diff --git a/CHANGELOG.md b/CHANGELOG.md index c01fcea3d..d166a6996 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,67 @@ +## [Talos 0.13.1](https://github.com/talos-systems/talos/releases/tag/v0.13.1) (2021-10-25) + +Welcome to the v0.13.1 release of Talos! + + + +Please try out the release binaries and report any issues at +https://github.com/talos-systems/talos/issues. + +### Kexec and capabilities + +When kexec support is disabled Talos no longer drops Linux capabilities (`CAP_SYS_BOOT` and `CAP_SYS_MODULES`) for child processes. +That is helpful for advanced use-cases like Docker-in-Docker. + +If you want to permanently disable kexec and capabilities dropping, pass `kexec_load_disabled=1` argument to the kernel. +For example: + +```yaml +install: + extraKernelArgs: + - kexec_load_disabled=1 +``` + +Please note that capabilities are dropped before machine configuration is loaded, +so disabling kexec via `machine.sysctls` (like in the section `Reboots via kexec`) will not be enough. + + +### Contributors + +* Andrey Smirnov +* Alexey Palazhchenko +* Spencer Smith + +### Changes +
6 commits +

+ +* [`39e9a6ab`](https://github.com/talos-systems/talos/commit/39e9a6ab4184de83d9dbdfe604bf3de9547aac69) test: update GCP e2e script to work with new templates +* [`0a51dcb7`](https://github.com/talos-systems/talos/commit/0a51dcb797651388c9666e903cf6ecf010eb8ae6) test: update vars for AWS cluster +* [`a770bbef`](https://github.com/talos-systems/talos/commit/a770bbef7d74cecff39195176db962e36b0d1cd7) fix: handle skipped mounts correctly +* [`cdf9a5ee`](https://github.com/talos-systems/talos/commit/cdf9a5ee66738f886210ad828fa4e9a3a37e6172) fix: treat literal 'unknown' as a valid machine type +* [`fc35c82f`](https://github.com/talos-systems/talos/commit/fc35c82f69263d6001b448b8360865f003be2b4c) feat: don't drop capabilities if kexec is disabled +* [`4aa98850`](https://github.com/talos-systems/talos/commit/4aa98850778fa6987939cc4b04b9b08b945bee3b) fix: delete expired affiliates from the discovery service +

+
+ +### Changes from talos-systems/discovery-service +
5 commits +

+ +* [`95593b8`](https://github.com/talos-systems/discovery-service/commit/95593b8685b3548d3ba6aa920b129ffc08665467) feat: implement landing page for the discovery service +* [`b579076`](https://github.com/talos-systems/discovery-service/commit/b579076e4ef5d10156975855e6a362e3414db862) fix: update affiliate state correctly when they get deleted +* [`49e53b1`](https://github.com/talos-systems/discovery-service/commit/49e53b1473d98cbfbb83e45554957c73bcd2e12c) fix: cluster with some subscriptions isn't empty +* [`9b5eeae`](https://github.com/talos-systems/discovery-service/commit/9b5eeaed72970ab86ba1124fc0dbad7123debe66) chore: add go-debug +* [`1655040`](https://github.com/talos-systems/discovery-service/commit/1655040813a0b5be55a6bee6fbf1ba167fb4274a) chore: improve state logging +

+
+ +### Dependency Changes + +* **github.com/talos-systems/discovery-service** v0.1.0 -> v0.1.1 + +Previous release can be found at [v0.13.0](https://github.com/talos-systems/talos/releases/tag/v0.13.0) + ## [Talos 0.13.0](https://github.com/talos-systems/talos/releases/tag/v0.13.0) (2021-10-12) Welcome to the v0.13.0 release of Talos! diff --git a/go.mod b/go.mod index 469808b49..fc406ebe3 100644 --- a/go.mod +++ b/go.mod @@ -84,7 +84,7 @@ require ( github.com/talos-systems/go-smbios v0.1.0 github.com/talos-systems/grpc-proxy v0.2.0 github.com/talos-systems/net v0.3.0 - github.com/talos-systems/talos/pkg/machinery v0.13.0 + github.com/talos-systems/talos/pkg/machinery v0.13.1 github.com/u-root/u-root v7.0.0+incompatible github.com/vishvananda/netlink v1.1.1-0.20210330154013-f5de75959ad5 github.com/vmware-tanzu/sonobuoy v0.53.2 diff --git a/hack/release.toml b/hack/release.toml index e662789b4..041ecc837 100644 --- a/hack/release.toml +++ b/hack/release.toml @@ -6,7 +6,7 @@ github_repo = "talos-systems/talos" match_deps = "^github.com/(talos-systems/[a-zA-Z0-9-]+)$" # previous release -previous = "v0.12.0" +previous = "v0.13.0" pre_release = false @@ -15,39 +15,10 @@ preface = """\ [notes] - [notes.3clouds] - title = "Hetzner, Scaleway, Upcloud and Vultr" - description = """\ -Talos now natively supports four new cloud platforms: - -* [Hetzner](https://www.hetzner.com/), including VIP support -* [Scaleway](https://www.scaleway.com/en/) -* [Upcloud](https://upcloud.com/) -* [Vultr](https://www.vultr.com/) - -Also generic `cloud-init` `nocloud` platform is supported in both networking and storage-based modes. -""" - - [notes.2kexec] - title = "Reboots via kexec" - description = """\ -Talos now reboots by default via kexec syscall which means BIOS POST process is skipped. -On bare-metal hardware BIOS POST process might take 10-15 minutes, so Talos reboots 10-15 minutes faster on bare-metal. - -Kexec support can be disabled with the following change to the machine configuration: - -```yaml -machine: - sysctls: - kernel.kexec_load_disabled: "1" -``` -""" - [notes.caps] title = "Kexec and capabilities" description = """\ -When kexec support is disabled (see `Reboots via kexec`), -Talos no longer drops Linux capabilities (`CAP_SYS_BOOT` and `CAP_SYS_MODULES`) for child processes. +When kexec support is disabled Talos no longer drops Linux capabilities (`CAP_SYS_BOOT` and `CAP_SYS_MODULES`) for child processes. That is helpful for advanced use-cases like Docker-in-Docker. If you want to permanently disable kexec and capabilities dropping, pass `kexec_load_disabled=1` argument to the kernel. @@ -63,53 +34,6 @@ Please note that capabilities are dropped before machine configuration is loaded so disabling kexec via `machine.sysctls` (like in the section `Reboots via kexec`) will not be enough. """ - [notes.1kubespan] - title = "Cluster Discovery and KubeSpan" - description = """\ -This release of Talos provides initial support for [cluster membership discovery](https://www.talos.dev/docs/v0.13/guides/discovery/) and [KubeSpan](https://www.talos.dev/docs/v0.13/guides/kubespan/). - -These new features are not enabled by default, to enable them please make following changes to the machine configuration: - -```yaml -machine: - network: - kubespan: - enabled: true -cluster: - discovery: - enabled: true -``` - -""" - - [notes.4etcd] - title = "etcd Advertised Address" - description = """\ -The address advertised by etcd can now be controlled with new machine configuration option `machine.etcd.subnet`. -""" - - [notes.5kubelet] - title = "kubelet Node IP" - description = """\ -The addresses picked by kubelet can now be controlled with new machine configuration option `machine.kubelet.nodeIP.validSubnets`. -""" - - [notes.6windows] - title = "Windows Suport" - description = """\ -CLI tool talosctl is now built for Windows and published as part of the release. -""" - - [notes.7components] - title = "Component Updates" - description = """\ -Linux: 5.10.69 -Kubernetes: 1.22.2 -containerd: 1.5.6 -runc: 1.0.2 - -Talos is built with Go 1.17.1. -""" [make_deps] diff --git a/website/content/docs/v0.13/Reference/cli.md b/website/content/docs/v0.13/Reference/cli.md index f286a4014..87fb80b70 100644 --- a/website/content/docs/v0.13/Reference/cli.md +++ b/website/content/docs/v0.13/Reference/cli.md @@ -93,7 +93,7 @@ talosctl cluster create [flags] --bad-rtc launch VM with bad RTC state (QEMU only) --cidr string CIDR of the cluster network (IPv4, ULA network for IPv6 is derived in automated way) (default "10.5.0.0/24") --cni-bin-path strings search path for CNI binaries (VM only) (default [/home/user/.talos/cni/bin]) - --cni-bundle-url string URL to download CNI bundle from (VM only) (default "https://github.com/talos-systems/talos/releases/download/v0.13.0/talosctl-cni-bundle-${ARCH}.tar.gz") + --cni-bundle-url string URL to download CNI bundle from (VM only) (default "https://github.com/talos-systems/talos/releases/download/v0.13.1/talosctl-cni-bundle-${ARCH}.tar.gz") --cni-cache-dir string CNI cache directory path (VM only) (default "/home/user/.talos/cni/cache") --cni-conf-dir string CNI config directory path (VM only) (default "/home/user/.talos/cni/conf.d") --config-patch string patch generated machineconfigs (applied to all node types)