talos
talos copied to clipboard
siderolabs
Add podman cluster provisioning provider
Pull Request
What? (description)
Add Podman cluster provisioning provider.
Why? (reasoning)
To be able to run Talos containers using Podman instead of Docker.
Acceptance
Please use the following checklist:
- [ ] you linked an issue (if applicable)
- [ ] you included tests (if applicable)
- [x] you ran conformance (
make conformance) - [x] you formatted your code (
make fmt) - [x] you linted your code (
make lint) - [x] you generated documentation (
make docs) - [x] you ran unit-tests (
make unit-tests)
See
make helpfor a description of the available targets.
Notes
- Requires podman v4+
- Runs only rootfull containers (for now)
- Environment variable
PODMAN_SOCKETcan be used to override default socket uri e.g.PODMAN_SOCKET=unix:/tmp/podman.sock
This change is 
Looks like build failed in some obscure ways: https://ci.dev.talos-systems.io/siderolabs/talos/26014
I think the build system is missing gpgme, which is needed to build the gpgme go package. I've changed this PR to draft and will try some commits to make sure.
Looks like this package also requires CGo, and in Talos we avoid CGo at all costs, in fact it is disabled for the build.
I've added some tags to the build as suggested in https://github.com/containers/podman/issues/12548.
There's still an error from the linter, which I don't understand:
#0 24.30 level=error msg="Running error: 1 error occurred:\n\t* can't run linter goanalysis_metalinter: inspect: failed to load package containers: could not load export data: no export data for \"github.com/containers/podman/v4/pkg/bindings/containers\"\n\n"
I'd appreciate if anyone with more go-knowledge could explain what I'm doing wrong here...
I'd appreciate if anyone with more go-knowledge could explain what I'm doing wrong here...
Never mind; I had to add the build tags to golinter-ci too.
I am looking forward to this pr-- how is it going?
Lack of time. I'll get back to this PR soonish.
This PR has been overtaken by time; Podman will happily run a Talos cluster. Tested with Podman v4.2.0 and Talos v1.2.3:
$ sudo DOCKER_HOST=unix:///run/podman/podman.sock talosctl cluster create --provisioner docker
validating CIDR and reserving IPs
generating PKI and tokens
downloading ghcr.io/siderolabs/talos:v1.2.3
creating network talos-default
creating controlplane nodes
creating worker nodes
waiting for API
bootstrapping cluster
waiting for etcd to be healthy: OK
waiting for etcd members to be consistent across nodes: OK
waiting for etcd members to be control plane nodes: OK
waiting for apid to be ready: OK
waiting for kubelet to be healthy: OK
waiting for all nodes to finish boot sequence: OK
waiting for all k8s nodes to report: OK
waiting for all k8s nodes to report ready: OK
waiting for all control plane components to be ready: OK
waiting for kube-proxy to report ready: OK
waiting for coredns to report ready: OK
waiting for all k8s nodes to report schedulable: OK
merging kubeconfig into "/root/.kube/config"
PROVISIONER docker
NAME talos-default
NETWORK NAME talos-default
NETWORK CIDR 10.5.0.0/24
NETWORK GATEWAY 10.5.0.1
NETWORK MTU 1500
NODES:
NAME TYPE IP CPU RAM DISK
/talos-default-controlplane-1 controlplane 10.5.0.2 2.00 2.1 GB -
/talos-default-worker-1 worker 10.5.0.3 2.00 2.1 GB -
$ sudo kubectl get node --output wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
talos-default-controlplane-1 Ready control-plane 104s v1.25.1 10.5.0.2 <none> Talos (v1.2.3) 5.15.0-48-generic containerd://1.6.8
talos-default-worker-1 Ready <none> 104s v1.25.1 10.5.0.3 <none> Talos (v1.2.3) 5.15.0-48-generic containerd://1.6.8
Unfortunately it only works in rootfull podman at the moment.