mirror of
https://github.com/siderolabs/talos.git
synced 2025-08-19 13:41:13 +02:00
031c65be47
This creates an IMA policy at boot. It uses the default TCB policy with a dont_measure rule for XFS. Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
Integration Testing
Setup
Prerequisites
- A linux machine with KVM enabled
dockerdocker-composevirt-installqemu-kvmyq
apt install -y virtinst qemu-kvm
curl -L https://github.com/mikefarah/yq/releases/download/2.4.1/yq_linux_amd64 -o /usr/local/bin/yq
chmod +x /usr/local/bin/yq
Start Matchbox, Dnsmasq, and HAproxy
docker-compose up
Note: This will run all services in the foreground.
Create the VMs
./libvirt.sh up
Getting the Console Logs
virsh console <VM>
Connecting to the Nodes
From the Host
Setup DNS
Append the following to /etc/hosts:
172.28.1.3 kubernetes.talos.dev
172.28.1.10 control-plane-1.talos.dev
172.28.1.11 control-plane-2.talos.dev
172.28.1.12 control-plane-3.talos.dev
172.28.1.13 worker-1.talos.dev
Setup osctl and kubectl
export TALOSCONFIG=$PWD/matchbox/assets/talosconfig
export KUBECONFIG=$PWD/matchbox/assets/kubeconfig
osctl config target 172.28.1.10
osctl kubeconfig ./matchbox/assets/kubeconfig
From a Container
./libvirt.sh workspace
osctl config target 172.28.1.10
osctl kubeconfig .
Verify Connectivity
osctl services
kubectl get nodes
Teardown
To teardown the test:
docker-compose down
./libvirt.sh down