IaC/talos/talos-patch.yaml

---

cluster:
  allowSchedulingOnControlPlanes: true
  controlPlane:
    endpoint: https://cp00.balsillie.house:6443
    localAPIServerPort: 6443
  clusterName: cluster00.balsillie.house
  extraManifests:
    - https://raw.githubusercontent.com/alex1989hu/kubelet-serving-cert-approver/main/deploy/standalone-install.yaml
    - https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
    # - https://github.com/kubernetes-csi/csi-driver-nfs/blob/v4.9.0/deploy/example/pv-nfs-csi.yaml # TODO follow link and add individual manifests
    # - https://raw.githubusercontent.com/kubernetes/ingress-nginx/refs/tags/controller-v1.11.3/deploy/static/provider/baremetal/deploy.yaml
  inlineManifests:
    - name: calico-installation
      contents: |
        apiVersion: operator.tigera.io/v1
        kind: Installation
        metadata:
          name: default
        spec:
          variant: Calico
          cni:
            type: Calico
            ipam:
              type: Calico
          serviceCIDRs:
            - 10.80.0.0/12
          calicoNetwork:
            bgp: Enabled
            linuxDataplane: Nftables
            hostPorts: Enabled
            ipPools:
            - name: default-ipv4-ippool
              blockSize: 24
              cidr: 10.64.0.0/12
              encapsulation: None
              natOutgoing: Disabled
              nodeSelector: all()
    - name: calico-apiserver
      contents: |
        apiVersion: operator.tigera.io/v1
        kind: APIServer
        metadata:
          name: default
        spec: {}
    - name: calico-bgpconfig
      contents: |
        apiVersion: crd.projectcalico.org/v1
        kind: BGPConfiguration
        metadata:
          name: default
        spec:
          asNumber: 64624
          serviceClusterIPs:
          - cidr: 10.80.0.0/12
          serviceExternalIPs:
          - cidr: 10.96.20.0/24
    - name: calico-bgppeer
      contents: |
        apiVersion: crd.projectcalico.org/v1
        kind: BGPPeer
        metadata:
          name: router-balsillie-house
        spec:
          asNumber: 64625
          peerIP: 192.168.1.11:179
  network:
    cni:
      name: custom
      urls:
        - https://raw.githubusercontent.com/projectcalico/calico/v3.29.1/manifests/tigera-operator.yaml
    dnsDomain: cluster00.balsillie.house
    podSubnets:
      - 10.64.0.0/12
    serviceSubnets:
      - 10.80.0.0/12
  proxy:
    mode: nftables
    disabled: false
    extraArgs:
      proxy-mode: nftables
machine:
  disks:
    - device: /dev/nvme0n1
      # partitions:
      #   - mountpoint: /var/mnt/storage
  features:
    hostDNS:
      enabled: true
      forwardKubeDNSToHost: false
  install:
    wipe: true
    legacyBIOSSupport: false
    diskSelector:
      type: ssd
  kubelet:
    extraArgs:
      rotate-server-certificates: true
    extraMounts:
      - destination: /var/local/openebs
        type: bind
        source: /var/local/openebs
        options:
          - rbind
          - rshared
          - rw
      # - destination: /var/dev/nvme0n1
      #   type: bind
      #   source: /dev/nvme0n1
      #   options:
      #     - bind
      #     - rshared
      #     - rw
  network:
    hostname: node00.balsillie.house
    nameservers:
      - 192.168.1.11
    interfaces:
      - deviceSelector:
          hardwareAddr: 'f4:4d:30:6e:62:a7'
        dhcp: false
        routes:
          - network: 0.0.0.0/0
            gateway: 192.168.1.11
        addresses:
          - 192.168.1.15/24
  nodeLabels:
    openebs.io/engine: mayastor
  sysctls:
    vm.nr_hugepages: "1024"
  time:
    disabled: false
    servers:
      - 192.168.1.11
talos wip 2024-12-08 06:36:48 +00:00			`---`

			`cluster:`
			`allowSchedulingOnControlPlanes: true`
			`controlPlane:`
			`endpoint: https://cp00.balsillie.house:6443`
			`localAPIServerPort: 6443`
			`clusterName: cluster00.balsillie.house`
			`extraManifests:`
			`- https://raw.githubusercontent.com/alex1989hu/kubelet-serving-cert-approver/main/deploy/standalone-install.yaml`
			`- https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml`
Add sops config 2024-12-24 04:52:05 +00:00			`# - https://github.com/kubernetes-csi/csi-driver-nfs/blob/v4.9.0/deploy/example/pv-nfs-csi.yaml # TODO follow link and add individual manifests`
dns and talos 2024-12-18 20:42:45 +00:00			`# - https://raw.githubusercontent.com/kubernetes/ingress-nginx/refs/tags/controller-v1.11.3/deploy/static/provider/baremetal/deploy.yaml`
talos wip 2024-12-08 06:36:48 +00:00			`inlineManifests:`
			`- name: calico-installation`
			`contents: \|`
			`apiVersion: operator.tigera.io/v1`
			`kind: Installation`
			`metadata:`
			`name: default`
			`spec:`
			`variant: Calico`
			`cni:`
			`type: Calico`
			`ipam:`
			`type: Calico`
			`serviceCIDRs:`
			`- 10.80.0.0/12`
			`calicoNetwork:`
			`bgp: Enabled`
			`linuxDataplane: Nftables`
			`hostPorts: Enabled`
			`ipPools:`
			`- name: default-ipv4-ippool`
			`blockSize: 24`
			`cidr: 10.64.0.0/12`
			`encapsulation: None`
			`natOutgoing: Disabled`
			`nodeSelector: all()`
			`- name: calico-apiserver`
			`contents: \|`
			`apiVersion: operator.tigera.io/v1`
			`kind: APIServer`
			`metadata:`
			`name: default`
			`spec: {}`
talos 2024-12-10 04:34:13 +00:00			`- name: calico-bgpconfig`
			`contents: \|`
			`apiVersion: crd.projectcalico.org/v1`
			`kind: BGPConfiguration`
			`metadata:`
			`name: default`
			`spec:`
			`asNumber: 64624`
			`serviceClusterIPs:`
			`- cidr: 10.80.0.0/12`
dns and talos 2024-12-18 20:42:45 +00:00			`serviceExternalIPs:`
			`- cidr: 10.96.20.0/24`
talos 2024-12-10 04:34:13 +00:00			`- name: calico-bgppeer`
			`contents: \|`
			`apiVersion: crd.projectcalico.org/v1`
			`kind: BGPPeer`
			`metadata:`
			`name: router-balsillie-house`
			`spec:`
			`asNumber: 64625`
			`peerIP: 192.168.1.11:179`
talos wip 2024-12-08 06:36:48 +00:00			`network:`
			`cni:`
			`name: custom`
			`urls:`
			`- https://raw.githubusercontent.com/projectcalico/calico/v3.29.1/manifests/tigera-operator.yaml`
			`dnsDomain: cluster00.balsillie.house`
			`podSubnets:`
			`- 10.64.0.0/12`
			`serviceSubnets:`
			`- 10.80.0.0/12`
			`proxy:`
			`mode: nftables`
			`disabled: false`
			`extraArgs:`
			`proxy-mode: nftables`
			`machine:`
talos 2024-12-10 04:34:13 +00:00			`disks:`
			`- device: /dev/nvme0n1`
			`# partitions:`
			`# - mountpoint: /var/mnt/storage`
talos wip 2024-12-08 06:36:48 +00:00			`features:`
			`hostDNS:`
			`enabled: true`
			`forwardKubeDNSToHost: false`
			`install:`
			`wipe: true`
			`legacyBIOSSupport: false`
			`diskSelector:`
			`type: ssd`
			`kubelet:`
			`extraArgs:`
			`rotate-server-certificates: true`
mayastor 2024-12-09 07:08:04 +00:00			`extraMounts:`
			`- destination: /var/local/openebs`
			`type: bind`
			`source: /var/local/openebs`
			`options:`
			`- rbind`
			`- rshared`
			`- rw`
talos 2024-12-10 04:34:13 +00:00			`# - destination: /var/dev/nvme0n1`
			`# type: bind`
			`# source: /dev/nvme0n1`
			`# options:`
			`# - bind`
			`# - rshared`
			`# - rw`
talos wip 2024-12-08 06:36:48 +00:00			`network:`
			`hostname: node00.balsillie.house`
			`nameservers:`
			`- 192.168.1.11`
			`interfaces:`
			`- deviceSelector:`
			`hardwareAddr: 'f4:4d:30:6e:62:a7'`
			`dhcp: false`
			`routes:`
			`- network: 0.0.0.0/0`
			`gateway: 192.168.1.11`
			`addresses:`
			`- 192.168.1.15/24`
mayastor 2024-12-09 07:08:04 +00:00			`nodeLabels:`
			`openebs.io/engine: mayastor`
			`sysctls:`
			`vm.nr_hugepages: "1024"`
talos wip 2024-12-08 06:36:48 +00:00			`time:`
			`disabled: false`
			`servers:`
			`- 192.168.1.11`