✅ Working ARM64 Talos images with upstream CozyStack integration
✅ Dual image variants implemented with matrix strategy
✅ Role-based cluster architecture ready for production
Two distinct repository variants:
ghcr.io/urmanac/talos-cozystack-spin-only/talos:v1.11.5(compute nodes)ghcr.io/urmanac/talos-cozystack-spin-tailscale/talos:v1.11.5(gateway nodes)
Extensions by role:
- Compute nodes:
EXTENSIONS="drbd zfs spin"(majority of cluster) - Gateway nodes:
EXTENSIONS="drbd zfs spin tailscale"(one per cluster)
Previous issue with cluster formation resolved:
# Before: Single image with all extensions
-EXTENSIONS="drbd zfs spin tailscale" # All nodes → conflicts
# After: Role-based extensions
+Compute: EXTENSIONS="drbd zfs spin" # Most nodes
+Gateway: EXTENSIONS="drbd zfs spin tailscale" # One per clusterKubernetes Node Ready State: Nodes now only wait for extensions they actually need!
Create separate build variants for different node roles:
- compute nodes:
EXTENSIONS="drbd zfs spin"(majority of cluster) - gateway node:
EXTENSIONS="drbd zfs spin tailscale"(one per cluster)
Implementation: Modify workflow to build both variants with different patches/configs.
Add path filtering to skip builds when only docs change:
paths-ignore:
- 'docs/**'
- '*.md'
- '_config.yml'- build-talos-images.yml - Main CI workflow
- 01-arm64-spin-tailscale.patch - Current unified patch
- Need: Additional patches or workflow matrix for dual variants
- ✅ Two distinct ARM64 image variants published (compute vs gateway roles)
- ✅ Compute nodes (spin-only) can form cluster and reach Ready state
- ✅ Gateway node (spin+tailscale) provides subnet routing without conflicts
- ✅ Docs-only changes don't trigger rebuilds
Repository: urmanac/cozystack-moon-and-back on main branch
Container Registry: ghcr.io/urmanac/talos-cozystack-demo