dc6ea74c35
The problem was that some of the health checks sort the list of the nodes in place (via `sort.Strings()`). If cluster info provider returns original slice, it might be mutated in such a way that it gets corrupted. We never noticed it before CAPI clusters, as in our tests IPs are assigned sequentially, and sort operation is a no-op. Specifically, the problem was with the `Nodes()` function, it returns `append(controlPlaneNodes, workerNodes...)` slice, which by definition might share memory with `controlPlaneNodes` slice. For example, if control plane nodes were `4, 5, 6` and worker nodes were `3`, the returned slice will be `4, 5, 6, 3`, and it shares memory with `controlPlaneNodes` slice (firs three items). If we apply `sort` to the returned slice, it re-orders it as `3, 4, 5, 6`, but as it is done in-place, the `controlPlaneNodes` slice is now `3, 4, 5`, which is obviously wrong. Fix that by always returning a copy of the slice from the functions implementing `ClusterInfo` interface. Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com> |
||
|---|---|---|
| .github | ||
| api | ||
| cmd | ||
| docs | ||
| hack | ||
| internal | ||
| pkg | ||
| .codecov.yml | ||
| .conform.yaml | ||
| .dockerignore | ||
| .drone.jsonnet | ||
| .gitignore | ||
| .golangci.yml | ||
| .markdownlint.json | ||
| CHANGELOG.md | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| Dockerfile | ||
| go.mod | ||
| go.sum | ||
| LICENSE | ||
| Makefile | ||
| netlify.toml | ||
| prototool.yaml | ||
| README.md | ||
Talos
A modern OS for Kubernetes.
Talos is a modern OS designed to be secure, immutable, and minimal. All system management is done via an API, and there is no shell or interactive console. Some of the capabilities and benefits provided by Talos include:
- Security: Talos reduces your attack surface by practicing the Principle of Least Privilege (PoLP) and by securing the API with mutual TLS (mTLS) authentication.
- Predictability: Talos eliminates unneeded variables and reduces unknown factors in your environment by employing immutable infrastructure ideology.
- Evolvability: Talos simplifies your architecture and increases your ability to easily accommodate future changes.
Documentation
For instructions on deploying and managing Talos, see the Documentation.
Community
- Slack: Join our slack channel
- Forum: community
- Twitter: @talossystems
- Email: info@talos-systems.com
If you're interested in this project and would like to help in engineering efforts, or have general usage questions, we are happy to have you! We hold a weekly meeting that all audiences are welcome to attend.
Office Hours
- When: Mondays at 17:00 UTC.
- Where: Google Meet.
You can subscribe to this meeting by joining the community forum above.
Note: You can convert the meeting hours to your local time.
Contributing
Contributions are welcomed and appreciated! See Contributing for our guidelines.
License
