Ephemeral Castle Proxmox Talos Foundation
Scope
This page documents the provider base used by the active tazlab-k8s cluster.
Current Synthesis
The Proxmox/Talos foundation is built from clusters/tazlab-k8s/live/env.hcl, clusters/tazlab-k8s/live/terragrunt.hcl, clusters/tazlab-k8s/live/secrets/, and the proxmox-talos Terraform module. env.hcl is the source of truth for topology and addresses; the module turns that data into VMs, Talos machine config, bootstrap, and kubeconfig outputs.
Current Topology
- Proxmox endpoint:
192.168.1.200:8006 - gateway:
192.168.1.1 - cluster VIP:
192.168.1.210 - control-plane node:
192.168.1.211 - worker node:
192.168.1.214 - Talos version:
v1.12.0 - topology currently encoded in
env.hcl: 1 control plane, 1 worker
Module Behavior
secrets-fetcher
reads bootstrap secrets via Terragrunt env vars (set by
create.shfrom~/secrets/)the cluster uses
secretboxEncryptionSecretfrom Talos machine secrets (key sourced from~/secrets/)the worker mounts
/var/mnt/longhorninto/var/lib/longhorn
Outputs and Artifacts
kubeconfig_rawtalos_config- Kubernetes client certificate/key/CA outputs
- local files written to
clusters/tazlab-k8s/proxmox/configs/
Relationships
- ephemeral-castle
- Ephemeral Castle Repository Map
- Ephemeral Castle Cluster Bootstrap
- Ephemeral Castle Topology Drift
Source Basis
clusters/tazlab-k8s/live/env.hclclusters/tazlab-k8s/live/terragrunt.hclclusters/tazlab-k8s/live/secrets/terragrunt.hclclusters/tazlab-k8s/live/platform/terragrunt.hclclusters/tazlab-k8s/modules/secrets-fetcher/main.tfclusters/tazlab-k8s/modules/proxmox-talos/main.tf