diff --git a/api/resource/definitions/block/block.proto b/api/resource/definitions/block/block.proto index 9043c3d0b..4bd6fc52a 100755 --- a/api/resource/definitions/block/block.proto +++ b/api/resource/definitions/block/block.proto @@ -15,16 +15,24 @@ message DeviceSpec { int64 minor = 3; string partition_name = 4; int64 partition_number = 5; + // Generation is bumped every time the device might have changed and might need to be re-probed. int64 generation = 6; string device_path = 7; + // Parent (if set) specifies the parent device ID. string parent = 8; + // Secondaries (if set) specifies the secondary device IDs. + // + // E.g. for a LVM volume secondary is a list of blockdevices that the volume consists of. repeated string secondaries = 9; } // DiscoveredVolumeSpec is the spec for DiscoveredVolumes resource. message DiscoveredVolumeSpec { + // Overall size of the probed device (in bytes). uint64 size = 1; + // Sector size of the device (in bytes). uint64 sector_size = 2; + // Optimal I/O size for the device (in bytes). uint64 io_size = 3; string name = 4; string uuid = 5; @@ -42,6 +50,7 @@ message DiscoveredVolumeSpec { string dev_path = 17; string parent_dev_path = 18; string pretty_size = 19; + // Offset of the partition/volume inside Parent device (in bytes). uint64 offset = 20; } @@ -78,6 +87,10 @@ message DiskSpec { bool cdrom = 13; string dev_path = 14; string pretty_size = 15; + // SecondaryDisks (if set) specifies the secondary disk IDs. + // + // E.g. if the blockdevice secondary is vda5, the secondary disk will be set as vda. + // This allows to map secondaries between disks ignoring the partitions. repeated string secondary_disks = 16; string uuid = 17; repeated string symlinks = 18; @@ -87,11 +100,16 @@ message DiskSpec { message EncryptionKey { int64 slot = 1; talos.resource.definitions.enums.BlockEncryptionKeyType type = 2; + // Only for Type == "static": bytes static_passphrase = 3; + // Only for Type == "kms": string kms_endpoint = 4; + // Only for Type == "tpm": bool tpm_check_secureboot_status_on_enroll = 5; bool lock_to_state = 6; + // Only for Type == "tpm": repeated int64 tpmpc_rs = 7; + // Only for Type == "tpm": repeated int64 tpm_pub_key_pc_rs = 8; } @@ -107,13 +125,17 @@ message EncryptionSpec { // FilesystemSpec is the spec for volume filesystem. message FilesystemSpec { + // Filesystem type. talos.resource.definitions.enums.BlockFilesystemType type = 1; + // Filesystem label. string label = 2; } // LocatorSpec is the spec for volume locator. message LocatorSpec { + // Match is a volume locator match expression. google.api.expr.v1alpha1.CheckedExpr match = 1; + // DiskMatch is a disk locator match expression. google.api.expr.v1alpha1.CheckedExpr disk_match = 2; } @@ -131,15 +153,25 @@ message MountRequestSpec { // MountSpec is the spec for volume mount. message MountSpec { + // Mount path for the volume. string target_path = 1; + // SELinux label for the volume. string selinux_label = 2; + // Enable project quota (xfs) for the volume. bool project_quota_support = 3; + // Parent mount request ID. string parent_id = 4; + // FileMode is the file mode for the mount target. uint32 file_mode = 5; + // UID is the user ID for the mount target. int64 uid = 6; + // GID is the group ID for the mount target. int64 gid = 7; + // RecursiveRelabel is the recursive relabel/chown flag for the mount target. bool recursive_relabel = 8; + // BindTarget is an optional path on the host to bind-mount the volume onto. string bind_target = 9; + // Parameters are additional filesystem mount options used when mounting the volume. repeated ParameterSpec parameters = 10; } @@ -157,28 +189,45 @@ message MountStatusSpec { // ParameterSpec is a mount parameter. message ParameterSpec { + // Type of the parameter. talos.resource.definitions.enums.BlockFSParameterType type = 1; + // Name of the parameter. string name = 2; + // String value of the parameter. string string = 3; + // Binary value of the parameter. bytes binary = 5; } // PartitionSpec is the spec for volume partitioning. message PartitionSpec { + // Partition minimum size in bytes. uint64 min_size = 1; + // Partition maximum size in bytes, if not set, grows to the maximum size. uint64 max_size = 2; + // Grow the partition automatically to the maximum size. bool grow = 3; + // Label for the partition. string label = 4; + // Partition type UUID. string type_uuid = 5; + // Partition maximum size (relative), if not set, grows to the maximum size. uint64 relative_max_size = 6; + // NegativeMaxSize indicates that MaxSize or RelativeMaxSize represents space to be left free on the device rather than space to consume. bool negative_max_size = 7; } // ProvisioningSpec is the spec for volume provisioning. message ProvisioningSpec { + // DiskSelector selects a disk for the volume. DiskSelector disk_selector = 1; + // PartitionSpec describes how to provision the volume (partition type). PartitionSpec partition_spec = 2; + // Provisioning wave for the volume. + // + // Waves are processed sequentially - the volumes in the wave are only provisioned after the previous wave is done. int64 wave = 3; + // FilesystemSpec describes how to provision the volume (filesystem type). FilesystemSpec filesystem_spec = 4; } @@ -195,7 +244,9 @@ message SwapStatusSpec { // SymlinkProvisioningSpec is the spec for volume symlink. message SymlinkProvisioningSpec { + // Symlink target path for the volume. string symlink_target_path = 1; + // Force symlink creation. bool force = 2; } @@ -224,12 +275,19 @@ message UserDiskConfigStatusSpec { // VolumeConfigSpec is the spec for VolumeConfig resource. message VolumeConfigSpec { + // Parent volume ID, if set no operations on the volume continue until the parent volume is ready. string parent_id = 1; + // Volume type. talos.resource.definitions.enums.BlockVolumeType type = 2; + // Provisioning configuration (how to provision a volume). ProvisioningSpec provisioning = 3; + // How to find a volume. LocatorSpec locator = 4; + // Mount options for the volume. MountSpec mount = 5; + // Encryption configuration (how to encrypt a volume). EncryptionSpec encryption = 6; + // Symlink options for the volume. SymlinkProvisioningSpec symlink = 7; } @@ -257,26 +315,38 @@ message VolumeMountStatusSpec { // VolumeStatusSpec is the spec for VolumeStatus resource. message VolumeStatusSpec { talos.resource.definitions.enums.BlockVolumePhase phase = 1; + // Location is the path to the block device (raw). string location = 2; string error_message = 3; string uuid = 4; string partition_uuid = 5; talos.resource.definitions.enums.BlockVolumePhase pre_fail_phase = 6; + // ParentLocation (if present) is the location of the parent block device for partitions. string parent_location = 7; int64 partition_index = 8; uint64 size = 9; + // Filesystem is the filesystem type. talos.resource.definitions.enums.BlockFilesystemType filesystem = 10; + // MountLocation is the location to be mounted, might be different from location. string mount_location = 11; + // EncryptionProvider is the provider of the encryption which was used to unlock the volume. talos.resource.definitions.enums.BlockEncryptionProviderType encryption_provider = 12; string pretty_size = 13; + // EncryptionFailedSyncs is the list of failed syncs for the volume (per key/provider). repeated string encryption_failed_syncs = 14; + // MountSpec is the mount specification. MountSpec mount_spec = 15; talos.resource.definitions.enums.BlockVolumeType type = 16; + // ConfiguredEncryptionKeys is the list of configured encryption keys for the volume. repeated string configured_encryption_keys = 17; + // Symlink is the symlink specification. SymlinkProvisioningSpec symlink_spec = 18; string parent_id = 19; + // EncryptionLockedToState indicates if the encryption is locked to STATE partition bool encryption_locked_to_state = 20; + // EncryptionSlot indicates the currently used encryption slot used for decryption. int64 encryption_slot = 21; + // TPMEncryptionOptions is the options for TPM-based encryption. TPMEncryptionOptionsInfo tpm_encryption_options = 22; } diff --git a/api/resource/definitions/cluster/cluster.proto b/api/resource/definitions/cluster/cluster.proto index 0bf28f20e..b39b82c7b 100755 --- a/api/resource/definitions/cluster/cluster.proto +++ b/api/resource/definitions/cluster/cluster.proto @@ -41,6 +41,8 @@ message ControlPlane { // Note: IdentitySpec is persisted on disk in the STATE partition, // so YAML serialization should be kept backwards compatible. message IdentitySpec { + // NodeID is a random value which is persisted across reboots, + // but it gets reset on wipe. string node_id = 1; } diff --git a/api/resource/definitions/hardware/hardware.proto b/api/resource/definitions/hardware/hardware.proto index c4849f507..5f4517e7a 100755 --- a/api/resource/definitions/hardware/hardware.proto +++ b/api/resource/definitions/hardware/hardware.proto @@ -47,7 +47,9 @@ message ProcessorSpec { string socket = 1; string manufacturer = 2; string product_name = 3; + // MaxSpeed is in megahertz (MHz). uint32 max_speed = 4; + // BootSpeed is in megahertz (MHz). uint32 boot_speed = 5; uint32 status = 6; string serial_number = 7; diff --git a/api/resource/definitions/k8s/k8s.proto b/api/resource/definitions/k8s/k8s.proto index a31ebd8e3..878c54424 100755 --- a/api/resource/definitions/k8s/k8s.proto +++ b/api/resource/definitions/k8s/k8s.proto @@ -173,6 +173,9 @@ message KubeletConfigSpec { // KubeletKubeconfigSpec describes the current kubelet kubeconfig file. message KubeletKubeconfigSpec { + // Hash is a content digest of the kubeconfig file. It changes whenever the + // file contents change, which is the signal consumers use to rebuild their + // Kubernetes clients. string hash = 1; } diff --git a/api/resource/definitions/kubespan/kubespan.proto b/api/resource/definitions/kubespan/kubespan.proto index bae66a8cf..409d6137e 100755 --- a/api/resource/definitions/kubespan/kubespan.proto +++ b/api/resource/definitions/kubespan/kubespan.proto @@ -14,12 +14,19 @@ message ConfigSpec { bool enabled = 1; string cluster_id = 2; string shared_secret = 3; + // Force routing via KubeSpan even if the peer connection is not up. bool force_routing = 4; + // Advertise Kubernetes pod networks or skip it completely. bool advertise_kubernetes_networks = 5; + // Force kubeSpan MTU size. uint32 mtu = 6; + // If not empty, filter advertised endpoints using the list of CIDRs. repeated string endpoint_filters = 7; + // Harvest endpoints from the peer statuses. bool harvest_extra_endpoints = 8; + // Extra endpoints to announce. repeated common.NetIPPort extra_endpoints = 9; + // If not empty, filter advertised networks using the list of CIDRs. repeated common.NetIPPrefix exclude_advertised_networks = 10; } @@ -34,8 +41,10 @@ message EndpointSpec { // Note: IdentitySpec is persisted on disk in the STATE partition, // so YAML serialization should be kept backwards compatible. message IdentitySpec { + // Address of the node on the Wireguard network. common.NetIPPrefix address = 1; common.NetIPPrefix subnet = 2; + // Public and private Wireguard keys. string private_key = 3; string public_key = 4; } @@ -50,12 +59,18 @@ message PeerSpecSpec { // PeerStatusSpec describes PeerStatus state. message PeerStatusSpec { + // Active endpoint as seen by the Wireguard. common.NetIPPort endpoint = 1; + // Label derived from the peer spec. string label = 2; + // Calculated state. talos.resource.definitions.enums.KubespanPeerState state = 3; + // Tx/Rx bytes. int64 receive_bytes = 4; int64 transmit_bytes = 5; + // Handshake. google.protobuf.Timestamp last_handshake_time = 6; + // Endpoint selection input. common.NetIPPort last_used_endpoint = 7; google.protobuf.Timestamp last_endpoint_change = 8; } diff --git a/api/resource/definitions/network/network.proto b/api/resource/definitions/network/network.proto index 04a376476..61f87f68e 100755 --- a/api/resource/definitions/network/network.proto +++ b/api/resource/definitions/network/network.proto @@ -39,39 +39,74 @@ message AddressStatusSpec { // BondMasterSpec describes bond settings if Kind == "bond". message BondMasterSpec { + // Mode specifies the bonding policy talos.resource.definitions.enums.NethelpersBondMode mode = 1; + // HashPolicy selects the transmit hash policy to use for slave selection. talos.resource.definitions.enums.NethelpersBondXmitHashPolicy hash_policy = 2; + // LACPRate specifies the rate at which LACPDU frames are sent. talos.resource.definitions.enums.NethelpersLACPRate lacp_rate = 3; + // ARPValidate specifies whether or not ARP probes and replies should be validated. talos.resource.definitions.enums.NethelpersARPValidate arp_validate = 4; + // ARPAllTargets specifies whether ARP probes should be sent to any or all targets. talos.resource.definitions.enums.NethelpersARPAllTargets arp_all_targets = 5; + // PrimaryIndex is a device index specifying which slave is the primary device. uint32 primary_index = 6; + // PrimaryReselect specifies the policy under which the primary slave should be reselected. talos.resource.definitions.enums.NethelpersPrimaryReselect primary_reselect = 7; + // FailOverMac whether active-backup mode should set all slaves to the same MAC address at enslavement, when enabled, or perform special handling. talos.resource.definitions.enums.NethelpersFailOverMAC fail_over_mac = 8; + // ADSelect specifies the aggregate selection policy for 802.3ad. talos.resource.definitions.enums.NethelpersADSelect ad_select = 9; + // MIIMon is the link monitoring frequency in milliseconds. uint32 mii_mon = 10; + // UpDelay is the time, in milliseconds, to wait before enabling a slave after a link recovery has been detected. uint32 up_delay = 11; + // DownDelay is the time, in milliseconds, to wait before disabling a slave after a link failure has been detected. uint32 down_delay = 12; + // ARPInterval is the ARP link monitoring frequency in milliseconds. uint32 arp_interval = 13; + // ResendIGMP specifies the number of times IGMP packets should be resent. uint32 resend_igmp = 14; + // MinLinks specifies the minimum number of active links to assert carrier. uint32 min_links = 15; + // LPInterval specifies the number of seconds between instances where the bonding driver sends learning packets to each slave's peer switch. uint32 lp_interval = 16; + // PacketsPerSlave specifies the number of packets to transmit through a slave before moving to the next one. uint32 packets_per_slave = 17; + // NumPeerNotif specifies the number of peer notifications + // (gratuitous ARPs and unsolicited IPv6 Neighbor Advertisements) to be issued after a failover event. uint32 num_peer_notif = 18; + // TLBDynamicLB specifies if dynamic shuffling of flows is enabled in tlb or alb mode. uint32 tlb_dynamic_lb = 19; + // AllSlavesActive specifies that duplicate frames (received on inactive ports) should be dropped (0) or delivered (1). uint32 all_slaves_active = 20; + // UseCarrier specifies whether or not miimon should use MII or ETHTOOL. bool use_carrier = 21; + // ADActorSysPrio is the actor system priority for 802.3ad. uint32 ad_actor_sys_prio = 22; + // ADUserPortKey is the user port key (upper 10 bits) for 802.3ad. uint32 ad_user_port_key = 23; + // PeerNotifyDelay is the delay, in milliseconds, between each peer notification. uint32 peer_notify_delay = 24; + // ARPIPTargets is the list of IP addresses to use for ARP link monitoring when ARPInterval is set. + // + // Maximum of 16 targets are supported. repeated common.NetIP arpip_targets = 25; + // NSIP6Targets is the list of IPv6 addresses to use for NS link monitoring when ARPInterval is set. + // + // Maximum of 16 targets are supported. repeated common.NetIP nsip6_targets = 26; + // ADLACPActive specifies whether to send LACPDU frames periodically. talos.resource.definitions.enums.NethelpersADLACPActive adlacp_active = 27; + // MissedMax is the number of arp_interval monitor checks that must fail in order for an interface to be marked down by the ARP monitor. uint32 missed_max = 28; } // BondSlave contains a bond's master name and slave index. message BondSlave { + // MasterName indicates master link for enslaved bonded interfaces. string master_name = 1; + // SlaveIndex indicates a slave's position in bond. int64 slave_index = 2; } @@ -83,6 +118,7 @@ message BridgeMasterSpec { // BridgeSlave contains the name of the master bridge of a bridged interface message BridgeSlave { + // MasterName indicates master link for enslaved bridged interfaces. string master_name = 1; } @@ -126,10 +162,12 @@ message EthernetChannelsSpec { // EthernetChannelsStatus describes status of Ethernet channels. message EthernetChannelsStatus { + // Read-only settings. uint32 rx_max = 1; uint32 tx_max = 2; uint32 other_max = 3; uint32 combined_max = 4; + // Current settings (read-write). uint32 rx = 5; uint32 tx = 6; uint32 other = 7; @@ -158,11 +196,13 @@ message EthernetRingsSpec { // EthernetRingsStatus describes status of Ethernet rings. message EthernetRingsStatus { + // Read-only settings. uint32 rx_max = 1; uint32 rx_mini_max = 2; uint32 rx_jumbo_max = 3; uint32 tx_max = 4; uint32 tx_push_buf_len_max = 5; + // Current settings (read-write). uint32 rx = 6; uint32 rx_mini = 7; uint32 rx_jumbo = 8; @@ -199,7 +239,9 @@ message EthernetStatusSpec { // HardwareAddrSpec describes spec for the link. message HardwareAddrSpec { + // Name defines link name string name = 1; + // Hardware address bytes hardware_addr = 2; } @@ -236,23 +278,38 @@ message LinkRefreshSpec { // LinkSpecSpec describes spec for the link. message LinkSpecSpec { + // Name defines link name string name = 1; + // Logical describes if the interface should be created on the fly if it doesn't exist. bool logical = 2; + // If Up is true, bring interface up, otherwise bring interface down. + // + // TODO: make *bool ? bool up = 3; + // Interface MTU (always applies). uint32 mtu = 4; + // Kind and Type are only required for Logical interfaces. string kind = 5; talos.resource.definitions.enums.NethelpersLinkType type = 6; + // ParentName indicates link parent for VLAN interfaces. string parent_name = 7; + // BondSlave contains bond slave configuration for interfaces enslaved to a bond. BondSlave bond_slave = 8; + // BridgeSlave carries bridge slave details for bridged interfaces. BridgeSlave bridge_slave = 9; + // These structures are present depending on "Kind" for Logical interfaces. VLANSpec vlan = 10; BondMasterSpec bond_master = 11; BridgeMasterSpec bridge_master = 12; WireguardSpec wireguard = 13; + // Configuration layer. talos.resource.definitions.enums.NetworkConfigLayer config_layer = 14; + // Override hardware (MAC) address (if supported). bytes hardware_address = 15; + // Multicast indicates whether the multicast flag should be set on the interface to the value. bool multicast = 16; VRFMasterSpec vrf_master = 17; + // VRFSlave carries VRF slave details for interfaces in a VRF. VRFSlave vrf_slave = 18; } @@ -279,15 +336,18 @@ message LinkStatusSpec { string vendor_id = 19; string product = 20; string vendor = 21; + // Fields coming from ethtool API. bool link_state = 22; int64 speed_megabits = 23; talos.resource.definitions.enums.NethelpersPort port = 24; talos.resource.definitions.enums.NethelpersDuplex duplex = 25; + // Following fields are only populated with respective Kind. VLANSpec vlan = 26; BridgeMasterSpec bridge_master = 27; BondMasterSpec bond_master = 28; WireguardSpec wireguard = 29; bytes permanent_addr = 30; + // Fields coming from rtnetlink API. string alias = 31; repeated string alt_names = 32; VRFMasterSpec vrf_master = 33; @@ -383,7 +443,9 @@ message NfTablesRule { // NodeAddressFilterSpec describes a filter for NodeAddresses. message NodeAddressFilterSpec { + // Address is skipped if it doesn't match any of the includeSubnets (if includeSubnets is not empty). repeated common.NetIPPrefix include_subnets = 1; + // Address is skipped if it matches any of the excludeSubnets. repeated common.NetIPPrefix exclude_subnets = 2; } @@ -436,15 +498,21 @@ message PortRange { // ProbeSpecSpec describes the Probe. message ProbeSpecSpec { + // Interval between the probes. google.protobuf.Duration interval = 1; + // FailureThreshold is the number of consecutive failures for the probe to be considered failed after having succeeded. int64 failure_threshold = 2; + // One of the probe types should be specified, for now it's only TCP. TCPProbeSpec tcp = 3; + // Configuration layer. talos.resource.definitions.enums.NetworkConfigLayer config_layer = 4; } // ProbeStatusSpec describes the Probe. message ProbeStatusSpec { + // Success of the check. bool success = 1; + // Last error of the probe. string last_error = 2; } @@ -539,7 +607,9 @@ message StatusSpec { // TCPProbeSpec describes the TCP Probe. message TCPProbeSpec { + // Endpoint to probe: host:port. string endpoint = 1; + // Timeout for the probe. google.protobuf.Duration timeout = 2; } @@ -580,7 +650,9 @@ message VIPOperatorSpec { // VLANSpec describes VLAN settings if Kind == "vlan". message VLANSpec { + // VID is the vlan ID. uint32 vid = 1; + // Protocol is the vlan protocol. talos.resource.definitions.enums.NethelpersVLANProtocol protocol = 2; } @@ -605,7 +677,9 @@ message WireguardPeer { // WireguardSpec describes Wireguard settings if Kind == "wireguard". message WireguardSpec { + // PrivateKey is used to configure the link, present only in the LinkSpec. string private_key = 1; + // PublicKey is only used in LinkStatus to show the link status. string public_key = 2; int64 listen_port = 3; int64 firewall_mark = 4; diff --git a/api/resource/definitions/runtime/runtime.proto b/api/resource/definitions/runtime/runtime.proto index 3ef6d004d..74a8bd585 100755 --- a/api/resource/definitions/runtime/runtime.proto +++ b/api/resource/definitions/runtime/runtime.proto @@ -24,12 +24,15 @@ message BootedEntrySpec { // DevicesStatusSpec is the spec for devices status. message DevicesStatusSpec { + // Devices are settled down and ready to be used. bool ready = 1; } // DiagnosticSpec is the spec for devices status. message DiagnosticSpec { + // Short message describing the problem. string message = 1; + // Details about the problem. repeated string details = 2; } @@ -181,7 +184,9 @@ message SecurityStateSpec { // ServicePIDSpec is the spec for the service PID. message ServicePIDSpec { + // PID is the host PID of the service. int32 pid = 1; + // MountNamespace is the mount namespace of the service. string mount_namespace = 2; } diff --git a/api/resource/definitions/secrets/secrets.proto b/api/resource/definitions/secrets/secrets.proto index 7144436b3..f07272ecf 100755 --- a/api/resource/definitions/secrets/secrets.proto +++ b/api/resource/definitions/secrets/secrets.proto @@ -12,6 +12,7 @@ message APICertsSpec { common.PEMEncodedCertificateAndKey client = 2; common.PEMEncodedCertificateAndKey server = 3; repeated common.PEMEncodedCertificate accepted_c_as = 4; + // Skip verifying client certificate, to be used only with the maintenance mode operations. bool skip_verifying_client_cert = 5; } @@ -52,6 +53,7 @@ message KubeletSpec { message KubernetesCertsSpec { string scheduler_kubeconfig = 4; string controller_manager_kubeconfig = 5; + // Admin-level kubeconfig with access through the localhost endpoint and cluster endpoints. string localhost_admin_kubeconfig = 6; string admin_kubeconfig = 7; } diff --git a/api/resource/definitions/security/security.proto b/api/resource/definitions/security/security.proto index 69759c8a0..ce39fac6f 100755 --- a/api/resource/definitions/security/security.proto +++ b/api/resource/definitions/security/security.proto @@ -9,28 +9,39 @@ import "google/protobuf/timestamp.proto"; // ImageKeylessVerifierSpec represents a signature verification provider. message ImageKeylessVerifierSpec { + // Issuer is the OIDC issuer URL. string issuer = 1; + // Subject is the expected subject. string subject = 2; + // SubjectRegex is a regex pattern for subject matching. string subject_regex = 3; } // ImagePublicKeyVerifierSpec represents a signature verification provider with static public key. message ImagePublicKeyVerifierSpec { + // Certificate is a public certificate in PEM format accepted for image signature verification. string certificate = 1; } // ImageVerificationRuleSpec represents a verification rule. message ImageVerificationRuleSpec { + // ImagePattern is the image name pattern. string image_pattern = 2; + // Skip is the action for matching images. bool skip = 3; + // Deny is the action for matching images. bool deny = 4; + // KeylessVerifier is the keyless verifier configuration to use. ImageKeylessVerifierSpec keyless_verifier = 5; + // PublicKeyVerifier is the public key verifier configuration to use. ImagePublicKeyVerifierSpec public_key_verifier = 6; } // TUFTrustedRootSpec represents a sigstore's TUF trusted root information. message TUFTrustedRootSpec { + // LastRefreshTime is the last time the trusted root was refreshed. google.protobuf.Timestamp last_refresh_time = 1; + // JSONData is the trusted root data in JSON format. string json_data = 2; } diff --git a/api/resource/definitions/siderolink/siderolink.proto b/api/resource/definitions/siderolink/siderolink.proto index e0bfa9af2..fd7f2d81d 100755 --- a/api/resource/definitions/siderolink/siderolink.proto +++ b/api/resource/definitions/siderolink/siderolink.proto @@ -18,17 +18,26 @@ message ConfigSpec { // StatusSpec describes Siderolink status. message StatusSpec { + // Host is the Siderolink target host. string host = 1; + // Connected is the status of the Siderolink GRPC connection. bool connected = 2; + // LinkName is the name of the interface used for the Siderolink tunnel. string link_name = 3; + // GRPCTunnel is true if the Wireguard-over-GRPC tunnel is being used. bool grpc_tunnel = 4; } // TunnelSpec describes Siderolink GRPC Tunnel configuration. message TunnelSpec { + // APIEndpoint is the Siderolink WireGuard over GRPC endpoint. string api_endpoint = 1; + // LinkName is the name to use for WireGuard tunnel. string link_name = 2; + // MTU is the maximum transmission unit for the tunnel. int64 mtu = 3; + // NodeAddress is the virtual address of our node. It's used to identify our node in the WireGuard GRPC streamer. + // It's not the address of the actual WireGuard interface. common.NetIPPort node_address = 4; } diff --git a/api/resource/definitions/time/time.proto b/api/resource/definitions/time/time.proto index 1465fb44e..95810c412 100755 --- a/api/resource/definitions/time/time.proto +++ b/api/resource/definitions/time/time.proto @@ -21,8 +21,11 @@ message AdjtimeStatusSpec { // StatusSpec describes time sync state. message StatusSpec { + // Synced indicates whether time is in sync. bool synced = 1; + // Epoch is incremented every time clock jumps more than 15min. int64 epoch = 2; + // SyncDisabled indicates if time sync is disabled. bool sync_disabled = 3; } diff --git a/pkg/machinery/api/resource/definitions/block/block.pb.go b/pkg/machinery/api/resource/definitions/block/block.pb.go index 7087ee2dc..36e3cdf93 100644 --- a/pkg/machinery/api/resource/definitions/block/block.pb.go +++ b/pkg/machinery/api/resource/definitions/block/block.pb.go @@ -33,12 +33,17 @@ type DeviceSpec struct { Minor int64 `protobuf:"varint,3,opt,name=minor,proto3" json:"minor,omitempty"` PartitionName string `protobuf:"bytes,4,opt,name=partition_name,json=partitionName,proto3" json:"partition_name,omitempty"` PartitionNumber int64 `protobuf:"varint,5,opt,name=partition_number,json=partitionNumber,proto3" json:"partition_number,omitempty"` - Generation int64 `protobuf:"varint,6,opt,name=generation,proto3" json:"generation,omitempty"` - DevicePath string `protobuf:"bytes,7,opt,name=device_path,json=devicePath,proto3" json:"device_path,omitempty"` - Parent string `protobuf:"bytes,8,opt,name=parent,proto3" json:"parent,omitempty"` - Secondaries []string `protobuf:"bytes,9,rep,name=secondaries,proto3" json:"secondaries,omitempty"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache + // Generation is bumped every time the device might have changed and might need to be re-probed. + Generation int64 `protobuf:"varint,6,opt,name=generation,proto3" json:"generation,omitempty"` + DevicePath string `protobuf:"bytes,7,opt,name=device_path,json=devicePath,proto3" json:"device_path,omitempty"` + // Parent (if set) specifies the parent device ID. + Parent string `protobuf:"bytes,8,opt,name=parent,proto3" json:"parent,omitempty"` + // Secondaries (if set) specifies the secondary device IDs. + // + // E.g. for a LVM volume secondary is a list of blockdevices that the volume consists of. + Secondaries []string `protobuf:"bytes,9,rep,name=secondaries,proto3" json:"secondaries,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache } func (x *DeviceSpec) Reset() { @@ -136,29 +141,33 @@ func (x *DeviceSpec) GetSecondaries() []string { // DiscoveredVolumeSpec is the spec for DiscoveredVolumes resource. type DiscoveredVolumeSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Size uint64 `protobuf:"varint,1,opt,name=size,proto3" json:"size,omitempty"` - SectorSize uint64 `protobuf:"varint,2,opt,name=sector_size,json=sectorSize,proto3" json:"sector_size,omitempty"` - IoSize uint64 `protobuf:"varint,3,opt,name=io_size,json=ioSize,proto3" json:"io_size,omitempty"` - Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"` - Uuid string `protobuf:"bytes,5,opt,name=uuid,proto3" json:"uuid,omitempty"` - Label string `protobuf:"bytes,6,opt,name=label,proto3" json:"label,omitempty"` - BlockSize uint32 `protobuf:"varint,7,opt,name=block_size,json=blockSize,proto3" json:"block_size,omitempty"` - FilesystemBlockSize uint32 `protobuf:"varint,8,opt,name=filesystem_block_size,json=filesystemBlockSize,proto3" json:"filesystem_block_size,omitempty"` - ProbedSize uint64 `protobuf:"varint,9,opt,name=probed_size,json=probedSize,proto3" json:"probed_size,omitempty"` - PartitionUuid string `protobuf:"bytes,10,opt,name=partition_uuid,json=partitionUuid,proto3" json:"partition_uuid,omitempty"` - PartitionType string `protobuf:"bytes,11,opt,name=partition_type,json=partitionType,proto3" json:"partition_type,omitempty"` - PartitionLabel string `protobuf:"bytes,12,opt,name=partition_label,json=partitionLabel,proto3" json:"partition_label,omitempty"` - PartitionIndex uint64 `protobuf:"varint,13,opt,name=partition_index,json=partitionIndex,proto3" json:"partition_index,omitempty"` - Type string `protobuf:"bytes,14,opt,name=type,proto3" json:"type,omitempty"` - DevicePath string `protobuf:"bytes,15,opt,name=device_path,json=devicePath,proto3" json:"device_path,omitempty"` - Parent string `protobuf:"bytes,16,opt,name=parent,proto3" json:"parent,omitempty"` - DevPath string `protobuf:"bytes,17,opt,name=dev_path,json=devPath,proto3" json:"dev_path,omitempty"` - ParentDevPath string `protobuf:"bytes,18,opt,name=parent_dev_path,json=parentDevPath,proto3" json:"parent_dev_path,omitempty"` - PrettySize string `protobuf:"bytes,19,opt,name=pretty_size,json=prettySize,proto3" json:"pretty_size,omitempty"` - Offset uint64 `protobuf:"varint,20,opt,name=offset,proto3" json:"offset,omitempty"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache + state protoimpl.MessageState `protogen:"open.v1"` + // Overall size of the probed device (in bytes). + Size uint64 `protobuf:"varint,1,opt,name=size,proto3" json:"size,omitempty"` + // Sector size of the device (in bytes). + SectorSize uint64 `protobuf:"varint,2,opt,name=sector_size,json=sectorSize,proto3" json:"sector_size,omitempty"` + // Optimal I/O size for the device (in bytes). + IoSize uint64 `protobuf:"varint,3,opt,name=io_size,json=ioSize,proto3" json:"io_size,omitempty"` + Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"` + Uuid string `protobuf:"bytes,5,opt,name=uuid,proto3" json:"uuid,omitempty"` + Label string `protobuf:"bytes,6,opt,name=label,proto3" json:"label,omitempty"` + BlockSize uint32 `protobuf:"varint,7,opt,name=block_size,json=blockSize,proto3" json:"block_size,omitempty"` + FilesystemBlockSize uint32 `protobuf:"varint,8,opt,name=filesystem_block_size,json=filesystemBlockSize,proto3" json:"filesystem_block_size,omitempty"` + ProbedSize uint64 `protobuf:"varint,9,opt,name=probed_size,json=probedSize,proto3" json:"probed_size,omitempty"` + PartitionUuid string `protobuf:"bytes,10,opt,name=partition_uuid,json=partitionUuid,proto3" json:"partition_uuid,omitempty"` + PartitionType string `protobuf:"bytes,11,opt,name=partition_type,json=partitionType,proto3" json:"partition_type,omitempty"` + PartitionLabel string `protobuf:"bytes,12,opt,name=partition_label,json=partitionLabel,proto3" json:"partition_label,omitempty"` + PartitionIndex uint64 `protobuf:"varint,13,opt,name=partition_index,json=partitionIndex,proto3" json:"partition_index,omitempty"` + Type string `protobuf:"bytes,14,opt,name=type,proto3" json:"type,omitempty"` + DevicePath string `protobuf:"bytes,15,opt,name=device_path,json=devicePath,proto3" json:"device_path,omitempty"` + Parent string `protobuf:"bytes,16,opt,name=parent,proto3" json:"parent,omitempty"` + DevPath string `protobuf:"bytes,17,opt,name=dev_path,json=devPath,proto3" json:"dev_path,omitempty"` + ParentDevPath string `protobuf:"bytes,18,opt,name=parent_dev_path,json=parentDevPath,proto3" json:"parent_dev_path,omitempty"` + PrettySize string `protobuf:"bytes,19,opt,name=pretty_size,json=prettySize,proto3" json:"pretty_size,omitempty"` + // Offset of the partition/volume inside Parent device (in bytes). + Offset uint64 `protobuf:"varint,20,opt,name=offset,proto3" json:"offset,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache } func (x *DiscoveredVolumeSpec) Reset() { @@ -476,25 +485,29 @@ func (x *DiskSelector) GetExternal() string { // DiskSpec is the spec for Disks status. type DiskSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Size uint64 `protobuf:"varint,1,opt,name=size,proto3" json:"size,omitempty"` - IoSize uint64 `protobuf:"varint,2,opt,name=io_size,json=ioSize,proto3" json:"io_size,omitempty"` - SectorSize uint64 `protobuf:"varint,3,opt,name=sector_size,json=sectorSize,proto3" json:"sector_size,omitempty"` - Readonly bool `protobuf:"varint,4,opt,name=readonly,proto3" json:"readonly,omitempty"` - Model string `protobuf:"bytes,5,opt,name=model,proto3" json:"model,omitempty"` - Serial string `protobuf:"bytes,6,opt,name=serial,proto3" json:"serial,omitempty"` - Modalias string `protobuf:"bytes,7,opt,name=modalias,proto3" json:"modalias,omitempty"` - Wwid string `protobuf:"bytes,8,opt,name=wwid,proto3" json:"wwid,omitempty"` - BusPath string `protobuf:"bytes,9,opt,name=bus_path,json=busPath,proto3" json:"bus_path,omitempty"` - SubSystem string `protobuf:"bytes,10,opt,name=sub_system,json=subSystem,proto3" json:"sub_system,omitempty"` - Transport string `protobuf:"bytes,11,opt,name=transport,proto3" json:"transport,omitempty"` - Rotational bool `protobuf:"varint,12,opt,name=rotational,proto3" json:"rotational,omitempty"` - Cdrom bool `protobuf:"varint,13,opt,name=cdrom,proto3" json:"cdrom,omitempty"` - DevPath string `protobuf:"bytes,14,opt,name=dev_path,json=devPath,proto3" json:"dev_path,omitempty"` - PrettySize string `protobuf:"bytes,15,opt,name=pretty_size,json=prettySize,proto3" json:"pretty_size,omitempty"` - SecondaryDisks []string `protobuf:"bytes,16,rep,name=secondary_disks,json=secondaryDisks,proto3" json:"secondary_disks,omitempty"` - Uuid string `protobuf:"bytes,17,opt,name=uuid,proto3" json:"uuid,omitempty"` - Symlinks []string `protobuf:"bytes,18,rep,name=symlinks,proto3" json:"symlinks,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + Size uint64 `protobuf:"varint,1,opt,name=size,proto3" json:"size,omitempty"` + IoSize uint64 `protobuf:"varint,2,opt,name=io_size,json=ioSize,proto3" json:"io_size,omitempty"` + SectorSize uint64 `protobuf:"varint,3,opt,name=sector_size,json=sectorSize,proto3" json:"sector_size,omitempty"` + Readonly bool `protobuf:"varint,4,opt,name=readonly,proto3" json:"readonly,omitempty"` + Model string `protobuf:"bytes,5,opt,name=model,proto3" json:"model,omitempty"` + Serial string `protobuf:"bytes,6,opt,name=serial,proto3" json:"serial,omitempty"` + Modalias string `protobuf:"bytes,7,opt,name=modalias,proto3" json:"modalias,omitempty"` + Wwid string `protobuf:"bytes,8,opt,name=wwid,proto3" json:"wwid,omitempty"` + BusPath string `protobuf:"bytes,9,opt,name=bus_path,json=busPath,proto3" json:"bus_path,omitempty"` + SubSystem string `protobuf:"bytes,10,opt,name=sub_system,json=subSystem,proto3" json:"sub_system,omitempty"` + Transport string `protobuf:"bytes,11,opt,name=transport,proto3" json:"transport,omitempty"` + Rotational bool `protobuf:"varint,12,opt,name=rotational,proto3" json:"rotational,omitempty"` + Cdrom bool `protobuf:"varint,13,opt,name=cdrom,proto3" json:"cdrom,omitempty"` + DevPath string `protobuf:"bytes,14,opt,name=dev_path,json=devPath,proto3" json:"dev_path,omitempty"` + PrettySize string `protobuf:"bytes,15,opt,name=pretty_size,json=prettySize,proto3" json:"pretty_size,omitempty"` + // SecondaryDisks (if set) specifies the secondary disk IDs. + // + // E.g. if the blockdevice secondary is vda5, the secondary disk will be set as vda. + // This allows to map secondaries between disks ignoring the partitions. + SecondaryDisks []string `protobuf:"bytes,16,rep,name=secondary_disks,json=secondaryDisks,proto3" json:"secondary_disks,omitempty"` + Uuid string `protobuf:"bytes,17,opt,name=uuid,proto3" json:"uuid,omitempty"` + Symlinks []string `protobuf:"bytes,18,rep,name=symlinks,proto3" json:"symlinks,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -657,17 +670,22 @@ func (x *DiskSpec) GetSymlinks() []string { // EncryptionKey is the spec for volume encryption key. type EncryptionKey struct { - state protoimpl.MessageState `protogen:"open.v1"` - Slot int64 `protobuf:"varint,1,opt,name=slot,proto3" json:"slot,omitempty"` - Type enums.BlockEncryptionKeyType `protobuf:"varint,2,opt,name=type,proto3,enum=talos.resource.definitions.enums.BlockEncryptionKeyType" json:"type,omitempty"` - StaticPassphrase []byte `protobuf:"bytes,3,opt,name=static_passphrase,json=staticPassphrase,proto3" json:"static_passphrase,omitempty"` - KmsEndpoint string `protobuf:"bytes,4,opt,name=kms_endpoint,json=kmsEndpoint,proto3" json:"kms_endpoint,omitempty"` - TpmCheckSecurebootStatusOnEnroll bool `protobuf:"varint,5,opt,name=tpm_check_secureboot_status_on_enroll,json=tpmCheckSecurebootStatusOnEnroll,proto3" json:"tpm_check_secureboot_status_on_enroll,omitempty"` - LockToState bool `protobuf:"varint,6,opt,name=lock_to_state,json=lockToState,proto3" json:"lock_to_state,omitempty"` - TpmpcRs []int64 `protobuf:"varint,7,rep,packed,name=tpmpc_rs,json=tpmpcRs,proto3" json:"tpmpc_rs,omitempty"` - TpmPubKeyPcRs []int64 `protobuf:"varint,8,rep,packed,name=tpm_pub_key_pc_rs,json=tpmPubKeyPcRs,proto3" json:"tpm_pub_key_pc_rs,omitempty"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache + state protoimpl.MessageState `protogen:"open.v1"` + Slot int64 `protobuf:"varint,1,opt,name=slot,proto3" json:"slot,omitempty"` + Type enums.BlockEncryptionKeyType `protobuf:"varint,2,opt,name=type,proto3,enum=talos.resource.definitions.enums.BlockEncryptionKeyType" json:"type,omitempty"` + // Only for Type == "static": + StaticPassphrase []byte `protobuf:"bytes,3,opt,name=static_passphrase,json=staticPassphrase,proto3" json:"static_passphrase,omitempty"` + // Only for Type == "kms": + KmsEndpoint string `protobuf:"bytes,4,opt,name=kms_endpoint,json=kmsEndpoint,proto3" json:"kms_endpoint,omitempty"` + // Only for Type == "tpm": + TpmCheckSecurebootStatusOnEnroll bool `protobuf:"varint,5,opt,name=tpm_check_secureboot_status_on_enroll,json=tpmCheckSecurebootStatusOnEnroll,proto3" json:"tpm_check_secureboot_status_on_enroll,omitempty"` + LockToState bool `protobuf:"varint,6,opt,name=lock_to_state,json=lockToState,proto3" json:"lock_to_state,omitempty"` + // Only for Type == "tpm": + TpmpcRs []int64 `protobuf:"varint,7,rep,packed,name=tpmpc_rs,json=tpmpcRs,proto3" json:"tpmpc_rs,omitempty"` + // Only for Type == "tpm": + TpmPubKeyPcRs []int64 `protobuf:"varint,8,rep,packed,name=tpm_pub_key_pc_rs,json=tpmPubKeyPcRs,proto3" json:"tpm_pub_key_pc_rs,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache } func (x *EncryptionKey) Reset() { @@ -843,9 +861,11 @@ func (x *EncryptionSpec) GetPerfOptions() []string { // FilesystemSpec is the spec for volume filesystem. type FilesystemSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Type enums.BlockFilesystemType `protobuf:"varint,1,opt,name=type,proto3,enum=talos.resource.definitions.enums.BlockFilesystemType" json:"type,omitempty"` - Label string `protobuf:"bytes,2,opt,name=label,proto3" json:"label,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Filesystem type. + Type enums.BlockFilesystemType `protobuf:"varint,1,opt,name=type,proto3,enum=talos.resource.definitions.enums.BlockFilesystemType" json:"type,omitempty"` + // Filesystem label. + Label string `protobuf:"bytes,2,opt,name=label,proto3" json:"label,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -896,9 +916,11 @@ func (x *FilesystemSpec) GetLabel() string { // LocatorSpec is the spec for volume locator. type LocatorSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Match *v1alpha1.CheckedExpr `protobuf:"bytes,1,opt,name=match,proto3" json:"match,omitempty"` - DiskMatch *v1alpha1.CheckedExpr `protobuf:"bytes,2,opt,name=disk_match,json=diskMatch,proto3" json:"disk_match,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Match is a volume locator match expression. + Match *v1alpha1.CheckedExpr `protobuf:"bytes,1,opt,name=match,proto3" json:"match,omitempty"` + // DiskMatch is a disk locator match expression. + DiskMatch *v1alpha1.CheckedExpr `protobuf:"bytes,2,opt,name=disk_match,json=diskMatch,proto3" json:"disk_match,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -1050,19 +1072,29 @@ func (x *MountRequestSpec) GetSecure() bool { // MountSpec is the spec for volume mount. type MountSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - TargetPath string `protobuf:"bytes,1,opt,name=target_path,json=targetPath,proto3" json:"target_path,omitempty"` - SelinuxLabel string `protobuf:"bytes,2,opt,name=selinux_label,json=selinuxLabel,proto3" json:"selinux_label,omitempty"` - ProjectQuotaSupport bool `protobuf:"varint,3,opt,name=project_quota_support,json=projectQuotaSupport,proto3" json:"project_quota_support,omitempty"` - ParentId string `protobuf:"bytes,4,opt,name=parent_id,json=parentId,proto3" json:"parent_id,omitempty"` - FileMode uint32 `protobuf:"varint,5,opt,name=file_mode,json=fileMode,proto3" json:"file_mode,omitempty"` - Uid int64 `protobuf:"varint,6,opt,name=uid,proto3" json:"uid,omitempty"` - Gid int64 `protobuf:"varint,7,opt,name=gid,proto3" json:"gid,omitempty"` - RecursiveRelabel bool `protobuf:"varint,8,opt,name=recursive_relabel,json=recursiveRelabel,proto3" json:"recursive_relabel,omitempty"` - BindTarget string `protobuf:"bytes,9,opt,name=bind_target,json=bindTarget,proto3" json:"bind_target,omitempty"` - Parameters []*ParameterSpec `protobuf:"bytes,10,rep,name=parameters,proto3" json:"parameters,omitempty"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache + state protoimpl.MessageState `protogen:"open.v1"` + // Mount path for the volume. + TargetPath string `protobuf:"bytes,1,opt,name=target_path,json=targetPath,proto3" json:"target_path,omitempty"` + // SELinux label for the volume. + SelinuxLabel string `protobuf:"bytes,2,opt,name=selinux_label,json=selinuxLabel,proto3" json:"selinux_label,omitempty"` + // Enable project quota (xfs) for the volume. + ProjectQuotaSupport bool `protobuf:"varint,3,opt,name=project_quota_support,json=projectQuotaSupport,proto3" json:"project_quota_support,omitempty"` + // Parent mount request ID. + ParentId string `protobuf:"bytes,4,opt,name=parent_id,json=parentId,proto3" json:"parent_id,omitempty"` + // FileMode is the file mode for the mount target. + FileMode uint32 `protobuf:"varint,5,opt,name=file_mode,json=fileMode,proto3" json:"file_mode,omitempty"` + // UID is the user ID for the mount target. + Uid int64 `protobuf:"varint,6,opt,name=uid,proto3" json:"uid,omitempty"` + // GID is the group ID for the mount target. + Gid int64 `protobuf:"varint,7,opt,name=gid,proto3" json:"gid,omitempty"` + // RecursiveRelabel is the recursive relabel/chown flag for the mount target. + RecursiveRelabel bool `protobuf:"varint,8,opt,name=recursive_relabel,json=recursiveRelabel,proto3" json:"recursive_relabel,omitempty"` + // BindTarget is an optional path on the host to bind-mount the volume onto. + BindTarget string `protobuf:"bytes,9,opt,name=bind_target,json=bindTarget,proto3" json:"bind_target,omitempty"` + // Parameters are additional filesystem mount options used when mounting the volume. + Parameters []*ParameterSpec `protobuf:"bytes,10,rep,name=parameters,proto3" json:"parameters,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache } func (x *MountSpec) Reset() { @@ -1268,11 +1300,15 @@ func (x *MountStatusSpec) GetDetached() bool { // ParameterSpec is a mount parameter. type ParameterSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Type enums.BlockFSParameterType `protobuf:"varint,1,opt,name=type,proto3,enum=talos.resource.definitions.enums.BlockFSParameterType" json:"type,omitempty"` - Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` - String_ string `protobuf:"bytes,3,opt,name=string,proto3" json:"string,omitempty"` - Binary []byte `protobuf:"bytes,5,opt,name=binary,proto3" json:"binary,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Type of the parameter. + Type enums.BlockFSParameterType `protobuf:"varint,1,opt,name=type,proto3,enum=talos.resource.definitions.enums.BlockFSParameterType" json:"type,omitempty"` + // Name of the parameter. + Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` + // String value of the parameter. + String_ string `protobuf:"bytes,3,opt,name=string,proto3" json:"string,omitempty"` + // Binary value of the parameter. + Binary []byte `protobuf:"bytes,5,opt,name=binary,proto3" json:"binary,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -1337,14 +1373,21 @@ func (x *ParameterSpec) GetBinary() []byte { // PartitionSpec is the spec for volume partitioning. type PartitionSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - MinSize uint64 `protobuf:"varint,1,opt,name=min_size,json=minSize,proto3" json:"min_size,omitempty"` - MaxSize uint64 `protobuf:"varint,2,opt,name=max_size,json=maxSize,proto3" json:"max_size,omitempty"` - Grow bool `protobuf:"varint,3,opt,name=grow,proto3" json:"grow,omitempty"` - Label string `protobuf:"bytes,4,opt,name=label,proto3" json:"label,omitempty"` - TypeUuid string `protobuf:"bytes,5,opt,name=type_uuid,json=typeUuid,proto3" json:"type_uuid,omitempty"` - RelativeMaxSize uint64 `protobuf:"varint,6,opt,name=relative_max_size,json=relativeMaxSize,proto3" json:"relative_max_size,omitempty"` - NegativeMaxSize bool `protobuf:"varint,7,opt,name=negative_max_size,json=negativeMaxSize,proto3" json:"negative_max_size,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Partition minimum size in bytes. + MinSize uint64 `protobuf:"varint,1,opt,name=min_size,json=minSize,proto3" json:"min_size,omitempty"` + // Partition maximum size in bytes, if not set, grows to the maximum size. + MaxSize uint64 `protobuf:"varint,2,opt,name=max_size,json=maxSize,proto3" json:"max_size,omitempty"` + // Grow the partition automatically to the maximum size. + Grow bool `protobuf:"varint,3,opt,name=grow,proto3" json:"grow,omitempty"` + // Label for the partition. + Label string `protobuf:"bytes,4,opt,name=label,proto3" json:"label,omitempty"` + // Partition type UUID. + TypeUuid string `protobuf:"bytes,5,opt,name=type_uuid,json=typeUuid,proto3" json:"type_uuid,omitempty"` + // Partition maximum size (relative), if not set, grows to the maximum size. + RelativeMaxSize uint64 `protobuf:"varint,6,opt,name=relative_max_size,json=relativeMaxSize,proto3" json:"relative_max_size,omitempty"` + // NegativeMaxSize indicates that MaxSize or RelativeMaxSize represents space to be left free on the device rather than space to consume. + NegativeMaxSize bool `protobuf:"varint,7,opt,name=negative_max_size,json=negativeMaxSize,proto3" json:"negative_max_size,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -1430,11 +1473,17 @@ func (x *PartitionSpec) GetNegativeMaxSize() bool { // ProvisioningSpec is the spec for volume provisioning. type ProvisioningSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - DiskSelector *DiskSelector `protobuf:"bytes,1,opt,name=disk_selector,json=diskSelector,proto3" json:"disk_selector,omitempty"` - PartitionSpec *PartitionSpec `protobuf:"bytes,2,opt,name=partition_spec,json=partitionSpec,proto3" json:"partition_spec,omitempty"` - Wave int64 `protobuf:"varint,3,opt,name=wave,proto3" json:"wave,omitempty"` - FilesystemSpec *FilesystemSpec `protobuf:"bytes,4,opt,name=filesystem_spec,json=filesystemSpec,proto3" json:"filesystem_spec,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // DiskSelector selects a disk for the volume. + DiskSelector *DiskSelector `protobuf:"bytes,1,opt,name=disk_selector,json=diskSelector,proto3" json:"disk_selector,omitempty"` + // PartitionSpec describes how to provision the volume (partition type). + PartitionSpec *PartitionSpec `protobuf:"bytes,2,opt,name=partition_spec,json=partitionSpec,proto3" json:"partition_spec,omitempty"` + // Provisioning wave for the volume. + // + // Waves are processed sequentially - the volumes in the wave are only provisioned after the previous wave is done. + Wave int64 `protobuf:"varint,3,opt,name=wave,proto3" json:"wave,omitempty"` + // FilesystemSpec describes how to provision the volume (filesystem type). + FilesystemSpec *FilesystemSpec `protobuf:"bytes,4,opt,name=filesystem_spec,json=filesystemSpec,proto3" json:"filesystem_spec,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -1592,11 +1641,13 @@ func (x *SwapStatusSpec) GetType() string { // SymlinkProvisioningSpec is the spec for volume symlink. type SymlinkProvisioningSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - SymlinkTargetPath string `protobuf:"bytes,1,opt,name=symlink_target_path,json=symlinkTargetPath,proto3" json:"symlink_target_path,omitempty"` - Force bool `protobuf:"varint,2,opt,name=force,proto3" json:"force,omitempty"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache + state protoimpl.MessageState `protogen:"open.v1"` + // Symlink target path for the volume. + SymlinkTargetPath string `protobuf:"bytes,1,opt,name=symlink_target_path,json=symlinkTargetPath,proto3" json:"symlink_target_path,omitempty"` + // Force symlink creation. + Force bool `protobuf:"varint,2,opt,name=force,proto3" json:"force,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache } func (x *SymlinkProvisioningSpec) Reset() { @@ -1849,13 +1900,20 @@ func (x *UserDiskConfigStatusSpec) GetTornDown() bool { // VolumeConfigSpec is the spec for VolumeConfig resource. type VolumeConfigSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - ParentId string `protobuf:"bytes,1,opt,name=parent_id,json=parentId,proto3" json:"parent_id,omitempty"` - Type enums.BlockVolumeType `protobuf:"varint,2,opt,name=type,proto3,enum=talos.resource.definitions.enums.BlockVolumeType" json:"type,omitempty"` - Provisioning *ProvisioningSpec `protobuf:"bytes,3,opt,name=provisioning,proto3" json:"provisioning,omitempty"` - Locator *LocatorSpec `protobuf:"bytes,4,opt,name=locator,proto3" json:"locator,omitempty"` - Mount *MountSpec `protobuf:"bytes,5,opt,name=mount,proto3" json:"mount,omitempty"` - Encryption *EncryptionSpec `protobuf:"bytes,6,opt,name=encryption,proto3" json:"encryption,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Parent volume ID, if set no operations on the volume continue until the parent volume is ready. + ParentId string `protobuf:"bytes,1,opt,name=parent_id,json=parentId,proto3" json:"parent_id,omitempty"` + // Volume type. + Type enums.BlockVolumeType `protobuf:"varint,2,opt,name=type,proto3,enum=talos.resource.definitions.enums.BlockVolumeType" json:"type,omitempty"` + // Provisioning configuration (how to provision a volume). + Provisioning *ProvisioningSpec `protobuf:"bytes,3,opt,name=provisioning,proto3" json:"provisioning,omitempty"` + // How to find a volume. + Locator *LocatorSpec `protobuf:"bytes,4,opt,name=locator,proto3" json:"locator,omitempty"` + // Mount options for the volume. + Mount *MountSpec `protobuf:"bytes,5,opt,name=mount,proto3" json:"mount,omitempty"` + // Encryption configuration (how to encrypt a volume). + Encryption *EncryptionSpec `protobuf:"bytes,6,opt,name=encryption,proto3" json:"encryption,omitempty"` + // Symlink options for the volume. Symlink *SymlinkProvisioningSpec `protobuf:"bytes,7,opt,name=symlink,proto3" json:"symlink,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache @@ -2120,31 +2178,43 @@ func (x *VolumeMountStatusSpec) GetSecure() bool { // VolumeStatusSpec is the spec for VolumeStatus resource. type VolumeStatusSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Phase enums.BlockVolumePhase `protobuf:"varint,1,opt,name=phase,proto3,enum=talos.resource.definitions.enums.BlockVolumePhase" json:"phase,omitempty"` - Location string `protobuf:"bytes,2,opt,name=location,proto3" json:"location,omitempty"` - ErrorMessage string `protobuf:"bytes,3,opt,name=error_message,json=errorMessage,proto3" json:"error_message,omitempty"` - Uuid string `protobuf:"bytes,4,opt,name=uuid,proto3" json:"uuid,omitempty"` - PartitionUuid string `protobuf:"bytes,5,opt,name=partition_uuid,json=partitionUuid,proto3" json:"partition_uuid,omitempty"` - PreFailPhase enums.BlockVolumePhase `protobuf:"varint,6,opt,name=pre_fail_phase,json=preFailPhase,proto3,enum=talos.resource.definitions.enums.BlockVolumePhase" json:"pre_fail_phase,omitempty"` - ParentLocation string `protobuf:"bytes,7,opt,name=parent_location,json=parentLocation,proto3" json:"parent_location,omitempty"` - PartitionIndex int64 `protobuf:"varint,8,opt,name=partition_index,json=partitionIndex,proto3" json:"partition_index,omitempty"` - Size uint64 `protobuf:"varint,9,opt,name=size,proto3" json:"size,omitempty"` - Filesystem enums.BlockFilesystemType `protobuf:"varint,10,opt,name=filesystem,proto3,enum=talos.resource.definitions.enums.BlockFilesystemType" json:"filesystem,omitempty"` - MountLocation string `protobuf:"bytes,11,opt,name=mount_location,json=mountLocation,proto3" json:"mount_location,omitempty"` - EncryptionProvider enums.BlockEncryptionProviderType `protobuf:"varint,12,opt,name=encryption_provider,json=encryptionProvider,proto3,enum=talos.resource.definitions.enums.BlockEncryptionProviderType" json:"encryption_provider,omitempty"` - PrettySize string `protobuf:"bytes,13,opt,name=pretty_size,json=prettySize,proto3" json:"pretty_size,omitempty"` - EncryptionFailedSyncs []string `protobuf:"bytes,14,rep,name=encryption_failed_syncs,json=encryptionFailedSyncs,proto3" json:"encryption_failed_syncs,omitempty"` - MountSpec *MountSpec `protobuf:"bytes,15,opt,name=mount_spec,json=mountSpec,proto3" json:"mount_spec,omitempty"` - Type enums.BlockVolumeType `protobuf:"varint,16,opt,name=type,proto3,enum=talos.resource.definitions.enums.BlockVolumeType" json:"type,omitempty"` - ConfiguredEncryptionKeys []string `protobuf:"bytes,17,rep,name=configured_encryption_keys,json=configuredEncryptionKeys,proto3" json:"configured_encryption_keys,omitempty"` - SymlinkSpec *SymlinkProvisioningSpec `protobuf:"bytes,18,opt,name=symlink_spec,json=symlinkSpec,proto3" json:"symlink_spec,omitempty"` - ParentId string `protobuf:"bytes,19,opt,name=parent_id,json=parentId,proto3" json:"parent_id,omitempty"` - EncryptionLockedToState bool `protobuf:"varint,20,opt,name=encryption_locked_to_state,json=encryptionLockedToState,proto3" json:"encryption_locked_to_state,omitempty"` - EncryptionSlot int64 `protobuf:"varint,21,opt,name=encryption_slot,json=encryptionSlot,proto3" json:"encryption_slot,omitempty"` - TpmEncryptionOptions *TPMEncryptionOptionsInfo `protobuf:"bytes,22,opt,name=tpm_encryption_options,json=tpmEncryptionOptions,proto3" json:"tpm_encryption_options,omitempty"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache + state protoimpl.MessageState `protogen:"open.v1"` + Phase enums.BlockVolumePhase `protobuf:"varint,1,opt,name=phase,proto3,enum=talos.resource.definitions.enums.BlockVolumePhase" json:"phase,omitempty"` + // Location is the path to the block device (raw). + Location string `protobuf:"bytes,2,opt,name=location,proto3" json:"location,omitempty"` + ErrorMessage string `protobuf:"bytes,3,opt,name=error_message,json=errorMessage,proto3" json:"error_message,omitempty"` + Uuid string `protobuf:"bytes,4,opt,name=uuid,proto3" json:"uuid,omitempty"` + PartitionUuid string `protobuf:"bytes,5,opt,name=partition_uuid,json=partitionUuid,proto3" json:"partition_uuid,omitempty"` + PreFailPhase enums.BlockVolumePhase `protobuf:"varint,6,opt,name=pre_fail_phase,json=preFailPhase,proto3,enum=talos.resource.definitions.enums.BlockVolumePhase" json:"pre_fail_phase,omitempty"` + // ParentLocation (if present) is the location of the parent block device for partitions. + ParentLocation string `protobuf:"bytes,7,opt,name=parent_location,json=parentLocation,proto3" json:"parent_location,omitempty"` + PartitionIndex int64 `protobuf:"varint,8,opt,name=partition_index,json=partitionIndex,proto3" json:"partition_index,omitempty"` + Size uint64 `protobuf:"varint,9,opt,name=size,proto3" json:"size,omitempty"` + // Filesystem is the filesystem type. + Filesystem enums.BlockFilesystemType `protobuf:"varint,10,opt,name=filesystem,proto3,enum=talos.resource.definitions.enums.BlockFilesystemType" json:"filesystem,omitempty"` + // MountLocation is the location to be mounted, might be different from location. + MountLocation string `protobuf:"bytes,11,opt,name=mount_location,json=mountLocation,proto3" json:"mount_location,omitempty"` + // EncryptionProvider is the provider of the encryption which was used to unlock the volume. + EncryptionProvider enums.BlockEncryptionProviderType `protobuf:"varint,12,opt,name=encryption_provider,json=encryptionProvider,proto3,enum=talos.resource.definitions.enums.BlockEncryptionProviderType" json:"encryption_provider,omitempty"` + PrettySize string `protobuf:"bytes,13,opt,name=pretty_size,json=prettySize,proto3" json:"pretty_size,omitempty"` + // EncryptionFailedSyncs is the list of failed syncs for the volume (per key/provider). + EncryptionFailedSyncs []string `protobuf:"bytes,14,rep,name=encryption_failed_syncs,json=encryptionFailedSyncs,proto3" json:"encryption_failed_syncs,omitempty"` + // MountSpec is the mount specification. + MountSpec *MountSpec `protobuf:"bytes,15,opt,name=mount_spec,json=mountSpec,proto3" json:"mount_spec,omitempty"` + Type enums.BlockVolumeType `protobuf:"varint,16,opt,name=type,proto3,enum=talos.resource.definitions.enums.BlockVolumeType" json:"type,omitempty"` + // ConfiguredEncryptionKeys is the list of configured encryption keys for the volume. + ConfiguredEncryptionKeys []string `protobuf:"bytes,17,rep,name=configured_encryption_keys,json=configuredEncryptionKeys,proto3" json:"configured_encryption_keys,omitempty"` + // Symlink is the symlink specification. + SymlinkSpec *SymlinkProvisioningSpec `protobuf:"bytes,18,opt,name=symlink_spec,json=symlinkSpec,proto3" json:"symlink_spec,omitempty"` + ParentId string `protobuf:"bytes,19,opt,name=parent_id,json=parentId,proto3" json:"parent_id,omitempty"` + // EncryptionLockedToState indicates if the encryption is locked to STATE partition + EncryptionLockedToState bool `protobuf:"varint,20,opt,name=encryption_locked_to_state,json=encryptionLockedToState,proto3" json:"encryption_locked_to_state,omitempty"` + // EncryptionSlot indicates the currently used encryption slot used for decryption. + EncryptionSlot int64 `protobuf:"varint,21,opt,name=encryption_slot,json=encryptionSlot,proto3" json:"encryption_slot,omitempty"` + // TPMEncryptionOptions is the options for TPM-based encryption. + TpmEncryptionOptions *TPMEncryptionOptionsInfo `protobuf:"bytes,22,opt,name=tpm_encryption_options,json=tpmEncryptionOptions,proto3" json:"tpm_encryption_options,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache } func (x *VolumeStatusSpec) Reset() { diff --git a/pkg/machinery/api/resource/definitions/cluster/cluster.pb.go b/pkg/machinery/api/resource/definitions/cluster/cluster.pb.go index 180f2d3e4..cd4e44bc3 100644 --- a/pkg/machinery/api/resource/definitions/cluster/cluster.pb.go +++ b/pkg/machinery/api/resource/definitions/cluster/cluster.pb.go @@ -269,8 +269,10 @@ func (x *ControlPlane) GetApiServerPort() int64 { // Note: IdentitySpec is persisted on disk in the STATE partition, // so YAML serialization should be kept backwards compatible. type IdentitySpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - NodeId string `protobuf:"bytes,1,opt,name=node_id,json=nodeId,proto3" json:"node_id,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // NodeID is a random value which is persisted across reboots, + // but it gets reset on wipe. + NodeId string `protobuf:"bytes,1,opt,name=node_id,json=nodeId,proto3" json:"node_id,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } diff --git a/pkg/machinery/api/resource/definitions/hardware/hardware.pb.go b/pkg/machinery/api/resource/definitions/hardware/hardware.pb.go index c8f4839e4..45d29d7f3 100644 --- a/pkg/machinery/api/resource/definitions/hardware/hardware.pb.go +++ b/pkg/machinery/api/resource/definitions/hardware/hardware.pb.go @@ -340,19 +340,21 @@ func (x *PCIDriverRebindStatusSpec) GetTargetDriver() string { // ProcessorSpec represents a single processor. type ProcessorSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Socket string `protobuf:"bytes,1,opt,name=socket,proto3" json:"socket,omitempty"` - Manufacturer string `protobuf:"bytes,2,opt,name=manufacturer,proto3" json:"manufacturer,omitempty"` - ProductName string `protobuf:"bytes,3,opt,name=product_name,json=productName,proto3" json:"product_name,omitempty"` - MaxSpeed uint32 `protobuf:"varint,4,opt,name=max_speed,json=maxSpeed,proto3" json:"max_speed,omitempty"` - BootSpeed uint32 `protobuf:"varint,5,opt,name=boot_speed,json=bootSpeed,proto3" json:"boot_speed,omitempty"` - Status uint32 `protobuf:"varint,6,opt,name=status,proto3" json:"status,omitempty"` - SerialNumber string `protobuf:"bytes,7,opt,name=serial_number,json=serialNumber,proto3" json:"serial_number,omitempty"` - AssetTag string `protobuf:"bytes,8,opt,name=asset_tag,json=assetTag,proto3" json:"asset_tag,omitempty"` - PartNumber string `protobuf:"bytes,9,opt,name=part_number,json=partNumber,proto3" json:"part_number,omitempty"` - CoreCount uint32 `protobuf:"varint,10,opt,name=core_count,json=coreCount,proto3" json:"core_count,omitempty"` - CoreEnabled uint32 `protobuf:"varint,11,opt,name=core_enabled,json=coreEnabled,proto3" json:"core_enabled,omitempty"` - ThreadCount uint32 `protobuf:"varint,12,opt,name=thread_count,json=threadCount,proto3" json:"thread_count,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + Socket string `protobuf:"bytes,1,opt,name=socket,proto3" json:"socket,omitempty"` + Manufacturer string `protobuf:"bytes,2,opt,name=manufacturer,proto3" json:"manufacturer,omitempty"` + ProductName string `protobuf:"bytes,3,opt,name=product_name,json=productName,proto3" json:"product_name,omitempty"` + // MaxSpeed is in megahertz (MHz). + MaxSpeed uint32 `protobuf:"varint,4,opt,name=max_speed,json=maxSpeed,proto3" json:"max_speed,omitempty"` + // BootSpeed is in megahertz (MHz). + BootSpeed uint32 `protobuf:"varint,5,opt,name=boot_speed,json=bootSpeed,proto3" json:"boot_speed,omitempty"` + Status uint32 `protobuf:"varint,6,opt,name=status,proto3" json:"status,omitempty"` + SerialNumber string `protobuf:"bytes,7,opt,name=serial_number,json=serialNumber,proto3" json:"serial_number,omitempty"` + AssetTag string `protobuf:"bytes,8,opt,name=asset_tag,json=assetTag,proto3" json:"asset_tag,omitempty"` + PartNumber string `protobuf:"bytes,9,opt,name=part_number,json=partNumber,proto3" json:"part_number,omitempty"` + CoreCount uint32 `protobuf:"varint,10,opt,name=core_count,json=coreCount,proto3" json:"core_count,omitempty"` + CoreEnabled uint32 `protobuf:"varint,11,opt,name=core_enabled,json=coreEnabled,proto3" json:"core_enabled,omitempty"` + ThreadCount uint32 `protobuf:"varint,12,opt,name=thread_count,json=threadCount,proto3" json:"thread_count,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } diff --git a/pkg/machinery/api/resource/definitions/k8s/k8s.pb.go b/pkg/machinery/api/resource/definitions/k8s/k8s.pb.go index 73028baf0..5d70f1679 100644 --- a/pkg/machinery/api/resource/definitions/k8s/k8s.pb.go +++ b/pkg/machinery/api/resource/definitions/k8s/k8s.pb.go @@ -1419,8 +1419,11 @@ func (x *KubeletConfigSpec) GetExtraArgs() map[string]*ArgValues { // KubeletKubeconfigSpec describes the current kubelet kubeconfig file. type KubeletKubeconfigSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Hash string `protobuf:"bytes,1,opt,name=hash,proto3" json:"hash,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Hash is a content digest of the kubeconfig file. It changes whenever the + // file contents change, which is the signal consumers use to rebuild their + // Kubernetes clients. + Hash string `protobuf:"bytes,1,opt,name=hash,proto3" json:"hash,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } diff --git a/pkg/machinery/api/resource/definitions/kubespan/kubespan.pb.go b/pkg/machinery/api/resource/definitions/kubespan/kubespan.pb.go index c33148431..c27362aee 100644 --- a/pkg/machinery/api/resource/definitions/kubespan/kubespan.pb.go +++ b/pkg/machinery/api/resource/definitions/kubespan/kubespan.pb.go @@ -28,19 +28,26 @@ const ( // ConfigSpec describes KubeSpan configuration.. type ConfigSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Enabled bool `protobuf:"varint,1,opt,name=enabled,proto3" json:"enabled,omitempty"` - ClusterId string `protobuf:"bytes,2,opt,name=cluster_id,json=clusterId,proto3" json:"cluster_id,omitempty"` - SharedSecret string `protobuf:"bytes,3,opt,name=shared_secret,json=sharedSecret,proto3" json:"shared_secret,omitempty"` - ForceRouting bool `protobuf:"varint,4,opt,name=force_routing,json=forceRouting,proto3" json:"force_routing,omitempty"` - AdvertiseKubernetesNetworks bool `protobuf:"varint,5,opt,name=advertise_kubernetes_networks,json=advertiseKubernetesNetworks,proto3" json:"advertise_kubernetes_networks,omitempty"` - Mtu uint32 `protobuf:"varint,6,opt,name=mtu,proto3" json:"mtu,omitempty"` - EndpointFilters []string `protobuf:"bytes,7,rep,name=endpoint_filters,json=endpointFilters,proto3" json:"endpoint_filters,omitempty"` - HarvestExtraEndpoints bool `protobuf:"varint,8,opt,name=harvest_extra_endpoints,json=harvestExtraEndpoints,proto3" json:"harvest_extra_endpoints,omitempty"` - ExtraEndpoints []*common.NetIPPort `protobuf:"bytes,9,rep,name=extra_endpoints,json=extraEndpoints,proto3" json:"extra_endpoints,omitempty"` - ExcludeAdvertisedNetworks []*common.NetIPPrefix `protobuf:"bytes,10,rep,name=exclude_advertised_networks,json=excludeAdvertisedNetworks,proto3" json:"exclude_advertised_networks,omitempty"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache + state protoimpl.MessageState `protogen:"open.v1"` + Enabled bool `protobuf:"varint,1,opt,name=enabled,proto3" json:"enabled,omitempty"` + ClusterId string `protobuf:"bytes,2,opt,name=cluster_id,json=clusterId,proto3" json:"cluster_id,omitempty"` + SharedSecret string `protobuf:"bytes,3,opt,name=shared_secret,json=sharedSecret,proto3" json:"shared_secret,omitempty"` + // Force routing via KubeSpan even if the peer connection is not up. + ForceRouting bool `protobuf:"varint,4,opt,name=force_routing,json=forceRouting,proto3" json:"force_routing,omitempty"` + // Advertise Kubernetes pod networks or skip it completely. + AdvertiseKubernetesNetworks bool `protobuf:"varint,5,opt,name=advertise_kubernetes_networks,json=advertiseKubernetesNetworks,proto3" json:"advertise_kubernetes_networks,omitempty"` + // Force kubeSpan MTU size. + Mtu uint32 `protobuf:"varint,6,opt,name=mtu,proto3" json:"mtu,omitempty"` + // If not empty, filter advertised endpoints using the list of CIDRs. + EndpointFilters []string `protobuf:"bytes,7,rep,name=endpoint_filters,json=endpointFilters,proto3" json:"endpoint_filters,omitempty"` + // Harvest endpoints from the peer statuses. + HarvestExtraEndpoints bool `protobuf:"varint,8,opt,name=harvest_extra_endpoints,json=harvestExtraEndpoints,proto3" json:"harvest_extra_endpoints,omitempty"` + // Extra endpoints to announce. + ExtraEndpoints []*common.NetIPPort `protobuf:"bytes,9,rep,name=extra_endpoints,json=extraEndpoints,proto3" json:"extra_endpoints,omitempty"` + // If not empty, filter advertised networks using the list of CIDRs. + ExcludeAdvertisedNetworks []*common.NetIPPrefix `protobuf:"bytes,10,rep,name=exclude_advertised_networks,json=excludeAdvertisedNetworks,proto3" json:"exclude_advertised_networks,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache } func (x *ConfigSpec) Reset() { @@ -201,11 +208,13 @@ func (x *EndpointSpec) GetEndpoint() *common.NetIPPort { // Note: IdentitySpec is persisted on disk in the STATE partition, // so YAML serialization should be kept backwards compatible. type IdentitySpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Address *common.NetIPPrefix `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"` - Subnet *common.NetIPPrefix `protobuf:"bytes,2,opt,name=subnet,proto3" json:"subnet,omitempty"` - PrivateKey string `protobuf:"bytes,3,opt,name=private_key,json=privateKey,proto3" json:"private_key,omitempty"` - PublicKey string `protobuf:"bytes,4,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Address of the node on the Wireguard network. + Address *common.NetIPPrefix `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"` + Subnet *common.NetIPPrefix `protobuf:"bytes,2,opt,name=subnet,proto3" json:"subnet,omitempty"` + // Public and private Wireguard keys. + PrivateKey string `protobuf:"bytes,3,opt,name=private_key,json=privateKey,proto3" json:"private_key,omitempty"` + PublicKey string `protobuf:"bytes,4,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -339,15 +348,21 @@ func (x *PeerSpecSpec) GetLabel() string { // PeerStatusSpec describes PeerStatus state. type PeerStatusSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Endpoint *common.NetIPPort `protobuf:"bytes,1,opt,name=endpoint,proto3" json:"endpoint,omitempty"` - Label string `protobuf:"bytes,2,opt,name=label,proto3" json:"label,omitempty"` - State enums.KubespanPeerState `protobuf:"varint,3,opt,name=state,proto3,enum=talos.resource.definitions.enums.KubespanPeerState" json:"state,omitempty"` - ReceiveBytes int64 `protobuf:"varint,4,opt,name=receive_bytes,json=receiveBytes,proto3" json:"receive_bytes,omitempty"` - TransmitBytes int64 `protobuf:"varint,5,opt,name=transmit_bytes,json=transmitBytes,proto3" json:"transmit_bytes,omitempty"` - LastHandshakeTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=last_handshake_time,json=lastHandshakeTime,proto3" json:"last_handshake_time,omitempty"` - LastUsedEndpoint *common.NetIPPort `protobuf:"bytes,7,opt,name=last_used_endpoint,json=lastUsedEndpoint,proto3" json:"last_used_endpoint,omitempty"` - LastEndpointChange *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=last_endpoint_change,json=lastEndpointChange,proto3" json:"last_endpoint_change,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Active endpoint as seen by the Wireguard. + Endpoint *common.NetIPPort `protobuf:"bytes,1,opt,name=endpoint,proto3" json:"endpoint,omitempty"` + // Label derived from the peer spec. + Label string `protobuf:"bytes,2,opt,name=label,proto3" json:"label,omitempty"` + // Calculated state. + State enums.KubespanPeerState `protobuf:"varint,3,opt,name=state,proto3,enum=talos.resource.definitions.enums.KubespanPeerState" json:"state,omitempty"` + // Tx/Rx bytes. + ReceiveBytes int64 `protobuf:"varint,4,opt,name=receive_bytes,json=receiveBytes,proto3" json:"receive_bytes,omitempty"` + TransmitBytes int64 `protobuf:"varint,5,opt,name=transmit_bytes,json=transmitBytes,proto3" json:"transmit_bytes,omitempty"` + // Handshake. + LastHandshakeTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=last_handshake_time,json=lastHandshakeTime,proto3" json:"last_handshake_time,omitempty"` + // Endpoint selection input. + LastUsedEndpoint *common.NetIPPort `protobuf:"bytes,7,opt,name=last_used_endpoint,json=lastUsedEndpoint,proto3" json:"last_used_endpoint,omitempty"` + LastEndpointChange *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=last_endpoint_change,json=lastEndpointChange,proto3" json:"last_endpoint_change,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } diff --git a/pkg/machinery/api/resource/definitions/network/network.pb.go b/pkg/machinery/api/resource/definitions/network/network.pb.go index fb8f16df9..5c53d3731 100644 --- a/pkg/machinery/api/resource/definitions/network/network.pb.go +++ b/pkg/machinery/api/resource/definitions/network/network.pb.go @@ -255,37 +255,70 @@ func (x *AddressStatusSpec) GetPriority() uint32 { // BondMasterSpec describes bond settings if Kind == "bond". type BondMasterSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Mode enums.NethelpersBondMode `protobuf:"varint,1,opt,name=mode,proto3,enum=talos.resource.definitions.enums.NethelpersBondMode" json:"mode,omitempty"` - HashPolicy enums.NethelpersBondXmitHashPolicy `protobuf:"varint,2,opt,name=hash_policy,json=hashPolicy,proto3,enum=talos.resource.definitions.enums.NethelpersBondXmitHashPolicy" json:"hash_policy,omitempty"` - LacpRate enums.NethelpersLACPRate `protobuf:"varint,3,opt,name=lacp_rate,json=lacpRate,proto3,enum=talos.resource.definitions.enums.NethelpersLACPRate" json:"lacp_rate,omitempty"` - ArpValidate enums.NethelpersARPValidate `protobuf:"varint,4,opt,name=arp_validate,json=arpValidate,proto3,enum=talos.resource.definitions.enums.NethelpersARPValidate" json:"arp_validate,omitempty"` - ArpAllTargets enums.NethelpersARPAllTargets `protobuf:"varint,5,opt,name=arp_all_targets,json=arpAllTargets,proto3,enum=talos.resource.definitions.enums.NethelpersARPAllTargets" json:"arp_all_targets,omitempty"` - PrimaryIndex uint32 `protobuf:"varint,6,opt,name=primary_index,json=primaryIndex,proto3" json:"primary_index,omitempty"` - PrimaryReselect enums.NethelpersPrimaryReselect `protobuf:"varint,7,opt,name=primary_reselect,json=primaryReselect,proto3,enum=talos.resource.definitions.enums.NethelpersPrimaryReselect" json:"primary_reselect,omitempty"` - FailOverMac enums.NethelpersFailOverMAC `protobuf:"varint,8,opt,name=fail_over_mac,json=failOverMac,proto3,enum=talos.resource.definitions.enums.NethelpersFailOverMAC" json:"fail_over_mac,omitempty"` - AdSelect enums.NethelpersADSelect `protobuf:"varint,9,opt,name=ad_select,json=adSelect,proto3,enum=talos.resource.definitions.enums.NethelpersADSelect" json:"ad_select,omitempty"` - MiiMon uint32 `protobuf:"varint,10,opt,name=mii_mon,json=miiMon,proto3" json:"mii_mon,omitempty"` - UpDelay uint32 `protobuf:"varint,11,opt,name=up_delay,json=upDelay,proto3" json:"up_delay,omitempty"` - DownDelay uint32 `protobuf:"varint,12,opt,name=down_delay,json=downDelay,proto3" json:"down_delay,omitempty"` - ArpInterval uint32 `protobuf:"varint,13,opt,name=arp_interval,json=arpInterval,proto3" json:"arp_interval,omitempty"` - ResendIgmp uint32 `protobuf:"varint,14,opt,name=resend_igmp,json=resendIgmp,proto3" json:"resend_igmp,omitempty"` - MinLinks uint32 `protobuf:"varint,15,opt,name=min_links,json=minLinks,proto3" json:"min_links,omitempty"` - LpInterval uint32 `protobuf:"varint,16,opt,name=lp_interval,json=lpInterval,proto3" json:"lp_interval,omitempty"` - PacketsPerSlave uint32 `protobuf:"varint,17,opt,name=packets_per_slave,json=packetsPerSlave,proto3" json:"packets_per_slave,omitempty"` - NumPeerNotif uint32 `protobuf:"varint,18,opt,name=num_peer_notif,json=numPeerNotif,proto3" json:"num_peer_notif,omitempty"` - TlbDynamicLb uint32 `protobuf:"varint,19,opt,name=tlb_dynamic_lb,json=tlbDynamicLb,proto3" json:"tlb_dynamic_lb,omitempty"` - AllSlavesActive uint32 `protobuf:"varint,20,opt,name=all_slaves_active,json=allSlavesActive,proto3" json:"all_slaves_active,omitempty"` - UseCarrier bool `protobuf:"varint,21,opt,name=use_carrier,json=useCarrier,proto3" json:"use_carrier,omitempty"` - AdActorSysPrio uint32 `protobuf:"varint,22,opt,name=ad_actor_sys_prio,json=adActorSysPrio,proto3" json:"ad_actor_sys_prio,omitempty"` - AdUserPortKey uint32 `protobuf:"varint,23,opt,name=ad_user_port_key,json=adUserPortKey,proto3" json:"ad_user_port_key,omitempty"` - PeerNotifyDelay uint32 `protobuf:"varint,24,opt,name=peer_notify_delay,json=peerNotifyDelay,proto3" json:"peer_notify_delay,omitempty"` - ArpipTargets []*common.NetIP `protobuf:"bytes,25,rep,name=arpip_targets,json=arpipTargets,proto3" json:"arpip_targets,omitempty"` - Nsip6Targets []*common.NetIP `protobuf:"bytes,26,rep,name=nsip6_targets,json=nsip6Targets,proto3" json:"nsip6_targets,omitempty"` - AdlacpActive enums.NethelpersADLACPActive `protobuf:"varint,27,opt,name=adlacp_active,json=adlacpActive,proto3,enum=talos.resource.definitions.enums.NethelpersADLACPActive" json:"adlacp_active,omitempty"` - MissedMax uint32 `protobuf:"varint,28,opt,name=missed_max,json=missedMax,proto3" json:"missed_max,omitempty"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache + state protoimpl.MessageState `protogen:"open.v1"` + // Mode specifies the bonding policy + Mode enums.NethelpersBondMode `protobuf:"varint,1,opt,name=mode,proto3,enum=talos.resource.definitions.enums.NethelpersBondMode" json:"mode,omitempty"` + // HashPolicy selects the transmit hash policy to use for slave selection. + HashPolicy enums.NethelpersBondXmitHashPolicy `protobuf:"varint,2,opt,name=hash_policy,json=hashPolicy,proto3,enum=talos.resource.definitions.enums.NethelpersBondXmitHashPolicy" json:"hash_policy,omitempty"` + // LACPRate specifies the rate at which LACPDU frames are sent. + LacpRate enums.NethelpersLACPRate `protobuf:"varint,3,opt,name=lacp_rate,json=lacpRate,proto3,enum=talos.resource.definitions.enums.NethelpersLACPRate" json:"lacp_rate,omitempty"` + // ARPValidate specifies whether or not ARP probes and replies should be validated. + ArpValidate enums.NethelpersARPValidate `protobuf:"varint,4,opt,name=arp_validate,json=arpValidate,proto3,enum=talos.resource.definitions.enums.NethelpersARPValidate" json:"arp_validate,omitempty"` + // ARPAllTargets specifies whether ARP probes should be sent to any or all targets. + ArpAllTargets enums.NethelpersARPAllTargets `protobuf:"varint,5,opt,name=arp_all_targets,json=arpAllTargets,proto3,enum=talos.resource.definitions.enums.NethelpersARPAllTargets" json:"arp_all_targets,omitempty"` + // PrimaryIndex is a device index specifying which slave is the primary device. + PrimaryIndex uint32 `protobuf:"varint,6,opt,name=primary_index,json=primaryIndex,proto3" json:"primary_index,omitempty"` + // PrimaryReselect specifies the policy under which the primary slave should be reselected. + PrimaryReselect enums.NethelpersPrimaryReselect `protobuf:"varint,7,opt,name=primary_reselect,json=primaryReselect,proto3,enum=talos.resource.definitions.enums.NethelpersPrimaryReselect" json:"primary_reselect,omitempty"` + // FailOverMac whether active-backup mode should set all slaves to the same MAC address at enslavement, when enabled, or perform special handling. + FailOverMac enums.NethelpersFailOverMAC `protobuf:"varint,8,opt,name=fail_over_mac,json=failOverMac,proto3,enum=talos.resource.definitions.enums.NethelpersFailOverMAC" json:"fail_over_mac,omitempty"` + // ADSelect specifies the aggregate selection policy for 802.3ad. + AdSelect enums.NethelpersADSelect `protobuf:"varint,9,opt,name=ad_select,json=adSelect,proto3,enum=talos.resource.definitions.enums.NethelpersADSelect" json:"ad_select,omitempty"` + // MIIMon is the link monitoring frequency in milliseconds. + MiiMon uint32 `protobuf:"varint,10,opt,name=mii_mon,json=miiMon,proto3" json:"mii_mon,omitempty"` + // UpDelay is the time, in milliseconds, to wait before enabling a slave after a link recovery has been detected. + UpDelay uint32 `protobuf:"varint,11,opt,name=up_delay,json=upDelay,proto3" json:"up_delay,omitempty"` + // DownDelay is the time, in milliseconds, to wait before disabling a slave after a link failure has been detected. + DownDelay uint32 `protobuf:"varint,12,opt,name=down_delay,json=downDelay,proto3" json:"down_delay,omitempty"` + // ARPInterval is the ARP link monitoring frequency in milliseconds. + ArpInterval uint32 `protobuf:"varint,13,opt,name=arp_interval,json=arpInterval,proto3" json:"arp_interval,omitempty"` + // ResendIGMP specifies the number of times IGMP packets should be resent. + ResendIgmp uint32 `protobuf:"varint,14,opt,name=resend_igmp,json=resendIgmp,proto3" json:"resend_igmp,omitempty"` + // MinLinks specifies the minimum number of active links to assert carrier. + MinLinks uint32 `protobuf:"varint,15,opt,name=min_links,json=minLinks,proto3" json:"min_links,omitempty"` + // LPInterval specifies the number of seconds between instances where the bonding driver sends learning packets to each slave's peer switch. + LpInterval uint32 `protobuf:"varint,16,opt,name=lp_interval,json=lpInterval,proto3" json:"lp_interval,omitempty"` + // PacketsPerSlave specifies the number of packets to transmit through a slave before moving to the next one. + PacketsPerSlave uint32 `protobuf:"varint,17,opt,name=packets_per_slave,json=packetsPerSlave,proto3" json:"packets_per_slave,omitempty"` + // NumPeerNotif specifies the number of peer notifications + // (gratuitous ARPs and unsolicited IPv6 Neighbor Advertisements) to be issued after a failover event. + NumPeerNotif uint32 `protobuf:"varint,18,opt,name=num_peer_notif,json=numPeerNotif,proto3" json:"num_peer_notif,omitempty"` + // TLBDynamicLB specifies if dynamic shuffling of flows is enabled in tlb or alb mode. + TlbDynamicLb uint32 `protobuf:"varint,19,opt,name=tlb_dynamic_lb,json=tlbDynamicLb,proto3" json:"tlb_dynamic_lb,omitempty"` + // AllSlavesActive specifies that duplicate frames (received on inactive ports) should be dropped (0) or delivered (1). + AllSlavesActive uint32 `protobuf:"varint,20,opt,name=all_slaves_active,json=allSlavesActive,proto3" json:"all_slaves_active,omitempty"` + // UseCarrier specifies whether or not miimon should use MII or ETHTOOL. + UseCarrier bool `protobuf:"varint,21,opt,name=use_carrier,json=useCarrier,proto3" json:"use_carrier,omitempty"` + // ADActorSysPrio is the actor system priority for 802.3ad. + AdActorSysPrio uint32 `protobuf:"varint,22,opt,name=ad_actor_sys_prio,json=adActorSysPrio,proto3" json:"ad_actor_sys_prio,omitempty"` + // ADUserPortKey is the user port key (upper 10 bits) for 802.3ad. + AdUserPortKey uint32 `protobuf:"varint,23,opt,name=ad_user_port_key,json=adUserPortKey,proto3" json:"ad_user_port_key,omitempty"` + // PeerNotifyDelay is the delay, in milliseconds, between each peer notification. + PeerNotifyDelay uint32 `protobuf:"varint,24,opt,name=peer_notify_delay,json=peerNotifyDelay,proto3" json:"peer_notify_delay,omitempty"` + // ARPIPTargets is the list of IP addresses to use for ARP link monitoring when ARPInterval is set. + // + // Maximum of 16 targets are supported. + ArpipTargets []*common.NetIP `protobuf:"bytes,25,rep,name=arpip_targets,json=arpipTargets,proto3" json:"arpip_targets,omitempty"` + // NSIP6Targets is the list of IPv6 addresses to use for NS link monitoring when ARPInterval is set. + // + // Maximum of 16 targets are supported. + Nsip6Targets []*common.NetIP `protobuf:"bytes,26,rep,name=nsip6_targets,json=nsip6Targets,proto3" json:"nsip6_targets,omitempty"` + // ADLACPActive specifies whether to send LACPDU frames periodically. + AdlacpActive enums.NethelpersADLACPActive `protobuf:"varint,27,opt,name=adlacp_active,json=adlacpActive,proto3,enum=talos.resource.definitions.enums.NethelpersADLACPActive" json:"adlacp_active,omitempty"` + // MissedMax is the number of arp_interval monitor checks that must fail in order for an interface to be marked down by the ARP monitor. + MissedMax uint32 `protobuf:"varint,28,opt,name=missed_max,json=missedMax,proto3" json:"missed_max,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache } func (x *BondMasterSpec) Reset() { @@ -516,9 +549,11 @@ func (x *BondMasterSpec) GetMissedMax() uint32 { // BondSlave contains a bond's master name and slave index. type BondSlave struct { - state protoimpl.MessageState `protogen:"open.v1"` - MasterName string `protobuf:"bytes,1,opt,name=master_name,json=masterName,proto3" json:"master_name,omitempty"` - SlaveIndex int64 `protobuf:"varint,2,opt,name=slave_index,json=slaveIndex,proto3" json:"slave_index,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // MasterName indicates master link for enslaved bonded interfaces. + MasterName string `protobuf:"bytes,1,opt,name=master_name,json=masterName,proto3" json:"master_name,omitempty"` + // SlaveIndex indicates a slave's position in bond. + SlaveIndex int64 `protobuf:"varint,2,opt,name=slave_index,json=slaveIndex,proto3" json:"slave_index,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -622,8 +657,9 @@ func (x *BridgeMasterSpec) GetVlan() *BridgeVLANSpec { // BridgeSlave contains the name of the master bridge of a bridged interface type BridgeSlave struct { - state protoimpl.MessageState `protogen:"open.v1"` - MasterName string `protobuf:"bytes,1,opt,name=master_name,json=masterName,proto3" json:"master_name,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // MasterName indicates master link for enslaved bridged interfaces. + MasterName string `protobuf:"bytes,1,opt,name=master_name,json=masterName,proto3" json:"master_name,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -1001,15 +1037,17 @@ func (x *EthernetChannelsSpec) GetCombined() uint32 { // EthernetChannelsStatus describes status of Ethernet channels. type EthernetChannelsStatus struct { - state protoimpl.MessageState `protogen:"open.v1"` - RxMax uint32 `protobuf:"varint,1,opt,name=rx_max,json=rxMax,proto3" json:"rx_max,omitempty"` - TxMax uint32 `protobuf:"varint,2,opt,name=tx_max,json=txMax,proto3" json:"tx_max,omitempty"` - OtherMax uint32 `protobuf:"varint,3,opt,name=other_max,json=otherMax,proto3" json:"other_max,omitempty"` - CombinedMax uint32 `protobuf:"varint,4,opt,name=combined_max,json=combinedMax,proto3" json:"combined_max,omitempty"` - Rx uint32 `protobuf:"varint,5,opt,name=rx,proto3" json:"rx,omitempty"` - Tx uint32 `protobuf:"varint,6,opt,name=tx,proto3" json:"tx,omitempty"` - Other uint32 `protobuf:"varint,7,opt,name=other,proto3" json:"other,omitempty"` - Combined uint32 `protobuf:"varint,8,opt,name=combined,proto3" json:"combined,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Read-only settings. + RxMax uint32 `protobuf:"varint,1,opt,name=rx_max,json=rxMax,proto3" json:"rx_max,omitempty"` + TxMax uint32 `protobuf:"varint,2,opt,name=tx_max,json=txMax,proto3" json:"tx_max,omitempty"` + OtherMax uint32 `protobuf:"varint,3,opt,name=other_max,json=otherMax,proto3" json:"other_max,omitempty"` + CombinedMax uint32 `protobuf:"varint,4,opt,name=combined_max,json=combinedMax,proto3" json:"combined_max,omitempty"` + // Current settings (read-write). + Rx uint32 `protobuf:"varint,5,opt,name=rx,proto3" json:"rx,omitempty"` + Tx uint32 `protobuf:"varint,6,opt,name=tx,proto3" json:"tx,omitempty"` + Other uint32 `protobuf:"varint,7,opt,name=other,proto3" json:"other,omitempty"` + Combined uint32 `protobuf:"varint,8,opt,name=combined,proto3" json:"combined,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -1272,24 +1310,26 @@ func (x *EthernetRingsSpec) GetTcpDataSplit() bool { // EthernetRingsStatus describes status of Ethernet rings. type EthernetRingsStatus struct { - state protoimpl.MessageState `protogen:"open.v1"` - RxMax uint32 `protobuf:"varint,1,opt,name=rx_max,json=rxMax,proto3" json:"rx_max,omitempty"` - RxMiniMax uint32 `protobuf:"varint,2,opt,name=rx_mini_max,json=rxMiniMax,proto3" json:"rx_mini_max,omitempty"` - RxJumboMax uint32 `protobuf:"varint,3,opt,name=rx_jumbo_max,json=rxJumboMax,proto3" json:"rx_jumbo_max,omitempty"` - TxMax uint32 `protobuf:"varint,4,opt,name=tx_max,json=txMax,proto3" json:"tx_max,omitempty"` - TxPushBufLenMax uint32 `protobuf:"varint,5,opt,name=tx_push_buf_len_max,json=txPushBufLenMax,proto3" json:"tx_push_buf_len_max,omitempty"` - Rx uint32 `protobuf:"varint,6,opt,name=rx,proto3" json:"rx,omitempty"` - RxMini uint32 `protobuf:"varint,7,opt,name=rx_mini,json=rxMini,proto3" json:"rx_mini,omitempty"` - RxJumbo uint32 `protobuf:"varint,8,opt,name=rx_jumbo,json=rxJumbo,proto3" json:"rx_jumbo,omitempty"` - Tx uint32 `protobuf:"varint,9,opt,name=tx,proto3" json:"tx,omitempty"` - RxBufLen uint32 `protobuf:"varint,10,opt,name=rx_buf_len,json=rxBufLen,proto3" json:"rx_buf_len,omitempty"` - CqeSize uint32 `protobuf:"varint,11,opt,name=cqe_size,json=cqeSize,proto3" json:"cqe_size,omitempty"` - TxPush bool `protobuf:"varint,12,opt,name=tx_push,json=txPush,proto3" json:"tx_push,omitempty"` - RxPush bool `protobuf:"varint,13,opt,name=rx_push,json=rxPush,proto3" json:"rx_push,omitempty"` - TxPushBufLen uint32 `protobuf:"varint,14,opt,name=tx_push_buf_len,json=txPushBufLen,proto3" json:"tx_push_buf_len,omitempty"` - TcpDataSplit bool `protobuf:"varint,15,opt,name=tcp_data_split,json=tcpDataSplit,proto3" json:"tcp_data_split,omitempty"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache + state protoimpl.MessageState `protogen:"open.v1"` + // Read-only settings. + RxMax uint32 `protobuf:"varint,1,opt,name=rx_max,json=rxMax,proto3" json:"rx_max,omitempty"` + RxMiniMax uint32 `protobuf:"varint,2,opt,name=rx_mini_max,json=rxMiniMax,proto3" json:"rx_mini_max,omitempty"` + RxJumboMax uint32 `protobuf:"varint,3,opt,name=rx_jumbo_max,json=rxJumboMax,proto3" json:"rx_jumbo_max,omitempty"` + TxMax uint32 `protobuf:"varint,4,opt,name=tx_max,json=txMax,proto3" json:"tx_max,omitempty"` + TxPushBufLenMax uint32 `protobuf:"varint,5,opt,name=tx_push_buf_len_max,json=txPushBufLenMax,proto3" json:"tx_push_buf_len_max,omitempty"` + // Current settings (read-write). + Rx uint32 `protobuf:"varint,6,opt,name=rx,proto3" json:"rx,omitempty"` + RxMini uint32 `protobuf:"varint,7,opt,name=rx_mini,json=rxMini,proto3" json:"rx_mini,omitempty"` + RxJumbo uint32 `protobuf:"varint,8,opt,name=rx_jumbo,json=rxJumbo,proto3" json:"rx_jumbo,omitempty"` + Tx uint32 `protobuf:"varint,9,opt,name=tx,proto3" json:"tx,omitempty"` + RxBufLen uint32 `protobuf:"varint,10,opt,name=rx_buf_len,json=rxBufLen,proto3" json:"rx_buf_len,omitempty"` + CqeSize uint32 `protobuf:"varint,11,opt,name=cqe_size,json=cqeSize,proto3" json:"cqe_size,omitempty"` + TxPush bool `protobuf:"varint,12,opt,name=tx_push,json=txPush,proto3" json:"tx_push,omitempty"` + RxPush bool `protobuf:"varint,13,opt,name=rx_push,json=rxPush,proto3" json:"rx_push,omitempty"` + TxPushBufLen uint32 `protobuf:"varint,14,opt,name=tx_push_buf_len,json=txPushBufLen,proto3" json:"tx_push_buf_len,omitempty"` + TcpDataSplit bool `protobuf:"varint,15,opt,name=tcp_data_split,json=tcpDataSplit,proto3" json:"tcp_data_split,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache } func (x *EthernetRingsStatus) Reset() { @@ -1615,9 +1655,11 @@ func (x *EthernetStatusSpec) GetWakeOnLan() []enums.NethelpersWOLMode { // HardwareAddrSpec describes spec for the link. type HardwareAddrSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - HardwareAddr []byte `protobuf:"bytes,2,opt,name=hardware_addr,json=hardwareAddr,proto3" json:"hardware_addr,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Name defines link name + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // Hardware address + HardwareAddr []byte `protobuf:"bytes,2,opt,name=hardware_addr,json=hardwareAddr,proto3" json:"hardware_addr,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -1941,27 +1983,42 @@ func (x *LinkRefreshSpec) GetGeneration() int64 { // LinkSpecSpec describes spec for the link. type LinkSpecSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - Logical bool `protobuf:"varint,2,opt,name=logical,proto3" json:"logical,omitempty"` - Up bool `protobuf:"varint,3,opt,name=up,proto3" json:"up,omitempty"` - Mtu uint32 `protobuf:"varint,4,opt,name=mtu,proto3" json:"mtu,omitempty"` - Kind string `protobuf:"bytes,5,opt,name=kind,proto3" json:"kind,omitempty"` - Type enums.NethelpersLinkType `protobuf:"varint,6,opt,name=type,proto3,enum=talos.resource.definitions.enums.NethelpersLinkType" json:"type,omitempty"` - ParentName string `protobuf:"bytes,7,opt,name=parent_name,json=parentName,proto3" json:"parent_name,omitempty"` - BondSlave *BondSlave `protobuf:"bytes,8,opt,name=bond_slave,json=bondSlave,proto3" json:"bond_slave,omitempty"` - BridgeSlave *BridgeSlave `protobuf:"bytes,9,opt,name=bridge_slave,json=bridgeSlave,proto3" json:"bridge_slave,omitempty"` - Vlan *VLANSpec `protobuf:"bytes,10,opt,name=vlan,proto3" json:"vlan,omitempty"` - BondMaster *BondMasterSpec `protobuf:"bytes,11,opt,name=bond_master,json=bondMaster,proto3" json:"bond_master,omitempty"` - BridgeMaster *BridgeMasterSpec `protobuf:"bytes,12,opt,name=bridge_master,json=bridgeMaster,proto3" json:"bridge_master,omitempty"` - Wireguard *WireguardSpec `protobuf:"bytes,13,opt,name=wireguard,proto3" json:"wireguard,omitempty"` - ConfigLayer enums.NetworkConfigLayer `protobuf:"varint,14,opt,name=config_layer,json=configLayer,proto3,enum=talos.resource.definitions.enums.NetworkConfigLayer" json:"config_layer,omitempty"` - HardwareAddress []byte `protobuf:"bytes,15,opt,name=hardware_address,json=hardwareAddress,proto3" json:"hardware_address,omitempty"` - Multicast bool `protobuf:"varint,16,opt,name=multicast,proto3" json:"multicast,omitempty"` - VrfMaster *VRFMasterSpec `protobuf:"bytes,17,opt,name=vrf_master,json=vrfMaster,proto3" json:"vrf_master,omitempty"` - VrfSlave *VRFSlave `protobuf:"bytes,18,opt,name=vrf_slave,json=vrfSlave,proto3" json:"vrf_slave,omitempty"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache + state protoimpl.MessageState `protogen:"open.v1"` + // Name defines link name + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // Logical describes if the interface should be created on the fly if it doesn't exist. + Logical bool `protobuf:"varint,2,opt,name=logical,proto3" json:"logical,omitempty"` + // If Up is true, bring interface up, otherwise bring interface down. + // + // TODO: make *bool ? + Up bool `protobuf:"varint,3,opt,name=up,proto3" json:"up,omitempty"` + // Interface MTU (always applies). + Mtu uint32 `protobuf:"varint,4,opt,name=mtu,proto3" json:"mtu,omitempty"` + // Kind and Type are only required for Logical interfaces. + Kind string `protobuf:"bytes,5,opt,name=kind,proto3" json:"kind,omitempty"` + Type enums.NethelpersLinkType `protobuf:"varint,6,opt,name=type,proto3,enum=talos.resource.definitions.enums.NethelpersLinkType" json:"type,omitempty"` + // ParentName indicates link parent for VLAN interfaces. + ParentName string `protobuf:"bytes,7,opt,name=parent_name,json=parentName,proto3" json:"parent_name,omitempty"` + // BondSlave contains bond slave configuration for interfaces enslaved to a bond. + BondSlave *BondSlave `protobuf:"bytes,8,opt,name=bond_slave,json=bondSlave,proto3" json:"bond_slave,omitempty"` + // BridgeSlave carries bridge slave details for bridged interfaces. + BridgeSlave *BridgeSlave `protobuf:"bytes,9,opt,name=bridge_slave,json=bridgeSlave,proto3" json:"bridge_slave,omitempty"` + // These structures are present depending on "Kind" for Logical interfaces. + Vlan *VLANSpec `protobuf:"bytes,10,opt,name=vlan,proto3" json:"vlan,omitempty"` + BondMaster *BondMasterSpec `protobuf:"bytes,11,opt,name=bond_master,json=bondMaster,proto3" json:"bond_master,omitempty"` + BridgeMaster *BridgeMasterSpec `protobuf:"bytes,12,opt,name=bridge_master,json=bridgeMaster,proto3" json:"bridge_master,omitempty"` + Wireguard *WireguardSpec `protobuf:"bytes,13,opt,name=wireguard,proto3" json:"wireguard,omitempty"` + // Configuration layer. + ConfigLayer enums.NetworkConfigLayer `protobuf:"varint,14,opt,name=config_layer,json=configLayer,proto3,enum=talos.resource.definitions.enums.NetworkConfigLayer" json:"config_layer,omitempty"` + // Override hardware (MAC) address (if supported). + HardwareAddress []byte `protobuf:"bytes,15,opt,name=hardware_address,json=hardwareAddress,proto3" json:"hardware_address,omitempty"` + // Multicast indicates whether the multicast flag should be set on the interface to the value. + Multicast bool `protobuf:"varint,16,opt,name=multicast,proto3" json:"multicast,omitempty"` + VrfMaster *VRFMasterSpec `protobuf:"bytes,17,opt,name=vrf_master,json=vrfMaster,proto3" json:"vrf_master,omitempty"` + // VRFSlave carries VRF slave details for interfaces in a VRF. + VrfSlave *VRFSlave `protobuf:"bytes,18,opt,name=vrf_slave,json=vrfSlave,proto3" json:"vrf_slave,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache } func (x *LinkSpecSpec) Reset() { @@ -2144,20 +2201,23 @@ type LinkStatusSpec struct { VendorId string `protobuf:"bytes,19,opt,name=vendor_id,json=vendorId,proto3" json:"vendor_id,omitempty"` Product string `protobuf:"bytes,20,opt,name=product,proto3" json:"product,omitempty"` Vendor string `protobuf:"bytes,21,opt,name=vendor,proto3" json:"vendor,omitempty"` - LinkState bool `protobuf:"varint,22,opt,name=link_state,json=linkState,proto3" json:"link_state,omitempty"` - SpeedMegabits int64 `protobuf:"varint,23,opt,name=speed_megabits,json=speedMegabits,proto3" json:"speed_megabits,omitempty"` - Port enums.NethelpersPort `protobuf:"varint,24,opt,name=port,proto3,enum=talos.resource.definitions.enums.NethelpersPort" json:"port,omitempty"` - Duplex enums.NethelpersDuplex `protobuf:"varint,25,opt,name=duplex,proto3,enum=talos.resource.definitions.enums.NethelpersDuplex" json:"duplex,omitempty"` - Vlan *VLANSpec `protobuf:"bytes,26,opt,name=vlan,proto3" json:"vlan,omitempty"` - BridgeMaster *BridgeMasterSpec `protobuf:"bytes,27,opt,name=bridge_master,json=bridgeMaster,proto3" json:"bridge_master,omitempty"` - BondMaster *BondMasterSpec `protobuf:"bytes,28,opt,name=bond_master,json=bondMaster,proto3" json:"bond_master,omitempty"` - Wireguard *WireguardSpec `protobuf:"bytes,29,opt,name=wireguard,proto3" json:"wireguard,omitempty"` - PermanentAddr []byte `protobuf:"bytes,30,opt,name=permanent_addr,json=permanentAddr,proto3" json:"permanent_addr,omitempty"` - Alias string `protobuf:"bytes,31,opt,name=alias,proto3" json:"alias,omitempty"` - AltNames []string `protobuf:"bytes,32,rep,name=alt_names,json=altNames,proto3" json:"alt_names,omitempty"` - VrfMaster *VRFMasterSpec `protobuf:"bytes,33,opt,name=vrf_master,json=vrfMaster,proto3" json:"vrf_master,omitempty"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache + // Fields coming from ethtool API. + LinkState bool `protobuf:"varint,22,opt,name=link_state,json=linkState,proto3" json:"link_state,omitempty"` + SpeedMegabits int64 `protobuf:"varint,23,opt,name=speed_megabits,json=speedMegabits,proto3" json:"speed_megabits,omitempty"` + Port enums.NethelpersPort `protobuf:"varint,24,opt,name=port,proto3,enum=talos.resource.definitions.enums.NethelpersPort" json:"port,omitempty"` + Duplex enums.NethelpersDuplex `protobuf:"varint,25,opt,name=duplex,proto3,enum=talos.resource.definitions.enums.NethelpersDuplex" json:"duplex,omitempty"` + // Following fields are only populated with respective Kind. + Vlan *VLANSpec `protobuf:"bytes,26,opt,name=vlan,proto3" json:"vlan,omitempty"` + BridgeMaster *BridgeMasterSpec `protobuf:"bytes,27,opt,name=bridge_master,json=bridgeMaster,proto3" json:"bridge_master,omitempty"` + BondMaster *BondMasterSpec `protobuf:"bytes,28,opt,name=bond_master,json=bondMaster,proto3" json:"bond_master,omitempty"` + Wireguard *WireguardSpec `protobuf:"bytes,29,opt,name=wireguard,proto3" json:"wireguard,omitempty"` + PermanentAddr []byte `protobuf:"bytes,30,opt,name=permanent_addr,json=permanentAddr,proto3" json:"permanent_addr,omitempty"` + // Fields coming from rtnetlink API. + Alias string `protobuf:"bytes,31,opt,name=alias,proto3" json:"alias,omitempty"` + AltNames []string `protobuf:"bytes,32,rep,name=alt_names,json=altNames,proto3" json:"alt_names,omitempty"` + VrfMaster *VRFMasterSpec `protobuf:"bytes,33,opt,name=vrf_master,json=vrfMaster,proto3" json:"vrf_master,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache } func (x *LinkStatusSpec) Reset() { @@ -3112,9 +3172,11 @@ func (x *NfTablesRule) GetAnonCounter() bool { // NodeAddressFilterSpec describes a filter for NodeAddresses. type NodeAddressFilterSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - IncludeSubnets []*common.NetIPPrefix `protobuf:"bytes,1,rep,name=include_subnets,json=includeSubnets,proto3" json:"include_subnets,omitempty"` - ExcludeSubnets []*common.NetIPPrefix `protobuf:"bytes,2,rep,name=exclude_subnets,json=excludeSubnets,proto3" json:"exclude_subnets,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Address is skipped if it doesn't match any of the includeSubnets (if includeSubnets is not empty). + IncludeSubnets []*common.NetIPPrefix `protobuf:"bytes,1,rep,name=include_subnets,json=includeSubnets,proto3" json:"include_subnets,omitempty"` + // Address is skipped if it matches any of the excludeSubnets. + ExcludeSubnets []*common.NetIPPrefix `protobuf:"bytes,2,rep,name=exclude_subnets,json=excludeSubnets,proto3" json:"exclude_subnets,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -3531,13 +3593,17 @@ func (x *PortRange) GetHi() uint32 { // ProbeSpecSpec describes the Probe. type ProbeSpecSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Interval *durationpb.Duration `protobuf:"bytes,1,opt,name=interval,proto3" json:"interval,omitempty"` - FailureThreshold int64 `protobuf:"varint,2,opt,name=failure_threshold,json=failureThreshold,proto3" json:"failure_threshold,omitempty"` - Tcp *TCPProbeSpec `protobuf:"bytes,3,opt,name=tcp,proto3" json:"tcp,omitempty"` - ConfigLayer enums.NetworkConfigLayer `protobuf:"varint,4,opt,name=config_layer,json=configLayer,proto3,enum=talos.resource.definitions.enums.NetworkConfigLayer" json:"config_layer,omitempty"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache + state protoimpl.MessageState `protogen:"open.v1"` + // Interval between the probes. + Interval *durationpb.Duration `protobuf:"bytes,1,opt,name=interval,proto3" json:"interval,omitempty"` + // FailureThreshold is the number of consecutive failures for the probe to be considered failed after having succeeded. + FailureThreshold int64 `protobuf:"varint,2,opt,name=failure_threshold,json=failureThreshold,proto3" json:"failure_threshold,omitempty"` + // One of the probe types should be specified, for now it's only TCP. + Tcp *TCPProbeSpec `protobuf:"bytes,3,opt,name=tcp,proto3" json:"tcp,omitempty"` + // Configuration layer. + ConfigLayer enums.NetworkConfigLayer `protobuf:"varint,4,opt,name=config_layer,json=configLayer,proto3,enum=talos.resource.definitions.enums.NetworkConfigLayer" json:"config_layer,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache } func (x *ProbeSpecSpec) Reset() { @@ -3600,9 +3666,11 @@ func (x *ProbeSpecSpec) GetConfigLayer() enums.NetworkConfigLayer { // ProbeStatusSpec describes the Probe. type ProbeStatusSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Success bool `protobuf:"varint,1,opt,name=success,proto3" json:"success,omitempty"` - LastError string `protobuf:"bytes,2,opt,name=last_error,json=lastError,proto3" json:"last_error,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Success of the check. + Success bool `protobuf:"varint,1,opt,name=success,proto3" json:"success,omitempty"` + // Last error of the probe. + LastError string `protobuf:"bytes,2,opt,name=last_error,json=lastError,proto3" json:"last_error,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -4405,9 +4473,11 @@ func (x *StatusSpec) GetEtcFilesReady() bool { // TCPProbeSpec describes the TCP Probe. type TCPProbeSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Endpoint string `protobuf:"bytes,1,opt,name=endpoint,proto3" json:"endpoint,omitempty"` - Timeout *durationpb.Duration `protobuf:"bytes,2,opt,name=timeout,proto3" json:"timeout,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Endpoint to probe: host:port. + Endpoint string `protobuf:"bytes,1,opt,name=endpoint,proto3" json:"endpoint,omitempty"` + // Timeout for the probe. + Timeout *durationpb.Duration `protobuf:"bytes,2,opt,name=timeout,proto3" json:"timeout,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -4763,8 +4833,10 @@ func (x *VIPOperatorSpec) GetHCloud() *VIPHCloudSpec { // VLANSpec describes VLAN settings if Kind == "vlan". type VLANSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Vid uint32 `protobuf:"varint,1,opt,name=vid,proto3" json:"vid,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // VID is the vlan ID. + Vid uint32 `protobuf:"varint,1,opt,name=vid,proto3" json:"vid,omitempty"` + // Protocol is the vlan protocol. Protocol enums.NethelpersVLANProtocol `protobuf:"varint,2,opt,name=protocol,proto3,enum=talos.resource.definitions.enums.NethelpersVLANProtocol" json:"protocol,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache @@ -4983,12 +5055,14 @@ func (x *WireguardPeer) GetAllowedIps() []*common.NetIPPrefix { // WireguardSpec describes Wireguard settings if Kind == "wireguard". type WireguardSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - PrivateKey string `protobuf:"bytes,1,opt,name=private_key,json=privateKey,proto3" json:"private_key,omitempty"` - PublicKey string `protobuf:"bytes,2,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"` - ListenPort int64 `protobuf:"varint,3,opt,name=listen_port,json=listenPort,proto3" json:"listen_port,omitempty"` - FirewallMark int64 `protobuf:"varint,4,opt,name=firewall_mark,json=firewallMark,proto3" json:"firewall_mark,omitempty"` - Peers []*WireguardPeer `protobuf:"bytes,5,rep,name=peers,proto3" json:"peers,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // PrivateKey is used to configure the link, present only in the LinkSpec. + PrivateKey string `protobuf:"bytes,1,opt,name=private_key,json=privateKey,proto3" json:"private_key,omitempty"` + // PublicKey is only used in LinkStatus to show the link status. + PublicKey string `protobuf:"bytes,2,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"` + ListenPort int64 `protobuf:"varint,3,opt,name=listen_port,json=listenPort,proto3" json:"listen_port,omitempty"` + FirewallMark int64 `protobuf:"varint,4,opt,name=firewall_mark,json=firewallMark,proto3" json:"firewall_mark,omitempty"` + Peers []*WireguardPeer `protobuf:"bytes,5,rep,name=peers,proto3" json:"peers,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } diff --git a/pkg/machinery/api/resource/definitions/runtime/runtime.pb.go b/pkg/machinery/api/resource/definitions/runtime/runtime.pb.go index 49275c25a..f76f5c52a 100644 --- a/pkg/machinery/api/resource/definitions/runtime/runtime.pb.go +++ b/pkg/machinery/api/resource/definitions/runtime/runtime.pb.go @@ -142,8 +142,9 @@ func (x *BootedEntrySpec) GetBootedEntry() string { // DevicesStatusSpec is the spec for devices status. type DevicesStatusSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Ready bool `protobuf:"varint,1,opt,name=ready,proto3" json:"ready,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Devices are settled down and ready to be used. + Ready bool `protobuf:"varint,1,opt,name=ready,proto3" json:"ready,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -187,9 +188,11 @@ func (x *DevicesStatusSpec) GetReady() bool { // DiagnosticSpec is the spec for devices status. type DiagnosticSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` - Details []string `protobuf:"bytes,2,rep,name=details,proto3" json:"details,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Short message describing the problem. + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` + // Details about the problem. + Details []string `protobuf:"bytes,2,rep,name=details,proto3" json:"details,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -1513,9 +1516,11 @@ func (x *SecurityStateSpec) GetModuleSignatureEnforced() bool { // ServicePIDSpec is the spec for the service PID. type ServicePIDSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Pid int32 `protobuf:"varint,1,opt,name=pid,proto3" json:"pid,omitempty"` - MountNamespace string `protobuf:"bytes,2,opt,name=mount_namespace,json=mountNamespace,proto3" json:"mount_namespace,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // PID is the host PID of the service. + Pid int32 `protobuf:"varint,1,opt,name=pid,proto3" json:"pid,omitempty"` + // MountNamespace is the mount namespace of the service. + MountNamespace string `protobuf:"bytes,2,opt,name=mount_namespace,json=mountNamespace,proto3" json:"mount_namespace,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } diff --git a/pkg/machinery/api/resource/definitions/secrets/secrets.pb.go b/pkg/machinery/api/resource/definitions/secrets/secrets.pb.go index ec9532c01..da03d2a80 100644 --- a/pkg/machinery/api/resource/definitions/secrets/secrets.pb.go +++ b/pkg/machinery/api/resource/definitions/secrets/secrets.pb.go @@ -26,11 +26,12 @@ const ( // APICertsSpec describes etcd certs secrets. type APICertsSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Client *common.PEMEncodedCertificateAndKey `protobuf:"bytes,2,opt,name=client,proto3" json:"client,omitempty"` - Server *common.PEMEncodedCertificateAndKey `protobuf:"bytes,3,opt,name=server,proto3" json:"server,omitempty"` - AcceptedCAs []*common.PEMEncodedCertificate `protobuf:"bytes,4,rep,name=accepted_c_as,json=acceptedCAs,proto3" json:"accepted_c_as,omitempty"` - SkipVerifyingClientCert bool `protobuf:"varint,5,opt,name=skip_verifying_client_cert,json=skipVerifyingClientCert,proto3" json:"skip_verifying_client_cert,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + Client *common.PEMEncodedCertificateAndKey `protobuf:"bytes,2,opt,name=client,proto3" json:"client,omitempty"` + Server *common.PEMEncodedCertificateAndKey `protobuf:"bytes,3,opt,name=server,proto3" json:"server,omitempty"` + AcceptedCAs []*common.PEMEncodedCertificate `protobuf:"bytes,4,rep,name=accepted_c_as,json=acceptedCAs,proto3" json:"accepted_c_as,omitempty"` + // Skip verifying client certificate, to be used only with the maintenance mode operations. + SkipVerifyingClientCert bool `protobuf:"varint,5,opt,name=skip_verifying_client_cert,json=skipVerifyingClientCert,proto3" json:"skip_verifying_client_cert,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -387,10 +388,11 @@ type KubernetesCertsSpec struct { state protoimpl.MessageState `protogen:"open.v1"` SchedulerKubeconfig string `protobuf:"bytes,4,opt,name=scheduler_kubeconfig,json=schedulerKubeconfig,proto3" json:"scheduler_kubeconfig,omitempty"` ControllerManagerKubeconfig string `protobuf:"bytes,5,opt,name=controller_manager_kubeconfig,json=controllerManagerKubeconfig,proto3" json:"controller_manager_kubeconfig,omitempty"` - LocalhostAdminKubeconfig string `protobuf:"bytes,6,opt,name=localhost_admin_kubeconfig,json=localhostAdminKubeconfig,proto3" json:"localhost_admin_kubeconfig,omitempty"` - AdminKubeconfig string `protobuf:"bytes,7,opt,name=admin_kubeconfig,json=adminKubeconfig,proto3" json:"admin_kubeconfig,omitempty"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache + // Admin-level kubeconfig with access through the localhost endpoint and cluster endpoints. + LocalhostAdminKubeconfig string `protobuf:"bytes,6,opt,name=localhost_admin_kubeconfig,json=localhostAdminKubeconfig,proto3" json:"localhost_admin_kubeconfig,omitempty"` + AdminKubeconfig string `protobuf:"bytes,7,opt,name=admin_kubeconfig,json=adminKubeconfig,proto3" json:"admin_kubeconfig,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache } func (x *KubernetesCertsSpec) Reset() { diff --git a/pkg/machinery/api/resource/definitions/security/security.pb.go b/pkg/machinery/api/resource/definitions/security/security.pb.go index e2fc7316c..3af7e0793 100644 --- a/pkg/machinery/api/resource/definitions/security/security.pb.go +++ b/pkg/machinery/api/resource/definitions/security/security.pb.go @@ -25,10 +25,13 @@ const ( // ImageKeylessVerifierSpec represents a signature verification provider. type ImageKeylessVerifierSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Issuer string `protobuf:"bytes,1,opt,name=issuer,proto3" json:"issuer,omitempty"` - Subject string `protobuf:"bytes,2,opt,name=subject,proto3" json:"subject,omitempty"` - SubjectRegex string `protobuf:"bytes,3,opt,name=subject_regex,json=subjectRegex,proto3" json:"subject_regex,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Issuer is the OIDC issuer URL. + Issuer string `protobuf:"bytes,1,opt,name=issuer,proto3" json:"issuer,omitempty"` + // Subject is the expected subject. + Subject string `protobuf:"bytes,2,opt,name=subject,proto3" json:"subject,omitempty"` + // SubjectRegex is a regex pattern for subject matching. + SubjectRegex string `protobuf:"bytes,3,opt,name=subject_regex,json=subjectRegex,proto3" json:"subject_regex,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -86,8 +89,9 @@ func (x *ImageKeylessVerifierSpec) GetSubjectRegex() string { // ImagePublicKeyVerifierSpec represents a signature verification provider with static public key. type ImagePublicKeyVerifierSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Certificate string `protobuf:"bytes,1,opt,name=certificate,proto3" json:"certificate,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Certificate is a public certificate in PEM format accepted for image signature verification. + Certificate string `protobuf:"bytes,1,opt,name=certificate,proto3" json:"certificate,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -131,11 +135,16 @@ func (x *ImagePublicKeyVerifierSpec) GetCertificate() string { // ImageVerificationRuleSpec represents a verification rule. type ImageVerificationRuleSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - ImagePattern string `protobuf:"bytes,2,opt,name=image_pattern,json=imagePattern,proto3" json:"image_pattern,omitempty"` - Skip bool `protobuf:"varint,3,opt,name=skip,proto3" json:"skip,omitempty"` - Deny bool `protobuf:"varint,4,opt,name=deny,proto3" json:"deny,omitempty"` - KeylessVerifier *ImageKeylessVerifierSpec `protobuf:"bytes,5,opt,name=keyless_verifier,json=keylessVerifier,proto3" json:"keyless_verifier,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // ImagePattern is the image name pattern. + ImagePattern string `protobuf:"bytes,2,opt,name=image_pattern,json=imagePattern,proto3" json:"image_pattern,omitempty"` + // Skip is the action for matching images. + Skip bool `protobuf:"varint,3,opt,name=skip,proto3" json:"skip,omitempty"` + // Deny is the action for matching images. + Deny bool `protobuf:"varint,4,opt,name=deny,proto3" json:"deny,omitempty"` + // KeylessVerifier is the keyless verifier configuration to use. + KeylessVerifier *ImageKeylessVerifierSpec `protobuf:"bytes,5,opt,name=keyless_verifier,json=keylessVerifier,proto3" json:"keyless_verifier,omitempty"` + // PublicKeyVerifier is the public key verifier configuration to use. PublicKeyVerifier *ImagePublicKeyVerifierSpec `protobuf:"bytes,6,opt,name=public_key_verifier,json=publicKeyVerifier,proto3" json:"public_key_verifier,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache @@ -208,11 +217,13 @@ func (x *ImageVerificationRuleSpec) GetPublicKeyVerifier() *ImagePublicKeyVerifi // TUFTrustedRootSpec represents a sigstore's TUF trusted root information. type TUFTrustedRootSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` + state protoimpl.MessageState `protogen:"open.v1"` + // LastRefreshTime is the last time the trusted root was refreshed. LastRefreshTime *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=last_refresh_time,json=lastRefreshTime,proto3" json:"last_refresh_time,omitempty"` - JsonData string `protobuf:"bytes,2,opt,name=json_data,json=jsonData,proto3" json:"json_data,omitempty"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache + // JSONData is the trusted root data in JSON format. + JsonData string `protobuf:"bytes,2,opt,name=json_data,json=jsonData,proto3" json:"json_data,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache } func (x *TUFTrustedRootSpec) Reset() { diff --git a/pkg/machinery/api/resource/definitions/siderolink/siderolink.pb.go b/pkg/machinery/api/resource/definitions/siderolink/siderolink.pb.go index 1ddacaf40..088de8da0 100644 --- a/pkg/machinery/api/resource/definitions/siderolink/siderolink.pb.go +++ b/pkg/machinery/api/resource/definitions/siderolink/siderolink.pb.go @@ -103,11 +103,15 @@ func (x *ConfigSpec) GetTunnel() bool { // StatusSpec describes Siderolink status. type StatusSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Host string `protobuf:"bytes,1,opt,name=host,proto3" json:"host,omitempty"` - Connected bool `protobuf:"varint,2,opt,name=connected,proto3" json:"connected,omitempty"` - LinkName string `protobuf:"bytes,3,opt,name=link_name,json=linkName,proto3" json:"link_name,omitempty"` - GrpcTunnel bool `protobuf:"varint,4,opt,name=grpc_tunnel,json=grpcTunnel,proto3" json:"grpc_tunnel,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Host is the Siderolink target host. + Host string `protobuf:"bytes,1,opt,name=host,proto3" json:"host,omitempty"` + // Connected is the status of the Siderolink GRPC connection. + Connected bool `protobuf:"varint,2,opt,name=connected,proto3" json:"connected,omitempty"` + // LinkName is the name of the interface used for the Siderolink tunnel. + LinkName string `protobuf:"bytes,3,opt,name=link_name,json=linkName,proto3" json:"link_name,omitempty"` + // GRPCTunnel is true if the Wireguard-over-GRPC tunnel is being used. + GrpcTunnel bool `protobuf:"varint,4,opt,name=grpc_tunnel,json=grpcTunnel,proto3" json:"grpc_tunnel,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -172,11 +176,16 @@ func (x *StatusSpec) GetGrpcTunnel() bool { // TunnelSpec describes Siderolink GRPC Tunnel configuration. type TunnelSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - ApiEndpoint string `protobuf:"bytes,1,opt,name=api_endpoint,json=apiEndpoint,proto3" json:"api_endpoint,omitempty"` - LinkName string `protobuf:"bytes,2,opt,name=link_name,json=linkName,proto3" json:"link_name,omitempty"` - Mtu int64 `protobuf:"varint,3,opt,name=mtu,proto3" json:"mtu,omitempty"` - NodeAddress *common.NetIPPort `protobuf:"bytes,4,opt,name=node_address,json=nodeAddress,proto3" json:"node_address,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // APIEndpoint is the Siderolink WireGuard over GRPC endpoint. + ApiEndpoint string `protobuf:"bytes,1,opt,name=api_endpoint,json=apiEndpoint,proto3" json:"api_endpoint,omitempty"` + // LinkName is the name to use for WireGuard tunnel. + LinkName string `protobuf:"bytes,2,opt,name=link_name,json=linkName,proto3" json:"link_name,omitempty"` + // MTU is the maximum transmission unit for the tunnel. + Mtu int64 `protobuf:"varint,3,opt,name=mtu,proto3" json:"mtu,omitempty"` + // NodeAddress is the virtual address of our node. It's used to identify our node in the WireGuard GRPC streamer. + // It's not the address of the actual WireGuard interface. + NodeAddress *common.NetIPPort `protobuf:"bytes,4,opt,name=node_address,json=nodeAddress,proto3" json:"node_address,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } diff --git a/pkg/machinery/api/resource/definitions/time/time.pb.go b/pkg/machinery/api/resource/definitions/time/time.pb.go index 1bb2ccabc..d028a65f7 100644 --- a/pkg/machinery/api/resource/definitions/time/time.pb.go +++ b/pkg/machinery/api/resource/definitions/time/time.pb.go @@ -126,10 +126,13 @@ func (x *AdjtimeStatusSpec) GetState() string { // StatusSpec describes time sync state. type StatusSpec struct { - state protoimpl.MessageState `protogen:"open.v1"` - Synced bool `protobuf:"varint,1,opt,name=synced,proto3" json:"synced,omitempty"` - Epoch int64 `protobuf:"varint,2,opt,name=epoch,proto3" json:"epoch,omitempty"` - SyncDisabled bool `protobuf:"varint,3,opt,name=sync_disabled,json=syncDisabled,proto3" json:"sync_disabled,omitempty"` + state protoimpl.MessageState `protogen:"open.v1"` + // Synced indicates whether time is in sync. + Synced bool `protobuf:"varint,1,opt,name=synced,proto3" json:"synced,omitempty"` + // Epoch is incremented every time clock jumps more than 15min. + Epoch int64 `protobuf:"varint,2,opt,name=epoch,proto3" json:"epoch,omitempty"` + // SyncDisabled indicates if time sync is disabled. + SyncDisabled bool `protobuf:"varint,3,opt,name=sync_disabled,json=syncDisabled,proto3" json:"sync_disabled,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } diff --git a/pkg/machinery/resources/block/volume_status.go b/pkg/machinery/resources/block/volume_status.go index 598346a27..43820f675 100644 --- a/pkg/machinery/resources/block/volume_status.go +++ b/pkg/machinery/resources/block/volume_status.go @@ -49,7 +49,7 @@ type VolumeStatusSpec struct { // EncryptionProvider is the provider of the encryption which was used to unlock the volume. EncryptionProvider EncryptionProviderType `yaml:"encryptionProvider,omitempty" protobuf:"12"` - // EncryptionFailedSyncs is the list of failed syncs for the volume (per key/provider)/ + // EncryptionFailedSyncs is the list of failed syncs for the volume (per key/provider). EncryptionFailedSyncs []string `yaml:"encryptionFailedSyncs,omitempty" protobuf:"14"` // ConfiguredEncryptionKeys is the list of configured encryption keys for the volume. ConfiguredEncryptionKeys []string `yaml:"configuredEncryptionKeys,omitempty" protobuf:"17"` diff --git a/pkg/machinery/resources/hardware/processor.go b/pkg/machinery/resources/hardware/processor.go index 4d40fec9b..ea9c908f7 100644 --- a/pkg/machinery/resources/hardware/processor.go +++ b/pkg/machinery/resources/hardware/processor.go @@ -26,9 +26,9 @@ type ProcessorSpec struct { Socket string `yaml:"socket,omitempty" protobuf:"1"` Manufacturer string `yaml:"manufacturer,omitempty" protobuf:"2"` ProductName string `yaml:"productName,omitempty" protobuf:"3"` - // MaxSpeed is in megahertz (Mhz) + // MaxSpeed is in megahertz (MHz). MaxSpeed uint32 `yaml:"maxSpeedMhz,omitempty" protobuf:"4"` - // Speed is in megahertz (Mhz) + // BootSpeed is in megahertz (MHz). BootSpeed uint32 `yaml:"bootSpeedMhz,omitempty" protobuf:"5"` Status uint32 `yaml:"status,omitempty" protobuf:"6"` SerialNumber string `yaml:"serialNumber,omitempty" protobuf:"7"` diff --git a/pkg/machinery/resources/network/link_spec.go b/pkg/machinery/resources/network/link_spec.go index 29dd45f4b..00718e649 100644 --- a/pkg/machinery/resources/network/link_spec.go +++ b/pkg/machinery/resources/network/link_spec.go @@ -50,13 +50,13 @@ type LinkSpecSpec struct { // ParentName indicates link parent for VLAN interfaces. ParentName string `yaml:"parentName,omitempty" protobuf:"7"` - // MasterName indicates master link for enslaved bonded interfaces. + // BondSlave contains bond slave configuration for interfaces enslaved to a bond. BondSlave BondSlave `yaml:",omitempty,inline" protobuf:"8"` - // BridgeSlave indicates master link for bridged interfaces. + // BridgeSlave carries bridge slave details for bridged interfaces. BridgeSlave BridgeSlave `yaml:"bridgeSlave,omitempty" protobuf:"9"` - // VRFSlave indicates master link for interfaces in a vrf + // VRFSlave carries VRF slave details for interfaces in a VRF. VRFSlave VRFSlave `yaml:"vrfSlave,omitempty" protobuf:"18"` // These structures are present depending on "Kind" for Logical interfaces. diff --git a/pkg/machinery/resources/network/node_address_filter.go b/pkg/machinery/resources/network/node_address_filter.go index b0991224e..801b60a8e 100644 --- a/pkg/machinery/resources/network/node_address_filter.go +++ b/pkg/machinery/resources/network/node_address_filter.go @@ -27,7 +27,7 @@ type NodeAddressFilter = typed.Resource[NodeAddressFilterSpec, NodeAddressFilter type NodeAddressFilterSpec struct { // Address is skipped if it doesn't match any of the includeSubnets (if includeSubnets is not empty). IncludeSubnets []netip.Prefix `yaml:"includeSubnets" protobuf:"1"` - // Address is skipped if it matches any of the includeSubnets. + // Address is skipped if it matches any of the excludeSubnets. ExcludeSubnets []netip.Prefix `yaml:"excludeSubnets" protobuf:"2"` } diff --git a/tools/structprotogen/ast/ast.go b/tools/structprotogen/ast/ast.go index 8fd303249..aca01c0ba 100644 --- a/tools/structprotogen/ast/ast.go +++ b/tools/structprotogen/ast/ast.go @@ -206,8 +206,14 @@ func formatComments(comment *ast.CommentGroup) []string { return result } -// Fields represents a struct field and its protobuf number. -type Fields map[string]int +// Fields represents a struct field and its protobuf metadata. +type Fields map[string]FieldInfo + +// FieldInfo contains the protobuf number and doc comments for a struct field. +type FieldInfo struct { + Num int + Comments []string +} // getStructFieldsWithTags returns all fields of the given struct with their tags. func getStructFieldsWithTags(structDecl *ast.TypeSpec) Fields { @@ -242,7 +248,29 @@ func getStructFieldsWithTags(structDecl *ast.TypeSpec) Fields { panic(fmt.Errorf("invalid protobuf tag: field '%s', tag '%s': %w", name, tagValue, err)) } - result[name.Name] = num + result[name.Name] = FieldInfo{ + Num: num, + Comments: fieldComments(field), + } + } + } + + return result +} + +// fieldComments collects doc and trailing line comments attached to a struct field. +func fieldComments(field *ast.Field) []string { + var result []string + + if field.Doc != nil { + for _, c := range field.Doc.List { + result = append(result, c.Text) + } + } + + if field.Comment != nil { + for _, c := range field.Comment.List { + result = append(result, c.Text) } } diff --git a/tools/structprotogen/main.go b/tools/structprotogen/main.go index 5a4d88709..84f393792 100644 --- a/tools/structprotogen/main.go +++ b/tools/structprotogen/main.go @@ -44,8 +44,6 @@ func main() { } } -// TODO(DmitriyMV): get comments for fields - //nolint:gocyclo func run(pkgPath, dst string) error { loadedPkgs, err := loader.LoadPackages(pkgPath) diff --git a/tools/structprotogen/proto/proto.go b/tools/structprotogen/proto/proto.go index d23f39cff..f31ac32ed 100644 --- a/tools/structprotogen/proto/proto.go +++ b/tools/structprotogen/proto/proto.go @@ -173,7 +173,8 @@ type protoField struct { typ string num int - goType string + goType string + comments []string } func protoFieldCmp(left, right protoField) int { @@ -196,10 +197,18 @@ func protoFieldCmp(left, right protoField) int { } func (pf protoField) WriteDebug(w io.Writer) { + for _, comment := range pf.comments { + fmt.Fprintf(w, "%s\n ", comment) + } + fmt.Fprintf(w, "%s %s = %d; // %s \n", pf.typ, ToSnakeCase(pf.name), pf.num, pf.goType) } func (pf protoField) Format(w io.Writer) { + for _, comment := range pf.comments { + fmt.Fprintf(w, "%s\n ", comment) + } + fmt.Fprintf(w, "%s %s = %d;\n", pf.typ, ToSnakeCase(pf.name), pf.num) } @@ -236,10 +245,11 @@ func PrepareProtoData(pkgsTypes slices.Sorted[*types.Type], constants consts.Con } sliceutil.AddIfNotFound(def.Fields(), protoField{ - name: field.Name, - typ: typeName, - num: field.Num, - goType: field.TypeData.Type().String(), + name: field.Name, + typ: typeName, + num: field.Num, + goType: field.TypeData.Type().String(), + comments: field.Comments, }) continue @@ -260,10 +270,11 @@ func PrepareProtoData(pkgsTypes slices.Sorted[*types.Type], constants consts.Con } sliceutil.AddIfNotFound(def.Fields(), protoField{ - name: field.Name, - typ: typeName, - num: field.Num, - goType: field.TypeData.Type().String(), + name: field.Name, + typ: typeName, + num: field.Num, + goType: field.TypeData.Type().String(), + comments: field.Comments, }) continue @@ -294,10 +305,11 @@ func PrepareProtoData(pkgsTypes slices.Sorted[*types.Type], constants consts.Con } sliceutil.AddIfNotFound(def.Fields(), protoField{ - name: field.Name, - typ: typeName, - num: field.Num, - goType: field.TypeData.Type().String(), + name: field.Name, + typ: typeName, + num: field.Num, + goType: field.TypeData.Type().String(), + comments: field.Comments, }) continue @@ -335,10 +347,11 @@ func PrepareProtoData(pkgsTypes slices.Sorted[*types.Type], constants consts.Con } sliceutil.AddIfNotFound(def.Fields(), protoField{ - name: field.Name, - typ: typText, - num: field.Num, - goType: field.TypeData.Type().String(), + name: field.Name, + typ: typText, + num: field.Num, + goType: field.TypeData.Type().String(), + comments: field.Comments, }) continue diff --git a/tools/structprotogen/types/types.go b/tools/structprotogen/types/types.go index ad97b04cb..7d4b417fd 100644 --- a/tools/structprotogen/types/types.go +++ b/tools/structprotogen/types/types.go @@ -104,10 +104,11 @@ func pkgTypeCmp(left, right *Type) int { return strings.Compare(left.Name, right.Name) } -// FieldData is a struct which contains field name, proto num and type data. +// FieldData is a struct which contains field name, proto num, doc comments and type data. type FieldData struct { Name string Num int + Comments []string TypeData *types.Var } @@ -146,9 +147,12 @@ func ParseDeclsData(sortedPkgs slices.Sorted[*PkgDecl], taggedStructs ast.Tagged Comments: taggedStruct.Comments, }) + fieldInfo := taggedStruct.Fields[field.Name()] + v.Fields().Add(FieldData{ Name: field.Name(), - Num: taggedStruct.Fields[field.Name()], + Num: fieldInfo.Num, + Comments: fieldInfo.Comments, TypeData: field, }) } diff --git a/website/content/v1.14/reference/api.md b/website/content/v1.14/reference/api.md index 63257e009..1b2b3fef1 100644 --- a/website/content/v1.14/reference/api.md +++ b/website/content/v1.14/reference/api.md @@ -6093,10 +6093,10 @@ DeviceSpec is the spec for devices status. | minor | [int64](#int64) | | | | partition_name | [string](#string) | | | | partition_number | [int64](#int64) | | | -| generation | [int64](#int64) | | | +| generation | [int64](#int64) | | Generation is bumped every time the device might have changed and might need to be re-probed. | | device_path | [string](#string) | | | -| parent | [string](#string) | | | -| secondaries | [string](#string) | repeated | | +| parent | [string](#string) | | Parent (if set) specifies the parent device ID. | +| secondaries | [string](#string) | repeated | Secondaries (if set) specifies the secondary device IDs.

E.g. for a LVM volume secondary is a list of blockdevices that the volume consists of. | @@ -6111,9 +6111,9 @@ DiscoveredVolumeSpec is the spec for DiscoveredVolumes resource. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| size | [uint64](#uint64) | | | -| sector_size | [uint64](#uint64) | | | -| io_size | [uint64](#uint64) | | | +| size | [uint64](#uint64) | | Overall size of the probed device (in bytes). | +| sector_size | [uint64](#uint64) | | Sector size of the device (in bytes). | +| io_size | [uint64](#uint64) | | Optimal I/O size for the device (in bytes). | | name | [string](#string) | | | | uuid | [string](#string) | | | | label | [string](#string) | | | @@ -6130,7 +6130,7 @@ DiscoveredVolumeSpec is the spec for DiscoveredVolumes resource. | dev_path | [string](#string) | | | | parent_dev_path | [string](#string) | | | | pretty_size | [string](#string) | | | -| offset | [uint64](#uint64) | | | +| offset | [uint64](#uint64) | | Offset of the partition/volume inside Parent device (in bytes). | @@ -6206,7 +6206,7 @@ DiskSpec is the spec for Disks status. | cdrom | [bool](#bool) | | | | dev_path | [string](#string) | | | | pretty_size | [string](#string) | | | -| secondary_disks | [string](#string) | repeated | | +| secondary_disks | [string](#string) | repeated | SecondaryDisks (if set) specifies the secondary disk IDs.

E.g. if the blockdevice secondary is vda5, the secondary disk will be set as vda. This allows to map secondaries between disks ignoring the partitions. | | uuid | [string](#string) | | | | symlinks | [string](#string) | repeated | | @@ -6225,12 +6225,12 @@ EncryptionKey is the spec for volume encryption key. | ----- | ---- | ----- | ----------- | | slot | [int64](#int64) | | | | type | [talos.resource.definitions.enums.BlockEncryptionKeyType](#talos.resource.definitions.enums.BlockEncryptionKeyType) | | | -| static_passphrase | [bytes](#bytes) | | | -| kms_endpoint | [string](#string) | | | -| tpm_check_secureboot_status_on_enroll | [bool](#bool) | | | +| static_passphrase | [bytes](#bytes) | | Only for Type == "static": | +| kms_endpoint | [string](#string) | | Only for Type == "kms": | +| tpm_check_secureboot_status_on_enroll | [bool](#bool) | | Only for Type == "tpm": | | lock_to_state | [bool](#bool) | | | -| tpmpc_rs | [int64](#int64) | repeated | | -| tpm_pub_key_pc_rs | [int64](#int64) | repeated | | +| tpmpc_rs | [int64](#int64) | repeated | Only for Type == "tpm": | +| tpm_pub_key_pc_rs | [int64](#int64) | repeated | Only for Type == "tpm": | @@ -6265,8 +6265,8 @@ FilesystemSpec is the spec for volume filesystem. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| type | [talos.resource.definitions.enums.BlockFilesystemType](#talos.resource.definitions.enums.BlockFilesystemType) | | | -| label | [string](#string) | | | +| type | [talos.resource.definitions.enums.BlockFilesystemType](#talos.resource.definitions.enums.BlockFilesystemType) | | Filesystem type. | +| label | [string](#string) | | Filesystem label. | @@ -6281,8 +6281,8 @@ LocatorSpec is the spec for volume locator. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| match | [google.api.expr.v1alpha1.CheckedExpr](#google.api.expr.v1alpha1.CheckedExpr) | | | -| disk_match | [google.api.expr.v1alpha1.CheckedExpr](#google.api.expr.v1alpha1.CheckedExpr) | | | +| match | [google.api.expr.v1alpha1.CheckedExpr](#google.api.expr.v1alpha1.CheckedExpr) | | Match is a volume locator match expression. | +| disk_match | [google.api.expr.v1alpha1.CheckedExpr](#google.api.expr.v1alpha1.CheckedExpr) | | DiskMatch is a disk locator match expression. | @@ -6319,16 +6319,16 @@ MountSpec is the spec for volume mount. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| target_path | [string](#string) | | | -| selinux_label | [string](#string) | | | -| project_quota_support | [bool](#bool) | | | -| parent_id | [string](#string) | | | -| file_mode | [uint32](#uint32) | | | -| uid | [int64](#int64) | | | -| gid | [int64](#int64) | | | -| recursive_relabel | [bool](#bool) | | | -| bind_target | [string](#string) | | | -| parameters | [ParameterSpec](#talos.resource.definitions.block.ParameterSpec) | repeated | | +| target_path | [string](#string) | | Mount path for the volume. | +| selinux_label | [string](#string) | | SELinux label for the volume. | +| project_quota_support | [bool](#bool) | | Enable project quota (xfs) for the volume. | +| parent_id | [string](#string) | | Parent mount request ID. | +| file_mode | [uint32](#uint32) | | FileMode is the file mode for the mount target. | +| uid | [int64](#int64) | | UID is the user ID for the mount target. | +| gid | [int64](#int64) | | GID is the group ID for the mount target. | +| recursive_relabel | [bool](#bool) | | RecursiveRelabel is the recursive relabel/chown flag for the mount target. | +| bind_target | [string](#string) | | BindTarget is an optional path on the host to bind-mount the volume onto. | +| parameters | [ParameterSpec](#talos.resource.definitions.block.ParameterSpec) | repeated | Parameters are additional filesystem mount options used when mounting the volume. | @@ -6365,10 +6365,10 @@ ParameterSpec is a mount parameter. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| type | [talos.resource.definitions.enums.BlockFSParameterType](#talos.resource.definitions.enums.BlockFSParameterType) | | | -| name | [string](#string) | | | -| string | [string](#string) | | | -| binary | [bytes](#bytes) | | | +| type | [talos.resource.definitions.enums.BlockFSParameterType](#talos.resource.definitions.enums.BlockFSParameterType) | | Type of the parameter. | +| name | [string](#string) | | Name of the parameter. | +| string | [string](#string) | | String value of the parameter. | +| binary | [bytes](#bytes) | | Binary value of the parameter. | @@ -6383,13 +6383,13 @@ PartitionSpec is the spec for volume partitioning. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| min_size | [uint64](#uint64) | | | -| max_size | [uint64](#uint64) | | | -| grow | [bool](#bool) | | | -| label | [string](#string) | | | -| type_uuid | [string](#string) | | | -| relative_max_size | [uint64](#uint64) | | | -| negative_max_size | [bool](#bool) | | | +| min_size | [uint64](#uint64) | | Partition minimum size in bytes. | +| max_size | [uint64](#uint64) | | Partition maximum size in bytes, if not set, grows to the maximum size. | +| grow | [bool](#bool) | | Grow the partition automatically to the maximum size. | +| label | [string](#string) | | Label for the partition. | +| type_uuid | [string](#string) | | Partition type UUID. | +| relative_max_size | [uint64](#uint64) | | Partition maximum size (relative), if not set, grows to the maximum size. | +| negative_max_size | [bool](#bool) | | NegativeMaxSize indicates that MaxSize or RelativeMaxSize represents space to be left free on the device rather than space to consume. | @@ -6404,10 +6404,10 @@ ProvisioningSpec is the spec for volume provisioning. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| disk_selector | [DiskSelector](#talos.resource.definitions.block.DiskSelector) | | | -| partition_spec | [PartitionSpec](#talos.resource.definitions.block.PartitionSpec) | | | -| wave | [int64](#int64) | | | -| filesystem_spec | [FilesystemSpec](#talos.resource.definitions.block.FilesystemSpec) | | | +| disk_selector | [DiskSelector](#talos.resource.definitions.block.DiskSelector) | | DiskSelector selects a disk for the volume. | +| partition_spec | [PartitionSpec](#talos.resource.definitions.block.PartitionSpec) | | PartitionSpec describes how to provision the volume (partition type). | +| wave | [int64](#int64) | | Provisioning wave for the volume.

Waves are processed sequentially - the volumes in the wave are only provisioned after the previous wave is done. | +| filesystem_spec | [FilesystemSpec](#talos.resource.definitions.block.FilesystemSpec) | | FilesystemSpec describes how to provision the volume (filesystem type). | @@ -6443,8 +6443,8 @@ SymlinkProvisioningSpec is the spec for volume symlink. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| symlink_target_path | [string](#string) | | | -| force | [bool](#bool) | | | +| symlink_target_path | [string](#string) | | Symlink target path for the volume. | +| force | [bool](#bool) | | Force symlink creation. | @@ -6522,13 +6522,13 @@ VolumeConfigSpec is the spec for VolumeConfig resource. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| parent_id | [string](#string) | | | -| type | [talos.resource.definitions.enums.BlockVolumeType](#talos.resource.definitions.enums.BlockVolumeType) | | | -| provisioning | [ProvisioningSpec](#talos.resource.definitions.block.ProvisioningSpec) | | | -| locator | [LocatorSpec](#talos.resource.definitions.block.LocatorSpec) | | | -| mount | [MountSpec](#talos.resource.definitions.block.MountSpec) | | | -| encryption | [EncryptionSpec](#talos.resource.definitions.block.EncryptionSpec) | | | -| symlink | [SymlinkProvisioningSpec](#talos.resource.definitions.block.SymlinkProvisioningSpec) | | | +| parent_id | [string](#string) | | Parent volume ID, if set no operations on the volume continue until the parent volume is ready. | +| type | [talos.resource.definitions.enums.BlockVolumeType](#talos.resource.definitions.enums.BlockVolumeType) | | Volume type. | +| provisioning | [ProvisioningSpec](#talos.resource.definitions.block.ProvisioningSpec) | | Provisioning configuration (how to provision a volume). | +| locator | [LocatorSpec](#talos.resource.definitions.block.LocatorSpec) | | How to find a volume. | +| mount | [MountSpec](#talos.resource.definitions.block.MountSpec) | | Mount options for the volume. | +| encryption | [EncryptionSpec](#talos.resource.definitions.block.EncryptionSpec) | | Encryption configuration (how to encrypt a volume). | +| symlink | [SymlinkProvisioningSpec](#talos.resource.definitions.block.SymlinkProvisioningSpec) | | Symlink options for the volume. | @@ -6585,27 +6585,27 @@ VolumeStatusSpec is the spec for VolumeStatus resource. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | | phase | [talos.resource.definitions.enums.BlockVolumePhase](#talos.resource.definitions.enums.BlockVolumePhase) | | | -| location | [string](#string) | | | +| location | [string](#string) | | Location is the path to the block device (raw). | | error_message | [string](#string) | | | | uuid | [string](#string) | | | | partition_uuid | [string](#string) | | | | pre_fail_phase | [talos.resource.definitions.enums.BlockVolumePhase](#talos.resource.definitions.enums.BlockVolumePhase) | | | -| parent_location | [string](#string) | | | +| parent_location | [string](#string) | | ParentLocation (if present) is the location of the parent block device for partitions. | | partition_index | [int64](#int64) | | | | size | [uint64](#uint64) | | | -| filesystem | [talos.resource.definitions.enums.BlockFilesystemType](#talos.resource.definitions.enums.BlockFilesystemType) | | | -| mount_location | [string](#string) | | | -| encryption_provider | [talos.resource.definitions.enums.BlockEncryptionProviderType](#talos.resource.definitions.enums.BlockEncryptionProviderType) | | | +| filesystem | [talos.resource.definitions.enums.BlockFilesystemType](#talos.resource.definitions.enums.BlockFilesystemType) | | Filesystem is the filesystem type. | +| mount_location | [string](#string) | | MountLocation is the location to be mounted, might be different from location. | +| encryption_provider | [talos.resource.definitions.enums.BlockEncryptionProviderType](#talos.resource.definitions.enums.BlockEncryptionProviderType) | | EncryptionProvider is the provider of the encryption which was used to unlock the volume. | | pretty_size | [string](#string) | | | -| encryption_failed_syncs | [string](#string) | repeated | | -| mount_spec | [MountSpec](#talos.resource.definitions.block.MountSpec) | | | +| encryption_failed_syncs | [string](#string) | repeated | EncryptionFailedSyncs is the list of failed syncs for the volume (per key/provider). | +| mount_spec | [MountSpec](#talos.resource.definitions.block.MountSpec) | | MountSpec is the mount specification. | | type | [talos.resource.definitions.enums.BlockVolumeType](#talos.resource.definitions.enums.BlockVolumeType) | | | -| configured_encryption_keys | [string](#string) | repeated | | -| symlink_spec | [SymlinkProvisioningSpec](#talos.resource.definitions.block.SymlinkProvisioningSpec) | | | +| configured_encryption_keys | [string](#string) | repeated | ConfiguredEncryptionKeys is the list of configured encryption keys for the volume. | +| symlink_spec | [SymlinkProvisioningSpec](#talos.resource.definitions.block.SymlinkProvisioningSpec) | | Symlink is the symlink specification. | | parent_id | [string](#string) | | | -| encryption_locked_to_state | [bool](#bool) | | | -| encryption_slot | [int64](#int64) | | | -| tpm_encryption_options | [TPMEncryptionOptionsInfo](#talos.resource.definitions.block.TPMEncryptionOptionsInfo) | | | +| encryption_locked_to_state | [bool](#bool) | | EncryptionLockedToState indicates if the encryption is locked to STATE partition | +| encryption_slot | [int64](#int64) | | EncryptionSlot indicates the currently used encryption slot used for decryption. | +| tpm_encryption_options | [TPMEncryptionOptionsInfo](#talos.resource.definitions.block.TPMEncryptionOptionsInfo) | | TPMEncryptionOptions is the options for TPM-based encryption. | @@ -6721,7 +6721,7 @@ so YAML serialization should be kept backwards compatible. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| node_id | [string](#string) | | | +| node_id | [string](#string) | | NodeID is a random value which is persisted across reboots, but it gets reset on wipe. | @@ -7332,8 +7332,8 @@ ProcessorSpec represents a single processor. | socket | [string](#string) | | | | manufacturer | [string](#string) | | | | product_name | [string](#string) | | | -| max_speed | [uint32](#uint32) | | | -| boot_speed | [uint32](#uint32) | | | +| max_speed | [uint32](#uint32) | | MaxSpeed is in megahertz (MHz). | +| boot_speed | [uint32](#uint32) | | BootSpeed is in megahertz (MHz). | | status | [uint32](#uint32) | | | | serial_number | [string](#string) | | | | asset_tag | [string](#string) | | | @@ -7893,7 +7893,7 @@ KubeletKubeconfigSpec describes the current kubelet kubeconfig file. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| hash | [string](#string) | | | +| hash | [string](#string) | | Hash is a content digest of the kubeconfig file. It changes whenever the file contents change, which is the signal consumers use to rebuild their Kubernetes clients. | @@ -8336,13 +8336,13 @@ ConfigSpec describes KubeSpan configuration.. | enabled | [bool](#bool) | | | | cluster_id | [string](#string) | | | | shared_secret | [string](#string) | | | -| force_routing | [bool](#bool) | | | -| advertise_kubernetes_networks | [bool](#bool) | | | -| mtu | [uint32](#uint32) | | | -| endpoint_filters | [string](#string) | repeated | | -| harvest_extra_endpoints | [bool](#bool) | | | -| extra_endpoints | [common.NetIPPort](#common.NetIPPort) | repeated | | -| exclude_advertised_networks | [common.NetIPPrefix](#common.NetIPPrefix) | repeated | | +| force_routing | [bool](#bool) | | Force routing via KubeSpan even if the peer connection is not up. | +| advertise_kubernetes_networks | [bool](#bool) | | Advertise Kubernetes pod networks or skip it completely. | +| mtu | [uint32](#uint32) | | Force kubeSpan MTU size. | +| endpoint_filters | [string](#string) | repeated | If not empty, filter advertised endpoints using the list of CIDRs. | +| harvest_extra_endpoints | [bool](#bool) | | Harvest endpoints from the peer statuses. | +| extra_endpoints | [common.NetIPPort](#common.NetIPPort) | repeated | Extra endpoints to announce. | +| exclude_advertised_networks | [common.NetIPPrefix](#common.NetIPPrefix) | repeated | If not empty, filter advertised networks using the list of CIDRs. | @@ -8376,9 +8376,9 @@ so YAML serialization should be kept backwards compatible. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| address | [common.NetIPPrefix](#common.NetIPPrefix) | | | +| address | [common.NetIPPrefix](#common.NetIPPrefix) | | Address of the node on the Wireguard network. | | subnet | [common.NetIPPrefix](#common.NetIPPrefix) | | | -| private_key | [string](#string) | | | +| private_key | [string](#string) | | Public and private Wireguard keys. | | public_key | [string](#string) | | | @@ -8412,13 +8412,13 @@ PeerStatusSpec describes PeerStatus state. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| endpoint | [common.NetIPPort](#common.NetIPPort) | | | -| label | [string](#string) | | | -| state | [talos.resource.definitions.enums.KubespanPeerState](#talos.resource.definitions.enums.KubespanPeerState) | | | -| receive_bytes | [int64](#int64) | | | +| endpoint | [common.NetIPPort](#common.NetIPPort) | | Active endpoint as seen by the Wireguard. | +| label | [string](#string) | | Label derived from the peer spec. | +| state | [talos.resource.definitions.enums.KubespanPeerState](#talos.resource.definitions.enums.KubespanPeerState) | | Calculated state. | +| receive_bytes | [int64](#int64) | | Tx/Rx bytes. | | transmit_bytes | [int64](#int64) | | | -| last_handshake_time | [google.protobuf.Timestamp](#google.protobuf.Timestamp) | | | -| last_used_endpoint | [common.NetIPPort](#common.NetIPPort) | | | +| last_handshake_time | [google.protobuf.Timestamp](#google.protobuf.Timestamp) | | Handshake. | +| last_used_endpoint | [common.NetIPPort](#common.NetIPPort) | | Endpoint selection input. | | last_endpoint_change | [google.protobuf.Timestamp](#google.protobuf.Timestamp) | | | @@ -8483,7 +8483,7 @@ DevicesStatusSpec is the spec for devices status. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| ready | [bool](#bool) | | | +| ready | [bool](#bool) | | Devices are settled down and ready to be used. | @@ -8498,8 +8498,8 @@ DiagnosticSpec is the spec for devices status. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| message | [string](#string) | | | -| details | [string](#string) | repeated | | +| message | [string](#string) | | Short message describing the problem. | +| details | [string](#string) | repeated | Details about the problem. | @@ -8886,8 +8886,8 @@ ServicePIDSpec is the spec for the service PID. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| pid | [int32](#int32) | | | -| mount_namespace | [string](#string) | | | +| pid | [int32](#int32) | | PID is the host PID of the service. | +| mount_namespace | [string](#string) | | MountNamespace is the mount namespace of the service. | @@ -9045,34 +9045,34 @@ BondMasterSpec describes bond settings if Kind == "bond". | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| mode | [talos.resource.definitions.enums.NethelpersBondMode](#talos.resource.definitions.enums.NethelpersBondMode) | | | -| hash_policy | [talos.resource.definitions.enums.NethelpersBondXmitHashPolicy](#talos.resource.definitions.enums.NethelpersBondXmitHashPolicy) | | | -| lacp_rate | [talos.resource.definitions.enums.NethelpersLACPRate](#talos.resource.definitions.enums.NethelpersLACPRate) | | | -| arp_validate | [talos.resource.definitions.enums.NethelpersARPValidate](#talos.resource.definitions.enums.NethelpersARPValidate) | | | -| arp_all_targets | [talos.resource.definitions.enums.NethelpersARPAllTargets](#talos.resource.definitions.enums.NethelpersARPAllTargets) | | | -| primary_index | [uint32](#uint32) | | | -| primary_reselect | [talos.resource.definitions.enums.NethelpersPrimaryReselect](#talos.resource.definitions.enums.NethelpersPrimaryReselect) | | | -| fail_over_mac | [talos.resource.definitions.enums.NethelpersFailOverMAC](#talos.resource.definitions.enums.NethelpersFailOverMAC) | | | -| ad_select | [talos.resource.definitions.enums.NethelpersADSelect](#talos.resource.definitions.enums.NethelpersADSelect) | | | -| mii_mon | [uint32](#uint32) | | | -| up_delay | [uint32](#uint32) | | | -| down_delay | [uint32](#uint32) | | | -| arp_interval | [uint32](#uint32) | | | -| resend_igmp | [uint32](#uint32) | | | -| min_links | [uint32](#uint32) | | | -| lp_interval | [uint32](#uint32) | | | -| packets_per_slave | [uint32](#uint32) | | | -| num_peer_notif | [uint32](#uint32) | | | -| tlb_dynamic_lb | [uint32](#uint32) | | | -| all_slaves_active | [uint32](#uint32) | | | -| use_carrier | [bool](#bool) | | | -| ad_actor_sys_prio | [uint32](#uint32) | | | -| ad_user_port_key | [uint32](#uint32) | | | -| peer_notify_delay | [uint32](#uint32) | | | -| arpip_targets | [common.NetIP](#common.NetIP) | repeated | | -| nsip6_targets | [common.NetIP](#common.NetIP) | repeated | | -| adlacp_active | [talos.resource.definitions.enums.NethelpersADLACPActive](#talos.resource.definitions.enums.NethelpersADLACPActive) | | | -| missed_max | [uint32](#uint32) | | | +| mode | [talos.resource.definitions.enums.NethelpersBondMode](#talos.resource.definitions.enums.NethelpersBondMode) | | Mode specifies the bonding policy | +| hash_policy | [talos.resource.definitions.enums.NethelpersBondXmitHashPolicy](#talos.resource.definitions.enums.NethelpersBondXmitHashPolicy) | | HashPolicy selects the transmit hash policy to use for slave selection. | +| lacp_rate | [talos.resource.definitions.enums.NethelpersLACPRate](#talos.resource.definitions.enums.NethelpersLACPRate) | | LACPRate specifies the rate at which LACPDU frames are sent. | +| arp_validate | [talos.resource.definitions.enums.NethelpersARPValidate](#talos.resource.definitions.enums.NethelpersARPValidate) | | ARPValidate specifies whether or not ARP probes and replies should be validated. | +| arp_all_targets | [talos.resource.definitions.enums.NethelpersARPAllTargets](#talos.resource.definitions.enums.NethelpersARPAllTargets) | | ARPAllTargets specifies whether ARP probes should be sent to any or all targets. | +| primary_index | [uint32](#uint32) | | PrimaryIndex is a device index specifying which slave is the primary device. | +| primary_reselect | [talos.resource.definitions.enums.NethelpersPrimaryReselect](#talos.resource.definitions.enums.NethelpersPrimaryReselect) | | PrimaryReselect specifies the policy under which the primary slave should be reselected. | +| fail_over_mac | [talos.resource.definitions.enums.NethelpersFailOverMAC](#talos.resource.definitions.enums.NethelpersFailOverMAC) | | FailOverMac whether active-backup mode should set all slaves to the same MAC address at enslavement, when enabled, or perform special handling. | +| ad_select | [talos.resource.definitions.enums.NethelpersADSelect](#talos.resource.definitions.enums.NethelpersADSelect) | | ADSelect specifies the aggregate selection policy for 802.3ad. | +| mii_mon | [uint32](#uint32) | | MIIMon is the link monitoring frequency in milliseconds. | +| up_delay | [uint32](#uint32) | | UpDelay is the time, in milliseconds, to wait before enabling a slave after a link recovery has been detected. | +| down_delay | [uint32](#uint32) | | DownDelay is the time, in milliseconds, to wait before disabling a slave after a link failure has been detected. | +| arp_interval | [uint32](#uint32) | | ARPInterval is the ARP link monitoring frequency in milliseconds. | +| resend_igmp | [uint32](#uint32) | | ResendIGMP specifies the number of times IGMP packets should be resent. | +| min_links | [uint32](#uint32) | | MinLinks specifies the minimum number of active links to assert carrier. | +| lp_interval | [uint32](#uint32) | | LPInterval specifies the number of seconds between instances where the bonding driver sends learning packets to each slave's peer switch. | +| packets_per_slave | [uint32](#uint32) | | PacketsPerSlave specifies the number of packets to transmit through a slave before moving to the next one. | +| num_peer_notif | [uint32](#uint32) | | NumPeerNotif specifies the number of peer notifications (gratuitous ARPs and unsolicited IPv6 Neighbor Advertisements) to be issued after a failover event. | +| tlb_dynamic_lb | [uint32](#uint32) | | TLBDynamicLB specifies if dynamic shuffling of flows is enabled in tlb or alb mode. | +| all_slaves_active | [uint32](#uint32) | | AllSlavesActive specifies that duplicate frames (received on inactive ports) should be dropped (0) or delivered (1). | +| use_carrier | [bool](#bool) | | UseCarrier specifies whether or not miimon should use MII or ETHTOOL. | +| ad_actor_sys_prio | [uint32](#uint32) | | ADActorSysPrio is the actor system priority for 802.3ad. | +| ad_user_port_key | [uint32](#uint32) | | ADUserPortKey is the user port key (upper 10 bits) for 802.3ad. | +| peer_notify_delay | [uint32](#uint32) | | PeerNotifyDelay is the delay, in milliseconds, between each peer notification. | +| arpip_targets | [common.NetIP](#common.NetIP) | repeated | ARPIPTargets is the list of IP addresses to use for ARP link monitoring when ARPInterval is set.

Maximum of 16 targets are supported. | +| nsip6_targets | [common.NetIP](#common.NetIP) | repeated | NSIP6Targets is the list of IPv6 addresses to use for NS link monitoring when ARPInterval is set.

Maximum of 16 targets are supported. | +| adlacp_active | [talos.resource.definitions.enums.NethelpersADLACPActive](#talos.resource.definitions.enums.NethelpersADLACPActive) | | ADLACPActive specifies whether to send LACPDU frames periodically. | +| missed_max | [uint32](#uint32) | | MissedMax is the number of arp_interval monitor checks that must fail in order for an interface to be marked down by the ARP monitor. | @@ -9087,8 +9087,8 @@ BondSlave contains a bond's master name and slave index. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| master_name | [string](#string) | | | -| slave_index | [int64](#int64) | | | +| master_name | [string](#string) | | MasterName indicates master link for enslaved bonded interfaces. | +| slave_index | [int64](#int64) | | SlaveIndex indicates a slave's position in bond. | @@ -9119,7 +9119,7 @@ BridgeSlave contains the name of the master bridge of a bridged interface | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| master_name | [string](#string) | | | +| master_name | [string](#string) | | MasterName indicates master link for enslaved bridged interfaces. | @@ -9232,11 +9232,11 @@ EthernetChannelsStatus describes status of Ethernet channels. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| rx_max | [uint32](#uint32) | | | +| rx_max | [uint32](#uint32) | | Read-only settings. | | tx_max | [uint32](#uint32) | | | | other_max | [uint32](#uint32) | | | | combined_max | [uint32](#uint32) | | | -| rx | [uint32](#uint32) | | | +| rx | [uint32](#uint32) | | Current settings (read-write). | | tx | [uint32](#uint32) | | | | other | [uint32](#uint32) | | | | combined | [uint32](#uint32) | | | @@ -9294,12 +9294,12 @@ EthernetRingsStatus describes status of Ethernet rings. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| rx_max | [uint32](#uint32) | | | +| rx_max | [uint32](#uint32) | | Read-only settings. | | rx_mini_max | [uint32](#uint32) | | | | rx_jumbo_max | [uint32](#uint32) | | | | tx_max | [uint32](#uint32) | | | | tx_push_buf_len_max | [uint32](#uint32) | | | -| rx | [uint32](#uint32) | | | +| rx | [uint32](#uint32) | | Current settings (read-write). | | rx_mini | [uint32](#uint32) | | | | rx_jumbo | [uint32](#uint32) | | | | tx | [uint32](#uint32) | | | @@ -9381,8 +9381,8 @@ HardwareAddrSpec describes spec for the link. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| name | [string](#string) | | | -| hardware_addr | [bytes](#bytes) | | | +| name | [string](#string) | | Name defines link name | +| hardware_addr | [bytes](#bytes) | | Hardware address | @@ -9478,24 +9478,24 @@ LinkSpecSpec describes spec for the link. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| name | [string](#string) | | | -| logical | [bool](#bool) | | | -| up | [bool](#bool) | | | -| mtu | [uint32](#uint32) | | | -| kind | [string](#string) | | | +| name | [string](#string) | | Name defines link name | +| logical | [bool](#bool) | | Logical describes if the interface should be created on the fly if it doesn't exist. | +| up | [bool](#bool) | | If Up is true, bring interface up, otherwise bring interface down.

TODO: make *bool ? | +| mtu | [uint32](#uint32) | | Interface MTU (always applies). | +| kind | [string](#string) | | Kind and Type are only required for Logical interfaces. | | type | [talos.resource.definitions.enums.NethelpersLinkType](#talos.resource.definitions.enums.NethelpersLinkType) | | | -| parent_name | [string](#string) | | | -| bond_slave | [BondSlave](#talos.resource.definitions.network.BondSlave) | | | -| bridge_slave | [BridgeSlave](#talos.resource.definitions.network.BridgeSlave) | | | -| vlan | [VLANSpec](#talos.resource.definitions.network.VLANSpec) | | | +| parent_name | [string](#string) | | ParentName indicates link parent for VLAN interfaces. | +| bond_slave | [BondSlave](#talos.resource.definitions.network.BondSlave) | | BondSlave contains bond slave configuration for interfaces enslaved to a bond. | +| bridge_slave | [BridgeSlave](#talos.resource.definitions.network.BridgeSlave) | | BridgeSlave carries bridge slave details for bridged interfaces. | +| vlan | [VLANSpec](#talos.resource.definitions.network.VLANSpec) | | These structures are present depending on "Kind" for Logical interfaces. | | bond_master | [BondMasterSpec](#talos.resource.definitions.network.BondMasterSpec) | | | | bridge_master | [BridgeMasterSpec](#talos.resource.definitions.network.BridgeMasterSpec) | | | | wireguard | [WireguardSpec](#talos.resource.definitions.network.WireguardSpec) | | | -| config_layer | [talos.resource.definitions.enums.NetworkConfigLayer](#talos.resource.definitions.enums.NetworkConfigLayer) | | | -| hardware_address | [bytes](#bytes) | | | -| multicast | [bool](#bool) | | | +| config_layer | [talos.resource.definitions.enums.NetworkConfigLayer](#talos.resource.definitions.enums.NetworkConfigLayer) | | Configuration layer. | +| hardware_address | [bytes](#bytes) | | Override hardware (MAC) address (if supported). | +| multicast | [bool](#bool) | | Multicast indicates whether the multicast flag should be set on the interface to the value. | | vrf_master | [VRFMasterSpec](#talos.resource.definitions.network.VRFMasterSpec) | | | -| vrf_slave | [VRFSlave](#talos.resource.definitions.network.VRFSlave) | | | +| vrf_slave | [VRFSlave](#talos.resource.definitions.network.VRFSlave) | | VRFSlave carries VRF slave details for interfaces in a VRF. | @@ -9531,16 +9531,16 @@ LinkStatusSpec describes status of rendered secrets. | vendor_id | [string](#string) | | | | product | [string](#string) | | | | vendor | [string](#string) | | | -| link_state | [bool](#bool) | | | +| link_state | [bool](#bool) | | Fields coming from ethtool API. | | speed_megabits | [int64](#int64) | | | | port | [talos.resource.definitions.enums.NethelpersPort](#talos.resource.definitions.enums.NethelpersPort) | | | | duplex | [talos.resource.definitions.enums.NethelpersDuplex](#talos.resource.definitions.enums.NethelpersDuplex) | | | -| vlan | [VLANSpec](#talos.resource.definitions.network.VLANSpec) | | | +| vlan | [VLANSpec](#talos.resource.definitions.network.VLANSpec) | | Following fields are only populated with respective Kind. | | bridge_master | [BridgeMasterSpec](#talos.resource.definitions.network.BridgeMasterSpec) | | | | bond_master | [BondMasterSpec](#talos.resource.definitions.network.BondMasterSpec) | | | | wireguard | [WireguardSpec](#talos.resource.definitions.network.WireguardSpec) | | | | permanent_addr | [bytes](#bytes) | | | -| alias | [string](#string) | | | +| alias | [string](#string) | | Fields coming from rtnetlink API. | | alt_names | [string](#string) | repeated | | | vrf_master | [VRFMasterSpec](#talos.resource.definitions.network.VRFMasterSpec) | | | @@ -9755,8 +9755,8 @@ NodeAddressFilterSpec describes a filter for NodeAddresses. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| include_subnets | [common.NetIPPrefix](#common.NetIPPrefix) | repeated | | -| exclude_subnets | [common.NetIPPrefix](#common.NetIPPrefix) | repeated | | +| include_subnets | [common.NetIPPrefix](#common.NetIPPrefix) | repeated | Address is skipped if it doesn't match any of the includeSubnets (if includeSubnets is not empty). | +| exclude_subnets | [common.NetIPPrefix](#common.NetIPPrefix) | repeated | Address is skipped if it matches any of the excludeSubnets. | @@ -9868,10 +9868,10 @@ ProbeSpecSpec describes the Probe. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| interval | [google.protobuf.Duration](#google.protobuf.Duration) | | | -| failure_threshold | [int64](#int64) | | | -| tcp | [TCPProbeSpec](#talos.resource.definitions.network.TCPProbeSpec) | | | -| config_layer | [talos.resource.definitions.enums.NetworkConfigLayer](#talos.resource.definitions.enums.NetworkConfigLayer) | | | +| interval | [google.protobuf.Duration](#google.protobuf.Duration) | | Interval between the probes. | +| failure_threshold | [int64](#int64) | | FailureThreshold is the number of consecutive failures for the probe to be considered failed after having succeeded. | +| tcp | [TCPProbeSpec](#talos.resource.definitions.network.TCPProbeSpec) | | One of the probe types should be specified, for now it's only TCP. | +| config_layer | [talos.resource.definitions.enums.NetworkConfigLayer](#talos.resource.definitions.enums.NetworkConfigLayer) | | Configuration layer. | @@ -9886,8 +9886,8 @@ ProbeStatusSpec describes the Probe. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| success | [bool](#bool) | | | -| last_error | [string](#string) | | | +| success | [bool](#bool) | | Success of the check. | +| last_error | [string](#string) | | Last error of the probe. | @@ -10071,8 +10071,8 @@ TCPProbeSpec describes the TCP Probe. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| endpoint | [string](#string) | | | -| timeout | [google.protobuf.Duration](#google.protobuf.Duration) | | | +| endpoint | [string](#string) | | Endpoint to probe: host:port. | +| timeout | [google.protobuf.Duration](#google.protobuf.Duration) | | Timeout for the probe. | @@ -10172,8 +10172,8 @@ VLANSpec describes VLAN settings if Kind == "vlan". | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| vid | [uint32](#uint32) | | | -| protocol | [talos.resource.definitions.enums.NethelpersVLANProtocol](#talos.resource.definitions.enums.NethelpersVLANProtocol) | | | +| vid | [uint32](#uint32) | | VID is the vlan ID. | +| protocol | [talos.resource.definitions.enums.NethelpersVLANProtocol](#talos.resource.definitions.enums.NethelpersVLANProtocol) | | Protocol is the vlan protocol. | @@ -10237,8 +10237,8 @@ WireguardSpec describes Wireguard settings if Kind == "wireguard". | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| private_key | [string](#string) | | | -| public_key | [string](#string) | | | +| private_key | [string](#string) | | PrivateKey is used to configure the link, present only in the LinkSpec. | +| public_key | [string](#string) | | PublicKey is only used in LinkStatus to show the link status. | | listen_port | [int64](#int64) | | | | firewall_mark | [int64](#int64) | | | | peers | [WireguardPeer](#talos.resource.definitions.network.WireguardPeer) | repeated | | @@ -10399,7 +10399,7 @@ APICertsSpec describes etcd certs secrets. | client | [common.PEMEncodedCertificateAndKey](#common.PEMEncodedCertificateAndKey) | | | | server | [common.PEMEncodedCertificateAndKey](#common.PEMEncodedCertificateAndKey) | | | | accepted_c_as | [common.PEMEncodedCertificate](#common.PEMEncodedCertificate) | repeated | | -| skip_verifying_client_cert | [bool](#bool) | | | +| skip_verifying_client_cert | [bool](#bool) | | Skip verifying client certificate, to be used only with the maintenance mode operations. | @@ -10499,7 +10499,7 @@ KubernetesCertsSpec describes generated Kubernetes certificates. | ----- | ---- | ----- | ----------- | | scheduler_kubeconfig | [string](#string) | | | | controller_manager_kubeconfig | [string](#string) | | | -| localhost_admin_kubeconfig | [string](#string) | | | +| localhost_admin_kubeconfig | [string](#string) | | Admin-level kubeconfig with access through the localhost endpoint and cluster endpoints. | | admin_kubeconfig | [string](#string) | | | @@ -10626,9 +10626,9 @@ ImageKeylessVerifierSpec represents a signature verification provider. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| issuer | [string](#string) | | | -| subject | [string](#string) | | | -| subject_regex | [string](#string) | | | +| issuer | [string](#string) | | Issuer is the OIDC issuer URL. | +| subject | [string](#string) | | Subject is the expected subject. | +| subject_regex | [string](#string) | | SubjectRegex is a regex pattern for subject matching. | @@ -10643,7 +10643,7 @@ ImagePublicKeyVerifierSpec represents a signature verification provider with sta | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| certificate | [string](#string) | | | +| certificate | [string](#string) | | Certificate is a public certificate in PEM format accepted for image signature verification. | @@ -10658,11 +10658,11 @@ ImageVerificationRuleSpec represents a verification rule. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| image_pattern | [string](#string) | | | -| skip | [bool](#bool) | | | -| deny | [bool](#bool) | | | -| keyless_verifier | [ImageKeylessVerifierSpec](#talos.resource.definitions.security.ImageKeylessVerifierSpec) | | | -| public_key_verifier | [ImagePublicKeyVerifierSpec](#talos.resource.definitions.security.ImagePublicKeyVerifierSpec) | | | +| image_pattern | [string](#string) | | ImagePattern is the image name pattern. | +| skip | [bool](#bool) | | Skip is the action for matching images. | +| deny | [bool](#bool) | | Deny is the action for matching images. | +| keyless_verifier | [ImageKeylessVerifierSpec](#talos.resource.definitions.security.ImageKeylessVerifierSpec) | | KeylessVerifier is the keyless verifier configuration to use. | +| public_key_verifier | [ImagePublicKeyVerifierSpec](#talos.resource.definitions.security.ImagePublicKeyVerifierSpec) | | PublicKeyVerifier is the public key verifier configuration to use. | @@ -10677,8 +10677,8 @@ TUFTrustedRootSpec represents a sigstore's TUF trusted root information. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| last_refresh_time | [google.protobuf.Timestamp](#google.protobuf.Timestamp) | | | -| json_data | [string](#string) | | | +| last_refresh_time | [google.protobuf.Timestamp](#google.protobuf.Timestamp) | | LastRefreshTime is the last time the trusted root was refreshed. | +| json_data | [string](#string) | | JSONData is the trusted root data in JSON format. | @@ -10728,10 +10728,10 @@ StatusSpec describes Siderolink status. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| host | [string](#string) | | | -| connected | [bool](#bool) | | | -| link_name | [string](#string) | | | -| grpc_tunnel | [bool](#bool) | | | +| host | [string](#string) | | Host is the Siderolink target host. | +| connected | [bool](#bool) | | Connected is the status of the Siderolink GRPC connection. | +| link_name | [string](#string) | | LinkName is the name of the interface used for the Siderolink tunnel. | +| grpc_tunnel | [bool](#bool) | | GRPCTunnel is true if the Wireguard-over-GRPC tunnel is being used. | @@ -10746,10 +10746,10 @@ TunnelSpec describes Siderolink GRPC Tunnel configuration. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| api_endpoint | [string](#string) | | | -| link_name | [string](#string) | | | -| mtu | [int64](#int64) | | | -| node_address | [common.NetIPPort](#common.NetIPPort) | | | +| api_endpoint | [string](#string) | | APIEndpoint is the Siderolink WireGuard over GRPC endpoint. | +| link_name | [string](#string) | | LinkName is the name to use for WireGuard tunnel. | +| mtu | [int64](#int64) | | MTU is the maximum transmission unit for the tunnel. | +| node_address | [common.NetIPPort](#common.NetIPPort) | | NodeAddress is the virtual address of our node. It's used to identify our node in the WireGuard GRPC streamer. It's not the address of the actual WireGuard interface. | @@ -10802,9 +10802,9 @@ StatusSpec describes time sync state. | Field | Type | Label | Description | | ----- | ---- | ----- | ----------- | -| synced | [bool](#bool) | | | -| epoch | [int64](#int64) | | | -| sync_disabled | [bool](#bool) | | | +| synced | [bool](#bool) | | Synced indicates whether time is in sync. | +| epoch | [int64](#int64) | | Epoch is incremented every time clock jumps more than 15min. | +| sync_disabled | [bool](#bool) | | SyncDisabled indicates if time sync is disabled. |