Replicated PV Mayastor Installation on Talos
All the below configurations can be configured either during initial cluster creation or on running worker nodes.
Talos Control Plane Changes
Pod Security
By default, Talos Linux applies a baseline pod security profile across namespaces except for the kube-system namespace. This default setting restricts Replicated PV Mayastors’s ability to manage and access system resources. You need to add the exemptions for Replicated PV Mayastor namespace. Refer to the Talos Documentation for detailed instructions on Pod Security.
Create a file cp.yaml
cluster:
apiServer:
admissionControl:
- name: PodSecurity
configuration:
apiVersion: pod-security.admission.config.k8s.io/v1beta1
kind: PodSecurityConfiguration
exemptions:
namespaces:
- openebs
Talos Worker Node Changes
Huge Pages
2MiB-sized Huge Pages must be supported and enabled on the Replicated PV Mayastor storage nodes. A minimum number of 1024 such pages (i.e. 2GiB total) must be available exclusively to the Replicated PV Mayastor pod on each node.
Labels
All Replicated PV Mayastor storage nodes must be labelled with the OpenEBS engine type "mayastor". This label will be used as a node selector by the IO engine Daemonset that is deployed as a part of the Replicated PV Mayastor data plane components installation.
Data Mount Paths
Provide additional data path mounts to be accessible to the Kubernetes Kubelet container. These mounts are necessary to provide access to the host directories and attach volumes required by the Replicated PV Mayastor components.
Create a file wp.yaml
machine:
sysctls:
vm.nr_hugepages: "1024"
nodeLabels:
openebs.io/engine: "mayastor"
kubelet:
extraMounts:
- destination: /var/local
type: bind
source: /var/local
options:
- bind
- rshared
- rw
Examples
-
By using talosctl gen config:
- Run talosctl gen config with the above file.
talosctl gen config talos-k8s-gcp-tutorial https://mytaloscluster:443 --config-patch-control-plane @cp.yaml --config-patch-worker @wp.yaml -
By patching a running node with config file:
- Run the following command to patch an existing node with config file.
talosctl patch --mode=no-reboot machineconfig -n <control plane node ip> --patch @cp.yamltalosctl patch --mode=no-reboot machineconfig -n <worker node ip> --patch @wp.yaml -
By editing machineconfig on running node:
- Run the following command to edit the machineconfig of a node directly.
talosctl edit -n <node ip> machineconfig --talosconfig <path to talosconfig file>
Restart kubelet or reboot the node if you modify the vm.nr_hugepages configuration of a node. Replicated PV Mayastor will not deploy correctly if the available Huge Page count as reported by the node's kubelet instance does not meet the minimum requirements.
talosctl -n <node ip> service kubelet restart
Install Replicated PV Mayastor on Talos
Refer to the OpenEBS Installation Documentation to install Replicated PV Mayastor using Helm on Talos.
Talos Upgrade
The Talos operating system provides a streamlined upgrade process for maintaining and enhancing system performance. It is crucial to follow the appropriate steps based on the version of Talos you are using to ensure data integrity and system stability during upgrades.
Version 1.7 or Lower
Follow the below steps to perform an upgrade for version 1.7 or lower:
- Upgrade a node using the
--preserveflag.
talosctl -n <node-ip> upgrade --preserve --image $IMAGE_URL
The --preserve flag explicitly instructs Talos to retain ephemeral data. Upgrading without this flag will compel Talos to reset node configurations and data, resulting in a more intrusive process that will erase the existing etcd state and other stored data.
- Verify that the node is operating on the new version.
talosctl -n <node-ip> version
- Repeat this process for all nodes in the cluster.
Version 1.8 or Above
In the Talos Linux installer, the system disk is never wiped during upgrades. Consequently, the --preserve flag is automatically applied to the talosctl upgrade command, ensuring a seamless upgrade experience while preserving existing data.
Refer Upgrades for more details.