RancherOS Release - v1.5.2

Announcements
1

Release v1.5.2

RancherOS will only be distributing releases on basic x86 platform. For other distributions, please refer to the README.

Versions

  • Linux 4.14.122
  • Buildroot: 2018.02.11
  • Docker docker-18.06.3-ce by default
  • RPi64: Linux 4.14.114
  • Console:
    • Alpine: 3.9
    • CentOS: 7.5.1804
    • Debian: stretch
    • Fedora: 28
    • Ubuntu: bionic

Important

  • This release can mitigate Microarchitectural Data Sampling (MDS). Four CVEs have been assigned to cover different variations of the data sampling flaw:
    • CVE-2018-12126 for Microarchitectural Store Buffer Data Sampling (MSBDS)
    • CVE-2018-12127 for Microarchitectural Load Port Data Samping (MLPDS)
    • CVE-2018-12130 for Microarchitectural Fill Buffer Data Sampling (MFBDS)
    • CVE-2019-11091 for Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
  • There is now a built-in service for system upgrades that requires access to the internet. By default, it can detect system updates and downloads the required files. It will not automatically apply the patch. If you want to completely disable this feature, just run ros config set rancher.upgrade.policy none .

Major Features and Enhancements

  • Support for loading custom data from Azure metadata service. [#2762]
  • Support for wildcard matching on MAC addresses. [#2707]
  • Support for service cache updating. [#2677]
  • Support for tftp datasource for cloud config. [#2774]
  • Support for setting Wi-Fi on Raspberry Pi. [#2604]
  • Support for running RancherOS on Ping An Cloud. [#2752]
  • Support for pre-defined user images in the ISO. [#2697]
  • Upgraded open vm tools version to 10.3.10. [#2763]
  • Enhanced ros cloud-config validation. [#2693]

Major Bug Fixes since v1.5.1

  • Fixed an issue where writing proxy.sh from environment character escape errors. [#2785]
  • Fixed an issue where logrotate config files are overwritten every hour. [#2773]
  • Fixed an issue where sshd_config file disappears on upgrade when using a non-default console. [#2672]
  • Fixed an issue where ros config merge broken from stdin. [#2689]
  • Fixed an issue there are some errors reported by busybox in the network container. [#2684]
  • Fixed an issue where the utmp file is missing in the console. [#2676]
  • Fixed an issue where zfs volumes cannot be shown under /dev. [#2673]
  • Fixed an issue where zfs datasets cannot get mounted after reboot. [#2256]