From c74dd821c63fe1d06f7419e72bdf87350db13b36 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Wed, 4 Jun 2025 22:14:03 +0200
Subject: [PATCH] Revert "feat(system-upgrade): Adjust plans to automate Talos
updates using kured"
This doesn't work. Talos always triggers a reboot on upgrade.
See: https://github.com/siderolabs/talos/discussions/10555#discussioncomment-13214081
This reverts commit 21a37f2a4c8eb1d6b56383f7474ea0b7666c961a.
---
.../system-upgrades/fedora/fedora-autoupdate.yaml | 2 +-
infrastructure/base/system-upgrades/kured.yaml | 13 +++++++++----
infrastructure/base/system-upgrades/talos/os.yaml | 14 +++++++++-----
3 files changed, 19 insertions(+), 10 deletions(-)
diff --git a/infrastructure/base/system-upgrades/fedora/fedora-autoupdate.yaml b/infrastructure/base/system-upgrades/fedora/fedora-autoupdate.yaml
index 8079a6fcd..a123fa8dd 100644
--- a/infrastructure/base/system-upgrades/fedora/fedora-autoupdate.yaml
+++ b/infrastructure/base/system-upgrades/fedora/fedora-autoupdate.yaml
@@ -15,7 +15,7 @@ stringData:
systemctl start --wait dnf-automatic-install.service
systemctl enable clevis-luks-askpass.path
if ! dnf needs-restarting --reboothint; then
- touch /run/reboot-required
+ touch /var/run/reboot-required
fi
---
apiVersion: upgrade.cattle.io/v1
diff --git a/infrastructure/base/system-upgrades/kured.yaml b/infrastructure/base/system-upgrades/kured.yaml
index 23429f139..4cf8963e9 100644
--- a/infrastructure/base/system-upgrades/kured.yaml
+++ b/infrastructure/base/system-upgrades/kured.yaml
@@ -39,15 +39,20 @@ metadata:
namespace: system-upgrade
data:
values.yaml: |
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: feature.node.kubernetes.io/system-os_release.ID
+ operator: NotIn
+ values:
+ - talos
configuration:
- useRebootSentinelHostPath: true
annotateNodes: true
preferNoScheduleTaint: weave.works/kured-node-reboot
blockingPodSelector:
- upgrade.cattle.io/plan
- rebootSentinel: "/run/reboot-required"
- rebootMethod: command
- rebootCommand: /sbin/shutdown --reboot
hostNetwork: false
metrics:
create: true
diff --git a/infrastructure/base/system-upgrades/talos/os.yaml b/infrastructure/base/system-upgrades/talos/os.yaml
index 333a215ee..2aa873c77 100644
--- a/infrastructure/base/system-upgrades/talos/os.yaml
+++ b/infrastructure/base/system-upgrades/talos/os.yaml
@@ -12,6 +12,11 @@ spec:
path: /var/run/secrets/talos.dev
ignoreUpdates: true
concurrency: 1
+ exclusive: true
+ drain:
+ deleteLocalData: true
+ ignoreDaemonSets: true
+ force: false
nodeSelector:
matchExpressions:
- key: feature.node.kubernetes.io/system-os_release.ID
@@ -20,7 +25,7 @@ spec:
- talos
- key: upgrade.shivering-isles.com/talos-autoupdate
operator: Exists
- prepare:
+ upgrade:
image: ghcr.io/siderolabs/talosctl
envs:
- name: NODE_IP
@@ -33,7 +38,6 @@ spec:
- --nodes=$(NODE_IP)
- upgrade
- --image=$(TALOS_IMAGE):$(SYSTEM_UPGRADE_PLAN_LATEST_VERSION)
- - --stage
- upgrade:
- image: quay.io/fedora/fedora:41
- command: ["touch", "/host/run/reboot-required"]
\ No newline at end of file
+ - --preserve=true
+ - --wait=false
+ - --reboot-mode=powercycle
--
GitLab