Releases: bottlerocket-os/bottlerocket
Releases · bottlerocket-os/bottlerocket
v1.20.0
OS Changes
- Update third party packages (#3939)
- Enable file system encryption in 5.15 and 6.1 kernels (#3906, #3908)
- Backport fix for loading SELinux modules (#3907)
- Add Fabric Manager support (#3873)
- Update host containers (#3947)
- Add setting to configure ntp options (#3852 thanks @domgoodwin)
- Include swap utilities (#3829)
- Update kernels to 6.1.87, 5.15.156, 5.10.215 (#3934, #3930)
Orchestrator Changes
Kubernetes
- Drop Kubernetes 1.25 Metal and VMware variants (#3896)
- Add Kubernetes 1.30 variants (#3859, #3936)
- Add container-runtime settings to
aws-k8s-*-nvidia
variants (#3945)
ECS
Build Changes
- Update twoliter and the SDK (#3938, #3885)
- Remove liblzma and libbzip2 (#3861, #3944)
- Pessimize Rust builds that require the AWS SDK (#3892)
- Reduce variant matrix in CI/CD (#3863)
- Document package build tools for go dependencies (#3882)
- Update Go lints in CI/CD (#3884)
- Out-of-tree build enablement
- systemd: use build defaults and kernel parameters for unified cgroups (#3886, #3935)
- early-boot-config: Use standalone provider binaries to fetch user data (#3637, #3890)
- logdog: retrieve settings via API client (#3946)
- netdog: remove conditional compilation, add hostname helpers (#3700, #3898)
- schnauzer: add if_not_null template helper (#3838)
- static-pods: remove conditional compilation, switch to config file (#3891, #3927, #3913)
- host-containers: switch to config file (#3777, #3842)
- bootstrap-containers: switch to config file (#3724)
- corndog: switch to config file (#3715)
- prairiedog: switch to config file (#3713, #3814, #3836)
- thar-be-updates: switch to config file (#3721)
- updog: use modeled types (#3901)
- kernel: remove variant sensitivity (#3897, #3905, #3932)
- FIPS enablement
v1.19.5
v1.19.4
v1.19.3
v1.19.2
OS Changes
- Update third party packages (#3789)
- Update kernel to 5.10.209, 5.15.148, 6.1.77 (#3797)
- Add AWS settings extension (#3738, #3770)
- Allow CSI helpers in the SELinux policy (#3779)
- Update to latest NVIDIA drivers (#3798)
Orchestrator Changes
Kubernetes
- Enable NVIDIA GPU isolation using volume mounts (#3718 thanks @chiragjn , #3790)
- Clean up CNI results cache on boot (#3792)
ECS
- Add
settings.ecs.enable-container-metadata
(#3782)
Build Changes
v1.19.1
OS Changes
Orchestrator Changes
Kubernetes
- Mark pause container image as "pinned" to prevent garbage collection (#3757)
ECS
v.1.19.0
OS Changes
- Adjust unit dependencies for systemd-sysusers (#3720)
- Update third party packages (#3722, #3750)
- Add kernel settings extension (#3727)
- Update kernel to 5.10.205, 5.15.145, 6.1.72 (#3734)
- Update runc to 1.1.12 and containerd to 1.6.28 (#3751)
Orchestrator Changes
Kubernetes
- Add latest instance types to eni-max-pods mapping (#3741)
- Drop Kubernetes 1.24 Metal and VMware variants (#3742)
ECS
- Add additional ECS settings for ECS_BACKEND_HOST and ECS_AWSVPC_BLOCK_IMDS (#3749)
Build Changes
- twoliter updated to v0.0.6 (#3744)
v1.18.0
OS Changes
- Remove unused runc SELinux policy rule (#3673)
- Update third party packages (#3692)
- Fix creation of kprobes using unqualified names (#3699, #3708)
- Update host containers (#3704)
- Update kernel to 5.10.205, 5.15.145, 6.1.66 (#3686, #3708)
- Add container-registry settings extension (#3674)
- Add updates settings extension (#3689)
Orchestrator Changes
Kubernetes
- Add Kubernetes 1.29 variants (#3628)
- Update Kubernetes 1.23 to release 33 (#3692)
- Add latest instance types to eni-max-pods mapping (#3695)
ECS
- Update ecs-agent to 1.79.2 (#3692)
Build Changes
v1.17.0
OS Changes
- Generate valid hostname when IPv6 reverse lookup fails (#3592)
- Avoid mounting the EFI system partition at
/boot
(#3591) - Update kernel to 5.10.201, 5.15.139, 6.1.61 (#3611, #3643)
- Switch to async
tough
(#3566 thanks @phu-cinemo) - Update host containers (#3646)
- Move template migrations to
schnauzer
v2 (#3633) - Handle proxy credentials properly in
pluto
(#3639, #3667) - Update third party packages (#3612, #3642)
Orchestrator Changes
Kubernetes
- Update
nvidia-k8s-device-plugin
to address CVEs (#3612) - Update to Kubernetes 1.28.4 (#3612)
- Update to Kubernetes 1.27.8 (#3612)
- Update to Kubernetes 1.26.11 (#3612)
- Update to Kubernetes 1.25.16 (#3612)
ECS
- Update
ecs-agent
to address CVEs (#3612)
Build Changes
v1.16.1
OS Changes
- Update open-vm-tools to 12.3.5 to address CVE-2023-34058 and CVE-2023-34059 (#3553)
- Update NVIDIA drivers to 470.223.02 and 535.129.03 to address CVE‑2023‑31022 and CVE‑2023‑31018 (#3561)
- Improvements to Bottlerocket CIS benchmark checks (#3552 #3562 #3564)
- Regenerate updog proxy configuration when settings.network.proxy gets updated (#3578)
- kernel: Update to 5.10.198, 5.15.136, and 6.1.59 (#3572)
Orchestrator Changes
Kubernetes
- Update Kubernetes versions to address HTTP v2 x/net CVE-2023-39325 (#3581)
- Avoid specifying
hostname-override
kubelet option ifcloud-provider
is set toaws
(#3582)