Simplify talosconfig
This commit is contained in:
parent
92e6796602
commit
55b050588e
|
@ -22,21 +22,31 @@
|
|||
|
||||
> **Source**: https://www.talos.dev/v1.1/introduction/getting-started/
|
||||
|
||||
```bash
|
||||
#!/usr/bin/env fish
|
||||
# these are my values, you will want your own
|
||||
set CLUSTER_NAME 'home'
|
||||
set CLUSTER_ENDPOINT 'https://kube-cluster.home.lyte.dev:6443'
|
||||
set NODE_ADDR '10.0.0.101'
|
||||
set AGE_KEY (pass age-key | rg '# public key: ' | awk '{printf $4}')
|
||||
```
|
||||
|
||||
- Setup talos directory if needed
|
||||
- `mkdir -p talos; cd talos`
|
||||
- Boot the Talos image on the initial node
|
||||
- If you are not using _this_ configuration:
|
||||
- `talosctl gen config "$CLUSTER_NAME" "$CLUSTER_ENDPOINT"`
|
||||
- Edit files as needed
|
||||
- `mv talosconfig talosconfig.yaml`
|
||||
- Encrypt via `sops` with `age`
|
||||
- `for f in *; sops --encrypt --age-key "$AGE_KEY" --in-place "$f"; end`
|
||||
- `for f in *; sops yaml --encrypt --age-key "$AGE_KEY" --in-place "$f"; end`
|
||||
- Apply the control plane config to the initial node
|
||||
- `sops exec-file controlplane.yaml 'talosctl apply-config --insecure --nodes "$NODE_ADDR" --file {}'`
|
||||
- `sops exec-file controlplane.yaml 'talosctl apply-config --insecure --nodes '"$NODE_ADDR"' --file {}'`
|
||||
- You will need to wait a bit for the configuration to be applied, Talos to
|
||||
install itself, for the node to reboot, and for post-boot initialization
|
||||
- Setup the client to communicate with the newly-configured node
|
||||
- `sops --set '["contexts"]["'"$CLUSTER_NAME"'"]["endpoints"] ["'"$NODE_ADDR"'"]' talosconfig`
|
||||
- Optionally also make this the default in `~/.talos/config` with `sops exec-file talosconfig 'talosctl config merge {}'`
|
||||
- `sops --set '["contexts"]["'"$CLUSTER_NAME"'"]["endpoints"] ["'"$NODE_ADDR"'"]' talosconfig.yaml`
|
||||
- Optionally also make this the default in `~/.talos/config` with `sops exec-file talosconfig.yaml 'talosctl config merge {}'`
|
||||
- Bootstrap the cluster
|
||||
- `talosctl bootstrap --nodes "$NODE_ADDR"`
|
||||
- You will need to wait a bit for Kubernetes to initialize
|
||||
|
|
|
@ -1,20 +0,0 @@
|
|||
{
|
||||
"data": "ENC[AES256_GCM,data:FUBoK1fRvUkqeWeGgb1bHzloj4PwbEjlq+Y1tOkAkuY/f/r0RdjMfVXi9xDsWH9CsDo+C1z5hzzG6BULdvdxSuZl8Rqt6rugZ9otHjhrE4Q0VK0qNcV0YAcw7EEVkxTSmfkoUSf/eNLMTtWfvV/Kg/YHcqy+ycfVPHGgHvNgLglwY/gldpYi1nnOzzvLUUDZofLIMnm1tfRxPQdtDCZfr6cdcbVz2/DBAFd5JKxW+jgy0D9CLJZELUzwFgLJyPgs0bzDH+3POWzTilM9W6RDQH78V9He2NO+Id0cV84am+y/FKcN0LVxyE7hnmC90ZTbWwt83+xMKWfK9kYKPFv2W47aahIOm8ATu6YYtplQlaBPQgyvcvrf8lQ/QD11B73TZswL8wr+rzNG+XxqaCiUcxZ5xKHqPLsrF/FrOlA2esfCf/iU955RXIYgYBiKz7Q+UvHtTjPQ62pUQFmGfIHNmlHffOYnYar4ge2ytOzSJOY1RwtmdBS7p9Watot/BEgCJyqyynfmePfKVbJn9u5a4bcvpsnJUV6tQFw1rIbQt8n8l32ShV/aZX50sCfjr6Q99pRwT9GFQ+zgRzNlnB38tKQYnfWg/974gB9L7PoROeLfOiY/xaeZxfH66QnHxswze2dMR/dl4PBovanOf+ttsDZOa7mzx8wxEiNNkzAL64e/65G9geWvTn3MICBDV/IzixNvzS7Wsyvtybocs7/yyr4COEklYnhUOBFYEfm2H5S4yFwbFClXFb7g9AY2j7NR9MiRZu3XtDUPnp0643V1tGE9Ddcv3U9oSdWU6vT8uAEDy0xqBuPuxY8PhPOmFd0f3BQ4XHisVOekIvpWWgf+oIzsE45wWIhzOGTR14pcfVIvCAHFbhFANX4tYKukUYTszrqYsECPx65KHEnZB7hLBv0FRjDHB5genRUOqENvpocvYQZDKPagN/PfvWckLb3GchEubPe5QnqCVF29PVn3Ulr/Tc0E7afdtHkC2367IbHnKiCjRG/UB72XGqtkL8s3XgGxE+vNuEzBTYVGeySF4I4d1BoLa8hO8BMzVmC3IMFto8lH1DuF/8/VOqBQfeZoONpRRvUtFbszFqoI+GnVQmrL4mIikKTGMdTrP/l1xc1QJkuemzM+S3ZSW+D0i+ITBLdJAtcnuDuqp6yw0lLdSgGEKFw6ggLgUZQSh3aIu0BGt3u3KV8ZsrCDa5OOLbzLrYcMaVkLInJeFsfDgaJYsSi9TIwgcOHG0cfFw+TpmoJUMIdwkAhW5yhq4b5nmFZrO1kiWxsu5W3NG+lu/M0TJV+iNWzpXIDdFVJew7pNaw5WfbM5SxNSDNakXwHdJC+5WZ1i6HKyGzKC/xBB98HWCif7NTAjBNcNhrm6HNxGI1kyf7BjPUHl8Aa/tPZJg4IuqzowsIsKkWxgWBDPx035E8nvZ1+sTbXff/vqtIdlTXlUJLz4W+3EVCo79dKiyJ/7tmgPfz0beJaMxKu4KKeopxhq7XmPqRzU950Gzzr57kW/Y5+ChV5lA9u55c52UoTC67eqdw0KNs6lpK2lwqQdZefNx7ktHro6l/K/a8ql8/Lslg4w2wbP8sGrtBI0Ty+G7Dkl6sKJevg6WncVg3PT4jgdYlsDuuURhxGb3U2vC0SIVghf1zHsrKyK/rTOnYMgDcf8aHMYwlikrJVdYNkdFatHaQtMXFpi/NhoBCF/NROKUlHLncQIjSLNJcfHXa0LieglVtNEQyhZ3vSXh5TLEn9roZ+b0vmYjZnBjY4tUIVozcgDy5g7KnSPXu7Sjw7Y7r10+eh7UlQeGR9hUZ5cU7AAHUwLdkauzAfueZjHIKx7tqPmhiJFhuOVyqPlPpQhQi9LahLgY6wH5Q4XTdtCHrJwgG7jR44JFCaraC0Epbea4FJDS2r2pQ4uPYPR2W84rO5kM4ydk/oBJFV2sPYhAMVpXxoC6Q2BUBrElyJghuklbW9xtzEEZ5ADaNWPkfhPHWEpPmkTCihkMSgLRLR2LkgNDL+xj2gfItpHQctMgKwSUsY5MN9rB+XdqrGIPNCMNXeg1EPIG5jwkEv/M7wylUBHBGi5+kkv6EvfXqo9h6wgzg0fNnvLiCatZwsvIGnJ4OfTgYtSsCCptFeedWCmg0BveqNnn4rI3vB0sPrmIeQJ8pjrVVrnvab6dZnTU/y+FfB+,iv:6x0EQU4VG+UoXQRoHHrMSpnJXzlY94mnzWQAV7HD/FU=,tag:kYS5e1ml5inLAzadEakKXg==,type:str]",
|
||||
"sops": {
|
||||
"kms": null,
|
||||
"gcp_kms": null,
|
||||
"azure_kv": null,
|
||||
"hc_vault": null,
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age1stdue5q5teskee057ced6rh9pzzr93xsy66w4sc3zu49rgxl7cjshztt45",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1TEx6VE9meXdremlCRnYw\ncVdXL3VsbXNtc09rTVBrZWpWNG15U2VUTUh3CnZTS25mVGdMWWFGKzBJUmk4MlNu\nKzc0bjZDVS9VRXdveEUxZmZLT1lEZ0UKLS0tIDFzQlB1ZGV1SFhYUnFRRjJSTENR\nT0kwajVLWEg2QnFBaFQxVUd0ajJIaGsKIKGWG26vdayVGx1lzGbkp9sfdkLGTaiG\nLzUFijaQaDhPU2fcD1eTqcSRO3YIbOag+9RGAmktOat1HfeKUcDBog==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2022-07-05T18:57:23Z",
|
||||
"mac": "ENC[AES256_GCM,data:6HhQJRRpb41XMP9taxWV045lZeNCSpfCadocpERvuMeYvD/zr8khvVUa7qJYwho8JtadnlpXxzgZo0egtLgnTf5DQbJSU4teKGTNEgSYmWTBgF8Xl/rOYPLcfR+XaeKrGd/kD3d9hg2d/r+yq96VuVuBCSWTq54bdMsnqNdbO94=,iv:aCeDCPEyy2zuN4hdA8b/LKv18Awq5WAi0aTOxX6w0Ws=,tag:3Xqw3RMz2d4iJfDgydYwLw==,type:str]",
|
||||
"pgp": null,
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.7.3"
|
||||
}
|
||||
}
|
30
home/talos/talosconfig.yaml
Normal file
30
home/talos/talosconfig.yaml
Normal file
|
@ -0,0 +1,30 @@
|
|||
context: ENC[AES256_GCM,data:NZOysQ==,iv:gzOWxJneFlV7GPOLEzGWKh22Y9NVX5O8JnczqBuIDcI=,tag:mz9vPyAM8j6cGg0K3HXYuQ==,type:str]
|
||||
contexts:
|
||||
home:
|
||||
endpoints:
|
||||
- ENC[AES256_GCM,data:5VEOHOW9Wb5uBw==,iv:QdAOk4iB9cOZ72JsL7AsMuDUjbzYvjt/XGa0Tag8Kzk=,tag:69bVCOngR5apk/0hvKF0Qw==,type:str]
|
||||
nodes:
|
||||
- ENC[AES256_GCM,data:+5ou1LjHK8I/rw==,iv:NSmOyUckIxCIlJp0zxwUyenyh1y/eVxjzWSTN29KXgg=,tag:pE+VokF9ILfVS0HRnsZtBw==,type:str]
|
||||
ca: ENC[AES256_GCM,data:cC3shZmH3HMIoIdXzWGfktJ5oWT6KjW9ddzNko6oBpOTC3RFPxTkAp7YLjocUgSjflPLdXKHroGMLDz9GUsnV9B5VSyGSbz8uaR/cbK82I4S7poiZeiQ+elIPjhg+foAjDDdQm9CcSqW/dyf++OocIK20imSklnUQiZ/MfR0wgrcRSPfEs0DYsrXAhbL9k/wJcxkjoTJBkYuYzIB/vqtNqrb0Mc/RZsG5gWIzmITWdvwDTao/j1uN4t2aA9hcerl7RCRznCQtznm6OEk4UWjo1FDA4J15zMIUZBw0DfY/u1/0xSZUCA20iua83D0gyQ32pBGea/yVbOeEX6LMQGQAFCt0JRXPKzSAqBmSUp+Nzm84fo+odHbbU+fVMME0BqSpkF859c73qXniS/2ACKGDcHn40cPDruz3lzHadmdQFOZV/RtriM78vbnBLwjAAVl3wG7+l0yQzFp+k2vjVnCXnnnlvZyt2l7TkcfctS2nRb1tvEfJl42pZxopTaaAYqJSZto3gMGKwZXklT+VBVaOr0p8EDJYsVdRAWNLOgETGueH4yQJQKj4k4GsyHrokHM6FY6ERuEkFtIDgY+wRZBb+ockgJk9vBL4RAxUYgEOfmZ4aWTY+EuzQ6LUy5zvcH6kazJnKJSXoS1NEHxTrJMlu+NRxPYEkdgIhiqpn+zTzQBrxT4igO5RB3vgwL6j8WDnzKI1eITzzN+Q4SZk7vQqP5QTDnjRZZJJY9oPMi9SSrMmBp5s1noOJLIqAwQLKVa5ZjD4MKGQPPhse/1i+Un6IIVwRuQp3rxfL4mm56PwwiBpMvXPAP+EZtr3fqfOIy1MisirTj41gmQtwc8VoQijre8KAKBq/shTQwWy4axLmKBYKnA,iv:8U5eMYpui9k0xcr4qEH8FOdJnLY5G5iC6nBbTjP71Zo=,tag:LV1W9mO3KV1ZfRvxU6pltw==,type:str]
|
||||
crt: ENC[AES256_GCM,data:JFwroJueVl9UBzFQwe5C+FD/ww7EryBFi+YEMsgp3OzLE9Ci9B14ja8afL7G1c6mr31ZvHFfs4U1Ij5hh2R4jLGQbVCp/OI/5ZxCjzopypxuP2HeAhUgnIwBaS6pQNpCUGHHScc4JpH2rHLi2gPtwuQ5WXsPwtF0TkwCiw1f0+QcPqqWs99D+jm4hiqJEqVoatx79jHEoqviSoll7K3JS3yfB1hfOq05r57c2lHEEJGFn/3aEE7Z7jgYUs2zDvIacUTZN+VWVbb57f4Zle48+xuxuiezJofFOoHWpj+usdipCoV0bpidutIjH2F9nmTeeCcasHDOqMR5IdPcDFCeY7mkY+2qGS+Y9QHAypRs13wMPcrM8iFuOd6eqyzFhHR0bxSmRnsb68CEAF6Bd8Z4s/Z6taOsa/tOm5ittFQwESin3yvHBN1lA66i+zlW0lxKlpSLM2k//AB9lAUaV7yuxUgx2mHQ6bkXXTEA307Eym0HIEqyDGsZGfBSNMVblfDyd5yeKZAPBKugg5xSlZe89j72LeJbT92qutiIOworWCA0DFERo0gKH+UKFTtt2Jw83rX3HfGSkzMtWxo1D+CLMEweqDfcDBht7nQCU9VCkY2sllGhH791+wRklqlgLFvaH7xTFXGkvR+DD8KJdzRybDSW+H+MvWnodUomo0nhCStFY1Gy+HFwLy5VQUTD+6Lwk1BYz0AS3tMvJii/C67JuOUSvrCkv94JgMepoeg1rXuIKIowEqOhz8+XmO6DnASoTASmBweRutm/h9dovfZUq6dymvXYxYxhOQ67LFUq75MQSBBPOjfve1HmsIGGpCtOt9bxZmWtu9YAxPel,iv:Tuy58blNTMHEnLWkgo0sOMjwl41KABK5nqmLOFO9aAQ=,tag:aM29zOmwmoExKqn+UTvrWQ==,type:str]
|
||||
key: ENC[AES256_GCM,data:OexgSMZDgpdc6jjx+3R1ddXutztaSX8s8p4lt5ufm0bpYvJRztcBYjAw1tpk9Upp15rXRHaZpKDh3mZwsC6j5737pys56tE5F5aOw2UwlstK15XF6zQetzCfJFGwozEcEeDtSPhaThcnVidYP2GU0GUE3uRZBkeDcpkF2yn1azt2qYUe020miOv8JwV6seGXvTvzNGlTIssoyBuqXPI9jJpsXTaI1GqQYDbdggGNWZ1hBiYu,iv:Pn4vIpmyQGZnkF4aA4IdJ2aIDQDI6W/8FHpduKO0kOU=,tag:oS8jNxbJogQAH/Qj2ghY4g==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1stdue5q5teskee057ced6rh9pzzr93xsy66w4sc3zu49rgxl7cjshztt45
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMVDJ2TXJ2ZmxUNFFrZmFq
|
||||
blRubHo4QThrSzFXalVHck82RzVWVzVjSXlZCldoaGpYYk0rSzlpVmdzMzQ0MXRn
|
||||
c1dxRi9oaVhXc1B4NXNEK3kyQTBnYUkKLS0tIG1kQk1zTm5Mb013YTc4d2JPc3N0
|
||||
K0ZSdkdJVERYNUZLeVV3cHJnT3FzekkK2mXf8DZPNU1wN6h96hewpPwUOrGr4Kv9
|
||||
jYnpPIrdy0kyAKKEvWZse7PZfOQbKz2XQLYjWbqQnC9gdtC3hRJwlA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2022-07-06T17:10:52Z"
|
||||
mac: ENC[AES256_GCM,data:bIQQ8YhWDJgtabQrAPuatRWKaylky513lfMhJMWxNnTTwsZ9z8JvXxfTYYZWzYxBE2oykVykLm4//VPpAhYoNDy8nksZzmmmUtTGVf3WhE5yY5HzLLP3uRtFo6ZEm6X7dXSY9IyXB7DDRxOxQKnMo1jXq8SPS/rOw/qk6kbjnsE=,iv:2SmCY5xp0BRgo7z03YgJHlUb5T69YelztMf/ghsiifc=,tag:236Vnk8D53O9qb69wail0g==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
Loading…
Reference in a new issue