Skip to content

v1.9.0
Compare
Choose a tag to compare
@rpkelly rpkelly released this 29 Jul 00:35
· 3121 commits to develop since this release
v1.9.0
159e4ce
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

OS Changes

  • SELinux policy now suppresses audit for tmpfs relabels (#2222)
  • Restrict permissions for /boot and System.map (#2223)
  • Remove unused crates growpart and servicedog (#2238)
  • New mount in host containers for system logs (#2295)
  • Apply strict mount options and enforce execution rules (#2239)
  • Switch to a more commonly used syntax for disabling kernel config settings (#2290)
  • Respect proxy settings when running setting generators (#2227)
  • Add NET_CAP_ADMIN to bootstrap containers (#2266)
  • Reduce log output for DHCP services (#2260)
  • Fix invalid kernel config options (#2269)
  • Improve support for container storage mounts (#2240)
  • Disable uncommon filesystems and network protocols (#2255)
  • Add support for blocking kernel modules (#2274)
  • Fix ntp service restart when settings change (#2270)
  • Add kernel 5.15 sources (#2226)
  • Defer squashfs mounts to later in the boot process (#2276)
  • Improve boot speed and rootfs size (#2296)
  • Add "quiet" kernel parameter for some variants (#2277)

Orchestrator Changes

Kubernetes

ECS

  • Add iptables rules for ECS introspection server (#2267)

Platform Changes

AWS

  • Add support for AWS China regions (#2224, #2242, #2247, #2285)
  • Migrate to using aws-sdk-rust for first-party OS Rust packages (#2300)

VMWare

  • Remove console=ttyS0 from kernel params (#2248)

Metal

  • Enable Mellanox modules in 5.10 kernel (#2241)
  • Add bnxt module for Broadcom 10/25Gb network adapters in 5.10 kernel (#2243)
  • Split out baremetal specific config options (#2264)
  • Add driver support for Cisco UCS platforms (#2271)
  • Only build baremetal variant specific drivers for baremetal variants (#2279)
  • Enable the metal-dev build for the ARM architecture (#2272)

Build Changes

  • Add Makefile targets to create and validate Boot Configuration (#2189)
  • Create symlinks to images with friendly names (#2215)
  • Add start-local-vm script (#2194)
  • Add the testsys CLI and new cargo make tasks for testing aws-k8s variants (#2165)
  • Update Rust and Go dependencies (#2303, #2299)
  • Update third-party packages (#2309)

Documentation Changes

  • Add NVIDIA ECS variant to README (#2244)
  • Add documentation for metal variants (#2205)
  • Add missing step in building packages guide (#2259)
  • Add quickstart for running Bottlerocket in QEMU/KVM VMs (#2280)
  • Address lints in README markdown caught by markdownlint (#2283)

Contributors

cablespaghetti and kschumy
Assets 2
Loading