IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Fixes https://github.com/siderolabs/extensions/issues/448
Bundle some CNI standard plugins plus Flannel CNI plugin (as Flannel is
the default CNI in Talos) in the Talos `initramfs`.
With this change, no plugin install is required, so the `install-cni`
step is dropped from the Flannel default manifest.
The bundled plugins:
```
$ talosctl -n 172.20.0.2 ls -lH /opt/cni/bin/
NODE MODE UID GID SIZE(B) LASTMOD NAME
172.20.0.2 drwxr-xr-x 0 0 109 B 7 hours ago .
172.20.0.2 -rwxr-xr-x 0 0 3.2 MB 7 hours ago bridge
172.20.0.2 -rwxr-xr-x 0 0 3.3 MB 7 hours ago firewall
172.20.0.2 -rwxr-xr-x 0 0 2.4 MB 7 hours ago flannel
172.20.0.2 -rwxr-xr-x 0 0 2.4 MB 7 hours ago host-local
172.20.0.2 -rwxr-xr-x 0 0 2.4 MB 7 hours ago loopback
172.20.0.2 -rwxr-xr-x 0 0 2.8 MB 7 hours ago portmap
```
The `initramfs` for amd64 grows 67 -> 73 MiB with this change.
The path `/opt/cni/bin` is still an overlay mount, so extra plugins can
be dropped to this directory (no change here).
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
The github.com/coredns/coredns dropped the tag v1.11.2 for the previous
version we were using, so `release-tool` can't generate the release
notes.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Put Talos version in the ISO volume ID and volumeset ID.
Volume ID is restricted on valid characters, while volumeset ID is not
restricted (Unicode).
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Update vmware.sh, use `talos-vmtoolsd` as a system extension.
Signed-off-by: Dean <22192242+saintdle@users.noreply.github.com>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Support new network feature "routed ip".
IPv4 now attached to the VM directly.
Signed-off-by: Serge Logvinov <serge.logvinov@sinextra.dev>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
There was incorrect word kuberenetes breaking the search through docs
Signed-off-by: George Gaál <gb12335@gmail.com>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Updated with autoscaling group for workers, better copy/paste ability, and not using default VPC
Signed-off-by: Justin Garrison <justin.garrison@siderolabs.com>
The check for k8s suite added in #9085 causes issues with applying k8s resources
which are global like `Namespace` or `StorageClass`.
Instead of failing just log.
Signed-off-by: Noel Georgi <git@frezbo.dev>
Support `unsupported` flag for mkfs, so that `STATE` partition with size
less than 300M can be created by `mkfs.xfs`.
This allows to bring in newer `xfsprogs` that can repair corrupted FS
better.
Signed-off-by: Noel Georgi <git@frezbo.dev>
When `talosctl dashboard` is used with node "aliases" (e.g., node names or machine IDs in Omni) passed via `-n` flag, the graphs in the monitor tab were not rendered correctly: The matching of the old and current data were done incorrectly.
Fix this by pushing node alias->IP resolution down to the (api & log) data sources of the dashboard, by passing a resolver to them.
Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
This is required in Image Factory to manipulate properly the imager
profile when enabling an option for well-known UEFI certificates.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
The main etcd tag is now multiarch so the special case isn't needed.
Signed-off-by: Steven Fackler <sfackler@gmail.com>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
`disabled` was removed in https://github.com/cilium/cilium/pull/31286
Signed-off-by: Daniel Höxtermann <daniel@hxtm.dev>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Extensions are posted the following way:
`extensions.talos.dev/<name>=<version>`
The name should be valid as a label (annotation) key.
If the value is valid as a label value, use labels, otherwise use
annotations.
Also implements node annotations in the machine config as a side-effect.
Fixes#9089Fixes#8971
See #9070
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Provide `XDG_RUNTIME_DIR` environment variable, this specifically fixes
the `kubectl exec` action when `/tmp` is filled up.
Update containerd configuration to version 3 and fix it up.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Signed-off-by: Noel Georgi <git@frezbo.dev>
Following the most recent livestream, I'm adding in a few small fixes, specifically:
* Using `metros` instead of `facilities` as the latter is deprecated (https://deploy.equinix.com/developers/docs/metal/locations/facilities/)
Signed-off-by: Steve Martinelli <4118756+stevemar@users.noreply.github.com>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Generating YAML using text templates is going to stop working because of
proper escaping.
Also fix unrelated issue with `cloud.google.com/go` module which got
split into submodules, and now this conflicts with each other.
Fixes#7180
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Add a `runc-memfd-bind` service so that runc binary is not copied for
every `runc` invocation.
Fixes: #9007.
Signed-off-by: Noel Georgi <git@frezbo.dev>
Add `"` to handle vmware network interfaces with non-characters name
Signed-off-by: Fredrik Lundhag <f@mekk.com>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Add test for Gvisor extensions when kvm platform is used.
The test is marked as skipped until pod termination issue is resolved.
Signed-off-by: Noel Georgi <git@frezbo.dev>
when kernel not support ethtool-netlink,we will use ethtool-ioctl to get link status
Signed-off-by: EricMa <307748790@qq.com>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
This patch adds a flag to `secureboot.database.Generate` to append the
Microsoft UEFI secure boot DB and KEK certificates to the appropriate
ESLs, in addition to complimentary command line flags.
This patch also includes a copy of said Microsoft certificates. The
certificates are downloaded from an official Microsoft repo.
Signed-off-by: Jean-Francois Roy <jf@devklog.net>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
