v0.3.0

Welcome to Bottlerocket! Bottlerocket is the new name for the OS.

In preparation for public preview, v0.3.0 includes a number of breaking changes that mean upgrades from previous versions are not possible. This is not done lightly, but had to be done to accommodate all we've learned during private preview.

Breaking Changes

• Rename to Bottlerocket ([#722], [#740]).
• Change partition labels to BOTTLEROCKET-* ([#726]).
• Switch to new updates repository URIs under updates.bottlerocket.aws ([#778]).
• Update Kubernetes to 1.15 ([#749]).
• Rename aws-k8s variant to aws-k8s-1.15 to enable versioning ([#785]).
• Update Linux kernel to 5.4.16-8.72.amzn2 ([#731]).
• Rename settings.target-base-url to settings.targets-base-url ([#788]).

OS Changes

• Mount kernel modules and development headers into containers from a squashfs file on the host ([#701]).
• Include third-party licenses at /usr/share/licenses ([#723]).
• Add initial implementation of SELinux ([#683], [#724]).
• Support transactions in the API ([#715], [#727]).
• Add support for platform-specific settings like AWS region ([#636]).
• Support templated settings with new tool 'schnauzer' ([#637]).
• Generate container image URIs with parameterized regions using schnauzer ([#638]).
• Respect update release waves when using updog check-updates ([#615]).
• Fix an issue with failed updates through certain https connections ([#730]).
• Add support for EC2 IMDSv2 ([#705], [#706], [#709]).
• Remove update-checking boot service ([#772]).
• Remove old migrations and mitigations that no longer apply ([#774]).
• Add /os API to expose variant, arch, version, etc. ([#777]).
• Update host container packages ([#707]).
• Allow removing settings in migrations ([#644]).
• Create abstractions for creating common migrations ([#712], [#717]).
• Remove the datastore version, instead use Bottlerocket version ([#760]).
• Improve datastore migration naming convention and build migrations during cargo make ([#704], [#716]).
• Update dependencies of third-party packages in base OS ([#691], [#696], [#698], [#699], [#700], [#708], [#728], [#786]).
• Update dependencies of Rust packages ([#738], [#730]).
• Rename moondog to early-boot-config ([#757]).
• Update admin and control containers to v0.4.0 ([#789]).
• Update container runtime socket path to more common /run/dockershim.sock ([#796])

Documentation

• Add copyright statement and Bottlerocket license ([#746]).
• General documentation improvements ([#681], [#693], [#736], [#761], [#762]).
• Added READMEs for packages and variants ([#773]).
• Split INSTALL guide into BUILDING and QUICKSTART ([#780]).
• Update CNI plugin in documentation and conformance test scripts ([#739]).

Build Changes

• General improvements to third-party license scanning ([#686], [#719], [#768]).
• Add policycoreutils, secilc, and squashfs-tools to SDK ([#678], [#690]).
• Update to Rust 1.41 and Go 1.13.8 ([#711], [#733]).
• Disallow upstream source fallback by default ([#735]).
• Move host, operator, and SDK containers to their own git repos ([#743], [#751], [#775]).
  • SDK Container
  • Admin Container
  • Control Container
  • Bottlerocket Update Operator
• Improve the syntax of migrations listed in Release.toml ([#687]).
• Add arm64 builds for host-containers ([#694]).
• Build stable image paths using symlinks in build/latest/ ([#767]).
• Add a set-migrations subcommand to the updata tool ([#756]).
• Remove rpm_crashtraceback tag from go builds ([#779]).
• Rename built artifacts to specify variant before arch ([#776]).
• Update SDK to v0.9.0 ([#790]).
• Fix architecture conditional in glibc spec ([#787]).
• Rename the workspaces directory to sources and the workspaces package to os. ([#770]).

v0.2.1

OS changes

• Make signpost usage clearer to avoid updating into empty partition ([#444]).
• Fix handling of wave bounds in updog that could result in seeing an update but not accepting it ([#539]).
• Add support for query parameters in repo requests to allow for basic telemetry ([#542]).
• Enable support for SELinux in OS packages (not yet enforcing) ([#579]).
• Make grub reboot when config or kernel loading fails so it can try other partition sets ([#585]).
• Add support for image "variants" with separate API models ([#578], [#588], [#589], [#591], [#597], [#613], [#625], [#626], [#627], [#653]).
  The default variant is "aws-k8s" for Kubernetes usage, and an "aws-dev" variant can be built that has a local Docker daemon and debug tools.
• Remove unused cri-tools package ([#602]).
• Update Linux kernel to 4.19.75-28.73.amzn2 ([#622]).
• Make containerd.service stop containerd-shims to fix shutdown/reboot delay ([#652]).
• Ensure updog only removes known extensions from migration filenames ([#662]).
• Add OS version to "pretty name" so it's visible in console log ([#663]).

Documentation changes

• Reorganize "getting started" documentation for clarity ([#581]).
• Fix formatting of kube-proxy options in install guide ([#584]).
• Specify compatible cargo-deny version in install guide ([#631]).
• Fix typos and improve clarity of install guide ([#639]).

Build changes

• Add scripts to ease Kubernetes conformance testing through Sonobuoy ([#530]).
• Add release metadata file to be used in future automation ([#556], [#594]).
• Update dependencies of third-party packages in base OS ([#595]).
• Update dependencies of Rust packages ([#598]).
• Update SDK container to include Rust 1.40.0, GCC 9.2, and other small fixes ([#603], [#628]).
• Fix aarch64 build failure for libcap ([#621]).
• Add initial container definitions and scripts for CI process ([#619], [#624], [#633], [#646], [#647], [#651], [#654], [#658]).

v0.2.0

Breaking changes

• Several settings now have added validation for their contents. Upgrades from v0.1 that use invalid settings values will result in a broken system.
  • Host container names (e.g. admin in settings.host-containers.admin) are restricted to ASCII alphanumeric characters and hyphens ([#450]).
  • settings.kubernetes.api-server, settings.updates.metadata-base-url and target-base-url, settings.host-containers.*.sources, and settings.ntp.time-servers are now validated to be URIs ([#549]).
  • settings.kubernetes.cluster_name, settings.kubernetes.node-labels, and settings.kubernetes.node-taints are now verified to fit Kubernetes naming conventions ([#549]).
  • Most settings values disallow multi-line strings ([#453], [#483]).
• Additional characters are permitted in API keys; for example, dots and slashes in Kubernetes labels. Downgrades from v0.2 that use dots and slashes in API keys will result in a broken system ([#511]).

OS changes

• Add dogswatch, a Kubernetes operator for managing OS upgrades ([#239]).
• More accurately represent data type of update seed ([#430]).
• Retry host container pulls with exponential backoff ([#433]).
• Better model startup dependencies in systemd units ([#442]).
• Enable panic on disk corruption detected with dm_verity ([#445]).
• Add persistent storage for host containers, mapped to /.thar/host-containers/[CONTAINER_NAME] ([#450], [#555]).
• Persist SSH host keys for admin container ([#450]).
• Use admin container v0.2 by default ([#450], [#536]).
• Use control container v0.2 by default ([#472], [#536]).
• Print most critical errors to the console to aid debugging ([#476], [#479], [#546]).
• Update Linux kernel to 4.19.75-27.58.amzn2 ([#478]).
• Updated partitions are marked successful after services start ([#481]).
• Kernel config is available at /proc/config.gz ([#482]).
• Prepare tough for separate release, including:
  • Allow library consumers to override the transport mechanism ([#488]).
  • Merge tough_schema back into tough ([#496]).
  • Add locking around tough datastore write operations ([#497]).
• Simplify representation of default metadata ([#491]).
• apiclient (available via the host containers) exits non-zero on HTTP response errors ([#498]).
• apiclient builds as a static binary ([#552]).
• /proc/kheaders.tar.xz is enabled in the kernel ([#557]).
• settings-committer no longer errors at boot when there are no changes to commit ([#559]).
• migrator and updog set migrations executable before running to work around a v0.1.6 bug ([#561], [#567]).

Documentation changes

• Document how to use Thar's default for the nf_conntrack_max kernel parameter when using kube-proxy ([#391]).
• Fix example user data for enabling admin container ([#448]).
• Update build documentation for using Docker instead of buildkitd ([#506]).
• Update recommended CNI plugin version ([#507]).
• Document settings.ntp.time-servers ([#550]).
• Update INSTALL.md to use the instance role created by eksctl instead of creating a new one ([#569]).

Build changes

• Add updata tool, which builds update repository metadata ([#265]).
• Create versioned symlinks to output images ([#434]).
• Add code and CloudFormation template for TUF repository canary ([#490]).
• Move the TUF client library, tough, to its own repository and crates.io packages ([#499]).
• Remove build dependency on the BuildKit daemon ([#506]).
• Switch to SDK container as toolchain for builds, rather than requiring local build of toolchain ([#525]).
• Turn buildsys into a binary and remove the cascade feature ([#562]).

v0.1.6

OS changes

• The system fetches the pause container from ECR before starting kubelet ([#382]).
• New settings: settings.kubernetes.node-labels and settings.kubernetes.node-taints ([#390], [#408]).
• The control container has an enable-admin-container helper ([#405], [#413]). Made default in v0.2.0 ([#472]).
• Rust dependencies updated ([#410]).
• thar-be-settings added trace-level messages in the client module ([#411]).
• updog no longer checks for migrations from new root images ([#416]).
• pluto was cleaned up to create an HTTP connection more consistently ([#419]).
• Settings that are usually generated may have defaults, and settings.kubernetes.max-pods defaults to 110 if the EC2 instance type cannot be determined ([#420]).
• The admin container MOTD is clearer about where the host's filesystem is mounted ([#424]).
• block-party (used in growpart and signpost) errors are better structured ([#425]).
• thar-be-settings logs render errors when running in --all mode ([#427]).
• Recommended sysctl settings from the Kernel Self Protection Project are now used ([#435]).
• acpid is enabled by default to handle power button signals sent by EC2 on stop/restart/terminate events ([#437]).
• host-ctr correctly fetches images from non-ECR registries ([#439]; this regression occurred after v0.1.5).

Build changes

• amiize uses a short connection timeout when testing SSH connectivity ([#409]).
• tuftool only downloads an arbitrary root.json with --allow-root-download ([#421]).
• BuildKit updated to v0.6.2 ([#423], [#429]).
• First-party Rust code is built in the same rpmbuild invocation to improve build times ([#428]).
• tuftool correctly uses the --timestamp-{version,expires} arguments instead of the --snapshot-{version,expires} arguments in the timestamp role ([#438]).
• tuftool accepts relative dates ([#438]).

Documentation changes

• The workspaces/updater crates are better documented ([#381]).
• INSTALL.md's subnet selection documentation is improved ([#422]).

v0.1.5

Tag v0.1.5

v0.1.4

Tag v0.1.4

v0.1.3

Tag v0.1.3

v0.1.1

Tag v0.1.1