節錄:System Extensions | Talos Linux 以及 Image Factory | Talos Linux
簡介
由於 Talos 是一個 Immutable OS,root filesystem 是唯讀的,透過 System Extension 可以幫助我們在系統上安裝 container runtimes、firmware、driver 等等的東西。
System Extension 只會在系統安裝或升級時被觸發、啟動,執行後 Talos root filesystem 會保持 immutable 和 readonly。
官方 Extensions:GitHub - siderolabs/extensions: Talos Linux System Extensions
一些名詞
Image Factory
Image Factory generates customized Talos Linux images based on configured schematics.
Schematics
Schematics are YAML files that define customizations to be applied to a Talos Linux image. Schematics can be applied to any of the versions of Talos Linux offered by the Image Factory to produce a “model”, which is a Talos Linux image with the customizations applied. Schematics are content-addressable, that is, the content of the schematic is used to generate a unique ID. The schematic should be uploaded to the Image Factory first, and then the ID can be used to reference the schematic in a model.
安裝方式
可以利用 Image Factory 的方式安裝系統 Extension:
方法一:圖形化介面
- 進入 Image Factory UI
- 按照步驟完成所有選項
- 網頁會生成一組 schematic ID、YAML 格式的 Schematics、和一組 ISO 下載點
- 若是初始安裝,可以直接拿 ISO 檔安裝
- Schematics 可以拿來參考?
- 若已經安裝好,可以使用 schematic ID 執行 upgrade
talos upgrade --image factory.talos.dev/installer/<id>:v<talos_version> -m powercycle -f - 若是初始安裝但下載好原版 ISO,可以將 schematic ID 寫入 Machine Config
machine:
install:
image: factory.talos.dev/installer/<id>:v<talos_version> 方法二:指令介面
- 撰寫 Schematics,其中
officialExtensions可以參考官方 Extensions 清單
customization:
systemExtensions:
officialExtensions:
- siderolabs/qemu-guest-agent- 取得 schematics id
$ curl -X POST --data-binary @talos-extension-proxmox.yaml https://factory.talos.dev/schematics
# {"id":"f683308f6e49ec36d715bd41c90d800910552d8cbc015c8363ec350594535fa1"}- 執行 upgrade 或寫入 machine config
$ talos upgrade --image factory.talos.dev/installer/<id>:v<talos_version> -m powercycle -f查看安裝的 Extensions
可以使用 talosctl get extensions 列出目前機器上所安裝的 extensions
$ talosctl get extensions
# NODE NAMESPACE TYPE ID VERSION NAME VERSION
# 172.20.0.2 runtime ExtensionStatus 000.ghcr.io-talos-systems-gvisor-54b831d 1 gvisor 20220117.0-v1.0.0
# 172.20.0.2 runtime ExtensionStatus 001.ghcr.io-talos-systems-intel-ucode-54b831d 1 intel-ucode microcode-20210608-v1.0.0或是 talosctl service <service_name> 查看某一個元件的運作狀況
$ talosctl service ext-qemu-guest-agent
# NODE 192.168.1.1
# ID ext-qemu-guest-agent
# STATE Running
# HEALTH ?
# EVENTS [Running]: Started task ext-qemu-guest-agent (PID 1941) for container ext-qemu-guest-agent (4s ago)
# [Preparing]: Creating service runner (4s ago)
# [Preparing]: Running pre state (4s ago)
# [Waiting]: Waiting for service "cri" to be "up" (5s ago)
# [Waiting]: Waiting for service "containerd" to be "up", service "cri" to be registered, file "/dev/virtio-ports/org.qemu.guest_agent.0" to exist (6s ago)
# [Waiting]: Waiting for service "containerd" to be registered, service "cri" to be registered, file "/dev/virtio-ports/org.qemu.guest_agent.0" to exist (8s ago)
# [Waiting]: Waiting for service "containerd" to be "up", service "cri" to be "up", file "/dev/virtio-ports/org.qemu.guest_agent.0" to exist (9s ago)