s5b-public/k8s
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
main
k8s/00-infrastructure/README.md
Marcel Straub b2f7eba0fa Enable Cilium IPv4 only (#1) 
Co-authored-by: Marcel Straub <m@straubs.eu>
Reviewed-on: s5b-private/k8s#1
2025-09-05 12:43:00 +02:00

66 lines
2.5 KiB
Markdown
Raw Permalink Blame History

# Infrastructure
Here, you find everything to setup the VM infrastructure for TALOS cluster.
## Structure
1. [Ansible Notebooks for managing Proxmox hosts](./00-ansible-pve-hosts/README.md)
## Get started
### Setup Proxmox Cluster
tbd. For now, it's expected to have happened already.
- Creation of terraform user
- Assign role
- create token
### Install OpenTofu
> **IMPORTANT**: Ensure that the amd64 version of OpenTofu is installed. The i386 32bit plugins are providing a lot of trouble, i.e. failing provisionings, unparsable data structures, etc.pp.
```shell
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl gnupg
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://get.opentofu.org/opentofu.gpg | sudo tee /etc/apt/keyrings/opentofu.gpg >/dev/null
curl -fsSL https://packages.opentofu.org/opentofu/tofu/gpgkey | sudo gpg --no-tty --batch --dearmor -o /etc/apt/keyrings/opentofu-repo.gpg >/dev/null
sudo chmod a+r /etc/apt/keyrings/opentofu.gpg
echo \
"deb [signed-by=/etc/apt/keyrings/opentofu.gpg,/etc/apt/keyrings/opentofu-repo.gpg] https://packages.opentofu.org/opentofu/tofu/any/ any main
deb-src [signed-by=/etc/apt/keyrings/opentofu.gpg,/etc/apt/keyrings/opentofu-repo.gpg] https://packages.opentofu.org/opentofu/tofu/any/ any main" | \
sudo tee /etc/apt/sources.list.d/opentofu.list > /dev/null
sudo apt install tofu
```
## Important tasks
### Reuse machine secrets
```shell
tofu state rm module.talos.talos_machine_secrets.this
tofu import module.talos.talos_machine_secrets.this output/talos-machine-secrets.yaml
tofu apply --refresh=false
```
### Run interactive container
```shell
kubectl run -i --tty --rm debug --image=harbor.prod.eis-mk8.de.s5b.org/internal/debug-container:latest --restart=Never -- /usr/bin/zsh
```
If the container is not automatically removed, use
```shell
kubectl delete pod debug
```
## Literature
- [Talos Kubernetes on Proxmox using OpenTofu](https://blog.stonegarden.dev/articles/2024/08/talos-proxmox-tofu/)
- [Talos on Proxmox with Terraform (multiple node pools)](https://github.com/sergelogvinov/terraform-talos/tree/main/proxmox)
- [Infrastructure Automation: Provisioning VMs on Proxmox with Packer, OpenTOFU, GitLab, Vault, and Minio.](https://medium.com/@avishkumar27/infrastructure-automation-provisioning-vms-on-proxmox-with-packer-opentofu-gitlab-vault-and-27fda7d73771)
- [Talos IPv6 only cluster (2023/12/07)](https://www.redpill-linpro.com/techblog/2023/12/07/ipv6-only-k8s.html)
Reference in New Issue View Git Blame Copy Permalink