From f89f887eac76ac90f12f5dd29e8ec7deef321c77 Mon Sep 17 00:00:00 2001 From: Steven Presti Date: Tue, 26 Nov 2024 15:44:25 -0500 Subject: [PATCH] docs: update documentation for stablized and updated configs --- docs/examples.md | 8 ++--- docs/release-notes.md | 13 ++++++++- docs/specs.md | 6 ++-- docs/upgrading-fcos.md | 66 ++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 86 insertions(+), 7 deletions(-) diff --git a/docs/examples.md b/docs/examples.md index b6061633..57d3fa2f 100644 --- a/docs/examples.md +++ b/docs/examples.md @@ -301,7 +301,7 @@ This example uses the shortcut `boot_device` syntax to configure an encrypted ro ```yaml variant: fcos -version: 1.6.0-experimental +version: 1.6.0 boot_device: layout: s390x-eckd luks: @@ -316,7 +316,7 @@ This example uses the shortcut `boot_device` syntax to configure an encrypted ro ```yaml variant: fcos -version: 1.6.0-experimental +version: 1.6.0 boot_device: layout: s390x-zfcp luks: @@ -331,7 +331,7 @@ This example uses the shortcut `boot_device` syntax to configure an encrypted ro ```yaml variant: fcos -version: 1.6.0-experimental +version: 1.6.0 boot_device: layout: s390x-virt luks: @@ -345,7 +345,7 @@ This example uses the shortcut `boot_device` syntax to configure an encrypted ro ```yaml variant: fcos -version: 1.6.0-experimental +version: 1.6.0 boot_device: layout: s390x-eckd luks: diff --git a/docs/release-notes.md b/docs/release-notes.md index 1b60416d..8b2caed0 100644 --- a/docs/release-notes.md +++ b/docs/release-notes.md @@ -8,7 +8,18 @@ nav_order: 9 ### Features -- Support LUKS encryption using IBM CEX secure keys on s390x _(fcos 1.6-exp)_ _(openshift 4.18.0-exp)_ +- Stabilize Fcos spec 1.6.0, targeting Ignition spec 3.5.0 +- Add Fcos spec 1.7.0-experimental, targeting Ignition spec + 3.6.0-experimental +- Update Fiot spec 1.1.0-experimental to target Ignition spec + 3.6.0-experimental +- Update Flatcar spec 1.2.0-experimental to target Ignition spec + 3.6.0-experimental +- Update OpenShift spec 4.18.0-experimental, targeting Ignition spec + 3.6.0-experimental +- Update R4e spec 1.2.0-experimental to target Ignition spec + 3.6.0-experimental +- Support LUKS encryption using IBM CEX secure keys on s390x _(fcos 1.6)_ _(openshift 4.18.0-exp)_ ### Bug fixes diff --git a/docs/specs.md b/docs/specs.md index ead1f45f..33c978ef 100644 --- a/docs/specs.md +++ b/docs/specs.md @@ -15,6 +15,7 @@ See the [Upgrading Configs](upgrading.md) page for instructions to update a conf We recommend that you always use the latest **stable** specification for your operating system to benefit from new features and bug fixes. The following **stable** specification versions are currently supported in Butane: - Fedora CoreOS (`fcos`) + - [v1.6.0](config-fcos-v1_6.md) - [v1.5.0](config-fcos-v1_5.md) - [v1.4.0](config-fcos-v1_4.md) - [v1.3.0](config-fcos-v1_3.md) @@ -46,7 +47,7 @@ We recommend that you always use the latest **stable** specification for your op Do not use **experimental** specifications for anything beyond **development and testing** as they are subject to change **without warning or announcement**. The following **experimental** specification versions are currently available in Butane: - Fedora CoreOS (`fcos`) - - [v1.6.0-experimental](config-fcos-v1_6-exp.md) + - [v1.7.0-experimental](config-fcos-v1_7-exp.md) - Flatcar (`flatcar`) - [v1.2.0-experimental](config-flatcar-v1_2-exp.md) - OpenShift (`openshift`) @@ -68,7 +69,8 @@ Each version of the Butane specification corresponds to a version of the Ignitio | `fcos` | 1.3.0 | 3.2.0 | | `fcos` | 1.4.0 | 3.3.0 | | `fcos` | 1.5.0 | 3.4.0 | -| `fcos` | 1.6.0-experimental | 3.5.0-experimental | +| `fcos` | 1.6.0 | 3.5.0 | +| `fcos` | 1.7.0-experimental | 3.6.0-experimental | | `flatcar` | 1.0.0 | 3.3.0 | | `flatcar` | 1.1.0 | 3.4.0 | | `flatcar` | 1.2.0-experimental | 3.5.0-experimental | diff --git a/docs/upgrading-fcos.md b/docs/upgrading-fcos.md index 3a4c89c7..db7830f1 100644 --- a/docs/upgrading-fcos.md +++ b/docs/upgrading-fcos.md @@ -13,6 +13,72 @@ Occasionally, changes are made to Fedora CoreOS Butane configs (those that speci 1. TOC {:toc} +## From Version 1.5.0 to Version 1.6.0 + +There are no breaking changes between versions 1.5.0 and 1.6.0 of the `fcos` configuration specification. Any valid 1.5.0 configuration can be updated to a 1.6.0 configuration by changing the version string in the config. + +The following is a list of notable new features. + +### LUKS CEX support + +The `luks` sections in `storage` and `boot_device` gained a `cex` field. If enabled, this will configure an encrypted root filesystem on a s390x system using IBM Crypto Express (CEX) card. + + +```yaml +variant: fcos +version: 1.6.0 +boot_device: + layout: s390x-eckd + luks: + device: /dev/dasda + cex: + enabled: true +``` +### Boot_Device Layouts s390x support + +The `boot_device` section gained support for the following layouts `s390x-eckd`, `s390x-zfcp`, `s390x-virt`. This enables the use of the `boot_device` sugar for s390x systems. + +The `s390x-eckd` layout enables configuration of an encrypted root filesystem for a DASD device. + +```yaml +variant: fcos +version: 1.6.0 +boot_device: + layout: s390x-eckd + luks: + device: /dev/dasda + tang: + - url: https://tang.example.com + thumbprint: REPLACE-THIS-WITH-YOUR-TANG-THUMBPRINT +``` + +The `s390x-zfcp` layout enables configuration of an encrypted root filesystem for a zFCP device. + +```yaml +variant: fcos +version: 1.6.0 +boot_device: + layout: s390x-zfcp + luks: + device: /dev/sdb + tang: + - url: https://tang.example.com + thumbprint: REPLACE-THIS-WITH-YOUR-TANG-THUMBPRINT +``` + +The `s390x-virt` layout enables configuration of an encrypted root filesystem for KVM. + +```yaml +variant: fcos +version: 1.6.0 +boot_device: + layout: s390x-virt + luks: + tang: + - url: https://tang.example.com + thumbprint: REPLACE-THIS-WITH-YOUR-TANG-THUMBPRINT +``` + ## From Version 1.4.0 to Version 1.5.0 There are no breaking changes between versions 1.4.0 and 1.5.0 of the `fcos` configuration specification. Any valid 1.4.0 configuration can be updated to a 1.5.0 configuration by changing the version string in the config.