• Cluster up and running with Cilium (kube-proxy replacement)
• Argo CD configured for GitOps within this repo (Might change to a separate repo)

talos/ - Talos k8s configurations infra/ - Kubernetes tools and configuration

When you are running the talosctl gen config-command, you need to add the --config-patch @patch.yaml flag to the it. You might also want to export the kubeconfig file to $HOME/.kube/config instead of ..

Other than that, follow this guide. Then go to the next section.

This might take some time to complete, so be patient.

kubectl kustomize --enable-helm ./infra/cilium | kubectl apply -f -

To remove the node from the cluster, you run the following two commands:

talosctl -n <IP.of.node.to.remove> reset

kubectl delete node <nodename>

The way to update the cluster, is to swap out the nodes with new updated ones.

Simply run:

talosctl apply-config --insecure --nodes $CONTROL_PLANE_IP --file _out/controlplane.yaml

Keep in mind that if you replace the control-plane, you have to run the commands below to update the kubeconfig-file.

# Set it to the new IP shown in the console of newly installed controlplane-node
export CONTROL_PLANE_IP="ip.address.to.your.control.plane"

# Point to the talosconfig-file (used by talosctl)
export TALOSCONFIG="_out/talosconfig"
talosctl config endpoint $CONTROL_PLANE_IP
talosctl config node $CONTROL_PLANE_IP

# Export the new kubectl config:
talosctl kubeconfig $HOME/.kube/config

Simply run:

talosctl apply-config --insecure --nodes $WORKER_IP --file _out/worker.yaml

Install ArgoCD from the ./infra/argocd kustomize-files:

kubectl kustomize --enable-helm ./infra/argocd | kubectl apply -f -

With the cilium configuration we have, your argocd-server service should have been assigned its own IP on your LAN. Make sure you can reach your argo login-screen with this IP (port 80).

Assuming you have gotten to the login-screen, you have to get the credentials from argocd. There is an autogenerated password for you within the cluster. Just query the kubernetes with the query below and log in with it (username: admin)

kubectl get secret argocd-initial-admin-secret -n argocd -o jsonpath="{.data.password}"

Now I would suggest you change the password and store it somewhere else.

We want to configure argocd to handle everything we have added to the cluster, even argo itself. We use the argocd apps of apps-pattern to achieve this.

I also want to differentiate between the infra/ app of apps and the apps/ app of apps. The infra/ is used for kubernetes-tooling, while apps/ is used for user-applications. TODO: See this repo. From this video