Update proxmox guide to show example of using qemu-guest-agent.
Signed-off-by: USBAkimbo <71508071+USBAkimbo@users.noreply.github.com>
Signed-off-by: Noel Georgi <git@frezbo.dev>
Retrieve the DNS names of instances from the platform metadata.
Signed-off-by: Serge Logvinov <serge.logvinov@sinextra.dev>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Improve the ingress firewall docs.
Signed-off-by: Steve Francis <steve.francis@talos-systems.com>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
I noticed in the docs
[here](8df5b85ec7/website/content/v1.8/kubernetes-guides/network/deploying-cilium.md (L241))
it mentions enabling the KubePrism feature. However, it mentions enabling the
KubePrism feature. However,
[here](8df5b85ec7/website/content/v1.8/kubernetes-guides/configuration/kubeprism.md (L25))
the docs mention it's enabled by default since 1.6..
So I was wondering if mention of enabling KubePrism after v1.6 is a mistake?
Note it was mentioned several times in the docs v1.5.
```
❯ rg "kubePrism:" --glob "*deploying-cilium.md" -A1
website/content/v1.8/kubernetes-guides/network/deploying-cilium.md
240: kubePrism:
241- enabled: true
website/content/v1.7/kubernetes-guides/network/deploying-cilium.md
240: kubePrism:
241- enabled: true
website/content/v1.6/kubernetes-guides/network/deploying-cilium.md
240: kubePrism:
241- enabled: true
website/content/v1.5/kubernetes-guides/network/deploying-cilium.md
32: kubePrism:
33- enabled: true
--
56: kubePrism:
57- enabled: true
--
212: kubePrism:
213- enabled: true
--
240: kubePrism:
241- enabled: true
--
264: kubePrism:
265- enabled: true
```
Signed-off-by: Will Bush <git@willbush.dev>
grpc_tunnel is described as being enabled by using the value yes in the docs, but it should be true.
Signed-off-by: Simon-Boyer <si.boyer@hotmail.ca>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
The current form of OpenStack is not capitalized correctly. Stack should
be written with a large S, like OpenStack and not Openstack.
Signed-off-by: Birger J. Nordølum <contact@mindtooth.no>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Allow skipping NAT for the given destinations from a cluster network. This option makes it possible to form an etcd cluster from clusters in different networks created by running `talosctl cluster create` command multiple times using different CIDRs: they simply should have the CIDR of the other clusters passed with `--non-masquerade-cidrs`.
Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
This will be useful for debugging process access rights once we start implementing SELinux
Signed-off-by: Dmitry Sharshakov <dmitry.sharshakov@siderolabs.com>
Update install docs for the Akamai platform.
Signed-off-by: Evan Johnson <ejohnson@akamai.com>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Dynamically map Kubernetes and Talos API ports to an available port on
the host, so every cluster gets its own unique set of parts.
As part of the changes, refactor the provision library and interfaces,
dropping old weird interfaces replacing with (hopefully) much more
descriprive names.
Signed-off-by: Dmitry Sharshakov <dmitry.sharshakov@siderolabs.com>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
This PR adds the support for CoreDNS forwarding to host DNS. We try to bind on 9th address on the first element from
`serviceSubnets` and create a simple service so k8s will not attempt to rebind it.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Co-authored-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
Add support for the Akamai(Linode) platform
Signed-off-by: Evan Johnson <ejohnson@akamai.com>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Change the quickstart guide to use brew install instructions. Updated
command formatting and added warning for macOS Docker Desktop users.
Signed-off-by: Justin Garrison <justin.garrison@siderolabs.com>
This PR ensures that we can test our siderolink communication using embedded siderolink-agent.
If `--with-siderolink` provided during `talos cluster create` talosctl will embed proper kernel string and setup `siderolink-agent` as a separate process. It should be used with combination of `--skip-injecting-config` and `--with-apply-config` (the latter will use newly generated IPv6 siderolink addresses which talosctl passes to the agent as a "pre-bind").
Fixes#8392
Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
This allows to roll all nodes to use a new CA, to refresh it, or e.g.
when the `talosconfig` was exposed accidentally.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Fixes#8267
Also refactor the code so that we don't fail hard on mutiple bonds, but
it's not clear still how to attach addresses, as they don't have a
interface name field, so for now attaching to the first bond.
Fixes#8411
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
The core change is moving the context out of the `ServiceRunner` struct
to be a local variable, and using a channel to notify about shutdown
events.
Add more synchronization between Run and the moment service started to
avoid mis-identifying not running (yet) service as successfully finished.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Co-authored-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
This controller combines kobject events, and scan of `/sys/block` to
build a consistent list of available block devices, updating resources
as the blockdevice changes.
Based on these resources the next step can run probe on the blockdevices
as they change to present a consistent view of filesystems/partitions.
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
This is a small quality of life improvement that allows `logs` subcommand to suggest all available logs.
Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
