search

siderolabs / talos

Talos Linux is a modern Linux distribution built for Kubernetes.
https://www.talos.dev
Mozilla Public License 2.0
6.59k stars 525 forks source link

Extension templating/placeholders #6208

Closed ammmze closed 2 months ago

ammmze commented 2 years ago

Feature Request

It would be great if there was some form of templating, or at least placeholder replacement in the Talos system extension image name/tag. So that it can inject the Talos version into the image tag, something like this:

machine:
  install:
    extensions:
      - image: ghcr.io/siderolabs/gasket-driver:5993718-{TALOS_VERSION}

Description

It looks like Talos now supports installing kernel modules via system extensions. However, it sounds like there is a caveat that the module need to be signed and as such would need to be released in step with the Talos version. This means each Talos upgrade would need to install a Talos version specific image. As such, it seems like it would be easy to cause issues during an upgrade by simply forgetting to update the machine config with the talos version you are going to be upgrading to. If we can templatize that image value to allow injecting the Talos version, this could allow that upgrade process to continue to be seamless.

smira commented 2 years ago

The problem with this approach as I see it going forward might be that machine config changes (when the variable value changes), but there are no changes to the machine config at the same time. It might sound counter-intuitive, but I think one of the core properties of Talos is acting on machine config changes.

This specific example might be fine, as this variable is bound to the Talos version, and we might want to find some answer here, but in general variables and templating seems like something which should be done outside of Talos.

ammmze commented 2 years ago

Yea, I would agree we don't want or need templating for the entire machine config, and really i'm not set on it being a templatized thing if there is some other way to get what we need. I just worry that for kernel modules, if they are truly tied to a specific version of Talos like I understand they are, that it may be too easy to forget to update the extension image before issuing a talosctl upgrade ... and then it ends up installing an incompatible kernel module.

smira commented 2 years ago

yep, this makes sense, it's a good suggestion if we can link it to the Talos version being installed.

github-actions[bot] commented 3 months ago

This issue is stale because it has been open 180 days with no activity. Remove stale label or comment or this will be closed in 7 days.

github-actions[bot] commented 2 months ago

This issue was closed because it has been stalled for 7 days with no activity.