feat: update Linux to 6.6.29

Latest LTS release.

Signed-off-by: Andrey Smirnov <[email protected]>

Makefile

@@ -18,7 +18,7 @@ ARTIFACTS := _out
 TOOLS ?= ghcr.io/siderolabs/tools:v1.7.0-1-g10b2a69
 
 PKGS_PREFIX ?= ghcr.io/siderolabs
-PKGS ?= v1.7.0-6-g29106c0
+PKGS ?= v1.7.0-9-g76bd73c
 EXTRAS ?= v1.7.0-1-gbb76755
 
 PKG_FHS ?= $(PKGS_PREFIX)/fhs:$(PKGS)

go.mod

@@ -54,7 +54,7 @@ require (
 	github.com/blang/semver/v4 v4.0.0
 	github.com/cenkalti/backoff/v4 v4.3.0
 	github.com/containerd/cgroups/v3 v3.0.3
-	github.com/containerd/containerd v1.7.14
+	github.com/containerd/containerd v1.7.16
 	github.com/containerd/typeurl/v2 v2.1.1
 	github.com/containernetworking/cni v1.1.2
 	github.com/containernetworking/plugins v1.4.1

go.sum

@@ -159,8 +159,8 @@ github.com/cockroachdb/datadriven v1.0.2 h1:H9MtNqVoVhvd9nCBwOyDjUEdZCREqbIdCJD9
 github.com/cockroachdb/datadriven v1.0.2/go.mod h1:a9RdTaap04u637JoCzcUoIcDmvwSUtcUFtT/C3kJlTU=
 github.com/containerd/cgroups/v3 v3.0.3 h1:S5ByHZ/h9PMe5IOQoN7E+nMc2UcLEM/V48DGDJ9kip0=
 github.com/containerd/cgroups/v3 v3.0.3/go.mod h1:8HBe7V3aWGLFPd/k03swSIsGjZhHI2WzJmticMgVuz0=
-github.com/containerd/containerd v1.7.14 h1:H/XLzbnGuenZEGK+v0RkwTdv2u1QFAruMe5N0GNPJwA=
-github.com/containerd/containerd v1.7.14/go.mod h1:YMC9Qt5yzNqXx/fO4j/5yYVIHXSRrlB3H7sxkUTvspg=
+github.com/containerd/containerd v1.7.16 h1:7Zsfe8Fkj4Wi2My6DXGQ87hiqIrmOXolm72ZEkFU5Mg=
+github.com/containerd/containerd v1.7.16/go.mod h1:NL49g7A/Fui7ccmxV6zkBWwqMgmMxFWzujYCc+JLt7k=
 github.com/containerd/continuity v0.4.2 h1:v3y/4Yz5jwnvqPKJJ+7Wf93fyWoCB3F5EclWG023MDM=
 github.com/containerd/continuity v0.4.2/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ/7o4JzpodfroQ=
 github.com/containerd/errdefs v0.1.0 h1:m0wCRBiu1WJT/Fr+iOoQHMQS/eP5myQ8lCv4Dz5ZURM=

hack/release.toml

@@ -6,7 +6,7 @@ github_repo = "siderolabs/talos"
 match_deps = "^github.com/((talos-systems|siderolabs)/[a-zA-Z0-9-]+)$"
 
 # previous release
-previous = "v1.6.0"
+previous = "v1.7.0"
 
 pre_release = false
 
@@ -17,222 +17,12 @@ preface = """\
     [notes.updates]
         title = "Component Updates"
         description = """\
-Linux: 6.6.28
-etcd: 3.5.11
-Kubernetes: 1.30.0
-containerd: 1.7.15
-runc: 1.1.12
-Flannel: 0.25.1
+Linux: 6.6.29
+containerd: 1.7.16
 
 Talos is built with Go 1.22.2.
 """
 
-    [notes.device_selectors]
-        title = "Device Selectors"
-        description = """\
-Talos Linux now supports `physical: true` qualifier for device selectors, it selects non-virtual network interfaces (i.e. `en0` is selected, while `bond0` is not).
-"""
-
-    [notes.dns-resolve-cache]
-        title = "DNS Caching"
-        description = """\
-Talos Linux now  provides a caching DNS resolver for host workloads (including host networking pods). It can be disabled with:
-
-```yaml
-machine:
-  features:
-    hostDNS:
-      enabled: false
-```
-
-You can also enable dns caching for k8s pods with:
-
-```yaml
-machine:
-  features:
-    hostDNS:
-      enabled: true
-      forwardKubeDNSToHost: true
-```
-
-Please note that on running cluster you will have to kill CoreDNS pods for this change to apply.
-
-If you want to can also enable the resolving of member addresses through their host and node names:
-
-```yaml
-machine:
-  features:
-    hostDNS:
-      enabled: true
-      resolveMemberNames: true
-```
-"""
-
-    [notes.secureboot-image]
-        title = "Secure Boot Image"
-        description = """\
-Talos Linux now provides a way to configure systemd-boot ISO 'secure-boot-enroll' option while generating a SecureBoot ISO image:
-
-```yaml
-output:
-    kind: iso
-    isoOptions:
-        sdBootEnrollKeys: force # default is still if-safe
-    outFormat: raw
-```
-"""
-
-    [notes.rsa-service-account]
-        title = "Kubernetes API Server Service Account Key"
-        description = """\
-Talos Linux starting from this release uses RSA key for Kubernetes API Server Service Account instead of ECDSA key to provide better compatibility with external OpenID Connect implementations.
-"""
-
-    [notes.opennebula]
-        title = "OpenNebula"
-        description = """\
-Talos Linux now supports OpenNebula platform.
-"""
-
-    [notes.extensions]
-        title = "Extension Services Config"
-        description = """\
-Talos now supports supplying configuration files and environment variables for extension services.
-The extension service configuration is a separate config document. An example is shown below:
-
-```yaml
----
-apiVersion: v1alpha1
-kind: ExtensionServiceConfig
-name: nut-client
-configFiles:
-  - content: MONITOR ${upsmonHost} 1 remote pass password
-    mountPath: /usr/local/etc/nut/upsmon.conf
-environment:
-  - UPS_NAME=ups
-```
-
-For documentation, see [Extension Services Config Files](https://www.talos.dev/v1.7/reference/configuration/extensions/extensionserviceconfig/).
-
-**Note**: The use of `environmentFile` in extension service spec is now deprecated and will be removed in a future release of Talos.
-Use `ExtensionServiceConfig` instead.
-"""
-
-    [notes.k8supgrade]
-        title = "Kubernetes Upgrade"
-        description = """\
-The command `talosctl upgrade-k8s` now supports specifying custom image references for Kubernetes components via `--*-image` flags.
-The default behavior is unchanged, and the flags are optional.
-"""
-
-    [notes.kubespan]
-        title = "KubeSpan"
-        description = """\
-Talos Linux disables by default a KubeSpan feature to harvest additional endpoints from KubeSpan members.
-This feature turned out to be less helpful than expected and caused unnecessary performance issues.
-
-Previous behavior can be restored with:
-
-```yaml
-machine:
-  network:
-    kubespan:
-        harvestExtraEndpoints: true
-```
-"""
-
-    [notes.sbc]
-        title = "SBC"
-        description = """\
-Talos has split the SBC's (Single Board Computers) into separate repositories.
-There will not be any more SBC specific release assets as part of Talos release.
-
-The default Talos Installer image will stop working for SBC's and will fail the upgrade, if used, starting from Talos v1.7.0.
-
-The SBC's images and installers can be generated on the fly using [Image Factory](https://factory.talos.dev) or using [Imager](https://www.talos.dev/latest/talos-guides/install/boot-assets/) for custom images.
-The list of official SBC's images supported by Image Factory can be found in the [Overlays](https://github.com/siderolabs/overlays/) repository.
-"""
-
-    [notes.syslog]
-        title = "Syslog"
-        description = """\
-Talos Linux now starts a basic syslog receiver listening on `/dev/log`.
-The receiver can mostly parse both RFC3164 and RFC5424 messages and writes them as JSON formatted message.
-The logs can be viewed via `talosctl logs syslogd`.
-
-This is mostly implemented for extension services that log to syslog.
-"""
-
-    [notes.ntp]
-        title = "Time Sync"
-        description = """\
-Default NTP server was updated to be `time.cloudflare.com` instead of `pool.ntp.org`.
-Default server is only used if the user does not specify any NTP servers in the configuration.
-
-Talos Linux can now sync to PTP devices (e.g. provided by the hypervisor) skipping the network time servers.
-In order to activate PTP sync, set `machine.time.servers` to the PTP device name (e.g. `/dev/ptp0`):
-
-```yaml
-machine:
-  time:
-    servers:
-      - /dev/ptp0
-```
-"""
-
-    [notes.ca-rotation]
-        title = "CA Rotation"
-        description = """\
-Talos Linux now supports rotating the root CA certificate and key for Talos API and Kubernetes API.
-"""
-
-    [notes.watchdog]
-        title = "Hardware Watchdog Timers"
-        description = """\
-Talos Linux now supports hardware watchdog timers configuration.
-If enabled, and the machine becomes unresponsive, the hardware watchdog will reset the machine.
-
-The watchdog can be enabled with the following configuration document:
-
-```yaml
-apiVersion: v1alpha1
-kind: WatchdogTimerConfig
-device: /dev/watchdog0
-timeout: 3m0s
-```
-"""
-
-    [notes.logging]
-        title = "Logging"
-        description = """\
-Talos Linux now supports setting extra tags when sending logs in JSON format:
-
-```yaml
-machine:
-  logging:
-    destinations:
-      - endpoint: "udp://127.0.0.1:12345/"
-        format: "json_lines"
-        extraTags:
-          server: s03-rack07
-```
-"""
-
-    [notes.platforms]
-        title = "Platforms"
-        description = """\
-Talos Linux now supports [Akamai Connected Cloud](https://www.linode.com/) provider (platform `akamai`).
-"""
-
-    [notes.iptables]
-        title = "IPTables"
-        description = """\
-Talos Linux now forces `kubelet` and `kube-proxy` to use `iptables-nft` instead of `iptables-legacy` (`xtables`) which was the default
-before Talos 1.7.0.
-
-Container images based on `iptables-wrapper` should work without changes, but if there was a direct call to `legacy` mode of `iptables`, make sure
-to update to use `iptables-nft`.
-"""
 
 [make_deps]
 

pkg/machinery/constants/constants.go

@@ -14,7 +14,7 @@ import (
 
 const (
 	// DefaultKernelVersion is the default Linux kernel version.
-	DefaultKernelVersion = "6.6.28-talos"
+	DefaultKernelVersion = "6.6.29-talos"
 
 	// KernelModulesPath is the default path to the kernel modules without the kernel version.
 	KernelModulesPath = "/lib/modules"
@@ -477,7 +477,7 @@ const (
 	TrustdUserID = 51
 
 	// DefaultContainerdVersion is the default container runtime version.
-	DefaultContainerdVersion = "1.7.15"
+	DefaultContainerdVersion = "1.7.16"
 
 	// SystemContainerdNamespace is the Containerd namespace for Talos services.
 	SystemContainerdNamespace = "system"

pkg/machinery/gendata/data/pkgs

@@ -1 +1 @@
-v1.7.0-6-g29106c0
+v1.7.0-9-g76bd73c