- Talos version badge: v1.12.4 → v1.13.2
- Image-tag example + upgrade-command example: v1.13.2-k6.12.47-1
- Add patches 0006 (grub EFI upgrade fallback), 0007 (acquire.go STATE
wait for slow-init eMMC) and 0008 (imager --insecure for Overlay) to
the patches table
- Note the slow-eMMC tolerance + canonical 3-CP validation in the
"Reliable in-place upgrades" roadmap row
Enable GPIO UART0 on Pi5/CM5 via dtoverlay=uart0-pi5 in
configTxtAppend. Remove the old 0002 patch that targeted the
debug UART (ttyAMA10) — Compute Blade uses GPIO 14/15 (ttyAMA0).
Renumber overlay patches (old 0003 becomes 0002).
Update README with tested serial console docs: wiring diagram,
even parity config, 3.3V requirement, and read-only limitation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Document recommended storage layouts per node role:
- Control planes: NVMe boot for fast etcd I/O
- Postgres/storage: eMMC boot + NVMe data at /var/mnt/data
- Compute workers: eMMC only, stateless
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Apply overlay patch 0003 (EFI mount path detection for SBC layouts)
in the build so upgrades write firmware/config.txt to the correct
path. Update README with patch 0003, PCIe Gen 3 in features list,
and expanded PCIe Gen 3 instructions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
CM5 on Compute Blade doesn't have an SD slot for booting Raspberry Pi
OS. Use rpiboot recovery mode over USB instead.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Documents the dd + EEPROM configuration approach for booting Talos
from NVMe on RPi5/CM5. Includes BOOT_ORDER, PCIE_PROBE settings,
and optional PCIe Gen 3 configuration.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
NVMe kernel driver is already built-in (CONFIG_BLK_DEV_NVME=y). The
expected approach is simply dd'ing the metal image to NVMe and setting
EEPROM BOOT_ORDER=0xf416 + PCIE_PROBE=1. Pending hardware validation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The overlay was using console=ttyAMA0 (GPIO 14/15) but the RPi5 debug
UART is ttyAMA10 (JST connector between HDMI ports on Pi5, test pads
TP35/TP36 on CM5). Also adds earlycon for early boot output and disables
GPIO UART on Pi5 in config.txt to avoid U-Boot compatibility issues.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Force GRUB instead of sd-boot on arm64 and pass --no-nvram to
grub-install, working around the SetVariableRT firmware limitation
that prevents in-place upgrades on RPi5/CM5 hardware.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Remove the 16K page override from the kernel patch, preserving
upstream Talos's default 4K pages. RPi5 hardware works correctly
with 4K pages — the RPi Foundation's 16K default is a TLB
performance optimization (~5%), not a hardware requirement.
Benefits:
- Correct memory accounting (4x less overhead per page)
- Full software compatibility (jemalloc, Longhorn, F2FS, etc.)
- No OOM surprises on control-plane nodes
- Aligned with upstream Talos kernel config
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Document SetVariableRT upgrade failure, 16K page size implications,
serial console issue, and SBC install disk behavior
- Add production roadmap (4K pages, GRUB boot, serial fix, NVMe)
- Make overlay Go patch conditional: apply only on Go 1.24.x,
skip on 1.25+ where CVEs are already fixed upstream
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Move CI/CD, runner setup, secrets, and project structure to
TECHNICAL.md. Streamline README as a user-facing guide with
install/upgrade instructions. Fix Docker badges for arm64.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add MPL 2.0 LICENSE file for compliance
- Add license section and upstream attribution to README
- Upgrade provenance attestation from mode=min to mode=max
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Update workflows from linux/arm64 to macOS/arm64 runner labels.
Replace GitHub Actions for Docker setup with direct commands
compatible with Docker Desktop on macOS.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace DOCKERHUB_USERNAME/DOCKERHUB_TOKEN with the existing org-level
secrets. Use automatic GITHUB_TOKEN for Gitea release creation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The image supports both RPi 5 and CM5 (same SoC/RP1), so talos-rpi5
is a better public-facing name. The internal build still produces
an installer image which gets retagged to svrnty/talos-rpi5:<tag>
in the release target.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
