mirror of
https://github.com/siderolabs/talos.git
synced 2025-10-09 22:51:12 +02:00
f7d1e77769
Related to #4448 The only remaining part is filtering out SideroLink addresses when Talos looks for a node address. See also https://github.com/talos-systems/siderolink/pull/2 The way to test it out: ``` $ talosctl cluster create ... --extra-boot-kernel-args siderolink.api=172.20.0.1:4000 ``` (where 172.20.0.1 is the bridge IP) Run `siderolink-agent` (test implementation): ``` $ sudo _out/siderolink-agent-linux-amd64 ``` Now on the host, there should be a `siderolink` Wireguard userspace tunnel: ``` $ sudo wg interface: siderolink public key: 2aq/V91QyrHAoH24RK0bldukgo2rWk+wqE5Eg6TArCM= private key: (hidden) listening port: 51821 peer: Tyr6C/F3FFLWtnzqq7Dsm54B40bOPq6++PTiD/zqn2Y= endpoint: 172.20.0.1:47857 allowed ips: fdae:41e4:649b:9303:b6db:d99c:215e:dfc4/128 latest handshake: 2 minutes, 2 seconds ago transfer: 3.62 KiB received, 1012 B sent ... ``` Each Talos node will be registered as a peer, tunnel is established. You can now ping Talos nodes from the host over the tunnel: ``` $ ping fdae:41e4:649b:9303:b6db:d99c:215e:dfc4 PING fdae:41e4:649b:9303:b6db:d99c:215e:dfc4(fdae:41e4:649b:9303:b6db:d99c:215e:dfc4) 56 data bytes 64 bytes from fdae:41e4:649b:9303:b6db:d99c:215e:dfc4: icmp_seq=1 ttl=64 time=0.352 ms 64 bytes from fdae:41e4:649b:9303:b6db:d99c:215e:dfc4: icmp_seq=2 ttl=64 time=0.437 ms ``` Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>