# Cozystack ## Quick Start Install dependicies: - `docker` - `talosctl` - `dialog` - `nmap` - `make` - `yq` - `kubectl` - `helm` ### Preapre Talos image for your infrastructure TODO: later this will be automated ``` docker run --rm -t \ -v $PWD/_out:/out -v /dev:/dev --privileged ghcr.io/siderolabs/imager:v1.6.2 installer \ --system-extension-image=ghcr.io/siderolabs/qlogic-firmware:20240115 \ --system-extension-image=ghcr.io/siderolabs/bnx2-bnx2x:20240115 \ --system-extension-image=ghcr.io/siderolabs/drbd:9.2.6-v1.6.2 \ --system-extension-image=ghcr.io/siderolabs/zfs:2.1.14-v1.6.2 docker load -i _out/installer-amd64.tar docker tag ghcr.io/siderolabs/installer:v1.6.2 ghcr.io/kvaps/test:cozystack-talos-v1.6.2 docker push ghcr.io/kvaps/test:cozystack-talos-v1.6.2 ``` ### Netboot server Write configuration: ``` mkdir -p matchbox/assets matchbox/groups matchbox/profiles wget -O matchbox/assets/initramfs.xz \ https://github.com/siderolabs/talos/releases/download/v1.6.0/initramfs-amd64.xz wget -O matchbox/assets/vmlinuz \ https://github.com/siderolabs/talos/releases/download/v1.6.0/vmlinuz-amd64 cat > matchbox/groups/default.json < matchbox/profiles/default.json < patch.yaml <<\EOT machine: kubelet: nodeIP: validSubnets: - 192.168.100.0/24 kernel: modules: - name: openvswitch - name: drbd parameters: - usermode_helper=disabled - name: zfs install: image: ghcr.io/kvaps/test:cozystack-talos-v1.6.2 cluster: network: cni: name: none podSubnets: - 10.244.0.0/16 serviceSubnets: - 10.96.0.0/16 EOT cat > patch-controlplane.yaml <<\EOT cluster: allowSchedulingOnControlPlanes: true controllerManager: extraArgs: bind-address: 0.0.0.0 scheduler: extraArgs: bind-address: 0.0.0.0 apiServer: certSANs: - 127.0.0.1 proxy: disabled: true discovery: enabled: false etcd: advertisedSubnets: - 192.168.100.0/24 EOT ``` Run [talos-bootstrap](https://github.com/aenix-io/talos-bootstrap/) to deploy cluster ### Install Cozystack write config for cozystack: ```yaml cat > cozystack-config.yaml <<\EOT apiVersion: v1 kind: ConfigMap metadata: name: cozystack namespace: cozy-system data: cluster-name: "cozystack" cluster-type: "baremetal" ipv4-pod-cidr: "10.244.0.0/16" ipv4-pod-gateway: "10.244.0.1" ipv4-svc-cidr: "10.96.0.0/16" ipv4-join-cidr: "100.64.0.0/16" ipv4-external-pool-private: "192.168.100.200-192.168.100.250" ipv4-external-pool-public: "1.2.3.4/32,1.2.3.5/32" monitoring-remote-write-url-1: "http://vminsert-monitoring-system-shortterm.tenant-root.svc:8480/insert/0/prometheus/api/v1/write" monitoring-remote-write-url-2: "http://vminsert-monitoring-system-longterm.tenant-root.svc:8480/insert/0/prometheus/api/v1/write" EOT ``` Install cozystack system components: ``` kubectl apply -f cozystack-config.yaml kubectl apply -f manifests/cozystack-installer.yaml ``` Check the status of installation: ``` kubectl get hr -A ``` Get token from `tenant-root`: ``` kubectl get secret -n tenant-root tenant-root -o go-template='{{ printf "%s\n" (index .data "token" | base64decode) }}' ``` ``` kubectl port-forward -n cozy-kubeapps svc/kubeapps 8080:80 ``` Open: http://localhost:8080/ ### Chart Install Responsibilities #### core/installer: - **system/cilium** [helm] - **system/kubeovn** [helm] - **system/fluxcd** [helm] - **core/platform** [kubectl] #### core/platform: - **system/\*** [fluxcd]