This PR moves to using v1alpha1 as the inital node config version, so
we can graduate these configs a little more cleanly later on.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
Broke the binding between the discrete IP addresses of the control plane
elements and the ControlPlaneEndpoint. This allows the specification of
a canonical controlplane address which may optionally be a DNS name.
Fixes#1131
Signed-off-by: Seán C McCord <ulexus@gmail.com>
This modifies `osctl install` to use the provided userdata as the source
for default installation values. This allows such things as
userdata-supplied extra kernel parameters to be automatically
included in the bootloader.
Fixes#1102
Signed-off-by: Seán C McCord <ulexus@gmail.com>
Added a decomposition option to the kernel.NewDefaultCmdline() so that
the Defaults can be added _after_ constructing a custom commandline.
This is then implemented for `osctl install`.
Fixes#1128
Signed-off-by: Seán C McCord <ulexus@gmail.com>
Since the command's name is 'generate' the 'gen' prefix is not needed
in the version flag. The flag is scoped under the generate command so
it should be very clear that the '--version' flag is used to control the
config version.
We also move to defaulting to v0 since v1 is new and still needs to be
tested in the real world. We can default to v1 in the next release.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
Since the cluster create command and the upgrade command shared a common
variable, and the upgrade defaults to an empty string, we get an invalid
reference format error when attempting to create a cluster. This makes
the variables unique to avoid that.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
We have this flag missing in a number of places. This ensures that all
commands in the future will have this flags. A potential cleanup would
be to hide this flag in commands where it does not make sense. For now I
think its best to have everywhere.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
We have no need for this anymore since installs and upgrades are now
completely handled in a container.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This PR will implement the v1 machine config proposal. This will allow
for a streamlined config for talos nodes.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
Adds handler for specification of additional subjet alt names (SANs) for
the API Server when generating a new cluster configuration using
`osctl`.
Fixes#800
Signed-off-by: Seán C McCord <ulexus@gmail.com>
In order to facilitate upgrades and resets that are capable of
manipulating the system block device, we need to run an instance of
containerd that has zero dependencies on the disk. We run containerd
purely in memory for running system services.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This fixes the possibility of panicing on a nil pointer by running the
verification steps earlier.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This changes the data partition name to something more appropriate. We
chose ephemeral to make it very clear that the disk should not be used
for application data.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This reworks a bunch of the formatting for the userdata generation to
output a cleaner talos config when using IPv6 masters and `osctl config
generate`.
Please note that this changes the scope of concern for master indexing,
keeping `osctl` blissfully unaware of the master-reference chaining.
All it does is report the index of the master it is trying to generate.
The generator itself handles the reference chaining.
Fixes#916, fixes#917, and fixes#918
Signed-off-by: Seán C McCord <ulexus@gmail.com>
Problem was triggered by udevd trigger, root cause is not clear, but
workaround is to disable it for container mode.
Implement CPU/mem limits for `osctl cluster create`, apply defaults,
bump defaults for cicd.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This change aims to make installations more unified and reliable. It
introduces the concept of a mountpoint manager that is capable of
mounting, unmounting, and moving a set of mountpoints in the correct
order.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
It is now possible to `start`/`stop`/`restart` any service via `osctl`
commands.
There are some changes in `ServiceRunner` to support re-use (re-entering
running state). `Services` singleton now tracks service running state to
avoid calling `Start()` on already running `ServiceRunner` instance.
Method `Start()` was renamed to `LoadAndStart()` to break up service
loading (adding to the list of service) and actual service start.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This allows to run tiny Talos clusters (which is sometimes nice for
local testing), e.g. with just a single master and zero workers.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This change aims to standardize the boot process. It introduces the
concept of a phase, which is comprised of tasks. Phases are ran in serial and
the tasks that make up a phase are ran concurrently.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This change allows for more accurate mount reporting as /proc/mounts is
a symlink to /proc/self/mounts and contains mounts that are relative to
the running process. In our case this was osd. This caused inaccurate
reporting of mounts since they were relative to osd when we really
wanted mounts relative to machined.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This PR adds the ability to set mtu for the cluster create networks.
Default is 1440, which seems to be the default for calico.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
Switch from `StringSliceVar` to `StringArrayVar` to maintain commas
in kernel args.
Update entrypoint script to allow specifying extra kernel args.
Remove default console settings in kernel config.
Signed-off-by: Brad Beam <brad.beam@talos-systems.com>
In addition to adding a flag, this adds a field to the user data that allows
for extra kernel arguments to be specified.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
Decided to combine two very small changes (which I'm now grumpy at myself for doing).
First, we'll update the toolchain image versions to allow for the use of a new containerd and runc. Also updated go.mod and go.sum to make use of newer containerd version. Closes#743 and #744.
Second, I added the bit of logic to osctl config generate to determine the working directory and let the user know that we created the various yaml files there. Closes#760.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
This PR moves the reset API to the init API definition.
It leverages the same code we use for upgrades.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This unifies low-level filesystem walker code for `ls` and `cp`.
New features:
* `ls` now reports relative filenames
* `ls` now prints symlink destination for symlinks
* `cp` now properly always reports errors from the API
* `cp` now reports all the errors back to the client
Example for `ls`:
```
osctl-linux-amd64 --talosconfig talosconfig ls -l /var
MODE SIZE(B) LASTMOD NAME
drwxr-xr-x 4096 Jun 26 2019 .
Lrwxrwxrwx 4 Jun 25 2019 etc -> /etc
drwxr-xr-x 4096 Jun 26 2019 lib
drwxr-xr-x 4096 Jun 21 2019 libexec
drwxr-xr-x 4096 Jun 26 2019 log
drwxr-xr-x 4096 Jun 21 2019 mail
drwxr-xr-x 4096 Jun 26 2019 opt
Lrwxrwxrwx 6 Jun 21 2019 run -> ../run
drwxr-xr-x 4096 Jun 21 2019 spool
dtrwxrwxrwx 4096 Jun 21 2019 tmp
-rw------- 14979 Jun 26 2019 userdata.yaml
```
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Service `osd` doesn't have access to rootfs, as it is running in a
container, so move API to `init` which has unconstrained access to
rootfs. (This is in line with another API, `osctl cp`).
Fixes: #752
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Actual API is implemented in the `init`, as it has access to root
filesystem. `osd` proxies API back to `init` with some tricks to support
grpc streaming.
Given some absolute path, `init` produces and streams back .tar.gz
archive with filesystem contents.
`osctl cp` works in two modes. First mode streams data to stdout, so
that we can do e.g.: `osctl cp /etc - | tar tz`. Second mode extracts
archive to specified location, dropping ownership info and adjusting
permissions a bit. Timestamps are not preserved.
If full dump with owner/permisisons is required, it's better to stream
data to `tar xz`, for quick and dirty look into filesystem contents
under unprivileged user it's easier to use in-place extraction.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
I couldn't find any use for the `timeout` flag nor the value passed in
the API, but it block much more useful and present in other commands
flag 'target'.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This reverts commit f200eb7a8a0b7c2d29710f695000eb7680ce8b7d.
grpc can't send back both response and an error.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
