shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-12-22 07:26:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
007cb3d210d8e3fe7f30a6a510b3f1ac63fceff7
auricom-home-cluster/infrastructure/talos
History
feisar-bot 8b200763b9 ⬆️ Update fluxcd/flux2 to v0.37.0 
| datasource      | package      | from    | to      |
| --------------- | ------------ | ------- | ------- |
| github-releases | fluxcd/flux2 | v0.36.0 | v0.37.0 |
| github-releases | fluxcd/flux2 | v0.36.0 | v0.37.0 |
| github-tags     | fluxcd/flux2 | v0.36.0 | v0.37.0 |
2022-11-24 09:25:32 +00:00
..
cluster-0
⬆️ Update fluxcd/flux2 to v0.37.0
2022-11-24 09:25:32 +00:00
.gitignore
new talos cluster
2022-11-20 16:37:40 +01:00
README.md
new talos cluster
2022-11-20 16:37:40 +01:00

README.md

Talos Linux cluster

... managed with Talhelper 🤖

:book:  Overview

This directory contains my Talos Kubernetes cluster in declarative state. I use my own tool Talhelper to create the machineconfig files of all my nodes. The secrets are encrypted with SOPS.

Feel free to open a Github issue if you have any questions.

:scroll:  How to apply

  1. Prepare your nodes with Talos Linux
  2. Install talhelper.
  3. Create your own talconfig.yaml.
  4. Run talhelper gensecret > talsecret.sops.yaml if you don't have machineconfig before or talhelper gensecret -f <your-machineconfig.yaml> > talsecret.sops.yaml if you already have one.
  5. Run sops -e -i talsecret.sops.yaml to encrypt your secrets (make sure you already have your own .sops.yaml) file.
  6. Run talhelper genconfig and the files will be generated in ./clusterconfig directory by default.
  7. Copy the generated ./clusterconfig/talosconfig to your ~/.talos/config.
  8. Run talosctl -n <node-ip> apply-config --insecure --file ./clusterconfig/<clustername>-<hostname>.yaml on each of your node. Don't forget to run talosctl -n <node-ip> bootstrap on one of your controlplane node.
  9. Push your current directory to your git repository of choice. 😉

:memo:  After bootstrap

  1. Deploy cilium : kubectl kustomize --enable-helm ./cni | kubectl apply -f -
  2. Deploy kubelet-csr-approver kubectl kustomize --enable-helm ./kubelet-csr-approver | kubectl apply -f - to approve csr issued by talos nodes (that will allow to see pods logs).
  3. Deploy flux kubectl apply -k ./flux
  4. Create flux github secret kubectl apply -f ./flux/.decrypted\~github-deploy-key.sops.yaml
  5. Create sops secret cat ~/.config/sops/age/keys.txt | kubectl create secret generic sops-age --namespace=flux-system --from-file=age.agekey=/dev/stdin
  6. Apply flux cluster configuration kubectl apply -k kubernetes/flux
  7. Apply flux base configuration kubectl apply -f kubernetes/base/flux.yaml
  8. Apply flux core kubectl apply -f kubernetes/cluster-0/core/flux.yaml
  9. Apply flux apps kubectl apply -f kubernetes/cluster-0/apps/flux.yaml
Reference in New Issue View Git Blame Copy Permalink