|
| 1 | +--- |
| 2 | +Publish Date: '2025-07-21' |
| 3 | +--- |
| 4 | + |
| 5 | + |
| 6 | +# Release 2025_025 (2025-07-21) |
| 7 | + |
| 8 | +## Impact |
| 9 | + |
| 10 | +We have improved IO throttling on our hypervisors. These performance gains |
| 11 | +are available to all running VMs, irrespectively of their platform version: |
| 12 | + |
| 13 | + * HDD-class VMs can burst up to 2.500 IOPS for 60 seconds and |
| 14 | + have an explicit bandwidth limit of 250 MiB/s. |
| 15 | + * SSD-class VMs can burst up to 20.000 IOPS for 60 seconds |
| 16 | + and have an explicit bandwidth limit of 500 MiB/s. |
| 17 | + * Reads and writes are now throttled separately, so all VMs |
| 18 | + can use their IOPS limit separately for reading and |
| 19 | + writing at the same time. |
| 20 | + |
| 21 | + |
| 22 | +### 25.05 |
| 23 | + |
| 24 | +The following services may be restarted: postgresql.service, redis.service |
| 25 | + |
| 26 | + |
| 27 | +## NixOS 25.05 platform |
| 28 | + |
| 29 | +- devhost: switch to kea as dhcp server (PL-133857) |
| 30 | + |
| 31 | + We had seen issues with DHCP packets having an invalid checksum. Kea handles this better and seems to resolve provisioning issues. |
| 32 | + We continue to monitor the issues. |
| 33 | + |
| 34 | +- postgresql: add role `postgresql17` for newest major release. All existing versions of the postgresql role remain available. |
| 35 | + |
| 36 | +- Make XFS upgrades at boot-time optional and disable it by default. (PL-133864) |
| 37 | + |
| 38 | + We introduced the XFS upgrade code in the 25.05 cycle to allow long-living |
| 39 | + filesystems enable features like "bigtime" which makes the filesystem |
| 40 | + year 2038 compatible. The implementation chose robustness over performance |
| 41 | + but the tradeoff ended up with boot times of tens of minutes even for |
| 42 | + small or medium VMs. We're taking this feature back to the drawing board, |
| 43 | + but provide a knob so it can be used in situations where it's really needed. |
| 44 | + |
| 45 | +- Pull upstream NixOS changes, security fixes, and package updates: |
| 46 | + - chromedriver: 138.0.7204.92 -> 138.0.7204.100 |
| 47 | + - chromium: 138.0.7204.92 -> 138.0.7204.100 |
| 48 | + - firefox: 140.0.2 -> 140.0.4 |
| 49 | + - gitaly: 18.1.1 -> 18.1.2 |
| 50 | + - gitlab: 18.1.1 -> 18.1.2 |
| 51 | + - gitlab-container-registry: 4.23.1 -> 4.24.0 |
| 52 | + - gitlab-ee: 18.1.1 -> 18.1.2 |
| 53 | + - gitlab-pages: 18.1.1 -> 18.1.2 |
| 54 | + - gitlab-workhorse: 18.1.1 -> 18.1.2 |
| 55 | + - go_1_23: 1.23.10 -> 1.23.11 |
| 56 | + - keycloak: 26.1.4 -> 26.2.5 |
| 57 | + - linuxKernelStable: 6.12.35 -> 6.12.37 |
| 58 | + - linuxKernelVerify: 6.12.35 -> 6.12.37 |
| 59 | + - postgresql13Packages.postgis: 3.5.2 -> 3.5.3 |
| 60 | + - postgresql14Packages.postgis: 3.5.2 -> 3.5.3 |
| 61 | + - postgresql15Packages.postgis: 3.5.2 -> 3.5.3 |
| 62 | + - postgresql16Packages.postgis: 3.5.2 -> 3.5.3 |
| 63 | + - postgresql17Packages.postgis: 3.5.2 -> 3.5.3 |
| 64 | + - postgresqlPackages.postgis: 3.5.2 -> 3.5.3 |
| 65 | + - promtail: 3.4.4 -> 3.4.5 |
| 66 | + - python3Packages.structlog: 25.3.0 -> 25.4.0 |
| 67 | + - redis: 7.2.9 -> 7.2.10 |
| 68 | + - uv: 0.7.19 -> 0.7.20 |
| 69 | + |
| 70 | + |
| 71 | +## Documentation |
| 72 | + |
| 73 | +- updated NAT endpoint IP addresses used by outbound traffic from machines with no public IPv4 address: {ref}`outbound` |
| 74 | + |
| 75 | +## Detailed Changes |
| 76 | + |
| 77 | +- NixOS 25.05: [platform code](https://github.com/flyingcircusio/fc-nixos/compare/29c53792b6a771323069b374d5b0ff83b40957a3...8cbd8224e1962895f3a89b35478fa93dcadf1ecb), [nixpkgs/upstream changes](https://github.com/flyingcircusio/nixpkgs/compare/5456fd668551c2c244499b9e7e91eacc1b9a75ee...5b84c538023d45435b912c2613cb6ce3ed4160b5), [metadata](https://my.flyingcircus.io/releases/metadata/fc-25.05-production/2025_025), [channel url](https://hydra.flyingcircus.io/build/7988790/download/1/nixexprs.tar.xz) |
| 78 | + |
| 79 | + |
0 commit comments