Prerequisites
This guide uses the default security group in OpenStack, with ports opened to allow connectivity from both inside and outside the group. At a minimum, allow ports 6443 (Kubernetes API server) and 50000 (Talos API) from external sources, and it is recommended to allow communication over all ports from within the subnet.Environment setup
You should have an existing openrc file. This file will provide environment variables necessary to talk to your OVHcloud. See here for instructions on fetching this file. Set environment variables. and adjust the values to match your environment:Step 1. Create and upload the image
First, download the OpenStack image from Image Factory. These images are calledopenstack-$ARCH.raw.xz.
Decompress this file with unxz openstack-$ARCH.raw.xz.
The resulting file will be called openstack-$ARCH.raw.
Once you have the image, you can upload to OpenStack with:
Step 2. Create network infrastructure (Optional)
If you have an existing network infrastructure, you can skip this step. If not, you can follow the instructions below to create the necessary network infrastructure for your cluster. We will create a private network, subnet, and gateway for our cluster. This will allow our cluster to communicate with the outside world and with each other.2.1 Create private network
Create the private network that your cluster nodes will use to communicate:2.2 Create subnet
Add a subnet to the private network and assign DNS resolvers:2.3 Create gateway
Create a router that connects the network to the externalExt-Net:
2.4 Add the subnet to the router
Attach the subnet to the router so traffic can reach the gateway:Step 3. Create compute
Once the image is uploaded and the network infrastructure is in place, we can create our compute instances. We will create 3 control plane nodes.3.1 Create instances
Create the three control plane instances on the private network:3.2 Create load balancer
Once the compute instances are created, we need to create a load balancer to load balance traffic to the control plane nodes. Running the following commands can take a few minutes to complete as the load balancer is being provisioned.Step 4. Cluster configuration
Now that we have our compute instances and load balancer set up, we can generate our cluster configuration files withtalosctl.
We need to get the Public IP of the Load Balancer as this is our Kubernetes API endpoint, and the Public IPs of the control plane nodes as addional-sans for the API certificate.
Step 5. Applying configuration and bootstrapping the cluster
With our configuration file generated, we can now apply it to our control plane nodes and bootstrap the cluster.TALOSCONFIG environment variable to point to the talosconfig file. This will allow you to interact with your cluster using talosctl without having to specify the --talosconfig flag every time.
talosctl.
Step 6. Retrieve the kubeconfig
At this point we can retrieve the admin kubeconfig by running:
Step 7. Add worker nodes to the cluster
With the control plane bootstrapped, we can now add worker nodes by creating compute instances that use theworker.yaml configuration generated in Step 4 as their user data.