You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Flatcar Container Linux User
Hello,
We are pleased to announce a new Flatcar Container Linux release for the Alpha channel.
Changes since Alpha 3066.0.0
Known issues
calico is crashing with Kubernetes 1.23 and Linux 5.15 - it’s recommended to switch over iptables instead of ipvs for kube-proxy mode. (projectcalico/calico#5011)
The SELinux policy store update fix resulted in some files leaked to the root filesystem top directory (Flatcar#596)
The Torcx profile docker-1.12-no got fixed to reference the current Docker version instead of 19.03 which wasn’t found on the image, causing Torcx to fail to provide Docker (flatcar-linux/coreos-overlay#1456)
Fix vim warnings on missing file, when built with USE=”minimal” (portage-stable#260)
Excluded the Kubenet cbr0 interface from networkd’s DHCP config and set it to Unmanaged to prevent interference and ensure that it is not part of the network online check (flatcar-linux/init#55)
Ensured that the /run/xtables.lock coordination file exists for modifications of the xtables backend from containers (must be bind-mounted) or the iptables-legacy binaries on the host (flatcar-linux/init#57)
dev container: Fixed github URL for coreos-overlay and portage-stable to use repos from flatcar-linux org directly instead of relying on redirects from the kinvolk org. This fixes checkouts with emerge-gitclone inside dev-container. (flatcar-linux/scripts#194)
SDK: Fixed build error popping up in the new SDK Container because policycoreutils used the wrong ROOT to update the SELinux store (flatcar-linux/coreos-overlay#1502)
Changes
Flatcar is in the NIST CPE dictionary. Programmatically build the CPE_NAME in the build process in order to be scanned (flatcar-linux/Flatcar#536)
Added a new flatcar-update tool to the image to ease manual updates, rollbacks, channel/release jumping, and airgapped updates (flatcar-linux/init#53)
Excluded special network interface devices like bridge, tunnel, vxlan, and veth devices from the default DHCP configuration to prevent networkd interference (flatcar-linux/init#56)
Added CONFIG_NF_CT_NETLINK_HELPER (for libnetfilter_cthelper), CONFIG_NET_VRF (for virtual routing and forwarding) and CONFIG_KEY_DH_OPERATIONS (for keyutils) to the kernel config (flatcar-linux/coreos-overlay#1524)