It wasn't used when building an endpoint to the local API server, so
Talos couldn't talk to the local API server when port was changed from
the default one.
Fixes#5706
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Version API is only available over SideroLink connection.
This is useful to find Talos version as it got booted (e.g. to generate
proper machine configuration).
There's a security concern that version API might return sensitive
information via public API. At the same time Talos version can be
guessed by looking at the output of other APIs, e.g. resource type list
(`talosctl get rd`), which changes with every minor version.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
This adds the option to toggle the automatic creation of search domains.
Signed-off-by: Bᴇʀɴᴅ Sᴄʜᴏʀɢᴇʀs <me@bjw-s.dev>
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
The examples contain raw structures which will be base64-encoded on
marshaling to YAML which might be confusing if someone tries to decode
values.
At the same time we want to make sure that example certs/keys are not
useable to prevent clusters being created with fixed secrets.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Init nodes were deprecated in v1.0 so it makes sense
to remove the documentation about them and consign
them to the past!
Signed-off-by: Tim Jones <tim.jones@siderolabs.com>
The new mode allows changing the config for a period of time, which
allows trying the configuration and automatically rolling it back in case
if it doesn't work for example.
The mode can only be used with changes that can be applied without a
reboot.
When changed it doesn't write the configuration to disk, only changes it
in memory.
`--timeout` parameter can be used to customize the rollback delay.
The default timeout is 1 minute.
Any consequent configuration change will abort try mode and the last
applied configuration will be used.
Signed-off-by: Artem Chernyshev <artem.chernyshev@talos-systems.com>
Since Talos moved to new registry redirect CRI plugin format, start
redirects are no longer supported in the CRI plugin (see
https://github.com/containerd/containerd/blob/main/docs/hosts.md).
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Dry run prints out config diff, selected application mode without
changing the configuration.
Signed-off-by: Artem Chernyshev <artem.chernyshev@talos-systems.com>
See https://github.com/etcd-io/etcd/releases/tag/v3.5.3
This release should contain a fix for data consistency issue when etcd
is killed under high load.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
Make improvements to help documentation discoverability and categorization.
Ensure all content pages have a description.
Ensure all link are replaced with Hugo shortcode.
Ensure all moved pages have an alias so redirects work.
Signed-off-by: Tim Jones <tim.jones@siderolabs.com>
Docker by default disable IPv6 completely in the containers which breaks
SideroLink on Docker-based clusters, as SideroLink is using IPv6
addresses for the Wiregurard tunnel.
This change might break `talosctl cluster create` on host systems which
have IPv6 disabled completely, so provide a flag to revert this
behavior.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
DHCP-v6 addons:
* DUID (client unique indentifier)
* apply NTP server list
DUID helps to keep you ipv6 after reboot.
NTPv6 helps to work in ipv6-only networks.
Signed-off-by: Serge Logvinov <serge.logvinov@sinextra.dev>
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
