@@ -5,25 +5,32 @@ aliases:
55 - ../../../cloud-platforms/digitalocean
66---
77
8- ## Creating a Cluster via the CLI
8+ ## Creating a Talos Linux Cluster on Digital Ocean via the CLI
99
10- In this guide we will create an HA Kubernetes cluster with 1 worker node.
10+ In this guide we will create an HA Kubernetes cluster with 1 worker node, in the NYC region .
1111We assume an existing [ Space] ( https://www.digitalocean.com/docs/spaces/ ) , and some familiarity with DigitalOcean.
1212If you need more information on DigitalOcean specifics, please see the [ official DigitalOcean documentation] ( https://www.digitalocean.com/docs/ ) .
1313
1414### Create the Image
1515
16- First, download the DigitalOcean image from a Talos release.
17- Extract the archive to get the ` disk.raw ` file, compress it using ` gzip ` to ` disk.raw.gz ` .
16+ Download the DigitalOcean image ` digital-ocean-amd64.raw.gz ` from the [ latest Talos release] ( https://github.com/siderolabs/talos/releases/latest/ ) .
17+
18+ > Note: the minimum version of Talos required to support Digital Ocean is v1.3.3.
1819
1920Using an upload method of your choice (` doctl ` does not have Spaces support), upload the image to a space.
21+ (It's easy to drag the image file to the space using DigitalOcean's web console.)
22+
23+ * Note:* Make sure you upload the file as ` public ` .
24+
2025Now, create an image using the URL of the uploaded image:
2126
2227``` bash
28+ export REGION=nyc3
29+
2330doctl compute image create \
2431 --region $REGION \
2532 --image-description talos-digital-ocean-tutorial \
26- --image-url https://talos-tutorial .$REGION .digitaloceanspaces.com/disk .raw.gz \
33+ --image-url https://$SPACENAME .$REGION .digitaloceanspaces.com/digital-ocean-amd64 .raw.gz \
2734 Talos
2835```
2936
@@ -41,45 +48,46 @@ doctl compute load-balancer create \
4148 --forwarding-rules entry_protocol:tcp,entry_port:443,target_protocol:tcp,target_port:6443
4249```
4350
51+ Note the returned ID of the load balancer.
52+
4453We will need the IP of the load balancer.
4554Using the ID of the load balancer, run:
4655
4756``` bash
4857doctl compute load-balancer get --format IP < load balancer ID>
4958```
5059
51- Save it, as we will need it in the next step .
60+ Note that it may take a few minutes before the load balancer is provisioned, so repeat this command until it returns with the IP address .
5261
5362### Create the Machine Configuration Files
5463
55- #### Generating Base Configurations
56-
57- Using the DNS name of the loadbalancer created earlier, generate the base configuration files for the Talos machines:
64+ Using the IP address (or DNS name, if you have created one) of the loadbalancer, generate the base configuration files for the Talos machines.
65+ Also note that the load balancer forwards port 443 to port 6443 on the associated nodes, so we should use 443 as the port in the config definition:
5866
5967``` bash
60- $ talosctl gen config talos-k8s-digital-ocean-tutorial https://< load balancer IP or DNS> :< port >
68+ $ talosctl gen config talos-k8s-digital-ocean-tutorial https://< load balancer IP or DNS> :443
6169created controlplane.yaml
6270created worker.yaml
6371created talosconfig
6472```
6573
66- At this point, you can modify the generated configs to your liking.
67- Optionally, you can specify ` --config-patch ` with RFC6902 jsonpatch which will be applied during the config generation.
74+ ### Create the Droplets
75+
76+ #### Create a dummy SSH key
6877
69- #### Validate the Configuration Files
78+ > Although SSH is not used by Talos, DigitalOcean requires that an SSH key be associated with a droplet during creation.
79+ > We will create a dummy key that can be used to satisfy this requirement.
7080
7181``` bash
72- $ talosctl validate --config controlplane.yaml --mode cloud
73- controlplane.yaml is valid for cloud mode
74- $ talosctl validate --config worker.yaml --mode cloud
75- worker.yaml is valid for cloud mode
82+ doctl compute ssh-key create --public-key " ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDbl0I1s/yOETIKjFr7mDLp8LmJn6OIZ68ILjVCkoN6lzKmvZEqEm1YYeWoI0xgb80hQ1fKkl0usW6MkSqwrijoUENhGFd6L16WFL53va4aeJjj2pxrjOr3uBFm/4ATvIfFTNVs+VUzFZ0eGzTgu1yXydX8lZMWnT4JpsMraHD3/qPP+pgyNuI51LjOCG0gVCzjl8NoGaQuKnl8KqbSCARIpETg1mMw+tuYgaKcbqYCMbxggaEKA0ixJ2MpFC/kwm3PcksTGqVBzp3+iE5AlRe1tnbr6GhgT839KLhOB03j7lFl1K9j1bMTOEj5Io8z7xo/XeF2ZQKHFWygAJiAhmKJ dummy@dummy.local" dummy
83+
7684```
7785
78- ### Create the Droplets
86+ Note the ssh key ID that is returned - we will use it in creating the droplets.
7987
8088#### Create the Control Plane Nodes
8189
82- Run the following commands, to give ourselves three total control plane nodes:
90+ Run the following commands to create three control plane nodes:
8391
8492``` bash
8593doctl compute droplet create \
@@ -89,7 +97,7 @@ doctl compute droplet create \
8997 --enable-private-networking \
9098 --tag-names talos-digital-ocean-tutorial-control-plane \
9199 --user-data-file controlplane.yaml \
92- --ssh-keys < ssh key fingerprint > \
100+ --ssh-keys < ssh key ID > \
93101 talos-control-plane-1
94102doctl compute droplet create \
95103 --region $REGION \
@@ -98,7 +106,7 @@ doctl compute droplet create \
98106 --enable-private-networking \
99107 --tag-names talos-digital-ocean-tutorial-control-plane \
100108 --user-data-file controlplane.yaml \
101- --ssh-keys < ssh key fingerprint > \
109+ --ssh-keys < ssh key ID > \
102110 talos-control-plane-2
103111doctl compute droplet create \
104112 --region $REGION \
@@ -107,12 +115,11 @@ doctl compute droplet create \
107115 --enable-private-networking \
108116 --tag-names talos-digital-ocean-tutorial-control-plane \
109117 --user-data-file controlplane.yaml \
110- --ssh-keys < ssh key fingerprint > \
118+ --ssh-keys < ssh key ID > \
111119 talos-control-plane-3
112120```
113121
114- > Note: Although SSH is not used by Talos, DigitalOcean still requires that an SSH key be associated with the droplet.
115- > Create a dummy key that can be used to satisfy this requirement.
122+ Note the droplet ID returned for the first control plane node.
116123
117124#### Create the Worker Nodes
118125
@@ -125,7 +132,7 @@ doctl compute droplet create \
125132 --size s-2vcpu-4gb \
126133 --enable-private-networking \
127134 --user-data-file worker.yaml \
128- --ssh-keys < ssh key fingerprint > \
135+ --ssh-keys < ssh key ID > \
129136 talos-worker-1
130137```
131138
@@ -157,3 +164,9 @@ At this point we can retrieve the admin `kubeconfig` by running:
157164``` bash
158165talosctl --talosconfig talosconfig kubeconfig .
159166```
167+
168+ We can also watch the cluster bootstrap via:
169+
170+ ``` bash
171+ talosctl --talosconfig talosconfig health
172+ ```
0 commit comments