mirror of
https://github.com/siderolabs/talos.git
synced 2025-09-18 20:31:12 +02:00
5dbc26c7a3
This is a rename of the osctl binary. We decided that talosctl is a better name for the Talos CLI. This does not break any APIs, but does make older documentation only accurate for previous versions of Talos. Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
27 lines
1.1 KiB
Markdown
27 lines
1.1 KiB
Markdown
# Firecracker Talos Provisioner
|
|
|
|
This code is experimental for now.
|
|
|
|
Due to CNI, it requires `talosctl` to be running with at least
|
|
`CAP_SYS_ADMIN` and `CAP_NET_ADMIN` Linux capabilities
|
|
(in order to have the ability to create and configure network namespaces).
|
|
|
|
In any case, it requires `/dev/kvm` to be accessible for the user
|
|
running `talosctl`: https://github.com/firecracker-microvm/firecracker/blob/master/docs/getting-started.md#prerequisites
|
|
|
|
CNI configuration directory (could be overridden with `talosctl` flags) should
|
|
exist, default location is `/etc/cni/conf.d`.
|
|
|
|
Network namespace default mountpoint should be created as well: `/var/run/netns`.
|
|
|
|
Following CNI plugins should be installed to the CNI binary path (default is `/opt/cni/bin`):
|
|
|
|
- `bridge`
|
|
- `firewall`
|
|
- `tc-redirect-tap`
|
|
|
|
First two CNI plugins are part of [Standard CNI plugins](https://github.com/containernetworking/cni),
|
|
last one can be built from [Firecracker Go SDK](https://github.com/firecracker-microvm/firecracker-go-sdk/tree/master/cni).
|
|
|
|
Provisioner creates bridge interface with format `talos<8 hex chars>` and never deletes it (bug).
|