scottk/terraform-talos
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/terraform-talos.git synced 2025-10-29 17:42:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
cb0c6d7c69d674c2c17c6e0e75ce4ea26c631fa1
terraform-talos/azure
History
Serge Logvinov 9e9a98a441 clean
2024-02-11 23:06:55 +02:00
..
deployments
update deployments
2023-09-12 09:35:33 +03:00
images
clean
2024-02-11 23:06:55 +02:00
init
clean
2024-02-11 23:06:55 +02:00
modules/controlplane
controlplane refactoring
2023-06-26 20:31:59 +03:00
prepare
clean
2024-02-11 23:06:55 +02:00
services
clean
2024-02-11 23:06:55 +02:00
templates
remove modules
2023-07-02 14:37:17 +03:00
.gitignore
Split network, create rbac roles
2022-05-26 16:36:08 +03:00
auth.tf
av-zones support
2023-06-28 19:14:33 +03:00
common.tf
controlplane refactoring
2023-06-26 20:31:59 +03:00
instances-controlplane.tf
use acr
2023-06-29 12:43:44 +03:00
instances-db.tf
use acr
2023-06-29 12:43:44 +03:00
instances-web.tf
soft route fixes
2023-07-18 19:12:35 +03:00
instances-werker.tf
soft route fixes
2023-07-18 19:12:35 +03:00
Makefile
clean
2024-02-11 23:06:55 +02:00
network-lb.tf
av-zones support
2023-06-28 19:14:33 +03:00
outputs.tf
soft route fixes
2023-07-18 19:12:35 +03:00
README.md
update azure deployments
2023-06-27 19:46:06 +03:00
variables.tf
use acr
2023-06-29 12:43:44 +03:00
versions.tf
controlplane refactoring
2023-06-26 20:31:59 +03:00

README.md

Talos on Azure Cloud

Create IAM roles

Create roles

Terraform will create the roles. az ad sp creates the accounts and assign the roles. Do not forget to save account credits.

cd init
terraform init
terraform apply

az ad sp create-for-rbac --name "kubernetes-csi" --role kubernetes-csi --scopes="/subscriptions/<subscription-id>" --output json
az ad sp create-for-rbac --name "kubernetes-node-autoscaler" --role kubernetes-node-autoscaler --scopes="/subscriptions/<subscription-id>" --output json

# add aadClientId,aadClientSecret to the file _cfgs/azure.json, andd apply it
kubectl -n kube-system create secret generic azure-cluster-autoscaler --from-file=azure.json=_cfgs/azure.json
kubectl -n kube-system create secret generic azure-csi --from-file=azure.json=_cfgs/azure.json

Local utilities

  • terraform
  • talosctl
  • kubectl
  • yq

Network diagram

Kubernetes addons

Known Issues

  • CSI controller needs a region name. And I think this can affect multi region setup. The half solution is using the node identity method, and receiving the region name from the meta server.