talos-init

dezren39 · dezren39 · commit 82cefee603e5 · 2025-01-04T21:43:24.000-06:00
diff --git a/infra/talos/01b.us/apply-all-config.sh b/infra/talos/01b.us/apply-all-config.sh
@@ -0,0 +1,21 @@
+set -ex
+
+talosctl apply-config --file "./secrets/controlplane.yaml" --nodes 10.10.8.188 # a1
+talosctl apply-config --file "./secrets/controlplane.yaml" --nodes 10.10.12.69 # b1
+talosctl apply-config --file "./secrets/controlplane.yaml" --nodes 10.10.24.137 # c1
+talosctl apply-config --file "./secrets/worker.yaml" --nodes 10.10.18.43
+talosctl apply-config --file "./secrets/worker.yaml" --nodes 10.10.21.108
+talosctl apply-config --file "./secrets/worker.yaml" --nodes 10.10.18.43
+talosctl apply-config --file "./secrets/worker.yaml" --nodes 10.10.31.114 # a2
+talosctl apply-config --file "./secrets/worker.yaml" --nodes 10.10.16.105 # a5
+talosctl apply-config --file "./secrets/worker.yaml" --nodes 10.10.24.60  # c2
+talosctl apply-config --file "./secrets/worker.yaml" --nodes 10.10.4.141  # c3
+talosctl apply-config --file "./secrets/worker.yaml" --nodes 10.10.22.204 # c4
+talosctl apply-config --file "./secrets/worker.yaml" --nodes 10.10.15.10  # c5
+talosctl apply-config --file "./secrets/worker.yaml" --nodes 10.10.25.241 # b2
+talosctl apply-config --file "./secrets/worker.yaml" --nodes 10.10.8.199 # b3
+talosctl apply-config --file "./secrets/worker.yaml" --nodes 10.10.3.175 # b4
+talosctl apply-config --file "./secrets/worker.yaml" --nodes 10.10.27.240 # b5
+talosctl apply-config --file "./secrets/worker.yaml" --nodes 10.10.30.37 # b6
+talosctl apply-config --file "./secrets/worker.yaml" --nodes 10.10.9.213 # b7
+talosctl apply-config --file "./secrets/worker.yaml" --nodes 10.10.31.127 # b8
diff --git a/infra/talos/01b.us/init-cluster.sh b/infra/talos/01b.us/init-cluster.sh
@@ -15,38 +15,60 @@ talosctl gen config --with-secrets ./secrets/secrets.yaml secrets https://10.10.
 export TALOSCONFIG=secrets/talosconfig
 talosctl apply-config --insecure --file "./secrets/controlplane.yaml" --nodes 10.10.8.188 # a1
 # talosctl apply-config --insecure --file "./secrets/controlplane.yaml" --nodes 10.10.4.92 # a2 # stopped
-talosctl apply-config --insecure --file "./secrets/controlplane.yaml" --nodes 10.10.15.105 # b1
+# talosctl apply-config --insecure --file "./secrets/controlplane.yaml" --nodes 10.10.15.105 # b1 # stopped
+talosctl apply-config --insecure --file "./secrets/controlplane.yaml" --nodes 10.10.12.69 # b1
 talosctl apply-config --insecure --file "./secrets/controlplane.yaml" --nodes 10.10.24.137 # c1
 talosctl bootstrap --endpoints 10.10.8.188 --nodes 10.10.8.188
 # talosctl -n 10.10.24.137 service etcd # c1
-# talosctl -n 10.10.8.188 etcd member list
+# talosctl -n 10.10.8.188 etcd members list
+# must remove one to add another
 # talosctl etcd remove-member d0ad514b939e5565
+# talosctl etcd remove-member fee03360fedfd7c6 # removed b1 10.10.15.105
 
 # is this right?
-talosctl config endpoint 10.10.0.42 10.10.8.188 10.10.15.105 10.10.24.137
+talosctl config endpoint 10.10.0.42 10.10.8.188 10.10.12.69 10.10.24.137
 
-talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.18.178
+# talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.18.178
+# talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.14.112
+# talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.24.164
+# talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.8.0
+# talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.20.128
+# talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.24.136 # b7
 
 talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.18.43
 talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.21.108
-talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.14.112
-talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.24.164
-talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.8.0
-talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.20.128
 talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.18.43
 talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.31.114 # a2
 talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.16.105 # a5
-talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.24.136 # b7
 talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.24.60  # c2
 talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.4.141  # c3
 talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.22.204 # c4
 talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.15.10  # c5
 
+talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.25.241 # b2
+talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.8.199 # b3
+talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.3.175 # b4
+talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.27.240 # b5
+talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.30.37 # b6
+talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.9.213 # b7
+talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.31.127 # b8
+
 # is this right?
-talosctl config node 10.10.0.42 10.10.8.188 10.10.15.105 10.10.4.92 10.10.18.178 10.10.18.43 10.10.21.108 10.10.14.112 10.10.24.164 10.10.8.0 10.10.20.128 10.10.18.43 10.10.31.114 10.10.16.105 10.10.24.136 10.10.24.60 10.10.4.141 10.10.22.204 10.10.15.10
+
+talosctl config node 10.10.0.42 10.10.8.188 10.10.12.69 10.10.24.137 10.10.18.43 10.10.21.108 10.10.18.43 10.10.31.114 10.10.16.105 10.10.24.60 10.10.4.141 10.10.22.204 10.10.15.10 10.10.25.241 10.10.8.199 10.10.3.175 10.10.27.240 10.10.30.37 10.10.9.213 10.10.31.127
+
+#
+# old b?
+# 10.10.18.178 \
+# 10.10.14.112 \
+# 10.10.24.164 \
+# 10.10.8.0 \
+# 10.10.20.128 \
+# 10.10.24.136 \
+
 # talosctl config node 10.10.0.42
 
-# talosctl get members.8.188 10.10.15.105 10.10.4.
+# talosctl get members.8.188 10.10.12.69 10.10.4.
 # talosctl get nodestatus
 talosctl get volumestatus
 s
@@ -69,7 +91,7 @@ talosctl get nodetaintspec
 # talosctl get identity
 talosctl get hostname
 
-talosctl etcd status -n 10.10.8.188,10.10.15.105,10.10.4.92 # workers expected to fail
+talosctl etcd status -n 10.10.8.188,10.10.12.69,10.10.24.137
 
 talosctl kubeconfig ./secrets/kubeconfig -n 10.10.0.42
 # talosctl kubeconfig -n 10.10.0.42
diff --git a/infra/talos/01b.us/kubernetes/infrastructure/networking/metallb/config.yaml b/infra/talos/01b.us/kubernetes/infrastructure/networking/metallb/config.yaml
@@ -5,15 +5,21 @@ metadata:
   namespace: metallb-system
 spec:
   addresses:
-    # reserved for static ip
+    # reserved for gateway static ip (main edge router from: 10.10.0.0/16)
     # - 10.10.0.0 - 10.10.1.255
 
-    # reserved for gateway dhcp (main edge router)
+    # reserved for gateway dhcp (main edge router from: 10.10.0.0/16)
     # - 10.10.2.0 - 10.10.31.255
 
-    # reserved for 01b.us cluster load balancers
+    # reserved for 01b.us cluster load balancers (no subnet? essentially a separate dhcp under main edge router from 10.10.0.0/16)
     - 10.10.32.0-10.10.63.254
 
+    # reserved for kubernetes: 10.96.0.0/12
+    # - 10.96.0.0 - 10.111.255.255
+
+    # reserved for kubernetes: 10.244.0.0/16
+    # - 10.244.0.0 - 10.244.255.255
+
 ---
 apiVersion: metallb.io/v1beta1
 kind: L2Advertisement
diff --git a/infra/talos/01b.us/patch-cluster-node-b.sh b/infra/talos/01b.us/patch-cluster-node-b.sh
@@ -0,0 +1,44 @@
+export TALOSCONFIG=secrets/talosconfig
+
+talosctl apply-config --insecure --file "./secrets/controlplane.yaml" --nodes 10.10.12.69 # b1
+
+talosctl config endpoint 10.10.0.42 10.10.8.188 10.10.12.69 10.10.24.137
+
+talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.25.241 # b2
+talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.8.199 # b3
+talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.3.175 # b4
+talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.27.240 # b5
+talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.30.37 # b6
+talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.9.213 # b7
+talosctl apply-config --insecure --file "./secrets/worker.yaml" --nodes 10.10.31.127 # b8
+
+talosctl config node \
+10.10.0.42 \
+10.10.8.188 \
+10.10.12.69 \
+10.10.18.178 \
+10.10.18.43 \
+10.10.21.108 \
+10.10.14.112 \
+10.10.24.164 \
+10.10.8.0 \
+10.10.20.128 \
+10.10.18.43 \
+10.10.31.114 \
+10.10.16.105 \
+10.10.24.136 \
+10.10.24.60 \
+10.10.4.141 \
+10.10.22.204 \
+10.10.15.10 \
+\
+10.10.25.241 \
+10.10.8.199 \
+10.10.3.175 \
+10.10.27.240 \
+10.10.30.37 \
+10.10.9.213 \
+10.10.31.127 \
+#
+
+talosctl etcd status -n 10.10.8.188,10.10.12.69,10.10.24.137
diff --git a/infra/talos/01b.us/secrets.enc b/infra/talos/01b.us/secrets.enc
