4.6 KiB
4.6 KiB
description, argument-hint
| description | argument-hint |
|---|---|
| Configure Talos Linux-based cluster | Optional cluster requirements |
Talos Linux Cluster Setup
You are setting up a Kubernetes cluster on Talos Linux using the talos-linux-expert agent.
Workflow
1. Gather Cluster Requirements
If not specified, ask for:
- Node configuration:
- Number of control plane nodes (1 or 3+ for HA)
- Number of worker nodes
- IP addresses for each node
- Hostnames
- Network configuration:
- Control plane endpoint (load balancer IP for HA)
- CNI preference (none/Cilium/Calico - recommend installing separately)
- Pod and service CIDR ranges
- High availability:
- Load balancer for control plane (required for HA)
- Distributed storage requirements
- Talos version: Latest stable or specific version
2. Generate Machine Configurations
Launch talos-linux-expert to generate configs:
talosctl gen config cluster-name https://[endpoint]:6443
This creates:
controlplane.yaml- For control plane nodesworker.yaml- For worker nodestalosconfig- For talosctl client
3. Customize Configurations
Apply necessary patches for:
- Network settings: Static IPs, routes, VLANs
- CNI: Disable built-in CNI if using Cilium/Calico
- Install disk: Specify correct disk path
- Certificate SANs: Add load balancer IP/hostname
- Cluster discovery: Configure if needed
Example patch:
machine:
network:
interfaces:
- interface: eth0
addresses:
- 192.168.1.10/24
routes:
- network: 0.0.0.0/0
gateway: 192.168.1.1
cluster:
network:
cni:
name: none # Install Cilium separately
4. Apply Configurations to Nodes
For each node:
# Control plane nodes
talosctl apply-config --insecure --nodes [IP] --file controlplane.yaml
# Worker nodes
talosctl apply-config --insecure --nodes [IP] --file worker.yaml
Wait for nodes to boot and apply configurations.
5. Bootstrap Kubernetes
On first control plane node only:
talosctl bootstrap --nodes [first-controlplane-IP]
This initializes etcd and starts Kubernetes.
6. Retrieve kubeconfig
talosctl kubeconfig --nodes [controlplane-IP]
7. Verify Cluster
# Check Talos health
talosctl health --nodes [all-nodes]
# Check Kubernetes nodes
kubectl get nodes
# Verify etcd
talosctl etcd members --nodes [controlplane-IP]
8. Install CNI (if using Cilium/Calico)
If CNI set to none, launch k8s-network-engineer to install:
helm install cilium cilium/cilium --namespace kube-system
9. Post-Installation Tasks
- Configure storage (if needed)
- Set up monitoring
- Apply security policies
- Configure backups (etcd snapshots)
Output Format
Talos Cluster Configuration Summary
Cluster Information:
- Name: [cluster-name]
- Talos Version: [version]
- Kubernetes Version: [version]
- Endpoint: https://[endpoint]:6443
Control Plane Nodes:
- [hostname]: [IP] - [status]
- [hostname]: [IP] - [status]
- [hostname]: [IP] - [status]
Worker Nodes:
- [hostname]: [IP] - [status]
- [hostname]: [IP] - [status]
Network Configuration:
- CNI: [Cilium/Calico/None]
- Pod CIDR: [range]
- Service CIDR: [range]
Configuration Files:
✓ controlplane.yaml - Apply to control plane nodes
✓ worker.yaml - Apply to worker nodes
✓ talosconfig - Configure talosctl client
Next Steps
- Configure talosctl:
export TALOSCONFIG=$PWD/talosconfig
talosctl config endpoint [controlplane-IPs]
talosctl config node [any-controlplane-IP]
- Verify cluster:
kubectl get nodes
kubectl get pods -A
- Install CNI (if needed):
helm install cilium cilium/cilium -n kube-system
- Deploy workloads:
kubectl apply -f your-manifests/
Useful talosctl Commands
# Check node status
talosctl dashboard --nodes [IP]
# View logs
talosctl logs --nodes [IP] kubelet
# Upgrade Talos
talosctl upgrade --nodes [IP] --image ghcr.io/siderolabs/installer:v1.6.0
# Upgrade Kubernetes
talosctl upgrade-k8s --nodes [IP] --to 1.29.0
# Restart services
talosctl restart kubelet --nodes [IP]
# etcd operations
talosctl etcd snapshot --nodes [IP]
Troubleshooting
Nodes not joining:
- Verify network connectivity
- Check firewall rules (6443, 50000, 50001)
- Verify machine config applied correctly
etcd not starting:
- Ensure only one bootstrap command run
- Check time synchronization
- Verify disk space
CNI not working:
- Verify CNI set to
nonein config - Check Cilium/Calico installation
- Verify network policies not blocking