rock5b: document status of fork

Replace most of the README with some info about why this fork even exists as well as a list of the various hacks holding it together.
milas · Jan 24, 2023 · 095c4a2 · 095c4a2
1 parent bd389e0
commit 095c4a2
Showing 1 changed file with 98 additions and 48 deletions.
diff --git a/README.md b/README.md
@@ -4,60 +4,110 @@
   <h1 align="center">Talos Linux</h1>
   <p align="center">A modern OS for Kubernetes.</p>
   <p align="center">
-    <a href="https://github.com/talos-systems/talos/releases/latest">
-      <img alt="Release" src="https://img.shields.io/github/release/talos-systems/talos.svg?logo=github&logoColor=white&style=flat-square">
-    </a>
-    <a href="https://github.com/talos-systems/talos/releases/latest">
-      <img alt="Pre-release" src="https://img.shields.io/github/release-pre/talos-systems/talos.svg?label=pre-release&logo=GitHub&logoColor=white&style=flat-square">
+    <a href="https://github.com/milas/rock5b-talos/releases/latest">
+      <img alt="Release" src="https://img.shields.io/github/release/milas/rock5b-talos.svg?logo=github&logoColor=white&style=flat-square">
     </a>
   </p>
 </p>
 
 ---
 
-**Talos** is a modern OS for running Kubernetes: secure, immutable, and minimal.
-Talos is fully open source, production-ready, and supported by the people at [Sidero Labs](https://www.SideroLabs.com/)
-All system management is done via an API - there is no shell or interactive console.
-Benefits include:
-
-- **Security**: Talos reduces your attack surface: It's minimal, hardened, and immutable.
-  All API access is secured with mutual TLS (mTLS) authentication.
-- **Predictability**: Talos eliminates configuration drift, reduces unknown factors by employing immutable infrastructure ideology, and delivers atomic updates.
-- **Evolvability**: Talos simplifies your architecture, increases your agility, and always delivers current stable Kubernetes and Linux versions.
-
-## Documentation
-
-For instructions on deploying and managing Talos, see the [Documentation](https://www.talos.dev/docs/latest/).
-
-## Community
-
-- Slack: Join our [slack channel](https://slack.dev.talos-systems.io)
-- Support: Questions, bugs, feature requests [GitHub Discussions](https://github.com/talos-systems/talos/discussions)
-- Forum: [community](https://groups.google.com/a/SideroLabs.com/forum/#!forum/community)
-- Twitter: [@SideroLabs](https://twitter.com/SideroLabs)
-- Email: [info@SideroLabs.com](mailto:info@SideroLabs.com)
-
-If you're interested in this project and would like to help in engineering efforts or have general usage questions, we are happy to have you!
-We hold a weekly meeting that all audiences are welcome to attend.
-
-We would appreciate your feedback so that we can make Talos even better!
-To do so, you can take our [survey](https://docs.google.com/forms/d/1TUna5YTYGCKot68Y9YN_CLobY6z9JzLVCq1G7DoyNjA/edit).
-
-### Office Hours
-
-- When: Mondays at 16:30 UTC.
-- Where: [Google Meet](https://meet.google.com/day-pxhv-zky).
-
-You can subscribe to this meeting by joining the community forum above.
-
-> Note: You can convert the meeting hours to your [local time](https://everytimezone.com/s/599e61d6).
-
-## Contributing
-
-Contributions are welcomed and appreciated!
-See [Contributing](CONTRIBUTING.md) for our guidelines.
-
-## License
+### 🍴 This is a _fork_ of [siderolabs/talos](https://github.com/siderolabs/talos/) to support the Radxa Rock 5B 🍴
+
+# Why does this exist?
+Currently, the Radxa Rock 5B, like all other Rockchip RK3588-based boards, requires a BSP kernel.
+Additionally, there's no mature EFI bootloader support.
+
+Due to this situation, until/if mainline Linux RK3588 support improves, it's not practical to support the board in its current state in the main Talos codebase.
+As a result, this is a "friendly fork": it exists to serve a specific niche and will cease to exist as soon as upstream support is practical.
+(I have no affiliation with Sidero Labs! But this is way too extensive & hacky to be reasonable to open a PR for.)
+
+_Please_ be respectful of upstream if you run into any problems.
+If there's any doubt about whether an issue is caused by this fork, err on the side of making an issue here first!
+
+# Install
+> 💾 I've only tested this using eMMC, but it should work for an SD card as well
+
+Flashable images are available from the [releases](https://github.com/milas/rock5b-talos/releases/latest).
+
+You can write this to your eMMC/SD card using `dd`, Balena Etcher, etc. 
+
+# Machine Configuration
+Use the `docker.io/milas/rock5b-talos` images instead of the upstream Talos Linux images.
+These include a modified version of Talos to support the Rock 5B in addition to the vendor U-Boot & kernel.
+
+```yaml
+machine:
+  install:
+    # for SD card, use /dev/mmcblk0
+    disk: /dev/mmcblk1
+    image: docker.io/milas/rock5b-talos:v1.3.3-rock5b
+    bootloader: true
+    wipe: false
+```
+
+# Building
+## Kernel
+The kernel is built using the config at [`./hack/rock5b/rockchip_linux_defconfig`](https://github.com/milas/rock5b-talos/blob/sbc-rock5b/hack/rock5b/rockchip_linux_defconfig).
+
+Builds are done using [milas/rock5b-docker-build](https://github.com/milas/rock5b-docker-build) which provides a Dockerized toolchain to build the BSP kernel.
+
+To build & push:
+```shell
+IMAGE="ghcr.io/milas/rock5b-kernel-talos" docker buildx bake --push --set "rock5b-kernel.tags=$IMAGE" rock5b-kernel
+```
+
+## Talos Installer (OCI)
+The `Makefile` has been modified slightly to allow overriding the kernel context easily.
+
+To build & push:
+```shell
+IMAGE="ghcr.io/milas/rock5b-kernel-talos@sha256:..."
+make installer PUSH=1 IMAGE_NAME="rock5b-talos" EXTRA_CONTEXT="ghcr.io/milas/rock5b-kernel-talos=docker-image://$IMAGE"
+```
+
+See `Makefile` for more variables, e.g. `IMAGE_REGISTRY` and `USERNAME`.
+
+New installer container images are published on every commit.
+
+## Flashable Talos Image (`.img.xz`)
+You can create a flashable image as well after building & pushing the installer.
+
+See `Makefile` for more variables, e.g. `IMAGE_REGISTRY` and `USERNAME`.
+
+To create in `./_out/`:
+```shell
+mkdir -p ./_out/
+make sbc-rock_5b IMAGE_NAME="rock5b-talos" IMAGE_TAG="latest"
+```
+
+# Differences from [siderolabs/talos](https://github.com/siderolabs/talos)
+* Support [radxa/u-boot](https://github.com/radxa/u-boot) ([#1](https://github.com/milas/rock5b-talos/issues/1)):
+  * Adjust partition offset logic
+  * Remove BIOS/EFI partitions entirely
+  * Change Talos root partition to ext4 from xfs
+  * Add `rk3588-rock-5b.dtb` (& `rk3588-uart7-m2.dtbo`) directly to
+    Talos root partition (these would normally be in the EFI partition)
+  * Add (hardcoded) `/extlinux/extlinux.conf` directly to Talos
+    root partition
+    >⚠️ As U-Boot directly boots the kernel (no GRUB), `extlinux.conf`
+      contains the kernel args, meaning there's no way to customize them
+      right now since it's not templated/generated by the installer! ([#3](https://github.com/milas/rock5b-talos/issues/3))
+* Support [radxa/kernel](https://github.com/radxa/kernel):
+  * Remove `proc.sys.kernel.yama.ptrace_scope` from KSPP list
+  * Disable IMA policy
+  * ~~Add new step to `systemRequirements` phase to forcibly load the
+    `r8125` ethernet driver ([#2](https://github.com/milas/rock5b-talos/issues/2))~~
+  * Increase minimum installer size to account for the BSP kernel
+    being ~1GB ([#4](https://github.com/milas/rock5b-talos/issues/4))
+  * No-op `SystemInfoController` (no SMBIOS support)
+
+# Resources
+* [milas/rock5b-docker-build](https://github.com/milas/rock5b-docker-build)
+* [radxa/kernel](https://github.com/radxa/kernel)
+* [siderolabs/talos](https://github.com/siderolabs/talos/)
+
+# License
 
 <a href="https://github.com/talos-systems/talos/blob/master/LICENSE">
   <img alt="GitHub" src="https://img.shields.io/github/license/talos-systems/talos?style=flat-square">