From d4349045ae3dfa5fa380a6ad01f17c93ea233e66 Mon Sep 17 00:00:00 2001
From: auricom <27022259+auricom@users.noreply.github.com>
Date: Sun, 20 Oct 2024 09:48:07 +0200
Subject: [PATCH] =?UTF-8?q?=E2=AC=86=EF=B8=8F=20Update=20kubernetes=20to?=
 =?UTF-8?q?=201.31?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md                                   |  2 +-
 kubernetes/talos/cluster-0/talconfig.yaml   | 34 +++++++++++++++------
 kubernetes/talos/cluster-0/talenv.sops.yaml |  7 ++---
 3 files changed, 29 insertions(+), 14 deletions(-)

diff --git a/README.md b/README.md
index abe727516..841264714 100644
--- a/README.md
+++ b/README.md
@@ -13,7 +13,7 @@
 <div align="center">
 
 [![Discord](https://img.shields.io/discord/673534664354430999?style=for-the-badge&label&logo=discord&logoColor=white&color=blue)](https://discord.gg/k8s-at-home)
-[![Kubernetes](https://img.shields.io/badge/v1.30-blue?style=for-the-badge&logo=kubernetes&logoColor=white)](https://talos.dev/)
+[![Kubernetes](https://img.shields.io/badge/v1.31-blue?style=for-the-badge&logo=kubernetes&logoColor=white)](https://talos.dev/)
 [![Renovate](https://img.shields.io/github/actions/workflow/status/auricom/home-ops/renovate.yaml?branch=main&label=&logo=renovatebot&style=for-the-badge&color=blue)](https://github.com/auricom/home-ops/actions/workflows/renovate.yaml)
 
 </div>
diff --git a/kubernetes/talos/cluster-0/talconfig.yaml b/kubernetes/talos/cluster-0/talconfig.yaml
index 477ac95b9..6292f6dd8 100644
--- a/kubernetes/talos/cluster-0/talconfig.yaml
+++ b/kubernetes/talos/cluster-0/talconfig.yaml
@@ -6,18 +6,17 @@
 
 clusterName: cluster-0
 
-# renovate: depName=ghcr.io/buroa/installer datasource=docker
-talosVersion: v1.7.6
-# renovate: depName=ghcr.io/siderolabs/kubelet datasource=docker
-kubernetesVersion: v1.30.2
-endpoint: https://cluster-0.${domainName}:6443
+# renovate: datasource=docker depName=ghcr.io/siderolabs/installer
+talosVersion: v1.8.1
+# renovate: datasource=docker depName=ghcr.io/siderolabs/kubelet
+kubernetesVersion: v1.31.1
+endpoint: https://cluster-0.${internalDomain}:6443
 allowSchedulingOnMasters: true
 cniConfig:
   name: none
 
 additionalApiServerCertSans: &san
   - ${clusterEndpointIP}
-  - https://cluster-0.${domainName}:6443
   - https://cluster-0.${internalDomain}:6443
   - 127.0.0.1 # KubePrism
 
@@ -37,6 +36,10 @@ patches:
               - rw
 
 nodes:
+  - hostname: talos-node-1
+    ipAddress: 192.168.9.101
+    controlPlane: false
+    installDisk: /dev/nvme0n1
   - hostname: talos-node-2
     ipAddress: 192.168.9.102
     controlPlane: true
@@ -57,8 +60,9 @@ controlPlane:
         - net.ifnames=0
       systemExtensions:
         officialExtensions:
-          - siderolabs/intel-ucode
           - siderolabs/i915-ucode
+          - siderolabs/intel-ucode
+          - siderolabs/mei
 
   patches:
     # Disable search domain everywhere
@@ -67,6 +71,15 @@ controlPlane:
         network:
           disableSearchDomain: true
 
+    # Disable Host DNS
+    - |-
+      machine:
+        features:
+          hostDNS:
+            enabled: true
+            resolveMemberNames: true
+            forwardKubeDNSToHost: false
+
     # Configure NTP
     - |-
       machine:
@@ -90,7 +103,7 @@ controlPlane:
           extraHostEntries:
             - ip: ${clusterEndpointIP}
               aliases:
-                - cluster-0.${domainName}
+                - cluster-0.${internalDomain}
 
     # Cluster configuration
     - |-
@@ -129,8 +142,11 @@ controlPlane:
     - |-
       machine:
         sysctls:
-          fs.inotify.max_user_watches: "1048576"
+          fs.inotify.max_queued_events: "65536"
           fs.inotify.max_user_instances: "8192"
+          fs.inotify.max_user_watches: "524288"
+          net.core.rmem_max: "7500000"
+          net.core.wmem_max: "7500000"
 
     # Redirect logs
     # - |-
diff --git a/kubernetes/talos/cluster-0/talenv.sops.yaml b/kubernetes/talos/cluster-0/talenv.sops.yaml
index 71757794f..3de8b56b5 100644
--- a/kubernetes/talos/cluster-0/talenv.sops.yaml
+++ b/kubernetes/talos/cluster-0/talenv.sops.yaml
@@ -1,4 +1,3 @@
-domainName: ENC[AES256_GCM,data:hiV44QNvh2cTS4w=,iv:ipIrMnmZoEzJqTquHjbqOKmCzIXUK8YfvdthiRenqhY=,tag:iUgHayWCMho+/TuItXjX0g==,type:str]
 clusterEndpointIP: ENC[AES256_GCM,data:6Ual1ymP6c+F7FUCdw==,iv:h2n4l/oAN9tmUmJ7ZJVvalMyAwSVbIH+T9QehbRBmvk=,tag:zCjee63afjbyBGz3+qn22Q==,type:str]
 internalDomain: ENC[AES256_GCM,data:NIGuitKoGqshzg==,iv:TDHdUAv6BUlyE1KBQumQN9wZpGfWwBDtSWdBpO6GlmI=,tag:WkAAD7cLLf/gxIFLJvRatg==,type:str]
 sops:
@@ -16,8 +15,8 @@ sops:
             QXZCejNUNG5IbnJUb2dzU1lvbFNiYUkKm2TnIcxEM14wKgvfa/rDb/mB4oJt++g6
             AortgmCcD6DvdNEvbNXeXUaYhnxF5Vpzi5+B1bEwB1WnBMSKSYhKkw==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-05-14T00:17:22Z"
-    mac: ENC[AES256_GCM,data:FOBWLylQ/0N5OPIymlHwoeJXFr0BMmagodbTRSrXQ5EekZ1XpggCX7d2ZFh9O6GFcOUWXQ93OIzaF7dO8iaUmOInzNMqKTrDx8HQ60G8zawUHNsKIXWSjQniBeFxhE79Nid3oaYap1tGqXR5kl/0JA03TGJnYEOLUHDNYjAwouU=,iv:MjniDy7ZCG5/R8n/+OAoIL4f7eGHswVNNy7+HbhNqlk=,tag:R322jRHjFdBtCfK+K9QvWQ==,type:str]
+    lastmodified: "2024-10-19T11:27:41Z"
+    mac: ENC[AES256_GCM,data:vgAB1TcIx2LjZyARcfG0RzqhcgpqWhSkHeoBpLxCSSt9I8vsh8tMYiUY2s4wTCeliyTnRCtvsE63NVdCdQJrurk/Dnq9ODeeHJy2hLKUL/qTLKkD8He6x1AhtYqXSt7oRrInG4CdPJN5G2ebt8jcYrRtzideYNqu2Asq+JI1Lb0=,iv:e9oJqlBFdrZkgvO+H6Lg7mp0c3mWYxjNBVzH0AScYUI=,tag:9w9hqTcJxdvImKMEppBoJw==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
-    version: 3.8.1
+    version: 3.9.1