Immutable, reproducible VM-based Talos Linux platform of testk8s-platform.
dockeranddocker compose, orpodmanandpodman-compose- Rootful, since
SYS_ADMINandNET_ADMINare needed --privilegedis only required for the (optional)modprobecontainer
- Rootful, since
- KVM support on the host (check with
ls /dev/kvm) - A POSIX compliant shell for supporting scripts
Kernel modules needed for networking on the host (will be modprobed automatically):
act_mirredcls_u32sch_ingress
See the .env file for configuration options and their explanations.
Start up the platform with sudo docker compose up or sudo podman-compose up. This should build download/build all needed components automatically and start the Talos Linux cluster in the talos container.
Use ./enter.sh talos to enter the talos container. The runtime environment should set itself up automatically, but the following tools are available for debugging and manual deployment:
kubectlk9s
-
Inside the
taloscontainer, first check the logs of the first control plane VM, which often contain helpful hints about the issue:tail -f ~/.talos/clusters/talos-default/talos-default-controlplane-1.log -
If there is an error related to networking, check that the
modprobecontainer has executed successfully withdocker compose logs modprobeorpodman-compose logs modprobe. -
If there is a networking error despite all the kernel modules from the requirements being loaded, try to re-create the
talos containerwithdocker compose up -d --force-recreate talosorpodman-compose up -d --force-recreate talos.
- Check that you are running
docker composeorpodman-composewith sufficient privileges - Ensure that
/dev/kvmis present and has the right permissions
- Dennis Marttinen (@twelho)
testk8s-platform has been developed with support from the Secure Systems Group of the Department of Computer Science at Aalto University, Espoo, Finland.