This PR introduces a new strategy for upgrades. Instead of attempting to
zap the partition table, create a new one, and then format the
partitions, this change will only update the `vmlinuz`, and
`initramfs.xz` being used to boot. It introduces an A/B style upgrade
process, which will allow for easy rollbacks. One deviation from our
original intention with upgrades is that this change does not completely
reset a node. It falls just short of that and does not reset the
partition table. This forces us to keep the current partition scheme in
mind as we make changes in the future, because an upgrade assumes a
specific partition scheme. We can improve upgrades further in the
future, but this will at least make them more dependable. Finally, one
more feature in this PR is the ability to keep state. This enables
single node clusters to upgrade since we keep the etcd data around.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This makes use of the external procfs pacakge that is based on the
pacakge we are removing here.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
When images are pulled by Talos or via CRI plugin, configuration
for each registry is applied. Mirrors allow to redirect pull request to
either local registry or cached registry. Auth & TLS enable
authentication and TLS authentication for non-public registries.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This fixes cases when large `log.Printf()` was simply lost as it exceeds
max line length (despite being multi-line string with each line below
1KB). Now console logging should be much more reliable.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
The kubelet fails to start if a machine's hostname is not set. If
networkd doesn't set it in time, the kubelet service fails to start.
Addionally, this adds retries to container pulls to ensure that any
temporary network failures don't cause fatal errors if we can't pull
images.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This PR will add in some code to pre-pull the installer image before we
run an upgrade of a given talos node. Additionally, this will add some
functional args to the install package to allow for specifying whether
or not to pull the installer image. This was needed since there was no
sense in pulling the installer again once we made it that far into the
upgrade process.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
For some reason, if the `--upgrade` flag wasn't in the form of
`--upgrade=<true|false>` (with an `=`), the flag was always true. This
adds `=` to all flags.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This introduces the notion of metadata for a node. In this initial pass
there are only two fields. A timestamp to indicate when the install was
performed, and a field to indicate if the install was performed as part
of an upgrade.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This removes the github.com/pkg/errors package in favor of the official
error wrapping in go 1.13.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This moves from translating a config into an internal config
representation, to using an interface. The idea is that an interface
gives us stronger compile time checks, and will prevent us from having to copy
from on struct to another. As long as a concrete type implements the
Configurator interface, it can be used to provide instructions to Talos.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This change ensures that the installer has access to the machine config
so that it can set the extra kernel arguments when installing.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This change aims to make installations more unified and reliable. It
introduces the concept of a mountpoint manager that is capable of
mounting, unmounting, and moving a set of mountpoints in the correct
order.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
