependency Changes

• cloud.google.com/go/compute v1.5.0 new
• github.com/BurntSushi/toml v0.4.1 -> v1.0.0
• github.com/aws/aws-sdk-go v1.43.8 new
• github.com/containerd/cgroups v1.0.2 -> 2e502f6b9e43
• github.com/containerd/containerd v1.5.8 -> v1.6.1
• github.com/containernetworking/plugins v1.0.1 -> v1.1.0
• github.com/docker/distribution v2.7.1 -> v2.8.0
• github.com/docker/docker v20.10.11 -> v20.10.12
• github.com/godbus/dbus/v5 v5.0.6 new
• github.com/google/go-cmp v0.5.6 -> v0.5.7
• github.com/google/nftables 16a134723a96 -> 211824995dcb
• github.com/hashicorp/go-cleanhttp v0.5.2 new
• github.com/hashicorp/go-getter v1.5.9 -> v1.5.11
• github.com/hashicorp/go-version v1.4.0 new
• github.com/insomniacslk/dhcp 5297eed8f489 -> 3c283ff8b7dd
• github.com/jsimonetti/rtnetlink fd9a11f42291 -> v1.1.0
• github.com/jxskiss/base62 v1.0.0 -> v1.1.0
• github.com/mdlayher/arp f72070a231fc -> c37aaafac7f9
• github.com/mdlayher/ethtool 288d040e9d60 -> 856bd6cb8a38
• github.com/mdlayher/genetlink v1.0.0 -> v1.2.0
• github.com/mdlayher/netlink v1.4.2 -> v1.6.0
• github.com/opencontainers/image-spec v1.0.2 new
• github.com/packethost/packngo v0.20.0 -> v0.22.0
• github.com/pelletier/go-toml v1.9.4 new
• github.com/pmorjan/kmod v1.0.0 new
• github.com/rivo/tview 2a6de950f73b -> 96063d6082f3
• github.com/scaleway/scaleway-sdk-go v1.0.0-beta.7 -> v1.0.0-beta.9
• github.com/spf13/cobra v1.2.1 -> v1.3.0
• github.com/talos-systems/crypto v0.3.4 -> v0.3.5
• github.com/talos-systems/extras v0.7.0-1-gd6b73a7 -> v1.0.0
• github.com/talos-systems/go-blockdevice v0.2.5 -> v0.3.0
• github.com/talos-systems/net v0.3.1 -> v0.3.2
• github.com/talos-systems/pkgs v0.9.0-1-g7a3419a -> v1.0.0-1-gcd86ab5
• github.com/talos-systems/tools v0.9.0-1-gb1146f9 -> v1.0.0-1-g4c77d96
• github.com/u-root/u-root v7.0.0 -> v0.8.0
• github.com/vishvananda/netlink f5de75959ad5 -> 650dca95af54
• github.com/vmware-tanzu/sonobuoy v0.55.1 -> v0.56.2
• github.com/vmware/govmomi v0.27.2 -> v0.27.4
• go.etcd.io/etcd/api/v3 v3.5.1 -> v3.5.2
• go.etcd.io/etcd/client/pkg/v3 v3.5.1 -> v3.5.2
• go.etcd.io/etcd/client/v3 v3.5.1 -> v3.5.2
• go.etcd.io/etcd/etcdutl/v3 v3.5.1 -> v3.5.2
• go.uber.org/zap v1.19.1 -> v1.21.0
• golang.org/x/net 491a49abca63 -> 27dd8689420f
• golang.org/x/sys 97ca703d548d -> 4e6760a101f9
• golang.org/x/time f0f3c7e86c11 -> 0e9765cccd65
• golang.zx2c4.com/wireguard/wgctrl dd7407c86d22 -> fde48d68ee68
• google.golang.org/grpc v1.42.0 -> v1.44.0
• k8s.io/api v0.23.1 -> v0.23.5
• k8s.io/apimachinery v0.23.1 -> v0.23.5
• k8s.io/apiserver v0.23.5 new
• k8s.io/client-go v0.23.1 -> v0.23.5
• k8s.io/component-base v0.23.1 -> v0.23.5
• k8s.io/cri-api v0.23.1 -> v0.23.5
• k8s.io/kubectl v0.23.1 -> v0.23.5
• k8s.io/kubelet v0.23.1 -> v0.23.5
• kernel.org/pub/linux/libs/security/libcap/cap v1.2.61 -> v1.2.63

Previous release can be found at v0.14.0

Images

quay.io/coreos/flannel:v0.15.1
ghcr.io/talos-systems/install-cni:v1.0.0
docker.io/coredns/coredns:1.9.0
gcr.io/etcd-development/etcd:v3.5.2
k8s.gcr.io/kube-apiserver:v1.23.5
k8s.gcr.io/kube-controller-manager:v1.23.5
k8s.gcr.io/kube-scheduler:v1.23.5
k8s.gcr.io/kube-proxy:v1.23.5
ghcr.io/talos-systems/kubelet:v1.23.5
ghcr.io/talos-systems/installer:v1.0.0-beta.2
k8s.gcr.io/pause:3.2

Talos 1.0.0-beta.1 (2022-03-14)

Welcome to the v1.0.0-beta.1 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at
https://github.com/talos-systems/talos/issues.

Admission Plugin Configuration

Talos now supports Kubernetes API server admission plugin configuration via the .cluster.apiServer.admissonControl machine configuration field.

This configuration can be used to enable Pod Security Admission plugin and
define cluster-wide default Pod Security Standards.

Apply Config Enhancements

talosctl apply/patch/edit cli commands got revamped.
Separate flags --on-reboot, --immediate, --interactive were replaced
with a single --mode flag that can take the following values:

• auto new mode that automatically applies the configuration in immediate/reboot mode.
• no-reboot force apply immediately, if not possible, then fail.
• reboot force reboot with apply config.
• staged write new machine configuration to STATE, but don't apply it (it will be applied after a reboot).
• interactive starts interactive installer, only for apply.

API Server Audit Logs

kube-apiserver is now configured to store its audit logs separately from the kube-apiserver standard logs and directly to file.
The kube-apiserver will maintain the rotation and retirement of these logs, which are stored in /var/log/audit/.
Previously, the audit logs were sent to kube-apiserver's stdout, along with the rest of its logs, to be collected in the usual manner by Kubernetes.

Equinix Metal Platform

talos.platform for Equinix Metal is renamed from packet to equinixMetal, the older name is still supported for backwards compatibility.

Extension Services

Talos now provides a way to extend set of system services Talos runs with extension services.
Extension services should be included in the Talos root filesystem (e.g. via system extensions).

Pinned Kubernetes Version

Command talosctl gen config now defaults to Kubernetes version pinning in the generate machine configuration.
Previously default was to omit explicit Kubernetes version, so Talos picked up the default version it was built against.
Old behavior can be achieved by specifiying empty flag value: --kubernetes-version=.

Kernel Parameters

Talos now supports setting bond interface from Kernel cmdline using the bond= option.
Reference: https://man7.org/linux/man-pages/man7/dracut.cmdline.7.html

Kubelet

Kubelet configuration can now be overridden with the .machine.kubelet.extraConfig machine configuration field.
As most of the kubelet command line arguments are being depreacted, it is recommended to migrate to extraConfig
instead of using extraArgs.

A number of conformance tweaks have been made to the kubelet to allow it to run without
protectKernelDefaults.
This includes both kubelet configuration options and sysctls.
Of particular note is that Talos now sets the kernel.panic reboot interval to 10s instead of 1s.
If your kubelet fails to start after the upgrade, please check the kubelet logs to determine the problem.

Machine Configuration

Talos now preserves machine configuration as it was submitted to the node.

Machine Configuration Patching

talosctl commands which accept JSON patches (gen config, cluster create, patch machineconfig) now support multiple patches, loading patches
from files with @file.json syntax, and support loading from YAML format.

Platform Support

Talos now supports Oracle Cloud.

Platform network configuration was rewritten to avoid modifying Talos machine configuration.
Network configuration is performed independent of the machine configuration presence, so it works
even if Talos is booted in maintenance mode (without machine configuration is platform userdata).

Pod Security Policy

Pod Security Policy Kubernetes feature is deprecated and is going to be removed in Kubernetes 1.25.
Talos by default skips setting up PSP now (see machine configuration .cluster.apiServer.disablePodSecurityPolicy).

SBC Support

Talos now supports Jetson Nano SBC.

Static Pods in the Machine Configuration

Talos now accepts static pod definitions in the .machine.pods key of the machine configuration.
Please note that static pod definitions are not validated by Talos.
Static pod definitions can be updated without a node reboot.

Sysfs Kernel Parameters

Talos now supports setting sysfs kernel parameters (/sys/...).
Use machine configuration field .machine.sysfs to set sysfs kernel parameters.

System Extensions

System extensions allow extending Talos root filesystem, which enables a set of different features, including custom
container runtimes, additional firmware, etc.

System extensions are only activated during Talos installation (or upgrade), and with system extensions installed, Talos
root filesystem is still immutable and read-only.

Please see extensions repository and documentation for more information.

Component Updates

• Linux: 5.15.26
• Kubernetes: 1.23.4
• CoreDNS: 1.9.0
• etcd: 3.5.2
• containerd: 1.6.1
• runc: 1.1.0

Talos is built with Go 1.17.8

Wipe System Kernel Parameter

Added new kernel parameter talos.experimental.wipe=system which can help resetting system disk for the machine
and start over with a fresh installation.
See Resetting a Machine on how to use it.

Contributors

• Andrey Smirnov
• Noel Georgi
• Serge Logvinov
• Seán C McCord
• Artem Chernyshev
• Spencer Smith
• Steve Francis
• Florian Klink
• Andrew Rynhard
• Anthony Rabbito
• Bernard Sébastien
• Charlie Haley
• Eric Wohltman
• Jori Huisman
• Matt Layher
• Niklas Metje
• Philipp Sauter
• Shahar Naveh
• Tim Jones
• Utku Ozdemir
• nebulait

Changes

• talos-systems/talos@602e049d9 release(v1.0.0-beta.1): prepare release
• talos-systems/talos@06647da34 chore: fix equinixMetal platform name
• talos-systems/talos@7e31e7d8f feat: bump boot partition size to 1000 MiB
• talos-systems/talos@83d7aebe1 fix: check for IPv6 before applying accept_ra
• talos-systems/talos@d785204aa chore: disable one commit per PR
• talos-systems/talos@f7ad1b982 release(v1.0.0-beta.0): prepare release
• talos-systems/talos@0aa23cb32 feat: update pkgs to 1.0 versions, Go 1.17.8
• talos-systems/talos@dc8e9ed4a feat: bond interfaces from kernel cmdline
• talos-systems/talos@947c77b60 docs: update cilium inline install
• talos-systems/talos@654472005 chore: update talos-systems modules to released version
• talos-systems/talos@77158a61f chore: rename v0.15 to v1.0
• talos-systems/talos@22a4d6b3e feat: update containerd to 1.6.1
• talos-systems/talos@a50747a64 fix: align list and diskusage command flags with their Linux analogs
• talos-systems/talos@d29e9202f chore: remove iSCSI packages from the rootfs image
• talos-systems/talos@09efa62f6 chore: re-enable kexec and default to UEFI booting in tests
• talos-systems/talos@8975a56eb docs: fix typo in release notes
• talos-systems/talos@61461de63 feat: define resource reservation
• talos-systems/talos@7ddc7f605 feat: support specifying env vars for control plane pods
• talos-systems/talos@7c1924a3a docs: update cilium docs
• talos-systems/talos@7b33ffbd8 chore: update pkgs and extras
• talos-systems/talos@c5992c2bf chore: bump dependencies
• talos-systems/talos@de69ab790 fix: scaleway network config
• talos-systems/talos@f81fb9f7c feat: implement sysfs
• talos-systems/talos@79d9720a3 fix: set route to metaserver for scaleway platform
• talos-systems/talos@eb40b9254 feat: add a way to override kubelet configuration via machine config
• talos-systems/talos@dc2371547 chore: update packet to equinix
• talos-systems/talos@7917b1aca feat: support admission control configuration and Pod Security admission
• talos-systems/talos@45feb72a4 feat: fluent-bit example
• talos-systems/talos@9b0b5501d docs: add katacoda link
• talos-systems/talos@b2bf3117f feat: implement extension services
• talos-systems/talos@063a9e165 test: pre-fetch CLI tools
• talos-systems/talos@d749643e7 feat: download metadata on Scaleway using low source port
• talos-systems/talos@1800b4c70 chore: fix kernel reference errata
• talos-systems/talos@743a03002 chore: bump github.com/mdlayher/arp@latest
• talos-systems/talos@614adf0ff feat: update xfsprogs to 5.14.2, replace LibreSSL with OpenSSL
• talos-systems/talos@28c3b495d docs: updates to troubleshooting doc
• talos-systems/talos@673fe2ebf feat: disable PSP by default for Talos >= 0.15
• talos-systems/talos@4d419a007 feat: store audit logs to disk
• talos-systems/talos@8ef3d85bc chore: bump dependencies
• talos-systems/talos@8a634d564 chore: bump tools, pkgs, extras
• talos-systems/talos@f40b480bd chore: expand Cilium deployment docs
• talos-systems/talos@3ba8eb00d docs: design concepts page
• talos-systems/talos@a5fb271ac feat: enable protectKernelDefaults in kubelet_spec
• talos-systems/talos@b7a1e0431 chore: don't append initrd= to the kernel command line
• talos-systems/talos@4d5cd6653 feat: add new grub parser and descriptive grub menu entries
• talos-systems/talos@6ccfdbaf1 fix: avoid replacing default gRPC codec in machinery
• talos-systems/talos@0fe34b358 feat: update Kubernetes to 1.23.4
• talos-systems/talos@95a564ba2 fix: prefer logical on merging link specs
• talos-systems/talos@8b7091a06 fix: correct vultr interface IP calculation
• talos-systems/talos@5a0fd63c8 fix: determine openstack interface IP correctly
• talos-systems/talos@00ccaf13f feat: update CoreDNS to 1.9.0
• talos-systems/talos@a9a47b755 feat: update containerd to 1.6.0
• talos-systems/talos@961067e8b docs: update getting-started.md
• talos-systems/talos@bddd53fc4 chore: bump dependencies
• talos-systems/talos@f1a93d28f release(v0.15.0-alpha.2): prepare release
• talos-systems/talos@1e9f0ad4c feat: update Go to 1.17.7, Linux to 5.15.23
• talos-systems/talos@fef99892d chore: pin kubernetes version to talosctl gen config
• talos-systems/talos@bcf928134 feat: udev extensions support
• talos-systems/talos@47619f832 docs: update system extensions guide with grammar fixes
• talos-systems/talos@2bcceb6e4 chore: disable TIPC and B.A.T.M.A.N
• talos-systems/talos@c6bca1b33 docs: add guide on system extensions
• talos-systems/talos@492b156da feat: implement static pods via machine configuration
• talos-systems/talos@6fadfa8db fix: parse properly IPv6 address in the cmdline ip= arg
• talos-systems/talos@d991f3982 chore: update the kernel with IGC driver enabled
• talos-systems/talos@cbc9610be feat: sysctl system optimization
• talos-systems/talos@8b6d6220d fix: parse interface ip correctly (nocloud)
• talos-systems/talos@54632b1be docs: fix developing Talos docs
• talos-systems/talos@0da370dfe test: unlock CABPT/CACPPT provider versions
• talos-systems/talos@df0e388a4 feat: extract firmware part of system extensions into initramfs
• talos-systems/talos@8899dd349 chore: add json-tags for SecretsBundle
• talos-systems/talos@4f391cd5c chore: bump kernel to 5.15.22
• talos-systems/talos@6bd07406e feat: disable reboots via kexec
• talos-systems/talos@1e3f2f952 fix: validate kubelet node IP subnets correctly
• talos-systems/talos@d211bff47 feat: enable accept_ra when IPv6 forwarding
• talos-systems/talos@930205831 chore: update kernel to 5.15.21
• talos-systems/talos@c7186ed08 chore: bump dependencies
• talos-systems/talos@9ee470f95 feat: set /etc/localtime to UTC
• talos-systems/talos@c34768367 fix: disable auto-tls for etcd
• talos-systems/talos@9bffc7e8d fix: pass proper sequence to shutdown sequence on ACPI shutdown
• talos-systems/talos@e47387e41 chore: bump CAPI to 1.0.4
• talos-systems/talos@5462f5ed1 feat: update etcd to 3.5.2
• talos-systems/talos@f6fa12e53 docs: update upgrading Talos, Kubernetes, and Docker guides
• talos-systems/talos@5484579c1 feat: allow link scope routes in the machine config
• talos-systems/talos@56b83b087 feat: enable persistence for docker provider
• talos-systems/talos@949464e4b fix: use leaf certificate in the apid RBAC check
• talos-systems/talos@446972f21 chore: bump kernel to 5.15.19
• talos-systems/talos@fe40e7b1b feat: drain node on shutdown
• talos-systems/talos@7f0b3aae0 feat: add multiple config patches, patches from files, YAML support
• talos-systems/talos@202290be7 docs: update Kubernetes upgrade video
• talos-systems/talos@036644f7a chore: bump kernel to 5.15.18
• talos-systems/talos@dcde2c4f6 chore: update k8s upgrade message
• talos-systems/talos@1c949335c docs: add documentation for Hyper-V
• talos-systems/talos@7f9790912 fix: clean up containerd state on installer run/validate
• talos-systems/talos@8b98d8eb3 docs: clarify Filebeat example
• talos-systems/talos@74c03120c docs: replace Talos upgrades video
• talos-systems/talos@65e64d425 chore: update kernel to stable 5.15.17
• talos-systems/talos@4245f72d3 feat: add --extra-uefi-search-paths option
• talos-systems/talos@7ffeb6c2e docs: update oracle cloud example
• talos-systems/talos@151c9df09 chore: add CSI tests for e2e-qemu
• talos-systems/talos@cdb621c82 feat: provide a way to list installed system extensions
• talos-systems/talos@abfb25812 feat: share /lib/firmware across initramfs and rootfs
• talos-systems/talos@ebec5d4a0 feat: support full disk path in the diskSelector
• talos-systems/talos@831f65a07 fix: close client provider instead of Talos client in the upgrade module
• talos-systems/talos@0bf161dff test: add integration test for system extensions
• talos-systems/talos@7b3962745 fix: handle 404 errors from AWS IMDS correctly
• talos-systems/talos@85782faa2 feat: update Kubernetes to 1.23.3
• talos-systems/talos@c5e5922e5 chore: bump dependencies
• talos-systems/talos@b3c3ef29b feat: install system extensions
• talos-systems/talos@a0889600f chore: fix golangci-lint install
• talos-systems/talos@a50c42980 fix: use #!/usr/bin/env bash as shebang instead of #!/bin/bash
• talos-systems/talos@4464b725c fix: qemu: always use runtime.GOARCH for CNI bundle
• talos-systems/talos@e7379c81b release(v0.15.0-alpha.1): prepare release
• talos-systems/talos@58eb3600f fix: enforce reasonable TLS min tls-min-version
• talos-systems/talos@b8d4c5dfa fix: use correct error in kernel_param_spec Modify call handling
• talos-systems/talos@4961d6867 docs: drop talos.interface kernel arg
• talos-systems/talos@b1e61fa5b chore: update Linux to 5.15.16
• talos-systems/talos@d4b844593 feat: support CRI configuration merging and reimplement registry config
• talos-systems/talos@f94c8c6e1 feat: update Kubernetes to 1.23.2
• talos-systems/talos@21f497b3e feat: install readonly overlay mounts during talos chroot sequence
• talos-systems/talos@9ad5a67d2 feat: inject platform network configuration as network resources
• talos-systems/talos@907f8cbfb docs: fix patch flag
• talos-systems/talos@caa434426 docs: add documentation on developing Talos
• talos-systems/talos@16eeb6776 docs: readme updates
• talos-systems/talos@3c0737027 chore: update release notes
• talos-systems/talos@6d8bea5d5 feat: jetson nano SoC
• talos-systems/talos@1d8955ebe feat: update CoreDNS to 1.8.7
• talos-systems/talos@6af83afd5 fix: handle multiple-IP cluster nodes
• talos-systems/talos@43b2d8137 chore: bump dependencies
• talos-systems/talos@529e80f4f docs: update home page and footer
• talos-systems/talos@37630e70c Update twitter link
• talos-systems/talos@af440919b fix: avoid panic in config loading/validation
• talos-systems/talos@4b8e9de59 docs: add guide on adding proprietary kernel modules
• talos-systems/talos@833dc4169 docs: rework vmware assets
• talos-systems/talos@2869b5eea feat: add oraclecloud.com platform support
• talos-systems/talos@f3ec24beb fix: vmware documentation typo
• talos-systems/talos@2f2bdb26a feat: replace flags with --mode in apply, edit and patch commands
• talos-systems/talos@b09be2a69 docs: update index.md and sync across versions
• talos-systems/talos@ca65b918a docs: add nocloud documentation
• talos-systems/talos@59437d6d8 fix: filter down nameservers for docker-based cluster create
• talos-systems/talos@194eaa6f2 chore: clean up /usr/bin from unneeded files
• talos-systems/talos@74e727240 docs: update office office
• talos-systems/talos@539af338c docs: update vmware docs
• talos-systems/talos@279a3fda7 feat: update Go to 1.17.6, containerd to 1.5.9
• talos-systems/talos@3d3088941 chore: bump Go dependencies
• talos-systems/talos@d02d944ec chore: provide umarshal from YAML methods for network resource specs
• talos-systems/talos@2e735714d fix: derive machine-id from node identity
• talos-systems/talos@d8a2721e1 test: update CAPI components to latest
• talos-systems/talos@7dff8a53e fix: ignore missing init.yaml for cluster create
• talos-systems/talos@f4516c7d8 chore: bump dependencies
• talos-systems/talos@944f13221 chore: fix release pipeline
• talos-systems/talos@cb548a368 release(v0.15.0-alpha.0): prepare release
• talos-systems/talos@da0b36e61 feat: introduce talos.exp.wipe kernel param to wipe system disk
• talos-systems/talos@c079eb32b refactor: use AWS SDK to access AWS metadata service
• talos-systems/talos@2f4b9d8d6 feat: make machine configuration read-only in Talos (almost)
• talos-systems/talos@524f83d3d feat: use official Go SDK to fetch GCP instance metadata
• talos-systems/talos@d2a7e082c test: retry in discovery tests
• talos-systems/talos@f4219e530 chore: remove unused methods in AWS platform
• talos-systems/talos@35bc2940e fix: kexec on RPI4
• talos-systems/talos@f235cfbae fix: multiple usability fixes
• talos-systems/talos@b3fbb2f31 test: don't build all images in the default CI pipeline
• talos-systems/talos@dac550a50 docs: fix troubleshooting guide
• talos-systems/talos@83e8bec6b feat: update Linux to 5.15.11
• talos-systems/talos@d5a82b37e feat: remove ApplyDynamicConfig
• talos-systems/talos@3623da136 feat: provide a way to load Linux kernel modules
• talos-systems/talos@4d1514add docs: update Mayastor deployment process
• talos-systems/talos@cff1ff6d5 feat: shell completion for list, read
• talos-systems/talos@19728437e feat: output IPs when etcd needs to be bootstrapped
• talos-systems/talos@c297d66a1 test: attempt number on two on proper retries in CLI time tests
• talos-systems/talos@dc299da9e docs: add arm64 option to talosctl download
• talos-systems/talos@f49f40a33 fix: pass path to conformance retrieve results
• talos-systems/talos@942c8074f docs: fork docs for 0.15
• talos-systems/talos@880a7782c docs: update documentation for 0.14.0 release
• talos-systems/talos@dc9a0cfe9 chore: bump Go dependencies
• talos-systems/talos@773496935 fix: config apply immediate
• talos-systems/talos@17c147488 test: retry talosctl time call in the tests
• talos-systems/talos@acf1ac0f1 feat: show human-readable aliases in talosctl get rd
• talos-systems/talos@5532867b0 refactor: rewrite the implementation of Processes API
• talos-systems/talos@80350861a feat: update Kubernetes to 1.23.1
• talos-systems/talos@4c96e936e docs: add cilium guide
• talos-systems/talos@e3f2acb5e refactor: rewrite the check for unknown keys in the machine configuration
• talos-systems/talos@4175396a8 refactor: use update go-blockdevice library with allocation fixes
• talos-systems/talos@b58f567a1 refactor: optimize Runtime config interface to avoid config marshaling
• talos-systems/talos@bb355c9ab chore: remove govalidator library
• talos-systems/talos@3af56bd2e test: update capi templates to v1beta1
• talos-systems/talos@936b4c4ce fix: update DHCP library with the panic fix
• talos-systems/talos@ab42886bf fix: allow kubelet to be started via the API
• talos-systems/talos@ec641f729 fix: use default time servers in time API if none are configured
• talos-systems/talos@79f213eec fix: cleanup affiliates
• talos-systems/talos@2dd0b5b68 chore: update Go to 1.17.5
• talos-systems/talos@97ffa7a64 feat: upgrade kubelet version in talosctl upgrade-k8s
• talos-systems/talos@5bc5123eb docs: document ip= kernel argument
• talos-systems/talos@8e1d0bfb5 feat: update Kubernetes to 1.23.0

Changes since v1.0.0-beta.0

• talos-systems/talos@602e049d9 release(v1.0.0-beta.1): prepare release
• talos-systems/talos@06647da34 chore: fix equinixMetal platform name
• talos-systems/talos@7e31e7d8f feat: bump boot partition size to 1000 MiB
• talos-systems/talos@83d7aebe1 fix: check for IPv6 before applying accept_ra
• talos-systems/talos@d785204aa chore: disable one commit per PR

Changes from talos-systems/crypto

• talos-systems/crypto@510b0d2 chore: add json tags
• talos-systems/crypto@6fa2d93 fix: deepcopy nil fields as nil

Changes from talos-systems/extras

• talos-systems/extras@4a6ff33 chore: reproducible builds, use pkgs base
• talos-systems/extras@9238bc7 feat: bump pkgs for CNI 1.1.0 update
• talos-systems/extras@2d9d430 chore: bump tools
• talos-systems/extras@8f607fc chore: bump to Go 1.17.7
• talos-systems/extras@7c1f3cc feat: update Go to 1.17.6
• talos-systems/extras@495a5b2 feat: update Go to 1.17.5

Changes from talos-systems/go-blockdevice

• talos-systems/go-blockdevice@7b9de26 feat: read symlink fullpath in block device list function
• talos-systems/go-blockdevice@6928ee4 refactor: rewrite GPT serialize/deserialize functions
• talos-systems/go-blockdevice@0c7e429 refactor: simplify middle endian functions

Changes from talos-systems/net

• talos-systems/net@409926a fix: parse correctly some IPv6 CIDRs

Changes from talos-systems/pkgs

• talos-systems/pkgs@5f97726 chore: reproducible builds
• talos-systems/pkgs@325439e feat: update containerd to 1.6.1
• talos-systems/pkgs@1b0a12e chore: bump kernel to 5.15.26
• talos-systems/pkgs@9d61f59 feat: update CNI plugins to v1.1.0
• talos-systems/pkgs@b3aae71 chore: enable Adaptec RAID controllers
• talos-systems/pkgs@0c6e9e6 chore: bump kenrel to 5.15.25
• talos-systems/pkgs@679b49d chore: disable Remote NDIS
• talos-systems/pkgs@8f03136 feat: replace LibreSSL with OpenSSL
• talos-systems/pkgs@0a3b5e3 feat: upgrade xfsprogs to the latest version
• talos-systems/pkgs@3af05f6 chore: bump tools
• talos-systems/pkgs@b32ccd1 chore: bump kernel to 5.15.24
• talos-systems/pkgs@aafafb5 feat: update containerd to 1.6.0
• talos-systems/pkgs@6019223 chore: bump kernel to 5.15.23
• talos-systems/pkgs@ff4b2d8 chore: bump tools for Go 1.17.7
• talos-systems/pkgs@e34f883 chore: disable TIPC and B.A.T.M.A.N
• talos-systems/pkgs@2b8cd88 feat: add Intel Ethernet Controller I225-V driver
• talos-systems/pkgs@407459d feat: enable zstd squashfs compression and firmware (xz) compression
• talos-systems/pkgs@81a4b1c chore: bump kernel to 5.15.22
• talos-systems/pkgs@c9a6415 chore: bump kernel to 5.15.21
• talos-systems/pkgs@90dcd00 chore: bump kernel to 5.15.19
• talos-systems/pkgs@d457b87 chore: bump kernel to 5.15.18
• talos-systems/pkgs@dd69678 chore: disable ATA-over-Ethernet driver for arm64
• talos-systems/pkgs@388ce13 chore: bump kernel to 5.15.17
• talos-systems/pkgs@c14eb99 feat: update Linux to 5.15.16
• talos-systems/pkgs@5d4d8d6 feat: bump containerd to 1.6.0-rc.0, runc to 1.1.0
• talos-systems/pkgs@5dd08a7 feat: jetson nano SoC
• talos-systems/pkgs@402b960 chore: bump u-boot to 2022.01
• talos-systems/pkgs@6ce1a40 feat: update Go to 1.17.6
• talos-systems/pkgs@08f2519 feat: update containerd to 1.5.9
• talos-systems/pkgs@fbb5c5c feat: add qlcnic drivers to kernel
• talos-systems/pkgs@0505e01 chore: fix =m kernel build options
• talos-systems/pkgs@54aa902 feat: enable amdgpu in kernel
• talos-systems/pkgs@2779c3f fix: kexec on rpi4
• talos-systems/pkgs@950361f feat: update Linux to 5.15.11
• talos-systems/pkgs@ad611bc feat: provide build instructions for NVIDIA kernel module
• talos-systems/pkgs@b22723d feat: update iPXE to the latest available version
• talos-systems/pkgs@a675c67 feat: update Go to 1.17.5

Changes from talos-systems/tools

• talos-systems/tools@4c77d96 chore: update golang to 1.17.8
• talos-systems/tools@2d4771e chore: reproducible builds
• talos-systems/tools@8197edb chore: bump expat to 2.4.5
• talos-systems/tools@74e3a95 feat: add meson
• talos-systems/tools@4c9e7a4 chore: bump go to 1.17.7
• talos-systems/tools@d33b4b6 feat: support zstd compression
• talos-systems/tools@67314b1 feat: update Go to 1.17.6
• talos-systems/tools@9c2b9df feat: update Go to 1.17.5

Dependency Changes

• cloud.google.com/go/compute v1.5.0 new
• github.com/BurntSushi/toml v0.4.1 -> v1.0.0
• github.com/aws/aws-sdk-go v1.43.8 new
• github.com/containerd/cgroups v1.0.2 -> 2e502f6b9e43
• github.com/containerd/containerd v1.5.8 -> v1.6.1
• github.com/containernetworking/plugins v1.0.1 -> v1.1.0
• github.com/docker/distribution v2.7.1 -> v2.8.0
• github.com/docker/docker v20.10.11 -> v20.10.12
• github.com/google/go-cmp v0.5.6 -> v0.5.7
• github.com/google/nftables 16a134723a96 -> 211824995dcb
• github.com/hashicorp/go-cleanhttp v0.5.2 new
• github.com/hashicorp/go-getter v1.5.9 -> v1.5.11
• github.com/hashicorp/go-version v1.4.0 new
• github.com/insomniacslk/dhcp 5297eed8f489 -> 3c283ff8b7dd
• github.com/jsimonetti/rtnetlink fd9a11f42291 -> v1.1.0
• github.com/jxskiss/base62 v1.0.0 -> v1.1.0
• github.com/mdlayher/arp f72070a231fc -> c37aaafac7f9
• github.com/mdlayher/ethtool 288d040e9d60 -> 856bd6cb8a38
• github.com/mdlayher/genetlink v1.0.0 -> v1.2.0
• github.com/mdlayher/netlink v1.4.2 -> v1.6.0
• github.com/opencontainers/image-spec v1.0.2 new
• github.com/packethost/packngo v0.20.0 -> v0.22.0
• github.com/pelletier/go-toml v1.9.4 new
• github.com/pmorjan/kmod v1.0.0 new
• github.com/rivo/tview 2a6de950f73b -> 96063d6082f3
• github.com/scaleway/scaleway-sdk-go v1.0.0-beta.7 -> v1.0.0-beta.9
• github.com/spf13/cobra v1.2.1 -> v1.3.0
• github.com/talos-systems/crypto v0.3.4 -> v0.3.5
• github.com/talos-systems/extras v0.7.0-1-gd6b73a7 -> v1.0.0
• github.com/talos-systems/go-blockdevice v0.2.5 -> v0.3.0
• github.com/talos-systems/net v0.3.1 -> v0.3.2
• github.com/talos-systems/pkgs v0.9.0-1-g7a3419a -> v1.0.0
• github.com/talos-systems/tools v0.9.0-1-gb1146f9 -> v1.0.0-1-g4c77d96
• github.com/u-root/u-root v7.0.0 -> v0.8.0
• github.com/vishvananda/netlink f5de75959ad5 -> 650dca95af54
• github.com/vmware-tanzu/sonobuoy v0.55.1 -> v0.56.2
• github.com/vmware/govmomi v0.27.2 -> v0.27.4
• go.etcd.io/etcd/api/v3 v3.5.1 -> v3.5.2
• go.etcd.io/etcd/client/pkg/v3 v3.5.1 -> v3.5.2
• go.etcd.io/etcd/client/v3 v3.5.1 -> v3.5.2
• go.etcd.io/etcd/etcdutl/v3 v3.5.1 -> v3.5.2
• go.uber.org/zap v1.19.1 -> v1.21.0
• golang.org/x/net 491a49abca63 -> 27dd8689420f
• golang.org/x/sys 97ca703d548d -> 4e6760a101f9
• golang.org/x/time f0f3c7e86c11 -> 0e9765cccd65
• golang.zx2c4.com/wireguard/wgctrl dd7407c86d22 -> fde48d68ee68
• google.golang.org/grpc v1.42.0 -> v1.44.0
• k8s.io/api v0.23.1 -> v0.23.4
• k8s.io/apimachinery v0.23.1 -> v0.23.4
• k8s.io/apiserver v0.23.4 new
• k8s.io/client-go v0.23.1 -> v0.23.4
• k8s.io/component-base v0.23.1 -> v0.23.4
• k8s.io/cri-api v0.23.1 -> v0.23.4
• k8s.io/kubectl v0.23.1 -> v0.23.4
• k8s.io/kubelet v0.23.1 -> v0.23.4
• kernel.org/pub/linux/libs/security/libcap/cap v1.2.61 -> v1.2.63

Previous release can be found at v0.14.0

Images

quay.io/coreos/flannel:v0.15.1
ghcr.io/talos-systems/install-cni:v1.0.0
docker.io/coredns/coredns:1.9.0
gcr.io/etcd-development/etcd:v3.5.2
k8s.gcr.io/kube-apiserver:v1.23.4
k8s.gcr.io/kube-controller-manager:v1.23.4
k8s.gcr.io/kube-scheduler:v1.23.4
k8s.gcr.io/kube-proxy:v1.23.4
ghcr.io/talos-systems/kubelet:v1.23.4
ghcr.io/talos-systems/installer:v1.0.0-beta.1
k8s.gcr.io/pause:3.2