From 04fb020567048b62e7812b89c6445e65a68dcd61 Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Sat, 21 Dec 2024 22:13:00 -0600 Subject: [PATCH] upgrade taskfile in preparation for talos v1.9.0 --- .taskfiles/talos/Taskfile.yaml | 133 +++++++++++----------- kubernetes/bootstrap/talos/talconfig.yaml | 29 +++-- 2 files changed, 86 insertions(+), 76 deletions(-) diff --git a/.taskfiles/talos/Taskfile.yaml b/.taskfiles/talos/Taskfile.yaml index 496f82b4..f9dec7ca 100644 --- a/.taskfiles/talos/Taskfile.yaml +++ b/.taskfiles/talos/Taskfile.yaml @@ -55,94 +55,99 @@ tasks: generate-clusterconfig: desc: Generate clusterconfig for Talos + preconditions: + - which test talhelper + - test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talsecret.sops.yaml + - test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml + requires: + vars: + - K8S_CLUSTER cmds: - talhelper genconfig --env-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml --secret-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talsecret.sops.yaml --config-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml --out-dir {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig - requires: - vars: - - K8S_CLUSTER - preconditions: - - test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml - - test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talsecret.sops.yaml - - test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml - - upgrade: - desc: Upgrade Talos version for a node - vars: - TALOS_VERSION: - sh: | - yq -r ".talosVersion" {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml - TALOS_IMAGE: - sh: | - talhelper genurl installer \ - --env-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml \ - --config-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml \ - | grep {{.NODE}} \ - | awk '{split($0,u," "); print u[2]}' - cmds: - - talosctl upgrade -n {{.NODE}} --image {{.TALOS_IMAGE }} - requires: - vars: - - K8S_CLUSTER - - NODE - preconditions: - - test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml - - test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml - - msg: "Talos image could not be determined for node={{.NODE}}" - sh: 'test -n "{{.TALOS_IMAGE}}"' - - upgrade-k8s: - desc: Upgrade Kubernetes version for a Talos cluster - silent: false - vars: - KUBERNETES_VERSION: - sh: | - yq -r ".kubernetesVersion" {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml - TALOS_CONTROLLER: - sh: talosctl config info --output json | jq --raw-output '.endpoints[]' | shuf -n 1 - cmds: - - until kubectl wait --timeout=5m --for=condition=Complete jobs --all --all-namespaces; do sleep 10; done - - talosctl upgrade-k8s -n {{.TALOS_CONTROLLER}} --to {{.KUBERNETES_VERSION}} - requires: - vars: - - K8S_CLUSTER - preconditions: - - talosctl config info &>/dev/null - - talosctl --nodes {{.TALOS_CONTROLLER}} get machineconfig &>/dev/null apply-clusterconfig: desc: Apply clusterconfig for a Talos cluster vars: CLUSTERCONFIG_FILES: - sh: find {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig -type f -name '*.yaml' -printf '%f\n' + sh: ls {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig/*.yaml + preconditions: + - which ls + - test -f "${TALOSCONFIG}" + requires: + vars: + - K8S_CLUSTER cmds: - for: var: CLUSTERCONFIG_FILES task: _apply-machineconfig vars: - filename: "{{.ITEM}}" - hostname: |- - {{ trimPrefix (printf "%s-" .K8S_CLUSTER) .ITEM | trimSuffix ".yaml" }} + FILENAME: "{{.ITEM}}" + HOSTNAME: |- + {{ trimPrefix (printf "%s-" .K8S_CLUSTER) (base .ITEM) | trimSuffix ".yaml" }} DRY_RUN: "{{ .DRY_RUN }}" + INSECURE: "{{ .INSECURE }}" + + apply-node: + desc: Apply Talos config to a node [NODE=required] + preconditions: + - which talosctl + - test -f "${TALOSCONFIG}" + - talosctl --nodes {{.NODE}} get machineconfig requires: vars: - K8S_CLUSTER + - NODE + vars: + FILE: + sh: ls {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig/{{.K8S_CLUSTER}}-{{.NODE}}*.yaml + cmds: + - task: _apply-machineconfig + vars: + FILENAME: "{{.FILE}}" + HOSTNAME: "{{.NODE}}" + - talosctl --nodes {{.NODE}} health --wait-timeout=10m --server=false + + upgrade-node: + desc: Upgrade Talos on a single node [NODE=required] + preconditions: + - which talosctl + - test -f "${TALOSCONFIG}" + - talosctl --nodes {{.NODE}} get machineconfig + requires: + vars: + - K8S_CLUSTER + - NODE + vars: + FILE: + sh: ls {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig/{{.K8S_CLUSTER}}-{{.NODE}}*.yaml + TALOS_IMAGE: + sh: yq '.machine.install.image' < "{{.FILE}}" + cmds: + - echo "Upgrading Talos on node {{.NODE}}" + - talosctl --nodes {{.NODE}} upgrade --image="{{.TALOS_IMAGE}}" --timeout=10m + - talosctl --nodes {{.NODE}} health --wait-timeout=10m --server=false _apply-machineconfig: internal: true desc: Apply a single Talos machineConfig to a Talos node - cmds: - - talosctl apply-config - --nodes "{{.hostname}}" - --file "{{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig/{{.filename}}" - {{ if eq "true" .DRY_RUN }}--dry-run{{ end }} + vars: + MODE: '{{.MODE | default "auto"}}' + preconditions: + - which talosctl + - test -f "{{.FILENAME}}" requires: vars: - K8S_CLUSTER - - hostname - - filename - preconditions: - - test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig/{{.filename}} + - HOSTNAME + - FILENAME + cmds: + - talosctl apply-config + --nodes "{{.HOSTNAME}}" + --file "{{.FILENAME}}" + --mode="{{.MODE}}" + {{ if eq "true" .INSECURE }}--insecure{{ end }} + {{ if eq "true" .DRY_RUN }}--dry-run{{ end }} diff --git a/kubernetes/bootstrap/talos/talconfig.yaml b/kubernetes/bootstrap/talos/talconfig.yaml index a40778b9..b84055e2 100644 --- a/kubernetes/bootstrap/talos/talconfig.yaml +++ b/kubernetes/bootstrap/talos/talconfig.yaml @@ -20,7 +20,7 @@ nodes: ipAddress: 10.1.1.62 controlPlane: true installDiskSelector: - wwid: naa.55cd2e4150654449 + busPath: /pci0000:00/0000:00:1f.2/ata1/host0/target0:0:0/0:0:0:0/ networkInterfaces: - interface: eno1 dhcp: true @@ -28,15 +28,16 @@ nodes: customization: systemExtensions: officialExtensions: + - siderolabs/i915 - siderolabs/intel-ucode - - siderolabs/i915-ucode + - siderolabs/glibc - hostname: frodo disableSearchDomain: true ipAddress: 10.1.1.63 controlPlane: true installDiskSelector: - wwid: naa.55cd2e4150650b54 + busPath: /pci0000:00/0000:00:1f.2/ata1/host0/target0:0:0/0:0:0:0/ networkInterfaces: - interface: eno1 dhcp: true @@ -44,15 +45,16 @@ nodes: customization: systemExtensions: officialExtensions: + - siderolabs/i915 - siderolabs/intel-ucode - - siderolabs/i915-ucode + - siderolabs/glibc - hostname: sam disableSearchDomain: true ipAddress: 10.1.1.64 controlPlane: true installDiskSelector: - wwid: naa.55cd2e41521a8480 + busPath: /pci0000:00/0000:00:1f.2/ata1/host0/target0:0:0/0:0:0:0/ networkInterfaces: - interface: eno1 dhcp: true @@ -60,15 +62,16 @@ nodes: customization: systemExtensions: officialExtensions: + - siderolabs/i915 - siderolabs/intel-ucode - - siderolabs/i915-ucode + - siderolabs/glibc - hostname: pippin disableSearchDomain: true ipAddress: 10.1.1.65 controlPlane: false installDiskSelector: - wwid: naa.55cd2e4150155dbf + busPath: /pci0000:00/0000:00:1f.2/ata1/host0/target0:0:0/0:0:0:0/ networkInterfaces: - interface: eno1 dhcp: true @@ -76,8 +79,9 @@ nodes: customization: systemExtensions: officialExtensions: + - siderolabs/i915 - siderolabs/intel-ucode - - siderolabs/i915-ucode + - siderolabs/glibc - hostname: merry disableSearchDomain: true @@ -103,15 +107,15 @@ nodes: systemExtensions: officialExtensions: - siderolabs/amd-ucode - - siderolabs/nonfree-kmod-nvidia-production - siderolabs/nvidia-container-toolkit-production - + - siderolabs/nvidia-open-gpu-kernel-modules-production + - siderolabs/glibc - hostname: rosie disableSearchDomain: true ipAddress: 10.1.1.67 controlPlane: false installDiskSelector: - wwid: naa.55cd2e4150a6183a + busPath: /pci0000:00/0000:00:1f.2/ata1/host0/target0:0:0/0:0:0:0/ networkInterfaces: - interface: eno1 dhcp: true @@ -119,8 +123,9 @@ nodes: customization: systemExtensions: officialExtensions: + - siderolabs/i915 - siderolabs/intel-ucode - - siderolabs/i915-ucode + - siderolabs/glibc worker: schematic: