talos icon indicating copy to clipboard operation
talos copied to clipboard

Published 20 hours ago verified publisher icon siderolabs

talosctl gen config overwrite previous configuration

Open sbskas opened this issue 2 years ago • 1 comments

Bug Report

Using talosctl gen config to generate cluster config could overwrite previously generate credentials.

Description

When issuing a gen config, talosctl generates several files to ease the setup of a cluster. However, the ca/cert/key triplets used to connect to apid are create once and output in the different files.

If one needs to correct a parameter/jsonpatch or something else, the whole triplet is regenerated. If the cluster has already been partially deployed (i.e. the controlplane for example), and there is a misconfiguration on the workers preventing them to be initialized, the call to gen config to regenerate the .yaml machineconfig silently overwrites the authentication credentials.

Talosctl needs to figure out that credentials were already there and maybe reuse them (through the talosconfig file), or create a backup to avoid unwanted credential loss.

Environment

  • Talos version: [1.0.5]
  • Platform: all

sbskas avatar Jun 07 '22 17:06 sbskas

This might probably be a warning/error if the files already exist.

smira avatar Jun 08 '22 18:06 smira

Fixed via #6964

smira avatar May 22 '23 11:05 smira