mirror of
https://github.com/siderolabs/talos.git
synced 2025-12-15 22:41:55 +01:00
078aac92ee
Bump: - REVERT cilium/cilium-cli to v0.14.7 - github.com/Azure/azure-sdk-for-go/sdk/azcore to v1.7.0 - github.com/Azure/azure-sdk-for-go/sdk/storage/azblob to v1.1.0 - github.com/aws/aws-sdk-go to v1.44.300 - github.com/beevik/ntp to v1.2.0 - github.com/docker/docker to v24.0.4+incompatible - github.com/gomarkdown/markdown to v0.0.0-20230711084535-11b03c0ae6d6 - github.com/hetznercloud/hcloud-go to v1.48.0 - github.com/iancoleman/orderedmap to v0.3.0 - github.com/jsimonetti/rtnetlink to v1.3.4 - github.com/siderolabs/go-debug to v0.2.3 - golang.org/x/net to v0.12.0 - golang.org/x/tools to v0.11.0 - google.golang.org/genproto/googleapis/rpc to v0.0.0-20230711160842-782d3b101e98 - google.golang.org/grpc to v1.56.2 - google.golang.org/protobuf to v1.31.0 Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
cloud-image-uploader
vmimport role
Role should be pre-created before running this command.
aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json
aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json
Azure Pre-requisites
Configuring the Portal
Community Gallery (preview) information can be found here.
- Create Resource Group:
SideroGallery - Create Storage Account:
siderogallery - Create storage Container:
images - Create Azure Compute Gallery:
SideroLabs- Azure Documentation
- Search for Azure Compute Gallery in the portal search bar.
- Select Create.
- Fill in the required information.
- In the Sharing Tab select RBAC + share to public community gallery (PREVIEW)
- Select Review + create
- Create Compute Gallery Image Definition:
talos-arm64, `talos-x64- Azure Documentation
- Select the
SideroLabsCompute Gallery. - Select the notification at the top of the page to share the gallery.
- Select New Image Definition
- Create an Image definition for each architecture type:
- This is where V2 must be selected for the VM generation in order for an arm64 image version to be created in the definition.
- Publisher:
siderolabs - Offer:
talos - SKU: must be unique
- Do not create an image version yet.
- Publisher:
- This is where V2 must be selected for the VM generation in order for an arm64 image version to be created in the definition.
- Create an Image definition for each architecture type:
App Registration
The App Registration is what we will use to authenticate to Azure for uploading blobs and creating resources.
Create an App Registration
- Search for and Select Azure Active Directory.
- Select App registrations, then select New registration.
- Name the application, for example "example-app".
- Select a supported account type, which determines who can use the application.
- Under Redirect URI, select Web for the type of application you want to create, enter the URI where the access token is sent to.
- Select Register.
Environment Variables
Get the following values for azure-go-sdk
- Subscription ID
-Login into your Azure account
- Select Subscriptions in the left sidebar
- Select whichever subscription is needed
- Click on Overview
- Copy the Subscription ID
- Client ID
- Client Secret
- Tenant ID
These are stored as Drone secrets as:
- azure_subscription_id
- azure_client_id
- azure_client_secret
- azure_tenant_id
Add permissions for App Registration
The App registration only needs permissions to the Compute Gallery and the Storage Account.
-
Compute Gallery:
- Select the
SideroLabsCompute Gallery - Select Access control (IAM)
- Select Add role assignment
- Select the Contributer role
- Select the
-
Storage Account:
- Select the
siderolabsStorage Account - Select Access control (IAM)
- Select Add role assignment
- Select the Storage Blob Data Contributor role
- Select the