Announcing new releases Alpha 4054.0.0, Beta 4012.1.0 and Stable 3975.2.0

15 views
Skip to first unread message

Flatcar Container Linux User

unread,
Aug 8, 2024, 3:46:52 AM8/8/24
to Flatcar Container Linux User

Hello,

We are pleased to announce a new major Flatcar Container Linux release for the Alpha, Beta and Stable channels.

Alpha 4054.0.0

Changes since Alpha 4012.0.1

Security fixes: Bug fixes:
  • Fixed bad usage of gpg that prevented flatcar-install from being used with custom signing keys (Flatcar#1471)
  • Hetzner: Fixed duplicated prefix in the Afterburn metadata (scripts#2141)
Changes:
  • As part of the update to Catalyst 4 (used to build the SDK), the coreos package repository has been renamed to coreos-overlay to match its directory name. This will be reflected in package listings and package manager output. (flatcar/scripts#2115)
  • Hetzner: Added COREOS_HETZNER_PRIVATE_IPV4_0 Afterburn attribute for Hetzner private IPs (scripts#2141)
  • The kernel security module Landlock is now enabled for programs to sandbox themselves (flatcar/scripts#2158)
Updates: Beta 4012.1.0

Changes since Beta 3975.1.1

Security fixes: Bug fixes:
  • Hetzner: Fixed duplicated prefix in the Afterburn metadata (scripts#2141)
Changes:
  • Hetzner: Added COREOS_HETZNER_PRIVATE_IPV4_0 Afterburn attribute for Hetzner private IPs (scripts#2141)
  • Provided a Python Flatcar extension as optional systemd-sysext image with the release. Write 'python' to /etc/flatcar/enabled-sysext.conf through Ignition and the sysext will be installed during provisioning (scripts#1979)
  • Added Akamai / Linode images (scripts#1806)
  • Removed unused grub executable duplicate files and removed grub modules that are already assembled in the grub executable (scripts#1955).
  • libcrypt is now provided by the libxcrypt library instead of glibc. Glibc libcrypt was deprecated long time ago.
Updates:

Changes since Alpha 4012.0.1

Security fixes: Bug fixes:
  • Hetzner: Fixed duplicated prefix in the Afterburn metadata (scripts#2141)
Changes:
  • Hetzner: Added COREOS_HETZNER_PRIVATE_IPV4_0 Afterburn attribute for Hetzner private IPs (scripts#2141)
Updates:
Stable 3975.2.0

Changes since Stable 3815.2.5

Security fixes:
Bug fixes:
  • Fixed issue file generation from '/etc/issue.d' (scripts#2018)
  • Fixed the handling of OEM update payloads in a Nebraska response with self-hosted packages (ue-rs#49)
  • Fixes kubevirt vm creation by ensuring that /dev/vhost-net exists (Flatcar#1336)
  • Hetzner: Fixed duplicated prefix in the Afterburn metadata (scripts#2141)
  • Removed custom CloudSigma coreos-cloudinit service configuration since it will be called with the cloudsigma oem anyway. The restart of the service can also cause the serial port to be stuck in an nondeterministic state which breaks future runs.
  • Resolved kmod static nodes creation in bootengine (bootengine#85)
Changes:
  • Added zram-generator package to the image (scripts#1772)
  • A new format qemu_uefi_secure is introduced to test Flatcar for SecureBoot-enabled features. The format will be later merged into qemu_uefi.
  • Added Intel igc driver to support I225/I226 family NICs. (flatcar/scripts#1786)
  • Added Hetzner images (flatcar/scripts#1880)
  • Added Hyper-V VHDX image (flatcar/scripts#1791)
  • Added Ignition Clevis support for encrypted disks unlocked with a TPM2 device or a Tang server (scripts#1560)
  • Added KubeVirt qcow2 image for amd64/arm64 (flatcar/scripts#1962)
  • Added Scaleway images (flatcar/scripts#1683)
  • Added support for unlocking the rootfs with a TPM set up by systemd-cryptenroll (bootengine#93)
  • Backported systemd-sysext mutable overlays functionality from yet-unreleased systemd v256. (flatcar/scripts#1753)
  • Enabled amd-pstate,amd-pstate-epp cpufreq drivers for some AMD CPUs in the kernel. (flatcar/scripts#1770)
  • Enabled ntpd by default on AWS & GCP, enabled chronyd by default on Azure. The native time sync source is used on each cloud. (scripts#1792)
  • Enabled the GRUB TPM2 module to measure the boot code path and files into PCR 8+9 in UEFI (scripts#1861)
  • Enabled the ptp_vmw module in the kernel.
  • Hetzner: Added COREOS_HETZNER_PRIVATE_IPV4_0 Afterburn attribute for Hetzner private IPs (scripts#2141)
  • Hyper-V images, both .vhd and .vhdx files are available as zip compressed, switching from bzip2 to a built-in available Windows compression - zip (scripts#1878)
  • OpenStack, Brightbox: Added the flatcar.autologin kernel cmdline parameter by default as the hypervisor manages access to the console (scripts#1866)
  • Provided a Podman Flatcar extension as optional systemd-sysext image with the release. Write 'podman' to /etc/flatcar/enabled-sysext.conf through Ignition and the sysext will be installed during provisioning (scripts#1964)
  • OpenStack: Changed metadata hostname source order. The service first tries with the config drive then fallback on the metadata service. (bootengine#96)
  • Provided a ZFS-2.2.2 Flatcar extension as optional systemd-sysext image with the release. Write 'zfs' to /etc/flatcar/enabled-sysext.conf through Ignition and the sysext will be installed during provisioning. ZFS support is experimental and ZFS is not supported for the root partition. (flatcar/scripts#1742)
  • Removed Linux drivers for Mellanox Technologies Switch ASICs family and Spectrum/Spectrum-2/Spectrum-3/Spectrum-4 Ethernet Switch ASICs to reduce the initrd size on AMD64 by ~5MB (flatcar/scripts#1734). This change is part of the effort to reduce the initrd size (Flatcar#1381).
  • Removed actool from the image and acbuild from the SDK as these tools are deprecated and not used (scripts#1817)
  • Scaleway: images are now provided directly as .qcow2 to ease the import on Scaleway (scripts#1953)
  • Switched ptp_kvm from kernel builtin to module.
  • The default VM memory was bumped to 2 GB in the Qemu script and for VMware OVFs
  • Update generation SLSA provenance info from v0.2 to v1.0.
  • Removed coreos-cloudinit support for automatic keys conversion (e.g reboot-strategy -> reboot_strategy) (scripts#1687)
Updates:

Changes since Beta 3975.1.1

Bug fixes:
  • Hetzner: Fixed duplicated prefix in the Afterburn metadata (scripts#2141)
Changes:
  • Hetzner: Added COREOS_HETZNER_PRIVATE_IPV4_0 Afterburn attribute for Hetzner private IPs (scripts#2141)
Updates:

Best,

The Flatcar Container Linux Maintainers

Reply all
Reply to author
Forward
This conversation is locked
You cannot reply and perform actions on locked conversations.
0 new messages