shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-09-17 18:24:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

⬆️ talos v1.5.x

Browse Source
This commit is contained in:
auricom
2023-11-06 10:40:49 +01:00
parent 0757c546a8
commit b739edf743
2 changed files with 89 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -13,7 +13,7 @@
<div align="center"> <div align="center">
[![Discord](https://img.shields.io/discord/673534664354430999?style=for-the-badge&label&logo=discord&logoColor=white&color=blue)](https://discord.gg/k8s-at-home) [![Discord](https://img.shields.io/discord/673534664354430999?style=for-the-badge&label&logo=discord&logoColor=white&color=blue)](https://discord.gg/k8s-at-home)
[![Kubernetes](https://img.shields.io/badge/v1.27-blue?style=for-the-badge&logo=kubernetes&logoColor=white)](https://talos.dev/) [![Kubernetes](https://img.shields.io/badge/v1.28-blue?style=for-the-badge&logo=kubernetes&logoColor=white)](https://talos.dev/)
[![Renovate](https://img.shields.io/github/actions/workflow/status/auricom/home-ops/renovate.yaml?branch=main&label=&logo=renovatebot&style=for-the-badge&color=blue)](https://github.com/auricom/home-ops/actions/workflows/renovate.yaml) [![Renovate](https://img.shields.io/github/actions/workflow/status/auricom/home-ops/renovate.yaml?branch=main&label=&logo=renovatebot&style=for-the-badge&color=blue)](https://github.com/auricom/home-ops/actions/workflows/renovate.yaml)
</div> </div>

136
talos/cluster-0/talconfig.yaml
View File

@@ -1,10 +1,20 @@
--- ---
clusterName: cluster-0 clusterName: cluster-0
talosVersion: v1.4.0 talosVersion: v1.5.4
kubernetesVersion: v1.27.1 kubernetesVersion: v1.28.3
endpoint: https://cluster-0.${domainName}:6443 endpoint: https://cluster-0.${domainName}:6443
# Image URL rendered on https://factory.talos.dev
# customization:
# extraKernelArgs:
# - net.ifnames=0
# systemExtensions:
# officialExtensions:
# - siderolabs/i915-ucode
# - siderolabs/intel-ucode
talosImageURL: factory.talos.dev/installer/22b1d04da881ef7c57edb0f24d1f3ba2c78a8e22cbe3fa9af4f42d487b2863f7
cniConfig: cniConfig:
name: none name: none
@@ -16,10 +26,10 @@ additionalMachineCertSans:
- cluster-0.${domainName} - cluster-0.${domainName}
nodes: nodes:
- hostname: talos-node-1 # - hostname: talos-node-1
ipAddress: 192.168.9.101 # ipAddress: 192.168.9.101
controlPlane: true # controlPlane: true
installDisk: /dev/sda # installDisk: /dev/sda
- hostname: talos-node-2 - hostname: talos-node-2
ipAddress: 192.168.9.102 ipAddress: 192.168.9.102
controlPlane: true controlPlane: true
@@ -35,55 +45,85 @@ nodes:
controlPlane: controlPlane:
patches: patches:
# Disable search domain everywhere
- |-
machine:
network:
disableSearchDomain: true
# Configure NTP
- |-
machine:
time:
disabled: false
servers:
- 192.168.8.1
# Enable KubePrism
- |-
machine:
features:
kubePrism:
enabled: true
port: 7445
# Configure cluster loopback
- |- - |-
cluster:
allowSchedulingOnMasters: true
apiServer:
extraArgs:
feature-gates: MixedProtocolLBService=true
controllerManager:
extraArgs:
feature-gates: MixedProtocolLBService=true
discovery:
registries:
service:
disabled: true
proxy:
disabled: true
extraArgs:
feature-gates: MixedProtocolLBService=true,EphemeralContainers=True
scheduler:
extraArgs:
feature-gates: MixedProtocolLBService=true,EphemeralContainers=True
machine: machine:
files:
- content: |
[plugins."io.containerd.grpc.v1.cri"]
enable_unprivileged_ports = true
enable_unprivileged_icmp = true
path: /var/cri/conf.d/allow-unpriv-ports.toml
op: create
kubelet:
extraArgs:
feature-gates: GracefulNodeShutdown=true,MixedProtocolLBService=true
rotate-server-certificates: "true"
install:
extraKernelArgs:
- "talos.logging.kernel=udp://192.168.169.108:6050/"
logging:
destinations:
- endpoint: "udp://192.168.169.108:6051/"
format: json_lines
network: network:
extraHostEntries: extraHostEntries:
- ip: ${clusterEndpointIP} - ip: ${clusterEndpointIP}
aliases: aliases:
- cluster-0.${domainName} - cluster-0.${domainName}
# Cluster configuration
- |-
cluster:
allowSchedulingOnMasters: true
proxy:
disabled: true
# Configure containerd
- |-
machine:
files:
- op: create
path: /etc/cri/conf.d/20-customization.part
content: |
[plugins]
[plugins."io.containerd.grpc.v1.cri"]
enable_unprivileged_ports = true
enable_unprivileged_icmp = true
# Disable default API server admission plugins.
- |-
- op: remove
path: /cluster/apiServer/admissionControl
# Kubelet configuration
- |-
machine:
kubelet:
extraArgs:
feature-gates: CronJobTimeZone=true,GracefulNodeShutdown=true,NewVolumeManagerReconstruction=false
rotate-server-certificates: "true"
extraConfig:
maxPods: 150
# Custom sysctls
- |-
machine:
sysctls: sysctls:
fs.inotify.max_user_watches: "1048576" fs.inotify.max_user_watches: "1048576"
fs.inotify.max_user_instances: "8192" fs.inotify.max_user_instances: "8192"
time:
disabled: false # # Redirect logs
servers: # - |-
- 192.168.8.1 # machine:
# install:
# extraKernelArgs:
# - "talos.logging.kernel=udp://192.168.169.108:6050/"
# logging:
# destinations:
# - endpoint: "udp://192.168.169.108:6051/"
# format: json_lines