feat: Switched to longhorn

.pre-commit-config.yaml

@@ -0,0 +1,28 @@
+default_install_hook_types: [pre-commit, commit-msg]
+exclude: gotk-.*.yaml
+repos:
+  - repo: builtin
+    hooks:
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+      - id: check-yaml
+        args:
+          - --allow-multiple-documents
+      - id: check-added-large-files
+      - id: check-merge-conflict
+      - id: check-executables-have-shebangs
+
+  - repo: https://github.com/crate-ci/typos
+    rev: v1.40.0
+    hooks:
+      - id: typos
+
+  - repo: https://github.com/sirwart/ripsecrets
+    rev: v0.1.11
+    hooks:
+      - id: ripsecrets-system
+
+  - repo: https://github.com/crate-ci/committed
+    rev: v1.1.8
+    hooks:
+      - id: committed

.secretsignore

@@ -0,0 +1,3 @@
+_secrets.yaml
+secrets.yaml
+*.agekey

committed.toml

@@ -0,0 +1,2 @@
+style = "conventional"
+ignore_author_re = "Flux"

nodes/_defaults.yaml

@@ -30,6 +30,9 @@ patches:
   - !patch tailscale
   - !patch cilium
   - !patch spegel
+  - !patch longhorn
+  - !patch longhorn-user-volume
+  - !patch limit-ephemeral
 patchesControlPlane:
   - !patch allow-control-plane-workloads
   - !patch sops

patches/limit-ephemeral.yaml

@@ -0,0 +1,5 @@
+apiVersion: v1alpha1
+kind: VolumeConfig
+name: EPHEMERAL
+provisioning:
+  maxSize: 30GB

patches/longhorn-user-volume.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1alpha1
+kind: UserVolumeConfig
+name: longhorn
+provisioning:
+  diskSelector:
+    match: system_disk
+  grow: true
+  maxSize: 2000GB

patches/longhorn.yaml

@@ -0,0 +1,10 @@
+machine:
+  kubelet:
+    extraMounts:
+      - destination: /var/lib/longhorn
+        type: bind
+        source: /var/lib/longhorn
+        options:
+          - bind
+          - rshared
+          - rw

patches/openebs.yaml

@@ -0,0 +1,16 @@
+machine:
+  # This is only needed on nodes that will have storage
+  sysctls:
+    vm.nr_hugepages: "1024"
+  nodeLabels:
+    openebs.io/engine: mayastor
+  # This is needed on ALL nodes
+  kubelet:
+    extraMounts:
+      - destination: /var/local
+        type: bind
+        source: /var/local
+        options:
+          - bind
+          - rshared
+          - rw

patches/tailscale.yaml

@@ -4,6 +4,4 @@ name: tailscale
 environment:
   - TS_AUTHKEY={{ config.tailscale.authKey }}
   - TS_EXTRA_ARGS=--login-server {{ config.tailscale.loginServer }} --advertise-tags=tag:cluster-{{ node.cluster.name }}
-  {% if node.advertiseRoutes %}
-  - TS_ROUTES={{ helper.tailscale_subnet(node.gateway, node.netmask) }}
-  {% endif %}
+  - TS_ROUTES={% if node.advertiseRoutes -%} {{ helper.tailscale_subnet(node.gateway, node.netmask) }} {%- endif %}

tools/vm

@@ -3,9 +3,9 @@ set -euo pipefail
 ROOT=$(git rev-parse --show-toplevel)
 
 VM_NAME="talos-vm"
-VCPUS="2"
-RAM_MB="2048"
-DISK_GB="10"
+VCPUS="6"
+RAM_MB="16384"
+DISK_GB="100"
 NETWORK=talos
 CONNECTION="qemu:///system"