jahanson/theshire
1
0
Fork 0
Code Issues 1 Pull requests 4 Projects Releases Packages Wiki Activity Actions

Compare commits

base: jahanson:fddcb0198deb61c2cd0913dd0d6aa8c0015b5aa0
Branches Tags
jahanson:main
jahanson:renovate/quay.io-redlib-redlib-latest
jahanson:renovate/ghcr.io-siderolabs-kubelet-1.x
jahanson:renovate/patch-cilium
jahanson:renovate/coder-2.x
jahanson:shokoserver
jahanson:kasm-wip
jahanson:multus-app-template-style
jahanson:renovate/configure
jahanson:bgp->l2
jahanson:swap-to-zfs
..
compare: jahanson:e6c290d9b20ca7703cf0fe9d0546b1b15561cf9d
Branches Tags
jahanson:renovate/quay.io-redlib-redlib-latest
jahanson:main
jahanson:renovate/ghcr.io-siderolabs-kubelet-1.x
jahanson:renovate/patch-cilium
jahanson:renovate/coder-2.x
jahanson:shokoserver
jahanson:kasm-wip
jahanson:multus-app-template-style
jahanson:renovate/configure
jahanson:bgp->l2
jahanson:swap-to-zfs

No commits in common. "fddcb0198deb61c2cd0913dd0d6aa8c0015b5aa0" and "e6c290d9b20ca7703cf0fe9d0546b1b15561cf9d" have entirely different histories.
fddcb0198d ... e6c290d9b2

5 changed files with 86 additions and 70 deletions
Show stats Expand all files Collapse all files

146
.taskfiles/talos/Taskfile.yaml
View file

@ -2,122 +2,135 @@
# yaml-language-server: $schema=https://taskfile.dev/schema.json # yaml-language-server: $schema=https://taskfile.dev/schema.json
version: "3" version: "3"
vars:
RESOURCES_DIR: "{{.ROOT_DIR}}/.taskfiles/talos/resources"
CONTROLLER:
sh: talosctl --context {{.cluster}} config info --output json | jq --raw-output '.endpoints[]' | shuf -n 1
cluster: theshire
tasks: tasks:
bootstrap: bootstrap:
desc: Bootstrap Talos desc: Bootstrap Talos
summary: | summary: |
Args: Args:
CONTROLLER: Controller node to run command against (required) cluster: Cluster to run command against (default: theshire)
prompt: Bootstrap Talos on the '{{.K8S_CLUSTER}}' cluster... continue? controller: Controller node to run command against (required) (IP/DNS)
dotenv: ["{{.RESOURCES_DIR}}/.env"]
prompt: Bootstrap Talos on the cluster... continue?
cmds: cmds:
- task: bootstrap-etcd - task: bootstrap-etcd
vars: &vars vars: &vars
CONTROLLER: "{{.CONTROLER}}" controller: "{{.controller}}"
- task: fetch-kubeconfig - task: fetch-kubeconfig
vars: *vars vars: *vars
- task: bootstrap-integrations - task: bootstrap-integrations
vars: *vars vars: *vars
requires: requires:
vars: vars:
- K8S_CLUSTER - controller
- CONTROLLER
bootstrap-etcd: bootstrap-etcd:
desc: Bootstrap Etcd desc: Bootstrap Etcd
cmd: until talosctl --nodes {{.CONTROLLER}} bootstrap; do sleep 10; done dotenv: ["{{.RESOURCES_DIR}}/.env"]
cmd: until talosctl --context $CLUSTER --nodes {{.controller}} bootstrap; do sleep 10; done
requires: requires:
vars: vars:
- CONTROLLER - controller
bootstrap-integrations: bootstrap-integrations:
desc: Bootstrap core integrations needed for Talos desc: Bootstrap core integrations needed for Talos
dotenv: ["{{.RESOURCES_DIR}}/.env"]
cmds: cmds:
- until kubectl wait --for=condition=Ready=False nodes --all --timeout=600s; do sleep 10; done - until kubectl --context $CLUSTER wait --for=condition=Ready=False nodes --all --timeout=600s; do sleep 10; done
- helmfile --kube-context {{.K8S_CLUSTER}} --file {{.K8S_CLUSTER_DIR}}/bootstrap/helmfile.yaml apply --skip-diff-on-install --suppress-diff - helmfile --kube-context $CLUSTER --file {{.KUBERNETES_DIR}}/bootstrap/helmfile.yaml apply --skip-diff-on-install --suppress-diff
- until kubectl wait --for=condition=Ready nodes --all --timeout=600s; do sleep 10; done - until kubectl --context $CLUSTER wait --for=condition=Ready nodes --all --timeout=600s; do sleep 10; done
requires:
vars:
- K8S_CLUSTER
preconditions: preconditions:
- which helmfile - which helmfile
- sh: kubectl config get-contexts {{.K8S_CLUSTER}} - sh: kubectl config get-contexts $CLUSTER
msg: "Kubectl context {{.K8S_CLUSTER}} not found" msg: "Kubectl context $CLUSTER not found"
- test -f {{.K8S_CLUSTER_DIR}}/bootstrap/helmfile.yaml - test -f {{.KUBERNETES_DIR}}/bootstrap/helmfile.yaml
fetch-kubeconfig: fetch-kubeconfig:
desc: Fetch kubeconfig from Talos controllers desc: Fetch kubeconfig from Talos controllers
dotenv: ["{{.RESOURCES_DIR}}/.env"]
env: *vars
cmd: | cmd: |
talosctl kubeconfig --nodes {{.CONTROLLER}} \ talosctl --context $CLUSTER kubeconfig --nodes {{ .CONTROLLER }} \
--force --force-context-name {{.K8S_CLUSTER}} {{.K8S_CLUSTER_DIR}} --force --force-context-name $CLUSTER {{.ROOT_DIR}}/kubeconfig
requires: preconditions:
vars: - talosctl config get-contexts | grep $CLUSTER
- K8S_CLUSTER
generate-clusterconfig: generate-clusterconfig:
desc: Generate clusterconfig for Talos desc: Generate clusterconfig for Talos
dotenv: ["{{.RESOURCES_DIR}}/.env"]
cmds: cmds:
- talhelper genconfig - talhelper genconfig
--env-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml --env-file {{.KUBERNETES_DIR}}/bootstrap/talos/talenv.sops.yaml
--secret-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talsecret.sops.yaml --secret-file {{.KUBERNETES_DIR}}/bootstrap/talos/talsecret.sops.yaml
--config-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml --config-file {{.KUBERNETES_DIR}}/bootstrap/talos/talconfig.yaml
--out-dir {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig --out-dir {{.KUBERNETES_DIR}}/bootstrap/talos/clusterconfig
requires:
vars:
- K8S_CLUSTER
preconditions: preconditions:
- test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml - which talhelper
- test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talsecret.sops.yaml - test -f {{.KUBERNETES_DIR}}/bootstrap/talos/talenv.sops.yaml
- test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml - test -f {{.KUBERNETES_DIR}}/bootstrap/talos/talsecret.sops.yaml
- test -f {{.KUBERNETES_DIR}}/bootstrap/talos/talconfig.yaml
upgrade: upgrade:
desc: Upgrade Talos version for a node desc: Upgrade Talos version for a node
dotenv: ["{{.RESOURCES_DIR}}/.env"]
vars: vars:
TALOS_VERSION: TALOS_VERSION:
sh: | sh: |
yq -r ".talosVersion" {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml yq -r ".talosVersion" {{.KUBERNETES_DIR}}/bootstrap/talos/talconfig.yaml
TALOS_IMAGE: TALOS_IMAGE:
sh: | sh: |
talhelper genurl installer \ talhelper genurl installer \
--env-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml \ --env-file {{.KUBERNETES_DIR}}/bootstrap/talos/talenv.sops.yaml \
--config-file {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml \ --config-file {{.KUBERNETES_DIR}}/bootstrap/talos/talconfig.yaml
| grep {{.NODE}} \
| awk '{split($0,u," "); print u[2]}'
cmds: cmds:
- talosctl upgrade -n {{.NODE}} --image {{.TALOS_IMAGE }} - talosctl --context $CLUSTER upgrade -n {{.node}} --image {{.TALOS_IMAGE }}
requires: requires:
vars: vars:
- K8S_CLUSTER - node
- NODE
preconditions: preconditions:
- test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talenv.sops.yaml - which talhelper
- test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml - talosctl config get-contexts | grep $CLUSTER
- msg: "Talos image could not be determined for node={{.NODE}}" - test -f {{.KUBERNETES_DIR}}/bootstrap/talos/talenv.sops.yaml
- test -f {{.KUBERNETES_DIR}}/bootstrap/talos/talconfig.yaml
- msg: "Talos image could not be determined for {{.node}}"
sh: 'test -n "{{.TALOS_IMAGE}}"' sh: 'test -n "{{.TALOS_IMAGE}}"'
upgrade-k8s: upgrade-k8s:
desc: Upgrade Kubernetes version for a Talos cluster desc: Upgrade Kubernetes version for a Talos cluster
silent: false dotenv: ["{{.RESOURCES_DIR}}/.env"]
vars: vars:
KUBERNETES_VERSION: KUBERNETES_VERSION:
sh: | sh: |
yq -r ".kubernetesVersion" {{.K8S_CLUSTER_DIR}}/bootstrap/talos/talconfig.yaml yq -r ".kubernetesVersion" {{.KUBERNETES_DIR}}/bootstrap/talos/talconfig.yaml
TALOS_CONTROLLER: CONTROLPLANE_NODE:
sh: talosctl config info --output json | jq --raw-output '.endpoints[]' | shuf -n 1 sh: |
talosctl --context $CLUSTER config info \
| grep Endpoints: \
| awk '{split($0,u," "); print u[2]}' \
| sed -E 's/,//'
cmds: cmds:
- until kubectl wait --timeout=5m --for=condition=Complete jobs --all --all-namespaces; do sleep 10; done - talosctl upgrade-k8s -n {{.CONTROLPLANE_NODE}} --to {{.KUBERNETES_VERSION}}
- talosctl upgrade-k8s -n {{.TALOS_CONTROLLER}} --to {{.KUBERNETES_VERSION}}
requires:
vars:
- K8S_CLUSTER
preconditions: preconditions:
- talosctl config info &>/dev/null - which talhelper
- talosctl --nodes {{.TALOS_CONTROLLER}} get machineconfig &>/dev/null - talosctl config get-contexts | grep $CLUSTER
- test -f {{.KUBERNETES_DIR}}/bootstrap/talos/talenv.sops.yaml
- test -f {{.KUBERNETES_DIR}}/bootstrap/talos/talconfig.yaml
- msg: "Kubernetes version could not be determined for cluster $CLUSTER"
sh: 'test -n "{{.KUBERNETES_VERSION}}"'
- msg: "Control plane node could not be determined for cluster $CLUSTER"
sh: 'test -n "{{.CONTROLPLANE_NODE}}"'
apply-clusterconfig: apply-clusterconfig:
desc: Apply clusterconfig for a Talos cluster desc: Apply clusterconfig for a Talos cluster
dotenv: ["{{.RESOURCES_DIR}}/.env"]
vars: vars:
CLUSTERCONFIG_FILES: CLUSTERCONFIG_FILES:
sh: find {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig -type f -name '*.yaml' -printf '%f\n' sh: find {{.KUBERNETES_DIR}}/bootstrap/talos/clusterconfig -type f -name '*.yaml' -printf '%f\n'
cmds: cmds:
- for: - for:
var: CLUSTERCONFIG_FILES var: CLUSTERCONFIG_FILES
@ -125,24 +138,29 @@ tasks:
vars: vars:
filename: "{{.ITEM}}" filename: "{{.ITEM}}"
hostname: |- hostname: |-
{{ trimPrefix (printf "%s-" .K8S_CLUSTER) .ITEM | trimSuffix ".yaml" }} {{ trimPrefix (printf "%s-" .cluster) .ITEM | trimSuffix ".yaml" }}
DRY_RUN: "{{ .DRY_RUN }}" dry_run: "{{ .dry_run }}"
requires: preconditions:
vars: - talosctl config get-contexts | grep $CLUSTER
- K8S_CLUSTER - test -d {{.KUBERNETES_DIR}}/bootstrap/talos/clusterconfig
_apply-machineconfig: _apply-machineconfig:
internal: true internal: true
desc: Apply a single Talos machineConfig to a Talos node desc: Apply a single Talos machineConfig to a Talos node
dotenv: ["{{.RESOURCES_DIR}}/.env"]
cmds: cmds:
- talosctl apply-config - talosctl --context theshire apply-config
--nodes "{{.hostname}}" --nodes "{{.hostname}}"
--file "{{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig/{{.filename}}" --file "{{.KUBERNETES_DIR}}/bootstrap/talos/clusterconfig/{{.filename}}"
{{ if eq "true" .DRY_RUN }}--dry-run{{ end }} {{ if eq "true" .dry_run }}--dry-run{{ end }}
#--insecure
requires: requires:
vars: vars:
- K8S_CLUSTER
- hostname - hostname
- filename - filename
preconditions: preconditions:
- test -f {{.K8S_CLUSTER_DIR}}/bootstrap/talos/clusterconfig/{{.filename}} - talosctl config get-contexts | grep $CLUSTER
- test -f {{.KUBERNETES_DIR}}/bootstrap/talos/clusterconfig/{{.filename}}
version:
desc: Show Talos version
cmd: talosctl version

1
.taskfiles/talos/resources/.env Normal file
View file

@ -0,0 +1 @@
CLUSTER=theshire

2
Taskfile.yaml
View file

@ -5,8 +5,6 @@ vars:
KUBERNETES_DIR: "{{.ROOT_DIR}}/kubernetes" KUBERNETES_DIR: "{{.ROOT_DIR}}/kubernetes"
CLUSTER_SECRETS_FILE: "{{.CLUSTER_DIR}}/flux/vars/cluster-secrets.sops.env" CLUSTER_SECRETS_FILE: "{{.CLUSTER_DIR}}/flux/vars/cluster-secrets.sops.env"
CLUSTER_SETTINGS_FILE: "{{.CLUSTER_DIR}}/flux/vars/cluster-settings.env" CLUSTER_SETTINGS_FILE: "{{.CLUSTER_DIR}}/flux/vars/cluster-settings.env"
K8S_CLUSTER: '{{.K8S_CLUSTER | default "theshire"}}'
K8S_CLUSTER_DIR: '{{.KUBERNETES_DIR}}'
env: env:
KUBECONFIG: "{{.ROOT_DIR}}/kubeconfig" KUBECONFIG: "{{.ROOT_DIR}}/kubeconfig"

6
kubernetes/bootstrap/talos/talconfig.yaml
View file

@ -3,7 +3,7 @@
clusterName: theshire clusterName: theshire
talosVersion: v1.8.1 talosVersion: v1.8.1
kubernetesVersion: 1.31.1 kubernetesVersion: 1.30.2
endpoint: "https://10.1.1.57:6444" endpoint: "https://10.1.1.57:6444"
additionalApiServerCertSans: additionalApiServerCertSans:
@ -169,8 +169,8 @@ worker:
fs.inotify.max_queued_events: "65536" fs.inotify.max_queued_events: "65536"
fs.inotify.max_user_instances: "8192" fs.inotify.max_user_instances: "8192"
fs.inotify.max_user_watches: "524288" fs.inotify.max_user_watches: "524288"
net.core.rmem_max: "7500000" net.core.rmem_max: "2500000"
net.core.wmem_max: "7500000" net.core.wmem_max: "2500000"
- &nfsMountOptions |- - &nfsMountOptions |-
machine: machine:
files: files:

1
shell.nix
View file

@ -19,6 +19,5 @@ pkgs.mkShell {
age age
mqttui mqttui
kustomize kustomize
yq-go
]; ];
} }