Compare commits

..

5 commits

7 changed files with 44 additions and 21 deletions

View file

@ -17,7 +17,7 @@ cni:
exclusive: false exclusive: false
containerRuntime: containerRuntime:
integration: containerd integration: containerd
devices: enp+ devices: bond+
socketLB: socketLB:
enabled: false # supposed to be default off, but it's enabled anyway, and looks fun lol # TODO: 2024-06-02: temporarily turned off to attempt fixing endpoint creation timeout enabled: false # supposed to be default off, but it's enabled anyway, and looks fun lol # TODO: 2024-06-02: temporarily turned off to attempt fixing endpoint creation timeout
hostNamespaceOnly: true # KubeVirt compatibility hostNamespaceOnly: true # KubeVirt compatibility

View file

@ -24,7 +24,7 @@ spec:
{ {
"cniVersion": "0.3.1", "cniVersion": "0.3.1",
"logToStderr": true, "logToStderr": true,
"logLevel": "verbose", "logLevel": "info",
"binDir": "/opt/cni/bin", "binDir": "/opt/cni/bin",
"chrootDir": "/hostroot", "chrootDir": "/hostroot",
"cniConfigDir": "/host/etc/cni/net.d", "cniConfigDir": "/host/etc/cni/net.d",

View file

@ -12,14 +12,21 @@ spec:
"plugins": [ "plugins": [
{ {
"type": "macvlan", "type": "macvlan",
"master": "bond0", "master": "bond0.30",
"mode": "bridge", "mode": "bridge",
"capabilities": {
"ips": true
},
"ipam": { "ipam": {
"type": "static", "type": "static",
"routes": [ "routes": [
{ "dst": "10.1.2.0/24", "gw": "10.1.3.1" } { "dst": "10.1.2.0/24", "gw": "10.1.3.1" }
] ]
} }
},
{
"capabilities": { "mac": true },
"type": "tuning"
} }
] ]
} }

View file

@ -26,9 +26,9 @@ releases:
version: 1.2.2 version: 1.2.2
values: ["../apps/kube-system/kubelet-csr-approver/app/helm-values.yaml"] values: ["../apps/kube-system/kubelet-csr-approver/app/helm-values.yaml"]
needs: ["cilium"] needs: ["cilium"]
- name: spegel # - name: spegel
namespace: kube-system # namespace: kube-system
chart: oci://ghcr.io/spegel-org/helm-charts/spegel # chart: oci://ghcr.io/spegel-org/helm-charts/spegel
version: v0.0.23 # version: v0.0.23
values: ["../apps/kube-system/spegel/app/resources/values.yml"] # values: ["../apps/kube-system/spegel/app/resources/values.yml"]
wait: true # wait: true

View file

@ -18,7 +18,7 @@ talosctl bootstrap --nodes=10.1.1.61
### Install Cilium & Spegel ### Install Cilium & Spegel
```sh ```sh
helmfile apply -f kubernetes/bootstrap/talos/apps/helmfile.yaml helmfile apply -f kubernetes/bootstrap/helmfile.yaml
``` ```
## Flux Prep ## Flux Prep

View file

@ -4,13 +4,13 @@ clusterName: homelab
talosVersion: v1.8.0-alpha.1 talosVersion: v1.8.0-alpha.1
kubernetesVersion: 1.30.2 kubernetesVersion: 1.30.2
endpoint: "https://10.1.1.57:6443" endpoint: "https://${clusterEndpointIP}:6443"
additionalApiServerCertSans: additionalApiServerCertSans: &san
- 10.1.1.57 - ${clusterEndpointIP}
- "127.0.0.1" # KubePrism
additionalMachineCertSans: additionalMachineCertSans: *san
- 10.1.1.57
nodes: nodes:
- hostname: shadowfax - hostname: shadowfax
@ -24,10 +24,25 @@ nodes:
partitions: partitions:
- mountpoint: /var/mnt/nvme1 - mountpoint: /var/mnt/nvme1
networkInterfaces: networkInterfaces:
- interface: enp37s0f1 - interface: bond0
dhcp: true dhcp: true
- interface: enp37s0f0 bond:
dhcp: false mode: 802.3ad
xmitHashPolicy: layer3+4
lacpRate: fast
miimon: 100
deviceSelectors:
- hardwareAddr: 04:42:1a:ef:35:74
driver: ixgbe
- hardwareAddr: 04:42:1a:ef:35:75
driver: ixgbe
vlans:
- &vlan-iot
vlanId: 30
mtu: 1500
dhcp: true
dhcpOptions:
routeMetric: 4096
kernelModules: kernelModules:
- name: nvidia - name: nvidia
- name: nvidia_uvm - name: nvidia_uvm

View file

@ -1,4 +1,5 @@
CLUSTER: ENC[AES256_GCM,data:2U1tPNOF/w==,iv:BE6ZEuh9SJirZ48ICFuf7RqnJhfOOu6PjEXwLDPG6vU=,tag:zk5eyFqcOmui6d70LQ7WtA==,type:str] CLUSTER: ENC[AES256_GCM,data:2U1tPNOF/w==,iv:BE6ZEuh9SJirZ48ICFuf7RqnJhfOOu6PjEXwLDPG6vU=,tag:zk5eyFqcOmui6d70LQ7WtA==,type:str]
clusterEndpointIP: ENC[AES256_GCM,data:1gDw0FqQQZ9/,iv:OQ64In7KPn0nqWran1U2/oEHkHSyQsZNM8/beAN1C1M=,tag:diqiZHPcGZ7DVgZGFKJyJw==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -14,8 +15,8 @@ sops:
WUlNeVV1T2YxbjJCRU9ubVJheHNBTnMKzgZCLTz1Qo/91EFcHXxdKGosdRKKN/tB WUlNeVV1T2YxbjJCRU9ubVJheHNBTnMKzgZCLTz1Qo/91EFcHXxdKGosdRKKN/tB
VsfaNH/b5S2N8FN1wQ03Dn2nqwCqwiPAoNo8La/7ZHjzvNiXTCOFmQ== VsfaNH/b5S2N8FN1wQ03Dn2nqwCqwiPAoNo8La/7ZHjzvNiXTCOFmQ==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-06-18T16:49:44Z" lastmodified: "2024-08-08T13:48:53Z"
mac: ENC[AES256_GCM,data:OCyq3X7UvExLRAib1mTY1wPC0nvz4+ZQEdzzQ3NkI47aF/YB01clKZTUu4CfsE6px1V0DlmJCtTLP4HZM+BDIGOCF2SyeyzeKwEgc02avlkdjLgvYjRJF21m8yONipXeiyjh8x8AzE83MSvs9n3zzJkwCHNIwz9zpdEKQWsv2Hk=,iv:uB7Lgrv2ujS893c0KgbQW0jh5YOy0rTV99hvdDzJ1N0=,tag:wZLSEQRtRNuIQ6NPV+SH/g==,type:str] mac: ENC[AES256_GCM,data:SA9jJSCbgApT4qJfFNU/RVHhOX7ZdipQ6OmvBa4YqKEriUPD00ddp0musyQobdM3jrTK6P231FzwxYuAOQ+Y+xgWf+ylLyy/zcsVvdJbIzNPTsKwtC5J5zfhyvQK8fnRNP/3sP16X+jJ41iWF3yrPQ7nG7fGidsUPmpGDnGXKZg=,iv:dpHPBXm0OBeDGxbyMAu0qufoCahJb6u7d5KuHoP2d58=,tag:Mrnb8kGacrRvac5HF/BSvg==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.8.1 version: 3.8.1