Noel Georgi
Noel Georgi
yes, an extension could do it, mount the boot partition and edit the file, but that would mean only once talos starts the extension service the file would be edited,...
> how do I make my extension run in privileged mode so I can mount the partition? the extension services runs as privileged by default The spec is mentioned here...
> @smira @frezbo when you have a min, can you have a look at the linked MR so we can get this merged and closed 🙏🏾. Do you also know...
> Been diving into the overlays functionality in the 1.7.0 alpha. Have successfully been able to build an image with a custom config.txt like this: > > ```shell > docker...
I'm closing this since this is now supported.
I think this can be closed now
cilium is still broken for kube-proxyless installs, see: https://github.com/cilium/cilium/issues/21603
> cilium is still broken for kube-proxyless installs, see: [cilium/cilium#21603](https://github.com/cilium/cilium/issues/21603) edit: with kube-proxyless and privileged set to false
There is no need to change the defaults, when generating an image `-lockdown lockdown=integrity` kernel args can be set to override the defaults. It's documented here https://www.talos.dev/v1.6/talos-guides/install/boot-assets/#imager and this is...
> @frezbo I'm not sure if you want your users in order to have a working Kubernetes Cluster using Cilium CNI and Secureboot to build and manage their own images....