Sidero Metal – Resource Configuration/v0.5/resource-configuration/Recent content in Resource Configuration on Sidero MetalHugo -- gohugo.ioV0.5: Environments/v0.5/resource-configuration/environments/Mon, 01 Jan 0001 00:00:00 +0000/v0.5/resource-configuration/environments/ <p>Environments are a custom resource provided by the Metal Controller Manager. An environment is a codified description of what should be returned by the PXE server when a physical server attempts to PXE boot.</p> <p>Especially important in the environment types are the kernel args. From here, one can tweak the IP to the metadata server as well as various other kernel options that <a href="https://www.talos.dev/latest/reference/kernel/">Talos</a> and/or the Linux kernel supports.</p> <p>Environments can be supplied to a given server either at the Server or the ServerClass level. The hierarchy from most to least respected is:</p> <ul> <li><code>.spec.environmentRef</code> provided at <code>Server</code> level</li> <li><code>.spec.environmentRef</code> provided at <code>ServerClass</code> level</li> <li><code>&quot;default&quot;</code> <code>Environment</code> created automatically and modified by an administrator</li> </ul> <p>A sample environment definition looks like this:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: Environment </span></span><span style="display:flex;"><span><span style="color:#268bd2">metadata</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">name</span>: default </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">kernel</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">url</span>: <span style="color:#2aa198">&#34;https://github.com/talos-systems/talos/releases/download/v0.14.0/vmlinuz-amd64&#34;</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">sha512</span>: <span style="color:#2aa198">&#34;&#34;</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">args</span>: </span></span><span style="display:flex;"><span> - console=tty0 </span></span><span style="display:flex;"><span> - console=ttyS1,115200n8 </span></span><span style="display:flex;"><span> - consoleblank=0 </span></span><span style="display:flex;"><span> - earlyprintk=ttyS1,115200n8 </span></span><span style="display:flex;"><span> - ima_appraise=fix </span></span><span style="display:flex;"><span> - ima_hash=sha512 </span></span><span style="display:flex;"><span> - ima_template=ima-ng </span></span><span style="display:flex;"><span> - init_on_alloc=1 </span></span><span style="display:flex;"><span> - initrd=initramfs.xz </span></span><span style="display:flex;"><span> - nvme_core.io_timeout=4294967295 </span></span><span style="display:flex;"><span> - printk.devkmsg=on </span></span><span style="display:flex;"><span> - pti=on </span></span><span style="display:flex;"><span> - random.trust_cpu=on </span></span><span style="display:flex;"><span> - slab_nomerge= </span></span><span style="display:flex;"><span> - talos.platform=metal </span></span><span style="display:flex;"><span> <span style="color:#268bd2">initrd</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">url</span>: <span style="color:#2aa198">&#34;https://github.com/talos-systems/talos/releases/download/v0.14.0/initramfs-amd64.xz&#34;</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">sha512</span>: <span style="color:#2aa198">&#34;&#34;</span> </span></span></code></pre></div><p>Example of overriding <code>&quot;default&quot;</code> <code>Environment</code> at the <code>Server</code> level:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: Server </span></span><span style="display:flex;"><span>... </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">environmentRef</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">namespace</span>: default </span></span><span style="display:flex;"><span> <span style="color:#268bd2">name</span>: boot </span></span><span style="display:flex;"><span> ... </span></span></code></pre></div><p>Example of overriding <code>&quot;default&quot;</code> <code>Environment</code> at the <code>ServerClass</code> level:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: ServerClass </span></span><span style="display:flex;"><span>... </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">environmentRef</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">namespace</span>: default </span></span><span style="display:flex;"><span> <span style="color:#268bd2">name</span>: boot </span></span><span style="display:flex;"><span> ... </span></span></code></pre></div>V0.5: Servers/v0.5/resource-configuration/servers/Mon, 01 Jan 0001 00:00:00 +0000/v0.5/resource-configuration/servers/ <p>Servers are the basic resource of bare metal in the Metal Controller Manager. These are created by PXE booting the servers and allowing them to send a registration request to the management plane.</p> <p>An example server may look like the following:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: Server </span></span><span style="display:flex;"><span><span style="color:#268bd2">metadata</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">name</span>: <span style="color:#2aa198">00000000-0000-0000-0000</span>-d05099d333e0 </span></span><span style="display:flex;"><span> <span style="color:#268bd2">labels</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">common-label</span>: <span style="color:#2aa198">&#34;true&#34;</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">zone</span>: east </span></span><span style="display:flex;"><span> <span style="color:#268bd2">environment</span>: test </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">accepted</span>: <span style="color:#cb4b16">false</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">configPatches</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">op</span>: replace </span></span><span style="display:flex;"><span> <span style="color:#268bd2">path</span>: /cluster/network/cni </span></span><span style="display:flex;"><span> <span style="color:#268bd2">value</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">name</span>: custom </span></span><span style="display:flex;"><span> <span style="color:#268bd2">urls</span>: </span></span><span style="display:flex;"><span> - http://192.168.1.199/assets/cilium.yaml </span></span><span style="display:flex;"><span> <span style="color:#268bd2">cpu</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">manufacturer</span>: Intel(R) Corporation </span></span><span style="display:flex;"><span> <span style="color:#268bd2">version</span>: Intel(R) Atom(TM) CPU C3558 @ 2.20GHz </span></span><span style="display:flex;"><span> <span style="color:#268bd2">system</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">manufacturer</span>: Dell Inc. </span></span></code></pre></div><h2 id="installation-disk">Installation Disk</h2> <p>An installation disk is required by Talos on bare metal. This can be specified in a <code>configPatch</code>:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: Server </span></span><span style="display:flex;"><span>... </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">accepted</span>: <span style="color:#cb4b16">false</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">configPatches</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">op</span>: replace </span></span><span style="display:flex;"><span> <span style="color:#268bd2">path</span>: /machine/install/disk </span></span><span style="display:flex;"><span> <span style="color:#268bd2">value</span>: /dev/sda </span></span></code></pre></div><p>The install disk patch can also be set on the <code>ServerClass</code>:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: ServerClass </span></span><span style="display:flex;"><span>... </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">configPatches</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">op</span>: replace </span></span><span style="display:flex;"><span> <span style="color:#268bd2">path</span>: /machine/install/disk </span></span><span style="display:flex;"><span> <span style="color:#268bd2">value</span>: /dev/sda </span></span></code></pre></div><h2 id="server-acceptance">Server Acceptance</h2> <p>In order for a server to be eligible for consideration, it <em>must</em> be <code>accepted</code>. This is an important separation point which all <code>Server</code>s must pass. Before a <code>Server</code> is accepted, no write action will be performed against it. Thus, it is safe for a computer to be added to a network on which Sidero is operating. Sidero will never write to or wipe any disk on a computer which is not marked as <code>accepted</code>.</p> <p>This can be tedious for systems in which all attached computers should be considered to be under the control of Sidero. Thus, you may also choose to automatically accept any machine into Sidero on its discovery. Please keep in mind that this means that any newly-connected computer <strong>WILL BE WIPED</strong> automatically. You can enable auto-acceptance by passing the <code>--auto-accept-servers=true</code> flag to <code>sidero-controller-manager</code>.</p> <p>Once accepted, a server will be reset (all disks wiped) and then made available to Sidero.</p> <p>You should never change an accepted <code>Server</code> to be <em>not</em> accepted while it is in use. Because servers which are not accepted will not be modified, if a server which <em>was</em> accepted is changed to <em>not</em> accepted, the disk will <em>not</em> be wiped upon its exit.</p> <h2 id="ipmi">IPMI</h2> <p>Sidero can use IPMI information to control <code>Server</code> power state, reboot servers and set boot order.</p> <p>IPMI information will be, by default, setup automatically if possible as part of the acceptance process. In this design, a &ldquo;sidero&rdquo; user will be added to the IPMI user list and a randomly generated password will be issued. This information is then squirreled away in a Kubernetes secret in the <code>sidero-system</code> namespace, with a name format of <code>&lt;server-uuid&gt;-bmc</code>. Users wishing to turn off this feature can pass the <code>--auto-bmc-setup=false</code> flag to <code>sidero-controller-manager</code></p> <p>IPMI connection information can also be set manually in the <code>Server</code> spec after initial registration:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: Server </span></span><span style="display:flex;"><span>... </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">bmc</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">endpoint</span>: <span style="color:#2aa198">10.0.0.25</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">user</span>: admin </span></span><span style="display:flex;"><span> <span style="color:#268bd2">pass</span>: password </span></span></code></pre></div><p>If IPMI information is set, server boot order might be set to boot from disk, then network, Sidero will switch servers to PXE boot once that is required.</p> <p>Without IPMI info, Sidero can still register servers, wipe them and provision clusters, but Sidero won&rsquo;t be able to reboot servers once they are removed from the cluster. <strong>If IPMI info is not set, servers should be configured to boot first from network, then from disk.</strong></p> <p>Sidero can also fetch IPMI credentials via the <code>Secret</code> reference:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: Server </span></span><span style="display:flex;"><span>... </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">bmc</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">endpoint</span>: <span style="color:#2aa198">10.0.0.25</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">userFrom</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">secretKeyRef</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">name</span>: ipmi-credentials </span></span><span style="display:flex;"><span> <span style="color:#268bd2">key</span>: username </span></span><span style="display:flex;"><span> <span style="color:#268bd2">passFrom</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">secretKeyRef</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">name</span>: ipmi-credentials </span></span><span style="display:flex;"><span> <span style="color:#268bd2">key</span>: password </span></span></code></pre></div><p>As the <code>Server</code> resource is not namespaced, <code>Secret</code> should be created in the <code>default</code> namespace.</p> <h2 id="other-settings">Other Settings</h2> <h3 id="cordoned"><code>cordoned</code></h3> <p>If <code>cordoned</code> is set to <code>true</code>, <code>Server</code> gets excluded from any <code>ServerClass</code> it might match based on qualifiers. This means that the <code>Server</code> will not be allocated automatically.</p> <p><code>Server</code> might be <code>cordoned</code> to temporarily take it out of the <code>ServerClass</code> to perform for example hardware maintenance.</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: Server </span></span><span style="display:flex;"><span>... </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">cordoned</span>: <span style="color:#cb4b16">true</span> </span></span></code></pre></div><h3 id="pxebootalways"><code>pxeBootAlways</code></h3> <p><code>Server</code> might be forced to boot from the network even if the OS is already installed with <code>pxeBootAlways: true</code>:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: Server </span></span><span style="display:flex;"><span>... </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">pxeBootAlways</span>: <span style="color:#cb4b16">true</span> </span></span></code></pre></div><h3 id="bootfromdiskmethod"><code>bootFromDiskMethod</code></h3> <p>The method to exit iPXE network boot to force boot from disk can be configured for the <code>Server</code>:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: Server </span></span><span style="display:flex;"><span>... </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">bootFromDiskMethod</span>: ipxe-sanboot </span></span></code></pre></div><p>Valid values are:</p> <ul> <li><code>ipxe-exit</code></li> <li><code>http-404</code></li> <li><code>ipxe-sanboot</code></li> </ul> <p>If not set, the <code>ServerClass.spec.bootFromDiskMethod</code> value is used with the fallback to the default boot from disk method (<code>SIDERO_CONTROLLER_MANAGER_BOOT_FROM_DISK_METHOD</code>).</p>V0.5: Server Classes/v0.5/resource-configuration/serverclasses/Mon, 01 Jan 0001 00:00:00 +0000/v0.5/resource-configuration/serverclasses/ <p>Server classes are a way to group distinct server resources. The <code>qualifiers</code> and <code>selector</code> keys allow the administrator to specify criteria upon which to group these servers. If both of these keys are missing, the server class matches all servers that it is watching. If both of these keys define requirements, these requirements are combined (logical <code>AND</code>).</p> <h2 id="selector"><code>selector</code></h2> <p><code>selector</code> groups server resources by their labels. The <a href="https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/label-selector/">Kubernetes documentation</a> has more information on how to use this field.</p> <h2 id="qualifiers"><code>qualifiers</code></h2> <p>There are currently two keys: <code>cpu</code>, <code>systemInformation</code>. Each of these keys accepts a list of entries. The top level keys are a &ldquo;logical <code>AND</code>&rdquo;, while the lists under each key are a &ldquo;logical <code>OR</code>&rdquo;. Qualifiers that are not specified are not evaluated.</p> <p>An example:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: ServerClass </span></span><span style="display:flex;"><span><span style="color:#268bd2">metadata</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">name</span>: serverclass-sample </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">selector</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">matchLabels</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">common-label</span>: <span style="color:#2aa198">&#34;true&#34;</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">matchExpressions</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">key</span>: zone </span></span><span style="display:flex;"><span> <span style="color:#268bd2">operator</span>: In </span></span><span style="display:flex;"><span> <span style="color:#268bd2">values</span>: </span></span><span style="display:flex;"><span> - central </span></span><span style="display:flex;"><span> - east </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">key</span>: environment </span></span><span style="display:flex;"><span> <span style="color:#268bd2">operator</span>: NotIn </span></span><span style="display:flex;"><span> <span style="color:#268bd2">values</span>: </span></span><span style="display:flex;"><span> - prod </span></span><span style="display:flex;"><span> <span style="color:#268bd2">qualifiers</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">cpu</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">manufacturer</span>: <span style="color:#2aa198">&#34;Intel(R) Corporation&#34;</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">version</span>: <span style="color:#2aa198">&#34;Intel(R) Atom(TM) CPU C3558 @ 2.20GHz&#34;</span> </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">manufacturer</span>: Advanced Micro Devices, Inc. </span></span><span style="display:flex;"><span> <span style="color:#268bd2">version</span>: AMD Ryzen 7 2700X Eight-Core Processor </span></span><span style="display:flex;"><span> <span style="color:#268bd2">systemInformation</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">manufacturer</span>: Dell Inc. </span></span></code></pre></div><p>Servers would only be added to the above class if they:</p> <ul> <li>had <em>EITHER</em> CPU info</li> <li><em>AND</em> the label key/value in <code>matchLabels</code></li> <li><em>AND</em> match the <code>matchExpressions</code></li> </ul> <p>Additionally, Sidero automatically creates and maintains a server class called <code>&quot;any&quot;</code> that includes all (accepted) servers. Attempts to add qualifiers to it will be reverted.</p> <h2 id="configpatches"><code>configPatches</code></h2> <p>Server configs of servers matching a server class can be updated by using the <code>configPatches</code> section of the custom resource. See <a href="../guides/patching">patching</a> for more information on how this works.</p> <p>An example of settings the default install disk for all servers matching a server class:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: ServerClass </span></span><span style="display:flex;"><span>... </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">configPatches</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">op</span>: replace </span></span><span style="display:flex;"><span> <span style="color:#268bd2">path</span>: /machine/install/disk </span></span><span style="display:flex;"><span> <span style="color:#268bd2">value</span>: /dev/sda </span></span></code></pre></div><h2 id="other-settings">Other Settings</h2> <h3 id="environmentref"><code>environmentRef</code></h3> <p>Servers from a <code>ServerClass</code> can be set to use the specific <code>Environment</code> by linking the <code>Environment</code> from the <code>ServerClass</code>:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: ServerClass </span></span><span style="display:flex;"><span>... </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">environmentRef</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">name</span>: production-env </span></span></code></pre></div><h3 id="bootfromdiskmethod"><code>bootFromDiskMethod</code></h3> <p>The method to exit iPXE network boot to force boot from disk can be configured for all <code>Server</code> resources belonging to the <code>ServerClass</code>:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: ServerClass </span></span><span style="display:flex;"><span>... </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">bootFromDiskMethod</span>: ipxe-sanboot </span></span></code></pre></div><p>Valid values are:</p> <ul> <li><code>ipxe-exit</code></li> <li><code>http-404</code></li> <li><code>ipxe-sanboot</code></li> </ul> <p>If not set, the default boot from disk method is used (<code>SIDERO_CONTROLLER_MANAGER_BOOT_FROM_DISK_METHOD</code>).</p>V0.5: Metadata/v0.5/resource-configuration/metadata/Mon, 01 Jan 0001 00:00:00 +0000/v0.5/resource-configuration/metadata/ <p>The Sidero controller manager manages the Machine metadata. In terms of Talos (the OS on which the Kubernetes cluster is formed), this is the &ldquo;<a href="https://www.talos.dev/latest/reference/configuration/">machine config</a>&rdquo;, which is used during the automated installation.</p> <h2 id="talos-machine-configuration">Talos Machine Configuration</h2> <p>The configuration of each machine is constructed from a number of sources:</p> <ul> <li>The <code>TalosControlPlane</code> custom resource for control plane nodes.</li> <li>The <code>TalosConfigTemplate</code> custom resource.</li> <li>The <code>ServerClass</code> which was used to select the <code>Server</code> into the <code>Cluster</code>.</li> <li>Any <code>Server</code>-specific patches.</li> </ul> <p>An example usage of setting a virtual IP for the control plane nodes and adding extra <code>node-labels</code> to nodes is shown below:</p> <blockquote> <p>Note: because of the way JSON patches work the interface setting also needs to be set in <code>TalosControlPlane</code> when defining a Virtual IP. This experience is not ideal, but will be addressed in a future release.</p> </blockquote> <p><em>TalosControlPlane</em> custom resource:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: controlplane.cluster.x-k8s.io/v1alpha3 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: TalosControlPlane </span></span><span style="display:flex;"><span><span style="color:#268bd2">metadata</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">name</span>: workload-cluster </span></span><span style="display:flex;"><span> <span style="color:#268bd2">namespace</span>: default </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">controlPlaneConfig</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">controlplane</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">configPatches</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">op</span>: add </span></span><span style="display:flex;"><span> <span style="color:#268bd2">path</span>: /machine/network </span></span><span style="display:flex;"><span> <span style="color:#268bd2">value</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">interfaces</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">interface</span>: eth0 </span></span><span style="display:flex;"><span> <span style="color:#268bd2">dhcp</span>: <span style="color:#cb4b16">true</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">vip</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">ip</span>: <span style="color:#2aa198">172.16.200.52</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">generateType</span>: controlplane </span></span><span style="display:flex;"><span> <span style="color:#268bd2">talosVersion</span>: v0.13 </span></span><span style="display:flex;"><span> <span style="color:#268bd2">init</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">configPatches</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">op</span>: add </span></span><span style="display:flex;"><span> <span style="color:#268bd2">path</span>: /machine/network </span></span><span style="display:flex;"><span> <span style="color:#268bd2">value</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">interfaces</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">interface</span>: eth0 </span></span><span style="display:flex;"><span> <span style="color:#268bd2">dhcp</span>: <span style="color:#cb4b16">true</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">vip</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">ip</span>: <span style="color:#2aa198">172.16.200.52</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">generateType</span>: init </span></span><span style="display:flex;"><span> <span style="color:#268bd2">talosVersion</span>: v0.13 </span></span><span style="display:flex;"><span> <span style="color:#268bd2">infrastructureTemplate</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">apiVersion</span>: infrastructure.cluster.x-k8s.io/v1alpha3 </span></span><span style="display:flex;"><span> <span style="color:#268bd2">kind</span>: MetalMachineTemplate </span></span><span style="display:flex;"><span> <span style="color:#268bd2">name</span>: workload-cluster </span></span><span style="display:flex;"><span> <span style="color:#268bd2">replicas</span>: <span style="color:#2aa198">3</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">version</span>: v1.23.0 </span></span></code></pre></div><p><em>TalosConfigTemplate</em> custom resource:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span>--- </span></span><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: bootstrap.cluster.x-k8s.io/v1alpha3 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: TalosConfigTemplate </span></span><span style="display:flex;"><span><span style="color:#268bd2">metadata</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">name</span>: workload-cluster </span></span><span style="display:flex;"><span> <span style="color:#268bd2">namespace</span>: default </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">template</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">generateType</span>: join </span></span><span style="display:flex;"><span> <span style="color:#268bd2">talosVersion</span>: v0.13 </span></span><span style="display:flex;"><span> <span style="color:#268bd2">configPatches</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">op</span>: add </span></span><span style="display:flex;"><span> <span style="color:#268bd2">path</span>: /machine/kubelet </span></span><span style="display:flex;"><span> <span style="color:#268bd2">value</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">extraArgs</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">node-labels</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">talos.dev/part-of</span>: cluster/workload-cluster </span></span></code></pre></div><p>and finally in the control plane <code>ServerClass</code> custom resource we augment the network information for other interfaces:</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span>--- </span></span><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: ServerClass </span></span><span style="display:flex;"><span><span style="color:#268bd2">metadata</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">name</span>: cp.small.x86 </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">configPatches</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">op</span>: replace </span></span><span style="display:flex;"><span> <span style="color:#268bd2">path</span>: /machine/install/disk </span></span><span style="display:flex;"><span> <span style="color:#268bd2">value</span>: /dev/nvme0n1 </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">op</span>: add </span></span><span style="display:flex;"><span> <span style="color:#268bd2">path</span>: /machine/install/extraKernelArgs </span></span><span style="display:flex;"><span> <span style="color:#268bd2">value</span>: </span></span><span style="display:flex;"><span> - console=tty0 </span></span><span style="display:flex;"><span> - console=ttyS1,115200n8 </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">op</span>: add </span></span><span style="display:flex;"><span> <span style="color:#268bd2">path</span>: /machine/network/interfaces/- </span></span><span style="display:flex;"><span> <span style="color:#268bd2">value</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">interface</span>: eth1 </span></span><span style="display:flex;"><span> <span style="color:#268bd2">dhcp</span>: <span style="color:#cb4b16">true</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">qualifiers</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">cpu</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">version</span>: Intel(R) Xeon(R) E-2124G CPU @ 3.40GHz </span></span><span style="display:flex;"><span> <span style="color:#268bd2">systemInformation</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">manufacturer</span>: Supermicro </span></span><span style="display:flex;"><span> <span style="color:#268bd2">selector</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">matchLabels</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">metal.sidero.dev/serverclass</span>: cp.small.x86 </span></span></code></pre></div><p>the workload <code>ServerClass</code> defines the complete networking config</p> <div class="highlight"><pre tabindex="0" style="color:#93a1a1;background-color:#002b36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span>--- </span></span><span style="display:flex;"><span><span style="color:#268bd2">apiVersion</span>: metal.sidero.dev/v1alpha1 </span></span><span style="display:flex;"><span><span style="color:#268bd2">kind</span>: ServerClass </span></span><span style="display:flex;"><span><span style="color:#268bd2">metadata</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">name</span>: general.medium.x86 </span></span><span style="display:flex;"><span><span style="color:#268bd2">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">configPatches</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">op</span>: replace </span></span><span style="display:flex;"><span> <span style="color:#268bd2">path</span>: /machine/install/disk </span></span><span style="display:flex;"><span> <span style="color:#268bd2">value</span>: /dev/nvme1n1 </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">op</span>: add </span></span><span style="display:flex;"><span> <span style="color:#268bd2">path</span>: /machine/install/extraKernelArgs </span></span><span style="display:flex;"><span> <span style="color:#268bd2">value</span>: </span></span><span style="display:flex;"><span> - console=tty0 </span></span><span style="display:flex;"><span> - console=ttyS1,115200n8 </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">op</span>: add </span></span><span style="display:flex;"><span> <span style="color:#268bd2">path</span>: /machine/network </span></span><span style="display:flex;"><span> <span style="color:#268bd2">value</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">interfaces</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">interface</span>: eth0 </span></span><span style="display:flex;"><span> <span style="color:#268bd2">dhcp</span>: <span style="color:#cb4b16">true</span> </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">interface</span>: eth1 </span></span><span style="display:flex;"><span> <span style="color:#268bd2">dhcp</span>: <span style="color:#cb4b16">true</span> </span></span><span style="display:flex;"><span> <span style="color:#268bd2">qualifiers</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">cpu</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">version</span>: Intel(R) Xeon(R) E-2136 CPU @ 3.30GHz </span></span><span style="display:flex;"><span> <span style="color:#268bd2">systemInformation</span>: </span></span><span style="display:flex;"><span> - <span style="color:#268bd2">manufacturer</span>: Supermicro </span></span><span style="display:flex;"><span> <span style="color:#268bd2">selector</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">matchLabels</span>: </span></span><span style="display:flex;"><span> <span style="color:#268bd2">metal.sidero.dev/serverclass</span>: general.medium.x86 </span></span></code></pre></div><p>The base template is constructed from the Talos bootstrap provider, using data from the associated <code>TalosControlPlane</code> and <code>TalosConfigTemplate</code> manifest. Then, any configuration patches are applied from the <code>ServerClass</code> and <code>Server</code>.</p> <p>These patches take the form of an <a href="https://tools.ietf.org/html/rfc6902">RFC 6902</a> JSON (or YAML) patch. An example of the use of this patch method can be found in <a href="../../guides/patching/">Patching Guide</a>.</p> <p>Also note that while a <code>Server</code> can be a member of any number of <code>ServerClass</code>es, only the <code>ServerClass</code> which is used to select the <code>Server</code> into the <code>Cluster</code> will be used for the generation of the configuration of the <code>Machine</code>. In this way, <code>Servers</code> may have a number of different configuration patch sets based on which <code>Cluster</code> they are in at any given time.</p>