►
From YouTube: 38. #EveryoneCanContribute cafe: Talos, a Kubernetes OS
Description
Blog: https://everyonecancontribute.com/post/2021-07-14-cafe-38-talos-kubernetes-os/
Website: https://www.talos.dev/
Twitter thread: https://twitter.com/philip_welz/status/1415341665636732933
A
We
are
live
on
youtube,
hello,
everyone
and
yeah.
It's
my
pleasure
today
to
learn
something
new
again
like
we
all
tried
on
a
weekly
basis,
and
today
we
want
to
talk
about
talos,
which
I
heard
is
a
kubernetes
operating
system,
but
yeah.
I
have
no
I'm
eager
to
learn.
So
it's
my
pleasure
that
andrew
joins
us
from
taylor's
and
he
will
do
an
introduction
share
us,
the
cool
stuff.
A
We
do
a
live
demo,
whatever
comes
to
mind
yeah,
and
with
that
I
would
just
like
hand
it
over
to
you.
Do
a
short
introduction
and
let's
get
it
going.
B
My
name's
andrew
reinhard,
I
created
talos,
oh
roughly
five
years
ago.
It
started
as
a
project
where
I
was.
I
was
managing
a
bunch
of
kubernetes
clusters
and
I
was
very
frustrated
with
having
to
manage
both
the
os
and
kubernetes
itself.
You
know
and
so
started.
Working
on
talos
I
was
very
inspired
by
a
project
called
linux
from
scratch.
B
It
was
also
kind
of
like
a
learning
experience
as
well
just
building
an
entire
linux
distribution
completely
from
the
ground
up,
but
I
wanted
to
build
it
for
kubernetes,
specifically
fast
forward
a
little
bit
and
I
founded
a
company
roughly
two
years
ago
april
2019
and
since
then,
we've
picked
up
a
lot
of
pace
and
we're
kind
of
building.
B
On
top
of
this
os,
even
management
tools
for
kubernetes
clusters
say
on-prem
across
vms,
in
the
cloud
whatever
and
just
building
out
the
operating
system
for
kubernetes
to
make
it
more
secure,
more
reliable,
so
on
and
so
forth
I'll
get
into
the
details
so
yeah
should
I
share
my
screen
now
I
have
a
couple
slides.
A
B
Will
oops
I
want
to
present
so
I
stole
these
slides
from
another
thing,
so
yeah
again
just
talking
about
talos,
I
want
to
briefly
talk
about
what
it
is.
B
I
like
to
start
with
a
little
bit
of
the
origin
story.
Again
I
talked
about
this
in
my
intro.
I
was
managing
a
bunch
of
kubernetes
clusters
and
I
found
that
for
everything
at
the
os
that
I
had
to
do,
such
as
securing
users
doing
patch
management
installing
the
os
so
on
and
so
forth.
There
was
parallels
within
the
kubernetes
world,
and
so
you
know
at
the
time-
and
I
think
this
is
still
a
problem
within
our
industry-
is
that
there's
not
a
whole
lot
of
kubernetes
expertise
out
there.
B
So
this
job
fell
onto
the
shoulders
of
the
operations
engineers
they
had
to
both
figure
out
how
to
wrangle
kubernetes
and
to
continue
maintaining
the
underlying
os,
and
you
know,
for
one
person
migrating
a
bunch
of
applications.
It
was
a
lot
for
me
personally
just
making
sure
that
both
were
monitored
so
on
and
so
forth,
and
so
I
thought
to
myself
what
if
I
could
just
kind
of
more
or
less
eliminate
the
operating
system.
B
You
know
there
what
if
there
were
no
users,
what
if
there
were
no
ssh,
and
so
that's
kind
of
where
cooper
where
talos
was
born,
is
coming
from
this
place
of
let's
actually
get
rid
of
the
os
as
much
as
we
can,
and
even
on
top
of
that,
just
let's
bring
in
you
know
modern
things
like
latest
kernel,
latest
version
of
iptable,
so
on
and
so
forth,
but
staying
still
staying
minimal,
but
also
being
able
to
bring
the
latest
and
greatest
features,
particularly
in
the
kernel
and
so
that
kind
of
evolved
from
there.
B
B
Why
is
the
kublet
not
running
so
on
and
so
forth?
And
so
I
said:
okay,
well,
I
don't
want
ssh,
I
don't
want
people
hopping
on
to
a
machine
and
making
this
one
a
snowflake
versus
that
one,
a
snowflake.
So
let
me
do
a
couple
things.
Let
me
actually
put
an
api
I'll
have
an
api.
B
I
decided
to
make
it
grpc,
and
this
api
is
going
to
give
me
diagnostics
toolings
that
I
might
need
when
the
node
is
up
instead
of
sshinging
on,
I
just
hit
an
endpoint
and
I
can
get
data
which
processes
are
running
so
on
and
so
forth,
and
I
also
want
to
encourage
that.
Even
if
someone
does
manage
to
get
onto
the
operating
system,
I
don't
want
snowflakes,
you
know
in
a
clustered
environment,
you
need
your
substrate
to
be
as
consistent
as
possible,
and
so
let's
make
the
root.
B
B
I
want
to
say
50
or
40
megabytes
squash
fest,
that's
the
entirety
of
talos,
and
so
it
can't
be
remounted
as
rewrite
read
write,
so
it's
all
or
nothing.
It
is
read
only
and
that's
that
and
again
keeping
these
things,
keeping
it
as
minimal
as
possible.
Talos
just
comes
with
the
bare
minimum
that
you
need
to
run
kubernetes
more,
more
specifically
the
kubelet,
so
that
comes
with
container
d,
ip
tables,
the
oh
god,
not
a
whole
lot
else.
B
It's
really
that
we
we
deliver
the
kubelet
as
a
container
there's
a
lot
that
the
kubelet
does
depend
on,
but
that's
in
the
container
of
the
kubelet
itself.
I
was
going
to
go
there
so
yeah.
The
idea
is
that
basically
we're
going
to
modernize
the
os
for
distributed
systems
and
another
thing
that
I
think
is
interesting
in
practice.
What
this
means
is
that
we
actually
don't
even
run
systemd.
It's
a
completely
new
init
system,
which
we're
calling
machine
d
which
is
built
for
the
purposes
of
these
distributed
systems,
types
things
right.
B
It
comes
with
an
api,
it's
completely
written
in
a
modern
language,
it's
go,
and
so
what
that
translates
into
today
is
really
the
talos
is
almost
a
single
binary.
I
think
we
have
one
extra
service
that
we
call.
We
call
trustd
that
runs
right
now
and
it
runs
as
a
container
outside
of
kubernetes,
but
other
than
that
talos
is
basically
a
single
binary.
I
lied,
there's
there's
also
uwd.
We
tried
to
rewrite
uwd
and
go,
but
that
was
no
fun.
Maybe
we'll
pick
it
up
again
later.
B
So
the
idea
is
that
you
know
if
you
were
to
hit
the
talos
list
api
and
look
at
the
route
fs,
you
would
see
that
there's
actually
not
a
whole
lot
outside
of
kubernetes
and
again.
Another
thing
to
point
out
here
is
that
there's
no
ssh
and
there's
no
shell,
so
the
next
thing
I
want
to
talk
about
is
something
that
we're
trying
to
do
with
talos.
Is
we're
really
trying
to
ask
ourselves?
B
You
know
what
what
is
this
api
driven
operating
system?
How
can
we
standardize
that?
And
how
can
we
bring
this
to
the
world
in
a
more
generic
way?
In
the
same
way
that
there's
the
container
networking
interface,
the
cri,
the
container
storage
interface,
so
on
and
so
forth,
we
envision
a
world
where
there
will
be
an
api
for
things
like
kubernetes
to
communicate
with
the
host.
B
The
idea
is
that
we
want
to
provide
an
api
for
even
things
like
container
network
interface,
to
speak,
to
the
host
operating
system
and
say
create
iptables
rules
so
on
and
so
forth,
and
so
we're
coming
out
with
this
idea
that
we're
calling
currently
the
common
operating
system
interface,
it's
likely
to
change
because
cozy
cosi,
the
acronym,
is
already
taken
in
the
cncf
landscape.
B
So
we
got
to
figure
out
something
else,
but
the
idea
is
again.
We
want
to
come
from
this
place
of
you
know
your
traditional
operating
systems.
You
can
see
on
the
left
here.
Your
traditional
unix
systems
are
really
oriented
for
a
single
shared
system,
right,
multiple
users
hopping
on
and
managing
it,
multiple
users
having
to
be
created
and
so
on
and
so
forth.
B
In
our
world
of
cozy,
we
envision
a
place
where
the
host
really
just
has
one
job,
and
that
is
to
deliver
isolated
workloads,
vms
containers,
and
so
this
is
probably
not
in
the
correct
order
that
I
want
to
go
in.
Let
me
jump
down
to
the
shell,
so
we've
taken
out
the
shell
and
what
that
means
is
in
practice,
there's
no
users
right,
it's
just
purely
api
driven,
and
so
how
do
you
hop
on
and
make
things
happen?
B
The
idea
with
cozy
is
that
everything's
going
to
be
declaratively,
driven
in
the
same
way
that
kubernetes
is
declaratively
driven.
So
if
you
want
an
interface
configured,
you're
going
to
have
a
yaml
file,
that
represents
how
this
interface
can
should
be
configured
say:
bond
zero
needs
to
be
set
up
in
such
in
such
a
way.
You
deliver
that
to
the
system
and
you're
going
to
have
a
controller
that
lives
on
the
operating
system.
That
makes
that
a
reality.
That's
your
new
way
of
interacting
with
the
system
not
hopping
on
and
using
pipes.
B
You
know
these
are
plug-ins
as
we're
calling
them
plug-ins
can
kind
of
represent
something
bigger
like,
for
example,
in
talos
011.
As
we're
going
to
show
off
today
we
have
a
plug-in
that
we're
it's
basically
a
whole
new
networking
stack
and
within
that
networking
stack,
it
has
controllers
for
a
bunch
of
different
resources
like
addresses
and
routes
and
so
on
and
so
forth.
B
I'll
show
you
in
the
demo,
but
that's
the
new
way
of
doing
things
within
this
world,
that
we
see
we're
going
to
bring
the
idea
of
controllers
down
to
the
operating
system
itself,
and
they
are
the
ones
that
are
in
charge
of
enforcing
the
state
that
you
define
declaratively,
and
you
know
one
of
the
benefits
to
this
is
that
now
the
entire
system
is
under
a
structured
configuration
format.
So
nothing
is
now
an
ansible
playbook
that
ssh
is
onto
a
machine,
runs
this
command
pipes
it
through
grep
pipes.
B
It
through
awk
so
on
and
so
forth,
which
can
change
and
break
from
different
versions.
It
is
a
api
that
has
backwards
compatibility
guarantees
and
you
submit
yamls
that
make
this
a
reality
for
you.
I
hope
that
was
clear.
I'm
happy
to
pause
and
take
any
questions
and
that's
kind
of
setting
the
stage
for
the
demo.
C
B
Exactly
so,
the
idea
is
that
you
could
go
and
write
a
plug-in.
This
is
not
currently
possible
today.
This
is
just
kind
of
you
know,
setting
the
vision
right
now.
We
do
have
this
idea
within
talos.
Currently
it's
our
networking
stack,
but
the
idea
is
yes,
you
will
be
able
to
get
notified
when
someone
creates
something
that
you
want
to
be
notified
about,
updates,
deletes
changes
so
on
and
so
forth.
B
You
have
a
reconciliation
loop
that
gets
hit
and
you
are
now
responsible
for
enforcing
what
the
state
should
be
based
on
your
inputs
and
outputs.
You
know
the
the
previous
way
that
we
did
inpat
inputs
and
outputs
as
engineers
was,
you
know
again
we
would
ssh
onto
a
box
we'd
run
a
bunch
of
unique
unix
commands
and
pipe
them
through
a
bunch
of
things
in
the
cozy
world.
You
it's
very
much
like
kubernetes.
B
You
set
up
subscriptions
to
be
told
when
you
say
someone,
an
interface
is
created
by
the
kernel
or
someone
sets
up
a
firewall
rule.
You
know
I'm
creating
that
gets
sent
to
you,
and
maybe
you
want
to
make
decisions
based
on
that
and
you
have
a
different
output
say
it's
something
else.
It
could
be.
B
You
know
maybe
overriding
those
firewall.
It
could
be
arbitrary.
Just
imagine
what
you
want.
The
inputs
and
outputs
are
now
different:
they're,
not
free
form,
they're,
structured
and
they're
controllers
that
are
actually
taking
inputs
and
making
things
happen
per
a
spec
that
has
been
delivered
to
it.
C
Yeah
I
mean
I
watched
your
cube
contact
about
cozy.
I
think
yeah,
I'm
sad
that
the
name
has
to
change,
because
cozy
was
a
really
nice
name.
C
B
Yeah,
I
honestly
don't
think
we
should
be,
especially
in
a
distributed
environment
like
kubernetes
right
and
when
you
give
a
it's
just
too
tempting
even
as
a
senior
engineer.
Sometimes
you
have
a
problem
and
it
needs
to
be
fixed
and
you
hop
on
hey,
look
to
stop
the
bleeding.
I
had
to
do
x,
y
and
z
and
sometimes
that's
not
communicated,
and
then
now
this
machine
is
a
snowflake,
and
so
it's
really
just
embracing
and
enforcing.
B
You
know,
but
then
it
just
creates
this
dynamic,
that's
not
very
conducive
to
a
well-performing
team,
and
so
now
with
talos
and
something
like
cozy
you're,
actually
fighting
the
technology
right,
you're,
fighting
a
robot
and
you
can
be
mad
at
that.
Robot
that
says,
you
cannot
do
that,
because
it's
a
read-only
file
system
be
mad
at
that.
B
First
of
all,
you
just
simply
cannot
do
that
from
a
technological
standpoint,
and
it's
conveniently
packaged
you
don't
have
to
go
and
build
golden
images
all
these
things.
This
is
just
an
inherent
idea
built
into
the
operating
system,
and
you
get
all
of
that.
Goodness,
it's
all
delivered
by
the
team
upstream.
C
Yeah,
I'm
totally
with
you,
I
mean
also
it's
often
like
politics
like,
oh,
my
god,
I
was
10
years
engineer
with
ssh
and
I
need
ssh.
It's
like
my.
It's
like
it's
like
my
air.
You
know.
B
B
Exactly
I'm,
I'm
actually
very
surprised.
You
know
that
was
a
fear
that
I
had.
You
know.
I
remember
us
going
to
our
first
kubecon
and
people.
I
was
like
man
we're
going
to
tell
people
that
there's
no
ssh
and
they're
going
to
turn
around
and
walk
away
and
they
actually
leaned
into
over
the
desk
and
wait
there's
no
ssh.
I
love
that
idea
and
so
yeah.
I
think
I
think
the
industry
is
definitely
ready
for
this,
so
yeah.
B
C
The
thing
is,
like
I
didn't
even
know
if
mishi
ssh
ever
into
a
server
so
for.
A
A
Well,
I
I
do
use
ssh,
but
if
there
is
a
different
method
for
it,
I'm
I'm
all
for
it.
So
I
know
the
shortcomings
of
I
think
yesterday
or
two
days
ago
I
advised
the
user
to
not
set
a
password
on
the
git
user
for
ssh,
just
because
it's
a
security,
vulnerability
or
possible
attack
vector
so
not
using
ssh
is
a
good
idea
in
various
scenarios.
A
C
I
mean
practically
from
from
let's
say
our
day:
job
is
like
this.
For
example,
you
do
some
terraform
infrastructure
as
code,
then
you
have
your
kubernetes
cluster
and
your
ssh
keys
and
then
a
new
member
joint,
and
then
you
always
struggle
and
make
ssh
keys,
new
and
right
re-run,
your
terraform
state.
So
it's
really
annoying
yeah
ridiculous.
So.
B
Yeah
and
then
nine
times
out
of
ten
that
same
user
needs
permissions
within
kubernetes,
even
right,
and
so
they
have
different
roles
based
on
where
they're
operating
you
know.
With
with
the
api,
it's
you
can
we
have
this
vision
of
kind
of
unifying
using
kubernetes
rbac,
even
to
define
what
apis
you
have
access
to
within
talos
itself,.
A
And
I
think
from
from
a
user
perspective,
I
don't
need
ssa
ssh
access
to
most
servers
and
at
gitlab
I
don't
have.
I
don't
have
it
so.
I
cannot
break
anything,
but
I
cannot
also
cannot
like
look
into
this
stuff.
I
need
an
abstracted
way
and
then
I
get
an
api
and
maybe
an
event
stream
or
something
like
that
or
work
wherever
I
can
see
what
I
need.
C
A
Most
often
times
when
I'm
debugging
something
or
when
I
want
to
change
something,
I
need
a
scope
view,
but
I
don't
want
to
like
search
it
myself
and
okay.
I
can
do
that
totally
on
the
server
on
the
terminal,
but
in
the
end
it
would
be
much
more
nicer
to
have
an
api.
Have
a
web
interface,
maybe
and
automate
everything.
B
That's
exactly
it,
you
know
it's!
I
I
always
ask
people,
you
know
the
people
that
do
say
well,
I
need
ssh,
I'm
like
well.
What
is
it
that
you
want
to
get?
Well,
I
gotta
hop
on
and
figure
out,
what's
going
wrong?
Well,
what?
If
there's
an
api
that
can
tell
you
what's
going
wrong?
You
could
do
the
same
things
over
an
api,
oh
okay,
yeah!
So
it's
really
not
about
ssh
the
technology
itself.
I
mean.
Maybe
there's
some
people
out
there
that
really
love
ssh
and
they
think.
B
B
Yes,
let's,
let's
start
off
with
something
something
simple,
you
mentioned
a
ui.
This
is
like
a
simple
tui
based.
A
B
B
Okay,
I'm
running
this
from
my
local
workstation
and
this
is
a
kubernetes
cluster.
That's
running
talos
in
our
data
center
and
this
all
these
little
pieces,
like
you,
know,
cpu
memory,
the
processes
list
load
average.
B
All
of
these
little
components
here,
they're
all
individual
apis-
that
we're
kind
of
in
go
we're,
kicking
off
as
go
routines
and
we're
aggregating
this
data
and
we're
refreshing
this
screen
as
we
go,
and
so
this
is
all
api
driven
at
the
end
of
the
day,
and
I
can
cycle
through
at
the
bottom
here
I
could
say,
look
at
different
machines
and
I
could
even
you
know,
exit
out
of
this
and
let's
take
a
look
at
a
list
of
processes.
For
example,.
B
Oh,
that
is
ugly
notice
that
it's
prefixed
here.
Let
me
let
me
do
this.
This
looks
better
still
in
the
in
the
front.
Here
I
want
to
point
out
something.
That's
kind
of
interesting
is
we're
able
to
aggregate
this
data
so
the
way
that
this
roughly
works
is.
I
have
within
my
configuration
file
right
now,
I'm
telling
telo
ctl
that
I
want
to
talk
to.
I
want
to
talk
to
three
different
nodes.
B
I
want
to
talk
to
cp
0,
1
and
2,
and
I
want
to
ask
them
for
a
list
of
their
processes,
and
so
you
submit
this
request
to
a
control,
plane
node
within
talos,
and
it
goes
off,
and
it
makes
this
request
on
your
behalf
to
those
nodes
aggregates
that
data
and
gets
it
sent
back
so,
for
example,
where
this
can
be
really
useful.
Sometimes
I
use
this
a
lot
is
say
looking
at
the
logs
of
etcd.
B
Sometimes
you
know
you
have
three
different
terminals:
open
you're,
trying
to
figure
out
what
one
etcd
thinks
versus
another.
You
can
see
all
of
them
here,
cp0!
Well,
let
me
scroll
way
up.
Here's
cp2!
This
is
an
aggregate
of
the
logs
of
all
the
etcd
services
that
are
running
within
the
cluster
talus
ctl
services.
B
B
Basically,
it's
the
connection.
It's
the
exposed,
it's
the
thing
that
has
an
exposed
port
that
actually
serves
the
api
on
each
machine.
We
have
container
d.
That
is
the
only
cri
that
we
offer
currently
sorry,
I
should
clarify.
We
have
container
d
because
we
do
run
one
service
here
called
trustd
in
a
different
instance
of
container
d,
which
is
backed
by
ephemeral
storage.
B
B
B
Let
me
show
one
node
for
now,
I'm
going
to
show
you
the
resource
definitions.
These
are
almost
like
crds
within
kubernetes
that
cp
that
the
node
cp0
knows
of
these
are
all
the
registered
sort
of
imagine
them
as
crds.
Again,
we
have
address
specs,
address
statuses,
link,
specs,
link,
statuses,
I'm
going
to
just
look
for
all
the
networking
specific
things.
B
B
B
That's
just
the
you
know
which
interface
and
the
actual
address,
and
then
specifics
around
that
right
which
family
it
is
scope
so
on
and
so
forth,
and
the
idea
is
that,
where
we're
we're
kind
of
moving
with
this
is
today,
talos
has
a
single
control,
a
single
configuration
file
which
basically,
let's
see,
let
me
put
this
in
yaml.
B
It
has
a
single
single
configuration
file
where
all
of
these
things
are
kind
of
like
the
machine.
For
example,
the
networking
is
kind
of
an
entire.
It's
just
a
single
thing
right
and
it's
got
interfaces.
It's
got
a
host
name,
it's
got
a
list
of
name
servers.
It's
got
a
list
of
you
know,
time
servers
so
on
and
so
forth,
different
ways
that
you
can
configure
the
networking
for
this
particular
node.
But
it's
a
single
thing.
B
It's
a
single
control,
yaml
and
the
direction
that
we're
heading
is
that
we
want
to
actually
look
at
these
things
like
multi-doc
yamls.
If
you
need
to
configure
an
interface,
you
just
set
up
an
interface
that
targets.
You
know
bond
zero
and
you
apply
that
to
the
system.
B
C
B
Yes,
so
if
apid
crashes,
it's
the
answer
is
the
same
thing
as
if
ssd
sshd
crashes,
you
don't
have
access
to
the
node
anymore,
but
okay,
this
is
not
unparalleled
within
our.
You
know
it's
same
problem.
You
would
face
with
sshd.
B
Absolutely
okay,
so
machine
d
is
pid
one
again
we
don't
use
system
d,
it's
our
pin,
one
is
machine
d
and
it
it
will
make
sure
that
this
service
tries
to
always
be
ran.
Perfect.
B
C
C
And
the
question
is:
is
there
is
there
something
like
supported
to
sending
apd
locks
or
any
locks
from
taylor's
to
another
third
party
like
loki
or
I
don't
know,
elasticsearch
and
debug?
What
happened
in
the
that.
B
B
Yeah,
that's
a
great
question.
Currently,
all
the
logs
are
currently
are
stored
within
a
in
memory
buffer
and
we
don't
write
anything
to
disk.
B
B
B
Exactly
we,
you
know,
we
still
have
some
progress.
Talos
is
still
very.
We
feel
it's
production
ready.
C
Could
you
could
you
like,
so
the
you
could
run
prompt
tail
as
a
demon
set
correctly,
but
you
need
to
figure
out
the
access
to
the
talos
api?
That's
more
the
issue
right,
yeah,
okay,
yes,
exactly
yeah!
I
would
have
another
question
like
for
me
like
when
you,
for
example,
often
when
you
run
kubernetes,
you
need
some
certificate
like
the
lcd
is
a
pki
certificate,
the
key
and
so
on
so
and
kubernetes.
Maybe
you
would
copy
it
or
you
can
mount
the
host
path
and
then
you
have
access
to
the
certificates.
B
You
know
space
and
actually
execute
different
binaries
like
mount
or
iscsi
adm,
or
you
know
all
these
different
things,
and
we
are
not
big
fans
of
that.
We
don't
think
that
that's
the
way
to
go,
we
don't
think
mounting
up.
Host
paths
is
a
way
to
go,
so
we
do
have
talos
like
we
do
have.
We
do
have
apis
like.
What's
it
called,
I
don't
remember
the
name
of
it.
There
are
etsyd
specific
apis,
so
you
know
it
could
be
possible
that
maybe
we
provide
those
just
as
an
example.
C
B
Yeah,
actually,
that's
a
good
point.
I
don't
think
I
actually
talked
about
that
again.
Going
back
to
the
you
know.
The
the
architecture
is
talos
is
a
squash
fs
and
it's
read
only
we
do
have
a
we.
We
create
this
directory.
Let
me
show
it
to
you.
B
We
create
this
directory
called
slash
system
which,
which
is
basically
a
temp
fs,
and
this
basically
holds
runtime
data.
That's
completely,
you
know,
reproducible
on
every
run,
but
we
also
do
have
one
place
where
things
are
persisted
and
that
is
in
slash
var.
So
the
kubelet's
data
is
persisted,
scd's
data,
container
d,
so
on
and
so
forth.
B
That
is
the
only
writable
place
now
that
being
said,
when
you
perform
an
upgrade
within
talos
the
default
way
of
doing
an
upgrade,
is
we
actually
shut
everything
down,
except
for
pig,
one
unmount
all
mounts,
and
then
we
completely
wipe
the
disc
from
underneath
talos
and
we
reinstall
it
as
a
brand
new
node.
It's
a
way
to
kind
of
do
like
in
place
pets,
first
cattle.
This
idea
of
like
replacing
a
node
rather
than
upgrading
a
node.
Our
upgrades
are
actually
full
on
replaces
but
they're
in
place.
B
If
that
makes
sense,
and
so
slash
var,
we
label
it
as
ephemeral.
We
tell
you.
Yes,
it
is
persisted
across
reboots,
but
it
is
not
persisted
across
upgrades.
That
being
said,
that
posed
a
problem
for
single
node
clusters,
which
we
do
have
people
running
in
production.
So
we
do
have
a
way
to
say,
preserve
the
data.
So
you
have
options
within
talos
to
how
you
want
to
perform
that,
but
yeah
that
slash
var
is
the
only
writable
place.
Essentially.
C
Okay,
so
basically
for
example,
I
have
a
free,
node
cluster
and
then
I
will
upgrade
one
node.
Then
everything
will
be
wiped
because
my
question
was
like:
how
is
it
with
the
pki?
When
it's
not
persisted,
I
mean
you
cannot
add
them.
B
So
that's
in
so
we
do
have
we
have
one
more
partition
that
talos
saves
things
too
and
it
currently
today
it's
called
the
state
partition
and
it
just
stores
the
configuration
file,
and
so
that
is
persisted
other
than
that.
It's
not.
You
could
tell
talos
even
to
not
save
anything
or
sorry
to
always
pull
its
configuration
file.
That
is
also
an
option.
B
Http
endpoint
not
necessarily
git
protocol,
but
you
know
you
could
host
it
on,
like
you
know
a
git
lab
instance
and
give
tokens
to
talos
to
say
this
is
how
you
download
it.
Okay,
great.
C
I
think
you,
as
I
saw
the
cni
celium
right.
B
Yeah
on
this
particular
node,
the
cni
is
celium
yeah.
The
default
is
flannel.
B
We're
just
going
to
call
it
interface,
we're
going
to
call
it
dummy,
0
and
we're
going
to
just
say
dummy
true.
I
don't
know
why
my
editor
does
this.
I
hate
it.
So
if
I
save
this.
B
Well,
this
is
a
good
opportunity
to
show
off
some
debugging
stuff.
So
let's
do
this
we'll
do
telosoto
logs
dash
and
we'll
focus
on
this
particular
node
that
I
just
edited
the
configuration
file
for-
and
we
have
this
thing
called
the
controller
runtime.
B
B
Oh,
we
may
have
lost
api
access,
so
this
is
another
opportunity
to
show
off
something.
So
we
have
this
idea
of
endpoints
mikhail.
You
said
that
you
like
things
to
break
so
I'll,
give
that
to
you.
B
B
B
I'm
not
quite
sure
how
I'd
recover
from
this
to
be
honest
with
you,
but
the
idea
with
talos.
Is
you
blow
it
away,
reinstall
it
and
give
it
the
configuration
file
before
you
made
whatever
dumb
mistake
that
I
made
so
yeah?
B
What
I
was
wanting
to
show
you
guys
is
that
I
was
going
to
add
a
dummy
interface
and
it
would
just
be
created.
You
know,
declaratively,
I'm
going
to
say
I
want
this
interface
called
dummy
zero
and
it
is
a
dummy
interface.
I
want
you
to
create
it
for
me.
It
makes
it
happen
as
opposed
to
hopping
onto
the
machine
with
ssh
finding
out
which
ip
command
you
have
to
run
and
adding
an
interface.
It's
not
a
human
doing
it.
You
submit
this
to
the
system.
The
configuration
file
declaratively
defines
what
you
want.
B
Oh,
that's
just
a
you
know
it's
kind
of
like
when
you're
in
kubernetes
and
you
get
those
controllers
they.
I
don't
know
if
you
guys
have
used
the
controller
runtime
in
kubernetes,
but
it
has
this
when
you
log
in
air.
It
has
this
like
stack
trace.
That
looks
really
nasty
and
it's
scary,
but
it's
really
just
logs
at
some
point
we
were
failing,
but
it's
not
currently
failing.
B
B
Cp
1
and
cp
2.,
so
I'll
get
the
time
statuses
for
the
two
nodes.
They
are
synced.
We
can
look
at
the
specs-
oh
maybe
it's
not.
What's
it.
B
B
We
can
see
that
our
time
servers
are
set
to
pool.ntp.org
and
we
can
get
the
statuses
saying
that
they
are
are
in
sync,
so
yeah
it
was
just
a
nasty
it,
not
nasty,
but
it's
a
it's
just
a
log.
You
know
in
your
typical
controller
pattern
that
says
I
faced
this
error,
but
it's
not
currently
an
issue.
B
Well,
it's
actually
not
talos,
so
I
gotta
dust
off
the
old
skills
and
see
what
happens
yeah.
So
I
messed
up
this
machine.
I
I
so
here's
the
problem
with
networking.
This
is
probably
a
good
chance
to
talk
about
some
of
the
things
that
we
can
see.
Road
mapping,
wise
validation
on
the
config
is
something
that
we
want
to
do,
especially-
and
in
this
case
it's
very
apparent
around
the
networking
stack.
B
You
know
you
can
easily
mess
up
the
networking,
auto
roll
rolling
back
of
that
configuration
if
the
networking
goes
away,
something
to
that
effect
and
yeah
again
just
validating
settings
letting
you
know
that
this
thing
is
not
a
known
field
or
this
field
is
mis.
You
know
it's
not
a
valid
option,
we're
working
towards
that.
We
have.
We
have
some
of
that
today,
but
we
need
to
flesh
that
out
a
little
bit
more
and
just
general
configuration
management
within
talos.
B
Again,
talking
about
the
machine
configuration
file
being
one
big
file
where
we're
playing
with
this
idea
of
having
it
feel
very
much
like
kubernetes,
where
you
have
a
bunch
of
yamls
that
represent
the
config
collectively
and
you
can
submit
them
individually,
you
can
submit
them.
You
know
multi-doc,
so
on
and
so
forth.
Very
much
like
kubernetes.
A
C
Sorry,
if
we're
talking
about
network,
I
saw
something
about
wire
guards.
So
do
you
use
wire
guard
under
the
hood.
B
Yeah,
that's
a
good
question:
we
we
we
don't
use
it
out
of
the
box,
but
we
are
working
on
something
where
we're
going
to
be
able
to
automatically
set
up
a
wire
guard
mesh
network
so
that
you
can
have
say
you
know
nodes
running
in
the
data
center,
like
our
current
plan
is
to
we
have.
B
We
have
this
particular
cluster
is
running
in
our
data
center
and
we
want
to
be
able
to
burst
out
to
equinix
metal
for
bigger
machines
that
we
may
not
have,
and
so
we
want
to
set
up
a
wire
guard
network
across
those
two
so
that
it
feels
like
a
single
network
and
we're
working
on
something
to
make
that
completely
automated.
Because
with
wire
guard,
you
got
to
send
up
set
up
your
peers.
B
You
got
to
set
up,
you
know
all
these
different
things
and
we
have
something
that
we're
going
to
be
coming
out
with
where
you
can
do
that
automatically
and
it'll
all
be
driven
via
the
configuration
file
for
talos
and
completely
automatic,
so
yeah,
nothing
out
of
the
box.
But
we
are
working
on
ways
to
use
wireguard
for
these
hybrid
cluster
scenarios.
B
C
Cool
and
then
the
last
question
to
net
question
to
network
with
the
virtual
ip
does
it
does
taylor
support
virtual
ip
for
the
control
plane,
for
example,.
B
Yeah,
it
does
so
we
use
etcd
to
just
figure
out
who
should
own
this
ip
at
the
time,
and
we
set
that
up.
In
fact,
I
think
that
may
be
what
we're
doing.
C
Like
particularly
so,
like
the
lcd
leader
receives
the
virtual
ip
exactly.
B
Simple
as
that
yep,
it's
very
useful
in
your
like
home
environments,
even
vmware,
like
that,
we
we
have
some
users
that
were
struggling
to
figure
out
how
to
set
up
a
load
balancer
dynamically
based
on
vms
ips.
You
know
you
got
to
be
able
to
have
kubernetes
api,
be
they
just
use
the
virtual
ip
and
now
you
have
an
cluster
and
it's
really
really
simple.
It's
it's
a
it's
a
really
cool
feature
of
talos.
I
think.
A
I
I
have
a
question
around.
You
said
this
is
hosted
in
your
data
center
when
I
like,
when
I'm
like
a
beginner
with
taylor's,
which
would
you
recommend,
like
following
the
quick
start
guides
or
is
there
something
like
what
is
what
is
the
five-minute
success
story
for
my
home
environment.
B
For
your
home
environment,
well,
let
me
let
me
start
with
even
simpler
than
that.
Let
me
start
with
local
and
I'll
talk
about
what
you
could
do
for
home
environment.
We
do
have
a
way
with
talos.
B
But
if
you
want
it
on
real
hardware,
we
have
an
iso
and
the
way
that
that
works
is
you
boot,
the
iso
and
then
talos
comes
up,
and
it
knows
that
it
has
no
configuration
file.
It
knows
that
it's
running
in
iso,
and
it
knows
also
too
that
talos
has
not
been
previously
installed,
and
so
what
it
does
is
it
sits
there
with
an
unsecured
port.
B
I
know
that
sounds
bad,
but
it
sits
there
and
it
says:
okay,
I'm
waiting
for
a
configuration
file
to
be
pushed
to
me
and
so
it'll
print
this
out
onto
the
console.
It'll
tell
you
how
to
connect
to
it.
You
could
even
add
a
a
fingerprint
validation
for
the
cert.
If
you
feel
like
you
want
to
secure
it
in
some
way,
and
you
just
generate
the
configuration
file,
you
push
it
to
this
initial
node
and
it
bootstraps
itself,
and
you
have
yourself
a
kubernetes
cluster.
A
few
minutes
later.
A
We
this
this
means,
I
need
to
try
it
out,
at
least
at
least
the
docker
part.
I
don't
think
I
have
any
bare
metal
stuff
around,
but
now
I
I
also
understand
the
the
reference
to
the
equinix
metal,
because
this
is
bare
metal
and.
B
A
Or
whatever,
whatever
is
the
modern
stuff
from
bare
metal
provisioning?
I
don't
know,
but
in
the
end
it's
it's
a
cool
way.
B
Yeah,
actually,
we
have
a
whole
product
called
sedero
which
builds
on
top
of
cluster
api
and
basically
does
automated
provisioning
of
talos
and
we
use
ipmi
to
do
part
power
management
of
all
the
nodes
and
it
bootstraps
kubernetes
clusters.
For
you
on
your
bare
metal.
It
comes
with
the
ipxc
pixie
tftp
service,
a
service
for
talos
to
get
its
metadata
from,
and
it's
just
a
nice
way
to
to
kind
of
manage
your
bare
metal
infrastructure.
In
fact,
it's
all
just
kubernetes
crds.
At
the
end
of
the
day,
we
call
them
servers.
B
A
B
No
really,
it
has
servers
but
not
server
classes.
I'm
probably
fat
fingering,
something
anyways.
We
have
this
idea
of
server
classes
and
basically,
what
that
means
is
you
can
have
these
things
called
qualifiers,
which
say
you
know
anything.
That's
a
super
micro
motherboard
with
this
type
of
intel
cpu
and
this
much
ram
so
on
and
so
forth.
This
is
a
t2
micro
within
our
data
center
and
then
you
can
tell
sedero.
B
I
want
a
talos-based
cluster
that
is
made
up
of
three
t2
micros
for
the
control
plane,
and
maybe
you
have
another
server
class
called
an
m5
large
or
something
I'm
using
aws
instance
types
and
it
will
go
and
create
a
kubernetes
cluster
for
you,
based
on
these
server
classes,
manage
installing
talos,
for
you
manage
the
power
cycling
of
the
machines
for
you,
the
bootstrapping
of
kubernetes,
and
you
get
bare
metal,
kubernetes
clusters,
so
yeah
really
just
all
that
to
say.
B
B
S-I-D-E-R-O-Dev,
so
we
didn't
get
server
classes
because
when
the
cli
creates
the
cluster,
it's
done.
It
basically
sets
up
your
coop,
config
and
talo
ctl
to
speak
to
it
automatically
out
of
convenience.
So
it
switched
the
context
out
from
me,
but
here's
what
server
classes
look
like?
We
have
a
general
medium
x86
and
I
have
one
that
is
available
and
three
that
are
in
use
currently.
A
And
another
quick
question
around
risk:
five,
which
I've
seen
at
kubecon
eu
is
like
an
environment
to
run
kubernetes
on
is
that
something
telos
can
do
as
well
like
installing
it
on
a
different
architecture.
Then
x,
6,
68,.
B
X,
86,
64.
yeah,
so
currently
we
only
support
x,
86,
64
and
amd
64.
or
sorry
arm
64..
So
you
know
spinning
up
talos
on
a
raspberry
pi.
We
have
actual
pre-made
images
that
you
just
flash
to
an
sd
card
turn
it
on
and
then
talo
sits.
There
waits
for
the
config
to
be
pushed
to
it,
and
then
you
have
yourself
a
home
cluster.
A
few
minutes.
A
B
B
Now,
that's
too
small,
let
me
know,
but
you
can
see.
I
have
two
talos
containers
running
and
these
represent
my
nodes
right
now
on
my
local
laptop.
So
this
is
a
great
way
in
ci
cd,
for
example
like
we
run
talos
and
you
know
obviously
for
our
kubernetes
clusters
and
ci
cd
needs
and
then
on
top
of
that,
we're
actually
spinning
up
talos
within
kubernetes
as
containers
and
testing,
basically
creation
of
kubernetes
clusters,
and
this
is
a
great
tool
for
even
like
you
know,
you
can
give
your
developers
talos
ctl.
B
You
can
set
it
up
to
do
qmu,
but
that's
linux,
based
only
so
you
can
get
a
little
closer
to
emulating
production.
You
can
set
this
up
in
ci
cd,
so
it's
really
a
great
development
tool
and
being
able
to
bridge
the
gap
between
developers,
environments
with
production
and
testing
and
staging
and
so
on
and
so
forth.
C
B
Yeah
so
it
well,
I
can't
see
my
screen
because
of
the
there
we
go.
B
What
is
it
telos
yeah?
We
have
this,
it's
kind
of
like
kubernetes,
dot,
cube
config.
We
have
a
talos,
slash
config,
and
this
contains
all
the
pki
that
you
need
in
order
to
communicate
with
the
node
and
in
zero
11.
What
we
added
is
our
back,
so
we
have
three
different
roles.
Right
now
we
have
a
reader
role,
we've
kind
of
decided
which
apis
are
safe
for
reading
like
getting
address,
network
addresses
interfaces
so
on
and
so
forth.
B
These
simple
things,
but
like
upgrades
and
resetting
and
destroying
a
node
that
requires
the
second
role,
which
is
admin
role,
and
then
we
have
a
third
role,
which
is
in
ncd
backup
role,
so
you
with
talo
ctl,
you
can
actually
perform
fcd,
backups
and
recover
from
them,
and
so
there's
some
people
that
are
creating
controllers
and
the
idea
with
you
know
going
back
to
this
cluster
api
and
cedaro
thing.
B
We
can
have
a
controller
that
actually
does
automatic
snapshotting
of
etcd
pushes
it
up
to
an
s3
bucket,
and
then
you
can
go
ahead
and
you
know
completely
manage
scd,
so
yeah,
that's
the
api.
I
want
to
show
you
guys
one
more
thing
too,
that
I
think
is
really
cool.
A
That's
always
me,
I'm
I'm
used
to
automating
things
with
apis,
but
I
also
know
the
need
of
a
dashboard
or
ui
for
right
to
also,
at
a
certain
point,
sell
it
to
your
internal
teams,
just
to
say:
hey,
it's
not
just
a
terminal
and
an
api,
it's
something
where
you
can,
like
click
where
you
can
create
your
own
workflows,
based
upon.
B
That's
exactly
what
we're
learning
and
that's
why
we're
building
a
ui,
so
this
is
this
is
a
I'm
basically
looking
at
that
same
cluster,
you
can
see
here's
the
node
that
I
messed
up.
It
is
not
ready,
and
so
now
I
just
gave
myself
some
work
for
the
date.
I'll
go
fix
that
after
this.
But
if
I
click
on
one
of
these
nodes
right,
remember
the
telo
ctl
dashboard.
This
is
not
completely
like
talus
ctl
dashboard
we're
still
working
on
this.
B
B
B
You
can
see
that
I
have
a
cluster
that
I've
created.
I
have
a
list
of
servers
you
can
see.
This
is
a
you
know
accepted.
Is
this
yeah
it's
in
use
currently
something's
wrong
with
this
server,
so
yeah
just
pointing
this
out,
because
we
are
working
on
a
ui.
A
B
A
Yeah,
I
think
I
think
it's
great
because
you
don't
need
to
like
always
use
grafana
or
custom
custom
dashboards
when
you
can
just
show
yeah
use,
use
current
technology
to
show
a
graph
and
also
provide
inputs
on
like
correlating
something
or
immediately
seeing
when
there's
a
spike
or
when
there's
like
something
going
really
wrong.
B
B
Yeah,
it's
actually
interesting
that
you
bring
that
up,
because
one
of
the
things
that
one
of
the
things
that
kind
of
is
the
vision
here
is
that
now
that
we
have
an
operating
system
that
has
an
api,
we
have
an
orchestration
system
that
consumes
that
api
and
also
provides
an
api.
We
have
metrics,
we
have
data.
B
Now
imagine
you
can
set
up
some
kind
of
you
know
piping
system
where
you
can
consume
this
data,
maybe
particularly
around
the
docker
daemon,
just
using
that
as
an
example
that
says,
if
the
memory
you
know
balloons
up
to
this
threshold,
you
know
use
the
apis
to
automatically
restart
the
system,
doing
something
like
that
over
ssh
or
ansible
tower.
All
these
things,
like
all
the
tooling
that
we
currently
have
just,
sounds
not
fun.
B
A
That's
that's
really
great
and
brings
me
to
an
idea
of
saying
hey.
You
can
do
it
like
on
your
own
in
telos,
but
you
could
also
plug
it
into
promises
and
alert
manager,
for
instance,
and
re
and
use
what's
possible
already
there.
So
people
are
already
like
used
to
prom
ql
and
the
alerting
rules
and
like
maybe
even
defining
annotations
in
grafana
and
if
you
plug
it
in
and
provide
a
channel
back
to
say,
hey,
I
just
want
to
do
create
an
event
which
automatically
restarts
something,
and
I
don't
want
to
do-
ssh
and
service.
A
Whatever
food
we
start,
but
instead
just
calling
an
api
and
do
I
get
immediate
feedback
from
the
api,
possibly
and
on
the
other
side,
if
you
have
an
api,
you
could
write
or
create
something
like
an
event
stream
so
where
you
can
like
subscribe
to
something
and
consume,
maybe
the
logs,
for
example,
or
something
like
that,
so
I've
been
building
that
in
in
the
past,
for
monitoring
systems
and
often
times
I
was
asked
like.
A
Can
I
just
get
an
api
which
dumps
the
json
file
json
line
with
an
event
every
second
or
whenever
something
happens,
and
can
you
also
buffer
that
the
buffering
is
the
separate
point?
But
in
the
end
it's
like,
I
want
to
consume
it
live,
and
then
I
need
to
write
my
own
api
client
or
I
use
a
different
system,
a
daemon
yeah,
and
when
you
provide
that
to
users,
they
start
adopting
it
even
more.
And
then
it's
like
the
the
self
marketing
of
hey
everyone
talks
about
it
because
it
has
consumable
apis.
B
Exactly
yep,
I
mean
it's
really
just
it's.
It's
kind
of
what
operators
in
the
kubernetes
world
has
done
for
deploying
applications
and
managing
them
right.
You
just
submit
a
crd,
and
this
happens
I
mean,
and
you
can
make
decisions
based
on
events
so
on
and
so
forth
same
idea,
but
we
want
to
bring
that
down
to
the
operating
system
and
we
do
have
events
and
I'm
trying
to
show
them
to
you.
B
A
C
So
sean
mccord,
I
think,
he's
from
your
team.
A
B
Yep,
something
happened
with
dns
there,
it
was
working,
but
you
know
anyways
I
switched
over
to
using
the
ip
addresses
and
you
could
see
everything
in
talos
going
back
to
what
you
were
talking
about,
mikhail
is
is
where
we're
trying
to
publish
as
an
event,
and
the
idea
is
that
you
can
make
decisions
based
on
those
events
consume
those
events,
and
maybe
you
look
for
particular
events
and
make
a
decision
based
on
that.
So,
for
example,
you
know
we
set
the
our
limit
here.
We,
you
know
started
container
d.
B
Container
d
was
stopped
so
on
and
so
forth.
This
is
a
any
event
that
really
happens
within
talos.
You
can
actually
subscribe
to
that,
and
that
could
be
your
way
of
consuming.
B
A
Yeah-
and
one
thing
we
also
did
in
the
past,
was
to
add
a
simple
filter
in
in
a
way
of
saying,
hey,
I
want
to
get
a
specific
event
type
or
I
want
to
yeah.
I
want
to
get
all
messages
where
this
string
is
inside.
Not
a
doesn't
need
to
be
a
regular
ex
can
be
just
a
wide
cut
pattern
or
something
so
to
not
so
that
you
don't
need
to
consume
the
whole
network
traffic,
but
the
server
filters
for
you
a
little
bit
yeah.
B
Even
like
even
you
know,
going
back
to
cozy-
and
we
have
this
idea
that
we're
going
to
be
name
spacing
resources,
so
the
whole
networking
name
space.
Maybe
your
networking
team
just
wants
to
get
events
related
to
networking.
So
you
can
say
give
me
all
events
related
to
networking
and
filter
on
those
right.
There's
there's
all
kinds
of
things
that
we
can
do
here.
A
So
you
you,
never
lose
something
which
you
might
be
needing
for
sla
reporting
or
for
your
persistent
logs
or
something
else
in
that
regard.
But
on
the
other
side
it
it.
It
is
an
advanced
feature.
So
you
at
first
glance
you
want
to
make
it
happen,
and
then
you
look
for
future
requests
and
how
easy
it
is
to
maintain
yeah
and
how
much
performance
impact
it
has
when
you
buff,
when
you're,
adding
buffering
all
the
time
exactly.
B
Yeah,
this
is
all
we
do
have
a.
We
keep
a
in
memory
buffer
of
x,
number
of
events,
and
you
know
eventually
it's
a
eventually.
It
all
gets
it's
a
circular
buffer.
So
eventually
it
all
goes
away,
but
you
can
look
back
into
the
history
and
that's
what
I'm
doing
here.
That's
what
this
tail
minus
one
is
doing.
B
A
But
in
the
end,
it's
a
user
user
space,
so
the
user
should
be
able
to
subscribe
to
to
the
event
stream
and
then
store
it
or
cache
it
in
in
redis.
For.
B
A
Later
repurposing,
so
it's
it
shouldn't,
be
your
task.
B
Yeah
yeah
our
goal
at
the
os
level
is
to
really
give
you
the
tools
and
apis
to
make
these
higher
level
things
possible.
What
you're
talking
about
could
be
written
as
a
controller
within
kubernetes,
and
then
you
just
use
the
talus
apis
to
consume
that,
and
you
know
we
want
to
keep
the
operating
system
again.
Going
back
to
the
very
first
thing
I
talked
about
was
talos.
Is
ultra
minimal
not
just
minimal?
A
I
think
that
that
builds
out
a
great
storyline,
so
you,
like
you,
you
have
the
you
have
telos
as
the
the
operating
system
and
then
the
user
story
is
hey.
You
can
like
add
a
controller,
you
add
redis,
you
add,
I
don't
know
grafana
prometheus,
whatever
is
needed
around
it,
and
when
you
have
these
stories,
you
can
write
blog
posts
for
like
reaching
greater
visibility.
A
And
also
have
these
like
the
use
case
stories,
because
right
now,
I'm
learning
as
we
are
talking
what
telos
is
and
how
I
can
use
it,
but
I
also
think
that
others
might
be
wanna
learn
how
exactly
it
fits
or
what
what
you
can
do
and
when
you
imagine
like.
Oh,
it's
like
easy
logging.
I
think
logging
always
implies
that
you
need
to
have
elastic,
search
or
low-key.
B
A
Fluenty,
whatever
so,
like
the
the
whole
ecosystem
attached
to
it
and
you
dump
something
in
there
and
it's
hard
to
find
it
again,
maybe
like
when
it's
coupled
with
tellers
on,
like
on
a
on
a
simple
level,
just
to
see
the
the
events
or
the
the
logs
events.
Basically,
the
same
diving
even
further
into
like
observability
topics
like
tracing
or
distributed
tracing
is
super
hard
in
my
opinion,
especially
when
you
need
to
do
it
on
the
application
level
as
a
developer
learning
new
things.
A
B
Yeah,
exactly,
I
think
you
get
it
mikhail.
There's
a
an
api
driven
operating
system
really
just
opens
up
a
whole
new
paradigm
within
linux.
Distributions
that
I
think
we're
just
barely
beginning
to
tap
into,
and
it's
taken
us
a
while
to
get
to
this
point,
because
again
we
have
rewritten
the
entire
user
space
from
scratch
to
be
controller
based
on
a
modern
language
golang
and
with
kubernetes
type
ideas
into
it.
We're
not
taking
any
shortcuts,
and
so
you
know
we've
gotten
up
to
this
point.
B
But
you
know
all
the
things
that
we're
talking
about,
I
think,
is
going
to
take
a
wider,
broader
community,
which
is
why
I'm
happy
to
get
on
you
know
things
such
as
this,
and
we
just
got
to
spread
that
word
and
let
people
know
that
you
know
there
is
a
way
that
we
could
do
this
better
in
the
future.
I
think
so.
I
think
you
get
it.
We
got
to
get
there
and
talos,
I
think,
is
a
start
to
that
and
that's.
B
B
She's
sharing
a
lot
of
great
ideas
on
cozy
and
advocating
for
it
and
she's
at
the
cozy
meetings
regularly
she's
a
big
part
of
it
and
she
definitely
gets
the
vision.
We
were
just
talking
about
it
this
morning.
Actually-
and
you
know,
we
think
it's
gonna
take
a
while,
but
it
is
it's
the
path
to
go
for
sure,
and
you
know
our
meetings
are.
B
You
know
where
we're
kind
of
using
talos
as
a
playground
right
now
for
for
cozy,
and
I
don't
say
that
to
sound
like
talos
is
not
production
ready,
but
we're
proving
out
the
theories
whether
or
not
cozy
evolves
and
does
become
this
industry
standard
that
we
hope
it
does
become.
B
C
Other
other
calls
like
the
weekly
calls
open
the
community.
Can
everybody
join
there
or
how
is
it
yeah.
B
So
the
talos
community
we
have,
we
have
a
call
every
week,
I'll
stop
sharing
my
screen.
B
We
have
a
call
every
week
on
mondays
at
16,
30
utc
it's
on.
If
you
go
to
the
talos,
you
know
talos
github.com
systems,
slash
talos
in
the
readme.
You
can
see
a
link,
get
a
link
to
our
community
calls
and
cozy
itself
also
has
one
on
wednesdays.
And
if
you
go
to
github.com
cozy
dash
project
slash
community
in
the
readme,
there
will
also
be
a
way
for
you
to
join
the
join
the
party.
C
I
think
chris
nova
had
one
of
the
best
appearances
in
clustered
series.
C
C
I
think
the
cozy
project,
also
when
you
have
to
rename
it
I
think,
yeah.
I
also
think
it's
the
future
yeah,
so
I
believe
in
it
also
now
I'm
a
believer
great.
C
Yeah,
but
today
I
learned
that
I
can
just
tell
us,
create
cluster
and
run
it
locally,
so
this
is
really
great.
I
did
not
know
that.
B
A
B
Installed
on
anywhere
else
was
a
nightmare,
and
so
we
were
just
okay.
How
do
we,
how
do
we
actually
get
people
to
try
talos?
How
can
we
test
telos,
and
so
we
we
made
this
talus
detail.
Cluster
create
command,
it's
like
like
a
kind
right
or
mini
cube,
but
it's
talos.
A
No
worries
I
was,
I
was
actually
like
following
telus.dev
for
the
for
the
project
website,
and
then
I
clicked
on
like
try
now
and
the
quick
start
tells
me
what
to
do.
I
was
just
curious
of
like:
is
there
a
a
different
way
or
is
the
like
the
the
the
live
demo
way
of
actually
doing
that?
So
that's
what
that's
really
nice
and
I
also
like
what
what
I
see
on
on
like
the
the
ui
level
on
the
api
level
and
also
the
vision.
What
if
so
like.
A
If
I
have
the
time-
and
I
want
to
start
contributing,
do
you
have
sort
of
issues
which
have
like
the
good
first
issue
label
on
it
or
how?
How
would
you
like
encourage
someone
to
to
contribute.
B
Yeah
we,
we
certainly
do
have
those
we
could.
Obviously
you
know,
as
with
all
projects
do
better
about
labeling
them,
but
I
will
say
that
talos
is
a
quite
low
level,
and
so
it
could
be
kind
of
a
big
undertaking
to
kind
of
grok
on
your
own,
but
we
have
a
very,
very
good
community.
So
if
you
go
to
our
slack
again,
that's
in
the
talos
read
me
and
join
our
slack.
B
The
community
is,
I'm
really
really
proud
of
our
community.
Everyone's
super
helpful.
We
we
talk
in
the
open,
a
lot
about
engineering
decisions.
Again,
the
community
meetings
are
a
great
place,
just
come
and
talk
to
us.
I
think
that
that's
the
best
way,
if
you're
not
getting
you
know
a
a
concept,
we're
always
happy
to
hop
on
a
call.
B
You
know
and
chat
through
some
of
the
ideas
get
opinions
on
things.
There's
there's
a
lot
of
people
in
our
community
that
influence
the
direction
of
talos
and
that's
what
we're
actually
pride
ourselves
in
is
where
we
try
to
be
data
driven
ask
our
community.
What
do
you
guys
want
and
go
and
make
that
happen,
and
we
have
people
that
are
contributing
a
very
big,
significant
things
to
talos,
but
it
does
have
a
little
bit
of
a
find
that
you
know
even
just
using
telus.
B
Obviously
that's
the
user
and
you're
asking
about
developers,
but
the
point
is
talos
does
have
a
learning
curve.
Even
you
know
translated
over
to
the
development
side
of
that,
because
it's
not
your
typical,
you
know
simple:
go
application,
we're
writing
a
completely
new
user
space,
everything's
controller
based
so
yeah
come
in
and
just
talk
to
us
and
and
join
our
join.
Our
slack
join
our
calls
and
we
can
get
through
it.
A
Yeah,
we'll
quickly
share
my
screen,
so
we
can
like
well,
I
will
I
have
opened
now,
and
this
will
also
be
linked
in
the
blog
post
later
on,
but
I
just
figured
that
the
documentation
is
huge.
It's
it's
really
inviting.
We
have
lots
of
guides
how
to
install
it.
The
introduction
provides
the
the
quick
start
guides,
which
we
just
talked
about
and
following
up
the
the
getting
started,
what
to
do
next
so
yeah
it
will
be
like
tried.
A
I
would
encourage
everyone
to
try
it
out
and
follow
the
documentation
join
this
lecture
and
let
us
I
think
there
is
a
discussion
board
as
well,
and
I've
also
seen
that
there
is
like
learn
more
with
the
philosophy,
the
concepts
and
the
the
architecture,
which
also
should
be
helpful
to
get
things
going.
Since
you
mentioned
that
it's
like
low
level
is
there
some
some
books
or
some
courses
or
some
presentations
you
maybe
recommend
in
in
watching
or
getting.
This
is
something
which
could
be
added
to
the
docs
as
well.
A
B
That's
a
good
question:
I
have
a
horrible
memory,
so
I'm
sure
I've
learned
from
a
lot
of
really
great
resources
and
I'm
not
gonna
do
any
of
them
justice,
and
so
I
won't
attempt
to
say
any
particular
book
or
whatever,
because
I
really,
I
think
linux
experience
is
obviously
you
know
crucial
fundamental
understanding.
You
know
how
linux
just
fundamentally
operates.
B
One
thing
that
actually
helped
me
a
lot-
and
this
is
this-
is
not
as
simple
as
reading
a
book
or
reading
a
blog,
but
linux
from
scratch.
Really
just
kind
of
really
takes
you
through
how
a
linux
distribution
is
built
from
the
bottom
up,
and
it
really
just
kind
of
is
eye-opening,
and
for
me
that
was
that
was
very
cool.
B
B
B
Build
this
in
some
special
phase
and
then
we're
going
to
there's
like
a
phase
two
building
it
so
that
you
end
up
with
the
tool
chain:
that's
completely
decoupled
from
your
host
system.
So
all
the
linker
search
paths
and
all
these
things
are
as
pure
as
possible
from
any
host
operating
system.
And
then
you
use
that
to
actually
build
your
packages,
which
will
make
your
distribution
eventually
so
you're
building.
B
A
A
I
I
know
some
portions
in
that
regard,
but
I
never
like
took
the
step
myself
of
saying:
hey,
I'm
compiling
my
own
linux
now,
but
it's
it's
really
interesting
to
to
learn
and
see
how
it
goes
or
how
it
actually
works.
In
the
background,
it
also
helps
you
with
debugging
exactly
sometimes
when
grub
is
not
working
for
some
reason,
because
windows
overwrote
the
boot
partition
for
some
reason,
then
it's
like
you
should
be
knowing
how
it
works
or
at
least
know
how
to
google
it
because
from
the
era
it's
yeah
exactly
interesting.
B
A
No
no
on
on
july
the
28th
we
agreed
on
the
helm,
ranch
history,
gitlab
and
the
terror
from
registry,
and
this
is
work
for.
C
C
A
Yes,
this
is
actually
a
good
idea,
try
it
and
see
how
how
far
we
can
go
in
one
hour.
I
know
it
will
it
won't
take
one
hour.
It
will
take
the
whole
evening.
A
A
I
think
many
many
many
years
ago
when
I
was
in
vienna
at
the
student
store,
my
colleague
was
compiling
gen
2.
I
think,
and
compiling
the
tool
chain
took
one
day
and
compiling
the
operating
system
three
days
or
something
like
that,
so
it
was
in
2005
where
we
didn't
have
any
like
multi-core
cpus
back
then
so
it
took
a
while,
but
in
the
end
I
think
it's
great
to
yeah,
sometimes
dive
a
little
deep
deeper
into
into
all
the
stuff.
A
B
It's
it's
it.
It
tells
the
story
of
like
you
know,
I
studied
physics
and,
and
I
had
a
choice,
do
I
want
to
study
physics
or
do
I
want
to
do
computer
science?
B
Well,
I
should
have
done
computer
science,
but
I
decided
to
do
physics
because
to
me
engineering
is
the
how
and
physics
kind
of
explained
the.
Why,
and
so
I
think,
when
you
dig
deep
into
you
know
something
like
lfs,
like
literally
building
something
from
scratch.
You
get
you
scratch
that
itch
of.
Why
was
it
done
this
way,
and
you
know
I
think
that
that
helps
you
do
the
how
better.
A
B
A
I
was
looking
in
the
docs
folder
and
wondering
why
it's
empty
the
thing
is,
or
this
could
be
an
idea
for
for
making
contributions
easier
to
add
a
link
to
each
website
and
say:
hey.
You
can
edit
this
website
on
github
or
in
the
repository
yeah,
to
make
it
more
discoverable
and
yeah.
I
allow
everyone
to
like
fix,
fix
the
typo
or
suggest
a
grammar
mistake.
A
grammar
suggests
a
better
documentation.
C
C
A
C
A
Yeah,
I
know
why
I
I
spotted
kubernetes
instead
of
kubernetes,
oh
wow,.
C
There
was
there
wasn't:
there
was
a
discussion
on
twitter
last
week
or
something
how
many
of
you
spelling
kunis
is
wrong
and
also
always
like
kubernetes
kubernetes
is
awesome
kubernetes,
that's
my.
I
always
write
kubernetes
guarantees.
Then
every.
A
I
don't
know,
I
think,
like
one
of
my
problems
with
not
being
a
native
speaker,
is
acknowledgement
how
to
write
that
correctly,
because
I
I
need
to
remember
that
it's
like
the
the
d
and
the
l
and
the
e
acknowledge
yeah.
B
A
And
the
problem
is
with
an
acknowledgement
in
the
monitoring
system
I
kept
developing.
It
was
like
the
common
thing,
you
acknowledge
a
problem
and
it's
like.
Oh
not
again,
I
made
a
typo
and
yeah
anyhow.
I
think
I
don't
have
any
questions
anymore,
except
for
that.
We
want
to
try
it
out
and
philip
wants
to
prepare
the
next
session.
C
B
A
I
think
when
you
run
it
on
the
raspberry
pi
or
I'm
also
reading
pie
in
64
and
banana
pie,
and
what
and
other
things
in
the
docs
it's
it
has
this
like
hobby
playground
a
little
bit
at
least
it's
not
your
work
computer,
where
you're
sitting
in
front
of
all
the
day.
It's
it's
something
you
yes,
somehow
like.
I
built
lego
models,
it's
something
that
you
play
with
a
little
more.
B
Yeah,
it's
it's,
it's
really
fun
I
mean
I
have.
I
have
a
a
rock
64
in
my
closet
and
a
raspberry
pi
and
from
there
I'm
running.
I
use
that
to
run
like
ad
guard
and
I
run
sedero
actually
to
manage
other
clusters
within
my
well
sorry
about
that.
B
A
Okay,
interesting
now
now
a
question
around
like
road
maps
and
obviously
pricing
and
money,
and
how
how
you
you're
like
building
a
sustainable
model
in
the
future.
This
would
be
my
question
of
like
what.
B
So,
first
and
foremost
we
are,
we
are
committed
to
keeping
what
we
do
open
source
100,
open
source.
The
way
that
we
make
money
is
off
of
a
support
model,
and
you
know
professional
services
and
stuff
like
that.
We've
we're
doing
well
with
that,
and
you
know
it.
It
changes
based
on
the
customer.
I'd
say
the
pricing
model,
but
we
do
have
a
a
basic.
You
know:
here's
how
we
do
it
and
it's
basically
based
on
per
cluster
and
our
idea
is
that
really
the
the
risk
is
in
well.
B
Kitchen
yeah
someone's
in
the
kitchen
yeah
the
risk
is
in
the
control
plane
for
us
really,
since
talos
is
immutable
and
all
that
good
stuff,
adding
worker
nodes.
It's
kind
of
you
know
it
is
what
it
is.
It's
simple,
it's
simple,
there's
not
a
whole
lot
of
issue
there,
really
it's
protecting
the
lcd
data,
and
so
we
have
a
per
class
a
cost
per
cluster
and
that
comes
with
20
nodes
and
that
doesn't
include
the
control
plane
node.
B
B
Sometimes
that
doesn't
work
for
people
when
we
come
up
with
a
different
model,
especially
when
the
scale
is
really
big
and
we
we
kind
of
get
creative
with
it.
But
that's
the
rough
idea
there
we
do
have
an
enterprise
offering,
but
we're
not
really
looking
into
having
like
enterprise
proprietary
software.
That's
binaries
that
you
can't
download
for
free.
We
are,
you
know,
open
source,
open
source
nerds
at
heart,
so
that's
a
big
part
of
our
our
personality,
our
business
cultures,
open
source
is
very,
very
important
to
us.
A
Is
there
anything
you
wanna
like
share
from
what
is
coming
next
or
is
there
like
at
the
top
of
your
head,
where
you're
speaking
next
to
get
more
insights?
I
would
totally
love
to
have
you
like
in
half
a
year
or
some
some
months
to
to
have
you
back
sharing
your
latest
and
the
greatest.
B
We're
working
on
a
we're
working
on
a
project
that
we're
calling
argus,
which
is
basically
it's
going
to
be
a
big
abstraction
on
top
of
cluster
api
in
talos.
That's
really
going
to
move
closer
towards
this
vision
that
we
were
talking
about
earlier,
where
you
know
completely
automated
upgrades.
You
know
this.
If
this,
then
that
type
thing
you
know
providing
this
ecosystem
for
a
more
living
breathing
system,
that's
reactive
rather
than
waking
up
humans
and
doing
it
and
it's
called
argus
and
again
we're
building
it.
B
On
top
of
all
the
things
we're
working
up
to
that.
So
I'd
love
to
come
back
and
talk
about
that
when
that's
a
little
more
fleshed
out
yeah,
I'm
not!
I
don't
have
anything
on
the
schedule
to
talk
about
talos
after
this
tomorrow,
we're
going
to
be
on
clustered
that'll,
be
fun,
I'd
like
to
give
them
a
plug
that
that's
a
fun
little
project,
so
yeah
just
you
know
we're
heads
down
right
now,
really
we're
very
engineering
based
team
and
technology
driven.
A
Perfect,
thank
you.
Okay
then,
I
would
say:
let's
wrap
it
up
for
today,
thanks
for
taking
the
time
and
also
exceeding
it
a
little
of
talking
endless
about
interesting
things.
A
For
thanks
to
everyone
who
was
chatting
on
on
the
youtube
stream
as
well
yeah-
and
we
will
see
each
other
next
week
for
cyber
cloud-
this
is
the
spoiler
and
until
then
I
would
say
thanks
for
listening
thanks
for
watching
and
bye,
bye
on
youtube.