Release v1.7.1 · nberlee/talos

Talos 1.7.1 (2024-05-05)

Welcome to the v1.7.1 release of Talos for the Turing RK1!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

[Documentation on What's New in Talos 1.7.0

CA Rotation

Talos Linux now supports rotating the root CA certificate and key for Talos API and Kubernetes API.

Device Selectors

Talos Linux now supports physical: true qualifier for device selectors, it selects non-virtual network interfaces (i.e. en0 is selected, while bond0 is not).

DNS Caching

Talos Linux now provides a caching DNS resolver for host workloads (including host networking pods). It can be disabled with:

machine:
  features:
    hostDNS:
      enabled: false

You can also enable dns caching for k8s pods with:

machine:
  features:
    hostDNS:
      enabled: true
      forwardKubeDNSToHost: true

Please note that on running cluster you will have to kill CoreDNS pods for this change to apply.

If you want to can also enable the resolving of member addresses through their host and node names:

machine:
  features:
    hostDNS:
      enabled: true
      resolveMemberNames: true

Extension Services Config

Talos now supports supplying configuration files and environment variables for extension services.
The extension service configuration is a separate config document. An example is shown below:

---
apiVersion: v1alpha1
kind: ExtensionServiceConfig
name: nut-client
configFiles:
  - content: MONITOR ${upsmonHost} 1 remote pass password
    mountPath: /usr/local/etc/nut/upsmon.conf
environment:
  - UPS_NAME=ups

For documentation, see Extension Services Config Files.

Note: The use of environmentFile in extension service spec is now deprecated and will be removed in a future release of Talos.
Use ExtensionServiceConfig instead.

IPTables

Talos Linux now forces kubelet and kube-proxy to use iptables-nft instead of iptables-legacy (xtables) which was the default
before Talos 1.7.0.

Container images based on iptables-wrapper should work without changes, but if there was a direct call to legacy mode of iptables, make sure
to update to use iptables-nft.

Kubernetes Upgrade

The command talosctl upgrade-k8s now supports specifying custom image references for Kubernetes components via --*-image flags.
The default behavior is unchanged, and the flags are optional.

KubeSpan

Talos Linux disables by default a KubeSpan feature to harvest additional endpoints from KubeSpan members.
This feature turned out to be less helpful than expected and caused unnecessary performance issues.

Previous behavior can be restored with:

machine:
  network:
    kubespan:
        harvestExtraEndpoints: true

Logging

Talos Linux now supports setting extra tags when sending logs in JSON format:

machine:
  logging:
    destinations:
      - endpoint: "udp://127.0.0.1:12345/"
        format: "json_lines"
        extraTags:
          server: s03-rack07

Time Sync

Default NTP server was updated to be time.cloudflare.com instead of pool.ntp.org.
Default server is only used if the user does not specify any NTP servers in the configuration.

Talos Linux can now sync to PTP devices (e.g. provided by the hypervisor) skipping the network time servers.
In order to activate PTP sync, set machine.time.servers to the PTP device name (e.g. /dev/ptp0):

machine:
  time:
    servers:
      - /dev/ptp0

OpenNebula

Talos Linux now supports OpenNebula platform.

Platforms

Talos Linux now supports Akamai Connected Cloud provider (platform akamai).

Kubernetes API Server Service Account Key

Talos Linux starting from this release uses RSA key for Kubernetes API Server Service Account instead of ECDSA key to provide better compatibility with external OpenID Connect implementations.

SBC

Talos has split the SBC's (Single Board Computers) into separate repositories.
There will not be any more SBC specific release assets as part of Talos release.

The default Talos Installer image will stop working for SBC's and will fail the upgrade, if used, starting from Talos v1.7.0.

The SBC's images and installers can be generated ~~on the fly using Image Factory or~~ using Imager for custom images, please use ghcr.io/nberlee/imager.
~~The list of official SBC's images supported by Image Factory can be found in the Overlays repository.~~

The Turing RK1 SBC-overlay can be found in this repo. The v1.7.1-rk3588 installer tag comes by default with the SBC overlay.

Secure Boot Image

Talos Linux now provides a way to configure systemd-boot ISO 'secure-boot-enroll' option while generating a SecureBoot ISO image:

output:
    kind: iso
    isoOptions:
        sdBootEnrollKeys: force # default is still if-safe
    outFormat: raw

Syslog

Talos Linux now starts a basic syslog receiver listening on /dev/log.
The receiver can mostly parse both RFC3164 and RFC5424 messages and writes them as JSON formatted message.
The logs can be viewed via talosctl logs syslogd.

This is mostly implemented for extension services that log to syslog.

UBSAN Cilium Kernel patch

Talos 1.7 includes UBSAN, which leads to dmesg warnings when Cilium initiates due to an array out-of-bound issue. This fork incorporates a fix from kernel-next upstream to address this problem.

Component Updates

Linux: 6.6.29
containerd: 1.7.16
etcd: 3.5.11
Kubernetes: 1.30.0
runc: 1.1.12
Flannel: 0.25.1
Turing-RK1: arm-trusted-firmware: 2.10.3
Turing-RK1: Rockchip 3588 DDR binary blob: 1.16

Talos is built with Go 1.22.2.

Hardware Watchdog Timers

Talos Linux now supports hardware watchdog timers configuration.
If enabled, and the machine becomes unresponsive, the hardware watchdog will reset the machine.

The watchdog can be enabled with the following configuration document:

apiVersion: v1alpha1
kind: WatchdogTimerConfig
device: /dev/watchdog0
timeout: 3m0s

Contributors

Andrey Smirnov
Noel Georgi
Dmitriy Matrenichev
Utku Ozdemir
Andrey Smirnov
Artem Chernyshev
Dmitry Sharshakov
Justin Garrison
Radosław Piliszek
Spencer Smith
Anthony ARNAUD
Steve Francis
Anastasios Papagiannis
Andrei Kvapil
Andrian Zubovic
AvnarJakob
Cas de Reuver
Christian Mohn
Christian WALDBILLIG
Dennis Marttinen
Dmitry Sharshakov
Drew Hess
Evan Johnson
ExtraClock
Fabiano Fidêncio
Henno Schooljan
Hervé Werner
JJGadgets
Jacob McSwain
Jean-Tiare Le Bigot
Jonomir
Kai Hanssen
Konrad Eriksson
Louis SCHNEIDER
Matthieu S
Michael Stephenson
Nico Berlee
Niklas Wik
Pip Oomen
Saiyam Pathak
Sebastiaan Gerritsen
Sebastian Gaiser
Serge Logvinov
Tim Jones
bri
ebcrypto
edwinavalos
fazledyn-or
goodmost
james-dreebot
pardomue
shurkys
stereobutter
Igor Rzegocki

Changes

248 commits

siderolabs/talos@70fb41fff release(v1.7.0): prepare release
siderolabs/talos@27e8455d7 chore: update extension filter for xen-guest-agent
siderolabs/talos@3a2612df5 feat: update Linux to 6.6.28
siderolabs/talos@d9760fc9b docs: add what's new for v1.7
siderolabs/talos@83ad8d65c feat: add host dns support for resolving member addrs
siderolabs/talos@24141f078 feat: update Kubernetes to 1.30.0
siderolabs/talos@865239188 chore: update go-blockdevice/v2 library to the latest version
siderolabs/talos@b72f0d7f9 fix: overlay installer operations
siderolabs/talos@81cd2b16e fix: mark overlay installer executable
siderolabs/talos@a690e30ef feat: update Flannel to v0.25.1
siderolabs/talos@fa5c7ee70 fix: close apid inter-backend connections gracefully for real
siderolabs/talos@d821322c7 feat: use container DNS when in container mode
siderolabs/talos@77581447c release(v1.7.0-beta.1): prepare release
siderolabs/talos@1c0a91728 chore: disable max of one commit
siderolabs/talos@50d475b41 feat: update Kubernetes to v1.30.0-rc.2
siderolabs/talos@a5b4a8a91 feat: update Linux 6.6.24, containerd 1.7.15
siderolabs/talos@eea41cdae fix: assign different priority to IPv6 default gateway on OpenStack
siderolabs/talos@d5932a390 chore: optimize DNSResolveCacheController
siderolabs/talos@eca03b03c fix: don't modify a global map of profiles
siderolabs/talos@4da63d1dd test: add a test for 'spin' container runtime
siderolabs/talos@fb84efce3 feat: provide Kubernets/Talos version compatibility for 1.8
siderolabs/talos@7d24ddd73 fix: generate secureboot ISO .der certificate correctly
siderolabs/talos@028a5b4b1 fix: reconnect to the logs stream in dashboard after reboot
siderolabs/talos@5019c9fa7 fix: present all accepted CAs to the kube-apiserver
siderolabs/talos@09ef5b3c9 fix: validate that workers don't get cluster CA key
siderolabs/talos@4f7cb9c3a fix: make static pods check output consistent
siderolabs/talos@dd7d8d3aa fix: close the apid connection to other machines gracefully
siderolabs/talos@41a54e8a0 fix: pre-create nftables chain to make kubelet use nftables
siderolabs/talos@abf302fb5 docs: change localDNS to hostDNS in release notes yaml section
siderolabs/talos@78f971370 release(v1.7.0-beta.0): prepare release
siderolabs/talos@01d8b897c fix: make safeReset truly safe to call multiple times
siderolabs/talos@653f838b0 feat: support multiple Docker cluster in talosctl cluster create
siderolabs/talos@951904554 chore: bump dependencies (go 1.22.2)
siderolabs/talos@862c76001 feat: add support for CoreDNS forwarding to host DNS
siderolabs/talos@e8ae5ef63 feat: add akamai platform support
siderolabs/talos@5c0f74b37 fix: don't announce the VIP on acquire failure
siderolabs/talos@2f0fe10d5 chore: update sbc docs
siderolabs/talos@1b17008e9 fix: handle more OpenStack link types
siderolabs/talos@e7d804140 fix: always update firewall rules (kubespan)
siderolabs/talos@78b9bd927 fix: report unsupported x86_64 microarchitecture level
siderolabs/talos@71d90ba5f fix: retry in the fixed amount of time if grpc relay failed
siderolabs/talos@d320498a4 chore: bump dependencies
siderolabs/talos@3195e5d15 fix: force Flannel CNI to use KubePrism Kubernetes API endpoint
siderolabs/talos@917043fb5 chore: bump tools, pkgs and extra to stable
siderolabs/talos@f515741b5 chore: add equinix e2e-tests
siderolabs/talos@117e60583 feat: add support for static extra fields for JSON logs
siderolabs/talos@090143b03 fix: allow platform cmdline args to be platform-specific
siderolabs/talos@7a68504b6 feat: support rotating Kubernetes CA
siderolabs/talos@fac3dd043 fix: don't set default endpoints on gen config
siderolabs/talos@8dc4910c4 chore: enable "WG over GRPC" testing in siderolink agent tests
siderolabs/talos@bac366e43 chore: add ExtraInfo field for extensions
siderolabs/talos@0fc24eeb0 feat: provide insecure flag to imager
siderolabs/talos@a6b2f5456 feat: update Kubernetes to 1.30.0-rc.0, etcd to 3.5.13
siderolabs/talos@0361ff895 docs: quickstart video and brew install
siderolabs/talos@b752a8618 chore: talosctl: add openSUSE OVMF paths
siderolabs/talos@945648914 feat: support hardware watchdog timers
siderolabs/talos@949ad11a2 chore: import siderolink as siderolink-launch subcommand
siderolabs/talos@ee51f04af chore: azure e2e
siderolabs/talos@55dd41c0d chore: update coredns to v1.11.2 in required section
siderolabs/talos@8eacc4ba8 feat: support rotation of Talos API CA
siderolabs/talos@92808e3bc feat: report Docker node resources in cluster show
siderolabs/talos@84ec8c16f feat: support syncing to PTP clocks
siderolabs/talos@7d43c9aa6 chore: annotate installer errors
siderolabs/talos@f737e6495 fix: populate routes to BGP neighbors (Equinix Metal)
siderolabs/talos@19f15a840 chore: bump golangci-lint to 1.57.0
siderolabs/talos@684011963 docs: add docs for overlays
siderolabs/talos@9b6ec5929 chore: bump kernel
siderolabs/talos@69f0466cd docs: remove repetitive words
siderolabs/talos@113fb646e chore: use go-talos-support library
siderolabs/talos@89fc68b45 fix: service lifecycle issues
siderolabs/talos@ead37abf0 test: disable volume tests
siderolabs/talos@c64523a7a feat: update Flannel to v0.24.4
siderolabs/talos@15beb1478 feat: implement blockdevice watch controller
siderolabs/talos@06e3bc0cb feat: implement Siderolink wireguard over GRPC
siderolabs/talos@9afa70baf fix: patch correctly config in talosctl upgrade-k8s
siderolabs/talos@3130caf95 chore: re-enable DRBD extension
siderolabs/talos@3ba180d07 release(v1.7.0-alpha.1): prepare release
siderolabs/talos@403ad93c3 feat: update dependencies
siderolabs/talos@7376f34e8 fix: remove maintenance config when maintenance service is shut down
siderolabs/talos@952801d8b fix: handle overlay partition options
siderolabs/talos@465b9a4e6 fix: update discovery client with the fix for keepalive interval
siderolabs/talos@1e9f866ac feat: update Kubernetes to v1.30.0-beta.0
siderolabs/talos@d118a852b feat: implement Install for imager overlays
siderolabs/talos@cd5a5a447 chore: migrate to go-grpc-middleware/v2
siderolabs/talos@e3c2a6398 feat: set default NTP server to time.cloudflare.com
siderolabs/talos@32e087760 chore: print all available logs containers in logs command completions
siderolabs/talos@e89d755c5 fix: etcd config validation for worker
siderolabs/talos@1aa3c9182 docs: add DreeBot to ADOPTERS.md
siderolabs/talos@1bb6027cc fix: fix nil panic on maintenance upgrade with partial config
siderolabs/talos@aa70bfb9d docs: add Redpill Linpro to adopters list
siderolabs/talos@f02aeec92 fix: do not fail cluster create when input dir does not contain talosconfig
siderolabs/talos@1ec6683e0 chore: use go-copy
siderolabs/talos@3c8f51d70 chore: move cli formatters and version modules to machinery
siderolabs/talos@8152a6dd6 feat: update Go to 1.22.1
siderolabs/talos@8c7953991 docs: update replicated-local-storage-with-openebs-jiva.md
siderolabs/talos@f23bd8144 fix: syslog parser
siderolabs/talos@bbed07e03 feat: update Linux to 6.6.18
siderolabs/talos@8125e754b feat: imager overlay
siderolabs/talos@0b9b4da12 feat: update Kubernetes to 1.30.0-alpha.3
siderolabs/talos@3a764029e docs: fix typo in word governor
siderolabs/talos@d81d49000 chore: update CoreDNS renovate source
siderolabs/talos@b2ad5dc5f fix: workaround a race in CNI setup (talosctl cluster create)
siderolabs/talos@457507803 fix: provide auth when pulling images in the imager
siderolabs/talos@e707175ab docs: update config patch in cilium docs
siderolabs/talos@f8c556a1c chore: listen for dns requests on 127.0.0.53
siderolabs/talos@8872a7a21 fix: ignore 'no such device' in addition to 'no such file'
siderolabs/talos@1cb544353 chore: uki der certs in iso
siderolabs/talos@67ac6933d fix: handle errors to watch apid/trustd certs
siderolabs/talos@c79d69c2e fix: only set gateway if set in context (opennebula)
siderolabs/talos@4575dd8e7 chore: allow not preallocated disks for QEMU cluster
siderolabs/talos@0bddfea81 chore: add oceanbox.io to adopters
siderolabs/talos@136427592 chore: use proper talos_version_contract for TF tests
siderolabs/talos@6bf50fdc1 chore: disable x/net/trace in gRPC to enable dead code elimination
siderolabs/talos@815a8e9cc feat: add partial config support to talosctl cluster create
siderolabs/talos@64e9703f8 chore: add tests for the Kata Containers extension
siderolabs/talos@9b6291925 feat: update pkgs
siderolabs/talos@66f3ffdd4 fix: ensure that Talos runs in a pod (container)
siderolabs/talos@9dbc33972 feat: add basic syslog implementation
siderolabs/talos@0b7a27e6a feat: allow access to all resources over siderolink in maintenance mode
siderolabs/talos@53721883d feat: support AWS KMS for the SecureBoot signing
siderolabs/talos@7ee999f8a fix: disable KubeSpan endpoint harvesting by default
siderolabs/talos@7b87c7fe9 chore: bump Go dependencies
siderolabs/talos@8e9596d3c docs: rpi talosctl install update
siderolabs/talos@493bb60f8 fix: correctly handle partial configs in DNSUpstreamController
siderolabs/talos@6deb10ae2 chore: deprecate environmentFile for extensions
siderolabs/talos@f8b4ee82a chore: update extensions test
siderolabs/talos@1366ce14a feat: update Kubernetes to v1.30.0-alpha.2
siderolabs/talos@559308ef7 fix: use MachineStatus resource to check for boot done
siderolabs/talos@15e8bca2b feat: support environment in ExtensionServicesConfig
siderolabs/talos@3fe82ec46 feat: custom image settings for k8s upgrade
siderolabs/talos@fa3b93370 chore: replace fmt.Errorf with errors.New where possible
siderolabs/talos@d4521ee9c feat: update kernel with sfc driver and LSM updates
siderolabs/talos@2f0421b40 fix: run xfs_repair on invalid argument error
siderolabs/talos@f868fb8e8 docs: update vmware tools url
siderolabs/talos@fa2d34dd8 chore: enable v6 support on the same port
siderolabs/talos@83e0b0c19 chore: adjust dns sockets settings
siderolabs/talos@a1ec1705b chore: update Go to 1.22.0
siderolabs/talos@76b50fcd4 chore: add Ænix to the Adopters list
siderolabs/talos@5324d3916 chore: bump stuff
siderolabs/talos@087b50f42 feat: support systemd-boot ISO enroll keys option
siderolabs/talos@afa71d6b0 chore: use "handle-like" resource in DNSResolveCacheController
siderolabs/talos@013e13070 fix: error with decoding config document with wrong apiVersion
siderolabs/talos@1e77bb1c3 chore: allow custom pkgs to build talos
siderolabs/talos@3f8a85f1b fix: unlock the upgrade mutex properly
siderolabs/talos@61c3331b1 docs: update indentation in vip.md
siderolabs/talos@383e528df chore: allow uuid-based hostnames in talosctl cluster create
siderolabs/talos@1e6c8c4de feat: extensions services config
siderolabs/talos@989ca3ade feat: add OpenNebula platform support
siderolabs/talos@914f88778 docs: update nocloud.md Proxmox information
siderolabs/talos@a04cc8015 fix: pass TTL when generating client certificate
siderolabs/talos@3fe8c12ca fix: add log line about controller runtime failing
siderolabs/talos@ddbabc7e5 fix: use a separate cgroup for each extension service
siderolabs/talos@6ccdd2c09 chore: fix markdown-lint call
siderolabs/talos@4184e617a chore: add test for wasmedge runtime extension
siderolabs/talos@95ea3a6c6 chore: bump timeout in acquire tests
siderolabs/talos@c19a505d8 chore: bump docker dind image
siderolabs/talos@d7d4154d5 chore: remove channel blocking in qemu launch
siderolabs/talos@029d7f7b9 release(v1.7.0-alpha.0): prepare release
siderolabs/talos@2ff81c06b feat: update runc 1.1.12, containerd 1.7.13
siderolabs/talos@9d8cd4d05 chore: drop deprecated method EtcdRemoveMember
siderolabs/talos@17567f19b fix: take into account the moment seen when cleaning up CRI images
siderolabs/talos@aa03204b8 docs: document the process of building custom kernel packages
siderolabs/talos@7af48bd55 feat: use RSA key for kube-apiserver service account key
siderolabs/talos@a5e13c696 fix: retry blockdevice open in the installer
siderolabs/talos@593afeea3 fix: run the interactive installer loop to report errors
siderolabs/talos@87be76b87 fix: be more tolerant to error handling in Mounts API
siderolabs/talos@03add7503 docs: add section on using imager with extensions from tarball
siderolabs/talos@ee0fb5eff docs: consolidate certificate management articles
siderolabs/talos@9c14dea20 chore: bump coredns
siderolabs/talos@ebeef2852 feat: implement local caching dns server
siderolabs/talos@4a3691a27 docs: fix broken links in metal-network-configuration.md
siderolabs/talos@c4ed189a6 docs: provide sane defaults for each release series in vmware script
siderolabs/talos@8138d54c6 docs: clarify node taints/labels for worker nodes
siderolabs/talos@b44551ccd feat: update Linux to 6.6.13
siderolabs/talos@385707c5f docs: update vmware.sh
siderolabs/talos@d1a79b845 docs: fix small typo in etcd maintenance guide
siderolabs/talos@cf0603330 docs: copy generated JSON schema to host
siderolabs/talos@f11139c22 docs: document local path provisioner install
siderolabs/talos@e0dfbb8fb fix: allow META encoded values to be compressed
siderolabs/talos@d677901b6 feat: implement device selector for 'physical'
siderolabs/talos@7d1117289 docs: add missing talosconfig flag
siderolabs/talos@8a1732bcb fix: pull in mptspi driver
siderolabs/talos@c1e45071f refactor: use etcd configuration from the EtcdSpec resource
siderolabs/talos@4e9b688d3 fix: use correct TTL for talosconfig in talosctl config new
siderolabs/talos@fb5ad0555 feat: update Kubernetes default to 1.29.1
siderolabs/talos@fe24139f3 docs: fork docs for v1.7
siderolabs/talos@1c2d10ccc chore: bump dependencies
siderolabs/talos@a599e3867 chore: allow custom registry to build installer/imager
siderolabs/talos@3911ddf7b docs: add how-to for cert management
siderolabs/talos@b0ee0bfba fix: strategic patch merging for audit policy
siderolabs/talos@474eccdc4 fix: watch bufer overrun for RouteStatus
siderolabs/talos@cc06b5d7a fix: fix .der output in talosctl gen secureboot
siderolabs/talos@1dbb4abf4 fix: update discovery service client to v0.1.6
siderolabs/talos@9782319c3 fix: support KubePrism settings in Kubernetes Discovery
siderolabs/talos@6c5a0c281 feat: generate a single JSON schema for multidoc config
siderolabs/talos@f70b47ddd fix: force KubePrism to connect using IPv4
siderolabs/talos@d5321e085 fix: update kmsg with utf-8 fix
siderolabs/talos@7fa7362dd fix: fix nodes on dashboard footer when node names are used in --nodes
siderolabs/talos@ba88678f1 fix: merge ports and ingress configs correctly in NetworkRuleConfig
siderolabs/talos@dea9bda2d fix: disk UUID & WWID always empty in talosctl disks
siderolabs/talos@8dc112f36 chore: pull in NBD modules
siderolabs/talos@f6926faab fix: default priority for ipv6
siderolabs/talos@e8758dcba chore: support http downloads for assets in talosctl cluster create
siderolabs/talos@265f21be0 fix: replace the filemap implementation to not buffer in memory
siderolabs/talos@8db3c5b3c fix: pick correctly base installer image layers
siderolabs/talos@0a30ef784 fix: imager should support different Talos versions
siderolabs/talos@d6342cda5 docs: update latest version to v1.6.1
siderolabs/talos@e6e422b92 chore: bump dependencies
siderolabs/talos@5a19d078a fix: properly overwrite files on install
siderolabs/talos@9eb6cea78 docs: secureboot sd-boot menu clarification
siderolabs/talos@01f0cbe61 feat: support iPXE direct booting in talosctl cluster create
siderolabs/talos@3ba84701d feat: pull in kernel modules for mlx Infiniband and VFIO
siderolabs/talos@ba993e0ed docs: announce that SecureBoot is available
siderolabs/talos@241bc9312 fix: update the way secureboot signer fetches certificate (azure)
siderolabs/talos@59b62398f chore: modernize machined/pkg/controllers/k8s
siderolabs/talos@760f793d5 fix: use correct prefix when installing SBC files
siderolabs/talos@0b94550c4 chore: fix the gvisor test
siderolabs/talos@3a787c1d6 docs: update 1.6 docs with Noel's feedback
siderolabs/talos@d803e40ef docs: provide documentation for Talos 1.6
siderolabs/talos@9a185a30f feat: update Kubernetes to v1.29.0
siderolabs/talos@5934815d2 chore: split more kernel modules on amd64
siderolabs/talos@10c59a6b9 fix: leave discovery service later in the reset sequence
siderolabs/talos@0c86ca1cc chore: enable kubespan+firewall for cilium tests
siderolabs/talos@98fd722d5 feat: provide compatibility for future Talos 1.7
siderolabs/talos@131a1b167 fix: add a KubeSpan option to disable extra endpoint harvesting
siderolabs/talos@4547ad9af feat: send actor id to the SideroLink events sink
siderolabs/talos@04e774547 docs: cap max heading level
siderolabs/talos@6bb1e99aa chore: optimize pcap dump
siderolabs/talos@4f9d3b975 feat: update Kubernetes to v1.29.0-rc.2
siderolabs/talos@46121c9fe docs: rework machine config documentation generation
siderolabs/talos@e128d3c82 fix: talosctl cluster create not to enforce kubeprism always
siderolabs/talos@320064c5a feat: update Go 1.21.5, Linux 6.1.65, etcd 3.5.11
siderolabs/talos@270604bea fix: support user disks via symlinks
siderolabs/talos@4f195dd27 chore: fix the release.toml
siderolabs/talos@474fa0480 fix: store and execute desired action on emergency action
siderolabs/talos@515ae2a18 docs: extend hetzner-cloud docs for arm64
siderolabs/talos@eecc4dbd5 fix: trim leading spaces\newlines in inline manifest contents
siderolabs/talos@dbf274ddf fix: skip writing the file if the contents haven't changed
siderolabs/talos@6329222bd fix: do not panic in merge.Merge if map value is nil
siderolabs/talos@e9cb904e6 release(v1.7.1): prepare release
siderolabs/talos@5614934c4 feat: update Linux to 6.6.29
siderolabs/talos@1d9705af8 chore: update minimum hardware requirement for vmware ova
siderolabs/talos@22e5753c3 test: improve DNS resolver test stability
siderolabs/talos@498b68193 test: improve the reset integration tests
siderolabs/talos@50023bc4e fix: wait for devices to be discovered before probing filesystems
siderolabs/talos@41024e17a fix: bump priority of OpenStack routes if IPv6 and default gateway
siderolabs/talos@bd41fee8c fix: add endpoints for "virtual" host-dns service
siderolabs/talos@2db54c779 fix: return proper value from Bridge.STP instead of plain nil

Changes from siderolabs/pkgs

3 commits

siderolabs/pkgs@76bd73c feat: update Linux to 6.6.29
siderolabs/pkgs@6d1f537 feat: update containerd to 1.7.16
siderolabs/pkgs@bedd1de feat(intel): add support for power management and ACPI options for Intel CPUs

Dependency Changes

github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0 -> v1.11.1
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 -> v1.5.1
github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azcertificates v1.0.0 -> v1.1.0
github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.0.1 -> v1.1.0
github.com/alexflint/go-filemutex v1.3.0 new
github.com/aws/aws-sdk-go-v2/config v1.25.6 -> v1.27.10
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.5 -> v1.16.1
github.com/aws/aws-sdk-go-v2/service/kms v1.30.1 new
github.com/aws/smithy-go v1.17.0 -> v1.20.2
github.com/beevik/ntp v1.3.0 -> v1.3.1
github.com/cenkalti/backoff/v4 v4.2.1 -> v4.3.0
github.com/containerd/cgroups/v3 v3.0.2 -> v3.0.3
github.com/containernetworking/plugins v1.3.0 -> v1.4.1
github.com/coredns/coredns v1.11.2 new
github.com/cosi-project/runtime v0.3.19 -> v0.4.1
github.com/distribution/reference v0.5.0 -> v0.6.0
github.com/docker/docker v24.0.7 -> v26.0.0
github.com/docker/go-connections v0.4.0 -> v0.5.0
github.com/foxboron/go-uefi 18b9ba9cd4c3 -> 48be911532c2
github.com/gdamore/tcell/v2 v2.6.0 -> v2.7.4
github.com/google/go-containerregistry v0.16.1 -> v0.19.1
github.com/google/go-tpm v0.9.0 -> ee6cbcd136f8
github.com/google/nftables v0.1.0 -> v0.2.0
github.com/google/uuid v1.4.0 -> v1.6.0
github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.1.0 new
github.com/hetznercloud/hcloud-go/v2 v2.4.0 -> v2.7.0
github.com/insomniacslk/dhcp b0416c0f187a -> c728f5dd21c8
github.com/jeromer/syslogparser v1.1.0 new
github.com/jsimonetti/rtnetlink v1.4.0 -> v1.4.1
github.com/klauspost/cpuid/v2 v2.2.7 new
github.com/linode/go-metadata v0.2.0 new
github.com/mdlayher/kobject 19ca17470d7d new
github.com/miekg/dns v1.1.58 new
github.com/opencontainers/image-spec v1.1.0-rc4 -> v1.1.0
github.com/opencontainers/runtime-spec v1.1.0-rc.1 -> v1.2.0
github.com/packethost/packngo v0.30.0 -> v0.31.0
github.com/pmorjan/kmod v1.1.0 -> v1.1.1
github.com/prometheus/procfs v0.12.0 -> v0.13.0
github.com/rivo/tview 33a1d271f2b6 -> a22293bda944
github.com/scaleway/scaleway-sdk-go v1.0.0-beta.21 -> v1.0.0-beta.25
github.com/siderolabs/crypto v0.4.1 -> v0.4.4
github.com/siderolabs/discovery-api v0.1.3 -> v0.1.4
github.com/siderolabs/discovery-client v0.1.5 -> v0.1.8
github.com/siderolabs/extras v1.6.0-1-g113887a -> v1.7.0-1-gbb76755
github.com/siderolabs/gen v0.4.7 -> v0.4.8
github.com/siderolabs/go-api-signature v0.3.2 new
github.com/siderolabs/go-blockdevice/v2 3265299b0192 new
github.com/siderolabs/go-copy v0.1.0 new
github.com/siderolabs/go-debug v0.2.3 -> v0.3.0
github.com/siderolabs/go-kmsg v0.1.3 -> v0.1.4
github.com/siderolabs/go-kubernetes v0.2.8 -> v0.2.9
github.com/siderolabs/go-loadbalancer v0.3.2 -> v0.3.3
github.com/siderolabs/go-talos-support v0.1.0 new
github.com/siderolabs/siderolink v0.3.4 -> v0.3.5
github.com/siderolabs/tools v1.6.0-1-g336d248 -> v1.7.0-1-g10b2a69
github.com/stretchr/testify v1.8.4 -> v1.9.0
github.com/u-root/u-root v0.11.0 -> v0.14.0
github.com/ulikunitz/xz v0.5.11 -> v0.5.12
go.etcd.io/etcd/api/v3 v3.5.11 -> v3.5.13
go.etcd.io/etcd/client/pkg/v3 v3.5.11 -> v3.5.13
go.etcd.io/etcd/client/v3 v3.5.11 -> v3.5.13
go.etcd.io/etcd/etcdutl/v3 v3.5.11 -> v3.5.13
go.uber.org/zap v1.26.0 -> v1.27.0
go4.org/netipx 6213f710f925 -> fdeea329fbba
golang.org/x/net v0.19.0 -> v0.23.0
golang.org/x/oauth2 v0.15.0 -> v0.18.0
golang.org/x/sync v0.5.0 -> v0.6.0
golang.org/x/sys v0.15.0 -> v0.18.0
golang.org/x/term v0.15.0 -> v0.18.0
google.golang.org/grpc v1.59.0 -> v1.62.1
google.golang.org/protobuf v1.31.0 -> v1.33.0
k8s.io/api v0.29.0 -> v0.30.0
k8s.io/apimachinery v0.29.0 -> v0.30.0
k8s.io/apiserver v0.29.0 -> v0.30.0
k8s.io/client-go v0.29.0 -> v0.30.0
k8s.io/component-base v0.29.0 -> v0.30.0
k8s.io/cri-api v0.29.0 -> v0.30.0
k8s.io/klog/v2 v2.110.1 -> v2.120.1
k8s.io/kube-scheduler v0.29.0 -> v0.30.0
k8s.io/kubectl v0.29.0 -> v0.30.0
k8s.io/kubelet v0.29.0 -> v0.30.0
k8s.io/pod-security-admission v0.30.0 new
github.com/containerd/containerd v1.7.14 -> v1.7.16
github.com/siderolabs/pkgs v1.7.0-6-g29106c0 -> v1.7.0-9-g76bd73c
github.com/siderolabs/talos/pkg/machinery v1.7.0 -> v1.7.1

Previous release can be found at v1.6.7

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

v1.7.1