Why?

In an effort to keep my Kubernetes skills sharp, I decided to tackle the Kubernetes Resume Challenge. However, rather than follow the instructions to a T, I’ve decided to add some twists of my own that’ll spice things up. Hence, the reason for the blog series. Hope you enjoy the ride.

Setup

Like mentioned above, I plan on deviating slightly from the guide. To begin, I will not be using a cloud provider for creating the Kubernetes cluster. While using a CSP like AWS or Azure come with its own benefits, for the sake of this project, I wanted to explore Talos Linux a bit and this seemed like the perfect opportunity. Yes, Talos does support deployment to cloud providers, however for the sake of learning (and cost), began with a new VM running a Talos Linux cluster.

Elaborating on the setup - a VM running Debian 12 with docker and talosctl installed. Regarding system resources, 2 CPU cores and 2 GiB of RAM were allocated for the VM.

To create the cluster, the following was executed:

talosctl cluster create

After a couple of minutes, the cluster is created with 2 nodes - one control plane and one worker node.

By default, the kubeconfig is stored at ~/.kube/config. Because I don’t want to be operating on the VM itself and instead prefer to work from my dev machine, I’ll copy over the kubeconfig over.

Note that by default, the kubeconfig will not work because:

  1. The server field is set to the internal IP. Assuming you have a network connection between “dev” machine and cluster, update the IP accordingly.
  2. The TLS cert is only valid for the internal IPs (10.5.0.0/24)

Therefore, the following flags are added to our kubectl calls - --insecure-skip-tls-verify.

And hurrah, from our dev machine, we can now run:

$ kubectl --kubeconfig ~/.kube/talos-kubeconfig.yaml --insecure-skip-tls-verify get pods -A
NAMESPACE     NAME                                                   READY   STATUS    RESTARTS      AGE
kube-system   coredns-85b955d87b-6l55p                               1/1     Running   0             91m
kube-system   coredns-85b955d87b-874vh                               1/1     Running   0             91m
kube-system   kube-apiserver-talos-default-controlplane-1            1/1     Running   0             91m
kube-system   kube-controller-manager-talos-default-controlplane-1   1/1     Running   2 (92m ago)   90m
kube-system   kube-flannel-lgsqh                                     1/1     Running   0             91m
kube-system   kube-flannel-r55b8                                     1/1     Running   0             91m
kube-system   kube-proxy-6bjck                                       1/1     Running   0             91m
kube-system   kube-proxy-99p5z                                       1/1     Running   0             91m
kube-system   kube-scheduler-talos-default-controlplane-1            1/1     Running   2 (92m ago)   90m

And with that, we’re ready to proceed with the actual challenge :)