v0.10.1
omni-infra-provider-bare-metal 0.10.1 (2026-05-27)
Welcome to the v0.10.1 release of omni-infra-provider-bare-metal!
Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni-infra-provider-bare-metal/issues.
Machine Power-Off Support
The provider now honors power-off requests from Omni. When Omni requests a machine to be powered off, the provider acknowledges the request and avoids automatically powering the machine back on due to cluster allocation. The request is honored until the machine goes through a deallocation cycle, at which point it is considered stale and the provider resumes normal power management. The provider also reports the currently honored request back to Omni, allowing Omni to distinguish intentional power-off from unexpected disconnects.
Talos v1.13.0
This release updates the dependency on Talos to v1.13.0.
Contributors
- Andrey Smirnov
- Mateusz Urbanek
- Noel Georgi
- Mickaël Canévet
- Utku Ozdemir
- Edward Sammut Alessi
- Orzelius
- Zadkiel AHARONIAN
- Benoît Knecht
- David Orman
- Dharsan Baskar
- Dominik Pitz
- Erwan Leboucher
- Fritz Schaal
- Kevin Tijssen
- Laura Brehm
- Maja Bojarska
- Nico Berlee
- Quentin Joly
- Spencer Smith
- pythoner6
Changes
9 commits
150bf44release(v0.10.1): prepare releasec93c09bfix: write boot filename to BOOTP header for U-Boot ProxyDHCPe6da964chore: bump Go and deps, rekres, fix linters5b57fe3release(v0.10.0): prepare releasea3694fbchore: bump image-factory and talos-metal-agent4d13952chore: rekrese27fd88chore: bump deps, rekres, Talos v1.13.0fed52d9feat: honor power-off requests from omni2730cf3chore: accept eula in integration tests
Changes since v0.10.0
3 commits
Changes from siderolabs/crypto
Changes from siderolabs/image-factory
22 commits
ccffefcrelease(v1.2.0): prepare release4abeff4feat: add /talosctl/:version endpoint to list downloadable talosctls405b488feat(i18n): add french localec6ad082feat(registry): resolve latest tag to stable version471706dchore: drop update to talos main tests403cd5afix: centralize schematic ownership enforcementf1cceeefeat: implement authentication support81f9312release(v1.1.0): prepare release1b834b7feat: add SHA-256 and SHA-512 checksum frontende775c36feat: upgrade tailwind to v4bb27d39feat: update Talos to v1.13.0-rc.02a59890fix: gsa signer pull during verifyfbc302ffix: support insecure registries for signature bundles8e7d10efeat: add support for google service account signing74afd80fix: set correct Content-Type when downloading images8372fe8feat: add SPDX frontendb379bf2feat: switch schematic cache to LRU and negative TTL0450038chore: remove deuplicate k8s-down ci step470cb2fchore: switch to large runners713fc6efix: memory usage when building images0a25274fix: excessive memory usage0f9eb22feat: update machinery doc links
Changes from siderolabs/talos
192 commits
befeda7cbrelease(v1.13.3): prepare releasef4d451054feat(ci): rotate credentials01b434870fix: guard apply config API calla42c37f24feat(machined): support instance tags on Akamaid62d54ca7fix: memorymodules resource reportingb673b4be7fix: bump Go golang.org/x modules19755ad14feat: add bnxt_re module to the rootfs532bc6baafix: relax hostname config validation3bbd3ed35fix: bump Kubernetes to 1.36.1 in one more place472b9d991feat: update default Kubernetes version to 1.36.16d53ce0d5chore(ci): fix cloud image upload job name5633c7791fix: rework how scheduler config is marshaled52f056084fix: restore some shared (and some lower tier slave) mount propagation9de3c12d9fix: image verification issue with registry.k8s.io7dc716d85feat: redact more machine config secrets and audit redactorsd5448c60dchore(ci): try fixing homebrew actionef9f0bf02docs: drop controlplane endpoint examples7ee3e787bfeat: update Linux to 6.18.33e99744badfix: update containerd to 2.2.4c5d7c6536release(v1.13.2): prepare release7df617aa7release(v1.13.1): prepare release09ead22a3test: relax kernel-default routing rule assertion817609677feat: update Go to 1.26.3a5f32abdafix: normalize source name for syft consistencyf8298948afeat: bump in-toto indirect dependencyded9a2d78feat: update kernel to 6.18.29755628239fix: handle empty GCP operation errorse7645ba1cfix: clarify documentation for image verification patterne85d01a07fix: skip reserved routing rule prioritiesc5a81f2ccfeat: update etcd to 3.6.1138ca2bca6fix: add missing kernel modules in rootfsdc30ad327fix: preserve DHCP DNS serversd8e32fa73fix: stale discovered volume children80c110c87fix: re-enable kexec on arm64bd9ac044efix: provide proper AWS platform metadata549f3c0b4fix: panic in Kubernetes manifest sync29eb6651dfix(ci): zfs test4b36fc9c2fix: deadlock in the makefs ext4 with populated sourcefdf4f9f6cfix: do not pick up a system disk from a loop device4ff29cc9ffix(talosctl): protect k8sNames map writes with mutexff53434c9fix: mount throws EPERM on virtiofs with SELinux16cc0a99cfix: drop explicit platform matcherddb631abafix: bump go-kmsg to fix the timestamp drift595470849fix: make lacp active nilable879e31a65test: fix flaky testsef1d9ffc3fix: reset the ticker when the KubeSpan is disabled/enabledce89d6727fix: replace Canal manifest with a more recent oneb9e9c6579release(v1.13.0): prepare release5e2fc260afix: revert add extraArgs from service-account-issuer17448fcd2fix: revert use append instead of prepend in service-account-issuer4b9fe000ffeat: add quirk for talosctl factory downloadsf62c33113refactor: make all controller unit-test follow modern patternscd317d533feat: support auth for Image Factory in cluster create92ca9e16ffeat: update Kubernetes to v1.36.0e9afea74dtest: fix OOM test flaked34a61c8dfix(talosctl): ensure uncordon runs after reboot/upgrade errorsf9531d352test: fix a flake in the manifest sync test9f04f2c4efix: watch kubelet's kubeconfig and time out for cache syncf3bab2bafchore(ci): nvidia update helm valuesd4d018b54fix: propagate route table down to the resourceffa0bcf61chore(ci): bump gpu operator version8035e6e49fix: do not flip machine stage to rebooting during shutdown10606bdfefix: boot entry detection23393a5eafix: zfs extensions testa922d1540fix: return failed precondition on upgrade when not installed252799a00fix: reduce memory dashboard usage8180cb11cfix: wrong slot of encryption key was loggedb6bcd47e6feat: update Flannel to 0.28.4370c035abfix: audit trustd code for security3e1c6fd84chore: bump container registry librarydacd73313chore: update sign images to support image name suffix1a519a410test: allow more tests to run in FIPS strict modecb969aa9ffeat: update Linux to 6.18.241f949d9a5release(v1.13.0-rc.0): prepare release929ab7165fix(machined): clear stale bond ARP/NS targets on decode730937eeechore: bump tools0f9d4b5b9feat: update Kubernetes 1.36.0-rc.141e6866fdfix: encode extra args fields in resources with new id5feeab90dchore(ci): nvidia try UKI bootcd88cbd0cchore: bump tools53609713ffix: upgrade API in maintenance mode (legacy)2de7fb60drefactor: allow overriding out image name suffix384b189a5feat: update Kubernetes to 1.36.0-rc.09b8c1891bfix: panic in reading PCR values67a34a6ebfeat(ci): add nvidia arm64 matrixcd73b4a82feat: bump go to 1.26.277406ec31fix: validate hostDNS forwarding requires hostDNS to be enabled7d7776dcafix: handle boot failure6dc97e8aafix(talosctl): always use default GRPC dial optionsdb2c007eefix: create correct blackhole routes for IPv46f8462849refactor: propagate NAME properly, allow to set on build6a0ec46b5feat: add dis-vulncheck tool4c79bd815chore: bump some tool dependenciescd8d70fb9fix: set the minimum TLS version to 1.3fe5b849ecrefactor: remove manual shell completion and replace with cobra completionfef5ef49efeat: allow more nvidia and nvme files from extensions33b89cff7feat: allow glibc ld files in etc9be7bc025fix: don't set xattrs while decompressing extensions9cc735588feat: add client-side Kubernetes node drain to reboot and upgrade commands128c2c287feat: update Flannel to v0.28.202d84f582fix: handle ISOs with zeroes in volume labels70c356bfdfeat: add flag to force fallback to legacy upgrade8499579f4fix: add os:meta:writer role to the dashboarddc59a7e94fix: drop talosctl installf7be2c598feat: add resource view to talosctl dashboarda47b76618fix: unseal with "slow" TPM3c79b432afix: drop unused type from ExternalVolume schema38d391e9dfix: always grow disksf0c5cb517fix: add metal-agent mode to runtime capabilities213ecf2a5release(v1.13.0-beta.1): prepare releaseabc0ddf11feat: bump musl to 1.2.6fcdfeab2bfix: incorrect route source for on-link routesa8f2a0af7feat: update NVIDIA production drivers to 595.58.03ccf1e0c27test: fix the PKI mismatch test flake7a9467306test: fix cron failures for provision-1 & provision-2797815209fix: allow blockdevice wipe in maintenance modeefc76f0bftest: fix the flakes in tests with trusted roots7fa16b497test: bump memory for Flannel netpolicy tests576c26948feat: add --platform=all support to image cache-createceec42f2afeat: update Linux to 6.18.19, CNI to 1.9.1902c78a17test: improve maintenance API provision testsa4b0cbc49feat: validate luks headers for tampering281584b88chore: update go-kubernetes libraryb86360790fix: add symlinks nvidia-ctk and nvidia-cdi-hook in /usr/bind82fada75fix: unset rlimits for extension services76931f409feat: enforce PID check on connections to services over file socketsdf4e0e7f5feat: update etcd to 3.6.908ba425e6feat: update Kubernetes to 1.36.0-beta.01cb2a8b30fix: update diff library to v1.0.15e171a3detest: fix the apid test against AWS/GCPf98e76f8dfix: panics in diff algorithmsa544aea84release(v1.13.0-beta.0): prepare releasef36f6ef54chore: update pkgs and toolsb7d70cf62feat: unify maintenance and regular APIs13d6b4a03fix: trim down cosign dependencies5c39a8581fix: drop aws & azure KMS APIs from the machined build3d059754cfix: accept image cache volume encryption configd2661d253fix: apparmor parser config files13ef0cfc9fix: unmount pseudo-late recursivelye9d45671afix: panic in hardware.SystemInfoControllera728bbd89fix: validate missing apiVersion in config document decoderc8a674afafix: pull in a fix for dmesg timestampse7e21fe8efeat: bump dependencies6bb5cf57afeat: implement routing rules supporta0b9d6e77feat: bump kernel with uhci_hcd driver1f0d2da39feat: update containerd to 2.2.2cff0f5782fix(machined): support USERDATA legacy fallback in OpenNebula driver5d3a326c8feat(machined): add ONEGATE proxy route and deterministic interface iteration for OpenNebula3bec5cc7bfeat(machined): inherit IP6_METHOD from METHOD in OpenNebula driver4f4ec9806fix(machined): align OpenNebula hostname precedence with reference4d0244ddffeat(machined): add IPv6 alias address support for OpenNebula (ETH*_ALIAS*_IP6)5bb896230feat(machined): support ETH*_IP6_METHOD (static/dhcp/auto/disable) for OpenNebula469db18d3refactor(machined): extract per-interface IPv4 helper in OpenNebula driverae61f5a5efix(machined): use ParseFQDN for hostname parsing in OpenNebula7adbbd2f8feat(machined): support per-interface route metric for OpenNebula (ETH*_METRIC)196658c41feat(machined): add network alias support for OpenNebula (ETH*_ALIAS*)e96766e81feat(machined): merge global and per-interface DNS for OpenNebula23c99a3cbfeat(machined): add static routes support via ETH*_ROUTES for OpenNebulaad3c59aadfix: prevent stale discovered volumes readsfc9749b9efeat: pull in kernel with preemptible kernelc14179e78chore(ci): update nvidia test to use gpu-operatorda70cedfdrefactor: drop apid file socketee53a18c8fix: stop pulling wrong platform for images17335107bfix: use non-sensitive resource for health check precondition2fb6f6a16feat: add symlinks needed by gpu-operatorf2bae55b8feat: enable container device interface451b13c1bfeat: update Linux to 6.18.16a02d578fafeat: add support for mirroring image signatures57599fb87fix: skip some readiness checks when the CNI is disablede6d8669fbfeat: update Go to 1.26.17f2eb4856feat: add image verification endpoint1e4cd20d2feat: add talosctl install command and upgrade via LifecycleService275fa351ctest: add integration tests for LifecycleService upgrade path15a5ec998feat: implement new install/upgrade API720a2148afix: correctly calculate end ranges for nftables sets95287d2dbfix: environment suite failures10f49ca91feat: add trusted roots generation to stdpatches55b872185fix: use correct dhcp option for unicast dhcp renewal58e006461feat: update Kubernetes to 1.36.0-alpha.2ebcfafd4efeat: update Linux to 6.18.150ab84c2a1fix: ignore image digest when doing upgrade-k8sd417d68e0feat: bring in new ssa logic0bb6413fffix: do not fail on RO virtiofsbf2cd0a85feat: update Linux to 6.18.14ad29417aefix(machined): opennebula: process ETH*_ vars regardless of NETWORK context flagb551cb9b8feat: allow dashboard mouse supportbfb98a9cafeat: bump kube-network-policy to v1.0.0000c18d53feat: implement blackhole route configcc636f1ddfix: image cache test fails with 'no space left on device'f0c51b280feat: implement correct config patching for extraArgs fields1da2b63abfeat: multi-doc support for configuring vrfsc1d0a3360fix: patch with delete for LinkConfigs
Changes from siderolabs/talos-metal-agent
3 commits
Dependency Changes
- github.com/bougou/go-ipmi v0.8.1 -> v0.8.3
- github.com/cosi-project/runtime v1.14.0 -> v1.16.1
- github.com/insomniacslk/dhcp 5adc3eb26f91 -> 11b94ed970f2
- github.com/klauspost/compress v1.18.4 -> v1.18.6
- github.com/siderolabs/crypto v0.6.4 -> v0.6.5
- github.com/siderolabs/image-factory v1.0.3 -> v1.2.0
- github.com/siderolabs/omni/client v1.5.8 -> v1.8.0
- github.com/siderolabs/talos v1.13.0-alpha.2 -> v1.13.3
- github.com/siderolabs/talos-metal-agent v0.1.4 -> v0.1.5
- github.com/siderolabs/talos/pkg/machinery 58e006461d30 -> v1.13.3
- github.com/stmcginnis/gofish v0.21.4 -> v0.21.6
- go.uber.org/zap v1.27.1 -> v1.28.0
- google.golang.org/grpc v1.80.0 -> v1.81.1
Previous release can be found at v0.9.0