alt-orchestra/talos
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,553 Commits 2 Branches 0 Tags
Commit Graph

699 Commits

Author SHA1 Message Date
Noel Georgi
d4606c33ec
chore: bump kernel to 5.15.49 
Bump kernel to 5.15.49

Remove the `random.trust_cpu` kernel cmdline as it already enabled in
Kconfig

Ref:
 - https://github.com/siderolabs/pkgs/pull/520
 - https://github.com/siderolabs/pkgs/pull/522

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-06-22 23:03:24 +05:30
Noel Georgi
e8113527f9
chore: bump kubernetes to v1.24.2 
Bump kubernetes to [v1.24.2](https://github.com/kubernetes/kubernetes/releases/tag/v1.24.2)

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-06-17 23:23:06 +05:30
Noel Georgi
2aad3a1e49
chore: bump kernel to 5.15.48 
Bump kernel to [5.15.48](https://github.com/siderolabs/pkgs/pull/518)

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-06-17 00:34:58 +05:30
Noel Georgi
89aaaef9f5
chore: bump kernel to 5.15.47 
Bump kernel to [5.15.47](https://github.com/siderolabs/pkgs/pull/514)

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-06-15 20:07:00 +05:30
Andrey Smirnov
b037096202
feat: build Talos images with system extensions included 
This allows to build a custom Talos image which comes with some system
extension bundled in. Sometimes we might need to have an extension in
the initial image, e.g. `vmtoolsd` for VMWare Talos image.

Syntax:

```
make image-aws \
  IMAGER_SYSTEM_EXTENSIONS="ghcr.io/siderolabs/amd-ucode:..."
```

System extensions are not supported for now for ISO images, as they
don't go through the common installer flow (#5725).

Also it might be nice to add a simple way to generate just
`initramfs.xz` with system extensions bundled in (e.g. for PXE booting).
(#5726)

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-06-10 00:10:22 +04:00
Noel Georgi
43def7490f
chore: bump kernel and runc 
Bump kernel to [5.15.46](https://github.com/siderolabs/pkgs/pull/511)
Bump runc to [v1.1.3](https://github.com/siderolabs/pkgs/pull/513)

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-06-09 21:08:26 +05:30
Tim Jones
0c91c89f4f
chore: revert day-two tests for csi tests 
This reverts commit d1294d014f5bee7fc1b5dfd6865f22b22f18f5f1.

Signed-off-by: Tim Jones <tim.jones@siderolabs.com>
 2022-06-08 11:04:00 +02:00
Andrey Smirnov
f3efec4b56
feat: update containerd 1.6.6, Linux 5.15.45, Flannel 0.18.1 
See:

* https://github.com/containerd/containerd/releases/tag/v1.6.6
* https://github.com/containerd/containerd/releases/tag/v1.6.5
* https://github.com/flannel-io/flannel/releases/tag/v0.18.1

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-06-06 22:52:41 +04:00
Noel Georgi
c126f2ee85
chore: bump golang to 1.18.3 
Bump Golang to 1.18.3

Ref:
  - https://github.com/siderolabs/pkgs/pull/498
  - https://github.com/siderolabs/extras/pull/51

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-06-03 19:07:17 +05:30
Andrey Smirnov
7b9dfcb852
chore: add 'make go-mod-outdated' 
This provides an easy target to find outdated `go.mod` dependencies.

Sample output:

```
>>>> pkg/machinery:
+---------------------------------+------------------------------------+------------------------------------+--------+------------------+
|             MODULE              |              VERSION               |            NEW VERSION             | DIRECT | VALID TIMESTAMPS |
+---------------------------------+------------------------------------+------------------------------------+--------+------------------+
| github.com/cosi-project/runtime | v0.0.0-20220426184241-e22a85955e81 | v0.0.0-20220527181155-95d06feaf8b5 | true   | true             |
| google.golang.org/genproto      | v0.0.0-20220505152158-f39f71e6c8f3 | v0.0.0-20220531173845-685668d2de03 | true   | true             |
| gopkg.in/yaml.v3                | v0.0.0-20220527175918-f17b0f05cf2c |                                    | true   | true             |
+---------------------------------+------------------------------------+------------------------------------+--------+------------------+

>>>> .:
+---------------------------------+--------------------------------------+------------------------------------+--------+------------------+
|             MODULE              |               VERSION                |            NEW VERSION             | DIRECT | VALID TIMESTAMPS |
+---------------------------------+--------------------------------------+------------------------------------+--------+------------------+
| github.com/aws/aws-sdk-go       | v1.44.19                             | v1.44.24                           | true   | true             |
| github.com/containerd/cgroups   | v1.0.4-0.20220301195952-2e502f6b9e43 | v1.0.4                             | true   | true             |
| github.com/cosi-project/runtime | v0.0.0-20220426184241-e22a85955e81   | v0.0.0-20220527181155-95d06feaf8b5 | true   | true             |
| github.com/google/nftables      | v0.0.0-20220515211605-06687b6e34eb   | v0.0.0-20220516205333-a9775fb167d2 | true   | true             |
| github.com/safchain/ethtool     | v0.0.0-20210803160452-9aa261dae9b1   | v0.2.0                             | true   | true             |
| golang.org/x/net                | v0.0.0-20220513224357-95641704303c   | v0.0.0-20220526153639-5463443f8c37 | true   | true             |
| golang.org/x/sys                | v0.0.0-20220517195934-5e4e11fc645e   | v0.0.0-20220520151302-bc2c85ada10a | true   | true             |
| golang.org/x/term               | v0.0.0-20220411215600-e5f449aeb171   | v0.0.0-20220526004731-065cf7ba2467 | true   | true             |
| gopkg.in/yaml.v3                | v0.0.0-20220527175918-f17b0f05cf2c   |                                    | true   | true             |
+---------------------------------+--------------------------------------+------------------------------------+--------+------------------+

>>>> hack/cloud-image-uploader:
+---------------------------+------------------------------------+------------------------------------+--------+------------------+
|          MODULE           |              VERSION               |            NEW VERSION             | DIRECT | VALID TIMESTAMPS |
+---------------------------+------------------------------------+------------------------------------+--------+------------------+
| github.com/aws/aws-sdk-go | v1.44.19                           | v1.44.24                           | true   | true             |
| golang.org/x/sync         | v0.0.0-20210220032951-036812b2e83c | v0.0.0-20220513210516-0976fa681c29 | true   | true             |
+---------------------------+------------------------------------+------------------------------------+--------+------------------+
```

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-05-31 23:52:22 +04:00
Noel Georgi
48423a9830
chore: bump kernel to 5.15.44 
Bump kernel to [5.15.44](https://github.com/siderolabs/pkgs/pull/494)

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-05-31 18:33:18 +05:30
Andrey Smirnov
3ed254976b
feat: update Kubernetes to 1.24.1 
See https://github.com/kubernetes/kubernetes/releases/tag/v1.24.1

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-05-27 19:33:07 +04:00
Andrey Smirnov
ceae420a84
chore: update tools/pkgs/extras to 1.1.0 
In preparation for Talos 1.1.0-beta, update all dependencies to release
versions.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-05-27 19:12:57 +04:00
Noel Georgi
0dc4ad58e5
chore: bump kernel to 5.15.43 
Bump kernel to [5.15.43](https://github.com/siderolabs/pkgs/pull/490)

Also pulls in:

- [Azure disks udev rules](https://github.com/siderolabs/pkgs/pull/488)
- [pkgs stable build time](https://github.com/siderolabs/pkgs/pull/489)
- [extras stable build time](https://github.com/siderolabs/extras/pull/49)

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-05-26 18:16:28 +05:30
Andrey Smirnov
af5ac30a7b
feat: enable passing custom kernel args to the ISO creator 
Instead of hardcoded `grub.cfg`, use common code to generate list of
kernel arguments and allow using `--extra-kernel-arg` as well.

Before the change:

```
linux /boot/vmlinuz init_on_alloc=1 slab_nomerge pti=on panic=0 consoleblank=0 printk.devkmsg=on earlyprintk=ttyS0 console=tty0 console=ttyS0 talos.platform=metal
```

New (default line):

```
linux /boot/vmlinuz talos.platform=metal earlyprintk=ttyS0 console=ttyS0 console=tty0 init_on_alloc=1 slab_nomerge pti=on consoleblank=0 nvme_core.io_timeout=4294967295 random.trust_cpu=on printk.devkmsg=on ima_template=ima-ng ima_appraise=fix ima_hash=sha512
```

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-05-25 18:26:44 +04:00
Noel Georgi
f477eb8820
chore: bump kernel to 5.15.41 
Bump kernel to [5.15.41](https://github.com/siderolabs/pkgs/pull/483)

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-05-18 18:55:04 +05:30
Noel Georgi
5ec4e9096e
chore: bump kernel to 5.15.40 
Bump kernel to [5.15.40](https://github.com/siderolabs/pkgs/pull/481)

Also bumps u-boot to [v2022.04](https://github.com/siderolabs/pkgs/pull/479)

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-05-16 19:28:09 +05:30
Dmitriy Matrenichev
a6e4365823
feat: implement DeepCopy using code generation 
Refactor every typed.Resource except KubeletConfigSpec to use deep-copy tool for generating DeepCopy method.

KubeletConfigSpec is excluded because its DeepCopy method is not trivial.

Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
 2022-05-13 04:39:36 +08:00
Noel Georgi
166d2585c6
chore: bump kernel and runc 
Bump kernel to [5.15.39](https://github.com/siderolabs/pkgs/pull/476)
Bump runc to [v1.1.2](https://github.com/siderolabs/pkgs/pull/473)

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-05-12 22:32:18 +05:30
Dmitriy Matrenichev
8d9b0cde0a
chore: update deps to go 1.18.2 
Update tools, pkgs and extras

Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
 2022-05-12 22:11:18 +08:00
Noel Georgi
da7b24ba57
chore: bump kernel to 5.15.38 
Bump kernel to 5.15.38 LTS

Ref: https://github.com/siderolabs/pkgs/pull/468

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-05-11 01:00:11 +05:30
Noel Georgi
89cab200b8
chore: bump kubernetes to v1.24.0 
Bump kubernetes to v1.24.0

Ref: https://github.com/siderolabs/kubelet/pull/45

Also update coredns [manifests](https://github.com/coredns/deployment/blob/master/kubernetes/coredns.yaml.sed)

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-05-05 00:34:35 +05:30
Noel Georgi
bb932c2970
chore: bump containerd to v1.6.4 
Bump containerd to v1.6.4

Ref: https://github.com/siderolabs/pkgs/pull/466

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-05-04 00:41:30 +05:30
Noel Georgi
4eaaa2d597
chore: bump kernel to 5.15.37 
Bump kernel to 5.15.37

Ref: https://github.com/siderolabs/pkgs/pull/463

Also bump [pkgs](https://github.com/siderolabs/pkgs/pull/465) and [tools](https://github.com/siderolabs/tools/pull/193)

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-05-03 21:36:59 +05:30
Noel Georgi
f06e6acf2f
chore: bump kernel to 5.15.36 
Bump kernel to 5.15.36 LTS

Ref:
 - https://github.com/siderolabs/pkgs/pull/458
 - https://github.com/siderolabs/pkgs/pull/460

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-04-28 01:09:54 +05:30
Andrey Smirnov
1973095d14
feat: update containerd to 1.6.3 
This includes a fix for image pull slowness from
https://github.com/containerd/containerd/pull/6702.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-04-26 21:43:28 +03:00
Noel Georgi
1d5c08e74f
chore: bump kernel to 5.15.35 
Bump kernel to 5.15.35 LTS

Ref: https://github.com/siderolabs/pkgs/pull/454

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-04-20 20:33:10 +05:30
Andrey Smirnov
9bf23e5162
feat: update Kubernetes to 1.24.0-rc.0 
See https://github.com/kubernetes/kubernetes/releases/tag/v1.24.0-rc.0

Go modules are not updated due to missing tags:
https://github.com/kubernetes/kubernetes/issues/109565

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-04-20 16:53:51 +03:00
Noel Georgi
610945774a
chore: bump tools and pkgs 
Bump tools and pkgs

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-04-18 20:51:21 +05:30
Noel Georgi
bbdfda2dd2
chore: xfs quota support in kernel 
XFS quota support in kernel

Ref: https://github.com/siderolabs/pkgs/pull/451

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-04-15 17:02:04 +05:30
Noel Georgi
8ff8fc77f3
chore: enable rpi4 poe hat fan control 
Enable the Rpi4 PoE hat fan control by pulling in the overlay
compatible with the upstream kernel driver.

Ref: https://github.com/siderolabs/pkgs/pull/450

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-04-15 00:17:40 +05:30
Noel Georgi
13f41baddf
chore: bump kernel to 5.15.34 
Bump kernel to 5.15.34

Ref: https://github.com/siderolabs/pkgs/pull/448

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-04-14 12:19:05 +05:30
Noel Georgi
a91eb9358d
chore: bump deps 
Ref:
- https://github.com/siderolabs/tools/pull/185
- https://github.com/siderolabs/pkgs/pull/447
- https://github.com/siderolabs/extras/pull/44

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-04-13 22:22:11 +05:30
Andrey Smirnov
a4060513c6
feat: build Talos with support for x86-64-v2 microarchitecture 
See https://github.com/golang/go/wiki/MinimumRequirements#microarchitecture-support

This relies on new Go 1.18 feature to use more efficient x86-64
instructions.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-04-11 21:12:59 +03:00
Noel Georgi
8faebd410b
chore: bump tools and pkgs 
Bump tools and pkgs to get kernel 5.15.33

5.15.33 has a bunch of fixes for some CVE's,
it was too hard to track those and reference

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-04-11 19:56:42 +05:30
Dmitriy Matrenichev
a7ba7ea679
feat: migrate to go 1.18 
Increase go.mod version from 1.17 to 1.18 in all projects. Update Makefile
to use latest tooling. Fix golangci by disable nolintlint for now.

Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
 2022-04-11 17:17:54 +04:00
Andrey Smirnov
9dace93b59
feat: enable Pod Security Admission by default 
As Talos 1.1 supports Kubernetes 1.22-1.24, we can finally enable Pod
Security Admission by default:

```yaml
apiVersion: apiserver.config.k8s.io/v1
kind: AdmissionConfiguration
plugins:
- configuration:
    apiVersion: pod-security.admission.config.k8s.io/v1alpha1
    defaults:
      audit: restricted
      audit-version: latest
      enforce: baseline
      enforce-version: latest
      warn: restricted
      warn-version: latest
    exemptions:
      namespaces:
      - kube-system
      runtimeClasses: []
      usernames: []
    kind: PodSecurityConfiguration
  name: PodSecurity
  path: ""
```

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-04-11 15:36:04 +03:00
Tim Jones
da0e638f04
docs: stableize tools versioning 
Ensure that the site generation tools are
up to date and match versions.

Signed-off-by: Tim Jones <tim.jones@siderolabs.com>
 2022-04-08 15:25:29 +02:00
Noel Georgi
a6eebee36f
chore: update eudev 
Update eudev

Ref: https://github.com/siderolabs/pkgs/pull/443

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-04-08 00:05:48 +05:30
Noel Georgi
1e4320b64e
chore: add support for rockpi 4A and 4B 
Add support for RockPi 4A and 4B

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-04-06 23:35:16 +05:30
Andrey Smirnov
1ed1f73e51
test: bump CAPI to 1.1.3 
This probably fixes the incompatibility with 1.24.0-beta.0.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-03-31 22:50:16 +03:00
Andrey Smirnov
2ee1d2c720
feat: update Kuberentes to 1.24.0-beta.0 
See https://github.com/kubernetes/kubernetes/releases/tag/v1.24.0-beta.0

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-03-31 18:06:56 +03:00
Andrey Smirnov
ca8b9c0a3a
feat: update Kubernetes to 1.24.0-alpha.4 
See https://github.com/kubernetes/kubernetes/releases/tag/v1.24.0-alpha.4

Fix some incompatibilities around dropped flags/API versions.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-03-30 22:59:07 +03:00
Andrey Smirnov
d9ec6b2151
chore: drop dirty from abbreviated tag 
Otherwise `make generate` updates embeddable data file with `-dirty`
stuffix which we don't want.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-03-30 22:06:41 +03:00
Andrey Smirnov
fc23c7a595
test: bump versions for upgrade tests 
Use 0.14 -> 1.0 -> master.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-03-30 18:59:48 +03:00
Andrey Smirnov
4bfe686105
feat: update runc to 1.1.1 
Also drop kernel sound/PCMCIA, enable random trust CPU, update
for Jetson Nano u-boot.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-03-30 18:17:26 +03:00
Dmitriy Matrenichev
b315ed9532
chore: use go:embed instead of ldflags 
Generate separate file for each variable and assign them during go build using go:embed instead of using ldflags -X.

Resolves #5138

Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
 2022-03-30 18:15:48 +04:00
Andrey Smirnov
a5d64fc814
feat: update Flannel to 0.17.0 
See https://github.com/flannel-io/flannel/releases/tag/v0.17.0

Flannel image was copied without any changes to `ghcr.io` to avoid
Docker Hub download limits.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
 2022-03-30 16:42:44 +03:00
Noel Georgi
bd0035f6a2
docs: add NVIDIA docs 
Add NVIDIA docs

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-03-29 00:21:48 +05:30
Noel Georgi
e2666f58f5
chore: bump kernel to 5.15.32 
Bump kernel to 5.15.32

Ref: https://github.com/siderolabs/pkgs/pull/432

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2022-03-28 18:26:31 +05:30