Talos

Talos is an interesting Distribution specifically dedicated to Kubernetes. Reduced to only essential components, talos is only utilizing the Linux Kernel and Several Go Binaries. It lacks traditional components like SSH, Systemd, glibc, package manager, or shell. It is secure by default with PKI and API-Driven operations. Management is done via YAML manifests or talosctl, a CLI tool.

Main Features of Talos

  • Immutable: Talos Linux is designed to be immutable, meaning its filesystem is read-only. This prevents unintended changes and enhances system reliability and security.

  • Ephemeral: Talos can be configured to run in an ephemeral mode, where state is not persisted across reboots. This is ideal for stateless systems or environments requiring rapid recovery or scaling.

  • Secure: Talos emphasizes security by default. It operates with minimal attack surface, includes features like encrypted communications, and removes unnecessary tools such as SSH, further reducing vulnerabilities.

Common talosctl Commands

General Node Management

View Node Information

talosctl get nodes

Bootstrap a Node

talosctl bootstrap

Reboot a Node

talosctl reboot

Shutdown a Node

talosctl shutdown

Drain a Node

talosctl drain <node-name>

Fetch Node Configuration

talosctl read /config

Apply Configuration

talosctl apply-config --insecure --nodes <IP> --file controlplane.yaml

List Node Services

talosctl service list

Get Service Details

talosctl service <service-name>

Restart a Service

talosctl service restart <service-name>

Kubernetes Cluster Management

Get Kubernetes Cluster Info

talosctl cluster info

Fetch Kubeconfig

talosctl kubeconfig

Reset Kubernetes State

talosctl reset --graceful

Upgrade Kubernetes Version

talosctl upgrade-k8s --to <version>

Debugging and Diagnostics

Fetch Logs

talosctl logs <service-name>

Run Command on a Node

talosctl exec <command>

Display Node Environment

talosctl environment

Inspect Node Health

talosctl health

Fetch Crash Dumps

talosctl debug gather

Configuration Management

Generate Cluster Configuration

talosctl gen config <cluster-name> <https://control-plane-ip>:6443

Validate Configuration

talosctl validate config <file.yaml>

Edit Node Configuration

talosctl edit config

View Current Configuration

talosctl config show

Utility Commands

Switch Contexts

talosctl config endpoint <control-plane-ip>

Set Context Settings

talosctl config endpoint <ip>
talosctl config node <ip>
talosctl config auth <cert-file> <key-file>

Check Node Version

talosctl version

Display Help

talosctl help