mirrors/talos
1
0
Fork 0
mirror of https://github.com/siderolabs/talos.git synced 2026-04-16 03:01:08 +02:00
Code Issues Packages Projects Releases Wiki Activity
talos/hack/release.toml
Andrey Smirnov e33d2f581f
feat: support overriding base OCI spec for CRI 
Fixes #9827

Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
2024-11-29 16:22:25 +04:00

150 lines
5.2 KiB
TOML
Raw Blame History

# commit to be tagged for new release
commit = "HEAD"
project_name = "Talos"
github_repo = "siderolabs/talos"
match_deps = "^github.com/((talos-systems|siderolabs)/[a-zA-Z0-9-]+)$"
ignore_deps = ["github.com/coredns/coredns"]
# previous release
previous = "v1.8.0"
pre_release = true
preface = """
"""
[notes]
[notes.updates]
title = "Component Updates"
description = """\
* Linux: 6.12.1
* containerd: 2.0.0
* Flannel: 0.26.1
* Kubernetes: 1.32.0-rc.0
* runc: 1.2.1
* CoreDNS: 1.12.0
Talos is built with Go 1.23.3.
"""
[notes.cgroupsv1]
title = "cgroups version 1"
description = """\
Support for cgroupsv1 is deprecated, and will be removed in Talos 1.10 (for non-container mode).
"""
[notes.machineConfigKubeAPIServer]
title = "Kube APIServer Authorization Config"
description = """\
Starting with Talos 1.9, `.cluster.apiServer.authorizationConfig` field supports setting [Kubernetes API server authorization modes](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#using-configuration-file-for-authorization)
using the `--authorization-config` flag.
The machine config field supports a list of `authorizers`. For eg:
```yaml
cluster:
apiServer:
authorizationConfig:
- type: Node
name: Node
- type RBAC
name: rbac
```
For new cluster if the Kubernetes API server supports the `--authorization-config` flag, it'll be used by default instead of the `--authorization-mode` flag.
By default Talos will always add the `Node` and ` RBAC` authorizers to the list.
When upgrading if either a user-provided `authorization-mode` or `authorization-webhook-*` flag is set via `.cluster.apiServer.extraArgs`, it'll be used instead of the new `AuthorizationConfig`.
Current authorization config can be viewed by running: `talosctl get authorizationconfigs.kubernetes.talos.dev -o yaml`
"""
[notes.drm]
title = "Direct Rendering Manager (DRM)"
description = """\
Starting with Talos 1.9, the `i915` and `amdgpu` DRM drivers will be dropped from the Talos squashfs.
There will be new system extensions named `i915` and `amdgpu` that would contain both the drivers and firmware packaged together.
Upgrades via Image Factory will automatically include the new extensions if previously `i915-ucode` or `amdgpu-firmware` were used.
"""
[notes.usernamespaces]
title = "User Namespaces"
description = """\
Talos Linux now supports running Kubernetes pods with user namespaces enabled.
Refer to the [documentation](https://www.talos.dev/v1.9/kubernetes-guides/configuration/usernamespace/) for more information.
"""
[notes.auditd]
title = "Auditd"
description = """\
Talos Linux now starts a auditd service by default.
Logs can be read with `talosctl logs auditd`.
"""
[notes.cgroups]
title = "`talosctl cgroups`"
description = """\
The `talosctl cgroups` command has been added to the `talosctl` tool.
This command allows you to view the cgroup resource consumption and limits for a machine, e.g.
`talosctl cgroups --preset memory`.
"""
[notes.udevd]
title = "udevd"
description = """\
Talos previously used `eudev` to provide `udevd`, now it uses `systemd-udevd` instead.
"""
[notes.registry-mirrors]
title = "Registry Mirrors"
description = """\
In versions before Talos 1.9, there was a discrepancy between the way Talos itself and CRI plugin resolves registry mirrors:
Talos will never fall back to the default registry if endpoints are configured, while CRI plugin will.
> Note: Talos Linux pulls images for the `installer`, `kubelet`, `etcd`, while all workload images are pulled by the CRI plugin.
In Talos 1.9 this was fixed, so that by default an upstream registry is used as a fallback in all cases, while new registry mirror
configuration option `.skipFallback` can be used to disable this behavior both for Talos and CRI plugin.
"""
[notes.device-selectors]
title = "Device Selectors"
description = """\
Talos now supports matching on permanent hardware (MAC) address of the network interfaces.
This is specifically useful to match bond members, as they change their hardware addresses when they become part of the bond.
"""
[notes.talosctl-disk]
title = "talosctl disks"
description = """\
The command `talosctl disks` was removed, please use `talosctl get disks`, `talosctl get systemdisk`, and `talosctl get blockdevices` instead.
"""
[notes.talosctl-wipe]
title = "talosctl wipe"
description = """\
The new command `talosctl wipe disk` allows to wipe a disk or a partition which is not used as a volume.
"""
[notes.oci-base-spec]
title = "OCI Base Runtime Spec"
description = """\
Talos now allows to [modify the OCI base runtime spec for the container runtime](https://www.talos.dev/v1.9/advanced/oci-base-spec/).
"""
[make_deps]
[make_deps.tools]
variable = "TOOLS"
repository = "github.com/siderolabs/tools"
[make_deps.pkgs]
variable = "PKGS"
repository = "github.com/siderolabs/pkgs"
[make_deps.extras]
variable = "EXTRAS"
repository = "github.com/siderolabs/extras"
Reference in New Issue View Git Blame Copy Permalink