v1.10.0

OS Changes

• Add optional settings to reboot into new kernel command line parameters (#2375)
• Support for static IP addressing (#2204, #2330, #2445)
• Add support for NVIDIA driver version 515 (#2455)
• Set mode for tmpfs mounts (#2473)
• Increase inotify default limits (#2335)
• Align vm.max_map_count with the EKS Optimized AMI (#2344)
• Add support for configuring DNS settings (#2353)
• Migrate netdog from serde_xml_rs to quick-xml (#2311)
• Support versioning for net.toml (#2281)
• Update admin and control container (#2471, #2472)

Orchestrator Changes

ECS

• Add cargo make tasks for testing ECS variants (#2348)

Kubernetes

• Add support for Kubernetes 1.24 variants (#2437)
• Remove Kubernetes aws-k8s-1.19 variants (#2316)
• Increase the kube-api-server QPS from 5/10 to 10/20 (#2436, thanks @tzneal)
• Update eni-max-pods with new instance types (#2416)
• Add setting to change kubelet's log level (#2460, #2470)
• Add cargo make tasks to perform migration testing for Kubernetes variants in AWS (#2273)

Platform Changes

AWS

• Disable drivers for USB-attached network interfaces (#2328)

Metal

• Add driver support for Solarflare, Pensando, Myricom, Huawei, Emulex, Chelsio, Broadcom, AMD and Intel 10G+ network cards (#2379)

Build Changes

• Extend external-files to vendor go modules (#2378, #2403, #2430)
• Make net_config unit tests reusable across versions (#2385)
• Add diff-kernel-config to identify kernel config changes (#2368)
• Extended support for variants in buildsys (#2339)
• Clarify crossbeam license (#2447)
• Honor BUILDSYS_ARCH and BUILDSYS_VARIANT env variables when set (#2425)
• Use architecture specific json payloads in unit tests (#2367, #2363)
• Add unified check target in Makefile.toml for review readiness (#2384)
• Update Go dependencies of first-party go projects (#2424, #2440, #2450, #2452, #2456)
• Update Rust dependencies (#2458, #2476)
• Update third-party packages (#2397, #2398, #2464, #2465, thanks @kschumy)
• Update Bottlerocket SDK to 0.27.0 (#2428)
• Migrate pubsys and infrasys to the AWS SDK for Rust (#2414, #2415, #2454)
• Update testsys dependencies (#2392)
• Fix hotdog's spec URL to the correct upstream link (#2326)
• Fix clippy warnings and enable lints on pull requests (#2337, #2346, #2443)
• Format issue field in PR template (#2314)

Documentation Changes

• Update checksum for new root.json (#2405)
• Mention that boot settings are available in Kubernetes 1.23 variants (#2358)
• Mention the need for AWS credentials in BUILDING.md and PUBLISHING-AWS.md (#2334)
• Add China to supported regions lists (#2315)
• Add community section to README.md (#2305, #2383)
• Standardize userdata.toml as the filename used in different docs (#2446)
• Remove commit from image name in PROVISIONING-METAL.md (#2312)
• Add note to CONTRIBUTING.md that outlines filenames' casing (#2306)
• Fix typos in Makefile.toml, QUICKSTART-ECS.md, QUICKSTART-EKS.md, netdog and prairiedog (#2318, thanks @kianmeng)
• Fix casing for GitHub and VMware in CHANGELOG.md (#2329)
• Fix typo in test setup command (#2477)
• Fix TESTING.md link typo (#2438)
• Fix positional fetch-license argument (#2457)

v1.9.2

Build Changes

• Archive old migrations (#2357)
• Update runc to version 1.1.4 (#2380)

v1.9.1

OS Changes

• Change kernel module compression from zstd to xz (#2323)
• Update ECR registry map for new AWS regions (#2336)
• Add new regions to pause registry map (#2349)
• Update tough to v0.8.1 (#2338)

v1.9.0

OS Changes

• SELinux policy now suppresses audit for tmpfs relabels (#2222)
• Restrict permissions for /boot and System.map (#2223)
• Remove unused crates growpart and servicedog (#2238)
• New mount in host containers for system logs (#2295)
• Apply strict mount options and enforce execution rules (#2239)
• Switch to a more commonly used syntax for disabling kernel config settings (#2290)
• Respect proxy settings when running setting generators (#2227)
• Add NET_CAP_ADMIN to bootstrap containers (#2266)
• Reduce log output for DHCP services (#2260)
• Fix invalid kernel config options (#2269)
• Improve support for container storage mounts (#2240)
• Disable uncommon filesystems and network protocols (#2255)
• Add support for blocking kernel modules (#2274)
• Fix ntp service restart when settings change (#2270)
• Add kernel 5.15 sources (#2226)
• Defer squashfs mounts to later in the boot process (#2276)
• Improve boot speed and rootfs size (#2296)
• Add "quiet" kernel parameter for some variants (#2277)

Orchestrator Changes

Kubernetes

• Make new instance types available (#2221 , thanks @cablespaghetti)
• Update Kubernetes versions (#2230, #2232, #2262, #2263, thanks @kschumy)
• Add kubelet image GC threshold settings (#2219)

ECS

• Add iptables rules for ECS introspection server (#2267)

Platform Changes

AWS

• Add support for AWS China regions (#2224, #2242, #2247, #2285)
• Migrate to using aws-sdk-rust for first-party OS Rust packages (#2300)

VMWare

• Remove console=ttyS0 from kernel params (#2248)

Metal

• Enable Mellanox modules in 5.10 kernel (#2241)
• Add bnxt module for Broadcom 10/25Gb network adapters in 5.10 kernel (#2243)
• Split out baremetal specific config options (#2264)
• Add driver support for Cisco UCS platforms (#2271)
• Only build baremetal variant specific drivers for baremetal variants (#2279)
• Enable the metal-dev build for the ARM architecture (#2272)

Build Changes

• Add Makefile targets to create and validate Boot Configuration (#2189)
• Create symlinks to images with friendly names (#2215)
• Add start-local-vm script (#2194)
• Add the testsys CLI and new cargo make tasks for testing aws-k8s variants (#2165)
• Update Rust and Go dependencies (#2303, #2299)
• Update third-party packages (#2309)

Documentation Changes

• Add NVIDIA ECS variant to README (#2244)
• Add documentation for metal variants (#2205)
• Add missing step in building packages guide (#2259)
• Add quickstart for running Bottlerocket in QEMU/KVM VMs (#2280)
• Address lints in README markdown caught by markdownlint (#2283)

v1.8.0

OS Changes

General

• Update admin and control containers (#2191)
• Update to containerd 1.6.x (#2158)
• Restart container runtimes when certificates store changes (#2076)
• Add support for providing kernel parameters via Boot Configuration (#1980)
• Restart long-running systemd services on exit (#2162)
• Ignore zero blocks on dm-verity root (#2169)
• Add support for static DNS mappings in /etc/hosts (#2129)
• Enable network configuration generation via netdog (#2066)
• Add support for non-eth0 default interfaces (#2144)
• Update to IMDS schema 2021-07-15 (#2190)

Kubernetes

• Add support for Kubernetes 1.23 variants (#2188)
• Improve Kubernetes pod start times by unsetting configMapAndSecretChangeDetectionStrategy in kubelet config (#2166)
• Add new setting for configuring kubelet's provider-id configuration (#2192)
• Add new setting for configuring kubelet's podPidsLimit configuration (#2138)
• Allow a list of IP addresses in settings.kubernetes.cluster-dns-ip (#2176)
• Set the default for settings.kubernetes.cloud-provider on metal variants to an empty string (#2188)
• Add c7g instance data for max pods calculation in AWS variants (#2107, thanks, @lizthegrey!)

ECS

• Add aws-ecs-1-nvidia variant with Nvidia driver support (#2128, #2100, #2098, #2167, #2097, #2090, #2099)
• Add support for ECS ImagePullBehavior and WarmPoolsSupport (#2063, thanks, @mello7tre!)

Hardware

• Build smartpqi driver for Microchip Smart Storage devices into 5.10 kernel (#2184)
• Add support for Broadcom ethernet cards in 5.10 kernel (#2143)
• Add support for MegaRAID SAS in 5.10 kernel (#2133)

Build Changes

• Remove aws-k8s-1.18 variant (#2044, #2092)
• Update third-party packages (#2178, #2187, #2145)
• Update Rust and Go dependencies (#2183, #2181, #2180, #2085, #2110, #2068, #2075, #2074, #2048, #2059, #2049, #2036, #2033)
• Update Bottlerocket SDK to 0.26.0 (#2157)
• Speed up kernel builds by installing headers and modules in parallel (#2185)
• Removed unused patch from Docker CLI (#2030, thanks, @thaJeztah!)

Documentation Changes

• Standardize README generation in buildsys (#2134)
• Clarify migration README (#2141)
• Fix typos in BUILDING.md and QUICKSTART-VMWARE.md (#2159, thanks, @ryanrussell!)
• Add additional documentation for using GPUs with Kubernetes variants (#2078)
• Document examples for using enter-admin-container (#2028)

v1.7.2

Security Fixes

• Update kernel-5.4 to patch CVE-2022-1015, CVE-2022-1016, CVE-2022-25636, CVE-2022-26490, CVE-2022-27666, CVE-2022-28356 (a3b4674f7108)
• Update kernel-5.10 to patch CVE-2022-1015, CVE-2022-1016, CVE-2022-25636, CVE-2022-1048, CVE-2022-26490, CVE-2022-27666, CVE-2022-28356 (37095415bab6)

OS Changes

• Update eni-max-pods with new instance types (#2079)
• Add support for AWS region ap-southeast-3: Jakarta (#2080)

v.1.7.1

Security Fixes

• Apply patch to hotdog for CVE-2022-0071 (1a3f35b2fe8e)

OS Changes

• Enable checkpoint restore (CONFIG_CHECKPOINT_RESTORE) for aarch64 (6e3d6ed4b83e)

v1.7.0

With this release, an inventory of software installed in Bottlerocket will now be reported to SSM if the control container is in use and inventorying has been enabled.

OS Changes

• Generate host software inventory and make it available to host containers (#1996)
• Update admin and control containers (#2014)

Build Changes

• Update third-party packages (#1977, #1983, #1987, #1992, #2022)
• Update Rust and Go dependencies (#2016, #2019)
• Makefile: lock tuftool version (#2009)
• Fix tmpfilesd configuration for kmod-5.10-nvidia (#2020)

Documentation Changes

• Fix tuftool download instruction in VMWare Quickstart (#1994)
• Explain data partition extension (#2013)

v1.6.2

With this release, the vmware-k8s variants have graduated from preview status and are now generally available. 🎉

Security Fixes

• Update kernel-5.4 and kernel-5.10 to include recent security fixes (a8e4a20ca7d1, 3d0c10abeecb)

OS Changes

• Add support for Kubernetes 1.22 variants (#1962)
• Add settings support for registry credentials (#1955)
• Add support for AWS CloudFormation signaling (#1728, thanks, @mello7tre!)
• Add TCMU support to the kernel (#1953, thanks, @cvlc!)
• Fix issue with closing frame construction in apiserver (#1948)

Build Changes

• Fix dead code warning during build in netdog (#1949)

Documentation Changes

• Correct variable name in bootstrap-containers/README.md (#1959, thanks, @dangen-effy!)
• Add art to the console (#1970)

v1.6.1

Security Fixes

• Apply patch to containerd for CVE-2022-23648 (0de1b39efa64)
• Update kernel-5.4 and kernel-5.10 to include recent security fixes (#1973)