Releases: siderolabs/omni
v0.39.1
Omni 0.39.1 (2024-07-16)
Welcome to the v0.39.1 release of Omni!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.
Contributors
- Artem Chernyshev
Changes
2 commits
Dependency Changes
- google.golang.org/grpc v1.64.0 -> v1.64.1
Previous release can be found at v0.39.0
v0.39.0
Omni 0.39.0 (2024-07-05)
Welcome to the v0.39.0 release of Omni!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.
Equinix Metal
Equinix metal is now available as a download/PXE option in the UI/CLI.
Exposed Services Reliability
Exposed services proxy now provides more reliable connection to the underlying services for slower networks in the cluster.
Also if some nodes are down the proxy will evict them from the routing.
Insecure Node Access
It is now possible to access nodes running in maintenance mode using talosctl
.
Omni account wide talosconfig
and at least Operator
user role is required for that.
No --insecure
flag should be set.
Maintenance Talos Updates
Machine's Talos version can now be updated without adding the machine to a cluster.
Either talosctl upgrade -n <uuid>
or the UI (Machines page) can be used for that.
Contributors
- David Anderson
- Artem Chernyshev
- Brad Fitzpatrick
- Utku Ozdemir
- Andrey Smirnov
- Dmitriy Matrenichev
- AdamEr8
- Andrey Smirnov
- Andrey Smirnov
- Dominic Evans
- Khionu Sybiern
- Nathan Johnson
- Ryan Cox
- Vincent Batts
- ignoramous
Changes
29 commits
5c9f9be
release(v0.39.0): prepare release48c102a
release(v0.39.0-beta.0): prepare release26a61be
fix: add resource caches for missing resource types5d953e4
fix: do not re-create peer on the remote addr change08717d9
fix: get rid of config patches for the maintenance configsb910c20
chore: add resource throughput metrics9671551
fix: use proper permissions for cluster taint resource09a8b36
fix: enable etcd client keep-alives by default5e46841
chore: addgo.work
file3810ccb
fix: properly clean up stale Talos gRPC backends80d9277
feat: bump service exposer version to 1.1.320b08ea
fix: allow changing machine set node mgmt mode if it has no nodesc9b8b3f
feat: addEquinix metal
option in the download installation media5460134
chore: bump dependenciescd8bac4
feat: read real IP from the provision API gRPC requestsb47acf2
feat: support insecure access to the nodes running in maintenance2f05ab0
feat: showN/∞
in the machine set if unlim allocation policy is useddc7c2b3
fix: detect the old vs. new URL format correctly on workload proxyinge9bca13
feat: use tcp loadbalancer for exposed services17f7168
chore: bump COSI runtime version, use its task runner85424da
fix: do better handling of small screens8b16da3
fix: use properz-index
for the tooltip component92afd42
chore: replace append with slices pkg functionsccc9d22
chore: update runtime and go-api-signature modules551286e
chore: bump go to 1.22.4, rekres271bb70
chore: migrate to oidc v36dcfd4c
feat: handle all goroutine panics gracefullyc565666
feat: provide cleaner UI for the machine sets/machines listse69df41
fix: redo EtcdManualBackupShouldBeCreated
Changes since v0.39.0-beta.0
Changes from siderolabs/go-api-signature
Changes from siderolabs/go-loadbalancer
Changes from siderolabs/siderolink
Changes from siderolabs/tcpproxy
70 commits
3d4e7b8
chore: rename to siderolabs/tcpproxy6f85d8e
Implement correct half-close sequence for the connections.8bea9a4
Add support for TCP_USER_TIMEOUT setting91f8614
remove old ACME tls-sni-01 stuff that LetsEncrypt removed March 201974ca1dc
add Proxy.AddSNIRouteFunc to do lookups by SNI dynamically4e04b92
gofmt for Go 1.19be3ee21
(doc): s/tlsproxy/tcpproxy2e577fe
Modified TestProxyPROXYOut to conform with the fixed version of PROXY protocol header format0f9bced
Fixed HAProxy's PROXY protocol v1 Human-readable header format in DialProxy2825d76
fix(test): update travis and e2e selfSignedCert fnb6bb9b5
Update import path to inet.af/tcpproxydfa16c6
tlsrouter/README: fix the go get urlf5c09fb
Take advantage of Go 1.11's splice support, unwrap Conns in DialProxy.HandleConn7f81f77
Work around deadlock with Go tip (at Go rev f3f7bd5)7efa37f
Quiet log spam in test.dbc1514
Adding the HostName field to the Conn struct (#18)2b928d9
Link to docsde1c7de
Add support for arbitrary matching against HTTP and SNI hostnames.c6a0996
Support configurable routing of ACME tls-sni-01 challenges.815c942
Merge matcher and route into an interface that yields a Target.2065af4
Support HAProxy's PROXY protocol v1 in DialProxy.- [
e030359
](https://github.com/siderolabs/tcpproxy...
v0.39.0-beta.0
Omni 0.39.0-beta.0 (2024-07-04)
Welcome to the v0.39.0-beta.0 release of Omni!
This is a pre-release of Omni
Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.
Equinix Metal
Equinix metal is now available as a download/PXE option in the UI/CLI.
Exposed Services Reliability
Exposed services proxy now provides more reliable connection to the underlying services for slower networks in the cluster.
Also if some nodes are down the proxy will evict them from the routing.
Insecure Node Access
It is now possible to access nodes running in maintenance mode using talosctl
.
Omni account wide talosconfig
and at least Operator
user role is required for that.
No --insecure
flag should be set.
Maintenance Talos Updates
Machine's Talos version can now be updated without adding the machine to a cluster.
Either talosctl upgrade -n <uuid>
or the UI (Machines page) can be used for that.
Contributors
- David Anderson
- Artem Chernyshev
- Brad Fitzpatrick
- Utku Ozdemir
- Andrey Smirnov
- Dmitriy Matrenichev
- AdamEr8
- Andrey Smirnov
- Andrey Smirnov
- Dominic Evans
- Khionu Sybiern
- Nathan Johnson
- Ryan Cox
- Vincent Batts
- ignoramous
Changes
28 commits
48c102a
release(v0.39.0-beta.0): prepare release26a61be
fix: add resource caches for missing resource types5d953e4
fix: do not re-create peer on the remote addr change08717d9
fix: get rid of config patches for the maintenance configsb910c20
chore: add resource throughput metrics9671551
fix: use proper permissions for cluster taint resource09a8b36
fix: enable etcd client keep-alives by default5e46841
chore: addgo.work
file3810ccb
fix: properly clean up stale Talos gRPC backends80d9277
feat: bump service exposer version to 1.1.320b08ea
fix: allow changing machine set node mgmt mode if it has no nodesc9b8b3f
feat: addEquinix metal
option in the download installation media5460134
chore: bump dependenciescd8bac4
feat: read real IP from the provision API gRPC requestsb47acf2
feat: support insecure access to the nodes running in maintenance2f05ab0
feat: showN/∞
in the machine set if unlim allocation policy is useddc7c2b3
fix: detect the old vs. new URL format correctly on workload proxyinge9bca13
feat: use tcp loadbalancer for exposed services17f7168
chore: bump COSI runtime version, use its task runner85424da
fix: do better handling of small screens8b16da3
fix: use properz-index
for the tooltip component92afd42
chore: replace append with slices pkg functionsccc9d22
chore: update runtime and go-api-signature modules551286e
chore: bump go to 1.22.4, rekres271bb70
chore: migrate to oidc v36dcfd4c
feat: handle all goroutine panics gracefullyc565666
feat: provide cleaner UI for the machine sets/machines listse69df41
fix: redo EtcdManualBackupShouldBeCreated
Changes from siderolabs/go-api-signature
Changes from siderolabs/go-loadbalancer
Changes from siderolabs/siderolink
Changes from siderolabs/tcpproxy
70 commits
3d4e7b8
chore: rename to siderolabs/tcpproxy6f85d8e
Implement correct half-close sequence for the connections.8bea9a4
Add support for TCP_USER_TIMEOUT setting91f8614
remove old ACME tls-sni-01 stuff that LetsEncrypt removed March 201974ca1dc
add Proxy.AddSNIRouteFunc to do lookups by SNI dynamically4e04b92
gofmt for Go 1.19be3ee21
(doc): s/tlsproxy/tcpproxy2e577fe
Modified TestProxyPROXYOut to conform with the fixed version of PROXY protocol header format0f9bced
Fixed HAProxy's PROXY protocol v1 Human-readable header format in DialProxy2825d76
fix(test): update travis and e2e selfSignedCert fnb6bb9b5
Update import path to inet.af/tcpproxydfa16c6
tlsrouter/README: fix the go get urlf5c09fb
Take advantage of Go 1.11's splice support, unwrap Conns in DialProxy.HandleConn7f81f77
Work around deadlock with Go tip (at Go rev f3f7bd5)7efa37f
Quiet log spam in test.dbc1514
Adding the HostName field to the Conn struct (#18)2b928d9
Link to docsde1c7de
Add support for arbitrary matching against HTTP and SNI hostnames.c6a0996
Support configurable routing of ACME tls-sni-01 challenges.815c942
Merge matcher and route into an interface that yields a Target.2065af4
Support HAProxy's PROXY protocol v1 in DialProxy.e030359
Fix golint nits by adding docstrings and simplifying execution flow.6d97c2a
Correct the package building command, and only deploy for master branch commits.- [`a...
v0.38.3
Omni 0.38.3 (2024-06-30)
Welcome to the v0.38.3 release of Omni!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.
Contributors
- Andrey Smirnov
- Artem Chernyshev
Changes
2 commits
Dependency Changes
This release has no dependency changes
Previous release can be found at v0.38.2
v0.38.2
Omni 0.38.2 (2024-06-25)
Welcome to the v0.38.2 release of Omni!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.
Contributors
- Utku Ozdemir
Changes
2 commits
Dependency Changes
This release has no dependency changes
Previous release can be found at v0.38.1
v0.38.1
Omni 0.38.1 (2024-06-21)
Welcome to the v0.38.1 release of Omni!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.
Contributors
- Artem Chernyshev
Changes
2 commits
Dependency Changes
This release has no dependency changes
Previous release can be found at v0.38.0
v0.38.0
Omni 0.38.0 (2024-06-20)
Welcome to the v0.38.0 release of Omni!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.
Break-Glass Configs
Omni now allows getting raw Talos and Kubernetes configs that can allow bypassing Omni when
accessing the cluster.
It has a couple of limitations:
- It is available only if is enabled for the account.
- Only
os:operator
role Talosconfig level is available. - The cluster will be marked as tainted for the time being, which doesn't affect anything, but is
the signal that Omni no longer fully controls secrets rotation.
Exposed Services DNS Name
Exposed services now use new naming schema, so it shouldn't be affected by slow DNS updates.
The domain name patter is now: <hash>-<account>.proxy-us.siderolabs.io
.
Kubeconfig Authcode-Keyboard
It is now possible to generate kubeconfig
with --grant-type=authcode-keyboard
and Omni
supports that mode.
This mode will print a URL and ask for a one time code instead of starting a local HTTP server on port 8000
.
Clicking the URL will open the same Omni page as usual, but will present you the one time code instead of doing redirect.
This mode is useful for remote machine kubectl
execution and removes the need to set up ssh port-forwarding.
Machine Logs
Machine logs are now stored using new persitent circular buffer library, which has better write efficiency.
Pending Updates
Omni UI now shows pending config changes which are not applied due to locked machines in the cluster.
Contributors
- Artem Chernyshev
- Utku Ozdemir
- Andrey Smirnov
- Dmitriy Matrenichev
- Andrey Smirnov
- Grzegorz Rozniecki
Changes
35 commits
67eb768
release(v0.38.0): prepare release11f7edb
fix: do not use created time of theClusterMachineTalosVersion
in sort61b0e4c
fix: use proper index for the Tooltipd8df8af
fix: do not usetime
namespace to parseDuration1d92ae5
release(v0.38.0-beta.0): prepare release4109996
fix: makeMachineSetNode
controller select only connected machines2457897
fix: use un-cached list in theMachineSetNodeController
73529c2
fix: display descriptions when show description checkbox is clicked6a59d63
fix: generate schematics with the extensions, meta and kernel args87a7750
chore: add Akamai installation mediafa64b46
fix: skip invalid machines inTalosUpgradeStatusController
22bb2cc
fix: use proper types in the machine status and snapshot controllersa2b7b53
feat: use the new domain scheme for exposed services4ecb175
fix: handle panics in Omni and Talos UI watches6286340
fix: properly delete the item from the cached items slice63ad5bd
feat: provide a way to getadmintalosconfig
andkubeconfig
fa21349
fix: properly generate maintenance config patches2e64c31
fix: ignore not foundClusterMachine
in the migrationsa2c3802
fix: validate user email on creation73d0d3b
fix: properly detectauthcode-keyboard
oidc modeb7a0620
feat: use circular buffer's new persistence option for machine logs7eec6b9
chore: bump COSI runtime to 0.4.54d23186
feat: show pending config updates due to locked machinef98cf51
fix: ignore not found in theMachineStatus
andMachineStatusSnapshot
ce6e15a
fix: proper time adjustment to fix flaky TestEtcdManualBackup27491ea
chore: upgrade github.com/containers/image to v53f75f91
fix: change Transport.Address field to Transport.Address methode12cfa8
feat: support authcode login inkubectl oidc-login
2fcd0fd
fix: properly update the pulled images count if some images are skipped5a4251c
test: fix a data race inMachineStatusSnapshotController
unit tests0965091
test: fix flaky test inClusterMachineConfigStatus
unit testsb7d48aa
chore: small fixesa6c8b47
fix: pass through thetalosctl -n
args if they cannot be resolved3bab8bf
chore: migrate to Vite and Bun to build the frontend37c1a97
fix: use proper routing on the config patch view and edit pages
Changes since v0.38.0-beta.0
4 commits
Changes from siderolabs/discovery-client
13 commits
ca662d2
feat: export default GRPC dial options for the client7a767fa
chore: bump Go, deps and rekresf4095a1
chore: bump discovery API to v0.1.4fbb1cea
fix: keepalive interval calculationff8f4be
fix: enable gRPC keepalives9ba5f03
chore: app optional ControlPlane data269a832
chore: rekres, update discovery apia5c19c6
feat: provide public IP discovered from the server230f317
fix: reconnect the client on update failureac5ab32
feat: support deleting an affiliate27a5bee
chore: rekresa9a5e9b
feat: initial client code98eb999
chore: initial commit
<...
v0.38.0-beta.0
Omni 0.38.0-beta.0 (2024-06-18)
Welcome to the v0.38.0-beta.0 release of Omni!
This is a pre-release of Omni
Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.
Break-Glass Configs
Omni now allows getting raw Talos and Kubernetes configs that can allow bypassing Omni when
accessing the cluster.
It has a couple of limitations:
- It is available only if is enabled for the account.
- Only
os:operator
role Talosconfig level is available. - The cluster will be marked as tainted for the time being, which doesn't affect anything, but is
the signal that Omni no longer fully controls secrets rotation.
Exposed Services DNS Name
Exposed services now use new naming schema, so it shouldn't be affected by slow DNS updates.
The domain name patter is now: <hash>-<account>.proxy-us.siderolabs.io
.
Kubeconfig Authcode-Keyboard
It is now possible to generate kubeconfig
with --grant-type=authcode-keyboard
and Omni
supports that mode.
This mode will print a URL and ask for a one time code instead of starting a local HTTP server on port 8000
.
Clicking the URL will open the same Omni page as usual, but will present you the one time code instead of doing redirect.
This mode is useful for remote machine kubectl
execution and removes the need to set up ssh port-forwarding.
Machine Logs
Machine logs are now stored using new persitent circular buffer library, which has better write efficiency.
Pending Updates
Omni UI now shows pending config changes which are not applied due to locked machines in the cluster.
Contributors
- Artem Chernyshev
- Utku Ozdemir
- Andrey Smirnov
- Dmitriy Matrenichev
- Andrey Smirnov
- Grzegorz Rozniecki
Changes
31 commits
1d92ae5
release(v0.38.0-beta.0): prepare release4109996
fix: makeMachineSetNode
controller select only connected machines2457897
fix: use un-cached list in theMachineSetNodeController
73529c2
fix: display descriptions when show description checkbox is clicked6a59d63
fix: generate schematics with the extensions, meta and kernel args87a7750
chore: add Akamai installation mediafa64b46
fix: skip invalid machines inTalosUpgradeStatusController
22bb2cc
fix: use proper types in the machine status and snapshot controllersa2b7b53
feat: use the new domain scheme for exposed services4ecb175
fix: handle panics in Omni and Talos UI watches6286340
fix: properly delete the item from the cached items slice63ad5bd
feat: provide a way to getadmintalosconfig
andkubeconfig
fa21349
fix: properly generate maintenance config patches2e64c31
fix: ignore not foundClusterMachine
in the migrationsa2c3802
fix: validate user email on creation73d0d3b
fix: properly detectauthcode-keyboard
oidc modeb7a0620
feat: use circular buffer's new persistence option for machine logs7eec6b9
chore: bump COSI runtime to 0.4.54d23186
feat: show pending config updates due to locked machinef98cf51
fix: ignore not found in theMachineStatus
andMachineStatusSnapshot
ce6e15a
fix: proper time adjustment to fix flaky TestEtcdManualBackup27491ea
chore: upgrade github.com/containers/image to v53f75f91
fix: change Transport.Address field to Transport.Address methode12cfa8
feat: support authcode login inkubectl oidc-login
2fcd0fd
fix: properly update the pulled images count if some images are skipped5a4251c
test: fix a data race inMachineStatusSnapshotController
unit tests0965091
test: fix flaky test inClusterMachineConfigStatus
unit testsb7d48aa
chore: small fixesa6c8b47
fix: pass through thetalosctl -n
args if they cannot be resolved3bab8bf
chore: migrate to Vite and Bun to build the frontend37c1a97
fix: use proper routing on the config patch view and edit pages
Changes from siderolabs/discovery-client
13 commits
ca662d2
feat: export default GRPC dial options for the client7a767fa
chore: bump Go, deps and rekresf4095a1
chore: bump discovery API to v0.1.4fbb1cea
fix: keepalive interval calculationff8f4be
fix: enable gRPC keepalives9ba5f03
chore: app optional ControlPlane data269a832
chore: rekres, update discovery apia5c19c6
feat: provide public IP discovered from the server230f317
fix: reconnect the client on update failureac5ab32
feat: support deleting an affiliate27a5bee
chore: rekresa9a5e9b
feat: initial client code98eb999
chore: initial commit
Dependency Changes
- github.com/containers/image/v5 v5.31.0 new
- github.com/cosi-project/runtime 15e9d678159d -> v0.4.6
- github.com/siderolabs/discovery-client v0.1.9 new
Previous release can be found at v0.37.0
v0.37.5
Omni 0.37.5 (2024-06-13)
Welcome to the v0.37.5 release of Omni!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.
Contributors
- Artem Chernyshev
Changes
2 commits
Dependency Changes
This release has no dependency changes
Previous release can be found at v0.37.4
v0.37.4
Omni 0.37.4 (2024-06-12)
Welcome to the v0.37.4 release of Omni!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.
Contributors
- Artem Chernyshev
Changes
2 commits
Dependency Changes
This release has no dependency changes
Previous release can be found at v0.37.3