blob: 1c875947af487b1879c7f9a178589391abae765e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
# Talos Ansible role
This role helps provision Talos clusters using Ansible.
Currently, this role only supports VMs on Proxmox and single node clusters.
## Variables
### Host variables
```
proxmox:
id: 123
host: inventory_name_of_proxmox_host
cores: n
memory: in MB
disk: in GB
network:
ip: x.y.z.t
talos_host:
talos_cluster: cluster_name
install_disk: /dev/vda
```
### Group variables
```
talos_clusters:
cluster_name: # you can have multiple clusters
endpoint: https://host_name:6443
```
## Talos configuration
Only the Talos secret for the cluster must be stored in version control.
You must create the secret and vault it:
```
$ talosctl gen secrets -o talos/${cluster_name}-secrets.yaml
$ ansible-vault encrypt talos/${cluster_name}-secrets.yaml
```
## Role
With the above configuration, the role will:
* Create the VM in Proxmox.
Until Talos includes https://github.com/siderolabs/talos/pull/5897 , [the playbook fishes the IP from the dnsmasq Proxmox instance](tasks/proxmox.yml#L13) by using [this script](files/get-ip).
* Sets up Talos.
* Fetches the kubeconfig.
* Deploys kustomizations in `k8s/base`.
See [my kustomizations](../../../k8s/base/).
## Updates
To update Talos, update `talosctl`, then:
```
$ talosctl upgrade --preserve --talosconfig talos/talosconfig-k8s-test.example --nodes k8s-test.example.com --wait
```
To update K8S:
```
$ talosctl upgrade-k8s --talosconfig talos/talosconfig-k8s-test.example --nodes k8s-test.example.com --to kubernetes.version
```
|
