This replaces `git-chglog` with the `talos-systems/release-tool`.
We need to make sure we update `hack/release.toml` as we do PRs to make
sure we highlight any important feature or update as we go.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This PR makes sure we set a cloud provider version, which will make our
AWS tests pass again.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
CNI was removed from build-container which works fine for
`talosctl cluster create` clusters as it installs its own CNI, but fails
for upgrade tests as they were never updated for the CNI bundle.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This adds a VIP (virtual IP) option to the network configuration of an
interface, which will allow a set of nodes to share a floating IP
address among them. For now, this is restricted to control plane use
and only a single shared IP is supported.
Fixes#3111
Signed-off-by: Seán C McCord <ulexus@gmail.com>
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This adds new `IMAGE_REGISTRY` variable (similar to `IMAGE_TAG`) which
affects only the registry image gets pushed to, but it's not built into
the binaries and images as a default registry.
This fixes a problem when release builds reference our CI local
registry.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
State partition encryption support adds a new section to the machine config.
And a new step to the sequencer flow which saves encryption
configuration object as json serialized value in the META partition.
Everything else is the same as is for the ephemeral partition.
Additionally enabled state partition encryption in the disk encryption
integration tests.
Signed-off-by: Artem Chernyshev <artem.0xD2@gmail.com>
This PR introduces the first part of disk encryption support.
New config section `systemDiskEncryption` was added into MachineConfig.
For now it contains only Ephemeral partition encryption.
Encryption itself supports two kinds of keys for now:
- node id deterministic key.
- static key which is hardcoded in the config and mainly used for test
purposes.
Talosctl cluster create can now be told to encrypt ephemeral partition
by using `--encrypt-ephemeral` flag.
Additionally:
- updated pkgs library version.
- changed Dockefile to copy cryptsetup deps from pkgs.
Signed-off-by: Artem Chernyshev <artem.0xD2@gmail.com>
This PR moves to using the official CAPG provider release, as well as
making use of our snazzy new capi templates.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
Default manifests created by bootkube so far were only enabling
pod-checkpointer for kube-apiserver. This seems to have issues with
single-node control plane scenario, when without scheduler and
controller-manager node might fall into `NodeAffinity` state.
See https://github.com/talos-systems/bootkube-plugin/pull/23
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Fixes: https://github.com/talos-systems/talos/issues/2973
Can now supply disk image using `--disk-image-path` flag.
May need to enable `--with-apply-config` if it's necessary to bootstrap
nodes properly.
Signed-off-by: Artem Chernyshev <artem.0xD2@gmail.com>
At the moment only AMIs for AWS, and upload results should be pushed
back to the docs as separate PR.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Adds a simple test for the ISO. Boots the ISO, and then uses the `apply-config` command
in `talosctl` to create a cluster.
Signed-off-by: Andrew Rynhard <andrew@rynhard.io>
I wasn't able to find a more elegant way to get Vue content into
Markdown, so a bit of a hack with the template. Looks like frontmatter
parsing is also incomplete, so I could rely only on the page title.
Also changed the format of the image export to make it much easier to
work on that data in Vue.
Fixes#2834
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Talos 0.8 is going to ship with K8s 1.20.x.
Changes to support new `control-plane` label,
upgrade-k8s supports automated fixups for 1.20.
See also: https://github.com/talos-systems/bootkube-plugin/pull/22
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
It generates JSON file in the end with the upload results:
```
{"aws":{"regions":{"eu-central-1":{"arch":{"amd64":{"ami_id":"ami-0f559e06baf488ee1"},"arm64":{"ami_id":"ami-01edd1830a3c5d95c"}}},"eu-west-3":{"arch":{"amd64":{"ami_id":"ami-020f95a280c4c1c55"},"arm64":{"ami_id":"ami-0edcc7d694931a52c"}}}}}}
```
Regions, architectures can be modified as well.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This changes installer image/iso output to be tar via stdout
(optionally), so that we can copy back artifacts back from remote docker
daemon.
Fixes#2776
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
`docgen` now correctly extracts documentation for the structure itself,
and supports mix of Go-style and yaml-style docblocks, so that we can
keep linter happy while embedding examples.
Fixes for the encoder to keep things marshaled same way even with the
presence of the struct docs.
Add real examples replacing fake ones.
Add top-level hacked examples for `Config`, `MachineConfig` and
`ClusterConfig` to show the overall structure without pulling in all the
deep structure of those types.
Fixes#2768
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This builds a bundle with CNI plugins for talosctl which is
automatically downloaded by `talosctl` if CNI plugins are missing.
CNI directories are moved by default to the `~/.talos/cni` path.
Also add a bunch of pre-flight checks to the QEMU provisioner to make it
easier to bootstrap the Talos QEMU cluster.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
User-disks are supported by QEMU and Firecracker providers.
Can be defined by using the following parameters:
```
--user-disk /mount/path:1GB
```
Can get more than 1 user disk.
Same set of user disks will be created for all master and worker nodes.
Additionally enable user-disks in qemu e2e test.
Signed-off-by: Artem Chernyshev <artem.0xD2@gmail.com>
Comments encoding works, defaults encoding works.
Docgen was revamped: now it generates go files.
While markdown files are all handled by
`pkg/machinery/config/encoder/markdown.go`.
Changed scheme for docs. Now it no longer relies on a single `doc.go` in
the root of a package. Instead it can generate separate `*_doc.go` files
for each file in the package. `docgen` now expects to get 3 params
instead of 2. 3rd parameter is used to define a unique method name for
getting the list of structs in the file.
Backward compatibility is supported if we define package name as the 3rd
parameter.
1st parameter no longer scans whole current directory, instead it points
to the particular file that should be processed by docgen.
`talosctl docs` command now supports two flags: `--config` and `--cli`.
They allow generating only docs for v1alpha1 configs or for talosctl. If
no flags are defined, all docs are generated.
Additionally made field types clickable in the output markdown file.
Signed-off-by: Artem Chernyshev <artem.0xD2@gmail.com>
This PR pulls in the latest version of our CAPI providers, as well as
makes some minor tweaks to our bash scripts to disable terminal output
of commands during certain actions.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
This uses `talosctl images`. This way it's easy to find installer image
or talos image for any release.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
