IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Fixes#1901
This is same fix as #1680, #1690, but applied to image resolver code.
Default HTTP client can't be used here, as custom TLS client config
might be set on the transport to authenticate to the registry.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This makes use of the external procfs pacakge that is based on the
pacakge we are removing here.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This allows users to specify well known query parameters in `talos.config`.
The only supported parameter in this change is `uuid`. This will send
the node's UUID determined from SMBIOS along with the request for the
config.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
When inner function was added, `return nil` was not aborting launch
sequence, but rather leading to VM restart. `cluster destroy` still
worked fine, as it removes state directory and launcher exits on
failure.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This enables a way to run the matching installer image in firecracker
tests. New image is used in firecracker tests and bootloader support to
use installed kernel/initramfs, which opens path for upgrade tests.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Handle multiple service CIDRs (such as for dual-stack configurations)
cleanly, calculating the DNS service IP for each.
Fixes#1888
Signed-off-by: Seán C McCord <ulexus@gmail.com>
As calls to the nodes are proxied through `apid` on init node, we can't
reboot all nodes concurrently, as init node might be already down by the
moment any other node is going to be rebooted.
Rewrite the test to reboot all the nodes in a single multi-node
request.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This complements "rolling restart" RebootNodeByNode test by providing
more of a disaster scenario, when all the nodes are restarted at once.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This adds a check that verifies the install disk in metal mode. The
check requires a value, and that the path is valid.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
Container images for `apid`, `networkd`, etc. are now built inside the
buildkit using the `img` tool. This means that all the dependencies are
now controlled in `buildkit` and many more stages can run in parallel
without problems (overwriting content in `_out/images`).
This also simplifies Drone configuration, as we can let buildkit handle
the dependencies. I also enabled more stages to run in parallel.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
When images are pulled by Talos or via CRI plugin, configuration
for each registry is applied. Mirrors allow to redirect pull request to
either local registry or cached registry. Auth & TLS enable
authentication and TLS authentication for non-public registries.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Firecracker launches tries to open VM disk image before every boot,
parses partition table, finds boot partition, tries to read it as FAT32
filesystem, extracts uncompressed kernel from `bzImage` (firecracker
doesn't support `bzImage` yet), extracts initramfs and passes it to
firecracker binary.
This flow allows for extended tests, e.g. testing installer, upgrade and
downgrade tests, etc.
Bootloader emulation is disabled by default for now, can be enabled via
`--with-bootloader-emulation` flag to `osctl cluster create`.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This PR contains generic simple TCP loadbalancer code, and glue code for
firecracker provisioner to use this loadbalancer.
K8s control plane is passed through the load balancer, and Talos API is
passed only to the init node (for now, as some APIs, including
kubeconfig, don't work with non-init node).
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
The default gRPC dialer honors proxy environment variables, which causes
local unix socket connections to attempt to go through the proxy. This
fixes that by using a custom dialer.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
When `ip=dhcp` (as well as a few other conditions), the
buildKernelOptions function returns empty. In these cases, this empty
network config should not be added to the common list for iteration.
fixes#1869
Signed-off-by: Seán C McCord <ulexus@gmail.com>
This PR fixes a quick bug in CI where the ok-to-test step in drone was
running after a merge to master.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
This PR adds the necessary drone step to check for the `ok-to-test`
label before running any testing against a PR.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
This PR fixes a small bug I found yesterday to make sure we're fetching
the latest drone build number always.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
With all our PRs merged, we can switch back to upstream version. No tag
yet, so we have to follow `master` for now.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
`gomnd` disabled, as it complains about every number used in the code,
and `wsl` became much more thorough.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This was the only place which was still doing direct call to containerd
API, use common method to support retries.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This DRYs up the interface configuration and adds in an error channel to capture
any issues that come up from interface configuration. These errors are still
treated as non-fatal, but should provide some additional insight.
Signed-off-by: Brad Beam <brad.beam@b-rad.info>
Reboot test does node-by-node reboots followed by cluster health checks
(same as done by provisioner).
Fixed bug with `Read()` returning `Reader` instead of `ReadCloser`
(minor).
Allowed `bootkube` to be `Skipped` (for rebooted node).
Added support for doing checks via provided client instance.
Implemented generic capabilities to skip tests based on cluster
platform.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
If an IPv6 address is available, etcd should bind to `[::]` instead of
`0.0.0.0`. This will cause etcd to listen on both IPv4 and IPv6
interfaces.
Additionally, this fixes the SAN list for the etcd certificate
generation to include the FQDN of the host.
Fixes#1842Fixes#1843
Signed-off-by: Seán C McCord <ulexus@gmail.com>
This implements an actual health check for networkd. We use the arp table ( ip neighbors )
to determine if the machine is actively sending traffic. We should see at least one entry
with a REACHABLE/STALE/DELAY state during normal operating conditions.
Signed-off-by: Brad Beam <brad.beam@talos-systems.com>
This PR will allow us to start building out checks for slash commands,
with /test and /e2e both supported initially. I'll eventually want some
dashes in those commands, but they're not supported in the upstream
regex yet. I'll PR that later.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
This PR updates the talos branch of bootkube to add extraArgs to
bootstrap controlplane components as well.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
Integration test can optionally consume cluster state as generated by
the call to `osctl cluster create` and use it to discover nodes in
integration tests.
This means that now CLI tests can use that as discovery source, and
API/K8s tests by default as well.
Flat list of nodes is to be replaced by something more complex in the
next iteration, but it's good for this PR.
As a demo, add CLI test with multiple nodes (dmesg).
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
- add a separate link to get to the corporate site
- unify some styles between corp and OSS sites
- minor responsiveness fixes
Signed-off-by: Tim Gerla <tim@gerla.net>
This introduces a health/ready api for networkd. This
will allow us to better determine the state of networkd
and allow for some level of monitoring.
Signed-off-by: Brad Beam <brad.beam@talos-systems.com>
This fixes the list API to check if the requested path is a symlink, and
to follow the symlink if so.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This removes `extraDiskArgs` from the kubelet configuration field. This
never really was a thing.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
