talos
talos copied to clipboard
siderolabs
support for unformatted volumes
Similar to user volumes in the way they work, but the volume should not be formatted and mounted.
Probably should support disk encryption as well.
See https://github.com/siderolabs/talos/discussions/10795
Just to clarify between this and https://github.com/siderolabs/talos/issues/10469, would this also include an even simpler case of recognizing an existing partition and unlocking it, where Talos is not responsible for provisioning the partition?
The particular use case is having a ZFS pool on top of LUKS with a lifecycle completely separate from Talos. So all Talos would need to do is basically cryptsetup luksOpen using its existing KMS/passphrase/tpm support.
Talos wouldn't care about contents of the partition, so ZFS pool is not a Talos responsibility in any way.
OK, I guess the question is would we be able to create a UserVolume + encryption that points to an arbitrary partition that Talos should never actually provision, it should just unlock it if it exists?
I see:
When a user volume configuration is applied, Talos Linux will either locate an existing volume or provision a new one.
but how would this work for a volume that Talos never provisioned, i.e. how does it "locate" the partition? We have provisioning.diskSelector but that's just the disk. But also:
The volume label is derived from the volume name as u-
, and it is used to identify the volume on the disk after initial provisioning.
So would I just label the existing partitions manually so that Talos thinks it provisioned them?
So would I just label the existing partitions manually so that Talos thinks it provisioned them?
this might work, but it's not the goal of this ticket, and a non-goal in general.
As long as the partition is not there, Talos will create it, optionally encrypt & unlock. Once created, Talos will simply unlock it as configured, but Talos is not supposed to do anything besides that.
Let me open a discussion for this. https://github.com/siderolabs/talos/discussions/11030
Hello, thanks for all the awesome work! I'm trying to get Ceph running on some small nodes that only have one disk, so I'm eagerly awaiting this feature. I downloaded the v1.11.0-alpha.3 versions of Talos and talosctl, and tried to apply a configuration patch to create a raw volume, but it looks like talosctl doesn't like it:
"RawVolumeConfig" "v1alpha1": not registered
Am I missing something?
It hasn't been released yet. The commit that completed this was created 4 days ago. v1.11.0-alpha.3 is two weeks old.
Oh of course! 🤦
Get Outlook for iOShttps://aka.ms/o0ukef
From: Mike Beaumont @.>
Sent: Friday, July 18, 2025 4:40:56 PM
To: siderolabs/talos @.>
Cc: Nathan Spix @.>; Comment @.>
Subject: Re: [siderolabs/talos] RawVolumeConfig: support for unformatted volumes (Issue #10931)
[https://avatars.githubusercontent.com/u/2266568?s=20&v=4]michaelbeaumont left a comment (siderolabs/talos#10931)https://github.com/siderolabs/talos/issues/10931#issuecomment-3090662756
It hasn't been released yet. The commit that completed this was created 4 days ago. v1.11.0-alpha.3https://github.com/siderolabs/talos/releases/tag/v1.11.0-alpha.3 is two weeks old.
— Reply to this email directly, view it on GitHubhttps://github.com/siderolabs/talos/issues/10931#issuecomment-3090662756, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ANSLFHS7VZK7WHAWYR2UEFD3JFLVRAVCNFSM6AAAAAB4TWFDGKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZTAOJQGY3DENZVGY. You are receiving this because you commented.Message ID: @.***>