validate config in installer container on upgrade #3419
Assignees
Milestone
Comments
smira
added a commit
to smira/talos
that referenced
this issue
Apr 9, 2021
Talos validates machine configuration at boot time, and refuses to boot if machine configuration is invalid. As machine configuration validation rules might change over time, we need to prevent a scenario when after an upgrade machine configuration becomes invalid, as there's no way to roll back properly. Machine configuration is submitted over stdin to the installer container, and installer container validates it using the new version of Talos (which is going to be installed). If the config is not sent over stdin, installer assumes old version of Talos and proceeds. This should be backported to 0.9 to allow config validation on upgrade to 0.10. Fixes siderolabs#3419 Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
smira
added a commit
to smira/talos
that referenced
this issue
Apr 9, 2021
Talos validates machine configuration at boot time, and refuses to boot if machine configuration is invalid. As machine configuration validation rules might change over time, we need to prevent a scenario when after an upgrade machine configuration becomes invalid, as there's no way to roll back properly. Machine configuration is submitted over stdin to the installer container, and installer container validates it using the new version of Talos (which is going to be installed). If the config is not sent over stdin, installer assumes old version of Talos and proceeds. This should be backported to 0.9 to allow config validation on upgrade to 0.10. Fixes siderolabs#3419 Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
talos-bot
pushed a commit
that referenced
this issue
Apr 12, 2021
Talos validates machine configuration at boot time, and refuses to boot if machine configuration is invalid. As machine configuration validation rules might change over time, we need to prevent a scenario when after an upgrade machine configuration becomes invalid, as there's no way to roll back properly. Machine configuration is submitted over stdin to the installer container, and installer container validates it using the new version of Talos (which is going to be installed). If the config is not sent over stdin, installer assumes old version of Talos and proceeds. This should be backported to 0.9 to allow config validation on upgrade to 0.10. Fixes #3419 Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
smira
added a commit
to smira/talos
that referenced
this issue
Apr 14, 2021
Talos validates machine configuration at boot time, and refuses to boot if machine configuration is invalid. As machine configuration validation rules might change over time, we need to prevent a scenario when after an upgrade machine configuration becomes invalid, as there's no way to roll back properly. Machine configuration is submitted over stdin to the installer container, and installer container validates it using the new version of Talos (which is going to be installed). If the config is not sent over stdin, installer assumes old version of Talos and proceeds. This should be backported to 0.9 to allow config validation on upgrade to 0.10. Fixes siderolabs#3419 Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com> (cherry picked from commit d5e2a45)
smira
added a commit
to smira/talos
that referenced
this issue
Apr 14, 2021
Talos validates machine configuration at boot time, and refuses to boot if machine configuration is invalid. As machine configuration validation rules might change over time, we need to prevent a scenario when after an upgrade machine configuration becomes invalid, as there's no way to roll back properly. Machine configuration is submitted over stdin to the installer container, and installer container validates it using the new version of Talos (which is going to be installed). If the config is not sent over stdin, installer assumes old version of Talos and proceeds. This should be backported to 0.9 to allow config validation on upgrade to 0.10. Fixes siderolabs#3419 Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com> (cherry picked from commit d5e2a45)
smira
added a commit
that referenced
this issue
Apr 15, 2021
Talos validates machine configuration at boot time, and refuses to boot if machine configuration is invalid. As machine configuration validation rules might change over time, we need to prevent a scenario when after an upgrade machine configuration becomes invalid, as there's no way to roll back properly. Machine configuration is submitted over stdin to the installer container, and installer container validates it using the new version of Talos (which is going to be installed). If the config is not sent over stdin, installer assumes old version of Talos and proceeds. This should be backported to 0.9 to allow config validation on upgrade to 0.10. Fixes #3419 Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com> (cherry picked from commit d5e2a45)
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Config validation rules might change from one version of Talos to another.
As Talos fails the boot on config validation process, it makes sense to make sure that Talos will be able to validate the config after the upgrade.
As new Talos version should be used for the validation, it should be done inside the installer container.
We can pass the config to the container probably via
stdinand run validation as the first task of the upgrade. If the config is not passed, installer container should ignore that (to support upgrades from the versions which don't pass that).This should be backported to 0.9 to allow upgrades to 0.10 to use this feature.
The text was updated successfully, but these errors were encountered: