Dreaded_X
3b0a49f12e
Also routes the whole subnet of the cluster over tailscale so it can act as an entry point to my home network even when not at home.
Talos
To decrypt the secrets file:
git-crypt unlock
Generate the config files:
talosctl gen config <cluster_name> https://<controlplane_ip>:6443 -f \
--with-secrets secrets.yaml \
--config-patch @<path_to_patch> \
--config-patch-control-plane @<path_to_controlplane_patch> \
--install-image factory.talos.dev/metal-installer/<schematic_id>:<version> \
-o configs
Set TALOSCONFIG:
export TALOSCONFIG=$(realpath configs/talosconfig)
Apply the configs for each node, use worker.yaml for worker nodes:
talosctl apply-config --insecure --nodes <node_id> --file configs/controlplane.yaml
Set endpoint to one of the nodes:
talosctl config endpoint <node_ip>
Bootstrap Kubernetes:
talosctl -n <node_id> bootstrap
Set endpoint to control plane:
talosctl config endpoint <controlplane_ip>
Get kubeconfig and set KUBECONFIG:
talosctl -n 192.168.1.100 kubeconfig $PWD/configs/kubeconfig
export KUBECONFIG=$(realpath configs/kubeconfig)
For applying updated config to node:
talosctl apply-config --nodes <node_id> --file configs/controlplane.yaml
Upgrading talos or changing the schematic:
talosctl upgrade --nodes <node_id> --image factory.talos.dev/metal-installer/<schematic_id>:<version>