Latest version of omni export.

.omni/omni-cluster-patchesyml.yml

@@ -1,35 +0,0 @@
-# Cluster
-machine:
-  sysctls:
-    fs.inotify.max_queued_events: "65536"
-    fs.inotify.max_user_instances: "8192"
-    fs.inotify.max_user_watches: "524288"
-  kubelet:
-    defaultRuntimeSeccompProfileEnabled: true
-
-    extraMounts:
-      - destination: /var/openebs/local
-        options:
-          - bind
-          - rshared
-          - rw
-        source: /var/openebs/local
-        type: bind
-  files:
-    - content: |-
-        [plugins."io.containerd.grpc.v1.cri"]
-          enable_unprivileged_ports = true
-          enable_unprivileged_icmp = true
-        [plugins."io.containerd.grpc.v1.cri".containerd]
-          discard_unpacked_layers = false
-        [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
-          discard_unpacked_layers = false
-      op: create
-      path: /etc/cri/conf.d/20-customization.part
-      permissions: 0
-cluster:
-  network:
-    cni:
-      name: none
-  proxy:
-    disabled: true

.omni/omni-cp-patches.yml

@@ -1,25 +0,0 @@
-# Control Plane
-cluster:
-  apiServer:
-    admissionControl:
-      - configuration:
-          exemptions:
-            namespaces:
-              - openebs-system
-              - security
-              - kyverno
-              - rook-ceph
-              - qbittorrent
-        name: PodSecurity
-    disablePodSecurityPolicy: true
-    extraArgs:
-      bind-address: 0.0.0.0
-  controllerManager:
-    extraArgs:
-      bind-address: 0.0.0.0
-  etcd:
-    extraArgs:
-      listen-metrics-urls: http://0.0.0.0:2381
-  scheduler:
-    extraArgs:
-      bind-address: 0.0.0.0

omni-homelab-export.yaml

@@ -1,52 +1,24 @@
 kind: Cluster
 name: homelab
 kubernetes:
-  version: v1.29.2
+  version: v1.29.3
 talos:
-  version: v1.6.4
+  version: v1.6.7
 features:
   backupConfiguration:
     interval: 1h0m0s
 patches:
-  - idOverride: 500-2f051f5c-7177-4cbb-b3c9-801e5eb556b1
-    annotations:
-      name: increase fs events
-    inline:
-      machine:
-        sysctls:
-          fs.inotify.max_queued_events: "65536"
-          fs.inotify.max_user_instances: "8192"
-          fs.inotify.max_user_watches: "524288"
-  - idOverride: 500-602f425a-d488-4ecd-a528-68118bfc6cb1
-    annotations:
-      name: openebs local mounts
-    inline:
-      machine:
-        kubelet:
-          extraMounts:
-            - destination: /var/openebs/local
-              options:
-                - bind
-                - rshared
-                - rw
-              source: /var/openebs/local
-              type: bind
-  - idOverride: 500-63fc2c84-33e5-42ae-b79e-e48928d8ef9a
-    annotations:
-      description: Disables flannel and kube-proxy to make way for cilium.
-      name: disable-cni
+  - idOverride: 200-homelab
     inline:
       cluster:
+        apiServer:
+          certSANs:
+            - 10.5.0.2
         network:
           cni:
             name: none
         proxy:
           disabled: true
-  - idOverride: 500-a6b7ecdb-884f-44b1-8eee-709a4b4d99a1
-    annotations:
-      description: Patch for spegel to work with containerd
-      name: spegel-containerd
-    inline:
       machine:
         files:
           - content: |-
@@ -60,48 +32,31 @@ patches:
             op: create
             path: /etc/cri/conf.d/20-customization.part
             permissions: 0
-  - idOverride: 500-b9b199c3-030b-48d2-a34b-dc47fa07372b
-    annotations:
-      name: default seccomp
-    inline:
-      machine:
         kubelet:
           defaultRuntimeSeccompProfileEnabled: true
+          extraMounts:
+            - destination: /var/openebs/local
+              options:
+                - bind
+                - rshared
+                - rw
+              source: /var/openebs/local
+              type: bind
+        sysctls:
+          fs.inotify.max_queued_events: "65536"
+          fs.inotify.max_user_instances: "8192"
+          fs.inotify.max_user_watches: "524288"
+        time:
+          disabled: false
+          servers:
+            - 10.1.1.1
 ---
 kind: ControlPlane
-machines:
-  - 4c4c4544-0038-4810-8057-b5c04f513232
-  - 4c4c4544-0047-3010-804a-b2c04f4d3232
-  - 4c4c4544-0047-4c10-8056-b7c04f513232
+machineClass:
+  name: dell-micro
+  size: 3
 patches:
-  - idOverride: 500-0b228a5c-62b8-4f22-9908-2e98dcd82559
-    annotations:
-      description: Enable several monitoring services on the control planes
-      name: monitoring
-    inline:
-      cluster:
-        apiServer:
-          extraArgs:
-            bind-address: 0.0.0.0
-        controllerManager:
-          extraArgs:
-            bind-address: 0.0.0.0
-        etcd:
-          extraArgs:
-            listen-metrics-urls: http://0.0.0.0:2381
-        scheduler:
-          extraArgs:
-            bind-address: 0.0.0.0
-  - idOverride: 500-c714a4d2-d205-4bc2-924b-aa1a4c174d9a
-    annotations:
-      name: disable pod security
-    inline:
-      cluster:
-        apiServer:
-          disablePodSecurityPolicy: true
-  - idOverride: 500-f7275be8-0f4a-40f0-8da8-d2dcaa93e575
-    annotations:
-      name: remove admission contollers
+  - idOverride: 400-homelab-control-planes
     inline:
       cluster:
         apiServer:
@@ -114,28 +69,88 @@ patches:
                     - kyverno
                     - rook-ceph
                     - qbittorrent
+                    - observability
+                    - home-automation
               name: PodSecurity
+          disablePodSecurityPolicy: true
+          extraArgs:
+            bind-address: 0.0.0.0
+        controllerManager:
+          extraArgs:
+            bind-address: 0.0.0.0
+        etcd:
+          extraArgs:
+            listen-metrics-urls: http://0.0.0.0:2381
+        scheduler:
+          extraArgs:
+            bind-address: 0.0.0.0
 ---
 kind: Workers
 machines:
-  - 325dfcd5-a5fa-d714-5037-8df713d9f4f1
-  - 4968005b-9579-5c15-6d32-7b58e850a7d9
+  - 00000000-0000-0000-0000-00d861319aa0
   - 95d6c80f-d76e-42c2-7e77-c9938b5b52bf
+  - e0380f77-9228-4679-9561-daef16748b94
 ---
 kind: Machine
-name: 325dfcd5-a5fa-d714-5037-8df713d9f4f1
----
-kind: Machine
-name: 4968005b-9579-5c15-6d32-7b58e850a7d9
----
-kind: Machine
-name: 4c4c4544-0038-4810-8057-b5c04f513232
----
-kind: Machine
-name: 4c4c4544-0047-3010-804a-b2c04f4d3232
----
-kind: Machine
-name: 4c4c4544-0047-4c10-8056-b7c04f513232
+name: 00000000-0000-0000-0000-00d861319aa0
+patches:
+  - idOverride: 500-29b8171e-4766-4f30-99a0-041e89c370fd
+    annotations:
+      name: Anduril-Net
+    inline:
+      machine:
+        network:
+          interfaces:
+            - bond:
+                deviceSelectors:
+                  - hardwareAddr: 00:d8:61:31:9a:a0
+                mode: active-backup
+              dhcp: true
+              interface: bond0
+  - idOverride: 500-d80a0219-be53-49c1-8bbc-4f734cd99a86
+    annotations:
+      name: Nvidia
+    inline:
+      machine:
+        kernel:
+          modules:
+            - name: nvidia
+            - name: nvidia_uvm
+            - name: nvidia_drm
+            - name: nvidia_modeset
+        sysctls:
+          net.core.bpf_jit_harden: 1
 ---
 kind: Machine
 name: 95d6c80f-d76e-42c2-7e77-c9938b5b52bf
+patches:
+  - idOverride: 500-5c55d5ef-2293-4e67-8dcc-0b93db9a43c4
+    annotations:
+      name: shadowfax-net
+    inline:
+      machine:
+        network:
+          interfaces:
+            - bond:
+                deviceSelectors:
+                  - hardwareAddr: 0e:46:8d:59:24:ca
+                mode: active-backup
+              dhcp: true
+              interface: bond0
+---
+kind: Machine
+name: e0380f77-9228-4679-9561-daef16748b94
+patches:
+  - idOverride: 500-669e0035-eeea-44ea-880e-1dc7a2c496dd
+    annotations:
+      name: Gandalf-Net
+    inline:
+      machine:
+        network:
+          interfaces:
+            - bond:
+                deviceSelectors:
+                  - hardwareAddr: 00:25:90:85:51:ca
+                mode: active-backup
+              dhcp: true
+              interface: bond0