0af7624c7d
Due to the race, main goroutine might consume all the errors from `errCh` and close `nodesCh`, so node goroutine might hit panic on send to closed channel. ``` panic: send on closed channel goroutine 40 [running]: github.com/talos-systems/talos/internal/pkg/provision/providers/firecracker.(*provisioner).createNodes.func1(0x26ab668, 0xc00025a000, 0xc0005a83c0, 0xc00029d540, 0xc000536120, 0xc000464540, 0xc000041d80, 0x18, 0xc0006d406c, 0x4, ...) /src/internal/pkg/provision/providers/firecracker/node.go:55 +0x1fa created by github.com/talos-systems/talos/internal/pkg/provision/providers/firecracker.(*provisioner).createNodes /src/internal/pkg/provision/providers/firecracker/node.go:50 +0x1ca ``` Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Firecracker Talos Provisioner
This code is experimental for now.
Due to CNI, it requires talosctl to be running with at least
CAP_SYS_ADMIN and CAP_NET_ADMIN Linux capabilities
(in order to have the ability to create and configure network namespaces).
In any case, it requires /dev/kvm to be accessible for the user
running talosctl: https://github.com/firecracker-microvm/firecracker/blob/master/docs/getting-started.md#prerequisites
CNI configuration directory (could be overridden with talosctl flags) should
exist, default location is /etc/cni/conf.d.
Network namespace default mountpoint should be created as well: /var/run/netns.
Following CNI plugins should be installed to the CNI binary path (default is /opt/cni/bin):
bridgefirewalltc-redirect-tap
First two CNI plugins are part of Standard CNI plugins, last one can be built from Firecracker Go SDK.
Provisioner creates bridge interface with format talos<8 hex chars> and never deletes it (bug).