This does proper caching for Go modules so that when go.mod/go.sum are
changed, only updated modules are downloaded vs. all of them.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Fixes: https://github.com/talos-systems/talos/issues/3323
Not exactly matching with udevd generated `by-<id>` symlinks, but should
provide sufficient amount of property selectors to be able to pick
specific disks for any kind of disk: sd card, hdd, ssd, nvme.
Signed-off-by: Artem Chernyshev <artem.0xD2@gmail.com>
This removes container images for the aforementioned services, they are
now built into `machined` executable which launches one or another
service based on `argv[0]`.
Containers are started with rootfs directory which contains only a
single executable file for the service.
This creates rootfs on squashfs for each container in
`/opt/<container>`.
Service `networkd` is not touched as it's handled in #3350.
This removes all the image imports, snapshots and other things which
were associated with the existing way to run containers.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This replaces `git-chglog` with the `talos-systems/release-tool`.
We need to make sure we update `hack/release.toml` as we do PRs to make
sure we highlight any important feature or update as we go.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This PR makes sure we set a cloud provider version, which will make our
AWS tests pass again.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
CNI was removed from build-container which works fine for
`talosctl cluster create` clusters as it installs its own CNI, but fails
for upgrade tests as they were never updated for the CNI bundle.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This adds a VIP (virtual IP) option to the network configuration of an
interface, which will allow a set of nodes to share a floating IP
address among them. For now, this is restricted to control plane use
and only a single shared IP is supported.
Fixes#3111
Signed-off-by: Seán C McCord <ulexus@gmail.com>
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This adds new `IMAGE_REGISTRY` variable (similar to `IMAGE_TAG`) which
affects only the registry image gets pushed to, but it's not built into
the binaries and images as a default registry.
This fixes a problem when release builds reference our CI local
registry.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
State partition encryption support adds a new section to the machine config.
And a new step to the sequencer flow which saves encryption
configuration object as json serialized value in the META partition.
Everything else is the same as is for the ephemeral partition.
Additionally enabled state partition encryption in the disk encryption
integration tests.
Signed-off-by: Artem Chernyshev <artem.0xD2@gmail.com>
This PR introduces the first part of disk encryption support.
New config section `systemDiskEncryption` was added into MachineConfig.
For now it contains only Ephemeral partition encryption.
Encryption itself supports two kinds of keys for now:
- node id deterministic key.
- static key which is hardcoded in the config and mainly used for test
purposes.
Talosctl cluster create can now be told to encrypt ephemeral partition
by using `--encrypt-ephemeral` flag.
Additionally:
- updated pkgs library version.
- changed Dockefile to copy cryptsetup deps from pkgs.
Signed-off-by: Artem Chernyshev <artem.0xD2@gmail.com>
This PR moves to using the official CAPG provider release, as well as
making use of our snazzy new capi templates.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
Default manifests created by bootkube so far were only enabling
pod-checkpointer for kube-apiserver. This seems to have issues with
single-node control plane scenario, when without scheduler and
controller-manager node might fall into `NodeAffinity` state.
See https://github.com/talos-systems/bootkube-plugin/pull/23
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Fixes: https://github.com/talos-systems/talos/issues/2973
Can now supply disk image using `--disk-image-path` flag.
May need to enable `--with-apply-config` if it's necessary to bootstrap
nodes properly.
Signed-off-by: Artem Chernyshev <artem.0xD2@gmail.com>
At the moment only AMIs for AWS, and upload results should be pushed
back to the docs as separate PR.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Adds a simple test for the ISO. Boots the ISO, and then uses the `apply-config` command
in `talosctl` to create a cluster.
Signed-off-by: Andrew Rynhard <andrew@rynhard.io>
I wasn't able to find a more elegant way to get Vue content into
Markdown, so a bit of a hack with the template. Looks like frontmatter
parsing is also incomplete, so I could rely only on the page title.
Also changed the format of the image export to make it much easier to
work on that data in Vue.
Fixes#2834
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Talos 0.8 is going to ship with K8s 1.20.x.
Changes to support new `control-plane` label,
upgrade-k8s supports automated fixups for 1.20.
See also: https://github.com/talos-systems/bootkube-plugin/pull/22
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
It generates JSON file in the end with the upload results:
```
{"aws":{"regions":{"eu-central-1":{"arch":{"amd64":{"ami_id":"ami-0f559e06baf488ee1"},"arm64":{"ami_id":"ami-01edd1830a3c5d95c"}}},"eu-west-3":{"arch":{"amd64":{"ami_id":"ami-020f95a280c4c1c55"},"arm64":{"ami_id":"ami-0edcc7d694931a52c"}}}}}}
```
Regions, architectures can be modified as well.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This changes installer image/iso output to be tar via stdout
(optionally), so that we can copy back artifacts back from remote docker
daemon.
Fixes#2776
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
`docgen` now correctly extracts documentation for the structure itself,
and supports mix of Go-style and yaml-style docblocks, so that we can
keep linter happy while embedding examples.
Fixes for the encoder to keep things marshaled same way even with the
presence of the struct docs.
Add real examples replacing fake ones.
Add top-level hacked examples for `Config`, `MachineConfig` and
`ClusterConfig` to show the overall structure without pulling in all the
deep structure of those types.
Fixes#2768
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
