Closed rsmitty closed 3 months ago
This is caused by the "action tracking" feature of talosctl
that is enabled by default.
Action tracking feature shows the progress of the reboot. To be able to do that, it attempts to read the boot id before issuing the reboot GRPC call: https://github.com/siderolabs/talos/blob/main/cmd/talosctl/pkg/talos/action/tracker.go#L325-L341
We do not allow reading files even as admin in Omni.
Disabling action tracking by adding --wait=false
to the command works as expected.
We can consider making the boot id readable (maybe expose it as a resource?) or using a fallback mechanism if we cannot read it.
We need two kinds of changes:
talosctl reboot
to fall back to "regular" mode if it gets permission deniedDuplicate of https://github.com/siderolabs/talos/issues/7197
will track it on the issue above.
@utkuozdemir how is this a duplicate of that card? I am an admin, and have not attempted to use "--wait" in any form, and am hitting this issue.
@ArcherSeven --wait=true
is the default, just use --wait=false
until we have a fix in place.
Is there an existing issue for this?
Current Behavior
Throws permission denied when issuing:
❯ talosctl -n talos-xxu-ebt reboot ◰ watching nodes: [talos-xxu-ebt]
Expected Behavior
talosctl reboot
works to reboot the node in the same way that it does in the UI.Steps To Reproduce
Issue
talosctl reboot
against a worker node in an omni-based cluster.What browsers are you seeing the problem on?
No response
Anything else?
No response