commit eae471a9d5624b9345cac965da475d9fcc991361 Author: Remy Moll Date: Mon Sep 16 20:08:29 2024 +0200 simple configuration and documentation diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..1bfde2a --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +controlplane.yaml +worker.yaml +talosconfig +patched.yaml diff --git a/README.md b/README.md new file mode 100644 index 0000000..d0614a2 --- /dev/null +++ b/README.md @@ -0,0 +1,55 @@ +# Cluster configuration + +> Following [https://www.talos.dev/v1.7](https://www.talos.dev/v1.7) + +## Configuration layout +The main talos configuration is in the `controlplane.yaml` and `worker.yaml` files. They contain the configuration for the controlplane and worker nodes as well as the certificates and keys for the cluster. **They cannot be checked into version control**. + +Luckily, the boilerplate configuration can be generated with `talosctl gen config ...` and we are not deviating significantly from the defaults. We will only need small patches as described below. + +- The main configuration is given by the `controlplane.yaml`, `worker.yaml` and `talosconfig` files. They need to be generated by `talosctl`. +- The patches are in the `patch` directory. + - Patches applied to **all** nodes are in `common.yaml`. + - Patches applied + + +## High-availability setup +For this setup we want to use a virtual IP (VIP) for the controlplane nodes. This only works once etcd is running on at least one of the controlplane nodes. + +- Prerequisites: + ``` + export TALOSCONFIG="talosconfig" + ``` + +- Setup a cluster on one node. I chose a vm node. + ``` + talosctl gen config kluster https://192.168.1.199:6443 + ``` + ``` + talosctl machineconfig patch controlplane.yaml --patch @patch/common.yaml --patch @patch/controlplane.vm.yaml > patched.yaml + talosctl apply-config --insecure --nodes 192.168.1.199 --file patched.yaml + + talosctl config endpoint 192.168.1.199 + talosctl config node 192.168.1.199 + talosctl bootstrap + ``` + +- Now modify the controlplane configuration to use a VIP, by changing all occurrences of the IP address (...199) to the VIP (...222). + +- Apply the configuration to the rest of the controlplane nodes. + ``` + talosctl machineconfig patch controlplane.yaml --patch @patch/common.yaml --patch @patch/controlplane.vm.yaml > patched.yaml + talosctl apply-config --insecure --nodes 192.168.1.201 --file patched.yaml + # For the second node as well + talosctl machineconfig patch controlplane.yaml --patch @patch/common.yaml --patch @patch/controlplane.metal.yaml > patched.yaml + talosctl apply-config --insecure --nodes 192.168.1.108 --file patched.yaml + ``` + +- Also add the new nodes to the talosctl configuration, by manually editing the `endpoints` and `nodes` sections in the `talosconfig` file. + +- Finally, get the kubeconfig file. + ``` + talosctl kubeconfig . + ``` + +- Proceed to cluster bootstrapping. diff --git a/patch/common.yaml b/patch/common.yaml new file mode 100644 index 0000000..6af3f29 --- /dev/null +++ b/patch/common.yaml @@ -0,0 +1,18 @@ +machine: + network: + interfaces: + # we select the first interface and give it a virtual IP. + - deviceSelector: + busPath: "0*" + dhcp: true + vip: + ip: 192.168.1.222 + + nameservers: + - 8.8.8.8 + - 1.1.1.1 + + +cluster: + allowSchedulingOnControlPlanes: true + diff --git a/patch/controlplane.metal.yaml b/patch/controlplane.metal.yaml new file mode 100644 index 0000000..dc39434 --- /dev/null +++ b/patch/controlplane.metal.yaml @@ -0,0 +1,7 @@ +machine: + install: + disk: /dev/nvme0n1 + + nodeLabels: + machineType: baremetal + diff --git a/patch/controlplane.vm.yaml b/patch/controlplane.vm.yaml new file mode 100644 index 0000000..0413abf --- /dev/null +++ b/patch/controlplane.vm.yaml @@ -0,0 +1,7 @@ +machine: + install: + disk: /dev/sda + + nodeLabels: + machineType: vm +