infra/metal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

WIP

Browse Source
This commit is contained in:
Dreaded_X
2026-03-02 05:05:33 +01:00
parent 08c1d0c605
commit 94bb61f28a
31 changed files with 1243 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
crete/.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
target/

287
crete/Cargo.lock generated Normal file
View File

@@ -0,0 +1,287 @@
# This file is automatically @generated by Cargo.
# It is not intended for manual editing.
version = 4
[[package]]
name = "allocator-api2"
version = "0.2.21"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "683d7910e743518b0e34f1186f92494becacb047c7b6bf616c96772180fef923"
[[package]]
name = "crete"
version = "0.1.0"
dependencies = [
"optional_struct",
"regress",
"repo_path_lib",
"schemars",
"semver",
"serde",
"serde_json",
"serde_yaml",
]
[[package]]
name = "dyn-clone"
version = "1.0.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d0881ea181b1df73ff77ffaaf9c7544ecc11e82fba9b5f27b262a3c73a332555"
[[package]]
name = "equivalent"
version = "1.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "877a4ace8713b0bcf2a4e7eec82529c029f1d0619886d18145fea96c3ffe5c0f"
[[package]]
name = "foldhash"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "77ce24cb58228fbb8aa041425bb1050850ac19177686ea6e0f41a70416f56fdb"
[[package]]
name = "hashbrown"
version = "0.16.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "841d1cc9bed7f9236f321df977030373f4a4163ae1a7dbfe1a51a2c1a51d9100"
dependencies = [
"allocator-api2",
"equivalent",
"foldhash",
]
[[package]]
name = "indexmap"
version = "2.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7714e70437a7dc3ac8eb7e6f8df75fd8eb422675fc7678aff7364301092b1017"
dependencies = [
"equivalent",
"hashbrown",
]
[[package]]
name = "itoa"
version = "1.0.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "92ecc6618181def0457392ccd0ee51198e065e016d1d527a7ac1b6dc7c1f09d2"
[[package]]
name = "memchr"
version = "2.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f8ca58f447f06ed17d5fc4043ce1b10dd205e060fb3ce5b979b8ed8e59ff3f79"
[[package]]
name = "optional_struct"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "14199f59efce6ed2c5854f0abc725c32eedfbd02c6ef82c9733c726f3fc6dc91"
dependencies = [
"optional_struct_macro",
"serde",
]
[[package]]
name = "optional_struct_macro"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e5eba042d9efe5e108e0df9ce2f85c540fc4f94f41c6821cbcf70ed47c1221da"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "proc-macro2"
version = "1.0.106"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8fd00f0bb2e90d81d1044c2b32617f68fcb9fa3bb7640c23e9c748e53fb30934"
dependencies = [
"unicode-ident",
]
[[package]]
name = "quote"
version = "1.0.44"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "21b2ebcf727b7760c461f091f9f0f539b77b8e87f2fd88131e7f1b433b3cece4"
dependencies = [
"proc-macro2",
]
[[package]]
name = "ref-cast"
version = "1.0.25"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f354300ae66f76f1c85c5f84693f0ce81d747e2c3f21a45fef496d89c960bf7d"
dependencies = [
"ref-cast-impl",
]
[[package]]
name = "ref-cast-impl"
version = "1.0.25"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b7186006dcb21920990093f30e3dea63b7d6e977bf1256be20c3563a5db070da"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "regress"
version = "0.10.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2057b2325e68a893284d1538021ab90279adac1139957ca2a74426c6f118fb48"
dependencies = [
"hashbrown",
"memchr",
]
[[package]]
name = "repo_path_lib"
version = "1.2.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9d4f67a73ddc563e6fb8bac035c9c76de29af2e4ad6031dc49bb5a2cd0742fca"
[[package]]
name = "ryu"
version = "1.0.23"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9774ba4a74de5f7b1c1451ed6cd5285a32eddb5cccb8cc655a4e50009e06477f"
[[package]]
name = "schemars"
version = "1.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a2b42f36aa1cd011945615b92222f6bf73c599a102a300334cd7f8dbeec726cc"
dependencies = [
"dyn-clone",
"ref-cast",
"schemars_derive",
"semver",
"serde",
"serde_json",
]
[[package]]
name = "schemars_derive"
version = "1.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7d115b50f4aaeea07e79c1912f645c7513d81715d0420f8bc77a18c6260b307f"
dependencies = [
"proc-macro2",
"quote",
"serde_derive_internals",
"syn",
]
[[package]]
name = "semver"
version = "1.0.27"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d767eb0aabc880b29956c35734170f26ed551a859dbd361d140cdbeca61ab1e2"
dependencies = [
"serde",
"serde_core",
]
[[package]]
name = "serde"
version = "1.0.228"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9a8e94ea7f378bd32cbbd37198a4a91436180c5bb472411e48b5ec2e2124ae9e"
dependencies = [
"serde_core",
"serde_derive",
]
[[package]]
name = "serde_core"
version = "1.0.228"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "41d385c7d4ca58e59fc732af25c3983b67ac852c1a25000afe1175de458b67ad"
dependencies = [
"serde_derive",
]
[[package]]
name = "serde_derive"
version = "1.0.228"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d540f220d3187173da220f885ab66608367b6574e925011a9353e4badda91d79"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "serde_derive_internals"
version = "0.29.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "18d26a20a969b9e3fdf2fc2d9f21eda6c40e2de84c9408bb5d3b05d499aae711"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "serde_json"
version = "1.0.149"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "83fc039473c5595ace860d8c4fafa220ff474b3fc6bfdb4293327f1a37e94d86"
dependencies = [
"itoa",
"memchr",
"serde",
"serde_core",
"zmij",
]
[[package]]
name = "serde_yaml"
version = "0.9.34+deprecated"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6a8b1a1a2ebf674015cc02edccce75287f1a0130d394307b36743c2f5d504b47"
dependencies = [
"indexmap",
"itoa",
"ryu",
"serde",
"unsafe-libyaml",
]
[[package]]
name = "syn"
version = "2.0.117"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e665b8803e7b1d2a727f4023456bbbbe74da67099c585258af0ad9c5013b9b99"
dependencies = [
"proc-macro2",
"quote",
"unicode-ident",
]
[[package]]
name = "unicode-ident"
version = "1.0.24"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e6e4313cd5fcd3dad5cafa179702e2b244f760991f45397d14d4ebf38247da75"
[[package]]
name = "unsafe-libyaml"
version = "0.2.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "673aac59facbab8a9007c7f6108d11f63b603f7cabff99fabf650fea5c32b861"
[[package]]
name = "zmij"
version = "1.0.21"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b8848ee67ecc8aedbaf3e4122217aff892639231befc6a1b58d29fff4c2cabaa"

15
crete/Cargo.toml Normal file
View File

@@ -0,0 +1,15 @@
[package]
name = "crete"
version = "0.1.0"
edition = "2024"
default-run = "crete"
[dependencies]
optional_struct = "0.5.2"
regress = "0.10.5"
repo_path_lib = "1.2.4"
schemars = { version = "1.2.1", features = ["semver1"] }
semver = { version = "1.0.27", features = ["serde"] }
serde = { version = "1.0.228", features = ["derive"] }
serde_json = "1.0.149"
serde_yaml = "0.9.34"

23
crete/src/bin/schemas.rs Normal file
View File

@@ -0,0 +1,23 @@
use std::{fs::File, io::Write};
use crete::{cluster::Cluster, node::OptionalNode};
use repo_path_lib::repo_dir;
use schemars::{JsonSchema, schema_for};
fn write<T>(name: &str)
where
T: JsonSchema,
{
let mut path = repo_dir().join("schemas").join(name);
path.add_extension("json");
let mut file = File::create(path).unwrap();
let schema = serde_json::to_string_pretty(&schema_for!(T)).unwrap();
file.write_all(schema.as_bytes()).unwrap();
}
// TODO: Create directory if it does not exist
fn main() {
write::<Cluster>("cluster");
write::<OptionalNode>("node");
}

62
crete/src/cluster.rs Normal file
View File

@@ -0,0 +1,62 @@
use std::net::Ipv4Addr;
use schemars::JsonSchema;
use serde::Deserialize;
use crate::{
base_dir,
node::{Node, OptionalNode},
patch::Patches,
};
#[derive(Debug, Deserialize, JsonSchema, Clone)]
#[serde(rename_all = "camelCase", deny_unknown_fields)]
pub struct Base {
#[serde(default)]
pub(crate) kernel_args: Vec<String>,
#[serde(default)]
pub(crate) patches: Patches,
}
// TODO: Extra version validation? Make sure it exists?
#[derive(Debug, Deserialize, JsonSchema, Clone)]
#[serde(rename_all = "camelCase", deny_unknown_fields)]
pub struct Version {
kubernetes: semver::Version,
talos: semver::Version,
}
#[derive(Debug, Deserialize, JsonSchema, Clone)]
#[serde(rename_all = "camelCase", deny_unknown_fields)]
pub struct Cluster {
#[serde(skip_deserializing)]
name: String,
version: Version,
nodes: Vec<String>,
production: bool,
control_plane_ip: Ipv4Addr,
#[serde(default)]
pub(crate) default: OptionalNode,
pub(crate) base: Base,
// pub secrets_file: PathBuf,
}
impl Cluster {
pub fn get(cluster_name: &str) -> Self {
let mut path = base_dir().join("clusters").join(cluster_name);
path.add_extension("yaml");
let content = std::fs::read_to_string(path).unwrap();
let mut cluster: Self = serde_yaml::from_str(&content).unwrap();
cluster.name = cluster_name.to_string();
cluster
}
pub fn nodes(&self) -> Vec<Node> {
self.nodes
.iter()
.map(|node_name| Node::get(self.clone(), node_name))
.collect()
}
}

11
crete/src/lib.rs Normal file
View File

@@ -0,0 +1,11 @@
pub mod cluster;
pub mod node;
pub mod patch;
use std::path::PathBuf;
use repo_path_lib::repo_dir;
fn base_dir() -> PathBuf {
repo_dir().join("talos")
}

7
crete/src/main.rs Normal file
View File

@@ -0,0 +1,7 @@
use crete::cluster::Cluster;
fn main() {
let cluster = Cluster::get("testing");
println!("{:#?}", cluster.nodes());
}

119
crete/src/node.rs Normal file
View File

@@ -0,0 +1,119 @@
use std::net::Ipv4Addr;
use optional_struct::{Applicable, optional_struct};
use schemars::JsonSchema;
use serde::Deserialize;
use crate::{
base_dir,
cluster::Cluster,
patch::{OptionalPatches, Patches},
};
#[derive(Debug, Deserialize, JsonSchema, Clone, Copy, PartialEq, Eq)]
#[serde(rename_all = "camelCase")]
enum NodeType {
Worker,
ControlPlane,
}
#[derive(Debug, Deserialize, JsonSchema, Clone, Copy, PartialEq, Eq)]
#[serde(rename_all = "camelCase")]
enum NodeArch {
Amd64,
}
#[optional_struct]
#[derive(Debug, Deserialize, JsonSchema)]
#[serde(rename_all = "camelCase", deny_unknown_fields)]
struct Network {
interface: String,
ip: Ipv4Addr,
netmask: Ipv4Addr,
gateway: Ipv4Addr,
dns: [Ipv4Addr; 2],
advertise_routes: bool,
}
#[optional_struct]
#[derive(Debug, Deserialize, JsonSchema, Default)]
#[serde(rename_all = "camelCase", deny_unknown_fields)]
struct Install {
auto: bool,
disk: String,
serial: Option<String>,
}
#[optional_struct]
#[derive(Debug, Deserialize, JsonSchema)]
#[serde(rename_all = "camelCase", deny_unknown_fields)]
pub struct Node {
#[serde(skip_deserializing)]
hostname: String,
arch: NodeArch,
r#type: NodeType,
#[optional_rename(OptionalNetwork)]
network: Network,
// TODO: Type that verifies url?
ntp: String,
#[optional_rename(OptionalInstall)]
#[serde(default)]
install: Install,
kernel_args: Vec<String>,
#[optional_rename(OptionalPatches)]
#[serde(default)]
patches: Patches,
// TODO: Per machine patches, append to global list of patches
// Any patches are specified under default they will get overridden
}
impl Node {
pub fn get(mut cluster: Cluster, node_name: &str) -> Self {
let mut path = base_dir().join("nodes").join(node_name);
let named = OptionalNode {
hostname: Some(
path.file_name()
.expect("Path should be valid")
.to_string_lossy()
.to_string(),
),
..OptionalNode::default()
};
path.add_extension("yaml");
let content = std::fs::read_to_string(path).unwrap();
let node: OptionalNode = serde_yaml::from_str(&content).unwrap();
// We want all vectors to be empty vectors by default
// Sadly we have to this manually
// TODO: Find a better way of doing this
let default = OptionalNode {
patches: OptionalPatches {
all: vec![].into(),
control_plane: vec![].into(),
},
kernel_args: vec![].into(),
..Default::default()
};
// Combine all the optional node parts into complete struct
let mut node: Node = default
// Apply cluster default settings
.apply(cluster.default)
// Apply hostname based on filename
.apply(named)
// Override node specific settings
.apply(node)
.try_into()
.unwrap();
// Prepend the cluster base values
cluster.base.kernel_args.extend(node.kernel_args);
node.kernel_args = cluster.base.kernel_args;
cluster.base.patches.extend(node.patches);
node.patches = cluster.base.patches;
node
}
}

69
crete/src/patch.rs Normal file
View File

@@ -0,0 +1,69 @@
use optional_struct::optional_struct;
use schemars::JsonSchema;
use serde::{Deserialize, Deserializer, Serialize};
use crate::base_dir;
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct Patch(String);
impl JsonSchema for Patch {
fn schema_name() -> std::borrow::Cow<'static, str> {
String::schema_name()
}
fn json_schema(generator: &mut schemars::SchemaGenerator) -> schemars::Schema {
String::json_schema(generator)
}
fn inline_schema() -> bool {
String::inline_schema()
}
fn schema_id() -> std::borrow::Cow<'static, str> {
String::schema_name()
}
}
impl Patch {
pub fn get(patch_name: impl AsRef<str>) -> Self {
let mut path = base_dir().join("patches").join(patch_name.as_ref());
path.add_extension("yaml");
let content = std::fs::read_to_string(path).unwrap();
Self(content)
}
pub fn resolve(&self) -> serde_yaml::Result<ResolvedPatch> {
Ok(ResolvedPatch(serde_yaml::from_str(&self.0)?))
}
}
impl<'de> Deserialize<'de> for Patch {
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: Deserializer<'de>,
{
let name: &str = Deserialize::deserialize(deserializer)?;
Ok(Self::get(name))
}
}
#[derive(Debug, Serialize)]
pub struct ResolvedPatch(serde_yaml::Value);
#[optional_struct]
#[derive(Debug, Deserialize, JsonSchema, Clone, PartialEq, Eq, Default)]
#[serde(rename_all = "camelCase", deny_unknown_fields)]
pub struct Patches {
pub(crate) all: Vec<Patch>,
pub(crate) control_plane: Vec<Patch>,
}
impl Patches {
pub(crate) fn extend(&mut self, other: Patches) {
self.all.extend(other.all);
self.control_plane.extend(other.control_plane);
}
}

262
schemas/cluster.json Normal file
View File

@@ -0,0 +1,262 @@
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"title": "Cluster",
"type": "object",
"properties": {
"base": {
"$ref": "#/$defs/Base"
},
"controlPlaneIp": {
"type": "string",
"format": "ipv4"
},
"default": {
"$ref": "#/$defs/OptionalNode"
},
"nodes": {
"type": "array",
"items": {
"type": "string"
}
},
"production": {
"type": "boolean"
},
"version": {
"$ref": "#/$defs/Version"
}
},
"additionalProperties": false,
"required": [
"version",
"nodes",
"production",
"controlPlaneIp",
"base"
],
"$defs": {
"Base": {
"type": "object",
"properties": {
"kernelArgs": {
"type": "array",
"default": [],
"items": {
"type": "string"
}
},
"patches": {
"$ref": "#/$defs/Patches"
}
},
"additionalProperties": false
},
"NodeArch": {
"type": "string",
"enum": [
"amd64"
]
},
"NodeType": {
"type": "string",
"enum": [
"worker",
"controlPlane"
]
},
"OptionalInstall": {
"type": "object",
"properties": {
"auto": {
"type": [
"boolean",
"null"
]
},
"disk": {
"type": [
"string",
"null"
]
},
"serial": {
"type": [
"string",
"null"
]
}
},
"additionalProperties": false
},
"OptionalNetwork": {
"type": "object",
"properties": {
"advertiseRoutes": {
"type": [
"boolean",
"null"
]
},
"dns": {
"type": [
"array",
"null"
],
"items": {
"type": "string",
"format": "ipv4"
},
"maxItems": 2,
"minItems": 2
},
"gateway": {
"type": [
"string",
"null"
],
"format": "ipv4"
},
"interface": {
"type": [
"string",
"null"
]
},
"ip": {
"type": [
"string",
"null"
],
"format": "ipv4"
},
"netmask": {
"type": [
"string",
"null"
],
"format": "ipv4"
}
},
"additionalProperties": false
},
"OptionalNode": {
"type": "object",
"properties": {
"arch": {
"anyOf": [
{
"$ref": "#/$defs/NodeArch"
},
{
"type": "null"
}
]
},
"install": {
"$ref": "#/$defs/OptionalInstall"
},
"kernelArgs": {
"type": [
"array",
"null"
],
"items": {
"type": "string"
}
},
"network": {
"$ref": "#/$defs/OptionalNetwork"
},
"ntp": {
"type": [
"string",
"null"
]
},
"patches": {
"$ref": "#/$defs/OptionalPatches"
},
"type": {
"anyOf": [
{
"$ref": "#/$defs/NodeType"
},
{
"type": "null"
}
]
}
},
"additionalProperties": false,
"required": [
"network"
]
},
"OptionalPatches": {
"type": "object",
"properties": {
"all": {
"type": [
"array",
"null"
],
"items": {
"type": "string"
}
},
"controlPlane": {
"type": [
"array",
"null"
],
"items": {
"type": "string"
}
}
},
"additionalProperties": false
},
"Patches": {
"type": "object",
"properties": {
"all": {
"type": "array",
"items": {
"type": "string"
}
},
"controlPlane": {
"type": "array",
"items": {
"type": "string"
}
}
},
"additionalProperties": false,
"required": [
"all",
"controlPlane"
]
},
"SemVer": {
"type": "string",
"pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
},
"Version": {
"type": "object",
"properties": {
"kubernetes": {
"$ref": "#/$defs/SemVer"
},
"talos": {
"$ref": "#/$defs/SemVer"
}
},
"additionalProperties": false,
"required": [
"kubernetes",
"talos"
]
}
}
}

169
schemas/node.json Normal file
View File

@@ -0,0 +1,169 @@
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"title": "OptionalNode",
"type": "object",
"properties": {
"arch": {
"anyOf": [
{
"$ref": "#/$defs/NodeArch"
},
{
"type": "null"
}
]
},
"install": {
"$ref": "#/$defs/OptionalInstall"
},
"kernelArgs": {
"type": [
"array",
"null"
],
"items": {
"type": "string"
}
},
"network": {
"$ref": "#/$defs/OptionalNetwork"
},
"ntp": {
"type": [
"string",
"null"
]
},
"patches": {
"$ref": "#/$defs/OptionalPatches"
},
"type": {
"anyOf": [
{
"$ref": "#/$defs/NodeType"
},
{
"type": "null"
}
]
}
},
"additionalProperties": false,
"required": [
"network"
],
"$defs": {
"NodeArch": {
"type": "string",
"enum": [
"amd64"
]
},
"NodeType": {
"type": "string",
"enum": [
"worker",
"controlPlane"
]
},
"OptionalInstall": {
"type": "object",
"properties": {
"auto": {
"type": [
"boolean",
"null"
]
},
"disk": {
"type": [
"string",
"null"
]
},
"serial": {
"type": [
"string",
"null"
]
}
},
"additionalProperties": false
},
"OptionalNetwork": {
"type": "object",
"properties": {
"advertiseRoutes": {
"type": [
"boolean",
"null"
]
},
"dns": {
"type": [
"array",
"null"
],
"items": {
"type": "string",
"format": "ipv4"
},
"maxItems": 2,
"minItems": 2
},
"gateway": {
"type": [
"string",
"null"
],
"format": "ipv4"
},
"interface": {
"type": [
"string",
"null"
]
},
"ip": {
"type": [
"string",
"null"
],
"format": "ipv4"
},
"netmask": {
"type": [
"string",
"null"
],
"format": "ipv4"
}
},
"additionalProperties": false
},
"OptionalPatches": {
"type": "object",
"properties": {
"all": {
"type": [
"array",
"null"
],
"items": {
"type": "string"
}
},
"controlPlane": {
"type": [
"array",
"null"
],
"items": {
"type": "string"
}
}
},
"additionalProperties": false
}
}
}

55
talos/clusters/testing.yaml Normal file
View File

@@ -0,0 +1,55 @@
# yaml-language-server: $schema=../../schemas/cluster.json
version:
kubernetes: 1.34.1
talos: 1.11.3
production: false
controlPlaneIp: 192.168.1.100
nodes:
- testing/talos-vm
base:
kernelArgs:
- talos.platform=metal
- console=tty0
- init_on_alloc=1
- init_on_free=1
- slab_nomerge
- pti=on
- consoleblank=0
- nvme_core.io_timeout=4294967295
- printk.devkmsg=on
- selinux=1
- lockdown=confidentiality
patches:
all:
- system/hostname
- system/install-disk
- system/network
- networking/vip
- networking/tailscale
- networking/cilium
- spegel
- storage/longhorn
- storage/longhorn/user-volume
- storage/local-path-provisioner/user-volume
- storage/limit-ephemeral
- metrics/all
controlPlane:
- system/allow-control-plane-workloads
- sops
- flux
- metrics/control-plane
- networking/gateway-api
default:
arch: amd64
network:
interface: enp1s0
netmask: 255.255.255.0
gateway: 192.168.1.1
dns:
- 1.1.1.1
- 8.8.8.8
advertiseRoutes: true
ntp: nl.pool.ntp.org
install:
auto: true
disk: /dev/vda

4
talos/nodes/testing/talos-vm.yaml Normal file
View File

@@ -0,0 +1,4 @@
# yaml-language-server: $schema=../../../schemas/node.json
type: controlPlane
network:
ip: 192.168.1.2

18
talos/patches/flux.yaml Normal file
View File

@@ -0,0 +1,18 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
cluster:
inlineManifests:
- name: flux
contents: |
---
apiVersion: v1
kind: Namespace
metadata:
name: flux-system
---
apiVersion: v1
kind: ConfigMap
metadata:
name: cluster-variables
namespace: flux-system
data:
cluster_env: "{%- if node.cluster.production %} production {%- else %} staging {%- endif %}"

5
talos/patches/metrics/all.yaml Normal file
View File

@@ -0,0 +1,5 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
machine:
kubelet:
extraArgs:
rotate-server-certificates: "true"

5
talos/patches/metrics/control-plane.yaml Normal file
View File

@@ -0,0 +1,5 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
cluster:
extraManifests:
- https://raw.githubusercontent.com/alex1989hu/kubelet-serving-cert-approver/main/deploy/standalone-install.yaml
- https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml

12
talos/patches/networking/cilium.yaml Normal file
View File

@@ -0,0 +1,12 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
machine:
features:
hostDNS:
# This option is enabled by default and causes issues with cilium
forwardKubeDNSToHost: false
cluster:
network:
cni:
name: none
proxy:
disabled: true

4
talos/patches/networking/gateway-api.yaml Normal file
View File

@@ -0,0 +1,4 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
cluster:
extraManifests:
- https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.4.1/standard-install.yaml

8
talos/patches/networking/tailscale.yaml Normal file
View File

@@ -0,0 +1,8 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
apiVersion: v1alpha1
kind: ExtensionServiceConfig
name: tailscale
environment:
- TS_AUTHKEY={{ config.tailscale.authKey }}
- TS_EXTRA_ARGS=--login-server {{ config.tailscale.loginServer }} --advertise-tags=tag:cluster-{{ node.cluster.name }}
- TS_ROUTES={% if node.advertiseRoutes -%} {{ helper.tailscale_subnet(node.gateway, node.netmask) }} {%- endif %}

7
talos/patches/networking/vip.yaml Normal file
View File

@@ -0,0 +1,7 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
machine:
network:
interfaces:
- interface: "{{node.interface}}"
vip:
ip: "{{node.cluster.controlPlaneIp}}"

18
talos/patches/sops.yaml Normal file
View File

@@ -0,0 +1,18 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
cluster:
inlineManifests:
- name: sops-key
contents: |
apiVersion: v1
kind: Namespace
metadata:
name: flux-system
---
apiVersion: v1
kind: Secret
metadata:
name: sops-gpg
namespace: flux-system
data:
age.agekey: |
{{ helper.load_secret(node.cluster.sopsKeyFile) }}

8
talos/patches/spegel.yaml Normal file
View File

@@ -0,0 +1,8 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
machine:
files:
- path: /etc/cri/conf.d/20-customization.part
op: create
content: |
[plugins."io.containerd.cri.v1.images"]
discard_unpacked_layers = false

6
talos/patches/storage/limit-ephemeral.yaml Normal file
View File

@@ -0,0 +1,6 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
apiVersion: v1alpha1
kind: VolumeConfig
name: EPHEMERAL
provisioning:
maxSize: 30GB

9
talos/patches/storage/local-path-provisioner/user-volume.yaml Normal file
View File

@@ -0,0 +1,9 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
apiVersion: v1alpha1
kind: UserVolumeConfig
name: local-path-provisioner
provisioning:
diskSelector:
match: system_disk
grow: true
maxSize: 10GB

11
talos/patches/storage/longhorn.yaml Normal file
View File

@@ -0,0 +1,11 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
machine:
kubelet:
extraMounts:
- destination: /var/lib/longhorn
type: bind
source: /var/lib/longhorn
options:
- bind
- rshared
- rw

9
talos/patches/storage/longhorn/user-volume.yaml Normal file
View File

@@ -0,0 +1,9 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
apiVersion: v1alpha1
kind: UserVolumeConfig
name: longhorn
provisioning:
diskSelector:
match: system_disk
grow: true
maxSize: 2000GB

17
talos/patches/storage/openebs.yaml Normal file
View File

@@ -0,0 +1,17 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
machine:
# This is only needed on nodes that will have storage
sysctls:
vm.nr_hugepages: "1024"
nodeLabels:
openebs.io/engine: mayastor
# This is needed on ALL nodes
kubelet:
extraMounts:
- destination: /var/local
type: bind
source: /var/local
options:
- bind
- rshared
- rw

3
talos/patches/system/allow-control-plane-workloads.yaml Normal file
View File

@@ -0,0 +1,3 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
cluster:
allowSchedulingOnControlPlanes: true

4
talos/patches/system/hostname.yaml Normal file
View File

@@ -0,0 +1,4 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
machine:
network:
hostname: "{{node.hostname}}"

4
talos/patches/system/install-disk.yaml Normal file
View File

@@ -0,0 +1,4 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
machine:
install:
disk: "{{node.installDisk}}"

11
talos/patches/system/network.yaml Normal file
View File

@@ -0,0 +1,11 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siderolabs/talos/refs/heads/release-1.11/website/content/v1.11/schemas/config.schema.json
machine:
network:
interfaces:
- interface: "{{node.interface}}"
dhcp: false
addresses:
- "{{node.ip}}"
routes:
- network: 0.0.0.0/0
gateway: "{{node.gateway}}"