IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Bump Go to 1.20.1
Bump containerd to 1.6.18
Bump kernel to 6.1.12
Bump go deps and enable renovate updates for markdown lint tools.
Signed-off-by: Noel Georgi <git@frezbo.dev>
And update all `ResourceDefinition` docs and type names. Drop unused functions and names.
Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
Go modules, container images.
Fixup for new COSI version: `ResourceDefinition` signature.
Update for new gRPC version: endpoints interface.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Use new equality generate check.
It's not being used in Talos a lot, it's almost only in the discovery
API client code.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Extend `docgen` tool to generate a JSON schema for `v1alpha1.Config` if a new optional cli arg is provided.
Extend the YAML-structured code comments on config fields to allow overriding the generated schema.
Add custom schemas for complex types.
Related to siderolabs/talos#6705.
Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
For some reason `go-mod-outdated` didn't work for me, so I had to do
this manually.
Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
Run `depmod` during install/upgrades when extensions provide kernel
modules and `modules.dep` needs to be re-generated. This also allows
modules of same name from kernel to co-exist. Modules in `extras`
folder takes precedence over `in-built` ones.
Signed-off-by: Noel Georgi <git@frezbo.dev>
Bumps tools/pkgs/extras to the latest.
Bumps Go modules.
Enables adaptive capacity for COSI state.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
This brings many fixes, including a new Watch with support for
Bootstapped and Errored event types.
`talosctl` from before this change is still compatible, as there's gRPC
API level backwards compatibility versioning.
New client doesn't yet depend on new event types, so it will work
against Talos 1.2.x.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
This resolves a case when a node is behind NAT, but KubeSpan port is
forwarded back to the node. Discovery Service returns public IP of the
client as it sees from the incoming request. That address is now
published to the KubeSpan endpoints.
Fixes#6508
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
We add the `nodeLabels` key to the machine config to allow users to add
node labels to the kubernetes Node object. A controller
reads the nodeLabels from the machine config and applies them via the
kubernetes API.
Older versions of talosctl will throw an unknown keys error if `edit mc`
is called on a node with this change.
Fixes#6301
Signed-off-by: Philipp Sauter <philipp.sauter@siderolabs.com>
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
There's a cyclic dependency on siderolink library which imports talos
machinery back. We will fix that after we get talos pushed under a new
name.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
This the first step towards replacing all import paths to be based on
`siderolabs/` instead of `talos-systems/`.
All updates contain no functional changes, just refactorings to adapt to
the new path structure.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
It got broken with the changes to the kubelet now sourcing static pods
from a HTTP internal server.
As we don't want it to be broken, and to make health checks better, add
a new check to make sure kubelet reports control plane static pods as
running. This coupled with API server check should make it more
thorough.
Also add logging when static pod definitions are updated (they were
previously there for file-based implementation). These logs are very
helpful for troubleshooting.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
This uses https://github.com/siderolabs/go-api-signature as an
actual implementation.
PGP keys generated will be stored under `~/.local/share/talos/keys` for
Linux.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
The following commands:
* `talosctl get`
* `talosctl edit mc`, `talosctl patch mc`
Now these commands don't fully unmarshal resources from protobuf
representation, but rather use YAML representation.
This allows `talosctl` version to be out of sync with Talos version.
Still other commands do full unmarshaling (e.g. `talosctl upgrade-k8s`),
so `talosctl` should match Talos to avoid issues.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
This adds metadata annotations and fixes some hanging watch loops.
There should be no functional changes for Talos.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
This commit bumps protoenc to v0.2.0 and also adds tests to ensure that encoding fixes are working correctly.
Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
In preparation for Talos release 1.2.0, update tools/pkgs/extras to
1.2.0.
Also update Go modules to released versions.
There should be no actual changes.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Overview: deprecate existing Talos resource API, and introduce new COSI
API.
Consequences:
* COSI API can only go via one-2-one proxy (`client.WithNode`)
* client-side API access is way easier with `state.State` wrappers
* lots of small changes on the client side to use new APIs
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
This commit adds the support for encoding/decoding Go structs with `protobuf:<n>` tags.
Closes#5940
Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
Use machine-id as the source for the default hostname (e.g. `talos-2gd-76y`) instead of DHCP-assigned IP (e.g. `talos-172-20-0-2`). This way, DHCP IP changes won't impact the hostname. Defaults to true for Talos version >=1.2.
Closessiderolabs/talos#5896.
Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
This uses the `go-packet` library with native bindings for the packet
capture (without `libpcap`). This is not the most performant way, but it
allows us to avoid CGo.
There is a problem with converting network filter expressions (like
`tcp port 3222`) into BPF instructions, it's only available in C
libraries, but there's a workaround with `tcpdump`.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
This PR adds support for building talosctl for FreeBSD on
amd64 and arm64 architectures.
It also pulls in the latest go-blockdevice library to ensure the FreeBSD
stubs are there for proper build.
Signed-off-by: Spencer Smith <spencer.smith@talos-systems.com>
There are no changes between 0.3.2 and 0.3.3, but 0.3.2 tag was force
pushed causing stale checksum in Go checksum database.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
The URL to fetch the configuration for a talos node is given by the
talos.config kernel parameter. We add support for 4 variables ${uuid},
${serial}, ${mac} and ${hostname} which substitute the device UUID,
DMI-sourced serial number, MAC address of the first network interface to
be up and the hostname respectively.
Fixes#3272
Signed-off-by: Philipp Sauter <philipp.sauter@siderolabs.com>
Previously crypto library handled only RSA-SHA512, as generated by
Talos, but this is a problem when migrating `kubeadm` cluster to Talos.
See https://github.com/siderolabs/crypto/pull/25
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
To enable authorization to services via siderolink on startup we extend
the kernel parameter siderolink.api to accept an optional join token as
a parameter as in grpc://<host>:<port>?jointoken=1234
Fixes#5592
Signed-off-by: Philipp Sauter <philipp.sauter@siderolabs.com>
dependabot-based, go-mod-outdated is broken due to sum issue with Azure
SDK package :(
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
This increases `initramfs` size by 356060 bytes (raw text database is
1.3 MiB).
In QEMU:
```
$ talosctl -n 172.20.0.2 get links eth0 -o yaml
spec:
...
productID: "0x1000"
vendorID: "0x1af4"
product: Virtio network device
vendor: Red Hat, Inc.
```
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
dependabot + go-mod-outdated
`arp` library is now using Go stdlib `netip.Addr`, so we need an ugly
way to convert `netaddr.IP` to `netip.Addr`. We should soon refactor to
use `netip.Addr` everywhere (starting with `siderolabs/net` package).
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
We extend the extension service spec with three security options,
WithWriteableSysfs, WithMaskedPaths, WithReadonlyPaths
Fixes#5411
Signed-off-by: Philipp Sauter <philipp.sauter@siderolabs.com>
