Last active
December 2, 2025 09:52
-
-
Save Nurlan199206/87b1fa7834121b3ec5e93c9b8260ddc4 to your computer and use it in GitHub Desktop.
talos linux deploy production cluster
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| export CONTROL_PLANE_IP=("192.168.200.81" "192.168.200.82" "192.168.200.83") | |
| export YOUR_ENDPOINT=192.168.200.80 | |
| talosctl gen secrets -o secrets.yaml | |
| export CLUSTER_NAME=nurlan-k8s | |
| talosctl gen config --with-secrets secrets.yaml $CLUSTER_NAME https://$YOUR_ENDPOINT:6443 | |
| for ip in "${CONTROL_PLANE_IP[@]}"; do | |
| echo "=== Applying configuration to node $ip ===" | |
| talosctl apply-config --insecure \ | |
| --nodes $ip \ | |
| --file controlplane.yaml | |
| echo "Configuration applied to $ip" | |
| echo "" | |
| done | |
| talosctl config merge ./talosconfig | |
| mkdir -p ~/.talos | |
| cp ./talosconfig ~/.talos/config | |
| export TALOSCONFIG=~/.talos/config | |
| talosctl config endpoint 192.168.200.81 192.168.200.82 192.168.200.83 | |
| talosctl bootstrap --nodes 192.168.200.81 | |
| talosctl kubeconfig --nodes 192.168.200.81 | |
| talosctl kubeconfig alternative-kubeconfig --nodes 192.168.200.81 | |
| export KUBECONFIG=./alternative-kubeconfig | |
| kubectl get nodes | |
| =====================================cilium 1.18.4 BPF mode============================================= | |
| cilium install \ | |
| --set ipam.mode=kubernetes \ | |
| --set kubeProxyReplacement=true \ | |
| --set securityContext.capabilities.ciliumAgent="{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}" \ | |
| --set securityContext.capabilities.cleanCiliumState="{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}" \ | |
| --set cgroup.autoMount.enabled=false \ | |
| --set cgroup.hostRoot=/sys/fs/cgroup \ | |
| --set k8sServiceHost=localhost \ | |
| --set k8sServicePort=7445 \ | |
| --set bpf.masquerade=true \ | |
| --set routingMode=native \ | |
| --set ipv4NativeRoutingCIDR=10.244.0.0/16 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment