alt-orchestra/talos
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
talos/pkg/machinery/constants/constants.go
Andrey Smirnov 80184393bc feat: update kernel to 5.9.13, new KSPP requirements 
Pulls in following changes:

* https://github.com/talos-systems/toolchain/pull/20
* https://github.com/talos-systems/tools/pull/116
* https://github.com/talos-systems/pkgs/pull/214
* https://github.com/talos-systems/pkgs/pull/215
* https://github.com/talos-systems/pkgs/pull/216
* https://github.com/talos-systems/pkgs/pull/217
* https://github.com/talos-systems/go-procfs/pull/4

New empty amd64 images for u-boot & rpi-firmware reduce the size of
amd64 installer image.

For backwards compatibility QEMU provisioner still injects "legacy" KSPP
kernel args into initial boot environment.

Installer correctly upgrades KSPP options when moving from one version
of Talos to another.

Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
2020-12-10 12:41:58 -08:00

398 lines
14 KiB
Go
Raw Blame History

// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
package constants
import (
"time"
"github.com/containerd/containerd/defaults"
cni "github.com/containerd/go-cni"
"github.com/talos-systems/crypto/x509"
)
const (
// DefaultKernelVersion is the default Linux kernel version.
DefaultKernelVersion = "5.9.13-talos"
// KernelParamConfig is the kernel parameter name for specifying the URL.
// to the config.
KernelParamConfig = "talos.config"
// ConfigNone indicates no config is required.
ConfigNone = "none"
// KernelParamPlatform is the kernel parameter name for specifying the
// platform.
KernelParamPlatform = "talos.platform"
// KernelParamBoard is the kernel parameter name for specifying the
// SBC.
KernelParamBoard = "talos.board"
// BoardNone indicates that the install is not for a specific board.
BoardNone = "none"
// BoardLibretechAllH3CCH5 is the name of the Libre Computer board ALL-H3-CC.
BoardLibretechAllH3CCH5 = "libretech_all_h3_cc_h5"
// BoardRPi4 is the name of the Raspberry Pi 4 Model B.
BoardRPi4 = "rpi_4"
// BoardBananaPiM64 is the name of the Banana Pi M64.
BoardBananaPiM64 = "bananapi_m64"
// BoardRock64 is the name of the Pine64 Rock64.
BoardRock64 = "rock64"
// KernelParamHostname is the kernel parameter name for specifying the
// hostname.
KernelParamHostname = "talos.hostname"
// KernelParamDefaultInterface is the kernel parameter for specifying the
// initial interface used to bootstrap the node.
KernelParamDefaultInterface = "talos.interface"
// KernelParamShutdown is the kernel parameter for specifying the
// shutdown type (halt/poweroff).
KernelParamShutdown = "talos.shutdown"
// KernelParamNetworkInterfaceIgnore is the kernel parameter for specifying network interfaces which should be ignored by talos.
KernelParamNetworkInterfaceIgnore = "talos.network.interface.ignore"
// KernelParamPanic is the kernel parameter name for specifying the time to wait until rebooting after kernel panic (0 disables reboot).
KernelParamPanic = "panic"
// KernelCurrentRoot is the kernel parameter name for specifying the
// current root partition.
KernelCurrentRoot = "talos.root"
// NewRoot is the path where the switchroot target is mounted.
NewRoot = "/root"
// EFIPartitionLabel is the label of the partition to use for mounting at
// the boot path.
EFIPartitionLabel = "EFI"
// EFIMountPoint is the label of the partition to use for mounting at
// the boot path.
EFIMountPoint = BootMountPoint + "/EFI"
// BIOSGrubPartitionLabel is the label of the partition used by grub's second
// stage bootloader.
BIOSGrubPartitionLabel = "BIOS"
// MetaPartitionLabel is the label of the meta partition.
MetaPartitionLabel = "META"
// StatePartitionLabel is the label of the state partition.
StatePartitionLabel = "STATE"
// StateMountPoint is the label of the partition to use for mounting at
// the state path.
StateMountPoint = "/system/state"
// BootPartitionLabel is the label of the partition to use for mounting at
// the boot path.
BootPartitionLabel = "BOOT"
// BootMountPoint is the label of the partition to use for mounting at
// the boot path.
BootMountPoint = "/boot"
// LegacyBootPartitionLabel is the label of the boot partition in older versions of Talos.
LegacyBootPartitionLabel = "ESP"
// EphemeralPartitionLabel is the label of the partition to use for
// mounting at the data path.
EphemeralPartitionLabel = "EPHEMERAL"
// EphemeralMountPoint is the label of the partition to use for mounting at
// the data path.
EphemeralMountPoint = "/var"
// RootMountPoint is the label of the partition to use for mounting at
// the root path.
RootMountPoint = "/"
// ISOFilesystemLabel is the label of the ISO file system for the Talos
// installer.
ISOFilesystemLabel = "TALOS"
// PATH defines all locations where executables are stored.
PATH = "/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:" + cni.DefaultCNIDir
// DefaultCertificatesDir is the path the the Kubernetes PKI directory.
DefaultCertificatesDir = "/etc/kubernetes/pki"
// KubernetesCACert is the path to the root CA certificate.
KubernetesCACert = DefaultCertificatesDir + "/" + "ca.crt"
// KubernetesCAKey is the path to the root CA private key.
KubernetesCAKey = DefaultCertificatesDir + "/" + "ca.key"
// KubernetesSACert is the path to the SA certificate.
KubernetesSACert = DefaultCertificatesDir + "/" + "sa.crt"
// KubernetesSAKey is the path to the SA private key.
KubernetesSAKey = DefaultCertificatesDir + "/" + "sa.key"
// KubernetesFrontProxyCACert is the path to the front proxy CA certificate.
KubernetesFrontProxyCACert = DefaultCertificatesDir + "/" + "fp.crt"
// KubernetesFrontProxyCAKey is the path to the front proxy CA private key.
KubernetesFrontProxyCAKey = DefaultCertificatesDir + "/" + "fp.key"
// KubernetesEtcdCACert is the path to the etcd CA certificate.
KubernetesEtcdCACert = EtcdPKIPath + "/" + "ca.crt"
// KubernetesEtcdCAKey is the path to the etcd CA private key.
KubernetesEtcdCAKey = EtcdPKIPath + "/" + "ca.key"
// KubernetesEtcdPeerCert is the path to the etcd CA certificate.
KubernetesEtcdPeerCert = EtcdPKIPath + "/" + "peer.crt"
// KubernetesEtcdPeerKey is the path to the etcd CA private key.
KubernetesEtcdPeerKey = EtcdPKIPath + "/" + "peer.key"
// KubernetesEtcdServerCert defines etcd's server certificate name.
KubernetesEtcdServerCert = EtcdPKIPath + "/" + "client.crt"
// KubernetesEtcdServerKey defines etcd's server key name.
KubernetesEtcdServerKey = EtcdPKIPath + "/" + "client.key"
// KubernetesEtcdListenClientPort defines the port etcd listen on for client traffic.
KubernetesEtcdListenClientPort = "2379"
// KubernetesAPIServerEtcdClientCert defines apiserver's etcd client certificate name.
KubernetesAPIServerEtcdClientCert = DefaultCertificatesDir + "/" + "apiserver-etcd-client.crt"
// KubernetesAPIServerEtcdClientKey defines apiserver's etcd client key name.
KubernetesAPIServerEtcdClientKey = DefaultCertificatesDir + "/" + "apiserver-etcd-client.key"
// KubernetesAdminCertCommonName defines CN property of Kubernetes admin certificate.
KubernetesAdminCertCommonName = "apiserver-kubelet-client"
// KubernetesAdminCertOrganization defines Organization values of Kubernetes admin certificate.
KubernetesAdminCertOrganization = "system:masters"
// KubernetesAdminCertDefaultLifetime defines default lifetime for Kubernetes generated admin certificate.
KubernetesAdminCertDefaultLifetime = 365 * 24 * time.Hour
// KubeletBootstrapKubeconfig is the path to the kubeconfig required to
// bootstrap the kubelet.
KubeletBootstrapKubeconfig = "/etc/kubernetes/bootstrap-kubeconfig"
// DefaultKubernetesVersion is the default target version of the control plane.
DefaultKubernetesVersion = "1.20.0"
// DefaultControlPlanePort is the default port to use for the control plane.
DefaultControlPlanePort = 6443
// KubeletImage is the enforced kubelet image to use.
KubeletImage = "ghcr.io/talos-systems/kubelet"
// KubeProxyImage is the enforced kube-proxy image to use for the control plane.
KubeProxyImage = "k8s.gcr.io/kube-proxy"
// KubernetesAPIServerImage is the enforced apiserver image to use for the control plane.
KubernetesAPIServerImage = "k8s.gcr.io/kube-apiserver"
// KubernetesControllerManagerImage is the enforced controllermanager image to use for the control plane.
KubernetesControllerManagerImage = "k8s.gcr.io/kube-controller-manager"
// KubernetesProxyImage is the enforced proxy image to use for the control plane.
KubernetesProxyImage = "k8s.gcr.io/kube-proxy"
// KubernetesSchedulerImage is the enforced scheduler image to use for the control plane.
KubernetesSchedulerImage = "k8s.gcr.io/kube-scheduler"
// CoreDNSImage is the enforced CoreDNS image to use.
CoreDNSImage = "k8s.gcr.io/coredns"
// DefaultCoreDNSVersion is the default version for the CoreDNS.
DefaultCoreDNSVersion = "1.7.0"
// RecoveryKubeconfig is the path to kubeconfig used temporarily while recovering control plane.
RecoveryKubeconfig = "/etc/kubernetes/kubeconfig"
// LabelNodeRoleMaster is the node label required by a control plane node.
LabelNodeRoleMaster = "node-role.kubernetes.io/master"
// LabelNodeRoleControlPlane is the node label required by a control plane node.
LabelNodeRoleControlPlane = "node-role.kubernetes.io/control-plane"
// AssetsDirectory is the directory that contains all bootstrap assets.
AssetsDirectory = "/etc/kubernetes/assets"
// ManifestsDirectory is the directory that contains all static manifests.
ManifestsDirectory = "/etc/kubernetes/manifests"
// KubeletKubeconfig is the generated kubeconfig for kubelet.
KubeletKubeconfig = "/etc/kubernetes/kubeconfig-kubelet"
// DefaultEtcdVersion is the default target version of etcd.
DefaultEtcdVersion = "v3.4.14"
// EtcdRootTalosKey is the root etcd key for Talos-specific storage.
EtcdRootTalosKey = "talos:v1"
// EtcdTalosEtcdUpgradeMutex is the etcd mutex prefix to be used to set an etcd upgrade lock.
EtcdTalosEtcdUpgradeMutex = EtcdRootTalosKey + ":etcdUpgradeMutex"
// EtcdImage is the reposistory for the etcd image.
EtcdImage = "gcr.io/etcd-development/etcd"
// EtcdPKIPath is the path to the etcd PKI directory.
EtcdPKIPath = DefaultCertificatesDir + "/etcd"
// EtcdDataPath is the path where etcd stores its' data.
EtcdDataPath = "/var/lib/etcd"
// ConfigPath is the path to the downloaded config.
ConfigPath = StateMountPoint + "/config.yaml"
// MetalConfigISOLabel is the volume label for ISO based configuration.
MetalConfigISOLabel = "metal-iso"
// ConfigGuestInfo is the name of the VMware guestinfo config strategy.
ConfigGuestInfo = "guestinfo"
// VMwareGuestInfoConfigKey is the guestinfo key used to provide a config file.
VMwareGuestInfoConfigKey = "talos.config"
// VMwareGuestInfoFallbackKey is the fallback guestinfo key used to provide a config file.
VMwareGuestInfoFallbackKey = "userdata"
// AuditPolicyPath is the path to the audit-policy.yaml relative to initramfs.
AuditPolicyPath = "/etc/kubernetes/audit-policy.yaml"
// EncryptionConfigPath is the path to the EncryptionConfig relative to initramfs.
EncryptionConfigPath = "/etc/kubernetes/encryptionconfig.yaml"
// EncryptionConfigRootfsPath is the path to the EncryptionConfig relative to rootfs.
EncryptionConfigRootfsPath = "/etc/kubernetes/encryptionconfig.yaml"
// ApidPort is the port for the apid service.
ApidPort = 50000
// TrustdPort is the port for the trustd service.
TrustdPort = 50001
// DefaultContainerdVersion is the default container runtime version.
DefaultContainerdVersion = "1.4.3"
// SystemContainerdNamespace is the Containerd namespace for Talos services.
SystemContainerdNamespace = "system"
// SystemContainerdAddress is the path to the system containerd socket.
SystemContainerdAddress = SystemRunPath + "/containerd/containerd.sock"
// CRIContainerdConfig is the path to the config for the containerd instance that provides the CRI.
CRIContainerdConfig = "/etc/cri/containerd.toml"
// TalosConfigEnvVar is the environment variable for setting the Talos configuration file path.
TalosConfigEnvVar = "TALOSCONFIG"
// APISocketPath is the path to file socket of apid.
APISocketPath = SystemRunPath + "/apid/apid.sock"
// MachineSocketPath is the path to file socket of machine API.
MachineSocketPath = SystemRunPath + "/machined/machine.sock"
// TimeSocketPath is the path to file socket of time API.
TimeSocketPath = SystemRunPath + "/timed/timed.sock"
// NetworkSocketPath is the path to file socket of network API.
NetworkSocketPath = SystemRunPath + "/networkd/networkd.sock"
// RouterdSocketPath is the path to file socket of router API.
RouterdSocketPath = SystemRunPath + "/routerd/routerd.sock"
// ArchVariable is replaced automatically by the target cluster arch.
ArchVariable = "${ARCH}"
// KernelAsset defines a well known name for our kernel filename.
KernelAsset = "vmlinuz"
// KernelAssetWithArch defines a well known name for our kernel filename with arch variable.
KernelAssetWithArch = "vmlinuz-" + ArchVariable
// KernelAssetPath is the path to the kernel on disk.
KernelAssetPath = "/usr/install/" + KernelAsset
// InitramfsAsset defines a well known name for our initramfs filename.
InitramfsAsset = "initramfs.xz"
// InitramfsAssetWithArch defines a well known name for our initramfs filename with arch variable.
InitramfsAssetWithArch = "initramfs-" + ArchVariable + ".xz"
// InitramfsAssetPath is the path to the initramfs on disk.
InitramfsAssetPath = "/usr/install/" + InitramfsAsset
// RootfsAsset defines a well known name for our rootfs filename.
RootfsAsset = "rootfs.sqsh"
// DefaultCertificateValidityDuration is the default duration for a certificate.
DefaultCertificateValidityDuration = x509.DefaultCertificateValidityDuration
// SystemPath is the path to write temporary runtime system related files
// and directories.
SystemPath = "/system"
// SystemOverlaysPath is the path where overlay mounts are created.
SystemOverlaysPath = "/var/system/overlays"
// SystemRunPath is the path to the system run directory.
SystemRunPath = SystemPath + "/run"
// SystemVarPath is the path to the system var directory.
SystemVarPath = SystemPath + "/var"
// SystemEtcPath is the path to the system etc directory.
SystemEtcPath = SystemPath + "/etc"
// DefaultCNI is the default CNI.
DefaultCNI = "flannel"
// CustomCNI is the string to use custom CNI.
CustomCNI = "custom"
// DefaultIPv4PodNet is the IPv4 network to be used for kubernetes Pods.
DefaultIPv4PodNet = "10.244.0.0/16"
// DefaultIPv4ServiceNet is the IPv4 network to be used for kubernetes Services.
DefaultIPv4ServiceNet = "10.96.0.0/12"
// DefaultIPv6PodNet is the IPv6 network to be used for kubernetes Pods.
DefaultIPv6PodNet = "fc00:db8:10::/56"
// DefaultIPv6ServiceNet is the IPv6 network to be used for kubernetes Services.
DefaultIPv6ServiceNet = "fc00:db8:20::/112"
// DefaultDNSDomain is the default DNS domain.
DefaultDNSDomain = "cluster.local"
// InitializedKey is the key used to indicate if the cluster has been
// initialized.
InitializedKey = "initialized"
)
// See https://linux.die.net/man/3/klogctl
//nolint: stylecheck
const (
// SYSLOG_ACTION_SIZE_BUFFER is a named type argument to klogctl.
// nolint: golint
SYSLOG_ACTION_SIZE_BUFFER = 10
// SYSLOG_ACTION_READ_ALL is a named type argument to klogctl.
// nolint: golint
SYSLOG_ACTION_READ_ALL = 3
)
// Containerd.
const (
ContainerdAddress = defaults.DefaultAddress
)
Reference in New Issue View Git Blame Copy Permalink