IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The previous `udevd` healthcheck was incomplete and if `udevd` took more
time to startup the initial `udevadm trigger` would have silently failed
failing to setup proper devices. `udevadm trigger` returns an exit code
of zero even if `udevd` is not running. This PR fixes by first checking
if the `udevd` control socket exists, which is a faster check, then
making sure `udevd` is up by running `udevadm control` command. This
ensures that `udevd` is properly initialized before running any `udevadm
trigger` commands even if `udevd` is restarted/killed.
Signed-off-by: Noel Georgi <git@frezbo.dev>
Update Talos install guide for the Digital Ocean cloud platform.
Signed-off-by: Steve Francis <steve.francis@talos-systems.com>
Signed-off-by: Tim Jones <tim.jones@siderolabs.com>
If we don't pre-build, it's getting built each time the `e2e-*` step
runs, and we have some running in parallel.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Set the additional description fields for vscode/monaco/jetbrains editors.
Strip the markdown formatting from the plain description.
Additionally, fix the description of the field `aescbcEncryptionSecret`.
Related to siderolabs/talos#6705.
Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
This excludes it out of the `NodeAddress`.
Needs extra testing to confirm that it actually still works as anchor
IP.
Fixes#6760
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
As the client returns wrapped errors, unwrap them using our own method
which does `errors.As` instead of gRPC one which doesn't do unwrapping.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
The supposed format with multiple adverised URLs is:
`name=u1,name=u2`
Previously Talos generated:
`name=u1,u2`
(which is wrong)
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Extend `docgen` tool to generate a JSON schema for `v1alpha1.Config` if a new optional cli arg is provided.
Extend the YAML-structured code comments on config fields to allow overriding the generated schema.
Add custom schemas for complex types.
Related to siderolabs/talos#6705.
Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
Signed-off-by: Steve Francis <steve.francis@talos-systems.com>
Replaced multiple curl examples to get the correct talosctl with a curl that executes the install script.
For some reason `go-mod-outdated` didn't work for me, so I had to do
this manually.
Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
This improves the performance of the I/O operations if the underlying
filesystem supports it.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Run `depmod` during install/upgrades when extensions provide kernel
modules and `modules.dep` needs to be re-generated. This also allows
modules of same name from kernel to co-exist. Modules in `extras`
folder takes precedence over `in-built` ones.
Signed-off-by: Noel Georgi <git@frezbo.dev>
Fixes#6707
There was a race condition between different parts of the service code:
`Stop` waits for the event which is published before the service is
removed from the `running[id]` map, so if one does `Stop` followed by
`Start` (this is what `services restart` API does), by the time it goes
to `Start` it might be still in the `running[id]` map, so `Start` does
nothing.
Overall this code should be rewritten and simplified, but for now move
out sending these "terminal" events out so that by the time the event is
published, the service is stopped and removed from the `running[id]`
map.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
This is (still) being used in Talos to handle upgrade rollbacks.
There were multiple problems with this code, and one of them leads to
panic if the tag is written multiple times without deletion:
```
github.com/siderolabs/talos/internal/app/machined/pkg/runtime/v1alpha1/bootloader/adv/syslinux.ADV.SetTagBytes({0xc00175bc00?, 0x1f11dbe?, 0xed4f4d?}, 0x0?, {0xc000afb7f0?, 0x400?, 0x0?})
/src/internal/app/machined/pkg/runtime/v1alpha1/bootloader/adv/syslinux/syslinux.go:125 +0x270
github.com/siderolabs/talos/internal/app/machined/pkg/runtime/v1alpha1/bootloader/adv/syslinux.ADV.SetTag(...)
/src/internal/app/machined/pkg/runtime/v1alpha1/bootloader/adv/syslinux/syslinux.go:95
github.com/siderolabs/talos/cmd/installer/pkg/install.(*Installer).Install(0xc0004374a0, 0x5)
/src/cmd/installer/pkg/install/install.go
```
The `uint8()` conversion was causing overflow and wrong index when ADV
real length is over 255.
Fix multiple writes of the same tag by deleting previous value first.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Change TCP maximum segment size if it goes through the KubeSpan to match
KubeSpan MTU.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
As with #6724, controlplane node kubelet doesn't use control plane
endpoint anymore, run the test on the worker node instead of cp node.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
`structprotogen` now supports generating enums directly instead of using predeclared file and hardcoded types. To use this functionality, simply put `structprotogen:gen_enum` in the comment above const block, you want to have the proto definitions for.
Closes#6215
Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
While following this guide I found that one reference to rpi_4 wasn't
updated to rpi_generic yet, this commit fixes that.
Signed-off-by: Cees-Jan Kiewiet <ceesjank@gmail.com>
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
This switches the last usage of Kubernetes controlplane endpoint to use
`localhost` (itself) for controlplane nodes.
Worker nodes still use cluster-wide controlplane endpoint.
This allows controlplane nodes to boot fully even if the controlplane
endpoint (e.g. loadbalancer) doesn't function.
The process of joining etcd still requires either a discovery service or
a proper functioning controlplane endpoint.
With this fix, Talos controlplane nodes can boot successfully without a
loadbalancer being up, while worker nodes obviously won't join.
This improves Talos behavior in single-node clusters when controlplane
endpoint is not available, the node will still boot just fine and
function properly.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
This simply uses existing `talos.experimental.wipe` kernel flag to wipe
the currently installed Talos.
This allows to use Talos ISO to reset the system disk and revert back to
maintenance mode.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
When the sequence fails hard, Talos does automatic reboot, so reflect
this in the machine status properly.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
This allows to safely recover out of space quota issues, and perform
degragmentation as needed.
`talosctl etcd status` command provides lots of information about the
cluster health.
See docs for more details.
Fixes#4889
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
These endpoints are used for workers to find the addresses of the
controlplane nodes to connect to `trustd` to issue certificates of
`apid`.
These endpoints today come from two sources:
* discovery service data
* Kubernetes API server endpoints
This PR adds to the list static entry based on the Kubernetes control
plane endpoint in the machine config.
E.g. if the loadbalancer is used for the controlplane endpoint, and that
loadbalancer also proxies requests for port 50001 (trustd), this static
endpoint will provide workers with connectivity to trustd even if the
discovery service is disabled, and Kubernetes API is not up.
If this endpoint doesn't provide any trustd API, Talos will still try
other endpoints.
Talos does server certificate validation when calling trustd,
so including malicious endpoints doesn't cause any harm, as malicious
endpoint can't provider proper server certificate.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Adds a new sub-command to talosctl config. It takes in the context to be
deleted as argument and supports glob matching.
A local flag --noconfirm|-y can be passed to bypass the confirmation
prompt.
It also supports dry run by passing the --dry-run flag similar to
apply-config and edit commands.
Example:
$ talosctl config remove 'ctx-*'
Remove context ctx-a? (y/N): y
Remove context ctx-b? (y/N): y
Signed-off-by: Murtaza Udaipurwala <murtaza@murtazau.xyz>
Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
I missed that before cutting 1.4.0-alpha.0 release, which means
unfortunately that Talos 1.4.0-alpha.0 can't upgrade Talos
1.4.0-alpha.0.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Introduce ipv6 to the google cloud.
It also can work with dhcpv6 is on.
But the route receives through RA packages which not working.
Signed-off-by: Serge Logvinov <serge.logvinov@sinextra.dev>
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Bumps tools/pkgs/extras to the latest.
Bumps Go modules.
Enables adaptive capacity for COSI state.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
This seems to happen specifically for CRDs, regular Kubernetes resources
have some extra magic.
Fixes#6663
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
This got broken with a sequence of changes related to not unmarshalling
resources when using `get`.
Rewrite the completion to be more straightforward and use easier
methods.
Make shell completion work even when `nodes` are not set.
Fixes#6646
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Add SCHULZ Systemtechnik GmbH to adopters list.
Signed-off-by: Samuel Kees <83597284+samuelkees@users.noreply.github.com>
Signed-off-by: Noel Georgi <git@frezbo.dev>
