IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
AWS now has opt-in regions which are not enabled by default, so we need
to ignore such regions to avoid failures.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
It seems when you do not supply OVF env vars, the demarshalled XML turns
out with nil values. This commit adds checks for that.
Fixes#3513
Signed-off-by: Jorik Jonker <jorik.jonker@eu.equinix.com>
REGISTRY_MIRROR_FLAGS can be already defined in the environment with .env or .envrc file.
Use it for easier and faster local e2e tests.
Signed-off-by: Alexey Palazhchenko <alexey.palazhchenko@gmail.com>
This updates the pkgs version to pull in a fix for CPU scaling on
raspberry pi. It will be backported to release-0.10 upon merge.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
Command implements two modes:
* `fast`: conformance suite is run at maximum speed
* `certified`: conformance suite is run in serial mode, results
are capture to produce artifacts ready for CNCF submission process
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Better error message to understand where the error is coming from, also
print errors to console when etcd is trying to join - this is invaluable
to understand why etcd doesn't join the cluster.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Sometimes `talosctl etcd snapshot` might not be available, for example
when etcd is not healthy. In that case it's possible to copy raw etcd
data directory with `talosctl cp /var/lib/etcd .` and use
`member/snap/db` to recover the cluster. But such copy won't pass
integrity checks, so they should be disabled explicitly.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
For config patching, it's beneficial to have some fields to be present
in the config, even with the default (empty) value. At the same time not
all fields should be present in all versions of the config, e.g. some
config value don't apply to worker node configuration.
Empty value and nil value are treated equal by `yaml` library, but Talos
encoder can be made more smart to still output empty (non-nil) value to
the config, while skipping completely nil fields.
This PR implements that via new `talos:"omitonlyifnil"` tag and plus
moves docs for such fields into comments under the value.
GC'ed pod checkpointer config, so it doesn't get generated even as
comments (it was empty by default even for 0.8, so this just removes
comments about it).
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
The OVF environment is a way to supply guestinfo to guests. It is
a datastructure (XML) put in `extraConfig` (commonly referred to as
`guestinfo`) under the key `ovfenv`.
This OVF env is said to be the proper way to supply customization data
to guests (ie, not through `extraConfig`), and on some platforms (eg,
vCD), it is even the only option.
This change also enables the actual OVF transport in the OVA.
Signed-off-by: Jorik Jonker <jorik.jonker@eu.equinix.com>
Two PRs got merged, one which had old import paths and another one which
had import paths updated, and some paths didn't get updated properly.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Inline manifests work exactly same way as extra manifests, but the
manifest itself can be stored in the config body.
Example config patch:
```
--config-patch '[{"op": "replace", "path": "/cluster/inlineManifests", "value": [{"name": "foo", "contents": "apiVersion: v1\nkind: Namespace\nmetadata:\n name: ci\n"}]}]'
```
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Looks like tls errors implement the interface, but they are not derived
from the `*net.OpError`, so this check should catch more errors.
Fixes#3457
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Talos validates machine configuration at boot time, and refuses to boot
if machine configuration is invalid.
As machine configuration validation rules might change over time, we
need to prevent a scenario when after an upgrade machine configuration
becomes invalid, as there's no way to roll back properly.
Machine configuration is submitted over stdin to the installer
container, and installer container validates it using the new version of
Talos (which is going to be installed).
If the config is not sent over stdin, installer assumes old version of
Talos and proceeds.
This should be backported to 0.9 to allow config validation on upgrade
to 0.10.
Fixes#3419
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Fixes a typo in a documented command for going from an unencrypted
EPHEMERAL partition to an encrypted one.
Signed-off-by: Brandon McNama <brandonmcnama@outlook.com>
In preparation for going 0.10 beta, start testing upgrades to 0.10, drop
0.8 and self-hosted control plane handling in the tests.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
When Talos `controlplane` node is waiting for a bootstrap, `etcd`
contents can be recovered from a snapshot created with
`talosctl etcd snapshot` on a healthy cluster.
Bootstrap process goes same way as before, but the etcd data directory
is recovered from the snapshot.
This flow enables disaster recovery for the control plane: given that
periodic backups are available, destroy control plane nodes, re-create
them with the same config, and bootstrap one node with the saved
snapshot to recover etcd state at the time of the snapshot.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This PR pulls in an updated cluster api aws version, ensuring the CRDs
are closer to what's expected when we patch the CAPA image later in the
setup. We will eventually move to 0.6.5 as soon as it's cut.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
When copy-pasting extra space might be added around an argument to the
`talosctl config endpoints/nodes`, which breaks the config as the
endpoint doesn't parse anymore as IP address.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This is mostly refactoring to adapt to the new APIs.
There are some small changes which are not user-visible immediately (but
visible when using `talosctl get` to inspect low-level details):
* `extras` namespace is removed, it was a hack to distinguish extra and
system manifests
* `Manifests` are managed by two controllers as shared outputs, stored
in the `controlplane` namespace now
* `talosctl inspect dependencies` output got slightly changed
* resources now have `md.owner` set to the controller name which manages
the resource
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This fix is not obvious on whether we need it actually or not, but what
I've seen in the tests seems to be around the fact that added member is
not visible in the member list fetched after the add command succeeds.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Overlay mount in `mountinfo` don't show up as mounts for any particular
block device, so the existing check doesn't catch them.
This was discovered as our current master can't upgrade because of
overlay mount for `/opt` and `apid` image in `/opt/apid` (which will be
fixed in a separate PR).
Without the check, installer fails on resetting partition table for the
disk effectively wiping the node (`device or resource busy` error).
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This moves things around a bit so that `go generate` is called after
modules are generated, as `go generate` downloads modules as well.
This fixes a race condition which might show up randomly.
Spotted by: @AlekSi
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
