generate

package
v1.9.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 16, 2025 License: MPL-2.0 Imports: 18 Imported by: 8

Documentation

Overview

Package generate provides Talos machine configuration generation and client config generation.

Please see the example for more information on using this package.

Example
package main

import (
	"log"
	"os"
	"time"

	"github.com/siderolabs/talos/pkg/machinery/config"
	"github.com/siderolabs/talos/pkg/machinery/config/generate"
	"github.com/siderolabs/talos/pkg/machinery/config/generate/secrets"
	"github.com/siderolabs/talos/pkg/machinery/config/machine"
	"github.com/siderolabs/talos/pkg/machinery/constants"
)

func main() {
	// This is an example of generating a set of machine configuration files for multiple
	// nodes of the cluster from a single cluster-specific cluster.

	// Input values for the config generation:

	// * cluster name and Kubernetes control plane endpoint
	clusterName := "test-cluster"
	controlPlaneEndpoint := "https://kubernetes.example.com:6443"

	// * Kubernetes version to install, using the latest here
	kubernetesVersion := constants.DefaultKubernetesVersion

	// * version contract defines the version of the Talos cluster configuration is generated for
	//   generate package can generate machine configuration compatible with current and previous versions of Talos
	targetVersion := "v1.0"

	// parse the version contract
	var (
		versionContract = config.TalosVersionCurrent //nolint:wastedassign,ineffassign // version of the Talos machinery package
		err             error
	)

	versionContract, err = config.ParseContractFromVersion(targetVersion)
	if err != nil {
		log.Fatalf("failed to parse version contract: %s", err)
	}

	// generate the cluster-wide secrets once and use it for every node machine configuration
	// secrets can be stashed for future use by marshaling the structure to YAML or JSON
	secretsBundle, err := secrets.NewBundle(secrets.NewFixedClock(time.Now()), versionContract)
	if err != nil {
		log.Fatalf("failed to generate secrets bundle: %s", err)
	}

	input, err := generate.NewInput(clusterName, controlPlaneEndpoint, kubernetesVersion,
		generate.WithVersionContract(versionContract),
		generate.WithSecretsBundle(secretsBundle),
		generate.WithEndpointList(
			[]string{"172.0.0.1", "172.0.0.2", "172.20.0.3"}, // list of control plane node IP addresses
		),
		// there are many more generate options available which allow to tweak generated config programmatically
	)
	if err != nil {
		log.Fatalf("failed to generate input: %s", err)
	}

	// generate the machine config for each node of the cluster using the secrets
	for _, node := range []string{"machine1", "machine2"} {
		var cfg config.Provider

		// generate the machine config for the node, using the right machine type:
		// * machine.TypeConrolPlane for control plane nodes
		// * machine.TypeWorker for worker nodes
		cfg, err = input.Config(machine.TypeControlPlane)
		if err != nil {
			log.Fatalf("failed to generate config for node %q: %s", node, err)
		}

		// config can be tweaked at this point to add machine-specific configuration, e.g.:
		cfg.RawV1Alpha1().MachineConfig.MachineInstall.InstallDisk = "/dev/sdb"

		// marshal the config to YAML
		var marshaledCfg []byte

		marshaledCfg, err = cfg.Bytes()
		if err != nil {
			log.Fatalf("failed to generate config for node %q: %s", node, err)
		}

		// write the config to a file
		if err = os.WriteFile(clusterName+"-"+node+".yaml", marshaledCfg, 0o600); err != nil {
			log.Fatalf("failed to write config for node %q: %s", node, err)
		}
	}

	// generate the client Talos configuration (for API access, e.g. talosctl)
	clientCfg, err := input.Talosconfig()
	if err != nil {
		log.Fatalf("failed to generate client config: %s", err)
	}

	if err = clientCfg.Save(clusterName + "-talosconfig"); err != nil {
		log.Fatalf("failed to save client config: %s", err)
	}
}
Output:

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Input

type Input struct {
	Options Options

	// ControlplaneEndpoint is the canonical address of the kubernetes control
	// plane.  It can be a DNS name, the IP address of a load balancer, or
	// (default) the IP address of the first controlplane node.  It is NOT
	// multi-valued.  It may optionally specify the port.
	ControlPlaneEndpoint string

	AdditionalSubjectAltNames []string
	AdditionalMachineCertSANs []string

	ClusterName       string
	PodNet            []string
	ServiceNet        []string
	KubernetesVersion string
}

Input holds info about certs, ips, and node type.

func NewInput

func NewInput(clustername, endpoint, kubernetesVersion string, opts ...Option) (*Input, error)

NewInput prepares a new Input struct to perform machine config generation.

func (*Input) Config

func (in *Input) Config(t machine.Type) (coreconfig.Provider, error)

Config returns the talos config for a given node type.

func (*Input) GetAPIServerSANs

func (in *Input) GetAPIServerSANs() []string

GetAPIServerSANs returns the formatted list of Subject Alt Name addresses for the API Server.

func (*Input) Talosconfig

func (in *Input) Talosconfig() (*clientconfig.Config, error)

Talosconfig returns the talos admin Talos config.

type Option

type Option func(o *Options) error

Option controls generate options specific to input generation.

func WithAdditionalSubjectAltNames

func WithAdditionalSubjectAltNames(sans []string) Option

WithAdditionalSubjectAltNames specifies additional SANs.

func WithAllowSchedulingOnControlPlanes

func WithAllowSchedulingOnControlPlanes(enabled bool) Option

WithAllowSchedulingOnControlPlanes specifies AllowSchedulingOnControlPlane flag.

func WithClusterCNIConfig

func WithClusterCNIConfig(config *v1alpha1.CNIConfig) Option

WithClusterCNIConfig specifies custom cluster CNI config.

func WithClusterDiscovery

func WithClusterDiscovery(enabled bool) Option

WithClusterDiscovery enables cluster discovery feature.

func WithDNSDomain

func WithDNSDomain(dnsDomain string) Option

WithDNSDomain specifies domain name to use in Talos cluster.

func WithDebug

func WithDebug(enable bool) Option

WithDebug enables verbose logging to console for all services.

func WithEndpointList

func WithEndpointList(endpoints []string) Option

WithEndpointList specifies endpoints to use when accessing Talos cluster.

func WithHostDNSForwardKubeDNSToHost added in v1.7.0

func WithHostDNSForwardKubeDNSToHost(forward bool) Option

WithHostDNSForwardKubeDNSToHost specifies whether to forward kube-dns to host.

func WithInstallDisk

func WithInstallDisk(disk string) Option

WithInstallDisk specifies install disk to use in Talos cluster.

func WithInstallExtraKernelArgs

func WithInstallExtraKernelArgs(args []string) Option

WithInstallExtraKernelArgs specifies extra kernel arguments to pass to the installer.

func WithInstallImage

func WithInstallImage(imageRef string) Option

WithInstallImage specifies install container image to use in Talos cluster.

func WithKubePrismPort

func WithKubePrismPort(port int) Option

WithKubePrismPort specifies the KubePrism port.

If 0, load balancer is disabled. If not set, defaults to enabled with Talos 1.6+.

func WithLocalAPIServerPort

func WithLocalAPIServerPort(port int) Option

WithLocalAPIServerPort specifies the local API server port for the cluster.

func WithNetworkOptions

func WithNetworkOptions(opts ...v1alpha1.NetworkConfigOption) Option

WithNetworkOptions adds network config generation option.

func WithPersist

func WithPersist(enable bool) Option

WithPersist enables persistence of machine config across reboots.

func WithRegistryCACert

func WithRegistryCACert(host, cacert string) Option

WithRegistryCACert specifies the certificate of the certificate authority which signed certificate of the registry.

func WithRegistryInsecureSkipVerify

func WithRegistryInsecureSkipVerify(host string) Option

WithRegistryInsecureSkipVerify marks registry host to skip TLS verification.

func WithRegistryMirror

func WithRegistryMirror(host string, endpoints ...string) Option

WithRegistryMirror configures registry mirror endpoint(s).

func WithRoles

func WithRoles(roles role.Set) Option

WithRoles specifies user roles.

func WithSecretsBundle

func WithSecretsBundle(bundle *secrets.Bundle) Option

WithSecretsBundle specifies custom secrets bundle.

func WithSysctls

func WithSysctls(params map[string]string) Option

WithSysctls merges list of sysctls with new values.

func WithSystemDiskEncryption

func WithSystemDiskEncryption(cfg *v1alpha1.SystemDiskEncryptionConfig) Option

WithSystemDiskEncryption specifies encryption settings for the system disk partitions.

func WithUserDisks

func WithUserDisks(disks []*v1alpha1.MachineDisk) Option

WithUserDisks generates user partitions config.

func WithVersionContract

func WithVersionContract(versionContract *config.VersionContract) Option

WithVersionContract specifies version contract to use when generating.

type Options

type Options struct {
	VersionContract *config.VersionContract

	// Custom secrets bundle.
	SecretsBundle *secrets.Bundle

	// Base settings.
	Debug   bool
	Persist bool

	// Machine settings: install.
	InstallDisk            string
	InstallImage           string
	InstallExtraKernelArgs []string

	// Machine disks.
	MachineDisks               []*v1alpha1.MachineDisk
	SystemDiskEncryptionConfig *v1alpha1.SystemDiskEncryptionConfig

	// Machine network settings.
	NetworkConfigOptions []v1alpha1.NetworkConfigOption

	// Machine sysctls.
	Sysctls map[string]string

	// Machine registries.
	RegistryMirrors map[string]*v1alpha1.RegistryMirrorConfig
	RegistryConfig  map[string]*v1alpha1.RegistryConfig

	// Cluster settings.
	DNSDomain                      string
	CNIConfig                      *v1alpha1.CNIConfig
	AllowSchedulingOnControlPlanes bool
	LocalAPIServerPort             int
	AdditionalSubjectAltNames      []string
	DiscoveryEnabled               *bool

	KubePrismPort optional.Optional[int]

	HostDNSForwardKubeDNSToHost optional.Optional[bool]

	// Client options.
	Roles        role.Set
	EndpointList []string
}

Options describes generate parameters.

func DefaultOptions

func DefaultOptions() Options

DefaultOptions returns default options.

Directories

Path Synopsis
Package secrets provides types and methods to handle base machine configuration secrets.
Package secrets provides types and methods to handle base machine configuration secrets.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL