valinor/talos/talconfig.yaml

---
clusterName: valinor

talosVersion: v1.5.5
kubernetesVersion: 1.28.4
endpoint: "https://10.2.0.3:6443"

cniConfig:
  name: none

additionalApiServerCertSans:
  - 10.2.0.3

additionalMachineCertSans:
  - 10.2.0.3

nodes:
  # cloud CAX21 Arm64
  - hostname: aule
    disableSearchDomain: true
    ipAddress: 10.2.0.4
    controlPlane: true
    installDiskSelector:
      busPath: /dev/sda
    networkInterfaces:
      - interface: eth0
        dhcp: true
      - interface: eth1
        dhcp: true
        routes:
          - network: 10.2.0.0/16
            gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).
            metric: 2048
  # cloud CAX21 Arm64
  - hostname: arlen
    disableSearchDomain: true
    ipAddress: 10.2.0.5
    controlPlane: true
    installDiskSelector:
      busPath: /dev/sda
    networkInterfaces:
      - interface: eth0
        dhcp: true
      - interface: eth1
        dhcp: true
        routes:
          - network: 10.2.0.0/16
            gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).
            metric: 2048
  # cloud CAX21 Arm64
  - hostname: eonwe
    disableSearchDomain: true
    ipAddress: 10.2.0.6
    controlPlane: true
    installDiskSelector:
      busPath: /dev/sda
    networkInterfaces:
      - interface: eth0
        dhcp: true
      - interface: eth1
        dhcp: true
        routes:
          - network: 10.2.0.0/16
            gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).
            metric: 2048
  # Bare-metal AX41-Nvme - AMD Ryzen 5 3600 6-Core Processor (Zen2) - 64GB ECC RAM
  - hostname: nienna
    disableSearchDomain: true
    ipAddress: 10.2.1.2
    controlPlane: false
    # customization:
    #   extraKernelArgs:
    #     - net.ifnames=0
    #   systemExtensions:
    #     officialExtensions:
    #       - siderolabs/amd-ucode
    #       - siderolabs/qemu-guest-agent
    talosImageURL: factory.talos.dev/installer/696bb48d9c48e567596f393a4ff9bfd26d4dda5d92c16beb580e96fa68d6324c
    # https://factory.talos.dev/image/696bb48d9c48e567596f393a4ff9bfd26d4dda5d92c16beb580e96fa68d6324c/v1.5.5/metal-amd64.iso
    # no guest agent in the raw.xz image
    # https://factory.talos.dev/image/6c789e7a3eec37617fd9d239a7f696ba48e75bc4780f5cb30bf8882686d79a22/v1.5.5/metal-amd64.raw.xz
    installDiskSelector:
      busPath: /pci0000:00/0000:00:0a.0/virtio2/
      # Ceph Disk Fast: /pci0000:00/0000:00:11.0/nvme/nvme0/nvme0n1
      # Ceph Disk Large: /pci0000:00/0000:00:10.0/ata1/host0/target0:0:0/0:0:0:0/
    networkInterfaces:
      - interface: eth0
        dhcp: true
      - interface: eth1
        dhcp: false
        vlans:
          - vlanId: 4010
            mtu: 1400
            addresses:
              - 10.2.1.2/24
            dhcp: false
            routes:
              - network: 10.2.0.0/16
                gateway: 10.2.1.1 # The route's gateway (if empty, creates link scope route).
                metric: 2048
  # VM on EX44 - Intel Gen 13 (Raptor Lake) - 64GB RAM
  - hostname: orome
    disableSearchDomain: true
    ipAddress: 10.2.1.3
    controlPlane: false
    # customization:
    #     extraKernelArgs:
    #         - net.ifnames=0
    #     systemExtensions:
    #         officialExtensions:
    #             - siderolabs/i915-ucode
    #             - siderolabs/intel-ucode
    #             - siderolabs/qemu-guest-agent
    talosImageURL: factory.talos.dev/installer/f2f665587318c2d79e7b315cc333fff276ed59c8de831f16e28b4db107496ac2
    # https://factory.talos.dev/image/f2f665587318c2d79e7b315cc333fff276ed59c8de831f16e28b4db107496ac2/metal-amd64.iso
    installDiskSelector:
      busPath: /pci0000:00/0000:00:0a.0/virtio2/
      # Ceph Disk: /dev/disk/by-id/nvme-SAMSUNG_MZVL2512HCJQ-00B00_S675NU0TB36132
    networkInterfaces:
      - interface: eth0
        dhcp: true
      - interface: eth1
        dhcp: false
        vlans:
          - vlanId: 4010
            mtu: 1400
            addresses:
              - 10.2.1.3/24
            dhcp: false
            routes:
              - network: 10.2.0.0/16
                gateway: 10.2.1.1 # The route's gateway (if empty, creates link scope route).
                metric: 2048
worker:
  patches:
    - |-
      cluster:
        externalCloudProvider:
          enabled: true
          manifests:
            - https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/latest/download/ccm.yaml
      machine:
        sysctls:
            fs.inotify.max_user_watches: "1048576"
            fs.inotify.max_user_instances: "8192"
        time:
          disabled: false
          servers:
            - ntp.hetzner.com
        kubelet:
          extraArgs:
            feature-gates: CronJobTimeZone=true,GracefulNodeShutdown=true,NewVolumeManagerReconstruction=false
            rotate-server-certificates: "true"
          extraConfig:
            maxPods: 150
          nodeIP:
            validSubnets:
                - 10.2.0.0/16
controlPlane:
  patches:
    - |-
      cluster:
        allowSchedulingOnMasters: true
        externalCloudProvider:
          enabled: true
          manifests:
            - https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/latest/download/ccm.yaml
        network:
          cni:
            name: none
        proxy:
          disabled: true
        etcd:
          advertisedSubnets:
            - 10.2.0.0/24

    - |-
      - op: remove
        path: /cluster/apiServer/admissionControl

    - |-
      machine:
        features:
          kubePrism:
            enabled: true
            port: 7445

        files:
          - op: create
            path: /etc/cri/conf.d/20-customization.part
            content: |
              [plugins]
                [plugins."io.containerd.grpc.v1.cri"]
                  enable_unprivileged_ports = true
                  enable_unprivileged_icmp = true
        kubelet:
          extraArgs:
            feature-gates: CronJobTimeZone=true,GracefulNodeShutdown=true,NewVolumeManagerReconstruction=false
            rotate-server-certificates: "true"
          extraConfig:
            maxPods: 150
          nodeIP:
            validSubnets:
                - 10.2.0.0/16
        network:
          extraHostEntries:
            - ip: 10.2.0.3
        sysctls:
          fs.inotify.max_user_watches: "1048576"
          fs.inotify.max_user_instances: "8192"
        time:
          disabled: false
          servers:
            - ntp.hetzner.com
Updating for talos infra. 2023-09-25 19:21:40 -05:00			`---`
The great restructuring. 2023-11-20 16:23:36 -06:00			`clusterName: valinor`
Updating for talos infra. 2023-09-25 19:21:40 -05:00
The great restructuring. 2023-11-20 16:23:36 -06:00			`talosVersion: v1.5.5`
Updated to k8s 1.28.4 and nienna legacy ifnames. 2023-11-30 09:25:16 -06:00			`kubernetesVersion: 1.28.4`
The great restructuring. 2023-11-20 16:23:36 -06:00			`endpoint: "https://10.2.0.3:6443"`
Updating for talos infra. 2023-09-25 19:21:40 -05:00
			`cniConfig:`
			`name: none`

			`additionalApiServerCertSans:`
The great restructuring. 2023-11-20 16:23:36 -06:00			`- 10.2.0.3`
Updating for talos infra. 2023-09-25 19:21:40 -05:00
			`additionalMachineCertSans:`
The great restructuring. 2023-11-20 16:23:36 -06:00			`- 10.2.0.3`
Updating for talos infra. 2023-09-25 19:21:40 -05:00
			`nodes:`
The great restructuring. 2023-11-20 16:23:36 -06:00			`# cloud CAX21 Arm64`
update hostnames and making nienna use legacy net interface names 2023-11-30 11:26:33 -06:00			`- hostname: aule`
Updating for talos infra. 2023-09-25 19:21:40 -05:00			`disableSearchDomain: true`
The great restructuring. 2023-11-20 16:23:36 -06:00			`ipAddress: 10.2.0.4`
Updating for talos infra. 2023-09-25 19:21:40 -05:00			`controlPlane: true`
			`installDiskSelector:`
Rename disk path. 2023-09-26 10:15:35 -05:00			`busPath: /dev/sda`
Updating for talos infra. 2023-09-25 19:21:40 -05:00			`networkInterfaces:`
			`- interface: eth0`
			`dhcp: true`
Adding static routes. 2023-09-26 17:18:36 -05:00			`- interface: eth1`
			`dhcp: true`
			`routes:`
			`- network: 10.2.0.0/16`
The great restructuring. 2023-11-20 16:23:36 -06:00			`gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).`
Adding static routes. 2023-09-26 17:18:36 -05:00			`metric: 2048`
The great restructuring. 2023-11-20 16:23:36 -06:00			`# cloud CAX21 Arm64`
update hostnames and making nienna use legacy net interface names 2023-11-30 11:26:33 -06:00			`- hostname: arlen`
Updating for talos infra. 2023-09-25 19:21:40 -05:00			`disableSearchDomain: true`
Updating private ips. 2023-09-26 09:31:31 -05:00			`ipAddress: 10.2.0.5`
Updating for talos infra. 2023-09-25 19:21:40 -05:00			`controlPlane: true`
			`installDiskSelector:`
Rename disk path. 2023-09-26 10:15:35 -05:00			`busPath: /dev/sda`
Updating for talos infra. 2023-09-25 19:21:40 -05:00			`networkInterfaces:`
			`- interface: eth0`
			`dhcp: true`
Adding static routes. 2023-09-26 17:18:36 -05:00			`- interface: eth1`
			`dhcp: true`
			`routes:`
			`- network: 10.2.0.0/16`
The great restructuring. 2023-11-20 16:23:36 -06:00			`gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).`
Adding static routes. 2023-09-26 17:18:36 -05:00			`metric: 2048`
The great restructuring. 2023-11-20 16:23:36 -06:00			`# cloud CAX21 Arm64`
update hostnames and making nienna use legacy net interface names 2023-11-30 11:26:33 -06:00			`- hostname: eonwe`
Updating for talos infra. 2023-09-25 19:21:40 -05:00			`disableSearchDomain: true`
The great restructuring. 2023-11-20 16:23:36 -06:00			`ipAddress: 10.2.0.6`
Updating for talos infra. 2023-09-25 19:21:40 -05:00			`controlPlane: true`
			`installDiskSelector:`
Rename disk path. 2023-09-26 10:15:35 -05:00			`busPath: /dev/sda`
Updating for talos infra. 2023-09-25 19:21:40 -05:00			`networkInterfaces:`
			`- interface: eth0`
			`dhcp: true`
Adding static routes. 2023-09-26 17:18:36 -05:00			`- interface: eth1`
			`dhcp: true`
			`routes:`
			`- network: 10.2.0.0/16`
The great restructuring. 2023-11-20 16:23:36 -06:00			`gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).`
Adding static routes. 2023-09-26 17:18:36 -05:00			`metric: 2048`
The great restructuring. 2023-11-20 16:23:36 -06:00			`# Bare-metal AX41-Nvme - AMD Ryzen 5 3600 6-Core Processor (Zen2) - 64GB ECC RAM`
update hostnames and making nienna use legacy net interface names 2023-11-30 11:26:33 -06:00			`- hostname: nienna`
Added 3 worker nodes. 2023-10-02 12:27:07 -05:00			`disableSearchDomain: true`
The great restructuring. 2023-11-20 16:23:36 -06:00			`ipAddress: 10.2.1.2`
Added 3 worker nodes. 2023-10-02 12:27:07 -05:00			`controlPlane: false`
The great restructuring. 2023-11-20 16:23:36 -06:00			`# customization:`
Update orome and nienna for new drives and net devices. 2023-12-08 22:17:50 -06:00			`# extraKernelArgs:`
			`# - net.ifnames=0`
			`# systemExtensions:`
The great restructuring. 2023-11-20 16:23:36 -06:00			`# officialExtensions:`
Update orome and nienna for new drives and net devices. 2023-12-08 22:17:50 -06:00			`# - siderolabs/amd-ucode`
			`# - siderolabs/qemu-guest-agent`
			`talosImageURL: factory.talos.dev/installer/696bb48d9c48e567596f393a4ff9bfd26d4dda5d92c16beb580e96fa68d6324c`
			`# https://factory.talos.dev/image/696bb48d9c48e567596f393a4ff9bfd26d4dda5d92c16beb580e96fa68d6324c/v1.5.5/metal-amd64.iso`
			`# no guest agent in the raw.xz image`
Moving back to ceph. 2023-12-03 15:49:26 -06:00			`# https://factory.talos.dev/image/6c789e7a3eec37617fd9d239a7f696ba48e75bc4780f5cb30bf8882686d79a22/v1.5.5/metal-amd64.raw.xz`
Added 3 worker nodes. 2023-10-02 12:27:07 -05:00			`installDiskSelector:`
Update orome and nienna for new drives and net devices. 2023-12-08 22:17:50 -06:00			`busPath: /pci0000:00/0000:00:0a.0/virtio2/`
			`# Ceph Disk Fast: /pci0000:00/0000:00:11.0/nvme/nvme0/nvme0n1`
			`# Ceph Disk Large: /pci0000:00/0000:00:10.0/ata1/host0/target0:0:0/0:0:0:0/`
Added 3 worker nodes. 2023-10-02 12:27:07 -05:00			`networkInterfaces:`
Updated to k8s 1.28.4 and nienna legacy ifnames. 2023-11-30 09:25:16 -06:00			`- interface: eth0`
Added 3 worker nodes. 2023-10-02 12:27:07 -05:00			`dhcp: true`
Update orome and nienna for new drives and net devices. 2023-12-08 22:17:50 -06:00			`- interface: eth1`
			`dhcp: false`
The great restructuring. 2023-11-20 16:23:36 -06:00			`vlans:`
			`- vlanId: 4010`
			`mtu: 1400`
			`addresses:`
			`- 10.2.1.2/24`
			`dhcp: false`
			`routes:`
			`- network: 10.2.0.0/16`
			`gateway: 10.2.1.1 # The route's gateway (if empty, creates link scope route).`
			`metric: 2048`
Added Orome, EX44 2023-12-02 00:07:50 -06:00			`# VM on EX44 - Intel Gen 13 (Raptor Lake) - 64GB RAM`
			`- hostname: orome`
			`disableSearchDomain: true`
			`ipAddress: 10.2.1.3`
			`controlPlane: false`
			`# customization:`
			`# extraKernelArgs:`
			`# - net.ifnames=0`
			`# systemExtensions:`
			`# officialExtensions:`
			`# - siderolabs/i915-ucode`
			`# - siderolabs/intel-ucode`
			`# - siderolabs/qemu-guest-agent`
			`talosImageURL: factory.talos.dev/installer/f2f665587318c2d79e7b315cc333fff276ed59c8de831f16e28b4db107496ac2`
Update orome and nienna for new drives and net devices. 2023-12-08 22:17:50 -06:00			`# https://factory.talos.dev/image/f2f665587318c2d79e7b315cc333fff276ed59c8de831f16e28b4db107496ac2/metal-amd64.iso`
Added Orome, EX44 2023-12-02 00:07:50 -06:00			`installDiskSelector:`
Moving back to ceph. 2023-12-03 15:49:26 -06:00			`busPath: /pci0000:00/0000:00:0a.0/virtio2/`
			`# Ceph Disk: /dev/disk/by-id/nvme-SAMSUNG_MZVL2512HCJQ-00B00_S675NU0TB36132`
Added Orome, EX44 2023-12-02 00:07:50 -06:00			`networkInterfaces:`
			`- interface: eth0`
			`dhcp: true`
			`- interface: eth1`
			`dhcp: false`
			`vlans:`
			`- vlanId: 4010`
			`mtu: 1400`
			`addresses:`
			`- 10.2.1.3/24`
			`dhcp: false`
			`routes:`
			`- network: 10.2.0.0/16`
			`gateway: 10.2.1.1 # The route's gateway (if empty, creates link scope route).`
			`metric: 2048`
The great restructuring. 2023-11-20 16:23:36 -06:00			`worker:`
			`patches:`
			`- \|-`
update hostnames and making nienna use legacy net interface names 2023-11-30 11:26:33 -06:00			`cluster:`
			`externalCloudProvider:`
			`enabled: true`
			`manifests:`
			`- https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/latest/download/ccm.yaml`
The great restructuring. 2023-11-20 16:23:36 -06:00			`machine:`
			`sysctls:`
			`fs.inotify.max_user_watches: "1048576"`
			`fs.inotify.max_user_instances: "8192"`
			`time:`
			`disabled: false`
			`servers:`
			`- ntp.hetzner.com`
			`kubelet:`
			`extraArgs:`
			`feature-gates: CronJobTimeZone=true,GracefulNodeShutdown=true,NewVolumeManagerReconstruction=false`
			`rotate-server-certificates: "true"`
			`extraConfig:`
			`maxPods: 150`
			`nodeIP:`
			`validSubnets:`
			`- 10.2.0.0/16`
Updating for talos infra. 2023-09-25 19:21:40 -05:00			`controlPlane:`
			`patches:`
			`- \|-`
			`cluster:`
			`allowSchedulingOnMasters: true`
update hostnames and making nienna use legacy net interface names 2023-11-30 11:26:33 -06:00			`externalCloudProvider:`
			`enabled: true`
			`manifests:`
			`- https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/latest/download/ccm.yaml`
Enable kubeprism and disable flannel. 2023-09-26 16:33:24 -05:00			`network:`
			`cni:`
			`name: none`
Updating for talos infra. 2023-09-25 19:21:40 -05:00			`proxy:`
			`disabled: true`
			`etcd:`
			`advertisedSubnets:`
			`- 10.2.0.0/24`

			`- \|-`
			`- op: remove`
			`path: /cluster/apiServer/admissionControl`

			`- \|-`
			`machine:`
Enable kubeprism and disable flannel. 2023-09-26 16:33:24 -05:00			`features:`
			`kubePrism:`
			`enabled: true`
			`port: 7445`

Updating for talos infra. 2023-09-25 19:21:40 -05:00			`files:`
			`- op: create`
			`path: /etc/cri/conf.d/20-customization.part`
			`content: \|`
			`[plugins]`
			`[plugins."io.containerd.grpc.v1.cri"]`
			`enable_unprivileged_ports = true`
			`enable_unprivileged_icmp = true`
			`kubelet:`
			`extraArgs:`
			`feature-gates: CronJobTimeZone=true,GracefulNodeShutdown=true,NewVolumeManagerReconstruction=false`
			`rotate-server-certificates: "true"`
			`extraConfig:`
			`maxPods: 150`
			`nodeIP:`
			`validSubnets:`
The great restructuring. 2023-11-20 16:23:36 -06:00			`- 10.2.0.0/16`
Updating for talos infra. 2023-09-25 19:21:40 -05:00			`network:`
			`extraHostEntries:`
The great restructuring. 2023-11-20 16:23:36 -06:00			`- ip: 10.2.0.3`
Updating for talos infra. 2023-09-25 19:21:40 -05:00			`sysctls:`
			`fs.inotify.max_user_watches: "1048576"`
			`fs.inotify.max_user_instances: "8192"`
			`time:`
			`disabled: false`
			`servers:`
			`- ntp.hetzner.com`