Compare commits

..

2 commits

Author SHA1 Message Date
fddcb0198d
update to k8s 1.31.1 2024-11-06 08:04:23 -06:00
b49ed58d67
update talos taskfile and yq version 2024-11-06 08:04:05 -06:00
5 changed files with 70 additions and 86 deletions

View file

@ -2,135 +2,122 @@
# yaml-language-server: $schema=https://taskfile.dev/schema.json # yaml-language-server: $schema=https://taskfile.dev/schema.json
version: "3" version: "3"
vars:
RESOURCES_DIR: "{{.ROOT_DIR}}/.taskfiles/talos/resources"
CONTROLLER:
sh: talosctl --context {{.cluster}} config info --output json | jq --raw-output '.endpoints[]' | shuf -n 1
cluster: theshire
tasks: tasks:
bootstrap: bootstrap:
desc: Bootstrap Talos desc: Bootstrap Talos
summary: | summary: |
Args: Args:
cluster: Cluster to run command against (default: theshire) CONTROLLER: Controller node to run command against (required)
controller: Controller node to run command against (required) (IP/DNS) prompt: Bootstrap Talos on the '{{.K8S_CLUSTER}}' cluster... continue?
dotenv: ["{{.RESOURCES_DIR}}/.env"]
prompt: Bootstrap Talos on the cluster... continue?
cmds: cmds:
- task: bootstrap-etcd - task: bootstrap-etcd
vars: &vars vars: &vars
controller: "{{.controller}}" CONTROLLER: "{{.CONTROLER}}"
- task: fetch-kubeconfig - task: fetch-kubeconfig
vars: *vars vars: *vars
- task: bootstrap-integrations - task: bootstrap-integrations
vars: *vars vars: *vars
requires: requires:
vars: vars:
- controller - K8S_CLUSTER
- CONTROLLER
bootstrap-etcd: bootstrap-etcd:
desc: Bootstrap Etcd desc: Bootstrap Etcd
dotenv: ["{{.RESOURCES_DIR}}/.env"] cmd: until talosctl --nodes {{.CONTROLLER}} bootstrap; do sleep 10; done
cmd: until talosctl --context $CLUSTER --nodes {{.controller}} bootstrap; do sleep 10; done
requires: requires:
vars: vars:
- controller - CONTROLLER
bootstrap-integrations: bootstrap-integrations:
desc: Bootstrap core integrations needed for Talos desc: Bootstrap core integrations needed for Talos
dotenv: ["{{.RESOURCES_DIR}}/.env"]
cmds: cmds:
- until kubectl --context $CLUSTER wait --for=condition=Ready=False nodes --all --timeout=600s; do sleep 10; done - until kubectl wait --for=condition=Ready=False nodes --all --timeout=600s; do sleep 10; done
- helmfile --kube-context $CLUSTER --file {{.KUBERNETES_DIR}}/bootstrap/helmfile.yaml apply --skip-diff-on-install --suppress-diff - helmfile --kube-context {{.K8S_CLUSTER}} --file {{.K8S_CLUSTER_DIR}}/bootstrap/helmfile.yaml apply --skip-diff-on-install --suppress-diff
- until kubectl --context $CLUSTER wait --for=condition=Ready nodes --all --timeout=600s; do sleep 10; done - until kubectl wait --for=condition=Ready nodes --all --timeout=600s; do sleep 10; done
requires:
vars:
- K8S_CLUSTER
preconditions: preconditions:
- which helmfile - which helmfile
- sh: kubectl config get-contexts $CLUSTER - sh: kubectl config get-contexts {{.K8S_CLUSTER}}
msg: "Kubectl context $CLUSTER not found" msg: "Kubectl context {{.K8S_CLUSTER}} not found"
- test -f {{.KUBERNETES_DIR}}/bootstrap/helmfile.yaml - test -f {{.K8S_CLUSTER_DIR}}/bootstrap/helmfile.yaml
fetch-kubeconfig: fetch-kubeconfig:
desc: Fetch kubeconfig from Talos controllers desc: Fetch kubeconfig from Talos controllers
dotenv: ["{{.RESOURCES_DIR}}/.env"]
env: *vars
cmd: | cmd: |
talosctl --context $CLUSTER kubeconfig --nodes {{ .CONTROLLER }} \ talosctl kubeconfig --nodes {{.CONTROLLER}} \
--force --force-context-name $CLUSTER {{.ROOT_DIR}}/kubeconfig --force --force-context-name {{.K8S_CLUSTER}} {{.K8S_CLUSTER_DIR}}
preconditions: requires:
- talosctl config get-contexts | grep $CLUSTER vars:
- K8S_CLUSTER
generate-clusterconfig: generate-clusterconfig:
desc: Generate clusterconfig for Talos desc: Generate clusterconfig for Talos
dotenv: ["{{.RESOURCES_DIR}}/.env"]
cmds: cmds:
- talhelper genconfig - talhelper genconfig
--env-file {{.KUBERNETES_DIR}}/bootstrap/talos/talenv.sops.yaml --env-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml
--secret-file {{.KUBERNETES_DIR}}/bootstrap/talos/talsecret.sops.yaml --secret-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talsecret.sops.yaml
--config-file {{.KUBERNETES_DIR}}/bootstrap/talos/talconfig.yaml --config-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml
--out-dir {{.KUBERNETES_DIR}}/bootstrap/talos/clusterconfig --out-dir {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig
requires:
vars:
- K8S_CLUSTER
preconditions: preconditions:
- which talhelper - test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml
- test -f {{.KUBERNETES_DIR}}/bootstrap/talos/talenv.sops.yaml - test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talsecret.sops.yaml
- test -f {{.KUBERNETES_DIR}}/bootstrap/talos/talsecret.sops.yaml - test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml
- test -f {{.KUBERNETES_DIR}}/bootstrap/talos/talconfig.yaml
upgrade: upgrade:
desc: Upgrade Talos version for a node desc: Upgrade Talos version for a node
dotenv: ["{{.RESOURCES_DIR}}/.env"]
vars: vars:
TALOS_VERSION: TALOS_VERSION:
sh: | sh: |
yq -r ".talosVersion" {{.KUBERNETES_DIR}}/bootstrap/talos/talconfig.yaml yq -r ".talosVersion" {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml
TALOS_IMAGE: TALOS_IMAGE:
sh: | sh: |
talhelper genurl installer \ talhelper genurl installer \
--env-file {{.KUBERNETES_DIR}}/bootstrap/talos/talenv.sops.yaml \ --env-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml \
--config-file {{.KUBERNETES_DIR}}/bootstrap/talos/talconfig.yaml --config-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml \
| grep {{.NODE}} \
| awk '{split($0,u," "); print u[2]}'
cmds: cmds:
- talosctl --context $CLUSTER upgrade -n {{.node}} --image {{.TALOS_IMAGE }} - talosctl upgrade -n {{.NODE}} --image {{.TALOS_IMAGE }}
requires: requires:
vars: vars:
- node - K8S_CLUSTER
- NODE
preconditions: preconditions:
- which talhelper - test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml
- talosctl config get-contexts | grep $CLUSTER - test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml
- test -f {{.KUBERNETES_DIR}}/bootstrap/talos/talenv.sops.yaml - msg: "Talos image could not be determined for node={{.NODE}}"
- test -f {{.KUBERNETES_DIR}}/bootstrap/talos/talconfig.yaml
- msg: "Talos image could not be determined for {{.node}}"
sh: 'test -n "{{.TALOS_IMAGE}}"' sh: 'test -n "{{.TALOS_IMAGE}}"'
upgrade-k8s: upgrade-k8s:
desc: Upgrade Kubernetes version for a Talos cluster desc: Upgrade Kubernetes version for a Talos cluster
dotenv: ["{{.RESOURCES_DIR}}/.env"] silent: false
vars: vars:
KUBERNETES_VERSION: KUBERNETES_VERSION:
sh: | sh: |
yq -r ".kubernetesVersion" {{.KUBERNETES_DIR}}/bootstrap/talos/talconfig.yaml yq -r ".kubernetesVersion" {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml
CONTROLPLANE_NODE: TALOS_CONTROLLER:
sh: | sh: talosctl config info --output json | jq --raw-output '.endpoints[]' | shuf -n 1
talosctl --context $CLUSTER config info \
| grep Endpoints: \
| awk '{split($0,u," "); print u[2]}' \
| sed -E 's/,//'
cmds: cmds:
- talosctl upgrade-k8s -n {{.CONTROLPLANE_NODE}} --to {{.KUBERNETES_VERSION}} - until kubectl wait --timeout=5m --for=condition=Complete jobs --all --all-namespaces; do sleep 10; done
- talosctl upgrade-k8s -n {{.TALOS_CONTROLLER}} --to {{.KUBERNETES_VERSION}}
requires:
vars:
- K8S_CLUSTER
preconditions: preconditions:
- which talhelper - talosctl config info &>/dev/null
- talosctl config get-contexts | grep $CLUSTER - talosctl --nodes {{.TALOS_CONTROLLER}} get machineconfig &>/dev/null
- test -f {{.KUBERNETES_DIR}}/bootstrap/talos/talenv.sops.yaml
- test -f {{.KUBERNETES_DIR}}/bootstrap/talos/talconfig.yaml
- msg: "Kubernetes version could not be determined for cluster $CLUSTER"
sh: 'test -n "{{.KUBERNETES_VERSION}}"'
- msg: "Control plane node could not be determined for cluster $CLUSTER"
sh: 'test -n "{{.CONTROLPLANE_NODE}}"'
apply-clusterconfig: apply-clusterconfig:
desc: Apply clusterconfig for a Talos cluster desc: Apply clusterconfig for a Talos cluster
dotenv: ["{{.RESOURCES_DIR}}/.env"]
vars: vars:
CLUSTERCONFIG_FILES: CLUSTERCONFIG_FILES:
sh: find {{.KUBERNETES_DIR}}/bootstrap/talos/clusterconfig -type f -name '*.yaml' -printf '%f\n' sh: find {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig -type f -name '*.yaml' -printf '%f\n'
cmds: cmds:
- for: - for:
var: CLUSTERCONFIG_FILES var: CLUSTERCONFIG_FILES
@ -138,29 +125,24 @@ tasks:
vars: vars:
filename: "{{.ITEM}}" filename: "{{.ITEM}}"
hostname: |- hostname: |-
{{ trimPrefix (printf "%s-" .cluster) .ITEM | trimSuffix ".yaml" }} {{ trimPrefix (printf "%s-" .K8S_CLUSTER) .ITEM | trimSuffix ".yaml" }}
dry_run: "{{ .dry_run }}" DRY_RUN: "{{ .DRY_RUN }}"
preconditions: requires:
- talosctl config get-contexts | grep $CLUSTER vars:
- test -d {{.KUBERNETES_DIR}}/bootstrap/talos/clusterconfig - K8S_CLUSTER
_apply-machineconfig: _apply-machineconfig:
internal: true internal: true
desc: Apply a single Talos machineConfig to a Talos node desc: Apply a single Talos machineConfig to a Talos node
dotenv: ["{{.RESOURCES_DIR}}/.env"]
cmds: cmds:
- talosctl --context theshire apply-config - talosctl apply-config
--nodes "{{.hostname}}" --nodes "{{.hostname}}"
--file "{{.KUBERNETES_DIR}}/bootstrap/talos/clusterconfig/{{.filename}}" --file "{{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig/{{.filename}}"
{{ if eq "true" .dry_run }}--dry-run{{ end }} {{ if eq "true" .DRY_RUN }}--dry-run{{ end }}
#--insecure
requires: requires:
vars: vars:
- K8S_CLUSTER
- hostname - hostname
- filename - filename
preconditions: preconditions:
- talosctl config get-contexts | grep $CLUSTER - test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig/{{.filename}}
- test -f {{.KUBERNETES_DIR}}/bootstrap/talos/clusterconfig/{{.filename}}
version:
desc: Show Talos version
cmd: talosctl version

View file

@ -1 +0,0 @@
CLUSTER=theshire

View file

@ -5,6 +5,8 @@ vars:
KUBERNETES_DIR: "{{.ROOT_DIR}}/kubernetes" KUBERNETES_DIR: "{{.ROOT_DIR}}/kubernetes"
CLUSTER_SECRETS_FILE: "{{.CLUSTER_DIR}}/flux/vars/cluster-secrets.sops.env" CLUSTER_SECRETS_FILE: "{{.CLUSTER_DIR}}/flux/vars/cluster-secrets.sops.env"
CLUSTER_SETTINGS_FILE: "{{.CLUSTER_DIR}}/flux/vars/cluster-settings.env" CLUSTER_SETTINGS_FILE: "{{.CLUSTER_DIR}}/flux/vars/cluster-settings.env"
K8S_CLUSTER: '{{.K8S_CLUSTER | default "theshire"}}'
K8S_CLUSTER_DIR: '{{.KUBERNETES_DIR}}'
env: env:
KUBECONFIG: "{{.ROOT_DIR}}/kubeconfig" KUBECONFIG: "{{.ROOT_DIR}}/kubeconfig"

View file

@ -3,7 +3,7 @@
clusterName: theshire clusterName: theshire
talosVersion: v1.8.1 talosVersion: v1.8.1
kubernetesVersion: 1.30.2 kubernetesVersion: 1.31.1
endpoint: "https://10.1.1.57:6444" endpoint: "https://10.1.1.57:6444"
additionalApiServerCertSans: additionalApiServerCertSans:
@ -169,8 +169,8 @@ worker:
fs.inotify.max_queued_events: "65536" fs.inotify.max_queued_events: "65536"
fs.inotify.max_user_instances: "8192" fs.inotify.max_user_instances: "8192"
fs.inotify.max_user_watches: "524288" fs.inotify.max_user_watches: "524288"
net.core.rmem_max: "2500000" net.core.rmem_max: "7500000"
net.core.wmem_max: "2500000" net.core.wmem_max: "7500000"
- &nfsMountOptions |- - &nfsMountOptions |-
machine: machine:
files: files:

View file

@ -19,5 +19,6 @@ pkgs.mkShell {
age age
mqttui mqttui
kustomize kustomize
yq-go
]; ];
} }