Cleanup
This commit is contained in:
parent
aa268d68e1
commit
5001b2f0c1
|
@ -1,5 +0,0 @@
|
||||||
---
|
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
||||||
kind: Kustomization
|
|
||||||
resources:
|
|
||||||
- pod.yaml
|
|
|
@ -1,14 +0,0 @@
|
||||||
apiVersion: v1
|
|
||||||
kind: Pod
|
|
||||||
metadata:
|
|
||||||
name: alpine-playground
|
|
||||||
namespace: default
|
|
||||||
labels:
|
|
||||||
app: alpine-playground
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- image: alpine
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
name: alpine-playground
|
|
||||||
command: ["sh", "-c", "sleep 3600 && exit 1"]
|
|
||||||
restartPolicy: OnFailure
|
|
|
@ -1,24 +0,0 @@
|
||||||
apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
name: echoserver
|
|
||||||
namespace: echoserver
|
|
||||||
spec:
|
|
||||||
replicas: 1
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app: echoserver
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: echoserver
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- image: nginx:1.23.0-alpine
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
name: echoserver
|
|
||||||
ports:
|
|
||||||
- containerPort: 80
|
|
||||||
env:
|
|
||||||
- name: PORT
|
|
||||||
value: "80"
|
|
|
@ -1,7 +0,0 @@
|
||||||
---
|
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
||||||
kind: Kustomization
|
|
||||||
resources:
|
|
||||||
- namespace.yaml
|
|
||||||
- service.yaml
|
|
||||||
- deployment.yaml
|
|
|
@ -1,4 +0,0 @@
|
||||||
apiVersion: v1
|
|
||||||
kind: Namespace
|
|
||||||
metadata:
|
|
||||||
name: echoserver
|
|
|
@ -1,13 +0,0 @@
|
||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
name: echoserver
|
|
||||||
namespace: echoserver
|
|
||||||
spec:
|
|
||||||
ports:
|
|
||||||
- port: 80
|
|
||||||
targetPort: 80
|
|
||||||
protocol: TCP
|
|
||||||
type: LoadBalancer
|
|
||||||
selector:
|
|
||||||
app: echoserver
|
|
|
@ -1,6 +0,0 @@
|
||||||
---
|
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
||||||
kind: Kustomization
|
|
||||||
resources:
|
|
||||||
- ./metallb/
|
|
||||||
- ./argocd/
|
|
|
@ -2,4 +2,5 @@
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- ./initialization/
|
- ./metallb/
|
||||||
|
- ./argocd/
|
||||||
|
|
|
@ -33,21 +33,23 @@ set AGE_KEY (pass age-key | rg '# public key: ' | awk '{printf $4}')
|
||||||
|
|
||||||
- Setup talos directory if needed
|
- Setup talos directory if needed
|
||||||
- `mkdir -p talos; cd talos`
|
- `mkdir -p talos; cd talos`
|
||||||
- Boot the Talos image on the initial node
|
|
||||||
- If you are not using _this_ configuration:
|
- If you are not using _this_ configuration:
|
||||||
- `talosctl gen config "$CLUSTER_NAME" "$CLUSTER_ENDPOINT"`
|
- `talosctl gen config "$CLUSTER_NAME" "$CLUSTER_ENDPOINT"`
|
||||||
- Edit files as needed
|
- Edit files as needed, making sure only one of the controlplane nodes is the `endpoint` in the `talosconfig`
|
||||||
- `mv talosconfig talosconfig.yaml`
|
- `mv talosconfig talosconfig.yaml`
|
||||||
- Encrypt via `sops` with `age`
|
- Encrypt via `sops` with `age`
|
||||||
- `for f in *; sops yaml --encrypt --age-key "$AGE_KEY" --in-place "$f"; end`
|
- `for f in *; sops yaml --encrypt --age-key "$AGE_KEY" --in-place "$f"; end`
|
||||||
- Apply the control plane config to the initial node
|
- Setup the `talosctl` client to use your configuration
|
||||||
- `sops exec-file controlplane.yaml 'talosctl apply-config --insecure --nodes '"$NODE_ADDR"' --file {}'`
|
- `sops exec-file talosconfig.yaml 'talosctl config merge {}'`
|
||||||
- You will need to wait a bit for the configuration to be applied, Talos to
|
- For each node in the cluster as specified in `talosconfig.yaml`, do the
|
||||||
install itself, for the node to reboot, and for post-boot initialization
|
following:
|
||||||
- Setup the client to communicate with the newly-configured node
|
- Boot the Talos image on the node
|
||||||
- `sops --set '["contexts"]["'"$CLUSTER_NAME"'"]["endpoints"][0] "'"$NODE_ADDR"'"' talosconfig.yaml`
|
- Disconnect boot media from the node after it's booted otherwise your
|
||||||
- `sops --set '["contexts"]["'"$CLUSTER_NAME"'"]["nodes"][0] "'"$NODE_ADDR"'"' talosconfig.yaml`
|
Ventoy will get wiped
|
||||||
- Optionally also make this the default in `~/.talos/config` with `sops exec-file talosconfig.yaml 'talosctl config merge {}'`
|
- Apply the appropriate configuration to the node
|
||||||
|
- `sops exec-file (controlplane.yml|worker.yml) 'talosctl apply-config --insecure --nodes '"$NODE_ADDR"' --file {}'`
|
||||||
|
- This can take a moment to finish, but you can move on to the next node
|
||||||
|
while you wait
|
||||||
- Bootstrap the cluster
|
- Bootstrap the cluster
|
||||||
- `talosctl bootstrap --nodes "$NODE_ADDR"`
|
- `talosctl bootstrap --nodes "$NODE_ADDR"`
|
||||||
- You will need to wait a bit for Kubernetes to initialize
|
- You will need to wait a bit for Kubernetes to initialize
|
||||||
|
@ -59,18 +61,26 @@ able to `kubectl get nodes`.
|
||||||
|
|
||||||
#### Adding Nodes
|
#### Adding Nodes
|
||||||
|
|
||||||
> **NOTE**: UNTESTED
|
> **TODO**: This process is untested!
|
||||||
|
|
||||||
- Boot the Talos image on the target node
|
- Boot the Talos image on the target node
|
||||||
- Add the node to `talosconfig.yaml`
|
- Add the node to `talosconfig.yaml`
|
||||||
- Apply the appropriate configuration to the target node
|
- `sops talos/talosconfig.yaml`
|
||||||
- `sops exec-file "$CONFIG_FILE" 'talosctl apply-config --insecure --nodes "$NODE_ADDR" --file {}'`
|
- Setup the `talosctl` client to use your configuration
|
||||||
- You will need to wait a bit for Kubernetes to initialize, start up, and
|
- `sops exec-file talos/talosconfig.yaml 'talosctl config merge {}'`
|
||||||
then join the cluster
|
- Apply the appropriate configuration to all nodes in the cluster
|
||||||
|
|
||||||
#### Removing Nodes
|
#### Removing Nodes
|
||||||
|
|
||||||
- **TODO**
|
> **TODO**: This process is untested!
|
||||||
|
|
||||||
|
- Cordon and drain the node
|
||||||
|
- Remove the node from `talosconfig.yaml`
|
||||||
|
- `sops talos/talosconfig.yaml`
|
||||||
|
- Update the `talosctl` client to use your configuration
|
||||||
|
- `sops exec-file talos/talosconfig.yaml 'talosctl config merge {}'`
|
||||||
|
- Apply the appropriate configuration to all nodes in the cluster
|
||||||
|
- Power down the node
|
||||||
|
|
||||||
#### Untaint Masters
|
#### Untaint Masters
|
||||||
|
|
||||||
|
@ -83,6 +93,8 @@ kubectl taint nodes --all node-role.kubernetes.io/master-
|
||||||
|
|
||||||
### Apply Manifests
|
### Apply Manifests
|
||||||
|
|
||||||
|
Currently, all my manifests are managed from a single Kustomize:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
kubectl apply -k manifests
|
kubectl apply -k manifests
|
||||||
```
|
```
|
||||||
|
|
Loading…
Reference in a new issue