Provisioning a Private Talos Kubernetes Cluster on Hetzner Cloud
10 hours ago
- #Hetzner
- #Talos
- #Kubernetes
- Build a private Kubernetes cluster on Hetzner Cloud using Talos, with nodes only accessible through Tailscale private network.
- Use Terraform for infrastructure management to create machines, Talos configs, and bootstrap Kubernetes, integrating GitOps with ArgoCD.
- Set up distinct IP subnets for control plane, platform and general worker pools, services, and pods to organize cluster networking.
- Configure Talos image with Packer for Hetzner, ensuring correct networking settings (interfaces, routes, node IPs) to avoid failures.
- Install Cilium for cluster networking in native routing mode, followed by Hetzner Cloud Controller Manager and other integrations.
- Encounter and resolve issues like network misconfiguration, containerd process leaks, and perform in-place Talos upgrade to v1.12.6.
- Key learnings: need default route for outbound traffic, match Talos interface names to Hetzner VMs, restrict node IP ranges, and separate CIDRs.
- Cluster transitions from learning to production once real workloads like snapbyte.dev run, requiring careful management and upgrades.