Talos v1.9.1 (#31)

* Talos v1.9.1 --------- Co-authored-by: Fedor Batonogov <f.batonogov@yandex.ru>
2025-11-29 00:33:02 +00:00 · 2024-12-30 07:34:35 +03:00
parent 2d0db228a3
commit bb857c43c2
4 changed files with 47 additions and 13 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -80,5 +80,5 @@ go.work
 .DS_Store
 ansible/secrets
 main
-talos/*.yaml
+talos/{controlplane,worker}.yaml
 talosconfig
--- a/talos/README.md
+++ b/talos/README.md
@@ -36,13 +36,13 @@ export TALOS_CONTROL_PLANE_IP=192.168.1.48
 Вот так можно посмотреть список дисков на узле:

 ```sh
-talosctl -n $TALOS_CONTROL_PLANE_IP disks --insecure
+talosctl -n $TALOS_CONTROL_PLANE_IP get disks --insecure
 ```

 Генерируем конфиг

 ```sh
-talosctl gen config --kubernetes-version 1.31.1 talos https://$TALOS_CONTROL_PLANE_IP:6443 --config-patch @patch.yaml
+talosctl gen config --kubernetes-version 1.32.0 talos https://$TALOS_CONTROL_PLANE_IP:6443 --config-patch @patch.yaml
 ```

 Применяем конфигурацию
@@ -86,16 +86,9 @@ helm upgrade \
    --install \
    cilium \
    cilium/cilium \
-    --version 1.16.3 \
+    --version 1.16.5 \
    --namespace kube-system \
-    --set ipam.mode=kubernetes \
-    --set kubeProxyReplacement=true \
-    --set securityContext.capabilities.ciliumAgent="{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}" \
-    --set securityContext.capabilities.cleanCiliumState="{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}" \
-    --set cgroup.autoMount.enabled=false \
-    --set cgroup.hostRoot=/sys/fs/cgroup \
-    --set k8sServiceHost=localhost \
-    --set k8sServicePort=7445
+    --values cilium.yaml
 ```

 ## Metrics Server
@@ -110,5 +103,5 @@ helm upgrade \
 ```

 ```sh
-talosctl upgrade-k8s --nodes $TALOS_CONTROL_PLANE_IP --to 1.31.2
+talosctl upgrade-k8s --nodes $TALOS_CONTROL_PLANE_IP --to 1.32.1
 ```
--- a/talos/cilium.yaml
+++ b/talos/cilium.yaml
@@ -0,0 +1,27 @@
+ipam:
+  mode: kubernetes
+kubeProxyReplacement: true
+securityContext:
+  capabilities:
+    ciliumAgent:
+      - CHOWN
+      - KILL
+      - NET_ADMIN
+      - NET_RAW
+      - IPC_LOCK
+      - SYS_ADMIN
+      - SYS_RESOURCE
+      - DAC_OVERRIDE
+      - FOWNER
+      - SETGID
+      - SETUID
+    cleanCiliumState:
+      - NET_ADMIN
+      - SYS_ADMIN
+      - SYS_RESOURCE
+cgroup:
+  autoMount:
+    enabled: false
+  hostRoot: /sys/fs/cgroup
+k8sServiceHost: localhost
+k8sServicePort: 7445
--- a/talos/patch.yaml
+++ b/talos/patch.yaml
@@ -0,0 +1,14 @@
+machine:
+  install:
+    disk: /dev/nvme0n1
+  time:
+    servers:
+      - 1.ru.pool.ntp.org
+      - 2.ru.pool.ntp.org
+      - 3.ru.pool.ntp.org
+cluster:
+  network:
+    cni:
+      name: none
+  proxy:
+    disabled: true