See #13159, newer GPU operator v26.3.1 has better detection.
Signed-off-by: Noel Georgi <git@frezbo.dev>
(cherry picked from commit bba0b4aeefd7ec0daf7cc048e48c66d8b614f576)
Add NVIDIA arm64 test matrix.
Also ensure we have a known baseline for nvidia cdi files,
so if upstream adds more files and we don't install to right location
the test would fail.
Signed-off-by: Noel Georgi <git@frezbo.dev>
(cherry picked from commit 6a3ab87c54f83f70869a2e298e6ed7722cf4afad)
These new APIs only support one2one proxying, so they don't have any
hacks, and look as regular gRPC APIs.
Old APIs are deprecated, but still supported.
Implement client-side multiplexing in `talosctl`, provide fallback to
old APIs for legacy Talos versions.
New APIs include removing an image, importing an image.
Extracted from #12392
Co-authored-by: Laura Brehm <laurabrehm@hey.com>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Add more NVIDIA tests covering all supported OSS and Proprietary LTS and Production driver versions.
Fixes: #11398
Signed-off-by: Noel Georgi <git@frezbo.dev>
The previous fix#10354 was not full/complete.
The problem lies in the fact that `kube-proxy` creates a rule like:
```
chain nat-prerouting {
type nat hook prerouting priority dstnat; policy accept;
jump services
}
```
This chain has a prerouting hook, which gets executed before Talos's
input hook, and rewrites (does DNAT) for NodePort services before Talos
has a chance to block the packet, but rewritten packet hits the input
chain with DNAT address, or might be forwarded to another host and never
hit the firewall again.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
