search

siderolabs / omni

SaaS-simple deployment of Kubernetes - on your own hardware.
Other
395 stars 24 forks source link

feat: support insecure access to the nodes running in maintenance #411

Closed Unix4ever closed 3 days ago

Unix4ever commented 4 days ago

Any insecure talosctl commands now work with Omni per-instance talosconfig. User should have at least Operator Omni role to be able to use the insecure talosctl mode.

DNS resolver was updated to react on the MachineStatus resource creation, not only the ClusterMachineConfigStatus resource. That makes the DNS record for UUID appear as soon as machine joins Omni, not when the machine gets allocated into a cluster.

Machines list now has maintenance Talos version update button. The UI will issue talosctl upgrade when another Talos version is picked.

MachineStatus controller was updated a bit: version poller wasn't marked as dirty after maintenance upgrades. Now we mark it as dirty every time we get Talos MachineStatus resource update.

Also fixed UI issues here and there.

Fixes: #284 Fixes: #236

Unix4ever commented 4 days ago

https://github.com/siderolabs/omni/assets/830532/a6915a9f-aab6-495d-8a92-eb2e33b7e16d

Unix4ever commented 3 days ago

verify insecure access in the integration tests

Unix4ever commented 3 days ago

/m