Fixes#1610
1. In `talosconfig`, deprecate `Target` in favor of `Endpoints`
(client-side LB to come next).
2. In `osctl`, use `--nodes` in place of `--target`.
3. In `osctl` add option `--endpoints` to override `Endpoints` for the
call.
Other changes are just updates to catch up with the changes. Most
probably I missed something... And CAPI provider needs update.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Now default is not to follow the logs (which is similar to `kubectl logs`).
Integration test was added for `Logs()` API and `osctl logs` command.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
The `--e2e-parallel` flag seems to skip all tests when running in
certified-conformance mode. This reverts that change, and also adds a
check that fails if the conformance tests do not pass. This ensures that
we are not publishing broken versions of our edge release.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This upgrades sonouoy and additionally adds the `--e2e-parallel` flag to
hopefully speed things up.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This creates an IMA policy at boot. It uses the default TCB policy with
a dont_measure rule for XFS.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This adds an integration test that can be ran on a KVM enabled Linux
machine. It makes use of docker, matchbox, dnsmasq, libvirt, and HAproxy
to create an HA cluster.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This PR adds in the necessary manifests and fixes to deploy aws clusters
as part of e2e testing.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
Also refactored `integration-test` build as a generic step to be shared
by basic-integration and e2e-integration steps.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This PR will re-enable e2e testing by using the new cluster api
bootstrap provider and various infra providers.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
This is just first steps and core foundation.
It can be used like:
```
make integration.test
osctl cluster create
build/integration.test -test.v
```
This should run the test against the Docker instance.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This moves the Kubeconfig api endpoint to machined and consolidates the
"read a file" code into machined. This also changes Kubeconfig to
use the CopyOut method which changes Kubeconfig to a streaming grpc call.
Signed-off-by: Brad Beam <brad.beam@talos-systems.com>
This PR introduces APId. This service replaces the frontend functionality
previously provided by OSD. The main driver for this is two fold:
1. Create a single purpose application to expose the talos api
2. Make use of code generation to DRY api changes
Signed-off-by: Brad Beam <brad.beam@talos-systems.com>
We were mistakenly overwriting the control plane endpoint in the
`generate` command. This fixes that and adds a simple validation of the
endpoint field in the config. We should expand the validation to ensure
that a valid IP or DNS name have been provided.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This enables the ability to specify additional <talos> endpoints to connect to
to pull back data.
Signed-off-by: Brad Beam <brad.beam@talos-systems.com>
This PR updates the sonobuoy version. We're currently running
conformance tests with 0.15.x
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
This PR will add the bits necessary to make use of changes to our
v1alpha1 cluster api provider for CI testing. This is needed since we've
had machine config changes.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
The goal with the docker based cluster is to provide developers with an
easy way to run Kubernetes on their local machines. Most of the time,
they won't need more than 1 master. This defaults cluster creation to 1
master.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
We need to remove an exiting AMI, if it exists, in order to create a new
one with the same name.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This PR updates our e2e tests with the provider-components file that's
generated by our capi v0.1.9 update.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
This was breaking e2e testing, as we depend on it for applying CAPI and
launching VMs from there.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
- Use az/gcloud cli bundled with container
- Use consistent spacing in scripts ( 2 spaces vs tab )
- Updated count functions to handle the count inline
- Made platform kubeconfig the default
Signed-off-by: Brad Beam <brad.beam@talos-systems.com>
In order to DRY up all installation methods and mount methods, this PR
introduces a few more runtime modes. The modes are then used to
determine the strategy for creating and or mounting the paritions.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
These are failing with false positives. Disable for now so that we can
run our conformance tests.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This PR will save us a little dinero over the course of running e2e
builds in azure. It's only a couple cents per hour difference, but will
shave off a fair amount over the course of a month.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
If we wait for all masters to check in before applying the PSP, we run
the risk of kube-proxy failing to start for a long period of time.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This is the recommended fix for waiting on conformance results. Sonobuoy
is returning early even though the --wait flag is specified.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
In order to run more than one instance of E2E testing at a time, we need
to ensure that all resources are unique to the run.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
Problem was triggered by udevd trigger, root cause is not clear, but
workaround is to disable it for container mode.
Implement CPU/mem limits for `osctl cluster create`, apply defaults,
bump defaults for cicd.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
- Wait a little after cluster comes up
- Change interaction with CONFORMANCE variable to work around
set -eou pipefail restrictions
- Set sonobouy runner version to latest to work with alpha
version
Signed-off-by: Brad Beam <brad.beam@talos-systems.com>
