diff --git a/home/manifests/alpine-playground/kustomization.yaml b/home/manifests/alpine-playground/kustomization.yaml deleted file mode 100644 index f5b0a34..0000000 --- a/home/manifests/alpine-playground/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - pod.yaml diff --git a/home/manifests/alpine-playground/pod.yaml b/home/manifests/alpine-playground/pod.yaml deleted file mode 100644 index e9e8492..0000000 --- a/home/manifests/alpine-playground/pod.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: alpine-playground - namespace: default - labels: - app: alpine-playground -spec: - containers: - - image: alpine - imagePullPolicy: IfNotPresent - name: alpine-playground - command: ["sh", "-c", "sleep 3600 && exit 1"] - restartPolicy: OnFailure diff --git a/home/manifests/initialization/argocd/kustomization.yaml b/home/manifests/argocd/kustomization.yaml similarity index 100% rename from home/manifests/initialization/argocd/kustomization.yaml rename to home/manifests/argocd/kustomization.yaml diff --git a/home/manifests/initialization/argocd/namespace.yaml b/home/manifests/argocd/namespace.yaml similarity index 100% rename from home/manifests/initialization/argocd/namespace.yaml rename to home/manifests/argocd/namespace.yaml diff --git a/home/manifests/echoserver/deployment.yaml b/home/manifests/echoserver/deployment.yaml deleted file mode 100644 index fbf71c2..0000000 --- a/home/manifests/echoserver/deployment.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: echoserver - namespace: echoserver -spec: - replicas: 1 - selector: - matchLabels: - app: echoserver - template: - metadata: - labels: - app: echoserver - spec: - containers: - - image: nginx:1.23.0-alpine - imagePullPolicy: IfNotPresent - name: echoserver - ports: - - containerPort: 80 - env: - - name: PORT - value: "80" diff --git a/home/manifests/echoserver/kustomization.yaml b/home/manifests/echoserver/kustomization.yaml deleted file mode 100644 index 4ffe4ee..0000000 --- a/home/manifests/echoserver/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - namespace.yaml - - service.yaml - - deployment.yaml diff --git a/home/manifests/echoserver/namespace.yaml b/home/manifests/echoserver/namespace.yaml deleted file mode 100644 index 8a31912..0000000 --- a/home/manifests/echoserver/namespace.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: echoserver diff --git a/home/manifests/echoserver/service.yaml b/home/manifests/echoserver/service.yaml deleted file mode 100644 index dca3ece..0000000 --- a/home/manifests/echoserver/service.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: echoserver - namespace: echoserver -spec: - ports: - - port: 80 - targetPort: 80 - protocol: TCP - type: LoadBalancer - selector: - app: echoserver diff --git a/home/manifests/initialization/kustomization.yaml b/home/manifests/initialization/kustomization.yaml deleted file mode 100644 index 8be1ee3..0000000 --- a/home/manifests/initialization/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - ./metallb/ - - ./argocd/ diff --git a/home/manifests/kustomization.yaml b/home/manifests/kustomization.yaml index e0fa0c6..8be1ee3 100644 --- a/home/manifests/kustomization.yaml +++ b/home/manifests/kustomization.yaml @@ -2,4 +2,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./initialization/ + - ./metallb/ + - ./argocd/ diff --git a/home/manifests/initialization/metallb/configmap.yaml b/home/manifests/metallb/configmap.yaml similarity index 100% rename from home/manifests/initialization/metallb/configmap.yaml rename to home/manifests/metallb/configmap.yaml diff --git a/home/manifests/initialization/metallb/kustomization.yaml b/home/manifests/metallb/kustomization.yaml similarity index 100% rename from home/manifests/initialization/metallb/kustomization.yaml rename to home/manifests/metallb/kustomization.yaml diff --git a/home/manifests/initialization/metallb/namespace.yaml b/home/manifests/metallb/namespace.yaml similarity index 100% rename from home/manifests/initialization/metallb/namespace.yaml rename to home/manifests/metallb/namespace.yaml diff --git a/home/readme.md b/home/readme.md index edb7c2c..3dcd139 100644 --- a/home/readme.md +++ b/home/readme.md @@ -33,21 +33,23 @@ set AGE_KEY (pass age-key | rg '# public key: ' | awk '{printf $4}') - Setup talos directory if needed - `mkdir -p talos; cd talos` -- Boot the Talos image on the initial node - If you are not using _this_ configuration: - `talosctl gen config "$CLUSTER_NAME" "$CLUSTER_ENDPOINT"` - - Edit files as needed + - Edit files as needed, making sure only one of the controlplane nodes is the `endpoint` in the `talosconfig` - `mv talosconfig talosconfig.yaml` - Encrypt via `sops` with `age` - `for f in *; sops yaml --encrypt --age-key "$AGE_KEY" --in-place "$f"; end` -- Apply the control plane config to the initial node - - `sops exec-file controlplane.yaml 'talosctl apply-config --insecure --nodes '"$NODE_ADDR"' --file {}'` - - You will need to wait a bit for the configuration to be applied, Talos to - install itself, for the node to reboot, and for post-boot initialization -- Setup the client to communicate with the newly-configured node - - `sops --set '["contexts"]["'"$CLUSTER_NAME"'"]["endpoints"][0] "'"$NODE_ADDR"'"' talosconfig.yaml` - - `sops --set '["contexts"]["'"$CLUSTER_NAME"'"]["nodes"][0] "'"$NODE_ADDR"'"' talosconfig.yaml` - - Optionally also make this the default in `~/.talos/config` with `sops exec-file talosconfig.yaml 'talosctl config merge {}'` +- Setup the `talosctl` client to use your configuration + - `sops exec-file talosconfig.yaml 'talosctl config merge {}'` +- For each node in the cluster as specified in `talosconfig.yaml`, do the + following: + - Boot the Talos image on the node + - Disconnect boot media from the node after it's booted otherwise your + Ventoy will get wiped + - Apply the appropriate configuration to the node + - `sops exec-file (controlplane.yml|worker.yml) 'talosctl apply-config --insecure --nodes '"$NODE_ADDR"' --file {}'` + - This can take a moment to finish, but you can move on to the next node + while you wait - Bootstrap the cluster - `talosctl bootstrap --nodes "$NODE_ADDR"` - You will need to wait a bit for Kubernetes to initialize @@ -59,18 +61,26 @@ able to `kubectl get nodes`. #### Adding Nodes -> **NOTE**: UNTESTED +> **TODO**: This process is untested! - Boot the Talos image on the target node - Add the node to `talosconfig.yaml` -- Apply the appropriate configuration to the target node - - `sops exec-file "$CONFIG_FILE" 'talosctl apply-config --insecure --nodes "$NODE_ADDR" --file {}'` - - You will need to wait a bit for Kubernetes to initialize, start up, and - then join the cluster + - `sops talos/talosconfig.yaml` +- Setup the `talosctl` client to use your configuration + - `sops exec-file talos/talosconfig.yaml 'talosctl config merge {}'` +- Apply the appropriate configuration to all nodes in the cluster #### Removing Nodes -- **TODO** +> **TODO**: This process is untested! + +- Cordon and drain the node +- Remove the node from `talosconfig.yaml` + - `sops talos/talosconfig.yaml` +- Update the `talosctl` client to use your configuration + - `sops exec-file talos/talosconfig.yaml 'talosctl config merge {}'` +- Apply the appropriate configuration to all nodes in the cluster +- Power down the node #### Untaint Masters @@ -83,6 +93,8 @@ kubectl taint nodes --all node-role.kubernetes.io/master- ### Apply Manifests +Currently, all my manifests are managed from a single Kustomize: + ```bash kubectl apply -k manifests ```