mirror of
https://github.com/auricom/home-cluster.git
synced 2025-09-17 18:24:14 +02:00
161 lines
3.7 KiB
YAML
161 lines
3.7 KiB
YAML
---
|
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/budimanjojo/talhelper/master/pkg/config/schemas/talconfig.json
|
|
#
|
|
# Image URL rendered on https://factory.talos.dev
|
|
# talhelper genurl installer
|
|
|
|
clusterName: cluster-0
|
|
|
|
# renovate: datasource=docker depName=ghcr.io/siderolabs/installer
|
|
talosVersion: v1.8.1
|
|
# renovate: datasource=docker depName=ghcr.io/siderolabs/kubelet
|
|
kubernetesVersion: v1.31.1
|
|
endpoint: https://cluster-0.${internalDomain}:6443
|
|
allowSchedulingOnMasters: true
|
|
cniConfig:
|
|
name: none
|
|
|
|
additionalApiServerCertSans: &san
|
|
- ${clusterEndpointIP}
|
|
- https://cluster-0.${internalDomain}:6443
|
|
- 127.0.0.1 # KubePrism
|
|
|
|
additionalMachineCertSans: *san
|
|
|
|
patches:
|
|
- |-
|
|
machine:
|
|
kubelet:
|
|
extraMounts:
|
|
- destination: /var/openebs/local
|
|
type: bind
|
|
source: /var/openebs/local
|
|
options:
|
|
- rbind
|
|
- rshared
|
|
- rw
|
|
|
|
nodes:
|
|
- hostname: talos-node-1
|
|
ipAddress: 192.168.9.101
|
|
controlPlane: false
|
|
installDisk: /dev/nvme0n1
|
|
- hostname: talos-node-2
|
|
ipAddress: 192.168.9.102
|
|
controlPlane: true
|
|
installDisk: /dev/nvme0n1
|
|
- hostname: talos-node-3
|
|
ipAddress: 192.168.9.103
|
|
controlPlane: true
|
|
installDisk: /dev/nvme0n1
|
|
- hostname: talos-node-4
|
|
ipAddress: 192.168.9.104
|
|
controlPlane: true
|
|
installDisk: /dev/nvme0n1
|
|
|
|
controlPlane:
|
|
schematic:
|
|
customization:
|
|
extraKernelArgs:
|
|
- net.ifnames=0
|
|
systemExtensions:
|
|
officialExtensions:
|
|
- siderolabs/i915-ucode
|
|
- siderolabs/intel-ucode
|
|
- siderolabs/mei
|
|
|
|
patches:
|
|
# Disable search domain everywhere
|
|
- |-
|
|
machine:
|
|
network:
|
|
disableSearchDomain: true
|
|
|
|
# Disable Host DNS
|
|
- |-
|
|
machine:
|
|
features:
|
|
hostDNS:
|
|
enabled: true
|
|
resolveMemberNames: true
|
|
forwardKubeDNSToHost: false
|
|
|
|
# Configure NTP
|
|
- |-
|
|
machine:
|
|
time:
|
|
disabled: false
|
|
servers:
|
|
- 192.168.8.1
|
|
|
|
# Enable KubePrism
|
|
- |-
|
|
machine:
|
|
features:
|
|
kubePrism:
|
|
enabled: true
|
|
port: 7445
|
|
|
|
# Configure cluster loopback
|
|
- |-
|
|
machine:
|
|
network:
|
|
extraHostEntries:
|
|
- ip: ${clusterEndpointIP}
|
|
aliases:
|
|
- cluster-0.${internalDomain}
|
|
|
|
# Cluster configuration
|
|
- |-
|
|
cluster:
|
|
allowSchedulingOnMasters: true
|
|
proxy:
|
|
disabled: true
|
|
|
|
# Configure containerd
|
|
- |-
|
|
machine:
|
|
files:
|
|
- op: create
|
|
path: /etc/cri/conf.d/20-customization.part
|
|
content: |
|
|
[plugins]
|
|
[plugins."io.containerd.grpc.v1.cri"]
|
|
enable_unprivileged_ports = true
|
|
enable_unprivileged_icmp = true
|
|
|
|
# Disable default API server admission plugins.
|
|
- |-
|
|
- op: remove
|
|
path: /cluster/apiServer/admissionControl
|
|
|
|
# Kubelet configuration
|
|
- |-
|
|
machine:
|
|
kubelet:
|
|
extraArgs:
|
|
rotate-server-certificates: "true"
|
|
extraConfig:
|
|
maxPods: 150
|
|
|
|
# Custom sysctls
|
|
- |-
|
|
machine:
|
|
sysctls:
|
|
fs.inotify.max_queued_events: "65536"
|
|
fs.inotify.max_user_instances: "8192"
|
|
fs.inotify.max_user_watches: "524288"
|
|
net.core.rmem_max: "7500000"
|
|
net.core.wmem_max: "7500000"
|
|
|
|
# Redirect logs
|
|
# - |-
|
|
# machine:
|
|
# install:
|
|
# extraKernelArgs:
|
|
# - "talos.logging.kernel=udp://192.168.169.108:6050/"
|
|
# logging:
|
|
# destinations:
|
|
# - endpoint: "udp://192.168.169.108:6051/"
|
|
# format: json_lines
|