Add talos config
This commit is contained in:
Grant
parent
b26451d584
commit
e36a1f348e
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,2 +1,4 @@
|
|||||||
|
talos/secrets.yaml
|
||||||
|
|
||||||
kgnot/config.production.json
|
kgnot/config.production.json
|
||||||
53ll/config.production.json
|
53ll/config.production.json
|
||||||
21
README.md
21
README.md
@ -2,17 +2,24 @@
|
|||||||
Like the cloud but local.
|
Like the cloud but local.
|
||||||
|
|
||||||
## Required tools
|
## Required tools
|
||||||
- talosctl (https://www.talos.dev/v1.9/talos-guides/install/talosctl/)
|
- talosctl (https://www.talos.dev/v1.9/talos-guides/install/talosctl/ )
|
||||||
- kubectl (https://kubernetes.io/docs/tasks/tools/#kubectl)
|
- kubectl (https://kubernetes.io/docs/tasks/tools/#kubectl )
|
||||||
- bitwarded secrets CLI (https://bitwarden.com/help/secrets-manager-cli/)
|
- bitwarded secrets CLI (https://bitwarden.com/help/secrets-manager-cli/ )
|
||||||
|
|
||||||
## Talos Cluster
|
## Talos Cluster
|
||||||
|
### Generate config
|
||||||
|
```sh
|
||||||
|
bws secret get <talos-secret-id> -o json | jq .value --raw-output > talos/secrets.yaml
|
||||||
|
talosctl gen config fog https://192.168.1.43:6443 \
|
||||||
|
--with-secrets talos/secrets.yaml \
|
||||||
|
--config-patch @talos/machine_patch.yaml \
|
||||||
|
--config-patch-control-plane @talos/cluster_patch.yaml
|
||||||
|
```
|
||||||
### Add node to talos cluster
|
### Add node to talos cluster
|
||||||
```sh
|
```sh
|
||||||
talosctl apply-config [--insecure] -n 192.168.1.38 --file worker.yaml
|
talosctl apply-config [--insecure] -n 192.168.1.38 --file talos/worker.yaml
|
||||||
talosctl apply-config [--insecure] -n 192.168.1.39 --file worker.yaml
|
talosctl apply-config [--insecure] -n 192.168.1.39 --file talos/worker.yaml
|
||||||
talosctl apply-config [--insecure] -n 192.168.1.43 --file controlplane.yaml
|
talosctl apply-config [--insecure] -n 192.168.1.43 --file talos/controlplane.yaml
|
||||||
```
|
```
|
||||||
### Update context
|
### Update context
|
||||||
```sh
|
```sh
|
||||||
|
|||||||
5
talos/cluster_patch.yaml
Normal file
5
talos/cluster_patch.yaml
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
cluster:
|
||||||
|
proxy:
|
||||||
|
extraArgs:
|
||||||
|
ipvs-strict-arp: true
|
||||||
|
allowSchedulingOnControlPlanes: true
|
||||||
14
talos/machine_patch.yaml
Normal file
14
talos/machine_patch.yaml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
machine:
|
||||||
|
kubelet:
|
||||||
|
extraArgs:
|
||||||
|
rotate-server-certificates: true
|
||||||
|
udev:
|
||||||
|
rules:
|
||||||
|
# set all disks to `none` scheduler (optimal setting for Ceph and ZFS)
|
||||||
|
- SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", ATTR{queue/scheduler}="none"
|
||||||
|
- SUBSYSTEM=="drm", GROUP="44", MODE="0660"
|
||||||
|
# Allow ceph to recognize usb devices as scsi via udev custom rules
|
||||||
|
# https://github.com/rook/rook/issues/14699#issuecomment-2350953135
|
||||||
|
- ACTION=="add", ENV{ID_TYPE}=="disk", ENV{ID_BUS}=="usb", ENV{ID_BUS}="scsi"
|
||||||
|
- ACTION=="change", ENV{ID_TYPE}=="disk", ENV{ID_BUS}=="usb", ENV{ID_BUS}="scsi"
|
||||||
|
- ACTION=="online", ENV{ID_TYPE}=="disk", ENV{ID_BUS}=="usb", ENV{ID_BUS}="scsi"
|
||||||
Loading…
x
Reference in New Issue
Block a user