Add conditional nodeLabels configuration to remove the
exclude-from-external-load-balancers
label from control plane nodes when worker_count <= 0. This allows
control plane nodes to receive external load balancer traffic in
single-node or control-plane-only clusters while maintaining standard
separation for multi-node clusters.
Fixes: #241🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
add dummy control plane and worker entries to the `controlplane_yaml`
and `worker_yaml` locals when their respective counts are zero. this
prevents errors when generating the talos configuration and ensures
that the module functions correctly even when no control planes or
workers are explicitly defined. the dummy entries use predictable
fallback IP addresses and are included in the final config patches.
This is required to be able to select configs (patches) by name.
You can use `moved` blocks to migrate the servers:
e.g.:
```
moved {
from = module.talos.hcloud_server.control_planes[0]
to = module.talos.hcloud_server.control_planes["control-plane-1"]
}
moved {
from = module.talos.hcloud_server.workers[0]
to = module.talos.hcloud_server.workers["worker-1"]
}
```
BREAKING CHANGE: Use `moved` to migrate.
- Introduce a new variable `kubelet_extra_args` in `variables.tf` to allow
additional kubelet arguments to be specified
- Modify `talos_patch_worker.tf` and `talos_patch_control_plane.tf` to merge
the default kubelet arguments with any user-specified `kubelet_extra_args`
- This change enables more flexible kubelet configurations, which can be
tailored to specific cluster requirements
Signed-off-by: Marcel Richter <mail@mrclrchtr.de>
Introduced a new variable `kernel_modules_to_load` and updated `talos_patch_worker.tf` and `talos_patch_control_plane.tf` to support configuration of kernel modules.
Signed-off-by: Marcel Richter <mail@mrclrchtr.de>
Added a new `registries` variable to `variables.tf` to allow configuration of registry mirrors in Talos deployments. This feature enables users to specify custom registry mirrors for container image downloads, enhancing flexibility and potential performance improvements in environments with specific network requirements or restrictions.
Signed-off-by: Marcel Richter <mail@mrclrchtr.de>
Enabled Prometheus metrics in Cilium configuration to prepare for kube-prometheus-stack integration. Updated README to reflect these changes.
Signed-off-by: Marcel Richter <mail@mrclrchtr.de>
Added `bind-address` config for Kubernetes scheduler in the Talos control plane patch file to be able to monitor with prometheus.
Signed-off-by: Marcel Richter <mail@mrclrchtr.de>
Changed "rotate-server-certificates" from string to boolean in talos_patch_control_plane.tf. This ensures proper parsing by Terraform.
Signed-off-by: Marcel Richter <mail@mrclrchtr.de>
Adjusted resource and data configurations to ensure at least one instance is created, even when count is set to 0. This change includes updates to control plane and worker machine configurations, primary IP assignments, and private IPv4 lists.
This adjustment is crucial for maintaining debuggability and consistent infrastructure provisioning.
Made the cluster domain configurable by introducing a new variable `cluster_domain` and updating references in Terraform configuration files. This change allows for dynamic domain naming, enhancing flexibility for different deployment scenarios.
IPv4/IPv6 dual-stack is actually not supported, it keeps being an IPv4 single stack. PRs welcome!
Added the `enable_ipv6` variable to conditionally enable IPv6 addresses for servers. This update allows users to specify whether their infrastructure should support IPv6, making the setup more flexible for different network requirements. Additionally, updated resources and configurations to respect the `enable_ipv6` flag, including adjustments to server and network configurations to properly handle IPv6 addresses and subnets when enabled. This change enhances network configuration options, enabling users to opt for IPv6 support based on their specific needs or restrictions.
The update includes:
- A new variable `enable_ipv6` to toggle IPv6 support.
- Conditional logic in Terraform configurations to apply IPv6 settings.
- Adjustments to server provisioning scripts to enable or disable IPv6 based on the new variable.
This enhancement simplifies network configuration management in environments where IPv6 support is either required or needs to be explicitly disabled, providing greater flexibility in how infrastructure is deployed.
