joe/gitops
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
161a6f0fa5bd939edd7f50224e2a385f617c854e
gitops/talos/readme.md
Joe Monk 9e657a1b99 Try adding an ip pool
2024-02-19 00:53:49 +00:00

2.5 KiB
Raw Blame History

Set up

Prerequisites

Boot from talos iso memory stick (dd mode in rufus).

Talos

  • talosctl -n 192.168.1.101 apply-config -f controlplane.yaml --insecure
  • talosctl -n 192.168.1.101 -e 192.168.1.101 --talosconfig=./talosconfig bootstrap
  • talosctl -n 192.168.1.101 -e 192.168.1.101 --talosconfig ./talosconfig kubeconfig

Resetting

Boot the above memory stick and click reset installation, then carry on as above.

Patching

First create the patch file i.e.

cluster:
  network:
    cni:
      name: none
  proxy:
    disabled: true

Then apply the patch to the control plane yaml

talosctl machineconfig patch controlplane.yaml --patch @patch.yaml -o controlplane.yaml

And apply that control plane yaml with

talosctl -n 192.168.1.101 -e 192.168.1.101 --talosconfig ./talosconfig apply-config -f controlplane.yaml

Cilium

  • helm repo add cilium https://helm.cilium.io/
  • helm repo update
helm install \
    cilium \
    cilium/cilium \
    --version 1.15.1 \
    --namespace kube-system \
    --set rollOutCiliumPods=true \
    --set localRedirectPolicy=true \
    --set ipam.mode=kubernetes \
    --set securityContext.capabilities.ciliumAgent="{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}" \
    --set securityContext.capabilities.cleanCiliumState="{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}" \
    --set cgroup.autoMount.enabled=false \
    --set cgroup.hostRoot=/sys/fs/cgroup \
    --set hubble.relay.enabled=true \
    --set hubble.ui.enabled=true \
    --set kubeProxyReplacement=strict \
    --set kubeProxyReplacementHealthzBindAddr=0.0.0.0:10256 \
    --set socketLB.enabled=true \
    --set k8sServiceHost=localhost \
    --set k8sServicePort=7445 \
    --set autoDirectNodeRoutes=true \
    --set operator.replicas=1 \
    --set externalIPs.enabled=true \
    --set endpointRoutes.enabled=true \
    --set bgp.enabled=false \
    --set bgp.announce.loadbalancerIP=true \
    --set bgp.announce.podCIDR=false \
    --set enableCiliumEndpointSlice=true \
    --set l2announcements.enabled=true

You can modify this after install with:

helm upgrade cilium cilium/cilium --version 1.15.1 \
    --namespace kube-system \
    --reuse-values \
    --set operator.replicas=1 \
    --set externalIPs.enabled=true \
    --set enableCiliumEndpointSlice=true

Flux

  • flux bootstrap git --private-key-file=/config/.ssh/gitea --url ssh://git@gitea.home.joemonk.co.uk:2222/joe/gitops.git --branch main --path=clusters/talos