upgrade taskfile in preparation for talos v1.9.0

This commit is contained in:
Joseph Hanson 2024-12-21 22:13:00 -06:00
parent 9b8f2722a4
commit 04fb020567
2 changed files with 86 additions and 76 deletions

View file

@ -55,94 +55,99 @@ tasks:
generate-clusterconfig: generate-clusterconfig:
desc: Generate clusterconfig for Talos desc: Generate clusterconfig for Talos
preconditions:
- which test talhelper
- test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talsecret.sops.yaml
- test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml
requires:
vars:
- K8S_CLUSTER
cmds: cmds:
- talhelper genconfig - talhelper genconfig
--env-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml --env-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml
--secret-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talsecret.sops.yaml --secret-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talsecret.sops.yaml
--config-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml --config-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml
--out-dir {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig --out-dir {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig
requires:
vars:
- K8S_CLUSTER
preconditions:
- test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml
- test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talsecret.sops.yaml
- test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml
upgrade:
desc: Upgrade Talos version for a node
vars:
TALOS_VERSION:
sh: |
yq -r ".talosVersion" {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml
TALOS_IMAGE:
sh: |
talhelper genurl installer \
--env-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml \
--config-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml \
| grep {{.NODE}} \
| awk '{split($0,u," "); print u[2]}'
cmds:
- talosctl upgrade -n {{.NODE}} --image {{.TALOS_IMAGE }}
requires:
vars:
- K8S_CLUSTER
- NODE
preconditions:
- test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml
- test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml
- msg: "Talos image could not be determined for node={{.NODE}}"
sh: 'test -n "{{.TALOS_IMAGE}}"'
upgrade-k8s:
desc: Upgrade Kubernetes version for a Talos cluster
silent: false
vars:
KUBERNETES_VERSION:
sh: |
yq -r ".kubernetesVersion" {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml
TALOS_CONTROLLER:
sh: talosctl config info --output json | jq --raw-output '.endpoints[]' | shuf -n 1
cmds:
- until kubectl wait --timeout=5m --for=condition=Complete jobs --all --all-namespaces; do sleep 10; done
- talosctl upgrade-k8s -n {{.TALOS_CONTROLLER}} --to {{.KUBERNETES_VERSION}}
requires:
vars:
- K8S_CLUSTER
preconditions:
- talosctl config info &>/dev/null
- talosctl --nodes {{.TALOS_CONTROLLER}} get machineconfig &>/dev/null
apply-clusterconfig: apply-clusterconfig:
desc: Apply clusterconfig for a Talos cluster desc: Apply clusterconfig for a Talos cluster
vars: vars:
CLUSTERCONFIG_FILES: CLUSTERCONFIG_FILES:
sh: find {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig -type f -name '*.yaml' -printf '%f\n' sh: ls {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig/*.yaml
preconditions:
- which ls
- test -f "${TALOSCONFIG}"
requires:
vars:
- K8S_CLUSTER
cmds: cmds:
- for: - for:
var: CLUSTERCONFIG_FILES var: CLUSTERCONFIG_FILES
task: _apply-machineconfig task: _apply-machineconfig
vars: vars:
filename: "{{.ITEM}}" FILENAME: "{{.ITEM}}"
hostname: |- HOSTNAME: |-
{{ trimPrefix (printf "%s-" .K8S_CLUSTER) .ITEM | trimSuffix ".yaml" }} {{ trimPrefix (printf "%s-" .K8S_CLUSTER) (base .ITEM) | trimSuffix ".yaml" }}
DRY_RUN: "{{ .DRY_RUN }}" DRY_RUN: "{{ .DRY_RUN }}"
INSECURE: "{{ .INSECURE }}"
apply-node:
desc: Apply Talos config to a node [NODE=required]
preconditions:
- which talosctl
- test -f "${TALOSCONFIG}"
- talosctl --nodes {{.NODE}} get machineconfig
requires: requires:
vars: vars:
- K8S_CLUSTER - K8S_CLUSTER
- NODE
vars:
FILE:
sh: ls {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig/{{.K8S_CLUSTER}}-{{.NODE}}*.yaml
cmds:
- task: _apply-machineconfig
vars:
FILENAME: "{{.FILE}}"
HOSTNAME: "{{.NODE}}"
- talosctl --nodes {{.NODE}} health --wait-timeout=10m --server=false
upgrade-node:
desc: Upgrade Talos on a single node [NODE=required]
preconditions:
- which talosctl
- test -f "${TALOSCONFIG}"
- talosctl --nodes {{.NODE}} get machineconfig
requires:
vars:
- K8S_CLUSTER
- NODE
vars:
FILE:
sh: ls {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig/{{.K8S_CLUSTER}}-{{.NODE}}*.yaml
TALOS_IMAGE:
sh: yq '.machine.install.image' < "{{.FILE}}"
cmds:
- echo "Upgrading Talos on node {{.NODE}}"
- talosctl --nodes {{.NODE}} upgrade --image="{{.TALOS_IMAGE}}" --timeout=10m
- talosctl --nodes {{.NODE}} health --wait-timeout=10m --server=false
_apply-machineconfig: _apply-machineconfig:
internal: true internal: true
desc: Apply a single Talos machineConfig to a Talos node desc: Apply a single Talos machineConfig to a Talos node
cmds: vars:
- talosctl apply-config MODE: '{{.MODE | default "auto"}}'
--nodes "{{.hostname}}" preconditions:
--file "{{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig/{{.filename}}" - which talosctl
{{ if eq "true" .DRY_RUN }}--dry-run{{ end }} - test -f "{{.FILENAME}}"
requires: requires:
vars: vars:
- K8S_CLUSTER - K8S_CLUSTER
- hostname - HOSTNAME
- filename - FILENAME
preconditions: cmds:
- test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig/{{.filename}} - talosctl apply-config
--nodes "{{.HOSTNAME}}"
--file "{{.FILENAME}}"
--mode="{{.MODE}}"
{{ if eq "true" .INSECURE }}--insecure{{ end }}
{{ if eq "true" .DRY_RUN }}--dry-run{{ end }}

View file

@ -20,7 +20,7 @@ nodes:
ipAddress: 10.1.1.62 ipAddress: 10.1.1.62
controlPlane: true controlPlane: true
installDiskSelector: installDiskSelector:
wwid: naa.55cd2e4150654449 busPath: /pci0000:00/0000:00:1f.2/ata1/host0/target0:0:0/0:0:0:0/
networkInterfaces: networkInterfaces:
- interface: eno1 - interface: eno1
dhcp: true dhcp: true
@ -28,15 +28,16 @@ nodes:
customization: customization:
systemExtensions: systemExtensions:
officialExtensions: officialExtensions:
- siderolabs/i915
- siderolabs/intel-ucode - siderolabs/intel-ucode
- siderolabs/i915-ucode - siderolabs/glibc
- hostname: frodo - hostname: frodo
disableSearchDomain: true disableSearchDomain: true
ipAddress: 10.1.1.63 ipAddress: 10.1.1.63
controlPlane: true controlPlane: true
installDiskSelector: installDiskSelector:
wwid: naa.55cd2e4150650b54 busPath: /pci0000:00/0000:00:1f.2/ata1/host0/target0:0:0/0:0:0:0/
networkInterfaces: networkInterfaces:
- interface: eno1 - interface: eno1
dhcp: true dhcp: true
@ -44,15 +45,16 @@ nodes:
customization: customization:
systemExtensions: systemExtensions:
officialExtensions: officialExtensions:
- siderolabs/i915
- siderolabs/intel-ucode - siderolabs/intel-ucode
- siderolabs/i915-ucode - siderolabs/glibc
- hostname: sam - hostname: sam
disableSearchDomain: true disableSearchDomain: true
ipAddress: 10.1.1.64 ipAddress: 10.1.1.64
controlPlane: true controlPlane: true
installDiskSelector: installDiskSelector:
wwid: naa.55cd2e41521a8480 busPath: /pci0000:00/0000:00:1f.2/ata1/host0/target0:0:0/0:0:0:0/
networkInterfaces: networkInterfaces:
- interface: eno1 - interface: eno1
dhcp: true dhcp: true
@ -60,15 +62,16 @@ nodes:
customization: customization:
systemExtensions: systemExtensions:
officialExtensions: officialExtensions:
- siderolabs/i915
- siderolabs/intel-ucode - siderolabs/intel-ucode
- siderolabs/i915-ucode - siderolabs/glibc
- hostname: pippin - hostname: pippin
disableSearchDomain: true disableSearchDomain: true
ipAddress: 10.1.1.65 ipAddress: 10.1.1.65
controlPlane: false controlPlane: false
installDiskSelector: installDiskSelector:
wwid: naa.55cd2e4150155dbf busPath: /pci0000:00/0000:00:1f.2/ata1/host0/target0:0:0/0:0:0:0/
networkInterfaces: networkInterfaces:
- interface: eno1 - interface: eno1
dhcp: true dhcp: true
@ -76,8 +79,9 @@ nodes:
customization: customization:
systemExtensions: systemExtensions:
officialExtensions: officialExtensions:
- siderolabs/i915
- siderolabs/intel-ucode - siderolabs/intel-ucode
- siderolabs/i915-ucode - siderolabs/glibc
- hostname: merry - hostname: merry
disableSearchDomain: true disableSearchDomain: true
@ -103,15 +107,15 @@ nodes:
systemExtensions: systemExtensions:
officialExtensions: officialExtensions:
- siderolabs/amd-ucode - siderolabs/amd-ucode
- siderolabs/nonfree-kmod-nvidia-production
- siderolabs/nvidia-container-toolkit-production - siderolabs/nvidia-container-toolkit-production
- siderolabs/nvidia-open-gpu-kernel-modules-production
- siderolabs/glibc
- hostname: rosie - hostname: rosie
disableSearchDomain: true disableSearchDomain: true
ipAddress: 10.1.1.67 ipAddress: 10.1.1.67
controlPlane: false controlPlane: false
installDiskSelector: installDiskSelector:
wwid: naa.55cd2e4150a6183a busPath: /pci0000:00/0000:00:1f.2/ata1/host0/target0:0:0/0:0:0:0/
networkInterfaces: networkInterfaces:
- interface: eno1 - interface: eno1
dhcp: true dhcp: true
@ -119,8 +123,9 @@ nodes:
customization: customization:
systemExtensions: systemExtensions:
officialExtensions: officialExtensions:
- siderolabs/i915
- siderolabs/intel-ucode - siderolabs/intel-ucode
- siderolabs/i915-ucode - siderolabs/glibc
worker: worker:
schematic: schematic: