talos icon indicating copy to clipboard operation
talos copied to clipboard

Published 20 hours ago verified publisher icon siderolabs

Extension templating/placeholders

Open ammmze opened this issue 2 years ago • 3 comments

Feature Request

It would be great if there was some form of templating, or at least placeholder replacement in the Talos system extension image name/tag. So that it can inject the Talos version into the image tag, something like this:

machine:
  install:
    extensions:
      - image: ghcr.io/siderolabs/gasket-driver:5993718-{TALOS_VERSION}

Description

It looks like Talos now supports installing kernel modules via system extensions. However, it sounds like there is a caveat that the module need to be signed and as such would need to be released in step with the Talos version. This means each Talos upgrade would need to install a Talos version specific image. As such, it seems like it would be easy to cause issues during an upgrade by simply forgetting to update the machine config with the talos version you are going to be upgrading to. If we can templatize that image value to allow injecting the Talos version, this could allow that upgrade process to continue to be seamless.

ammmze avatar Sep 04 '22 06:09 ammmze

The problem with this approach as I see it going forward might be that machine config changes (when the variable value changes), but there are no changes to the machine config at the same time. It might sound counter-intuitive, but I think one of the core properties of Talos is acting on machine config changes.

This specific example might be fine, as this variable is bound to the Talos version, and we might want to find some answer here, but in general variables and templating seems like something which should be done outside of Talos.

smira avatar Sep 05 '22 10:09 smira

Yea, I would agree we don't want or need templating for the entire machine config, and really i'm not set on it being a templatized thing if there is some other way to get what we need. I just worry that for kernel modules, if they are truly tied to a specific version of Talos like I understand they are, that it may be too easy to forget to update the extension image before issuing a talosctl upgrade ... and then it ends up installing an incompatible kernel module.

ammmze avatar Sep 14 '22 01:09 ammmze

yep, this makes sense, it's a good suggestion if we can link it to the Talos version being installed.

smira avatar Sep 14 '22 10:09 smira

This issue is stale because it has been open 180 days with no activity. Remove stale label or comment or this will be closed in 7 days.

github-actions[bot] avatar Jul 04 '24 01:07 github-actions[bot]

This issue was closed because it has been stalled for 7 days with no activity.

github-actions[bot] avatar Jul 09 '24 01:07 github-actions[bot]