svrnty/talos-rpi5
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 23 Wiki Activity
30 Commits 2 Branches 26 Tags 402 KiB
Makefile 51.1%
Shell 48.9%
b1eb322d7b
Go to file
Mathias Beaulieu-Duncan b1eb322d7b Switch to 4K page size for production readiness 
Remove the 16K page override from the kernel patch, preserving
upstream Talos's default 4K pages. RPi5 hardware works correctly
with 4K pages — the RPi Foundation's 16K default is a TLB
performance optimization (~5%), not a hardware requirement.

Benefits:
- Correct memory accounting (4x less overhead per page)
- Full software compatibility (jemalloc, Longhorn, F2FS, etc.)
- No OOM surprises on control-plane nodes
- Aligned with upstream Talos kernel config

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-13 18:28:22 -05:00
.gitea/workflows Replace cosign with buildx attestations for Docker Scout compliance 2026-02-13 17:05:20 -05:00
config Initial commit: Talos CM5 builder with Gitea CI/CD 2026-02-09 17:58:17 -05:00
patches Switch to 4K page size for production readiness 2026-02-13 18:28:22 -05:00
scripts Fix double-v badge bug and add table segment updates in README sync 2026-02-13 17:33:33 -05:00
.gitignore Initial commit: Talos CM5 builder with Gitea CI/CD 2026-02-09 17:58:17 -05:00
cosign.pub Add SBOM attestations to installer/release images, remove Scout 2026-02-13 16:48:56 -05:00
LICENSE Add LICENSE, update README, upgrade provenance to max-mode 2026-02-13 15:57:11 -05:00
Makefile Add known issues, roadmap, and conditional Go toolchain patch 2026-02-13 18:05:51 -05:00
README.md Switch to 4K page size for production readiness 2026-02-13 18:28:22 -05:00
TECHNICAL.md Replace cosign with buildx attestations for Docker Scout compliance 2026-02-13 17:05:20 -05:00

README.md

Talos CM5 Builder

Custom Talos Linux images for Raspberry Pi 5 / CM5 on Compute Blade hardware.

Docker Hub Docker Pulls Docker Image Size

The official Talos Image Factory does not support CM5 — the mainline kernel lacks CM5 device trees and RP1 driver support. This builder uses the RPi downstream kernel (via talos-rpi5/talos-builder patches) to produce working CM5 images with our extensions and overclock config.

Current versions

Component Version
Talos Linux Talos version
RPi Kernel Kernel version
iscsi-tools iscsi-tools version
util-linux-tools util-linux-tools version

Image tags

Release images are published to docker.io/svrnty/talos-rpi5 with the format:

v<talos>-k<kernel>-<revision>

For example: v1.12.3-k6.12.47-2

Segment Meaning
v1.12.3 Upstream Talos Linux version
k6.12.47 RPi downstream kernel version
2 Build revision (bumped for config/patch changes on the same upstream versions)

Usage

Install from raw disk image

Download metal-arm64.raw.zst from the latest release and flash to eMMC:

zstd -d metal-arm64.raw.zst -o metal-arm64.raw
# Flash to eMMC/SD via your preferred tool (dd, balenaEtcher, etc.)

Upgrade an existing node

Warning: In-place upgrades via talosctl upgrade may fail on RPi5/CM5 hardware with a SetVariableRT EFI firmware error. See Known issues below. For now, the recommended upgrade path is to re-flash the disk image.

# Re-flash method (reliable)
zstd -d metal-arm64.raw.zst -o metal-arm64.raw
# Flash to eMMC/SD via your preferred tool

# In-place method (experimental — may fail, see known issues)
talosctl upgrade --image docker.io/svrnty/talos-rpi5:v1.12.3-k6.12.47-2

What's included

  • RPi downstream kernel with CM5/RP1 support (4K page size, aligned with upstream Talos)
  • Overclock: 2.6GHz (arm_freq=2600, over_voltage_delta=50000, arm_boost=1)
  • Extensions: iscsi-tools, util-linux-tools

Known issues

In-place upgrade fails (SetVariableRT)

talosctl upgrade may fail during the bootloader installation step with:

Firmware does not support SetVariableRT. Can not remount with rw

The RPi5/CM5 EFI firmware does not support runtime EFI variable writes, which the Talos bootloader update requires. Re-flashing the disk image is the reliable upgrade path for now. We are investigating GRUB-based boot as a fix (see Roadmap).

Upstream: talos-builder#21

No serial console output after boot

Serial output goes silent after the EFI stub decompresses the kernel and exits boot services. This affects headless debugging on CM5 boards where serial is the primary console.

Upstream: talos-builder#4

Install disk config ignored on SBCs

Talos ignores the machine.install.disk config field on SBC platforms. You must flash the disk image directly to your target disk (eMMC, SD, NVMe). Booting from USB or NVMe also requires flashing directly to that disk — the image targets SD (mmcblk0) by default.

Upstream: talos-builder#22

Roadmap

This project targets production-ready Talos clusters on RPi5/CM5 hardware. Key milestones:

  • Switch to 4K page size — Aligned with upstream Talos kernel config. Reduces memory overhead and improves workload compatibility (Longhorn, jemalloc, F2FS, etc.).
  • Reliable in-place upgrades — Investigate GRUB-based boot or alternative bootloader strategies to work around the SetVariableRT firmware limitation, enabling talosctl upgrade on RPi5/CM5.
  • Serial console fix — Debug U-Boot/kernel handoff to restore serial output after EFI stub exit.
  • NVMe boot support — Produce images that target NVMe directly, or document a supported NVMe boot flow.

Building

For local builds, CI/CD setup, runner configuration, and project structure, see TECHNICAL.md.

License

This project is licensed under the Mozilla Public License 2.0.

It builds upon the following MPL 2.0 licensed upstream projects:

Our patches to these projects are in the patches/ directory and are distributed under the same MPL 2.0 terms.