Releases: bottlerocket-os/bottlerocket
Releases · bottlerocket-os/bottlerocket
v1.5.2
Security Fixes
- Update containerd for CVE-2021-43816 (8f085929588a)
v1.5.1
v1.5.0
Security Enhancements
- Add the ability to hotpatch log4j for CVE-2021-44228 in running containers (#1872, #1871, #1869)
OS Changes
- Enable configuration for OCI hooks in the container lifecycle (#1868)
- Retry all failed requests to IMDS (#1841)
- Enable node feature discovery for Kubernetes device plugins (#1863)
- Add
apiclient get
subcommand for simple API retrieval (#1836) - Add support for CPU microcode updates (#1827)
- Consistently support API prefix queries (#1835)
Build Changes
- Add support for custom image sizes (#1826)
- Add support for unifying the OS and data partitions on a single disk (#1870)
Documentation Changes
- Fixed typo in the README (#1847 thanks, @PascalBourdier!)
v1.4.2
v1.4.1
v1.4.0
OS Changes
- Add 'apiclient exec' for running commands in host containers (#1802, #1790)
- Improve boot performance (#1809)
- Add support for wildcard container registry mirrors (#1791, #1818)
- Wait up to 300s for a DHCP lease at boot (#1800)
- Retry if fetching the IMDS session token fails (#1801)
- Add ECR account IDs for pulling host containers in GovCloud (#1793)
- Filter sensitive API settings from
logdog
dump (#1777) - Fix kubelet standalone mode (#1783)
Build Changes
- Remove aws-k8s-1.17 variant (#1807)
- Update Bottlerocket SDK to 0.23 (#1779)
- Update third-party packages (#1816)
- Update Rust dependencies (#1810)
- Update Go dependencies of
host-ctr
(#1775, #1774) - Prevent spurious rebuilds of the model package (#1808)
- Add disk image files to TUF repo (#1787)
- Vendor wicked service units (#1798)
- Add CI check for Rust code formatting (#1782)
- Allow overriding the AMI data file suffix (#1784)
Documentation Changes
- Update cargo-make commands to work with newest cargo-make (#1797)
v1.3.0
Deprecation Notice
The Kubernetes 1.17 variant, aws-k8s-1.17
, will lose support in November, 2021. Kubernetes 1.17 is no longer receiving support upstream. We recommend replacing aws-k8s-1.17
nodes with a later variant, preferably aws-k8s-1.21
if your cluster supports it. See this issue for more details.
Security Fixes
- Apply patches to docker and containerd for CVE-2021-41089, CVE-2021-41091, CVE-2021-41092, and CVE-2021-41103 (#1769)
OS Changes
- Add MCS constraints to the SELinux policy (#1733)
- Support IPv6 in kubelet and pluto (#1710)
- Add region flag to aws-iam-authenticator command (#1762)
- Restart modified host containers (#1722)
- Add more detail to /etc/os-release (#1749)
- Add an entry to
/etc/hosts
for the current hostname (#1713, #1746) - Update default control container to v0.5.2 (#1730)
- Fix various SELinux policy issues (#1729)
- Update eni-max-pods with new instance types (#1724, thanks @samjo-nyang!)
- Add cilium device filters to open-vm-tools (#1718)
- Implement hybrid boot support for x86_64 (#1701)
- Include
/var/log/kdump
in logdog tarballs (#1695) - Use runtime.slice and system.slice cgroup settings in k8s variants (#1684, thanks @cyrus-mc!)
Build Changes
- Update third-party packages (#1701, #1716, #1732, #1755, #1763, #1767)
- Update Rust dependencies (#1707, #1750, #1751)
- Add wave definition for slow deployment (#1734)
- Add 'infrasys' for creating TUF infra in AWS (#1723)
- Make OVF file first in the OVA bundle (#1719)
- Raise pubsys messages to 'warn' if AMI exists or repo doesn't (#1708)
- Add constants crate (#1709)
- Add release URLs to package definitions (#1748)
- Add *.src.rpm to packages/.gitignore (#1768)
- Archive old migrations (#1699)
Documentation Changes
- Mention static pods in the security guidance around API access (#1766)
- Fix link to issue labels (#1764, thanks @andrewhsu!)
- Fix broken link for TLS bootstrapping (#1758)
- Update hash for v3 root.json (#1757)
- Update example version to v1.2.0 in QUICKSTART-VMWARE (#1741, thanks @yuvalk!)
- Clarify default kernel lockdown settings per variant (#1704)
v1.2.1
v1.2.0
OS Changes
- Add settings for kubelet topologyManagerPolicy and topologyManagerScope (#1659)
- Add support for container image registry mirrors (#1629)
- Add support for custom CA certificates (#1654)
- Add a setting for configuring hostname (#1664, #1680, #1693)
- Avoid wildcard for applying rp_filter to interfaces (#1677)
- Update default admin container to v0.7.2 (#1685)
Build Changes
- Add support for zstd compressed kernel (#1668, #1689)
- Add support for uploading OVAs to VMware (#1622)
- Update default built variant to aws-k8s-1.21 (#1686)
- Remove aws-k8s-1.16 variant (#1658)
- Move migrations from v1.1.5 to v1.2.0 (#1682)
- Update third-party packages (#1676)
- Update host-ctr dependencies (#1669)
- Update Rust dependencies (#1655, #1683, #1687)
Documentation Changes
- Fix typo in README (#1652, thanks @faultymonk!)