Skip to content

Latest commit

 

History

History

azure

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
.terraform.lock.hcl
.terraform.lock.hcl
 
 
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

README.md

Azure Terraform Example

This example will create a load-balanced, HA Talos cluster on Azure. It will use the official Sidero Labs AMI of Talos that is present and should result in a stable, maintainable cluster.

Prereqs

Ensure your Azure environment is configured correctly (see for details). From this directory, issue terraform init to ensure the proper providers are pulled down. A disk image of Talos must be downloaded locally to be provided as a storage blob in Azure. The following command is an example og how to do this for the latest relase of Talos:

curl -sL https://github.com/siderolabs/talos/releases/latest/download/azure-amd64.tar.gz | tar -xz

Usage

To create a default cluster, this should be as simple as terraform apply. Occasionally some Azure resources may not be ready in time for Terraform to rely on them for a later resource and may return errors such as the following:

 Error: failed creating container: failed creating container: containers.Client#Create: Failure responding to request: StatusCode=404 -- Original Error: autorest/azure: Service returned an error. Status=404 Code="ResourceNotFound" Message="The specified resource does not exist.\nRequestId:d7008d74-b01e-007b-39d8-2c38de000000\nTime:2023-01-20T14:05:32.3698226Z"

   with azurerm_storage_container.this,
   on main.tf line 16, in resource "azurerm_storage_container" "this":
   16: resource "azurerm_storage_container" "this" {

Simply re-run terraform apply to solve these issues.

This will create a cluster called talos-azure-example with 3 control plane nodes and a single worker in the West Europe region. By default, the instances will be Standard_B2s, with 2 VPU and 4GB RAM each. If different specs or regions are required, override them through command line with the -var flag or by creating a varsfile and overriding with -var-file. Destroying the cluster should, again, be a simple terraform destroy.

Getting the kubeconfig and talosconfig for this cluster can be done with terraform output -raw kubeconfig > <desired-path-and-filename> and terraform output -raw talosconfig > <desired-path-and-filename>

Requirements

Name Version
terraform ~> 1.3
azurerm ~> 3.0
talos 0.7.0

Providers

Name Version
azurerm 3.117.0
talos 0.7.0

Modules

Name Source Version
control_plane_sg Azure/network-security-group/azurerm ~> 3.0
kubernetes_api_lb Azure/loadbalancer/azurerm ~> 4.0
talos_control_plane_nodes Azure/compute/azurerm ~> 5.0
talos_worker_group Azure/compute/azurerm ~> 5.0
vnet Azure/network/azurerm ~> 5.0

Resources

Name Type
azurerm_network_interface_backend_address_pool_association.this resource
azurerm_resource_group.this resource
talos_cluster_kubeconfig.this resource
talos_machine_bootstrap.this resource
talos_machine_configuration_apply.controlplane resource
talos_machine_configuration_apply.worker_group resource
talos_machine_secrets.this resource
talos_client_configuration.this data source
talos_cluster_health.this data source
talos_machine_configuration.controlplane data source
talos_machine_configuration.worker_group data source

Inputs

Name Description Type Default Required
azure_location Azure location to use string "West Europe" no
cluster_name Name of cluster string "talos-azure-example" no
config_patch_files Path to talos config path files that applies to all nodes list(string) [] no
control_plane Info for control plane that will be created 
object({
    vm_size            = optional(string, "Standard_B2s")
    vm_os_id           = optional(string, "/subscriptions/7f739b7d-f399-4b97-9a9f-f1962309ee6e/resourceGroups/SideroGallery/providers/Microsoft.Compute/galleries/SideroLabs/images/talos-x64/versions/latest")
    num_instances      = optional(number, 3)
    config_patch_files = optional(list(string), [])
    tags               = optional(map(string), {})
  })
 {} no
extra_tags Extra tags to add to the cluster cloud resources map(string) {} no
kubernetes_api_allowed_cidr The CIDR from which to allow to access the Kubernetes API string "0.0.0.0/0" no
kubernetes_version Kubernetes version to use for the cluster, if not set the k8s version shipped with the talos sdk version will be used string null no
talos_api_allowed_cidr The CIDR from which to allow to access the Talos API string "0.0.0.0/0" no
talos_version_contract Talos API version to use for the cluster, if not set the the version shipped with the talos sdk version will be used string null no
vnet_cidr The IPv4 CIDR block for the Virtual Network. string "172.16.0.0/16" no
worker_groups List of node worker node groups to create 
list(object({
    name               = string
    vm_size            = optional(string, "Standard_B2s")
    vm_os_id           = optional(string, "/subscriptions/7f739b7d-f399-4b97-9a9f-f1962309ee6e/resourceGroups/SideroGallery/providers/Microsoft.Compute/galleries/SideroLabs/images/talos-x64/versions/latest")
    num_instances      = optional(number, 1)
    config_patch_files = optional(list(string), [])
    tags               = optional(map(string), {})
  }))
 
[
  {
    "name": "default"
  }
]
 no

Outputs

Name Description
kubeconfig n/a
talosconfig n/a