# Set up

## Prerequisites

Boot from talos iso memory stick (dd mode in rufus).

## Talos

- `talosctl -n 192.168.1.101 apply-config -f controlplane.yaml --insecure`
- `talosctl -n 192.168.1.101 -e 192.168.1.101 --talosconfig=./talosconfig bootstrap`
- `talosctl -n 192.168.1.101 -e 192.168.1.101 --talosconfig ./talosconfig kubeconfig`

### Resetting

Boot the above memory stick and click reset installation, then carry on as above.

## Patching

First create the patch file
i.e.

```patch.yaml
cluster:
  network:
    cni:
      name: none
  proxy:
    disabled: true
```

Then apply the patch to the control plane yaml

`talosctl machineconfig patch controlplane.yaml --patch @patch.yaml -o controlplane.yaml`

And apply that control plane yaml with

`talosctl -n 192.168.1.101 -e 192.168.1.101 --talosconfig ./talosconfig apply-config -f controlplane.yaml`

## Cilium

- `helm repo add cilium https://helm.cilium.io/`
- `helm repo update`

```sh
helm install \
    cilium \
    cilium/cilium \
    --version 1.15.1 \
    --namespace kube-system \
    --set rollOutCiliumPods=true \
    --set localRedirectPolicy=true \
    --set ipam.mode=kubernetes \
    --set securityContext.capabilities.ciliumAgent="{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}" \
    --set securityContext.capabilities.cleanCiliumState="{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}" \
    --set cgroup.autoMount.enabled=false \
    --set cgroup.hostRoot=/sys/fs/cgroup \
    --set hubble.relay.enabled=true \
    --set hubble.ui.enabled=true \
    --set kubeProxyReplacement=strict \
    --set kubeProxyReplacementHealthzBindAddr=0.0.0.0:10256 \
    --set socketLB.enabled=true \
    --set k8sServiceHost=localhost \
    --set k8sServicePort=7445 \
    --set autoDirectNodeRoutes=true \
    --set operator.replicas=1 \
    --set externalIPs.enabled=true \
    --set endpointRoutes.enabled=true \
    --set bgp.enabled=false \
    --set bgp.announce.loadbalancerIP=true \
    --set bgp.announce.podCIDR=false \
    --set enableCiliumEndpointSlice=true \
    --set l2announcements.enabled=true
```

You can modify this after install with:

```sh
helm upgrade cilium cilium/cilium --version 1.15.1 \
    --namespace kube-system \
    --reuse-values \
    --set operator.replicas=1 \
    --set externalIPs.enabled=true \
    --set enableCiliumEndpointSlice=true
```

## Flux

- `flux bootstrap git --private-key-file=/config/.ssh/gitea --url ssh://git@gitea.home.joemonk.co.uk:2222/joe/gitops.git --branch main --path=clusters/talos`