mirror of
https://github.com/siderolabs/talos.git
synced 2025-08-15 11:07:03 +02:00
docs: add highlights for 0.9 release
This describes high-level new features in Talos 0.9. Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This commit is contained in:
Andrey Smirnov
talos-bot
parent
ae8bedb9a0
commit
11056a8034
51
website/content/docs/v0.9/Introduction/what-is-new.md
Normal file
51
website/content/docs/v0.9/Introduction/what-is-new.md
Normal file
@ -0,0 +1,51 @@
|
||||
---
|
||||
title: What's New in Talos 0.9
|
||||
weight: 5
|
||||
---
|
||||
|
||||
## Control Plane as Static Pods
|
||||
|
||||
Talos now runs Kubernetes control plane as static pods managed via machine configuration.
|
||||
This change makes bootstrap process much more stable and resilient to failures.
|
||||
For single control plane node clusters it eliminates bugs with control plane being unavailable after a reboot.
|
||||
As control plane configuration is managed via Talos API, even if control plane configuration was wrong and
|
||||
API server is not available, change can be rolled back using `talosctl` to bring the control plane back up.
|
||||
When upgrading from Talos 0.8, control plane can be [converted](../Guides/converting-control-plane/) to run as static pods.
|
||||
|
||||
## ECDSA Certificates and Keys for Kubernetes
|
||||
|
||||
Talos now generates uses ECDSA keys for Kubernetes and etcd PKI.
|
||||
ECDSA keys are much smaller and all PKI operations are much faster (for example, generating certificate from the CA) which
|
||||
leads to much faster bootstrap and boot times.
|
||||
|
||||
## Immediate Machine Configuration Updates
|
||||
|
||||
Changes to `.cluster` part of Talos machine configuration can now be applied immediately (without a reboot).
|
||||
This allows for example updating versions of control plane components, adding additional arguments or modifying bootstrap manifests.
|
||||
Future versions of Talos will expand on that to allow most of the machine configuration to be applied without a reboot.
|
||||
|
||||
## Disk Encryption
|
||||
|
||||
Talos now supports encryption for `STATE` and `EPHEMERAL` partitions of the system disk.
|
||||
`STATE` partition holds machine configuration and `EPHEMERAL` partition is mounted as `/var` which stores container runtime
|
||||
state, configuration files laid on top of Talos read-only immutable root filesystem.
|
||||
Encryption key in Talos 0.9 is derived from the Node UUID which is unique machine identifier provided by the manufacturer.
|
||||
Disk encryption is not enabled by default, it needs to be [enabled](../Guides/disk-encryption/) via machine configuration.
|
||||
|
||||
## Virtual IP for the Control Plane Endpoint
|
||||
|
||||
Talos adds support for Virtual L2 shared IP for the control plane: control plane nodes make sure only one of the nodes
|
||||
adverties shared IP via ARP.
|
||||
If one of the control plane nodes goes down, another node takes over shared IP.
|
||||
|
||||
## Updated Components
|
||||
|
||||
Linux: 5.10.1 -> 5.10.19
|
||||
|
||||
Kubernetes: 1.20.1 -> 1.20.4
|
||||
|
||||
CoreDNS: 1.7.0 -> 1.8.0
|
||||
|
||||
etcd: 3.4.14 -> 3.4.15
|
||||
|
||||
containerd: 1.4.3 -> 1.4.4
|
||||
Loading…
Reference in New Issue
Block a user