A `server` USE flag avoids including that binary. The client tools now
include etcdutl for performing defragmentation and snapshot restoration
on local data.
We previously built etcdctl with `CGO_ENABLED=0`, apparently for
consistency when cross-compiling, but we have since fixed that.
Gentoo's package is not currently stabilised for arm64, as I have only
just added that keyword while bumping to the latest release. The latest
stable release is a little old, but still much newer than ours.
Closes: https://github.com/flatcar/Flatcar/issues/1932
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
Setting an absolute list was preventing newer options from being
enabled, leading to this scary error message from newer clients.
$ ssh flatcar
Warning: Permanently added '[127.0.0.1]:2222' (ED25519) to the list of known hosts.
** WARNING: connection is not using a post-quantum key exchange algorithm.
** This session may be vulnerable to "store now, decrypt later" attacks.
** The server may need to be upgraded. See https://openssh.com/pq.html
Last login: Wed Oct 15 10:05:46 UTC 2025 from 10.0.2.2 on pts/0
Flatcar Container Linux by Kinvolk beta 4426.1.0 for QEMU
After going through each of the options, the only ones we were adding
above the current 10.2p1 defaults were the diffie-hellman-group KEX
algorithms. These were dropped upstream in 2024 because they are slower
while providing no benefit over other options. The continued presence of
ecdh-sha2-nistp256 ensures compatibility with default clients at least
as far back as 2016.
I think we should just continue to follow the upstream defaults unless
some significant client breakage is reported. They're usually quite
forgiving.
The order of these is significant, and our order did differ from
upstream's slightly, but I trust their order over ours.
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
Patches were reordered a bit, e.g. combining the
"mod-add-flatcar-ignition-0.36.2" and "sum-go-mod-tidy" patches and
moving "config-v3_6-convert-ignition-2.x-to-3.x" before
"vendor-go-mod-vendor" (so that the dependencies added by the former are
vendored in the latter).
Built and tested with the yet-unpublished UpCloud OEM.
Signed-off-by: Mara Sophie Grosch <mara.grosch@upcloud.com>
These were present in containerd, incus, and overlaybd.
Also restore SLSA to the podman sysext as we normally include this.
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
The Fusion MPT SCSI storage drivers were missing from the new minimal
initrd because they are not together with the other storage driver
modules but live in their own "message/fusion/" folder.
Add the "message/fusion/" folder to the initrd modules so that we can
load the disk. Dependencies will be resolved by dracut-install as
needed.
Fixes https://github.com/flatcar/Flatcar/issues/1924
Signed-off-by: Kai Lueke <kailuke@microsoft.com>
