scottk/terraform-talos
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/terraform-talos.git synced 2025-10-29 17:42:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
588373a06800cfd070dd2ed70b0d4c1e75e378db
terraform-talos/README.md
Serge Logvinov ce40bdf8ad update proxmox setup
2023-05-07 21:23:32 +03:00

63 lines
3.2 KiB
Markdown
Raw Blame History

# Terraform examples to launch Talos.
I store here the terraform code to launch Talos in the clouds.
I wouldn't use the terrafrom modules from internet.
The goal is to create all cloud services from scratch.
## Ideas
First, I will create separate clusters on each cloud provider, test them thoroughly, and bring them close to production readiness. When I merge these separate Kubernetes clusters into one, they will have a single control plane.
Why is it so important?
Having a single Kubernetes control plane that spans multiple cloud providers can offer several benefits:
* Improved resilience and availability: By using multiple cloud providers, you can reduce the risk of downtime due to a single point of failure.
* Flexibility: A single control plane allows you to easily move workloads between different cloud providers, depending on your needs.
* Cost savings: You can take advantage of the different pricing models and discounts offered by different cloud providers to save on costs.
* Improved security: By using multiple cloud providers, you can implement a defense-in-depth strategy to protect your data and reduce the risk of a security breach.
* Decrease the time to recovery (TTR)
## Clouds
| Platform | Checked Talos version | Addons | Setup type | Nat-IPv4 | IPv6 |
|---|---|---|---|---|---|
| [Azure](azure) | 1.3.4 | CCM,CSI,Autoscaler | many regions, many zones | ✓ | ✓ |
| [Exoscale](exoscale) | 1.3.0 | CCM,Autoscaler | many regions | ✗ | |
| [GCP](gcp-zonal) | 1.3.4 | CCM,CSI,Autoscaler | one region, many zones | ✓ | ✓ |
| [Hetzner](hetzner) | 1.4.0 | CCM,CSI,Autoscaler | many regions, one network zone | ✗ | ✓ |
| [Openstack](openstack) | 1.3.4 | CCM,CSI | many regions, many zones | ✓ | ✓ |
| [Oracle](oracle) | 1.3.4 | CCM,~~CSI~~,Autoscaler | one region, many zones | ✓ | ✓ |
| [Proxmox](proxmox) | 1.3.4 | CCM,CSI | one region, mny zones | ✓ | ✓ |
| [Scaleway](scaleway) | 1.3.4 | CCM,CSI | one region | ✓ | ✓ |
## Known issues
* Talos does not support Oracle CSI.
## Multi cloud compatibility
CCM compatibility, which can work together:
* Talos CCM in mode: `cloud-node`
* Other CCMs in mode: `cloud-node-lifecycle`
| | Azure | GCP | Hetzner | Openstack | Proxmox |
|---|---|---|---|---|---|
| Azure | | ✓ | ✓ | ✓ | ✓ |
| Exoscale | | | | |
| GCP | ✓ | | ✓ | ✓ | ✓ |
| Hetzner | ✓ | ✓ | | ✓ | ✓ |
| Openstack | ✓ | ✓ | ✓ | | ✓ |
| Proxmox | ✓ | ✓ | ✓ | ✓ | |
## Common
* **cilium** network with vxlan tunnels.
* **ingress-nginx** (daemonsets) runs on ```web``` role nodes.
It uses ```hostNetwork``` ports 80,443 for optimizations.
It helps me to tweak the kernel on a host and apply it to ingress controller.
And I can disable conntrack too.
* **coredns-local** (daemonsets) uses dummy interface on al nodes and has ip ```169.254.2.53```
It decrease the dns response (all traffic does not leave the node).
* **rancher.io/local-path** as default storage class.
Reference in New Issue View Git Blame Copy Permalink