Hybrid Talos cluster with KubeSpan. Phase 1 - Preparing the environment.

homelabkuberneteshetznertaloshybrid-cluster

In this blog series I explore how I deploy hybrid Talos cluster with KubeSpan.

Previous articles:

Introduction post on hybrid cluster deployment.

Phase 0 - provisioning control plane nodes with Terraform

Phase 1 - preparing the enviroment.

In this phase, I run a script to prepare the environment. I want to ensure scripts of all phases of deployment know IP addresses of all nodes, and the identities of nodes are stable. To keep things simple, I will use .env file that I can instantiate in every Phases can generate artifacts. For example, talosctl will generate talos config file.

Phase 1 script will ensure ./generated folder (where artifacts such as cluster.env file will live) exists. Server IP addresses are fetched via tofu output. Let’s look at the current tofu output example:

# tofu output
talos_cluster_endpoint = "https://cp.example.com:6443"
talos_control_plane_ips = [
  "<node-1-ip>",
  "<node-2-ip>",
  "<node-3-ip>",
]
talos_network_id = "012345"

This information will be used to populate the following environment variables:

export CLUSTER_NAME="example-cluster"
export ENDPOINT="cp.example.com"
export NODE_IPS="192.0.2.10 192.0.2.11 192.0.2.12"
export SERVER_IDS="12345678 12345679 12345680"
export TALOS_VERSION="v1.10.6"
export SCRIPT_DIR="/path/to/project"
export BASE_DIR="/path/to/project"
export TERRAFORM_DIR="/path/to/project/terraform"
export GENERATED_DIR="/path/to/project/generated"
export HCLOUD_NETWORK_ID="1234567"

# Worker node configurations (physical machines)
export WORKER_NODES="1 2 3"
export WORKER_1_PATCH="patches/worker-patch-1.yml"
export WORKER_2_PATCH="patches/worker-patch-2.yml"
export WORKER_3_PATCH="patches/worker-patch-3.yml"
export WORKER_1_IP="10.200.0.2"
export WORKER_2_IP="10.200.0.3"
export WORKER_3_IP="10.200.0.4"

I populate worker nodes information by hand in the script since this information almost never changes. I’d have to come up with a different solution in a dynamic or scaleable enviroment. Maybe, an AWS equivalent metadata service? As with previous phase, I add make command to run the script. It fetches HCLOUD_TOKEN from tfvars file. Full talos-prepare job in GNUmakefile on Github.

I run this step with:

make talos-prepare TALOS_VERSION=v1.10.6

If all went well, I get the environment information with the next step prompt:

Environment preparation complete. You can now run 'make talos-install'.

Next phase - installing Talos - will be covered in the next post.

Code.

The code used to deploy the cluster is available via Github - sashkachan/talos-kubespan-bootstrap. I will use this code for the walkthrough of all phases and configuration required to make it succeed.