This PR moves to using v1alpha1 as the inital node config version, so
we can graduate these configs a little more cleanly later on.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
Add translation for v1 to v0 machine networking. Also adds "Ignore"
property to v1 network interfaces.
Fixes#1134
Signed-off-by: Seán C McCord <ulexus@gmail.com>
Broke the binding between the discrete IP addresses of the control plane
elements and the ControlPlaneEndpoint. This allows the specification of
a canonical controlplane address which may optionally be a DNS name.
Fixes#1131
Signed-off-by: Seán C McCord <ulexus@gmail.com>
Added a property to userdata to allow a network interface to be ignored,
such that Talos will perform no operations on it (including DHCP).
Also added kernel commandline parameter (talos.network.interface.ignore)
to specify a network interface should be ignored.
Also allows chaining of kernel cmdline parameter Contains() where the
parameter in question does not exist.
Fixes#1124
Signed-off-by: Seán C McCord <ulexus@gmail.com>
This PR will upgrade to the latest beta of v1.16 in order to get us
closer to catching the v1.16.0 release as soon as it drops.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
This PR will implement the v1 machine config proposal. This will allow
for a streamlined config for talos nodes.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
This PR will move to using the external kubeadm v1beta2 structs for our
code base. This will hopefully allow for more stable integrations with
kubeadm in the long term, as well as solve some needs we have in the
machine config rewrite.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
Adds handler for specification of additional subjet alt names (SANs) for
the API Server when generating a new cluster configuration using
`osctl`.
Fixes#800
Signed-off-by: Seán C McCord <ulexus@gmail.com>
This is a major rewrite of our network subsystem.
- This changes networkd to run as a standalone app versus internal goroutine
- This changes out the netlink package with the more idiomatic netlink/rtnetlink
packages
- This changes the initial network bootstrap/discovery from using a single
interface to attempting to bring up all interfaces
- This moves us back on to the upstream dhcp library
Signed-off-by: Brad Beam <brad.beam@talos-systems.com>
This changes the data partition name to something more appropriate. We
chose ephemeral to make it very clear that the disk should not be used
for application data.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This sets up the ability to define hostname via userdata. I dont expect
this will get used publicly much, but provides a mechanism to convey
the hostname from various sources internally.
Signed-off-by: Brad Beam <brad.beam@talos-systems.com>
This is not ideal, but it works. We essentially need to start using
replace statements in order to pull in the modules we need.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This reworks a bunch of the formatting for the userdata generation to
output a cleaner talos config when using IPv6 masters and `osctl config
generate`.
Please note that this changes the scope of concern for master indexing,
keeping `osctl` blissfully unaware of the master-reference chaining.
All it does is report the index of the master it is trying to generate.
The generator itself handles the reference chaining.
Fixes#916, fixes#917, and fixes#918
Signed-off-by: Seán C McCord <ulexus@gmail.com>
This change aims to standardize the boot process. It introduces the
concept of a phase, which is comprised of tasks. Phases are ran in serial and
the tasks that make up a phase are ran concurrently.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
In addition to adding a flag, this adds a field to the user data that allows
for extra kernel arguments to be specified.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
* refactor(init): Allow kubeadm init on controlplane
This shifts the cluster formation from init(bootstrap) and join(control plane)
to init(control plane).
This makes use of the previously implemented initToken to provide a TTL for
cluster initialization to take place and allows us to mostly treat all control
plane nodes equal. This also sets up the path for us to handle master upgrades
and not be concerned with odd behavior when upgrading the previously defined
init node.
To facilitate kubeadm init across all control plane nodes, we make use of the
initToken to run `kubeadm init phase certs` command to generate any missing
certificates once. All other control plane nodes will attempt to sync the
necessary certs/files via all defined trustd endpoints and being the startup
process.
* feat(init): Add service runner context to PreFunc
Signed-off-by: Brad Beam <brad.beam@talos-systems.com>
We should still support username and password for backwards compatibility.
This also sets us up for for implementing auth for users using something like LDAP in the future.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
