This repository has been archived on 2024-02-11. You can view files and clone it, but cannot push or open issues or pull requests.
valinor/talos/talconfig.yaml

224 lines
6.4 KiB
YAML

---
clusterName: valinor
talosVersion: v1.5.5
kubernetesVersion: 1.28.3
endpoint: "https://10.2.0.3:6443"
cniConfig:
name: none
additionalApiServerCertSans:
- 10.2.0.3
additionalMachineCertSans:
- 10.2.0.3
nodes:
# cloud CAX21 Arm64
- hostname: aule.hsn.dev
disableSearchDomain: true
ipAddress: 10.2.0.4
controlPlane: true
installDiskSelector:
busPath: /dev/sda
networkInterfaces:
- interface: eth0
dhcp: true
- interface: eth1
dhcp: true
routes:
- network: 10.2.0.0/16
gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).
metric: 2048
# cloud CAX21 Arm64
- hostname: arlen.hsn.dev
disableSearchDomain: true
ipAddress: 10.2.0.5
controlPlane: true
installDiskSelector:
busPath: /dev/sda
networkInterfaces:
- interface: eth0
dhcp: true
- interface: eth1
dhcp: true
routes:
- network: 10.2.0.0/16
gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).
metric: 2048
# cloud CAX21 Arm64
- hostname: eonwe.hsn.dev
disableSearchDomain: true
ipAddress: 10.2.0.6
controlPlane: true
installDiskSelector:
busPath: /dev/sda
networkInterfaces:
- interface: eth0
dhcp: true
- interface: eth1
dhcp: true
routes:
- network: 10.2.0.0/16
gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).
metric: 2048
# Bare-metal AX41-Nvme - AMD Ryzen 5 3600 6-Core Processor (Zen2) - 64GB ECC RAM
- hostname: nienna.hsn.dev
disableSearchDomain: true
ipAddress: 10.2.1.2
controlPlane: false
# customization:
# systemExtensions:
# officialExtensions:
# - siderolabs/amd-ucode
talosImageURL: factory.talos.dev/installer/96f8c146a67c80daad900d3fc1a6976fe11062321eee9ab6ae2a6aea88b2d26e
installDiskSelector:
busPath: /pci0000:00/0000:00:03.1/0000:27:00.0/nvme/nvme0/nvme0n1
machineDisks:
- device: /dev/disk/by-id/nvme-SAMSUNG_MZVLB512HBJQ-00000_S4GENX0N424497
partitions:
- mountpoint: /var/mnt/lpnvme
networkInterfaces:
- interface: enp35s0
dhcp: true
vlans:
- vlanId: 4010
mtu: 1400
addresses:
- 10.2.1.2/24
dhcp: false
routes:
- network: 10.2.0.0/16
gateway: 10.2.1.1 # The route's gateway (if empty, creates link scope route).
metric: 2048
patches:
- |-
machine:
kubelet:
extraMounts:
- destination: /var/mnt/lpnvme
type: bind
source: /var/mnt/lpnvme
options:
- rbind
- rshared
- rw
# VM on Bare-metal EX44 Proxmox pve - 13th Gen Intel(R) Core(TM) i5-13500 - 64GB RAM
# - hostname: orome.hsn.dev
# disableSearchDomain: true
# ipAddress: 10.2.1.3
# controlPlane: false
# # customization:
# # extraKernelArgs:
# # - net.ifnames=0
# # systemExtensions:
# # officialExtensions:
# # - siderolabs/i915-ucode
# # - siderolabs/intel-ucode
# # - siderolabs/qemu-guest-agent
# installDisk: /dev/vda
# # talosImageURL: factory.talos.dev/installer/50da29e436eac5b66bb9727beff6469822d4d1387543cc033a976afb063d9c84
# talosImageURL: hub.hsn.dev/factory.talos.dev/installer/aada47690a5864b64a0947bd228f7426d0bddab59a3ffca542602b717a896e34
# networkInterfaces:
# - interface: eth0
# dhcp: false
# addresses:
# - 10.2.1.3/24
# routes:
# - network: 10.2.0.0/16
# gateway: 10.2.1.1 # The route's gateway (if empty, creates link scope route).
# metric: 2048
# - interface: eth1
# dhcp: true
# routes:
# - network: 0.0.0.0/0 # The route's network (destination).
# gateway: 192.168.20.1 # The route's gateway (if empty, creates link scope route).
# metric: 1024
# - hostname: vaire.hsn.dev
# disableSearchDomain: true
# ipAddress: 10.2.0.8
# controlPlane: false
# installDiskSelector:
# busPath: /dev/sda
# networkInterfaces:
# - interface: eth0
# dhcp: true
# - interface: eth1
# dhcp: true
# routes:
# - network: 10.2.0.0/16
# gateway: 10.2.1.1 # The route's gateway (if empty, creates link scope route).
# metric: 2048
worker:
patches:
- |-
machine:
sysctls:
fs.inotify.max_user_watches: "1048576"
fs.inotify.max_user_instances: "8192"
time:
disabled: false
servers:
- ntp.hetzner.com
kubelet:
extraArgs:
feature-gates: CronJobTimeZone=true,GracefulNodeShutdown=true,NewVolumeManagerReconstruction=false
rotate-server-certificates: "true"
extraConfig:
maxPods: 150
nodeIP:
validSubnets:
- 10.2.0.0/16
controlPlane:
patches:
- |-
cluster:
allowSchedulingOnMasters: true
network:
cni:
name: none
proxy:
disabled: true
etcd:
advertisedSubnets:
- 10.2.0.0/24
- |-
- op: remove
path: /cluster/apiServer/admissionControl
- |-
machine:
features:
kubePrism:
enabled: true
port: 7445
files:
- op: create
path: /etc/cri/conf.d/20-customization.part
content: |
[plugins]
[plugins."io.containerd.grpc.v1.cri"]
enable_unprivileged_ports = true
enable_unprivileged_icmp = true
kubelet:
extraArgs:
feature-gates: CronJobTimeZone=true,GracefulNodeShutdown=true,NewVolumeManagerReconstruction=false
rotate-server-certificates: "true"
extraConfig:
maxPods: 150
nodeIP:
validSubnets:
- 10.2.0.0/16
network:
extraHostEntries:
- ip: 10.2.0.3
sysctls:
fs.inotify.max_user_watches: "1048576"
fs.inotify.max_user_instances: "8192"
time:
disabled: false
servers:
- ntp.hetzner.com