IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This version is built with newer Go which fixes
`fatal error: mlock failed` on Ubuntu kernels which are actually
patched, but their minor version doesn't match Go expectations.
New linters were disabled to minimize the changes, and plan is to fix
the linting errors in subsequent PRs.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This PR pulls in a newer kernel with CONFIG_CRYPTO_USER_API_HASH
support. This is needed for cilium 1.7.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
A number of storage providers depend on having open-iscsi installed
on the host. This adds open-iscsi along with any dependencies.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This brings in an updated build of LVM2 that addresses a
segfault error. We were also missing libaio.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
With Go 1.14.3 we can run race-enabled code on muslc, so this opens path
to run unit-tests-race under Talos environment with rootfs, enabling all
the tests to run under race detector.
Also fixed the tests run by specifying platform in the test environment.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This updates packages to include a kernel built with
CONFIG_NETFILTER_XT_MATCH_SOCKET=y since it is recommended
by cilium.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
A new version of markdownlint-cli was released that breaks the
lint-markdown target. This pins all the libraries we use for
linting markdown files to specific versions that are known to
work.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
We were never copying the protobuf files in, so prototool was never
really linting anything. This ensures that the `api` directory is copied
in.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This fixes random markdown linting issues. The previous `sentences-per-line`
library seems to be broken now, and unmaintained. This moves to using
`textlint` instead.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This change updates the pkgs tag to v0.2.0. There is no difference in
the content of the packages.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This PR does the following:
- updates the conform config
- cleans up conform scopes
- moves slash commands to the talos-bot
- adds a check list to the pull request template
- disables codecov comments
- uses `BOT_TOKEN` so all actions are performed as the talos-bot user
- adds a `make conformance` target to make it easy for contributors to
check their commit before creating a PR
- bumps golangci-lint to v1.24.0
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This PR will add in the drivers for HP Smart Array RAID controllers so
that Talos users can use raid setups.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
This moves `bootkube start` into container which runs pretty much like
any other Talos service.
This resolves issues with bootkube log and provides better isolation.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This PR will pull in a newer kernel config that enables the
`CONFIG_USB_STORAGE` options for folks wanting to interact with USB
storage devices from talos.
This PR also pulls in a small change to our kernel decompression logic
to try 7z decompression first.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
This is a rename of the osctl binary. We decided that talosctl is a
better name for the Talos CLI. This does not break any APIs, but does
make older documentation only accurate for previous versions of Talos.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This keeps backwards compatibility with `osctl` CLI binary with the
exception of `osctl config generate` which was renamed to `osctl
gen config` to avoid confusion with other `osctl config`
commands which operate on client config, not Talos server config.
Command implementation and helpers were split into subpackages for
cleaner code and more visible boundaries. The resulting binary still
combines commands from both sections into a single binary.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This PR cleans up the formatting for various package imports as they
were causing the linter to throw errors.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
New service `routerd` performs exactly single task: based on incoming
API call service name, it routes the requests to the appropriate Talos
service (`networkd`, `osd`, etc.) Service `routerd` listens of file
socket and routes requests to file sockets.
Service `apid` now does single task as well:
* it either fans out request to other `apid` services running on other
nodes and aggregates responses
* or it forwards requests to local `routerd` (when request destination
is local node)
Cons:
* one more proxying layer on request path
Pros:
* more clear service roles
* `routerd` is part of core Talos, services should register with it to
expose their API; no auth in the service (not exposed to the world)
* `apid` might be replaced with other implementation, it depends on TLS infra,
auth, etc.
* `apid` is better segregated from other Talos services (can only access
`routerd`, can't talk to other Talos services directly, so less exposure
in case of a bug)
This change is no-op to the end users.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This class of tests is included/excluded by build tags, but as it is
pretty different from other integration tests, we build it as separate
executable. Provision tests provision cluster for the test run, perform
some actions and verify results (could be upgrade, reset, scale up/down,
etc.)
There's now framework to implement upgrade tests, first of the tests
tests upgrade from latest 0.3 (0.3.2 at the moment) to current version
of Talos (being built in CI). Tests starts by booting with 0.3
kernel/initramfs, runs 0.3 installer to install 0.3.2 cluster, wait for
bootstrap, followed by upgrade to 0.4 in rolling fashion. As Firecracker
supports bootloader, this boots 0.4 system from boot disk (as installed
by installer).
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Container images for `apid`, `networkd`, etc. are now built inside the
buildkit using the `img` tool. This means that all the dependencies are
now controlled in `buildkit` and many more stages can run in parallel
without problems (overwriting content in `_out/images`).
This also simplifies Drone configuration, as we can let buildkit handle
the dependencies. I also enabled more stages to run in parallel.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
`gomnd` disabled, as it complains about every number used in the code,
and `wsl` became much more thorough.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This introduces a health/ready api for networkd. This
will allow us to better determine the state of networkd
and allow for some level of monitoring.
Signed-off-by: Brad Beam <brad.beam@talos-systems.com>
This is initial PR to push the initial code, it has several known
problems which are going to be addressed in follow-up PRs:
1. there's no "cluster destroy", so the only way to stop the VMs is to
`pkill firecracker`
2. provisioner creates state in `/tmp` and never deletes it, that is
required to keep cluster running when `osctl cluster create` finishes
3. doesn't run any controller process around firecracker to support
reboots/CNI cleanup (vethxyz interfaces are lingering on the host as
they're never cleaned up)
The plan is to create some structure in `~/.talos` to manage cluster
state, e.g. `~/.talos/clusters/<name>` which will contain all the
required files (disk images, file sockets, VM logs, etc.). This
directory structure will also work as a way to detect running clusters
and clean them up.
For point number 3, `osctl cluster create` is going to exec lightweight
process to control the firecracker VM process and to simulate VM reboots
if firecracker finishes cleanly (when VM reboots).
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This fixes the container label to use the correct top level domain. It
was mistakenly reverted in a previous commit.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
