Update dependency talos to v1.9.2

[renovate]

This PR contains the following updates:

Package	Update	Change
talos	minor	1.7.6 -> 1.9.2

---

Release Notes

siderolabs/talos (talos)

v1.9.2

Compare Source

Talos 1.9.2 (2025-01-16)

Welcome to the v1.9.2 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

auditd

Kernel parameter talos.auditd.disabled=1 can be used to disable Talos built-in auditd service.

kube-apiserver Authorization Config

When using .cluster.apiServer.authorizationConfig the user provided order for the authorizers is honoured and Node and RBAC authorizers are always added to the end if not explicitly specified.

Eg: If user provides only Webhook authorizer, the final order will be Webhook, Node, RBAC.

To provide a specific order for Node or RBAC explicitly, user can provide the authorizer in the order they want.

Eg:

cluster:
  apiServer:
    authorizationConfig:
      - type: Node
        name: Node
      - type: Webhook
        name: Webhook
        webhook:
          connectionInfo:
            type: InClusterConfig
        ...
      - type: RBAC
        name: rbac

Usage of authorization-mode CLI argument will not support this form of customization.

Component Updates

• Linux: 6.12.9
• runc: 1.2.4
• containerd: 2.0.2

Talos is built with Go 1.23.4.

Contributors

• Andrey Smirnov
• Dmitry Sharshakov
• L.J. Hanson
• Noel Georgi
• Skyler Mäntysaari
• TomyLobo

Changes

18 commits

• @​09758b3 release(v1.9.2): prepare release
• @​207f863 feat: update containerd to 2.0.2
• @​582064d fix: add informer resync period for node status watcher
• @​244fd6e feat: add a kernel parameter to disable built-in auditd
• @​28327e0 fix: kube-apiserver authorizers order
• @​ff9aa80 fix: a couple of imager panics/crashes
• @​44e2cc9 feat: update Linux to 6.12.9
• @​9fd295b fix: detect GPT before ZFS
• @​7b59573 fix: extfs repair and resize
• @​5f6bfe0 fix: merge of VolumeConfig documents with sizes
• @​0c05e1c feat: update Linux to 6.12.8
• @​b61ab0a fix: partition alignment on disks with 4k sectors
• @​c4a69d3 fix: yet another dashboard panic
• @​dec3c6e fix: disable NRI plugin in a different way
• @​dfb54c8 fix: request previous IP address in discovery
• @​6b1fe3d fix: mount selinuxfs only when SELinux is enabled
• @​5e893e1 fix: update field name for bus path disk selector
• @​9219fc0 fix: exclude disks with empty transport for disk selector

Changes from siderolabs/pkgs

6 commits

• siderolabs/pkgs@c1f06e5 feat: update containerd to v2.0.2
• siderolabs/pkgs@ef38c38 feat: update Linux to 6.12.9
• siderolabs/pkgs@a7487d6 fix: adjust kernel options around ACPI/PCI/EFI
• siderolabs/pkgs@376259a feat: update Linux to 6.12.8
• siderolabs/pkgs@8e435cd fix: update config-arm64 to add Rasperry Pi watchdog support
• siderolabs/pkgs@daabb47 fix: dvb was missing I2C_MUX support and si2168 driver

Dependency Changes

• github.com/siderolabs/go-blockdevice/v2 v2.0.9 -> v2.0.11
• github.com/siderolabs/pkgs v1.9.0-15-g45c4ba4 -> v1.9.0-21-gc1f06e5
• github.com/siderolabs/talos/pkg/machinery v1.9.1 -> v1.9.2

Previous release can be found at v1.9.1

Images

ghcr.io/siderolabs/flannel:v0.26.1
registry.k8s.io/coredns/coredns:v1.12.0
gcr.io/etcd-development/etcd:v3.5.17
registry.k8s.io/kube-apiserver:v1.32.0
registry.k8s.io/kube-controller-manager:v1.32.0
registry.k8s.io/kube-scheduler:v1.32.0
registry.k8s.io/kube-proxy:v1.32.0
ghcr.io/siderolabs/kubelet:v1.32.0
ghcr.io/siderolabs/installer:v1.9.2
registry.k8s.io/pause:3.10

v1.9.1

Compare Source

Talos 1.9.1 (2024-12-26)

Welcome to the v1.9.1 release of Talos!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

• Linux: 6.12.6
• CNI plugins: 1.6.1

Talos is built with Go 1.23.4.

Contributors

• Andrey Smirnov
• Dmitry Sharshakov
• Noel Georgi

Changes

15 commits

• @​348472f release(v1.9.1): prepare release
• @​e702542 fix: ignore member not found error on leave cluster
• @​2125206 test: use node informer instead of raw watch
• @​73c25ee fix: talosctl support and race tests
• @​edd7844 fix: update go-blockdevice to v2.0.9
• @​c1f975c fix: use correct default search domain
• @​ff91a75 fix: reduce installer image
• @​9cebe5e fix: fix Failed to initialize SELinux labeling handle udev error
• @​852cf5a feat: bring Linux 6.12.6, CNI plugins 1.6.1
• @​5f83c83 docs: document Kubernetes service registry incompat with K8s 1.32
• @​3f87286 fix: dashboard crash on CPU data
• @​f84ba2a docs: fix several typos
• @​972044e chore: support gcr.io auth for cache and image gen
• @​7908c93 fix: make talosctl time work with PTP time sync
• @​48cb3a6 fix: restore previous disk serial fetching

Changes from siderolabs/go-talos-support

1 commit

• siderolabs/go-talos-support@0f784bd fix: avoid deadlock on context cancel

Changes from siderolabs/pkgs

3 commits

• siderolabs/pkgs@45c4ba4 fix: patch containerd with CNI deadlock fix
• siderolabs/pkgs@13c5fc6 feat: update Linux to 6.12.6
• siderolabs/pkgs@6ed389e feat: update Linux firmware to 2024121

Dependency Changes

• github.com/containernetworking/plugins v1.6.0 -> v1.6.1
• github.com/opencontainers/runc v1.2.2 -> v1.2.3
• github.com/siderolabs/go-blockdevice/v2 v2.0.7 -> v2.0.9
• github.com/siderolabs/go-talos-support v0.1.1 -> v0.1.2
• github.com/siderolabs/pkgs v1.9.0-12-g9576b97 -> v1.9.0-15-g45c4ba4
• github.com/siderolabs/talos/pkg/machinery v1.9.0 -> v1.9.1

Previous release can be found at v1.9.0

Images

ghcr.io/siderolabs/flannel:v0.26.1
registry.k8s.io/coredns/coredns:v1.12.0
gcr.io/etcd-development/etcd:v3.5.17
registry.k8s.io/kube-apiserver:v1.32.0
registry.k8s.io/kube-controller-manager:v1.32.0
registry.k8s.io/kube-scheduler:v1.32.0
registry.k8s.io/kube-proxy:v1.32.0
ghcr.io/siderolabs/kubelet:v1.32.0
ghcr.io/siderolabs/installer:v1.9.1
registry.k8s.io/pause:3.10

v1.9.0

Compare Source

44 commits

• af5d6b8c4 fix: show SELinux labels on pseudo-fs
• f46922fa9 chore: fix dockerfile warnings
• a13f82c59 feat: udev: label device nodes
• e899fb37f feat: label created files in /etc
• 5f68c17ed feat: implement image cache configuration
• 0ffb2187a feat: registry proxy
• 77cf84fb5 feat: support generating iso with imagecache
• 5de6275b8 chore: image cache generator improvements
• 1a8cc5f8b feat: add SELinux labels to volumes
• 61b9129e0 fix: add directory entries and filemode to tarball
• 4caeae21e refactor: optimize flags and SetLabel
• 6074a870a feat: add e2fsprogs to talos rootfs
• 7ffcf5b93 docs: update getting started
• c4c1a0d7c fix: make vmware platform common code build on all arches
• cc768037f feat: implement block device wipe
• 6fb518ae5 fix: don't activate LVM volumes in agent mode
• 0e3ed3072 fix: no longer leak Close reader
• 4dc58cfdf chore: small fixes
• f400ae911 fix: small fixes for image cache generation
• 93754b7de fix: config and platform manifest generation
• 95b2fc946 feat: image cache gen
• e4c6186c6 chore: remove i915/amdgpu drivers
• 744ad12a6 docs: update replicated-local-storage-with-openebs.md
• fd713e451 feat: add permanent hardware addr to device selectors
• d55a96e8c refactor: remove SELinux client_u and client_r
• 3a5b55fd2 fix: allow CEL expressions config merge
• f1b15f580 chore: remove replace for safchain/ethtool
• f9697a9a0 fix: register controlplane node with NoSchedule taint
• 30f8b5a9f fix: registry mirror fallback handling
• 0f41e7743 feat: allow for onlink directive (nocloud)
• e26d0043e chore: code cleanup
• 43fe3807a feat: implement tracking of blockdevice secondaries
• 8a7476c3a fix: install on non-empty disk
• 8b4253d18 feat: update etcd to v3.5.17
• 5a0fd5b88 refactor: move early initialization functions to pre-initialize phase
• 9916e2cd8 chore: update pkgs/tools/extras for Go 1.23.3
• 20bbf0235 docs: update vultr documentation
• aea98940b fix: arch linux search paths and names for QEMU provisioner
• 682718d4c fix: use imager incoming version for extension validation
• 9a02ecc49 feat: rewrite install disk selector to use CEL expressions
• eba35f441 docs: add note about PSP in Rook-Ceph guide
• 38b80fb1d docs: add missing --talosconfig parameter to end of Hetzner guide
• a07f66c91 docs: gcp: fix controlplane nodes tags
• 4fe6dc8a0 chore: clean dns code

v1.8.4

Compare Source

Talos 1.8.4 (2024-12-13)

Welcome to the v1.8.4 release of Talos!

Starting with Talos v1.8.0, only standard assets would be published as github release assets. These include:

• cloud-images.json
• talosctl binaries
• kernel
• initramfs
• metal iso and disk images
• talosctl-cni-bundle

All other release assets can be downloaded from Image Factory.

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

Linux: 6.6.64
runc: 1.2.3
Kubernetes: 1.31.4
etcd: 3.5.17

Talos is built with Go 1.22.10.

Contributors

• Andrey Smirnov
• Dmitriy Matrenichev
• Christian Luetke-Stetzkamp
• Noel Georgi
• OliviaBarrington
• Steven Kreitzer

Changes

17 commits

• @​3c151c8 release(v1.8.4): prepare release
• @​1fb38e4 fix: use mtu network option for podman
• @​acd9fda fix: order volume config by the requested size
• @​c547557 fix: install iptables-nft to the host
• @​94b342b fix: lock provisioning order of user disk partitions
• @​df8fe4c feat: support vlan/bond in v1, vlan in v2 for nocloud
• @​3a1727e fix: don't reset health status if service doesn't support health checks
• @​7ff796f fix: make system_disk condition work properly before install
• @​379eefd fix: nocloud network link matching on MAC addresses
• @​c87ec03 feat: allow for onlink directive (nocloud)
• @​aa14ae5 fix: small logrus fixes
• @​b90863a fix: properly halt installation if Talos already installed
• @​6d20ade fix: make vmware platform common code build on all arches
• @​bc2d547 fix: allow CEL expressions config merge
• @​5188f64 fix: install on non-empty disk
• @​6f411cc feat: update etcd to v3.5.17
• @​7f91e31 feat: update Linux 6.6.64, runc 1.2.3

Changes from siderolabs/pkgs

7 commits

• siderolabs/pkgs@0698d6e chore: bring in KSPP recommendations
• siderolabs/pkgs@9ab4a32 feat: update Linux to 6.6.64
• siderolabs/pkgs@77d6623 feat: update runc to v1.2.3
• siderolabs/pkgs@1afc88c feat: build host iptables with nftables support
• siderolabs/pkgs@4c15185 feat: update Linux to 6.6.62, runc to 1.2.2
• siderolabs/pkgs@88cc7d4 feat: enable CONFIG_INTEL_HFI_THERMAL + CONFIG_INTEL_TURBO_MAX_3
• siderolabs/pkgs@77a1abb feat: update Go to 1.22.10

Changes from siderolabs/tools

1 commit

• siderolabs/tools@adfcf5a feat: update Go to 1.22.10

Dependency Changes

• github.com/siderolabs/go-blockdevice/v2 v2.0.3 -> v2.0.4
• github.com/siderolabs/pkgs v1.8.0-31-g9c80a4a -> v1.8.0-38-g0698d6e
• github.com/siderolabs/talos/pkg/machinery v1.8.3 -> v1.8.4
• github.com/siderolabs/tools v1.8.0-3-g653182a -> v1.8.0-4-gadfcf5a
• go.etcd.io/etcd/api/v3 v3.5.16 -> v3.5.17
• go.etcd.io/etcd/client/pkg/v3 v3.5.16 -> v3.5.17
• go.etcd.io/etcd/client/v3 v3.5.16 -> v3.5.17
• go.etcd.io/etcd/etcdutl/v3 v3.5.16 -> v3.5.17
• k8s.io/api v0.31.2 -> v0.31.4
• k8s.io/apiserver v0.31.2 -> v0.31.4
• k8s.io/client-go v0.31.2 -> v0.31.4
• k8s.io/component-base v0.31.2 -> v0.31.4
• k8s.io/kube-scheduler v0.31.2 -> v0.31.4
• k8s.io/kubectl v0.31.2 -> v0.31.4
• k8s.io/kubelet v0.31.2 -> v0.31.4
• k8s.io/pod-security-admission v0.31.2 -> v0.31.4

Previous release can be found at v1.8.3

Images

ghcr.io/siderolabs/flannel:v0.25.7
registry.k8s.io/coredns/coredns:v1.11.3
gcr.io/etcd-development/etcd:v3.5.17
registry.k8s.io/kube-apiserver:v1.31.4
registry.k8s.io/kube-controller-manager:v1.31.4
registry.k8s.io/kube-scheduler:v1.31.4
registry.k8s.io/kube-proxy:v1.31.4
ghcr.io/siderolabs/kubelet:v1.31.4
ghcr.io/siderolabs/installer:v1.8.4
registry.k8s.io/pause:3.10

v1.8.3

Compare Source

Talos 1.8.3 (2024-11-13)

Welcome to the v1.8.3 release of Talos!

Starting with Talos v1.8.0, only standard assets would be published as github release assets. These include:

• cloud-images.json
• talosctl binaries
• kernel
• initramfs
• metal iso and disk images
• talosctl-cni-bundle

All other release assets can be downloaded from Image Factory.

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

Linux: 6.6.60
containerd: 2.0.0
runc: 1.2.1

Talos is built with Go 1.22.9.

Contributors

• Andrey Smirnov
• blablu
• Dmitry Sharshakov
• Joakim Nohlgård
• Noel Georgi
• Remko Molier
• Sam Stelfox

Changes

15 commits

• @​6494ace release(v1.8.3): prepare release
• @​01c9f45 fix: arch linux search paths and names for QEMU provisioner
• @​8b5c5f1 chore: fix nil pointer dereference in AWS uploader
• @​fbf85dd fix: install disk matcher error
• @​ff3fcce feat: add dm-cache dm-cache-smq kernel modules
• @​6d872e4 feat: allow extra mounts for docker-based talosctl cluster create
• @​8c193c8 fix: update permissions for logging directories in /var
• @​5044a41 fix: mount /sys/kernel/security conditionally
• @​83abb66 fix: make route normalization keep family
• @​228a943 fix: do not trim 0 from process SELinux label
• @​d4a3a2b fix: prevent panic in nocloud platform code
• @​5c7b02d fix: update the CRI sandbox image reference
• @​f8155c4 feat: add parsing of vlanNNNN:ethX style VLAN cmdline args
• @​ea19f15 fix: generation of SecureBoot iso
• @​fddaa60 feat: update Linux, runc, containerd, go

Changes from siderolabs/pkgs

7 commits

• siderolabs/pkgs@9c80a4a feat: update Linux to 6.6.60
• siderolabs/pkgs@747c6c7 feat: update containerd to v2.0.0
• siderolabs/pkgs@87c6526 feat: enable CONFIG_DM_CACHE
• siderolabs/pkgs@b4fa648 fix: enable nvme and 2.5gbit ethernet on nanopi-r5s
• siderolabs/pkgs@079ea13 feat: update Linux to 6.6.59
• siderolabs/pkgs@e4bc753 feat: update runc to v1.2.1
• siderolabs/pkgs@de3dbf5 feat: update Go to 1.22.9

Changes from siderolabs/tools

1 commit

• siderolabs/tools@653182a feat: update Go to 1.22.9

Dependency Changes

• github.com/docker/cli v27.1.1 new
• github.com/docker/docker v27.2.0 -> v27.1.1
• github.com/siderolabs/pkgs v1.8.0-24-ge72b2f4 -> v1.8.0-31-g9c80a4a
• github.com/siderolabs/talos/pkg/machinery v1.8.2 -> v1.8.3
• github.com/siderolabs/tools v1.8.0-2-g7719230 -> v1.8.0-3-g653182a

Previous release can be found at v1.8.2

Images

ghcr.io/siderolabs/flannel:v0.25.7
registry.k8s.io/coredns/coredns:v1.11.3
gcr.io/etcd-development/etcd:v3.5.16
registry.k8s.io/kube-apiserver:v1.31.2
registry.k8s.io/kube-controller-manager:v1.31.2
registry.k8s.io/kube-scheduler:v1.31.2
registry.k8s.io/kube-proxy:v1.31.2
ghcr.io/siderolabs/kubelet:v1.31.2
ghcr.io/siderolabs/installer:v1.8.3
registry.k8s.io/pause:3.10

v1.8.2

Compare Source

Talos 1.8.2 (2024-10-28)

Welcome to the v1.8.2 release of Talos!

Starting with Talos v1.8.0, only standard assets would be published as github release assets. These include:

• cloud-images.json
• talosctl binaries
• kernel
• initramfs
• metal iso and disk images
• talosctl-cni-bundle

All other release assets can be downloaded from Image Factory.

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

Linux: 6.6.58
containerd: 2.0.0-rc.6
runc: 1.2.0
Kubernetes: 1.31.2

Talos is built with Go 1.22.8.

Contributors

• Andrey Smirnov
• Dmitriy Matrenichev
• Joakim Nohlgård
• Noel Georgi
• Philip Schmid
• Philipp Kleber
• Serge Logvinov

Changes

18 commits

• @​88f861a release(v1.8.2): prepare release
• @​cfc1010 fix: include iptables/netfilter ipv6 fix
• @​d8e2daf fix: wait for udevd to be running before activating LVM
• @​e105a3d fix: talosctl process null character
• @​0e96e99 fix: rework the 'metal-iso' config acquisition
• @​7ef5796 fix: improve error messages for invalid bridge/bond configuration
• @​a3fcbe0 chore: rename tpm2.PCRExtent -> tpm2.PCRExtend
• @​a9e6e60 fix: correct error message for invalid ip=
• @​49de0ab fix: update incorrect alias for PCIDevice resource
• @​9b561ac feat: add Talos 1.9 compatibility guarantees
• @​2ea3f85 chore: update siderolabs/crypto module and return proper ALPN
• @​ce47912 feat: optionally decode hcloud userdata as base64
• @​f20a690 fix: json logging panic
• @​d855bb8 fix: skip ram disks
• @​b429e7f fix: do not use pflag csv comma reader for config-patch
• @​ee44f2c test: skip no error test in Cilium
• @​7d055af fix: scaleway metadata
• @​9f62fe9 feat: update pkgs and Kubernetes

Changes from siderolabs/crypto

1 commit

• siderolabs/crypto@58b2f92 chore: use HTTP/2 ALPN by default

Changes from siderolabs/go-circular

1 commit

• siderolabs/go-circular@9a0f7b0 fix: multiple data race issues

Changes from siderolabs/pkgs

8 commits

• siderolabs/pkgs@e72b2f4 fix: apply netfilter ipv6 fix
• siderolabs/pkgs@9aac1a8 feat: update containerd to v2.0.0-rc.6
• siderolabs/pkgs@9668729 feat: update Linux to 6.6.58
• siderolabs/pkgs@9bc27b3 feat: update runc to 1.2.0
• siderolabs/pkgs@f7cc89e fix: default IOMMU mode to 'lazy'
• siderolabs/pkgs@7ca4e2c feat: update Linux to 6.6.57, update Linux firmware
• siderolabs/pkgs@e2c4848 feat: update Linux 6.6.56 and protect /proc/mem
• siderolabs/pkgs@c7729c3 feat: enable CONFIG_XFRM_STATISTICS

Changes from siderolabs/siderolink

1 commit

• siderolabs/siderolink@1893385 fix: initialize tls listener properly

Dependency Changes

• github.com/klauspost/compress v1.17.10 -> v1.17.11
• github.com/siderolabs/crypto v0.4.4 -> v0.5.0
• github.com/siderolabs/go-circular v0.2.0 -> v0.2.1
• github.com/siderolabs/pkgs v1.8.0-16-g71d23b4 -> v1.8.0-24-ge72b2f4
• github.com/siderolabs/siderolink v0.3.10 -> v0.3.11
• github.com/siderolabs/talos/pkg/machinery v1.8.1 -> v1.8.2
• golang.org/x/time v0.6.0 -> v0.7.0
• k8s.io/api v0.31.1 -> v0.31.2
• k8s.io/apiserver v0.31.1 -> v0.31.2
• k8s.io/client-go v0.31.1 -> v0.31.2
• k8s.io/component-base v0.31.1 -> v0.31.2
• k8s.io/kube-scheduler v0.31.1 -> v0.31.2
• k8s.io/kubectl v0.31.1 -> v0.31.2
• k8s.io/kubelet v0.31.1 -> v0.31.2
• k8s.io/pod-security-admission v0.31.1 -> v0.31.2

Previous release can be found at v1.8.1

Images

ghcr.io/siderolabs/flannel:v0.25.7
registry.k8s.io/coredns/coredns:v1.11.3
gcr.io/etcd-development/etcd:v3.5.16
registry.k8s.io/kube-apiserver:v1.31.2
registry.k8s.io/kube-controller-manager:v1.31.2
registry.k8s.io/kube-scheduler:v1.31.2
registry.k8s.io/kube-proxy:v1.31.2
ghcr.io/siderolabs/kubelet:v1.31.2
ghcr.io/siderolabs/installer:v1.8.2
registry.k8s.io/pause:3.9

v1.8.1

Compare Source

Talos 1.8.1 (2024-10-08)

Welcome to the v1.8.1 release of Talos!

Starting with Talos v1.8.0, only standard assets would be published as github release assets. These include:

• cloud-images.json
• talosctl binaries
• kernel
• initramfs
• metal iso and disk images
• talosctl-cni-bundle

All other release assets can be downloaded from Image Factory.

Please try out the release binaries and report any issues at
https://github.com/siderolabs/talos/issues.

Component Updates

Linux: 6.6.54
containerd: 2.0.0-rc.5
Flannel: 0.25.7

Talos is built with Go 1.22.8.

Contributors

• Andrey Smirnov
• Hexoplon
• ekarlso

Changes

16 commits

• @​477752f release(v1.8.1): prepare release
• @​362c9f8 test: skip lvm test if not enough user disks available
• @​7930500 chore: checkout extensions from release-1.8, not main
• @​f6d6306 fix: wipe system partitions correctly via kernel args
• @​4d279c6 fix: volume encryption with failing keyslots
• @​070defa fix: update grpc-go the latest patch release
• @​a2d12fd feat: update Flannel to v0.25.7
• @​e2f560b feat: bring in lpfc kernel module driver
• @​788336a feat: enable QEDF driver
• @​e4341fa fix: make /var/run empty on reboots
• @​66228ef fix: multiple fixes for LVM activation
• @​5f4515f fix: prevent file descriptors leaks to child processes
• @​a55103e chore: ignore more plugins for system containerd
• @​ffcdc0b fix: build talosctl without tcell_minimal
• @​d29f660 feat: add support for CI Network config in nocloud
• @​01e580b feat: update Go 1.22.8, Linux, pkgs

Changes from siderolabs/pkgs

8 commits

• siderolabs/pkgs@71d23b4 feat: update Linux to 6.6.54
• siderolabs/pkgs@8906a9b feat: add lpfc kernel module
• siderolabs/pkgs@3c57dff feat: enable QEDF driver
• siderolabs/pkgs@1ecbd58 feat: update containerd to v2.0.0-rc.5
• siderolabs/pkgs@47dff98 fix: drop the LVM2 udev lvm rule
• siderolabs/pkgs@480d765 fix: force LVM to use /run as state directory
• siderolabs/pkgs@c663212 feat: enable transparent huge pages in madvise mode
• siderolabs/pkgs@832f11b feat: update Go to 1.22.8

Changes from siderolabs/tools

1 commit

• siderolabs/tools@7719230 feat: update Go to 1.22.8

Dependency Changes

• github.com/klauspost/compress v1.17.9 -> v1.17.10
• github.com/siderolabs/go-blockdevice/v2 v2.0.2 -> v2.0.3
• github.com/siderolabs/pkgs v1.8.0-8-gdf1a1a5 -> v1.8.0-16-g71d23b4
• github.com/siderolabs/talos/pkg/machinery v1.8.0 -> v1.8.1
• github.com/siderolabs/tools v1.8.0-1-ga0c06c6 -> v1.8.0-2-g7719230
• google.golang.org/grpc v1.66.0 -> v1.66.3

Previous release can be found at v1.8.0

Images

ghcr.io/siderolabs/flannel:v0.25.7
registry.k8s.io/coredns/coredns:v1.11.3
gcr.io/etcd-development/etcd:v3.5.16
registry.k8s.io/kube-apiserver:v1.31.1
registry.k8s.io/kube-controller-manager:v1.31.1
registry.k8s.io/kube-scheduler:v1.31.1
registry.k8s.io/kube-proxy:v1.31.1
ghcr.io/siderolabs/kubelet:v1.31.1
ghcr.io/siderolabs/installer:v1.8.1
registry.k8s.io/pause:3.9

v1.8.0

Compare Source

113 commits

• 6f7c3a8e5 fix: build of talosctl on non-Linux arches
• f0a59cec7 release(v1.8.0-alpha.2): prepare release
• c8aed3be4 fix: correctly add console args for ttyS0
• b453385bd feat: support volume configuration, provisioning, etc
• b6b16b35f chore: pause sequencer when talos installed and iso booted
• eade0a9f2 chore: bring in uio modules
• 81f9fcd9c fix: report errors correctly when pulling, fix EEXIST
• b309e87b4 docs: fix invalid input in field user_data
• c7474877a docs: kubeProxyReplacement from "disabled" to "false"
• be2ebf6b4 chore: bump dependencies
• 88601bff4 chore: drop calico from interactive installer
• 106c17d0b chore: aarch64 qemu local secureboot support
• da6263506 feat: update Flannel to v0.25.6
• 19a44c2b0 chore: drop console ttyS0 argument
• 75cecb421 feat: add Apache Cloudstack support
• 951cf66fd feat: add Cisco fnic driver
• 2d3bc94bf fix(ci): fix broken tests
• a9551b7ca fix: host DNS access with firewall enabled
• 4834a61a8 feat: report SELinux labels
• 8fe39eacb chore: move csi tests as go test
• e4f8cb854 fix: merge extension service config files by mountPath
• 5ba1df469 chore: add java package to protos
• 823480800 fix: add missing host/nvme-rdma
• 5b4b64979 fix: bump go-smbios for broken SMIOS tables
• f57d1f07e fix: add NVMe target kernel modules
• 5ff6cf82c fix: drop /opt mount for containers/tink
• 3c0db34d8 docs: update kubespan docs
• 3041d9075 fix: always handle PermissionDenied in dashboard resource watches
• 36f83eea9 chore: make qemu check flag consistent with code
• fe52cb074 chore: update protoc-gen-doc
• ee4290f68 fix: bind HostDNS to 169.254.x link-local address
• c312a46f6 chore: restructure k8s component health checks
• e193e7db9 docs: fix incorrect path for openebs in documentation
• beadbac21 docs: update Oracle Cloud Talos custom image docs
• 6f969e364 chore: improve cluster create UX on aarch64
• 45cc8688a chore: replace if blocks with min/max functions
• a5bd770bf fix: retry with another upstream if the previous failed
• 82e19f38a docs: add high-level overlay development guide
• 872599c9a chore: drop image assets from release
• 3c36c41a9 feat: provide device extra settle timeout
• 9e348ef35 feat: update Kubernetes to 1.31.0
• 61a1c946b feat: bundle (some) CNI plugins with Talos core
• 091da163b chore: support arm64 kexec from zboot kernel images
• 73511c1ef chore: fix release notes
• 2bf924c7b feat: update ISO VolumeID with Talos version
• 9a33dce10 docs: fix the VMWare docs
• 12562c2d5 docs: fix talos version in vmware.sh
• ee67da14c feat: scaleway routed ip
• eba5dafb9 fix: add dns-resolve-cache to the support bundle
• d4f8100bd docs: fix default openebs folder
• 60e163d54 docs: fix typo in doc
• 98d9abdd0 chore(ci): fix cilium ci tests
• beb9602e3 chore: bump github.com/docker/docker to v27.1.1+incompatible
• 0698a4921 docs: aws getting started re-write
• 4d7d7a589 chore(ci): update nvidia integration tests
• 60e901c1d chore: document slim kubelet image
• 622d66a98 chore: bump deps
• f9f5e0ef5 chore: fix k8s tests
• 2ac8d2274 chore: support unsupported flag for mkfs
• 9b9159d1e docs: update support matrix for nvidia drivers
• 9d3415850 fix: fix graph diffs in dashboard when node aliases are used
• 9a126d70e chore: generate deepcopy for SecureBootAssets type
• dff56d824 chore: remove arch-specific etcd image tag
• c9f1dece5 feat: update Kubernetes to 1.31.0-rc.1
• 49831c56f docs: replace removed Cilium/kubeProxyReplacement value
• 33a316369 docs: update aws.md for loop
• e02bd2093 feat: update Kubernetes to 1.31.0-rc.0
• 64914b086 chore: add test for crun extension
• 7a1c62b8b feat: publish installed extensions as node labels/annotations
• 3f2058aba fix: update containerd configuration and settings
• 81bd20f5a docs: remove deprecated jiva from openebs instructions
• 480ffb88a docs: fix the amd64 PXE boot script URL
• 20fe34dbd docs: fix docker getting started typo
• 0fd7dfd2a docs: update Equinix Guide
• 3d1474ac0 feat: update CoreDNS to 1.1.3
• 50e5f37ef chore: add test for apparmor
• 96492c097 docs: extend multus configuration for Cilium
• 19aa44c54 fix: generate kubeconfig using proper types
• 240104e45 feat: update Linux to 6.6.43
• 32db8db60 chore: lock microsoft secureboot certs
• 3ce5492f8 feat: runc memfd-bind service
• 341b55cd3 docs: update vmware.sh
• 117628aa6 chore: add test for gvisor extension with platform kvm
• fd01571c4 feat: update Linux, enable Broadcom MPI3 driver
• b333ec07d feat: update etcd to 3.5.15, Flannel to 0.25.5
• 087290178 feat: use ethtool ioctl to get link status when netlink api not available
• 395c64290 docs: update openebs-jiva helm repo
• f132d3f40 chore(ci): remove artifacts directory prefix for checksums
• fd54dc191 feat(talosctl): append microsoft secure boot certs
• fd6ddd11e feat: provide POD_IP env var to scheduler and controller-manager
• 407347a7a feat: update Kubernetes to 1.31.0-beta.0
• 1b8c9ccbb fix: enforce secureboot enroll option only for supported releases
• d52b89cb9 chore: ensure tls required on s3 buckets
• c288ace7b fix: be more smart when merging DNS resolver config
• d983e4430 fix: panic on shutdown
• 01404edff chore: reduce memory requirement for contrplane nodes
• 980f9ebc0 fix: fix log format in cluster provisioning
• ea626a963 feat: add label 'exclude-from-external-load-balancers' for cp nodes
• 1cf76cfbc docs: fix talosctl spelling
• b07338f54 feat: provide machine config document to update trusted CA roots
• f14c4795e fix: sort ports and merge adjacent ones in the nft rule
• cf5effabb feat: provide an option to enforce SecureBoot for TPM enrollment
• 736c1485e fix: change the UEFI firmware search path order
• a727a1d97 chore: make using action tracker easier
• 0aebeff35 docs: add missing backslashes
• 398151e64 fix: remove host bind mount for /tmp for trustd
• ce4c404e1 chore: redo FilterMessages as generic function
• fbde9c556 chore: bump deps
• 3bab15214 feat: update Kubernetes to 1.31.0-alpha.3
• c2a5213ee docs: add note about mayastor nvme_tcp init container check
• dad9c40c7 chore: simplify code
• 963612bcc chore: redo EncodeString and EncodeBytes using buffer interface
• d9db360ab fix: properly output multi-doc machine config in get mc

[v1.7.7](https://redirect.github.com/s

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.