262 lines
7.2 KiB
YAML
262 lines
7.2 KiB
YAML
---
|
|
clusterName: valinor
|
|
|
|
talosVersion: v1.6.1
|
|
kubernetesVersion: 1.28.4
|
|
endpoint: "https://${clusterEndpointIP}:6443"
|
|
|
|
cniConfig:
|
|
name: none
|
|
|
|
additionalApiServerCertSans:
|
|
- ${clusterEndpointIP}
|
|
|
|
additionalMachineCertSans:
|
|
- ${clusterEndpointIP}
|
|
|
|
imageFactory:
|
|
registryURL: factory.talos.dev
|
|
schematicEndpoint: /schematics
|
|
protocol: https
|
|
installerURLTmpl: "{{.RegistryURL}}/installer/{{.ID}}:{{.Version}}"
|
|
ISOURLTmpl: "{{.Protocol}}://{{.RegistryURL}}/image/{{.ID}}/{{.Version}}/{{.Mode}}-{{.Arch}}.iso"
|
|
|
|
nodes:
|
|
# cloud CAX21 Arm64
|
|
- hostname: arlen
|
|
disableSearchDomain: true
|
|
ipAddress: ${arlenIP}
|
|
controlPlane: true
|
|
installDiskSelector:
|
|
busPath: /dev/sda
|
|
networkInterfaces:
|
|
- interface: eth0
|
|
dhcp: true
|
|
- interface: eth1
|
|
dhcp: true
|
|
routes:
|
|
- network: 10.2.0.0/16
|
|
gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).
|
|
metric: 2048
|
|
# cloud CAX21 Arm64
|
|
- hostname: eonwe
|
|
disableSearchDomain: true
|
|
ipAddress: ${eonweIP}
|
|
controlPlane: true
|
|
installDiskSelector:
|
|
busPath: /dev/sda
|
|
networkInterfaces:
|
|
- interface: eth0
|
|
dhcp: true
|
|
- interface: eth1
|
|
dhcp: true
|
|
routes:
|
|
- network: 10.2.0.0/16
|
|
gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).
|
|
metric: 2048
|
|
# cloud CAX21 Arm64
|
|
- hostname: aule
|
|
disableSearchDomain: true
|
|
ipAddress: ${auleIP}
|
|
controlPlane: true
|
|
installDiskSelector:
|
|
busPath: /dev/sda
|
|
networkInterfaces:
|
|
- interface: eth0
|
|
dhcp: true
|
|
- interface: eth1
|
|
dhcp: true
|
|
routes:
|
|
- network: 10.2.0.0/16
|
|
gateway: 10.2.0.1 # The route's gateway (if empty, creates link scope route).
|
|
metric: 2048
|
|
# VM AX41-Nvme - AMD Ryzen 5 3600 6-Core Processor (Zen2) - 64GB ECC RAM
|
|
- hostname: nienna
|
|
disableSearchDomain: true
|
|
ipAddress: ${niennaIP}
|
|
controlPlane: false
|
|
schematic:
|
|
customization:
|
|
extraKernelArgs:
|
|
- net.ifnames=0
|
|
systemExtensions:
|
|
officialExtensions:
|
|
- siderolabs/amd-ucode
|
|
- siderolabs/qemu-guest-agent
|
|
installDiskSelector:
|
|
busPath: /pci0000:00/0000:00:03.1/0000:27:00.0/nvme/nvme0/nvme0n1
|
|
networkInterfaces:
|
|
- interface: eth0
|
|
dhcp: false
|
|
- interface: eth1
|
|
dhcp: true
|
|
vlans:
|
|
- vlanId: 4010
|
|
mtu: 1450
|
|
addresses:
|
|
- 10.2.1.2/24
|
|
dhcp: false
|
|
routes:
|
|
- network: 10.2.0.0/16
|
|
gateway: 10.2.1.1 # The route's gateway (if empty, creates link scope route).
|
|
metric: 2048
|
|
- interface: eth2
|
|
dhcp: false
|
|
# VM AX41-Nvme - AMD Ryzen 5 3600 6-Core Processor (Zen2) - 64GB ECC RAM
|
|
- hostname: nessa
|
|
disableSearchDomain: true
|
|
ipAddress: ${nessaIP}
|
|
controlPlane: false
|
|
schematic:
|
|
customization:
|
|
extraKernelArgs:
|
|
- net.ifnames=0
|
|
systemExtensions:
|
|
officialExtensions:
|
|
- siderolabs/amd-ucode
|
|
installDiskSelector:
|
|
busPath: /pci0000:00/0000:00:0a.0/virtio2/
|
|
networkInterfaces:
|
|
- interface: eth0
|
|
dhcp: true
|
|
- interface: eth1
|
|
dhcp: false
|
|
vlans:
|
|
- vlanId: 4010
|
|
mtu: 1450
|
|
addresses:
|
|
- 10.2.1.4/24
|
|
dhcp: false
|
|
routes:
|
|
- network: 10.2.0.0/16
|
|
gateway: 10.2.1.1 # The route's gateway (if empty, creates link scope route).
|
|
metric: 2048
|
|
# VM on EX44 - Intel Gen 13 (Raptor Lake) - 64GB RAM
|
|
- hostname: orome
|
|
disableSearchDomain: true
|
|
ipAddress: ${oromeIP}
|
|
controlPlane: false
|
|
schematic:
|
|
customization:
|
|
extraKernelArgs:
|
|
- net.ifnames=0
|
|
systemExtensions:
|
|
officialExtensions:
|
|
- siderolabs/i915-ucode
|
|
- siderolabs/intel-ucode
|
|
- siderolabs/qemu-guest-agent
|
|
installDiskSelector:
|
|
busPath: /pci0000:00/0000:00:0a.0/virtio2/
|
|
networkInterfaces:
|
|
- interface: eth0
|
|
dhcp: true
|
|
- interface: eth1
|
|
dhcp: false
|
|
vlans:
|
|
- vlanId: 4010
|
|
mtu: 1450
|
|
addresses:
|
|
- 10.2.1.3/24
|
|
dhcp: false
|
|
routes:
|
|
- network: 10.2.0.0/16
|
|
gateway: 10.2.1.1 # The route's gateway (if empty, creates link scope route).
|
|
metric: 2048
|
|
worker:
|
|
patches:
|
|
- |-
|
|
cluster:
|
|
externalCloudProvider:
|
|
enabled: true
|
|
manifests:
|
|
- https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/latest/download/ccm.yaml
|
|
machine:
|
|
sysctls:
|
|
fs.inotify.max_user_watches: "1048576"
|
|
fs.inotify.max_user_instances: "8192"
|
|
time:
|
|
disabled: false
|
|
servers:
|
|
- ntp.hetzner.com
|
|
kubelet:
|
|
extraArgs:
|
|
feature-gates: CronJobTimeZone=true,GracefulNodeShutdown=true,NewVolumeManagerReconstruction=false
|
|
rotate-server-certificates: "true"
|
|
extraConfig:
|
|
maxPods: 150
|
|
nodeIP:
|
|
validSubnets:
|
|
- 10.2.0.0/16
|
|
registries:
|
|
mirrors:
|
|
docker.io:
|
|
endpoints:
|
|
- http://harbor.hsn.dev/v2/docker.io
|
|
overridePath: true
|
|
ghcr.io:
|
|
endpoints:
|
|
- http://harbor.hsn.dev/v2/ghcr.io
|
|
overridePath: true
|
|
controlPlane:
|
|
patches:
|
|
- |-
|
|
cluster:
|
|
allowSchedulingOnMasters: true
|
|
externalCloudProvider:
|
|
enabled: true
|
|
manifests:
|
|
- https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/latest/download/ccm.yaml
|
|
network:
|
|
cni:
|
|
name: none
|
|
proxy:
|
|
disabled: true
|
|
etcd:
|
|
advertisedSubnets:
|
|
- 10.2.0.0/24
|
|
|
|
- |-
|
|
- op: remove
|
|
path: /cluster/apiServer/admissionControl
|
|
|
|
- |-
|
|
machine:
|
|
features:
|
|
kubePrism:
|
|
enabled: true
|
|
port: 7445
|
|
registries:
|
|
mirrors:
|
|
docker.io:
|
|
endpoints:
|
|
- http://harbor.hsn.dev/v2/docker.io
|
|
overridePath: true
|
|
ghcr.io:
|
|
endpoints:
|
|
- http://harbor.hsn.dev/v2/ghcr.io
|
|
overridePath: true
|
|
|
|
files:
|
|
- op: create
|
|
path: /etc/cri/conf.d/20-customization.part
|
|
content: |
|
|
[plugins]
|
|
[plugins."io.containerd.grpc.v1.cri"]
|
|
enable_unprivileged_ports = true
|
|
enable_unprivileged_icmp = true
|
|
kubelet:
|
|
extraArgs:
|
|
feature-gates: CronJobTimeZone=true,GracefulNodeShutdown=true,NewVolumeManagerReconstruction=false
|
|
rotate-server-certificates: "true"
|
|
extraConfig:
|
|
maxPods: 150
|
|
nodeIP:
|
|
validSubnets:
|
|
- 10.2.0.0/16
|
|
sysctls:
|
|
fs.inotify.max_user_watches: "1048576"
|
|
fs.inotify.max_user_instances: "8192"
|
|
time:
|
|
disabled: false
|
|
servers:
|
|
- ntp.hetzner.com
|