updating to use different ips
This commit is contained in:
parent
23639028b7
commit
bbf93870ac
3 changed files with 230 additions and 67 deletions
214
talos/talconfig-pips.yaml
Normal file
214
talos/talconfig-pips.yaml
Normal file
|
@ -0,0 +1,214 @@
|
|||
---
|
||||
clusterName: valinor
|
||||
|
||||
talosVersion: v1.5.5
|
||||
kubernetesVersion: 1.28.4
|
||||
endpoint: "https://10.2.0.3:6443"
|
||||
|
||||
cniConfig:
|
||||
name: none
|
||||
|
||||
additionalApiServerCertSans:
|
||||
- 10.2.0.3
|
||||
|
||||
additionalMachineCertSans:
|
||||
- 10.2.0.3
|
||||
|
||||
nodes:
|
||||
# cloud CAX21 Arm64
|
||||
- hostname: aule
|
||||
disableSearchDomain: true
|
||||
ipAddress: 10.2.0.4
|
||||
controlPlane: true
|
||||
installDiskSelector:
|
||||
busPath: /dev/sda
|
||||
networkInterfaces:
|
||||
- interface: eth0
|
||||
dhcp: true
|
||||
- interface: eth1
|
||||
dhcp: true
|
||||
routes:
|
||||
- network: 10.2.0.0/16
|
||||
gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).
|
||||
metric: 2048
|
||||
# cloud CAX21 Arm64
|
||||
- hostname: arlen
|
||||
disableSearchDomain: true
|
||||
ipAddress: 10.2.0.5
|
||||
controlPlane: true
|
||||
installDiskSelector:
|
||||
busPath: /dev/sda
|
||||
networkInterfaces:
|
||||
- interface: eth0
|
||||
dhcp: true
|
||||
- interface: eth1
|
||||
dhcp: true
|
||||
routes:
|
||||
- network: 10.2.0.0/16
|
||||
gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).
|
||||
metric: 2048
|
||||
# cloud CAX21 Arm64
|
||||
- hostname: eonwe
|
||||
disableSearchDomain: true
|
||||
ipAddress: 10.2.0.6
|
||||
controlPlane: true
|
||||
installDiskSelector:
|
||||
busPath: /dev/sda
|
||||
networkInterfaces:
|
||||
- interface: eth0
|
||||
dhcp: true
|
||||
- interface: eth1
|
||||
dhcp: true
|
||||
routes:
|
||||
- network: 10.2.0.0/16
|
||||
gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).
|
||||
metric: 2048
|
||||
# Bare-metal AX41-Nvme - AMD Ryzen 5 3600 6-Core Processor (Zen2) - 64GB ECC RAM
|
||||
- hostname: nienna
|
||||
disableSearchDomain: true
|
||||
ipAddress: 10.2.1.2
|
||||
controlPlane: false
|
||||
# customization:
|
||||
# extraKernelArgs:
|
||||
# - net.ifnames=0
|
||||
# systemExtensions:
|
||||
# officialExtensions:
|
||||
# - siderolabs/amd-ucode
|
||||
# - siderolabs/qemu-guest-agent
|
||||
talosImageURL: factory.talos.dev/installer/696bb48d9c48e567596f393a4ff9bfd26d4dda5d92c16beb580e96fa68d6324c
|
||||
# https://factory.talos.dev/image/696bb48d9c48e567596f393a4ff9bfd26d4dda5d92c16beb580e96fa68d6324c/v1.5.5/metal-amd64.iso
|
||||
# no guest agent in the raw.xz image
|
||||
# https://factory.talos.dev/image/6c789e7a3eec37617fd9d239a7f696ba48e75bc4780f5cb30bf8882686d79a22/v1.5.5/metal-amd64.raw.xz
|
||||
installDiskSelector:
|
||||
busPath: /pci0000:00/0000:00:0a.0/virtio2/
|
||||
# Ceph Disk Fast: /pci0000:00/0000:00:11.0/nvme/nvme0/nvme0n1
|
||||
# Ceph Disk Large: /pci0000:00/0000:00:10.0/ata1/host0/target0:0:0/0:0:0:0/
|
||||
networkInterfaces:
|
||||
- interface: eth0
|
||||
dhcp: true
|
||||
- interface: eth1
|
||||
dhcp: false
|
||||
vlans:
|
||||
- vlanId: 4010
|
||||
mtu: 1400
|
||||
addresses:
|
||||
- 10.2.1.2/24
|
||||
dhcp: false
|
||||
routes:
|
||||
- network: 10.2.0.0/16
|
||||
gateway: 10.2.1.1 # The route's gateway (if empty, creates link scope route).
|
||||
metric: 2048
|
||||
# VM on EX44 - Intel Gen 13 (Raptor Lake) - 64GB RAM
|
||||
- hostname: orome
|
||||
disableSearchDomain: true
|
||||
ipAddress: 10.2.1.3
|
||||
controlPlane: false
|
||||
# customization:
|
||||
# extraKernelArgs:
|
||||
# - net.ifnames=0
|
||||
# systemExtensions:
|
||||
# officialExtensions:
|
||||
# - siderolabs/i915-ucode
|
||||
# - siderolabs/intel-ucode
|
||||
# - siderolabs/qemu-guest-agent
|
||||
talosImageURL: factory.talos.dev/installer/f2f665587318c2d79e7b315cc333fff276ed59c8de831f16e28b4db107496ac2
|
||||
# https://factory.talos.dev/image/f2f665587318c2d79e7b315cc333fff276ed59c8de831f16e28b4db107496ac2/metal-amd64.iso
|
||||
installDiskSelector:
|
||||
busPath: /pci0000:00/0000:00:0a.0/virtio2/
|
||||
# Ceph Disk: /dev/disk/by-id/nvme-SAMSUNG_MZVL2512HCJQ-00B00_S675NU0TB36132
|
||||
networkInterfaces:
|
||||
- interface: eth0
|
||||
dhcp: true
|
||||
- interface: eth1
|
||||
dhcp: false
|
||||
vlans:
|
||||
- vlanId: 4010
|
||||
mtu: 1400
|
||||
addresses:
|
||||
- 10.2.1.3/24
|
||||
dhcp: false
|
||||
routes:
|
||||
- network: 10.2.0.0/16
|
||||
gateway: 10.2.1.1 # The route's gateway (if empty, creates link scope route).
|
||||
metric: 2048
|
||||
worker:
|
||||
patches:
|
||||
- |-
|
||||
cluster:
|
||||
externalCloudProvider:
|
||||
enabled: true
|
||||
manifests:
|
||||
- https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/latest/download/ccm.yaml
|
||||
machine:
|
||||
sysctls:
|
||||
fs.inotify.max_user_watches: "1048576"
|
||||
fs.inotify.max_user_instances: "8192"
|
||||
time:
|
||||
disabled: false
|
||||
servers:
|
||||
- ntp.hetzner.com
|
||||
kubelet:
|
||||
extraArgs:
|
||||
feature-gates: CronJobTimeZone=true,GracefulNodeShutdown=true,NewVolumeManagerReconstruction=false
|
||||
rotate-server-certificates: "true"
|
||||
extraConfig:
|
||||
maxPods: 150
|
||||
nodeIP:
|
||||
validSubnets:
|
||||
- 10.2.0.0/16
|
||||
controlPlane:
|
||||
patches:
|
||||
- |-
|
||||
cluster:
|
||||
allowSchedulingOnMasters: true
|
||||
externalCloudProvider:
|
||||
enabled: true
|
||||
manifests:
|
||||
- https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/latest/download/ccm.yaml
|
||||
network:
|
||||
cni:
|
||||
name: none
|
||||
proxy:
|
||||
disabled: true
|
||||
etcd:
|
||||
advertisedSubnets:
|
||||
- 10.2.0.0/24
|
||||
|
||||
- |-
|
||||
- op: remove
|
||||
path: /cluster/apiServer/admissionControl
|
||||
|
||||
- |-
|
||||
machine:
|
||||
features:
|
||||
kubePrism:
|
||||
enabled: true
|
||||
port: 7445
|
||||
|
||||
files:
|
||||
- op: create
|
||||
path: /etc/cri/conf.d/20-customization.part
|
||||
content: |
|
||||
[plugins]
|
||||
[plugins."io.containerd.grpc.v1.cri"]
|
||||
enable_unprivileged_ports = true
|
||||
enable_unprivileged_icmp = true
|
||||
kubelet:
|
||||
extraArgs:
|
||||
feature-gates: CronJobTimeZone=true,GracefulNodeShutdown=true,NewVolumeManagerReconstruction=false
|
||||
rotate-server-certificates: "true"
|
||||
extraConfig:
|
||||
maxPods: 150
|
||||
nodeIP:
|
||||
validSubnets:
|
||||
- 10.2.0.0/16
|
||||
network:
|
||||
extraHostEntries:
|
||||
- ip: 10.2.0.3
|
||||
sysctls:
|
||||
fs.inotify.max_user_watches: "1048576"
|
||||
fs.inotify.max_user_instances: "8192"
|
||||
time:
|
||||
disabled: false
|
||||
servers:
|
||||
- ntp.hetzner.com
|
|
@ -3,70 +3,52 @@ clusterName: valinor
|
|||
|
||||
talosVersion: v1.5.5
|
||||
kubernetesVersion: 1.28.4
|
||||
endpoint: "https://10.2.0.3:6443"
|
||||
endpoint: "https://${clusterEndpointIP}:6443"
|
||||
|
||||
cniConfig:
|
||||
name: none
|
||||
|
||||
additionalApiServerCertSans:
|
||||
- 10.2.0.3
|
||||
- ${clusterEndpointIP}
|
||||
|
||||
additionalMachineCertSans:
|
||||
- 10.2.0.3
|
||||
- ${clusterEndpointIP}
|
||||
|
||||
nodes:
|
||||
# cloud CAX21 Arm64
|
||||
- hostname: aule
|
||||
disableSearchDomain: true
|
||||
ipAddress: 10.2.0.4
|
||||
ipAddress: ${auleIP}
|
||||
controlPlane: true
|
||||
installDiskSelector:
|
||||
busPath: /dev/sda
|
||||
networkInterfaces:
|
||||
- interface: eth0
|
||||
dhcp: true
|
||||
- interface: eth1
|
||||
dhcp: true
|
||||
routes:
|
||||
- network: 10.2.0.0/16
|
||||
gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).
|
||||
metric: 2048
|
||||
# cloud CAX21 Arm64
|
||||
- hostname: arlen
|
||||
disableSearchDomain: true
|
||||
ipAddress: 10.2.0.5
|
||||
ipAddress: ${arlenIP}
|
||||
controlPlane: true
|
||||
installDiskSelector:
|
||||
busPath: /dev/sda
|
||||
networkInterfaces:
|
||||
- interface: eth0
|
||||
dhcp: true
|
||||
- interface: eth1
|
||||
dhcp: true
|
||||
routes:
|
||||
- network: 10.2.0.0/16
|
||||
gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).
|
||||
metric: 2048
|
||||
# cloud CAX21 Arm64
|
||||
- hostname: eonwe
|
||||
disableSearchDomain: true
|
||||
ipAddress: 10.2.0.6
|
||||
ipAddress: ${eonweIP}
|
||||
controlPlane: true
|
||||
installDiskSelector:
|
||||
busPath: /dev/sda
|
||||
networkInterfaces:
|
||||
- interface: eth0
|
||||
dhcp: true
|
||||
- interface: eth1
|
||||
dhcp: true
|
||||
routes:
|
||||
- network: 10.2.0.0/16
|
||||
gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).
|
||||
metric: 2048
|
||||
# Bare-metal AX41-Nvme - AMD Ryzen 5 3600 6-Core Processor (Zen2) - 64GB ECC RAM
|
||||
- hostname: nienna
|
||||
disableSearchDomain: true
|
||||
ipAddress: 10.2.1.2
|
||||
ipAddress: ${niennaIP}
|
||||
controlPlane: false
|
||||
# customization:
|
||||
# extraKernelArgs:
|
||||
|
@ -86,22 +68,10 @@ nodes:
|
|||
networkInterfaces:
|
||||
- interface: eth0
|
||||
dhcp: true
|
||||
- interface: eth1
|
||||
dhcp: false
|
||||
vlans:
|
||||
- vlanId: 4010
|
||||
mtu: 1400
|
||||
addresses:
|
||||
- 10.2.1.2/24
|
||||
dhcp: false
|
||||
routes:
|
||||
- network: 10.2.0.0/16
|
||||
gateway: 10.2.1.1 # The route's gateway (if empty, creates link scope route).
|
||||
metric: 2048
|
||||
# VM on EX44 - Intel Gen 13 (Raptor Lake) - 64GB RAM
|
||||
- hostname: orome
|
||||
disableSearchDomain: true
|
||||
ipAddress: 10.2.1.3
|
||||
ipAddress: ${oromeIP}
|
||||
controlPlane: false
|
||||
# customization:
|
||||
# extraKernelArgs:
|
||||
|
@ -119,18 +89,6 @@ nodes:
|
|||
networkInterfaces:
|
||||
- interface: eth0
|
||||
dhcp: true
|
||||
- interface: eth1
|
||||
dhcp: false
|
||||
vlans:
|
||||
- vlanId: 4010
|
||||
mtu: 1400
|
||||
addresses:
|
||||
- 10.2.1.3/24
|
||||
dhcp: false
|
||||
routes:
|
||||
- network: 10.2.0.0/16
|
||||
gateway: 10.2.1.1 # The route's gateway (if empty, creates link scope route).
|
||||
metric: 2048
|
||||
worker:
|
||||
patches:
|
||||
- |-
|
||||
|
@ -153,9 +111,6 @@ worker:
|
|||
rotate-server-certificates: "true"
|
||||
extraConfig:
|
||||
maxPods: 150
|
||||
nodeIP:
|
||||
validSubnets:
|
||||
- 10.2.0.0/16
|
||||
controlPlane:
|
||||
patches:
|
||||
- |-
|
||||
|
@ -170,9 +125,6 @@ controlPlane:
|
|||
name: none
|
||||
proxy:
|
||||
disabled: true
|
||||
etcd:
|
||||
advertisedSubnets:
|
||||
- 10.2.0.0/24
|
||||
|
||||
- |-
|
||||
- op: remove
|
||||
|
@ -199,12 +151,6 @@ controlPlane:
|
|||
rotate-server-certificates: "true"
|
||||
extraConfig:
|
||||
maxPods: 150
|
||||
nodeIP:
|
||||
validSubnets:
|
||||
- 10.2.0.0/16
|
||||
network:
|
||||
extraHostEntries:
|
||||
- ip: 10.2.0.3
|
||||
sysctls:
|
||||
fs.inotify.max_user_watches: "1048576"
|
||||
fs.inotify.max_user_instances: "8192"
|
||||
|
|
|
@ -1,7 +1,10 @@
|
|||
clusterName: ENC[AES256_GCM,data:iT5CwpMddw==,iv:st1ajjpRXQiHozpIJqUUwmRe542IiR2aWLEdqkk4W9k=,tag:KOCQ8x28kwNNDUXwOTpulg==,type:str]
|
||||
clusterEndpointIP: ENC[AES256_GCM,data:5VXivET/uV4=,iv:SRhLmDfbSlhnb9DsaFXCqiP/Bx4Khi4GdXseyuhuYAw=,tag:BrP3OL/1FwrUyCMWRFB0BQ==,type:str]
|
||||
oromeIP: ENC[AES256_GCM,data:SQyZ1Lpe8HipAbpOdGWRMQ==,iv:1u1eM3N90BvX9tob0c+hKXUFlrFWDh+oKM+sSRrmSyY=,tag:oWjt80hHImn0s1r0CM+1eA==,type:str]
|
||||
oromeGateway: ENC[AES256_GCM,data:Ic8WKbNl9SsdfYT1,iv:HlKGNuBrvHjwrydybAD7cQEKYXL/JLzs/1m+G2bznYA=,tag:NGt1IacjxuX1XqP7mHB5ww==,type:str]
|
||||
clusterEndpointIP: ENC[AES256_GCM,data:nQcNkmmaLuOxz5tTKlY=,iv:IAnSXk667TSWcE2QDmE/xk56R6dCsNK5hMIY96BPN08=,tag:G1ebt6kfJ2V1WMfJ9zNBhA==,type:str]
|
||||
auleIP: ENC[AES256_GCM,data:fowDru5uo1tx36Y3vQ==,iv:wSPdnE+eQ+er2pCOvS2DoynCxA+4oNbJacQhvQR6KJk=,tag:Fb+D9nA3U/QbgqmQhDMDDw==,type:str]
|
||||
arlenIP: ENC[AES256_GCM,data:O3z2uYFNjS9iMng=,iv:b6T1AbWdIoFrH3hV1zop1C2x652sweKhgKPzUVNoDUY=,tag:d6edGxWSXtq9cpbcjIbtQw==,type:str]
|
||||
eonweIP: ENC[AES256_GCM,data:WdN3OPeVD0ppPax856w=,iv:QVhxp1Q3JPbHZAyZbwoBfmIu+qazvAQPKJR10RdtfFI=,tag:raJ2APpfNTyXLSH9SjzoGA==,type:str]
|
||||
niennaIP: ENC[AES256_GCM,data:XQCs/IoSGQIzBKe2Kw==,iv:P72qBaIHY8oLpfR+t5ZZ31XJE1kytCvav0I25nQKSWI=,tag:ZVbQHHzct2Y/fvHxAXROXQ==,type:str]
|
||||
oromeIP: ENC[AES256_GCM,data:nCeVxdK8Q1+E9nMoeNM=,iv:lqM72ewe+nwJUiJGOsLmGBtUU9JcxxmbEUZJNdFroWI=,tag:cpXvK0HW22mpy4nxWCgRmw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
@ -17,8 +20,8 @@ sops:
|
|||
MTFUZEplYVN5RGhhMGNEcDlGbTVQcjQKktwztZAHGUqoxbGHuAg0dX5Vap+wFVfx
|
||||
ku6Hzg1ZU8Lvd8ODe+4p+RvHSKVll1akgpPVuymCUxl+I6EvH7gEDA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-12-02T02:23:49Z"
|
||||
mac: ENC[AES256_GCM,data:vut8v85tPP1DoJCvdqa0Da3z+78qadjuq5PTmqP/DB8fXy8S7qY5QiDZBv4kKhb5j6lmzYUD1USZZYLzDJN5n4Vw9qdstMr6WuCTqimt5MsZEefn621/p0Q2hdH7rC75gGiLHTFLc53HnrESg+opZRkmknrNuKKcZH8GI0H4MeQ=,iv:OakKTwA24IlwIU3gXP53CN7bdO8iDoKpoGLy+EcVGIg=,tag:82RBOg4ebBk9QEtSRAMymw==,type:str]
|
||||
lastmodified: "2023-12-10T16:40:14Z"
|
||||
mac: ENC[AES256_GCM,data:P0rbT2U+Ga29qR7hewngNrmfqA0ShNnCjaYGQLyHTsowqJ3ZY4HX7UQzwtXaZZTfz0SSIAK9yUHStmOoQ0p6c5t6uhww5565MAi23J5vQSkg3iIZ9MLuHkfAYwt4mOXVxvlhGMM0sEkE3nsurHVyEB3TOBgXKziz7Wi+pH1knXw=,iv:QBs7SV667gbiWbTNOcmzHc2eygJSLmK2aiLF4b4qvWU=,tag:/LjNKYD+XooTRLr/gcJQvg==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
|
|
Reference in a new issue