Skip to content

Releases: bottlerocket-os/bottlerocket

v1.20.0

15 May 01:05
@rpkelly rpkelly
v1.20.0
fcf71a4
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.20.0 Latest
Latest

OS Changes

  • Update third party packages (#3939)
  • Enable file system encryption in 5.15 and 6.1 kernels (#3906, #3908)
  • Backport fix for loading SELinux modules (#3907)
  • Add Fabric Manager support (#3873)
  • Update host containers (#3947)
  • Add setting to configure ntp options (#3852 thanks @domgoodwin)
  • Include swap utilities (#3829)
  • Update kernels to 6.1.87, 5.15.156, 5.10.215 (#3934, #3930)

Orchestrator Changes

Kubernetes

  • Drop Kubernetes 1.25 Metal and VMware variants (#3896)
  • Add Kubernetes 1.30 variants (#3859, #3936)
  • Add container-runtime settings to aws-k8s-*-nvidia variants (#3945)

ECS

  • Update ecs-agent to 1.82.3 (#3939)
  • Use systemd drop-ins to configure the ECS agent (#3834)

Build Changes

  • Update twoliter and the SDK (#3938, #3885)
  • Remove liblzma and libbzip2 (#3861, #3944)
  • Pessimize Rust builds that require the AWS SDK (#3892)
  • Reduce variant matrix in CI/CD (#3863)
  • Document package build tools for go dependencies (#3882)
  • Update Go lints in CI/CD (#3884)
  • Out-of-tree build enablement
    • systemd: use build defaults and kernel parameters for unified cgroups (#3886, #3935)
    • early-boot-config: Use standalone provider binaries to fetch user data (#3637, #3890)
    • logdog: retrieve settings via API client (#3946)
    • netdog: remove conditional compilation, add hostname helpers (#3700, #3898)
    • schnauzer: add if_not_null template helper (#3838)
    • static-pods: remove conditional compilation, switch to config file (#3891, #3927, #3913)
    • host-containers: switch to config file (#3777, #3842)
    • bootstrap-containers: switch to config file (#3724)
    • corndog: switch to config file (#3715)
    • prairiedog: switch to config file (#3713, #3814, #3836)
    • thar-be-updates: switch to config file (#3721)
    • updog: use modeled types (#3901)
    • kernel: remove variant sensitivity (#3897, #3905, #3932)
  • FIPS enablement
    • add FIPS report to the API (#3894)
    • add release-fips package for FIPS functionality (#3893)
    • build Go binaries for FIPS and non-FIPS (#3887)

Contributors

domgoodwin
Assets 2

v1.19.5

01 May 23:38
@sam-berning sam-berning
v1.19.5
64049ba
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.19.5

OS Changes

  • Update kernel to 5.10.214, 5.15.153, 6.1.84 #3906
  • Update third party packages (#3910, #3914)
  • Update host containers (#3911)

Orchestrator Changes

Kubernetes

  • Provide runtime cgroup to kubelet (#3804)

Build Changes

  • Update twoliter to v0.1.1 (#3880, #3900)
  • Update ecs-gpu-init, amazon-ssm-agent, and nvidia-k8s-device-plugin builds for new SDK (#3920, #3921, #3924)
Assets 2

v1.19.4

07 Apr 03:18
@rpkelly rpkelly
v1.19.4
4f0a078
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.19.4

OS Changes

  • Update kernel to 5.10.213, 5.15.152, 6.1.82 (#3865)
  • Update containerd to 1.6.31 (#3869)
Assets 2

v1.19.3

02 Apr 02:51
@rpkelly rpkelly
v1.19.3
f097c61
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.19.3

OS Changes

  • Update kernel to 5.10.210, 5.15.149, 6.1.79 (#3853)
  • Update third party packages (#3793, #3832)
  • Update host containers (#3837)
  • Support auditctl in bootstrap containers (#3831)

Orchestrator Changes

Kubernetes

  • Add latest instance types to eni-max-pods mapping (#3824)

ECS

Build Changes

  • Update Rust dependencies (#3830)
  • Update Go dependencies (#3830)
  • twoliter updated to v0.0.7 (#3839)
Assets 2

v1.19.2

26 Feb 23:41
@vyaghras vyaghras
v1.19.2
29cc92c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.19.2

OS Changes

  • Update third party packages (#3789)
  • Update kernel to 5.10.209, 5.15.148, 6.1.77 (#3797)
  • Add AWS settings extension (#3738, #3770)
  • Allow CSI helpers in the SELinux policy (#3779)
  • Update to latest NVIDIA drivers (#3798)

Orchestrator Changes

Kubernetes

  • Enable NVIDIA GPU isolation using volume mounts (#3718 thanks @chiragjn , #3790)
  • Clean up CNI results cache on boot (#3792)

ECS

  • Add settings.ecs.enable-container-metadata (#3782)

Build Changes

  • Adjust certdog to utilize a configuration file instead of the API server (#3706, #3778, #3787)
  • Don't use parallel make for shim package (#3771)
  • Renumber unit files in release package (#3769)
  • Ignore EKS patches for k8s-1.23 in Git (#3774)

Contributors

chiragjn
Assets 2

v1.19.1

08 Feb 01:16
@arnaldo2792 arnaldo2792
v1.19.1
c325a08
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.19.1

OS Changes

  • Update kernel to 5.10.209, 5.15.148 (#3765)
  • Update host containers (#3763)

Orchestrator Changes

Kubernetes

  • Mark pause container image as "pinned" to prevent garbage collection (#3757)

ECS

  • Update Docker engine and Docker CLI to v25.0.2 (#3759)
  • Update ECS agent to 1.81.0 (#3759)
  • Update AWS SSM agent to 3.2.2222.0 (#3762)
Assets 2

v.1.19.0

02 Feb 00:46
@yeazelm yeazelm
v1.19.0
2b1a787
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v.1.19.0

OS Changes

  • Adjust unit dependencies for systemd-sysusers (#3720)
  • Update third party packages (#3722, #3750)
  • Add kernel settings extension (#3727)
  • Update kernel to 5.10.205, 5.15.145, 6.1.72 (#3734)
  • Update runc to 1.1.12 and containerd to 1.6.28 (#3751)

Orchestrator Changes

Kubernetes

  • Add latest instance types to eni-max-pods mapping (#3741)
  • Drop Kubernetes 1.24 Metal and VMware variants (#3742)

ECS

  • Add additional ECS settings for ECS_BACKEND_HOST and ECS_AWSVPC_BLOCK_IMDS (#3749)

Build Changes

  • twoliter updated to v0.0.6 (#3744)
Assets 2

v1.18.0

18 Jan 04:05
@ginglis13 ginglis13
v1.18.0
7452c37
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.18.0

OS Changes

  • Remove unused runc SELinux policy rule (#3673)
  • Update third party packages (#3692)
  • Fix creation of kprobes using unqualified names (#3699, #3708)
  • Update host containers (#3704)
  • Update kernel to 5.10.205, 5.15.145, 6.1.66 (#3686, #3708)
  • Add container-registry settings extension (#3674)
  • Add updates settings extension (#3689)

Orchestrator Changes

Kubernetes

  • Add Kubernetes 1.29 variants (#3628)
  • Update Kubernetes 1.23 to release 33 (#3692)
  • Add latest instance types to eni-max-pods mapping (#3695)

ECS

  • Update ecs-agent to 1.79.2 (#3692)

Build Changes

  • Export symbols for packages that include dynamically linked Go binaries (#3680)
  • Update to Bottlerocket SDK v0.37.0 (#3690)
    • Upgrades to Go 1.21.5
Assets 2

v1.17.0

16 Dec 01:51
@rpkelly rpkelly
v1.17.0
53f322c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.17.0

OS Changes

  • Generate valid hostname when IPv6 reverse lookup fails (#3592)
  • Avoid mounting the EFI system partition at /boot (#3591)
  • Update kernel to 5.10.201, 5.15.139, 6.1.61 (#3611, #3643)
  • Switch to async tough (#3566 thanks @phu-cinemo)
  • Update host containers (#3646)
  • Move template migrations to schnauzer v2 (#3633)
  • Handle proxy credentials properly in pluto (#3639, #3667)
  • Update third party packages (#3612, #3642)

Orchestrator Changes

Kubernetes

  • Update nvidia-k8s-device-plugin to address CVEs (#3612)
  • Update to Kubernetes 1.28.4 (#3612)
  • Update to Kubernetes 1.27.8 (#3612)
  • Update to Kubernetes 1.26.11 (#3612)
  • Update to Kubernetes 1.25.16 (#3612)

ECS

  • Update ecs-agent to address CVEs (#3612)

Build Changes

  • Update to Bottlerocket SDK v0.36.1 (#3640, #3670)

Contributors

phu-cinemo
Assets 2

v1.16.1

13 Nov 22:19
@gthao313 gthao313
v1.16.1
763f6d4
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.16.1

OS Changes

  • Update open-vm-tools to 12.3.5 to address CVE-2023-34058 and CVE-2023-34059 (#3553)
  • Update NVIDIA drivers to 470.223.02 and 535.129.03 to address CVE‑2023‑31022 and CVE‑2023‑31018 (#3561)
  • Improvements to Bottlerocket CIS benchmark checks (#3552 #3562 #3564)
  • Regenerate updog proxy configuration when settings.network.proxy gets updated (#3578)
  • kernel: Update to 5.10.198, 5.15.136, and 6.1.59 (#3572)

Orchestrator Changes

Kubernetes

  • Update Kubernetes versions to address HTTP v2 x/net CVE-2023-39325 (#3581)
  • Avoid specifying hostname-override kubelet option if cloud-provider is set to aws (#3582)
Assets 2