2b5204200a
This basically provides `talosctl get --insecure` in maintenance mode. Only non-sensitive resources are available (equivalent to having `os:reader` role in the Talos client certificate). Changes: * refactored insecure/maintenance client setup in talosctl * `LinkStatus` is no longer sensitive as it shows only Wireguard public key, `LinkSpec` still contains private key for obvious reasons * maintenance mode injects `os:reader` role implicitly The motivation behind this PR is to deprecate networkd-era interfaces & routes APIs which are being used in TUI installer, and we need a replacement. Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Talos
A modern OS for Kubernetes.
Talos is a modern OS designed to be secure, immutable, and minimal. All system management is done via an API, and there is no shell or interactive console. Some of the capabilities and benefits provided by Talos include:
- Security: Talos reduces your attack surface by practicing the Principle of Least Privilege (PoLP) and by securing the API with mutual TLS (mTLS) authentication.
- Predictability: Talos eliminates unneeded variables and reduces unknown factors in your environment by employing immutable infrastructure ideology.
- Evolvability: Talos simplifies your architecture and increases your ability to easily accommodate future changes.
Documentation
For instructions on deploying and managing Talos, see the Documentation.
Community
- Slack: Join our slack channel
- Support: Questions, bugs, feature requests GitHub Discussions
- Forum: community
- Twitter: @talossystems
- Email: info@talos-systems.com
If you're interested in this project and would like to help in engineering efforts, or have general usage questions, we are happy to have you! We hold a weekly meeting that all audiences are welcome to attend.
We would appreciate your feedback so that we can make Talos even better! To do so, you can take our survey.
Office Hours
- When: Mondays at 16:30 UTC.
- Where: Google Meet.
You can subscribe to this meeting by joining the community forum above.
Note: You can convert the meeting hours to your local time.
Contributing
Contributions are welcomed and appreciated! See Contributing for our guidelines.
License
