-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtalos-proper-deployment.sh
More file actions
executable file
Β·170 lines (148 loc) Β· 4.79 KB
/
talos-proper-deployment.sh
File metadata and controls
executable file
Β·170 lines (148 loc) Β· 4.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
#!/usr/bin/env bash
# talos-proper-deployment.sh - Deploy Talos following official AWS guide
set -eo pipefail
# Configuration
REGION="eu-west-1"
VPC_ID="vpc-04af837e642c001c6"
SECURITY_GROUP="sg-0e6b4a78092854897"
REGISTRY_CACHE="10.10.1.100:5054"
CUSTOM_TALOS_IMAGE="ghcr.io/urmanac/cozystack-assets/talos/cozystack-spin-tailscale/talos:latest"
# Official Talos v1.11.5 ARM64 AMI (verified from official releases)
TALOS_AMI="ami-07898be81f2028262"
echo "π Deploying Talos following official AWS guide..."
echo "π VPC: $VPC_ID"
echo "π Security Group: $SECURITY_GROUP"
echo "π¦ Registry Cache: $REGISTRY_CACHE"
echo "π§ Custom Talos: $CUSTOM_TALOS_IMAGE"
echo "π Talos AMI: $TALOS_AMI"
# Check if talosctl is installed
if ! command -v talosctl &> /dev/null; then
echo "π₯ Installing talosctl..."
curl -sL https://talos.dev/install | sh
sudo mv talosctl /usr/local/bin/
fi
# Create AWS time server patch as per official guide
echo "π Creating AWS time server patch..."
cat > time-server-patch.yaml << 'EOF'
machine:
time:
servers:
- 169.254.169.123
registries:
mirrors:
docker.io:
endpoints:
- http://10.10.1.100:5054
ghcr.io:
endpoints:
- http://10.10.1.100:5054
config:
10.10.1.100:5054:
tls:
insecureSkipVerify: true
install:
image: ghcr.io/urmanac/cozystack-assets/talos/cozystack-spin-tailscale/talos:latest
features:
kubernetesTalosAPIAccess:
enabled: true
allowedRoles:
- os:admin
allowedKubernetesNamespaces:
- kube-system
disks:
- device: /dev/xvdb
partitions:
- mountpoint: /var/lib/longhorn
EOF
# Generate Talos configuration with our custom patches
echo "π Generating Talos configuration..."
# Use instance's future IPv6 address as endpoint
CLUSTER_ENDPOINT="https://[2a05:d018:106c:7801:295:6957:b303:1d7c]:6443"
talosctl gen config talos-cozystack-cluster $CLUSTER_ENDPOINT \
--with-examples=false \
--with-docs=false \
--with-kubespan \
--install-disk /dev/xvda \
--config-patch '@time-server-patch.yaml'
echo "π Generated configuration files:"
ls -la *.yaml
echo "ποΈ Creating Talos node with proper configuration..."
# Base64 encode the controlplane config for user data
CONTROLPLANE_B64=$(base64 -w0 controlplane.yaml)
INSTANCE_ID=$(aws ec2 run-instances \
--region $REGION \
--image-id "$TALOS_AMI" \
--instance-type c7g.large \
--security-group-ids $SECURITY_GROUP \
--subnet-id subnet-07a140ab2b20bf89b \
--private-ip-address 10.10.1.109 \
--ipv6-address-count 1 \
--user-data "data:text/plain;base64,$CONTROLPLANE_B64" \
--block-device-mappings '[
{
"DeviceName": "/dev/xvda",
"Ebs": {
"VolumeSize": 20,
"VolumeType": "gp3",
"DeleteOnTermination": true
}
},
{
"DeviceName": "/dev/xvdb",
"Ebs": {
"VolumeSize": 100,
"VolumeType": "gp3",
"DeleteOnTermination": true
}
}
]' \
--tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=talos-proper-01}]' \
--query 'Instances[0].InstanceId' \
--output text)
echo "β
Created Talos instance: $INSTANCE_ID"
# Wait for instance to be running
echo "β³ Waiting for instance to start..."
aws ec2 wait instance-running --region $REGION --instance-ids $INSTANCE_ID
# Get the instance's IPv6 address
IPV6_ADDRESS=$(aws ec2 describe-instances \
--region $REGION \
--instance-ids $INSTANCE_ID \
--query 'Reservations[0].Instances[0].NetworkInterfaces[0].Ipv6Addresses[0].Ipv6Address' \
--output text)
echo "π Instance IPv6: $IPV6_ADDRESS"
# Export talosconfig for authentication
export TALOSCONFIG=$(pwd)/talosconfig
# Configure talosctl to talk to our node
echo "π§ Configuring talosctl..."
talosctl config endpoint $IPV6_ADDRESS
talosctl config nodes $IPV6_ADDRESS
# Wait for Talos API to be ready
echo "β³ Waiting for Talos API to be ready..."
for i in {1..20}; do
if talosctl health --server=false 2>/dev/null; then
echo "β
Talos API is ready!"
break
fi
echo "π Attempt $i/20: Talos API not ready yet, waiting 30s..."
sleep 30
done
# Bootstrap the cluster
echo "π Bootstrapping etcd..."
talosctl bootstrap
# Wait for cluster to be healthy
echo "β³ Waiting for cluster to be healthy..."
talosctl health
# Get kubeconfig
echo "π Retrieving kubeconfig..."
talosctl kubeconfig .
export KUBECONFIG=$(pwd)/kubeconfig
echo ""
echo "π Talos cluster deployed successfully!"
echo "π Check cluster status:"
echo " kubectl get nodes"
echo " talosctl health"
echo " talosctl dashboard"
echo ""
echo "π Monitor console: aws ec2 get-console-output --region eu-west-1 --instance-id $INSTANCE_ID"
echo "π Node IPv6: $IPV6_ADDRESS"
echo "πΎ Storage disk: /dev/xvdb (100GB) mounted at /var/lib/longhorn"