Add new `--airgapped` flag to talos cluster create (qemu)
to disable NAT in the VMs to effectively become airgapped.
Signed-off-by: Mateusz Urbanek <mateusz.urbanek@siderolabs.com>
* add 'iso', 'pxe', 'disk-image', 'maintenance' and 'secureboot' presets
* swith the image-factory e2e test to use the create qemu command with presets
* add a '--omni-api-endpoint' to simplify connecting machines to omni
Signed-off-by: Orzelius <33936483+Orzelius@users.noreply.github.com>
Use cmdline from the UKI in Talos 1.12+ by default for new installs.
This brings GRUB in line with systemd-boot vs. cmdline behavior.
Fixes#12019
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Most of the work is to add proper test environment for more cases.
Include a test for pulling an image
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Add a user facing cluster create docker command with the following changes:
* renamed flags for simplicity and uniformity
* removed the bulk of the unnecessary flags
Other changes:
* split internal logic such that it's separate from the qemu cluster create logic
* refactor internal code aiming for simplicity
Ä change drives flag behavior in anticipation of the user facing create-qemu command
* extract code into separate functions
* add some unit tests
* remove the docker support from the cluster create command (docker is only supported via the user-facing create-docker command)
Signed-off-by: Orzelius <33936483+Orzelius@users.noreply.github.com>
This showed up in docker runs (not sure why only docker), but the issue
is the following:
* a service is running which has some volume requirements
* `VolumeMountRequests` are created, and `VolumeMountStatus` were
established
* the service put finalizers on `VolumeMountStatus`
* now the service is going to be restarted - so at first it's going to
be shut down
* on shutdown, the service will remove `VolumeMountRequest`, and remove
finalizers on `VolumeMountStatus`
* now it's job of other controllers to tear down and remove mounts
* as the service starts back up after restart, it will re-create
`VolumeMountRequest`, and will try to wait and put finalizers on
`VolumeMountStatus`
* here comes the race condition: it can be that the service sees tearing
down `VolumeMountStatus` which is left from the shutdown time, so it
puts a finalizer on it, and it blocks the proper teardown of the
previous "generation" of the mount request/status, leading to a
deadlock
So the fix is to wait for the new status to be created which is not
tearing down.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Add more NVIDIA tests covering all supported OSS and Proprietary LTS and Production driver versions.
Fixes: #11398
Signed-off-by: Noel Georgi <git@frezbo.dev>
Also bump Go dependencies, other dependencies.
Add version contract for future Talos 1.12.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Zswap allows to compress pages in memory before they hit the actual swap
device.
Both swap and zswap (or either one of these) can be enabled.
Fixes#10675
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Fixes#10674
Provide a way to see current swap status, configure additional swap
devices (block) and de-configure them on the fly.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
When extending PCR or trying to seed entropy pool from TPM if the found
device is a TPM1.2 device, skip it, since Talos only supports TPM2.0
Fixes: #10847
Signed-off-by: Noel Georgi <git@frezbo.dev>
No big changes, mostly wiring things together:
* implement encryption config (identical to existing v1alpha1 one) for
user volume configuration
* provide validation, some small fixes
* add support for encrypted user volumes in `talosctl cluster create`
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
User volumes are identified by a short name which serves both
as a `/var/mnt` mount point and a partition label.
User volumes can be added and removed on the fly, and they are
automatically propagated into the `kubelet` mount namespace.
Also deprecate `.machine.disks`.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
They were broken for some time, and depend on Image Gallery we dropped
as well.
Update docs and CI scripts.
Fixes#10035
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Otherwise the archive is corrupted due to QEMU still writing to the logs while they are being archived
ci: enable --with-json-logs by default for e2e-qemu
Also pull in golangci fixes
Signed-off-by: Dmitrii Sharshakov <dmitry.sharshakov@siderolabs.com>
Update to the latest 1.33.0 updated to get main on 1.33 for upcoming
Talos 1.10.
Update go-kubernetes to the version supporting 1.33.x.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Generate `installer` from `imager` so installer always have UKI's.
Push `installer-base` which just contains base tools to install.
Fixes: #10188Fixes: #10323
Signed-off-by: Noel Georgi <git@frezbo.dev>
Starting with Talos 1.10, the default generated ISO's will use GRUB for
BIOS boot and sd-boot for EFI boot.
Fixes: #10192
Signed-off-by: Noel Georgi <git@frezbo.dev>
