alt-orchestra/talos
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
talos/hack/release.toml
Andrey Smirnov b453385bd9
feat: support volume configuration, provisioning, etc 
This implements the first round of changes, replacing the volume backend
with the new implementation, while keeping most of the external
interfaces intact.

See #8367

Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
2024-08-30 18:32:34 +04:00

241 lines
7.7 KiB
TOML
Raw Blame History

# commit to be tagged for new release
commit = "HEAD"
project_name = "Talos"
github_repo = "siderolabs/talos"
match_deps = "^github.com/((talos-systems|siderolabs)/[a-zA-Z0-9-]+)$"
ignore_deps = ["github.com/coredns/coredns"]
# previous release
previous = "v1.7.0"
pre_release = true
preface = """\
Starting with Talos v1.8.0, only standard assets would be published as github release assets. These include:
* `cloud-images.json`
* `talosctl` binaries
* `kernel`
* `initramfs`
* `metal` iso and disk images
* `talosctl-cni-bundle`
All other release assets can be downloaded from [Image Factory](https://www.talos.dev/latest/talos-guides/install/boot-assets/#image-factory).
"""
[notes]
[notes.updates]
title = "Component Updates"
description = """\
Kubernetes: 1.31.0
Linux: 6.6.47
containerd: 2.0.0-rc.4
runc: 1.2.0-rc.2
etcd: 3.5.15
Flannel: 0.25.6
Flannel CNI plugin: 1.5.1
CoreDNS: 1.1.13
Talos is built with Go 1.22.6.
"""
[notes.apparmor]
title = "Workload Apparmor Profile"
description = """\
Talos Linux can now apply the default AppArmor profiles to all workloads started via containerd, if the machine is installed with the AppArmor LSM enforced via the extraKernelArgs.
Eg:
```yaml
machine:
install:
extraKernelArgs:
- security=apparmor
```
"""
[notes.zstd]
title = "ZSTD Compression"
description = """\
Talos Linux now compresses kernel and initramfs using ZSTD.
Linux arm64 kernel is now compressed (previously it was uncompressed).
"""
[notes.forward-kube-dns-to-host]
title = "DNS Forwarding for CoreDNS pods"
description = """\
Usage of the host DNS resolver as upstream for Kubernetes CoreDNS pods is now enabled by default. You can disable it
with:
```yaml
machine:
features:
hostDNS:
enabled: true
forwardKubeDNSToHost: false
```
Please note that on running cluster you will have to kill CoreDNS pods for this change to apply.
The IP address used to forward DNS queries has changed to the fixed `169.254.116.108` address.
For those upgrading from Talos 1.7 with `forwardKubeDNSToHost` enabled, the old Kubernetes service
can be cleaned up with `kubectl delete -n kube-system service host-dns`.
"""
[notes.lspci]
title = "PCI Devices"
description = """\
A list of PCI devices can now be obtained via `PCIDevices` resource, e.g. `talosctl get pcidevices`.
"""
[notes.diagnostics]
title = "Diagnostics"
description = """\
Talos Linux now shows diagnostics information for common problems related to misconfiguration via `talosctl health` and Talos dashboard.
"""
[notes.bridge]
title = "Bridge Interface"
description = """\
Talos Linux now support configuring 'vlan_filtering' for bridge interfaces.
"""
[notes.proxy]
title = "kube-proxy"
description = """\
Talos Linux configures kube-proxy >= v1.31.0 to use 'nftables' backend by default.
"""
[notes.trusted-roots]
title = "Custom Trusted Roots"
description = """\
Talos Linux now supports adding [custom trusted roots](https://www.talos.dev/v1.8/talos-guides/configuration/certificate-authorities/) (CA certificates) via `TrustedRootsConfig` configuration documents.
"""
[notes.labels]
title = "Default Node Labels"
description = """\
Talos Linux on config generation now adds a label `node.kubernetes.io/exclude-from-external-load-balancers` by default for the control plane nodes.
"""
[notes.secureboot]
title = "Secure Boot"
description = """\
Talos Linux now can optionally include well-known UEFI (Microsoft) SecureBoot keys into the auto-enrollment UEFI database.
"""
[notes.annotations]
title = "Node Annotations"
description = """\
Talos Linux now supports configuring Kubernetes node annotations via machine configuration (`.machine.nodeAnnotations`) in a way similar to node labels.
"""
[notes.extensions]
title = "Extensions in Kubernetes Nodes"
description = """\
Talos Linux now publishes list of installed extensions as Kubernetes node labels/annotations.
The key format is `extensions.talos.dev/<name>` and the value is the extension version.
If the extension name is not valid as a label key, it will be skipped.
If the extension version is a valid label value, it will be put to the label; otherwise it will be put to the annotation.
For Talos machines booted of the Image Factory artifacts, this means that the schematic ID will be published as the annotation
`extensions.talos.dev/schematic` (as it is longer than 63 characters).
"""
[notes.nvidia]
title = "NVIDIA GPU Support"
description = """\
Starting with Talos 1.8.0, SideroLabs would ships extensions for both LTS and Production versions of NVIDIA extensions.
For more details see the CHANGELOG of [extensions](https://github.com/siderolabs/extensions/releases).
Upgrades with an exisiting schematic id from Image Factory would keep the existing LTS version of the NVIDIA extension.
"""
[notes.kubelet]
title = "Slim Kubelet Image"
description = """\
Kubelet container image includes various utilities that kubelet might use to perform various tasks.
Starting with Kubernetes 1.31.0, `kubelet` image now includes less utilities, as the in-tree CSI plugins were
removed in Kubernetes 1.31.0. This reduces `kubelet` image size and potential attack surface.
For Kubernetes < 1.31.0, there will be two images built:
* `v1.x.y` (default, fat)
* `v1.x.y-slim` (slim)
For Kubernetes >= 1.31.0, there will be same two images built, but the
default tag would point to slim image:
* `v1.x.y` (default, slim)
* `v1.x.y-fat` (fat)
"""
[notes.cni]
title = "CNI Plugins"
description = """\
Talos Linux now bundles by default the following standard CNI plugins:
* `bridge`
* `firewall`
* `flannel`
* `host-local`
* `loopback`
* `portmap`
The Talos bundled Flannel manifest was simplified to remove the `install-cni` step.
"""
[notes.udevd]
title = "Device Extra Settle Timeout"
description = """\
Talos Linux now supports a kernel command line argument `talos.device.settle_time=3m` to set the device extra settle timeout to workaround issues with broken drivers.
"""
[notes.platform]
title = "Platform Support"
description = """\
Talos Linux now supports Apache CloudStack platform.
"""
[notes.metal-image]
title = "Metal images"
description = """\
Starting with Talos 1.8, `console=ttyS0` kernel argument is removed from the metal images and installer. If running virtualized in QEMU (For eg: Proxmox), this can be added as an extra kernel argument if needed via Image Factory or using Imager.
This should fix slow boot or no console output issues on most bare metal hardware.
"""
[notes.kernel-args]
title = "`talos.halt_if_installed` kernel argument"
description = """\
Starting with Talos 1.8, ISO's generated from Boot Assets would have a new kernel argument `talos.halt_if_installed` which would pause the boot sequence until boot timeout if Talos is already installed on the disk.
ISO generated for pre 1.8 versions would not have this kernel argument.
This can be also explicitly enabled by setting `talos.halt_if_installed=1` in kernel argument.
"""
[notes.installer]
title = "Installer"
description = """\
Talos Linux installer now never wipes the system disk on upgrades, which means that the flag
`--preserve` is always set for `talosctl upgrade`.
"""
[make_deps]
[make_deps.tools]
variable = "TOOLS"
repository = "github.com/siderolabs/tools"
[make_deps.pkgs]
variable = "PKGS"
repository = "github.com/siderolabs/pkgs"
[make_deps.extras]
variable = "EXTRAS"
repository = "github.com/siderolabs/extras"
Reference in New Issue View Git Blame Copy Permalink