{"id":15672675,"url":"https://github.com/rgl/talos-vagrant","last_synced_at":"2025-05-06T22:11:17.053Z","repository":{"id":38349628,"uuid":"387603485","full_name":"rgl/talos-vagrant","owner":"rgl","description":"Vagrant Environment for playing with Talos","archived":false,"fork":false,"pushed_at":"2023-06-11T14:56:05.000Z","size":467,"stargazers_count":32,"open_issues_count":1,"forks_count":4,"subscribers_count":7,"default_branch":"main","last_synced_at":"2025-04-19T15:34:51.320Z","etag":null,"topics":["bare-metal","ipmi","kubernetes","matchbox","pxe","pxe-boot","redfish","talos","uefi-boot"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rgl.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-07-19T21:57:04.000Z","updated_at":"2025-03-21T06:51:25.000Z","dependencies_parsed_at":"2024-10-23T10:57:25.993Z","dependency_job_id":null,"html_url":"https://github.com/rgl/talos-vagrant","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rgl%2Ftalos-vagrant","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rgl%2Ftalos-vagrant/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rgl%2Ftalos-vagrant/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rgl%2Ftalos-vagrant/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rgl","download_url":"https://codeload.github.com/rgl/talos-vagrant/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252776600,"owners_count":21802469,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bare-metal","ipmi","kubernetes","matchbox","pxe","pxe-boot","redfish","talos","uefi-boot"],"created_at":"2024-10-03T15:29:59.132Z","updated_at":"2025-05-06T22:11:16.554Z","avatar_url":"https://github.com/rgl.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"This is a [Vagrant](https://www.vagrantup.com/) Environment for a playing with [Talos](https://www.talos.dev).\n\nFor playing with [Sidero](https://www.sidero.dev) see the [rgl/sidero-vagrant](https://github.com/rgl/sidero-vagrant) repository.\n\n# Table Of Contents\n\n* [Architecture](#architecture)\n* [Usage](#usage)\n* [Network Packet Capture](#network-packet-capture)\n* [Network Booting](#network-booting)\n  * [Tested Physical Machines](#tested-physical-machines)\n* [Troubleshoot](#troubleshoot)\n* [Alternatives and Related Projects](#alternatives-and-related-projects)\n* [References](#references)\n\n# Architecture\n\n![](architecture.png)\n\n# Usage\n\nInstall docker, vagrant, vagrant-libvirt, and the [Ubuntu Base Box](https://github.com/rgl/ubuntu-vagrant).\n\nLogin into docker hub to have a [higher rate limits](https://www.docker.com/increase-rate-limits).\n\nIf you want to connect to the external physical network, you must configure your host network as described in [rgl/ansible-collection-tp-link-easy-smart-switch](https://github.com/rgl/ansible-collection-tp-link-easy-smart-switch#take-ownership-procedure) (e.g. have the `br-rpi` linux bridge) and set `CONFIG_PANDORA_BRIDGE_NAME` in the `Vagrantfile`.\n\nBring up the cluster virtual machines:\n\n```bash\ntime ./bring-up.sh | tee bring-up.log\n```\n\nAccess talos:\n\n```bash\nexport TALOSCONFIG=\"$PWD/shared/talosconfig\"\n./shared/talosctl --nodes cp1,w1 version\n```\n\nAccess kubernetes:\n\n```bash\nexport KUBECONFIG=\"$PWD/shared/kubeconfig\"\n./shared/kubectl get nodes -o wide\n```\n\nStart an example service in each worker node:\n\n```bash\nvagrant ssh -c 'bash /vagrant/provision-example-daemonset.sh' pandora\n```\n\nAccess the example service:\n\n```bash\nvagrant ssh -c \"watch -n .2 'wget -qO- http://example-daemonset.\\$(hostname --domain)?format=text | tail -25; kubectl get pod -l app=example-daemonset -o=custom-columns=NODE:.spec.nodeName,STATUS:.status.phase,NAME:.metadata.name'\" pandora\n```\n\nList this repository dependencies (and which have newer versions):\n\n```bash\nexport GITHUB_COM_TOKEN='YOUR_GITHUB_PERSONAL_TOKEN'\n./renovate.sh\n```\n\n## Network Packet Capture\n\nYou can easily capture and see traffic from the host with the `wireshark.sh`\nscript, e.g., to capture the traffic from the `eth1` interface:\n\n```bash\n./wireshark.sh pandora eth1\n```\n\n## Host DNS resolver\n\nTo delegate the `talos.test` zone to the kubernetes managed external dns server (running in pandora) you need to configure your system to delegate that DNS zone to the pandora DNS server, for that, you can configure your system to only use dnsmasq.\n\nFor example, on my Ubuntu 22.04 Desktop, I have uninstalled `resolvconf`, disabled `NetworkManager`, and manually configured the network interfaces:\n\n```bash\nsudo su -l\nfor n in NetworkManager NetworkManager-wait-online NetworkManager-dispatcher network-manager; do\n    systemctl mask --now $n\ndone\napt-get remove --purge resolvconf\ncat \u003e/etc/network/interfaces \u003c\u003c'EOF'\n# interfaces(5) file used by ifup(8) and ifdown(8)\nauto lo\niface lo inet loopback\n\nauto enp3s0\niface enp3s0 inet dhcp\nEOF\nreboot\n```\n\nThen, replaced `systemd-resolved` with `dnsmasq`:\n\n```bash\nsudo su -l\napt-get install -y --no-install-recommends dnsutils dnsmasq\nsystemctl mask --now systemd-resolved\ncat \u003e/etc/dnsmasq.d/local.conf \u003c\u003cEOF\nno-resolv\nbind-interfaces\ninterface=lo\nlisten-address=127.0.0.1\n# delegate to the Cloudflare/APNIC Public DNS IP addresses.\n# NB iif there's no entry in /etc/hosts.\nserver=1.1.1.1\nserver=1.0.0.1\n# delegate to the Google Public DNS IP addresses.\n# NB iif there's no entry in /etc/hosts.\n#server=8.8.8.8\n#server=8.8.4.4\nEOF\ncat \u003e/etc/dnsmasq.d/talos.test.conf \u003c\u003cEOF\n# delegate the talos.test zone to the pandora DNS server IP address.\n# NB use the CONFIG_PANDORA_IP variable value defined in the Vagrantfile.\nserver=/talos.test/10.10.0.2\nEOF\nrm /etc/resolv.conf\ncat \u003e/etc/resolv.conf \u003c\u003cEOF\nnameserver 127.0.0.1\nEOF\nsystemctl restart dnsmasq\nexit\n```\n\nThen start all the machines and test the DNS resolution:\n\n```bash\nvagrant up\ndig pandora.talos.test\n```\n\n## Network Booting\n\nThis environment uses PXE/TFTP/iPXE/HTTP/UEFI-HTTP to network boot the\nmachines.\n\nThe Virtual Machines are automatically configured to network boot.\n\nTo boot Physical Machines you have to:\n\n* Create a Linux Bridge that can reach a Physical Switch that connects to\n  your Physical Machines.\n  * This environment assumes you have a setup like [rgl/ansible-collection-tp-link-easy-smart-switch](https://github.com/rgl/ansible-collection-tp-link-easy-smart-switch).\n  * To configure it otherwise you must modify the `Vagrantfile`.\n* Add your machines to `machines.yaml`.\n* Configure your machines to PXE boot.\n\n### Tested Physical Machines\n\nThis was tested on the following physical machines and boot modes:\n\n* [Seeed Studio Odyssey X86J4105](https://github.com/rgl/seeedstudio-odyssey-x86j4105-notes)\n  * It boots using [UEFI/HTTP/PXE](https://github.com/rgl/seeedstudio-odyssey-x86j4105-notes/tree/master/network-boot#uefi-http-pxe).\n* [HP EliteDesk 800 35W G2 Desktop Mini](https://support.hp.com/us-en/product/hp-elitedesk-800-35w-g2-desktop-mini-pc/7633266)\n  * It boots using UEFI/TFTP/PXE.\n  * This machine can be remotely managed with [MeshCommander](https://www.meshcommander.com/meshcommander).\n    * It was configured as described at [rgl/intel-amt-notes](https://github.com/rgl/intel-amt-notes).\n* [Raspberry Pi 4 (8GB)](https://www.raspberrypi.org/products/raspberry-pi-4-model-b/)\n  * It boots using [UEFI/HTTP/iPXE](https://github.com/rgl/rpi4-uefi-ipxe).\n\n# Notes\n\n* The machine boot order must be `disk` and `network`.\n  * Talos expects to be run from disk.\n* Do not configure any default nodes with `talosctl config node`.\n  * Instead, explicitly target the node with `talosctl -n {node}`.\n  * Having default nodes could lead to mistakes (e.g. upgrading the whole cluster at the same time).\n* The user only needs to access the talos control plane machines.\n  * A control plane machine will proxy the requests to the internal cluster nodes.\n\n# Troubleshoot\n\n* Talos\n  * [Troubleshooting Control Plane](https://www.talos.dev/v1.4/advanced/troubleshooting-control-plane/)\n  * `talosctl -n cp1 service etcd status`\n  * `talosctl -n cp1 etcd members`\n  * `talosctl -n cp1 get members`\n  * `talosctl -n cp1 dashboard`\n  * `talosctl -n cp1 logs controller-runtime`\n  * `talosctl -n cp1 logs kubelet`\n  * `talosctl -n cp1 disks`\n  * `talosctl -n cp1 mounts`\n  * `talosctl -n cp1 get resourcedefinitions`\n  * `talosctl -n cp1 get machineconfigs -o yaml`\n  * `talosctl -n cp1 get staticpods -o yaml`\n  * `talosctl -n cp1 get staticpodstatus`\n  * `talosctl -n cp1 get manifests`\n  * `talosctl -n cp1 get services`\n  * `talosctl -n cp1 get extensions`\n  * `talosctl -n cp1 get addresses`\n  * `talosctl -n cp1 get nodeaddresses`\n  * `talosctl -n cp1 list -l -r -t f /etc`\n  * `talosctl -n cp1 list -l -r -t f /system`\n  * `talosctl -n cp1 list -l -r -t f /var`\n  * `talosctl -n cp1 list -l /sys/fs/cgroup`\n  * `talosctl -n cp1 read /proc/cmdline | tr ' ' '\\n'`\n  * `talosctl -n cp1 read /proc/mounts | sort`\n  * `talosctl -n cp1 read /etc/resolv.conf`\n  * `talosctl -n cp1 read /etc/containerd/config.toml`\n  * `talosctl -n cp1 read /etc/cri/containerd.toml`\n  * `talosctl -n cp1 read /etc/cri/conf.d/cri.toml` (registry credentials)\n  * `talosctl -n cp1 read /etc/cri/conf.d/hosts/docker.io/hosts.toml` (registry mirror)\n  * `talosctl -n cp1 ps`\n  * `talosctl -n cp1 containers -k`\n  * `talos-poke cp1`\n* Kubernetes\n  * `kubectl get events --all-namespaces --watch`\n  * `kubectl --namespace kube-system get events --watch`\n  * `kubectl run busybox -it --rm --restart=Never --image=busybox:1.33 -- nslookup -type=a pandora.talos.test`\n\n# Alternatives and Related Projects\n\n* [sidero](https://github.com/siderolabs/sidero)\n* [k3s](https://github.com/k3s-io/k3s)\n* [k3os](https://github.com/rancher/k3os)\n* [harvester](https://github.com/harvester/harvester)\n* [neco](https://github.com/cybozu-go/neco)\n* [cke](https://github.com/cybozu-go/cke)\n* [sabakan](https://github.com/cybozu-go/sabakan)\n\n# References\n\n* Talos\n  * [Talos Site](https://www.talos.dev/)\n  * [Getting Started](https://www.talos.dev/v1.4/introduction/getting-started/)\n  * [Talos Components](https://www.talos.dev/v1.4/learn-more/components/)\n  * [Configuring Network Connectivity](https://www.talos.dev/v1.4/learn-more/talos-network-connectivity/)\n  * [Troubleshooting Control Plane](https://www.talos.dev/v1.4/advanced/troubleshooting-control-plane/)\n  * [Support Matrix](https://www.talos.dev/v1.4/introduction/support-matrix/)\n* Linux\n  * [Kernel Parameters Index](https://www.kernel.org/doc/Documentation/admin-guide/kernel-parameters.rst)\n  * [Kernel Parameters List](https://www.kernel.org/doc/Documentation/admin-guide/kernel-parameters.txt)\n  * [Booloader Parameters List (AMD64)](https://www.kernel.org/doc/Documentation/x86/x86_64/boot-options.txt)\n* iPXE\n  * [Scripting](https://ipxe.org/scripting)\n  * [Command reference](https://ipxe.org/cmd)\n  * [Settings reference](https://ipxe.org/cfg)\n* Raspberry Pi\n  * [UEFI](https://github.com/pftf/RPi4)\n  * [UEFI/iPXE](https://github.com/rgl/rpi4-uefi-ipxe)\n* Matchbox\n  * [PXE-enabled DHCP](https://github.com/poseidon/matchbox/blob/master/docs/network-setup.md#pxe-enabled-dhcp)\n  * [Proxy-DHCP](https://github.com/poseidon/matchbox/blob/master/docs/network-setup.md#proxy-dhcp)\n* Dynamic Host Configuration Protocol (DHCP)\n  * [Parameters / Options](https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frgl%2Ftalos-vagrant","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frgl%2Ftalos-vagrant","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frgl%2Ftalos-vagrant/lists"}