lingble/archived-talos
1
0
Fork 0
mirror of https://github.com/lingble/talos.git synced 2026-03-20 04:03:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,035 Commits 31 Branches 464 Tags
release-1.4
Commit Graph

781 Commits

Author SHA1 Message Date
Andrey Smirnov
3715861803 chore: update Go to 1.20.7, Linux to 6.1.44 
Addressing the CVEs in Go and Linux (CPU vulnerabilities).

Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
 2023-08-10 17:28:16 +04:00
Andrey Smirnov
95a3670f61 chore: workaround AWS AMI failures, disable Azure uploader 
Fixes #7513

AWS image uploads recently consistently fail in some regions, which
blocks the release process. Allow to skip some AMIs if they fail to
upload.

Disable Azure until #7512 is resolved.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
(cherry picked from commit ffa48ac803)
 2023-07-26 17:46:50 +04:00
Andrey Smirnov
8f35f7dbe6 feat: update Linux to 6.1.41 
This release contains a workaround for
[Zenbleed](https://lock.cmpxchg8b.com/zenbleed.html).

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-07-26 17:45:53 +04:00
Andrey Smirnov
696a6fb635 feat: update Kubernetes default to 1.27.4 
See https://github.com/kubernetes/kubernetes/releases/tag/v1.27.4

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-07-26 16:44:57 +04:00
Andrey Smirnov
d6af392e11 chore: update Go to 1.20.6 
See https://go.dev/doc/devel/release#go1.20.6

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-07-12 15:45:10 +04:00
Andrey Smirnov
b5bbb3f2e8 feat: update Linux to 6.1.36 
Latest LTS Linux kernel.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-06-28 18:22:43 +04:00
Andrey Smirnov
1e9c3b3b83 feat: update default Kubernetes version to 1.27.3 
See https://github.com/kubernetes/kubernetes/releases/tag/v1.27.3

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-06-27 21:54:17 +04:00
Andrey Smirnov
21a490b11a chore: update to Go 1.20.5 
Update pkgs/extras/tools, etc.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-06-08 00:01:01 +04:00
Andrey Smirnov
9abd005647 feat: update default Kubernetes to v1.27.2 
See https://github.com/kubernetes/kubernetes/releases/v1.27.2

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
(cherry picked from commit 383471c3e9)
 2023-05-30 15:48:04 +04:00
Andrey Smirnov
abfb534a21 feat: update etcd to v3.5.9 
See https://github.com/etcd-io/etcd/releases/tag/v3.5.9

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
(cherry picked from commit 01dfd3af7d)
 2023-05-30 15:45:29 +04:00
Andrey Smirnov
65a58c8ac3 feat: update Linux to 6.1.30 
Latest Linux 6.1.x LTS.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-05-30 15:42:34 +04:00
Noel Georgi
168114fc11 release(v1.4.4): prepare release 
This is the official v1.4.4 release.

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2023-05-13 00:11:43 +05:30
Noel Georgi
c2220996dd fix: rlimit nofile test 
The test was added at the wrong place.

Signed-off-by: Noel Georgi <git@frezbo.dev>
(cherry picked from commit 3b36993b99)
 2023-05-12 18:37:06 +05:30
Noel Georgi
cfa9132701 chore: bump kernel to 6.1.28 
Bump kernel to 6.1.28

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2023-05-12 01:29:43 +05:30
Noel Georgi
779febfb9d fix: revert: set rlimit explicitly in wrapperd 
This reverts commit a2565f6741.

The fix done in `a2565f67`, was actually a no-op caused by the
misunderstanding the fix done in Go and backported to [Go 1.20.4](ecf7e00db8).
The fix gave a false confidence that it was working when it was tested
against Talos `main` branch since the PR #7190 bumped `x/sys` package
from [v0.7.0 -> v0.8.0](ecf7e00db8), the actual change in `x/sys` can be found here at ff18efa0a3 which meant that when updating Go to 1.20.4 the `x/sys` package should been updated too. The `x/sys` package changed how the syscall to set the rlimit was called, it got moved into the Go stdlib instead of calling rlimit syscall in the `x/sys` package, which meant a combination of using Go 1.20.4 and an older `x/sys` package means `RLIMIT_NOFILE` value would not be set back to the original value.

The Talos 1.4 release branch currently have  `x/sys`
at [v0.7.0(https://github.com/siderolabs/talos/blob/v1.4.3/go.mod#L133),
so the backport would consist of this change along another commit bumping `x/sys` package to `v0.8.0`.

Fixes: #7198
Fixes: #7206

Co-authored-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
Signed-off-by: Noel Georgi <git@frezbo.dev>
(cherry picked from commit 4f720d4653)
 2023-05-12 01:13:34 +05:30
Noel Georgi
a2cc92b8a5 release(v1.4.3): prepare release 
This is the official v1.4.3 release.

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2023-05-10 18:10:47 +05:30
Andrey Smirnov
4478382437 fix: enforce nolock option for all NFS mounts by default 
Talos doesn't have `rpc.statsd` running, so mounting without locking is
the only option. Some places in Kubernetes don't allow to set mount
options for NFS, so setting defaults is the only way.

Fixes #6582

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
(cherry picked from commit d43c61e80f)
 2023-05-08 18:46:03 +04:00
Andrey Smirnov
8a8fc5f7a8 feat: Linux 6.1.27, containerd 1.6.21, runc 1.1.7 
Update dependencies.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-05-08 18:44:15 +04:00
Andrey Smirnov
726d8d9840 feat: update Linux to 6.1.25, fix virtio on arm64 
Build virtio modules in-kernel for arm64.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-04-27 17:49:56 +04:00
Andrey Smirnov
c003fce72a chore: fix container image reproducibility 
Also provide make targets to sign the images.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
(cherry picked from commit ec8c8dbafc)
 2023-04-27 17:38:28 +04:00
Andrey Smirnov
58de249ffb release(v1.4.0): prepare release 
This is the official v1.4.0 release.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-04-18 20:28:15 +04:00
Andrey Smirnov
5d9c7ea610 feat: update Kubernetes to 1.27.1 
See https://github.com/kubernetes/kubernetes/releases/tag/v1.27.1

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
(cherry picked from commit a781dfb8e3)
 2023-04-18 16:15:52 +04:00
Andrey Smirnov
664d8c9336 feat: update etcd to v3.5.8 
See https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.5.md

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
(cherry picked from commit 3e406d9b07)
 2023-04-18 16:15:28 +04:00
Andrey Smirnov
ae949d2209 feat: update Kubernetes to 1.27.0 
See https://github.com/kubernetes/kubernetes/releases/tag/v1.27.0

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
(cherry picked from commit e31f7f50b1)
 2023-04-18 16:15:04 +04:00
Andrey Smirnov
0b575c4673 feat: update Linux to 6.1.24 
The latest LTS release.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-04-18 16:14:15 +04:00
Noel Georgi
69045b7d5b chore: module-sig-verify cleanup 
Make module-sig-verify code more idiomatic.

Co-authored-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Signed-off-by: Noel Georgi <git@frezbo.dev>
(cherry picked from commit 07bb61e60c)
 2023-04-11 15:49:15 +04:00
Noel Georgi
805887e618 chore: add kernel module signtaure verification 
Add kernel module signature verification for out of tree kernel modules.

Fixes: #7049

Signed-off-by: Noel Georgi <git@frezbo.dev>
(cherry picked from commit 5e9d836c3d)
 2023-04-11 15:49:14 +04:00
Andrey Smirnov
58c55f30fb feat: update Kubernetes to 1.27.0-rc.1 
This has a fix for an issue for DaemonSets and graceful shutdown.

See https://github.com/kubernetes/kubernetes/releases/tag/v1.27.0-rc.1

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
(cherry picked from commit 5176d27dc5)
 2023-04-11 15:49:07 +04:00
Andrey Smirnov
f9fa8dc690 chore: update Go to 1.20.3 
See https://go.dev/doc/devel/release#go1.20

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-04-05 22:02:41 +04:00
Andrey Smirnov
5a879bdaf0 feat: revert update Kubernetes to 1.27.0-rc.0 
This reverts commit cefa9c3ecb.

Use Kubernetes 1.27.0-beta.0 until the issue is resolved:

https://github.com/kubernetes/kubernetes/issues/117018

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-04-03 18:04:37 +04:00
Andrey Smirnov
b898081749 release(v1.4.0-alpha.4): prepare release 
This is the official v1.4.0-alpha.4 release.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-03-31 21:19:02 +04:00
Thomas Way
7ffabe0f14 feat: support network bond device selectors 
Fixes https://github.com/siderolabs/talos/issues/6756

Signed-off-by: Thomas Way <thomas@6f.io>
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-03-31 20:29:20 +04:00
Andrey Smirnov
b8497b99eb feat: update containerd to 1.6.20 
See https://github.com/containerd/containerd/releases/tag/v1.6.20

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-03-31 16:14:43 +04:00
Nico Berlee
0af8fe2fb5 feat: netstat pod support 
talosctl netstat -k show all host and non-hostnetwork pods sockets/connections.
talosctl netstat namespace/pod shows sockets/connections of a specific pod +
autocompletes in the shell.

Signed-off-by: Nico Berlee <nico.berlee@on2it.net>
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-03-30 23:39:38 +04:00
Andrey Smirnov
52e857f55e feat: linux 6.1.22, runc 1.1.5 
Bump dependencies in preparation for Talos 1.4-beta.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-03-30 21:28:26 +04:00
Andrey Smirnov
ea0e9bdbe4 feat: environment variables via the kernel arguments 
Unify getting environment variables, support passing environment
variables via kernel args.

Fixes #6984
See #6999

For META this will be used to pass environment variables to the
installer for ISO images (or PXE booting).

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-03-28 16:28:33 +04:00
Andrey Smirnov
cefa9c3ecb feat: update Kubernetes to 1.27.0-rc.0 
See https://github.com/kubernetes/kubernetes/releases/tag/v1.27.0-rc.0

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-03-27 14:32:54 +04:00
Andrey Smirnov
d30cf9c86e test: fix misprint in e2e scripts 
This bug breaks `e2e-extensions`.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-03-24 15:28:18 +04:00
Andrey Smirnov
a0a5db590d feat: update Flannel to 0.21.4 
See https://github.com/flannel-io/flannel/releases/tag/v0.21.4

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-03-22 22:28:50 +04:00
Noel Georgi
36a9a208ec chore: bump deps 
Bump deps

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2023-03-22 16:37:27 +05:30
Noel Georgi
c63cf90e32 feat: update k8s to v1.27.0-beta.0 
Update k8s to v1.27.0-beta.0

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2023-03-21 23:59:17 +05:30
Andrey Smirnov
28713c2c4d feat: update Kubernetes to 1.26.3 
Mostly to backport to 1.3.x, main should be soon updated to 1.27.x.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-03-20 23:36:11 +04:00
Andrey Smirnov
9f5f5cf9bf feat: update Flannel to v0.21.3 
See https://github.com/flannel-io/flannel/releases/tag/v0.21.3

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-03-13 20:32:26 +04:00
Andrey Smirnov
e03902b546 feat: update Go to 1.20.2 
Also bump Linux to 6.1.15.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-03-10 16:41:17 +04:00
Erik Lund
230cfaf803 feat: use network information from guestinfo.metadata 
Add VMware GuestInfo metadata to network configuration.

Fixes #6708

Signed-off-by: Erik Lund Jensen <info@erikjensen.it>
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-03-09 16:51:08 +04:00
Nico Berlee
97048f7c37 feat: netstat in API and client 
Implements netstat in Talos API and client (talosctl).

Signed-off-by: Nico Berlee <nico.berlee@on2it.net>
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2023-03-09 15:48:30 +04:00
Artem Chernyshev
121220a3b3 chore: bump dependencies via renovate bot 
Fixes: https://github.com/siderolabs/talos/pull/6914
Fixes: https://github.com/siderolabs/talos/pull/6915
Signed-off-by: Artem Chernyshev <artem.chernyshev@talos-systems.com>
 2023-03-07 15:58:25 +03:00
Dmitriy Matrenichev
ebc92f3c1d chore: add container id to talosctl -k containers and talosctl -k logs 
This PR adds first 12 symbols from container ID and adds them to `talosctl -k containers` each container output.
That way we can ensure that we get the logs from proper container even if there is a newer one.

Closes #6886

Co-authored-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
 2023-03-07 13:20:44 +03:00
Dmitriy Matrenichev
22ef81c1e7 feat: add grub option to drop to maintenance mode 
- [x] Support `talos.experimental.wipe=system:EPHEMERAL,STATE` boot kernel arg
- [x] GRUB option to wipe like above
- [x] update GRUB library to handle that

Closes #6842

Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
 2023-03-07 12:37:59 +03:00
Noel Georgi
a78281214d feat: add cilium e2e tests 
Add cilium e2e tests. The existing cilium check was very old, update to
latest cilium version and also add a test for KPR strict mode.

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2023-03-03 20:03:25 +05:30