Announcing new Alpha 3305.0.0, Beta 3277.1.0, Stable 3227.2.0, LTS-2022 3033.3.3 releases

8 views
Skip to first unread message

Flatcar Container Linux User

unread,
Jul 22, 2022, 6:09:32 AMJul 22
to Flatcar Container Linux User

Hello,

We are pleased to announce a new Flatcar Container Linux release for the Alpha, Beta, Stable and LTS-2022 channels.

New Alpha Release 3305.0.0

Changes since Alpha 3277.0.0

Security fixes:Bug fixes:
  • Removed outdated LTS channel information printed on login (init#75)
  • The Ignition v3 kargs directive failed before when used with the generic image where no grub.cfg exists, this was fixed by creating it first (bootengine#47)
Updates:New Beta Release 3277.1.0

Changes since Alpha 3277.0.0

Security fixes:Bug fixes:
  • The Ignition v3 kargs directive failed before when used with the generic image where no grub.cfg exists, this was fixed by creating it first (bootengine#47)
Updates:

Changes since Beta 3227.1.1

Security fixes:Bug fixes:
  • The Ignition v3 kargs directive failed before when used with the generic image where no grub.cfg exists, this was fixed by creating it first (bootengine#47)
Changes:Updates:New Stable Release 3227.2.0

Changes since Beta 3227.1.1

Security fixes:Bug fixes:
  • The Ignition v3 kargs directive failed before when used with the generic image where no grub.cfg exists, this was fixed by creating it first (bootengine#47)
Changes:
  • Enabled containerd.service unit, br_netfilter and overlay modules by default to follow Kubernetes requirements (coreos-overlay#1944, init#72)
Updates:

Changes compared to stable-3139.2.3

Security fixes:Bug fixes:
  • Added networkd translation to files section when converting from Ignition 2.x to Ignition 3.x (coreos-overlay#1910, flatcar#741)
  • Added a remount action as systemd-sysext.service drop-in unit to restore the OEM partition mount after the overlay mounts in /usr are done (init#69)
  • Fixed Ignition’s OEM ID to be metal to follow the Ignition upstream change which otherwise resulted in a broken boot when the Flatcar OEM ID pxe was used (bootengine#45)
  • Made Ignition write the SSH keys into a file under authorized_keys.d/ignition again and added a call to update-ssh-keys after Ignition ran to create the merged authorized_keys file, which fixes the problem that keys added by Ignition get lost when update-ssh-keys runs (init#66)
  • Skipped starting ensure-sysext.service if systemd-sysext.service won’t be started, to prevent reporting a dependency failure (Flatcar#710)
  • The Ignition v3 kargs directive failed before when used with the generic image where no grub.cfg exists, this was fixed by creating it first (bootengine#47)
Changes:
  • Added auditd.service but left it disabled by default, a custom configuration can be created by removing /etc/audit/auditd.conf and replacing it with an own file (coreos-overlay#1636)
  • Added cryptsetup to the initramfs for the Ignition luks directive (flatcar-linux/coreos-overlay#1760)
  • Besides Ignition v1 and v2 configurations, Ignition configurations with specification v3 (up to 3.3.0) are now supported, see the docs section for details
  • Bring in dependencies for NFS4 with Kerberos both in kernel and userspace. Tested against NFS4.1 server. coreos-overlay#1664
  • Enabled CONFIG_INTEL_RAPL on AMD64 Kernel config to compile intel_rapl_common module in order to allow power monitoring on modern Intel processors (coreos-overlay#1801)
  • Enabled containerd.service unit, br_netfilter and overlay modules by default to follow Kubernetes requirements (coreos-overlay#1944, init#72)
  • Enabled systemd-sysext.service to activate systemd-sysext images on boot, to disable you will need to mask it. Also added a helper service ensure-sysext.service which reloads the systemd units to reevaluate the sockets, timers, and multi-user targets when systemd-sysext.service is (re)started, making it possible to enable units that are part of a sysext image (init#65)
  • For amd64 /usr/lib used to be a symlink to /usr/lib64 but now they became two separate folders as common in other distributions (and was the case for arm64 already). Compatibility symlinks exist in case /usr/lib64 was used to access, e.g., the modules folder or the systemd folder (coreos-overlay#1713, scripts#255)
  • Made SELinux enabled by default in default containerd configuration file. (coreos-overlay#1699)
  • Removed rngd.service because it is not essential anymore for the kernel to boot fast in VM environments (coreos-overlay#1700)
  • The systemd-networkd ManageForeignRoutes and ManageForeignRoutingPolicyRules settings are now disabled through a drop-in file and thus can only be enabled again by a drop-in file under /etc/systemd/networkd.conf.d/ because drop-in files take precedence over /etc/systemd/networkd.conf (init#61)
  • Azure VHD disks are now created using subformat=fixed, which makes them suitable for immediate upload to Azure using any tool.
  • Defined a systemd-sysext level that sysext images can match for instead of the OS version when they don’t have a strong coupling, meaning the only metadata required is SYSEXT_LEVEL=1.0 and ID=flatcar (Flatcar#643)
  • ARM64: Added cifs-utils for ARM64
  • ARM64: Added sssd, adcli and realmd for ARM64
  • AWS EC2: Removed the setup of /etc/hostname from the instance metadata because it used a long FQDN but we can just use use the hostname set via DHCP (Flatcar#707)
  • Azure: Set up /etc/hostname from instance metadata with Afterburn
  • DigitalOcean: In addition to the bz2 image, a gz compressed image is published. This helps against hitting the compression timeout that sometimes lets the image import fail.
  • OpenStack: In addition to the bz2 image, a gz compressed image is published. This allows Glance to directly consume the images by simply passing in the URL of the image.
  • SDK: The image compression format is now configurable. Supported formats are: bz2, gz, zip, none, zst. Selecting the image format can now be done by passing the --image_compression_formats option. This flag gets a comma separated list of formats.
  • SDK / ARM64: Added go-tspi bindings for ARM64
Updates:New LTS-2022 Release 3033.3.3

Changes since lts-3033.3.2

Security fixes:Bug fixes:
  • Removed outdated LTS channel information printed on login (init#75)
Changes:
  • Enabled containerd.service unit, br_netfilter and overlay modules by default to follow Kubernetes requirements (coreos-overlay#1944, init#72)
  • DigitalOcean: In addition to the bz2 image, a gz compressed image is published. This helps against hitting the compression timeout that sometimes lets the image import fail.
  • OpenStack: In addition to the bz2 image, a gz compressed image is published. This allows Glance to directly consume the images by simply passing in the URL of the image.
  • SDK: The image compression format is now configurable. Supported formats are: bz2, gz, zip, none, zst. Selecting the image format can now be done by passing the --image_compression_formats option. This flag gets a comma separated list of formats.
Updates:

Best,
The Flatcar Container Linux Maintainers

Reply all
Reply to author
Forward
This conversation is locked
You cannot reply and perform actions on locked conversations.
0 new messages