simple configuration and documentation

.gitignore

@@ -0,0 +1,4 @@
+controlplane.yaml
+worker.yaml
+talosconfig
+patched.yaml

README.md

@@ -0,0 +1,55 @@
+# Cluster configuration
+
+> Following [https://www.talos.dev/v1.7](https://www.talos.dev/v1.7)
+
+## Configuration layout
+The main talos configuration is in the `controlplane.yaml` and `worker.yaml` files. They contain the configuration for the controlplane and worker nodes as well as the certificates and keys for the cluster. **They cannot be checked into version control**.
+
+Luckily, the boilerplate configuration can be generated with `talosctl gen config ...` and we are not deviating significantly from the defaults. We will only need small patches as described below.
+
+- The main configuration is given by the `controlplane.yaml`, `worker.yaml` and `talosconfig` files. They need to be generated by `talosctl`.
+- The patches are in the `patch` directory.
+    - Patches applied to **all** nodes are in `common.yaml`.
+    - Patches applied
+
+
+## High-availability setup
+For this setup we want to use a virtual IP (VIP) for the controlplane nodes. This only works once etcd is running on at least one of the controlplane nodes.
+
+- Prerequisites:
+    ```
+    export TALOSCONFIG="talosconfig"
+    ```
+
+- Setup a cluster on one node. I chose a vm node.
+    ```
+    talosctl gen config kluster https://192.168.1.199:6443
+    ```
+    ```
+    talosctl machineconfig patch controlplane.yaml --patch @patch/common.yaml --patch @patch/controlplane.vm.yaml > patched.yaml
+    talosctl apply-config --insecure --nodes 192.168.1.199 --file patched.yaml
+
+    talosctl config endpoint 192.168.1.199
+    talosctl config node 192.168.1.199
+    talosctl bootstrap
+    ```
+
+- Now modify the controlplane configuration to use a VIP, by changing all occurrences of the IP address (...199) to the VIP (...222).
+
+- Apply the configuration to the rest of the controlplane nodes.
+    ```
+    talosctl machineconfig patch controlplane.yaml --patch @patch/common.yaml --patch @patch/controlplane.vm.yaml > patched.yaml
+    talosctl apply-config --insecure --nodes 192.168.1.201 --file patched.yaml
+    # For the second node as well
+    talosctl machineconfig patch controlplane.yaml --patch @patch/common.yaml --patch @patch/controlplane.metal.yaml > patched.yaml
+    talosctl apply-config --insecure --nodes 192.168.1.108 --file patched.yaml
+    ```
+
+- Also add the new nodes to the talosctl configuration, by manually editing the `endpoints` and `nodes` sections in the `talosconfig` file.
+
+- Finally, get the kubeconfig file.
+    ```
+    talosctl kubeconfig .
+    ```
+
+- Proceed to cluster bootstrapping.

patch/common.yaml

@@ -0,0 +1,18 @@
+machine:
+  network:
+    interfaces:
+      # we select the first interface and give it a virtual IP.
+      - deviceSelector:
+          busPath: "0*"
+        dhcp: true
+        vip:
+          ip: 192.168.1.222
+
+    nameservers:
+      - 8.8.8.8
+      - 1.1.1.1
+
+
+cluster:
+  allowSchedulingOnControlPlanes: true
+

patch/controlplane.metal.yaml

@@ -0,0 +1,7 @@
+machine:
+  install:
+    disk: /dev/nvme0n1
+
+  nodeLabels:
+    machineType: baremetal
+

patch/controlplane.vm.yaml

@@ -0,0 +1,7 @@
+machine:
+  install:
+    disk: /dev/sda
+
+  nodeLabels:
+    machineType: vm
+