- Added single-stack IPv6 and dual-stack networking support for Kubernetes
- Added
kubernetes.network.apiVIP6
field to enable cluster LoadBalancer based on IPv6 address - Added the
enableExtras
flag to enable the SUSE Linux Extras repository during RPM resolution.
- #591 - Allow additional module registration during package resolution
- #593 - OS files script should mount /var
- #594 - Package installation breaks package resolution if packages are already installed on root OS
- #632 - Create the required Elemental Agent directory structure during Combustion
- Adds support for customizing SL Micro 6.0 base images (for SLE Micro 5.5 images, EIB 1.0.x must still be used)
- Added the ability to build aarch64 images on an aarch64 host machine
- Added the ability to automatically copy files into the built images filesystem (see Image Configuration Directory Changes below)
- Kubernetes manifests are now applied in a systemd service instead of using the
/manifests
directory - Helm chart installation backOffLimit changed from 1000(default) to 20
- Added Elemental configuration validation
- Dropped
-chart
suffix from installed Helm chart names - Added caching for container images
- Added built image name output to build command
- Leftover combustion artifacts are now removed on first boot
- OS files and user provided certificates now maintain original permissions when copied to the final image
- Dependency upgrades
- "Phone Home" deployments are now utilizing Elemental v1.6 (upgraded from v1.4)
- Embedded registry is now utilizing Hauler v1.0.7 (upgraded from v1.0.1)
- Network customizations are now utilizing nmc v0.3.1 (upgraded from v0.3.0)
- The current version of the image definition has been incremented to
1.1
to include the changes below- Existing definitions using the
1.0
version of the schema will continue to work with EIB
- Existing definitions using the
- Introduced a dedicated FIPS mode option (
enableFIPS
) which will enable FIPS mode on the node
- An optional directory named
os-files
may be included to copy files into the resulting image's filesystem at runtime - The
custom/files
directory may now include subdirectories, which will be maintained when copied to the image - Elemental configuration now requires a registration code in order to install the necessary RPMs from the official sources
- Alternatively, the necessary Elemental RPMs can be manually side-loaded instead
- #481 - Certain Helm charts fail when templated without specified API Versions
- #491 - Large Helm manifests fail to install
- #498 - Fix kernelArgs issue with Leap Micro 6.0
- #543 - Kernel cmdline arguments aren't honoured in SL Micro 6.0 for SelfInstall ISO's
- #550 - PackageHub inclusion in RPM resolution silently errors on SLE Micro 6.0
- #565 - K3S SELinux uses an outdated package
- Added the ability to consume both 512/4096 byte sector size disk input base-images
- Added the ability to leverage Elemental node reset for unmanaged operating systems
- Added version command and version marker on CRB images
- #429 - Automatically set execute bit on scripts
- #447 - Support >512 byte sector size base images
- #442 - Only get images from specific Kubernetes objects
- #405 - OCI registries are assumed to include the chart name
- Added a progress bar showing the progress of pulling images into the embedded artifact registry
- Added annotations to Helm CRs
- #352 - Resizing raw images results in dracut-pre-mount failure
- #355 - Helm fails getting charts stored in unauthenticated OCI registries
- #359 - Helm validation does not check if a chart uses an undefined repository
- #362 - Helm templating failure
- #365 - Unable to locate downloaded Helm charts
- #374 - Enable SELinux support for Kubernetes agents if servers enforce it
- #381 - Empty gpg-keys directory passes GPG enablement only to fail during the dependency resolution
- #383 - Criteria for validating the OS definition does not include RPM
- #372 - Empty certificates directory does not raise a build error but fails to boot the node
- #371 - EIB allows an SSH key to be set for a user when createHome is set to false
- #384 - Improve RPM validation
- #392 - Users script does not unmount /home
- #364 - Kubernetes component output is jumbled when downloading the installer
- #361 - Raw image build can fail silently due to lack of space
- Removed the
operatingSystem/isoConfiguration/unattended
option
- #319 - Combustion fails when combustion directory content is larger than half of the RAM of the system
- #233 - Use different Helm chart sources for development and production builds
- #337 - Re-running raw builds should remove the previous built image
- #95 - Compressed images are not supported
- #343 - Embedded Artifact Registry is memory bound
- #341 - Make Elemental registry configurable for production builds
- #258 - Kubernetes installation doesn't work with DHCP given hostname
- Added output at combustion phase to observe the script being executed
- Kubernetes install scripts are now downloaded at runtime instead of during the container image build process
- Bumped Go Version to 1.22
- Added support for using Helm charts from authenticated repositories/registries
- Added support for skipping Helm chart TLS verification and for using Helm charts from plain HTTP repositories/registries
- Added support for providing CA files to Helm resolver for TLS verification
- Added minor formatting improvements to the CLI output
- The
--config-file
argument to the EIB CLI has been renamed to--definition-file
. - The
--build-dir
argument to the EIB CLI is now optional and defaults to<config-dir>/_build
, creating it if it does not exist. - The
--config-dir
argument to the EIB CLI is now optional and defaults to/eib
which is the most common mounted container volume. - New
validate
subcommand is introduced - The
--validate
argument to thebuild
subcommand is now removed
- Added the ability to configure Helm charts under
kubernetes/helm
- Helm chart values files can be specified under
kubernetes/helm/values
- #239 - Incorrect warning when checking for both .yml and .yaml files
- #259 - SCC registration is not cleaned up if RPM resolution fails
- #260 - Empty network directory produces a network configuration script
- #267 - Embedded registry renders Kubernetes resources even when Kubernetes is not configured
- #242 - Empty rpms directory triggers resolution
- #283 - Definition file argument to EIB is incorrect
- #245 - Pass additional arguments to Helm resolver
- #307 - Helm chart parsing logic breaks if "---" is present in the chart's resources
- #272 - Custom files should keep their permissions
- #209 - Embedded artifact registry starting even when manifests don't have any images
- #315 - If Elemental fails to register during Combustion we drop to emergency shell
- #321 - Certain Helm charts fail when templated in the
default
namespace - #289 - The services for RPM dependency resolution failed to start
- Added support for deploying user-provided Helm charts
- Added support for custom network configuration scripts
- Removed the
embeddedArtifactRegistry/images/supplyChainKey
attribute - Changed
operatingSystem/users/sshKey
intooperatingSystem/users/sshKeys
and it is now a list instead of a single string - Added the ability to configure operating system groups under
operatingSystem/groups
- Added optional
primaryGroup
field for operating system users - Added optional
secondaryGroups
field for operating system users - Added optional
createHomeDir
field for operating system users - Added optional
uid
field for operating system users