From d743b3d566998959689c5f23607ab252a374bf16 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Wed, 10 Sep 2025 16:36:02 +0200 Subject: [PATCH] [docs] Add LVM global_filter configuration to avoid scanning user devices Same change is already included in Talm: https://github.com/cozystack/talm/pull/76 Signed-off-by: Andrei Kvapil --- content/en/docs/install/kubernetes/talos-bootstrap.md | 11 +++++++++++ content/en/docs/install/kubernetes/talosctl.md | 11 +++++++++++ 2 files changed, 22 insertions(+) diff --git a/content/en/docs/install/kubernetes/talos-bootstrap.md b/content/en/docs/install/kubernetes/talos-bootstrap.md index 73aa6def..5d0205ce 100644 --- a/content/en/docs/install/kubernetes/talos-bootstrap.md +++ b/content/en/docs/install/kubernetes/talos-bootstrap.md @@ -79,6 +79,17 @@ talos-bootstrap --help device_ownership_from_security_context = true path: /etc/cri/conf.d/20-customization.part op: create + - op: overwrite + path: /etc/lvm/lvm.conf + permissions: 0o644 + content: | + backup { + backup = 0 + archive = 0 + } + devices { + global_filter = [ "r|^/dev/drbd.*|", "r|^/dev/dm-.*|", "r|^/dev/zd.*|" ] + } cluster: network: diff --git a/content/en/docs/install/kubernetes/talosctl.md b/content/en/docs/install/kubernetes/talosctl.md index 04cf2fdd..39add7cd 100644 --- a/content/en/docs/install/kubernetes/talosctl.md +++ b/content/en/docs/install/kubernetes/talosctl.md @@ -97,6 +97,17 @@ Discovered open port 50000/tcp on 192.168.123.13 device_ownership_from_security_context = true path: /etc/cri/conf.d/20-customization.part op: create + - op: overwrite + path: /etc/lvm/lvm.conf + permissions: 0o644 + content: | + backup { + backup = 0 + archive = 0 + } + devices { + global_filter = [ "r|^/dev/drbd.*|", "r|^/dev/dm-.*|", "r|^/dev/zd.*|" ] + } cluster: apiServer: