talos scripts

brettinternet · Jun 25, 2024 · 0cbbe23 · 0cbbe23
1 parent 2d9e56f
commit 0cbbe23
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 11 deletions.
diff --git a/.taskfiles/talos.yaml b/.taskfiles/talos.yaml
@@ -17,18 +17,29 @@ tasks:
   bootstrap:
     desc: Bootstrap the Talos cluster
     dir: "/{{.BOOTSTRAP_TALOS_DIR}}"
+    cmds:
+      - task: generate
+      - talhelper gencommand apply --config-file {{.TALHELPER_CONFIG_FILE}} --out-dir {{.TALHELPER_CLUSTER_DIR}} --extra-flags="--insecure" | bash
+      - until talhelper gencommand bootstrap --config-file {{.TALHELPER_CONFIG_FILE}} --out-dir {{.TALHELPER_CLUSTER_DIR}} | bash; do sleep 10; done
+      - task: fetch-kubeconfig
+      - task: install-helm-apps
+      - task: health
+    requires:
+      vars: ["cluster"]
+    preconditions:
+      - msg: Missing talhelper config file
+        sh: test -f {{.TALHELPER_CONFIG_FILE}}
+
+  generate:
+    desc: Generate Talos configs with talhelper
+    dir: "/{{.BOOTSTRAP_TALOS_DIR}}"
     cmds:
       - |
         if [ ! -f "{{.TALHELPER_SECRET_FILE}}" ]; then
             talhelper gensecret > {{.TALHELPER_SECRET_FILE}}
             sops --encrypt --in-place {{.TALHELPER_SECRET_FILE}}
         fi
       - talhelper genconfig --config-file {{.TALHELPER_CONFIG_FILE}} --secret-file {{.TALHELPER_SECRET_FILE}} --out-dir {{.TALHELPER_CLUSTER_DIR}}
-      - talhelper gencommand apply --config-file {{.TALHELPER_CONFIG_FILE}} --out-dir {{.TALHELPER_CLUSTER_DIR}} --extra-flags="--insecure" | bash
-      - until talhelper gencommand bootstrap --config-file {{.TALHELPER_CONFIG_FILE}} --out-dir {{.TALHELPER_CLUSTER_DIR}} | bash; do sleep 10; done
-      - task: fetch-kubeconfig
-      - task: install-helm-apps
-      - task: health
     requires:
       vars: ["cluster"]
     preconditions:
@@ -39,6 +50,16 @@ tasks:
       - msg: Missing Sops Age key file
         sh: test -f {{.AGE_FILE}}
 
+  apply:
+    desc: Apply a single config to a node
+    dir: "/{{.TALHELPER_CLUSTER_DIR}}"
+    cmd: talosctl apply-config --insecure -n {{.node}} --file {{.file}}
+    requires:
+      vars: ["cluster", "node", "file"]
+    preconditions:
+      - msg: Missing talosconfig
+        sh: test -f {{.TALOSCONFIG_FILE}}
+
   health:
     desc: Get Talos cluster health
     dir: "/{{.BOOTSTRAP_TALOS_DIR}}"

diff --git a/kubernetes/main/bootstrap/talos/clusterconfig/.gitignore b/kubernetes/main/bootstrap/talos/clusterconfig/.gitignore
@@ -1,3 +1,4 @@
+talosconfig
 homelab-k-0.yaml
 homelab-k-1.yaml
 homelab-k-2.yaml
@@ -6,4 +7,5 @@ homelab-k-4.yaml
 homelab-k-5.yaml
 homelab-k-6.yaml
 homelab-k-7.yaml
-talosconfig
+homelab-k-8.yaml
+homelab-k-9.yaml
diff --git a/kubernetes/main/bootstrap/talos/talconfig.yaml b/kubernetes/main/bootstrap/talos/talconfig.yaml
@@ -2,7 +2,7 @@
 # https://budimanjojo.github.io/talhelper/latest/reference/configuration
 ---
 # renovate: datasource=docker depName=ghcr.io/siderolabs/installer
-talosVersion: v1.7.4
+talosVersion: v1.7.5
 # renovate: datasource=docker depName=ghcr.io/siderolabs/kubelet
 kubernetesVersion: v1.30.1
 
@@ -25,8 +25,8 @@ nodes:
   - hostname: "k-0"
     ipAddress: "10.1.2.100"
     installDisk: /dev/disk/by-id/nvme-INTEL_SSDPEKKW256G7_BTPY64540F5A256D
-    # https://factory.talos.dev/?arch=amd64&board=undefined&cmdline-set=true&extensions=-&extensions=siderolabs%2Fintel-ucode&extensions=siderolabs%2Fiscsi-tools&extensions=siderolabs%2Fqemu-guest-agent&extensions=siderolabs%2Futil-linux-tools&platform=metal&secureboot=undefined&target=metal&version=1.7.4
-    talosImageURL: &talosIntelGpuImage factory.talos.dev/installer/d4cf8602b9d285ede53209d5e8c482372d61d3b9aa850736c2dc65bd8d091cba
+    # https://factory.talos.dev/?arch=amd64&cmdline-set=true&extensions=-&extensions=siderolabs%2Fi915-ucode&extensions=siderolabs%2Fintel-ucode&extensions=siderolabs%2Fiscsi-tools&extensions=siderolabs%2Futil-linux-tools&platform=metal&target=metal&version=1.7.5
+    talosImageURL: &talosIntelGpuImage factory.talos.dev/installer/ebdfa27a8d6272acf806ac6a5c968c3c284a47ce880273cecb19442c11bf0474
     schematic: &schematic
       customization:
         extraKernelArgs:
@@ -35,7 +35,6 @@ nodes:
           officialExtensions:
             - siderolabs/i915-ucode
             - siderolabs/intel-ucode
-            - siderolabs/qemu-guest-agent
             # longhorn required extensions https://longhorn.io/docs/1.7.0/advanced-resources/os-distro-specific/talos-linux-support/#system-extensions
             - siderolabs/iscsi-tools
             - siderolabs/util-linux-tools
@@ -87,7 +86,7 @@ nodes:
   - hostname: "k-3"
     ipAddress: "10.1.2.103"
     installDisk: &vmInstallDisk "/dev/sda"
-    # https://factory.talos.dev/?arch=amd64&board=undefined&cmdline-set=true&extensions=-&extensions=siderolabs%2Fi915-ucode&extensions=siderolabs%2Fintel-ucode&extensions=siderolabs%2Fiscsi-tools&extensions=siderolabs%2Fqemu-guest-agent&extensions=siderolabs%2Futil-linux-tools&platform=metal&secureboot=undefined&target=metal&version=1.7.4
+    # https://factory.talos.dev/?arch=amd64&cmdline-set=true&extensions=-&extensions=siderolabs%2Fintel-ucode&extensions=siderolabs%2Fiscsi-tools&extensions=siderolabs%2Fqemu-guest-agent&extensions=siderolabs%2Futil-linux-tools&platform=metal&target=metal&version=1.7.5
     talosImageURL: &talosImage factory.talos.dev/installer/cc493cae44e0bdbbefb5b5d1fb22ff724134cd7c6bb65172fa84e181568be45d
     schematic: &schematic
       customization: