Skip to content
/ terraform-talos-modules Public

a collection of opinionated terraform modules for running talos on hetzner

License

MIT license
4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

miran248/terraform-talos-modules

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

61 Commits
dev
dev
 
 
examples
examples
 
 
manifests
manifests
 
 
modules
modules
 
 
packer
packer
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

terraform-talos-modules

Modules in this repository help provision and maintain multi-region kubernetes clusters on hetzner.

features

  • talos with kubeprism and hostdns, without kubespan
  • ipv6-only connectivity
  • single-stack, ipv6 internals
  • cilium - direct routing (veth), bigtcp, bbr and pod-to-pod wireguard encryption
  • talos-ccm - handles cluster certificates and ipam (CloudAllocator)
  • hcloud-csi - storage
  • gcp-wif-webhook - links kubernetes and gcp service accounts

modules

  1. hcloud-pool - allocates public ipv6 /64 blocks for all defined nodes
  2. talos-cluster - forms a talos cluster from previously defined node pools
  3. hcloud-apply - provisions servers with talos configs and sets up firewalls
  4. talos-apply - bootstraps the cluster and handles all future config changes
  5. gcp-wif - optional, manages gcp workload identity pool, service accounts and a bucket, it also generates talos config patch
  6. gcp-wif-apply - optional, downloads oidc files from the running cluster and stores them in the previously created bucket

examples

See examples folder.

diagram

The following mermaid flowchart outlines the order of operations between different modules for a cluster, spanning two regions.

%%{init: {'theme': 'neutral' } }%%
graph TD
    WIF[/gcp-wif/]
    HPN[/hcloud-pool nbg/]
    HPH[/hcloud-pool hel/]
    TC[talos-cluster]
    HAN[hcloud-apply nbg]
    HAH[hcloud-apply hel]
    TA[talos-apply]
    WIFA[gcp-wif-apply]
    HPN --> TC
    HPN --> HAN
    HPH --> TC
    TC --> HAN
    TC --> TA
    TC --> HAH
    HPH --> HAH
    TC --> WIFA
    TA --> WIFA
    WIF --> WIFA
    WIF --> TC
Loading

try it out

  1. clone the repo
  2. navigate to dev folder and run just to deploy the cluster
  3. open talos dashboard and wait for [talos] created messages
> TALOSCONFIG=talos-config talosctl -n c1 dashboard
  1. navigate to manifests folder and run just to generate all necessary yaml files
  2. apply them individually, talos-ccm and cilium are required
> KUBECONFIG=../dev/kube-config kubectl apply --server-side=true -f talos-ccm.yaml
> KUBECONFIG=../dev/kube-config kubectl apply --server-side=true -f cilium.yaml
...
  1. open talos dashboard again and wait for the message [talos] machine is running and ready.
  2. to verify, open k9s
> KUBECONFIG=kube-config k9s

About

a collection of opinionated terraform modules for running talos on hetzner

Topics

modules terraform talos hetzner

Resources

Readme

License

MIT license
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

7 tags

Packages

No packages published

Languages