Skip to content

Latest commit

 

History

History
 
 

azure

Talos on Azure Cloud

Create IAM roles

Create roles

Terraform will create the roles. az ad sp creates the accounts and assign the roles. Do not forget to save account credits.

cd init
terraform init
terraform apply

az ad sp create-for-rbac --name "kubernetes-csi" --role kubernetes-csi --scopes="/subscriptions/<subscription-id>" --output json
az ad sp create-for-rbac --name "kubernetes-node-autoscaler" --role kubernetes-node-autoscaler --scopes="/subscriptions/<subscription-id>" --output json

# add aadClientId,aadClientSecret to the file _cfgs/azure.json, andd apply it
kubectl -n kube-system create secret generic azure-cluster-autoscaler --from-file=azure.json=_cfgs/azure.json
kubectl -n kube-system create secret generic azure-csi --from-file=azure.json=_cfgs/azure.json

Local utilities

  • terraform
  • talosctl
  • kubectl
  • yq

Network diagram

Kubernetes addons

Known Issues

  • CSI controller needs a region name. And I think this can affect multi region setup. The half solution is using the node identity method, and receiving the region name from the meta server.