Talos Linux logo
Talos Linux
Preview of the Vultr management interface for Talos Linux on a mobile device.
Talos Linux logo|trans
Talos Linux
Preview of the Vultr server deploy page control panel for Talos Linux on a web browser.

Talos Linux is Linux designed for Kubernetes †secure, immutable, and minimal.

  • Supports cloud platforms, bare metal, and virtualization platforms
  • All system management is done via an API. No SSH, shell or console
  • Production ready: supports some of the largest Kubernetes clusters in the world
  • Open source project from the team at Sidero Labs
  • ideal for edge, bare-metal, or multi-cloud deployments

Installs vanilla upstream Kubernetes.
Docs and getting started guides at Talos.dev

Note: control plane nodes require a minimum of 2GB of memory in order to come up correctly.

Your Talos Linux node is ready!
Your server's IP address is: use.your.ip.

But it is not yet a Kubernetes cluster. To make a cluster, see the below steps.

Install talosctl

If you do not have talosctl installed on your workstation, download it now.
bash curl --proto '=https' --tlsv1.2 -sSfL https://talos.dev/install | sh

How to deploy? You may make your Talos Linux Vultr node:

  • the control plane node, as part of a non-HA cluster - requires 2GB of RAM at least
  • part of a High Availability control plane; requires 2GB of RAM at least
  • or add it as a worker.

If this node is to be the single control plane node for a non-HA cluster

Generate a configuration on your workstation:
talosctl gen config "cluster-name" https://use.your.ip:6443

This will create 3 files locally:

  • controlplane.yaml
  • worker.yaml
  • talosconfig

Edit the controlplane.yaml file to allow workloads to run on the controlplane:
add the line:
allowSchedulingOnControlPlanes: true
just under the clusters: line, indented like the others beneath it.

Now you just need to apply the controlplane.yaml file to your control plane node:
talosctl apply-config --insecure --nodes use.your.ip --endpoints use.your.ip --file controlplane.yaml

A note on talosctl: the --nodes flag specifies which nodes the command should operate on; the --endpoints flag specifies which control plane node talosctl sends the command to, in order to forward it to the specified nodes.You can pass these parameters in each command, or configure them in your talosconfig file with talosctl config.

Now bootstrap your control plane:
talosctl bootstrap --nodes use.your.ip --endpoints use.your.ip --talosconfig=./talosconfig
This will cause the control plane node to bring etcd up. You can watch the progress with
talosctl health --nodes use.your.ip --endpoints use.your.ip --talosconfig=./talosconfig

Download your kubeconfig:
talosctl --nodes use.your.ip --endpoints use.your.ip kubeconfig --talosconfig=./talosconfig
And you now have a running cluster you can manage with kubectl and talosctl.
Try:
talosctl --nodes use.your.ip --endpoints use.your.ip --talosconfig=./talosconfig containers
talosctl --nodes use.your.ip --endpoints use.your.ip --talosconfig=./talosconfig dashboard
and
kubectl get nodes

If this node is to be a worker node

If you have already created your control plane - either as a single node or high-availability control plane - you have already generated the configuration for your cluster using talosctl gen config.
Now apply the worker file that was output from that step to this node:
talosctl apply-config --insecure --nodes use.your.ip --endpoints use.your.ip --file worker.yaml

Create an HA cluster (3 node control plane)

If you want to create a HA control plane node, it requires 3 control plane nodes, and a way to route traffic to all 3 nodes.
Create 3 vultr instances, all using Talos Linux. After your control plane nodes are created, you need to define your Kubernetes endpoint.
Suggested ways are:

Create a DNS record with multiple A records

Create a DNS record (e.g. endpoint.mydomain.com) with a A record pointing to each control plane node's IP address.

Create a load balancer

Create a Vultr load balancer and bind it to forward TCP ports 6443 to ALL the 3 control plane nodes.

Now use the DNS name, or the IP address or DNS name of the load balancer, to create your cluster configuration:
talosctl gen config "cluster-name" https://cluster-endpoint:6443
where cluster-endpoint is your DNS or load balancer.
This will create 3 files locally:
* controlplane.yaml
* worker.yaml
* talosconfig

Now you just need to apply the controlplane.yaml file to all your control plane nodes:
talosctl apply-config --insecure --nodes use.your.ip --endpoints use.your.ip --file controlplane.yaml
(Repeat this command, using the IP for each of your control plane nodes.)

If you have created worker nodes, apply the appropriate file to them:
talosctl apply-config --insecure --nodes <IP Address of worker> --endpoints <IP Address of worker> --file worker.yaml

Now bootstrap your control plane:
talosctl bootstrap --nodes use.your.ip --endpoints use.your.ip --talosconfig=./talosconfig
(This command only needs to be done once, and can be applied to any one of the control plane nodes.)
This will cause the control plane node to bring etcd up, and the workers to join the control plane node.
Download your kubeconfig:
talosctl --endpoints use.your.ip --nodes use.your.ip --talosconfig=./talosconfig kubeconfig

You can watch the cluster coming online with:
talosctl --nodes use.your.ip --endpoints use.your.ip --talosconfig=./talosconfig health
And you now have a running cluster you can manage with kubectl and talosctl.
Try:
talosctl --nodes use.your.ip --endpoints use.your.ip --talosconfig=./talosconfig containers
talosctl --nodes use.your.ip --endpoints use.your.ip --talosconfig=./talosconfig dashboard
and
kubectl get nodes

Support Information

Support Contact

Website
https://talos.dev/
Support URL
https://github.com/siderolabs/talos/discussions
Repository
https://github.com/siderolabs/talos
Slack Channel
https://slack.dev.talos-systems.io/

Maintainer Contact

Website
https://SideroLabs.com/
Git
https://github.com/siderolabs
Twitter
SideroLabs
Slack
https://slack.dev.talos-systems.io/

Report Application

Report an application with malicious intent or harmful content.

Thank you for your report!

Our Team has received your report and will respond accordingly as possible.