Talos Linux
Requirements
You must meet the following requirements before installing SUSE Storage on a Talos Linux cluster.
System Extensions
Some SUSE Storage-dependent binary executables are not present in the default Talos root filesystem. To have access to these binaries, Talos offers system extension mechanism to extend the installation.
-
siderolabs/iscsi-tools
: this extension enables iscsid daemon and iscsiadm to be available to all nodes for the Kubernetes persistent volumes operations. -
siderolabs/util-linux-tools
: this extension enables linux tool to be available to all nodes. For example, thefstrim
binary is used for SUSE Storage volume trimming.
The most straightforward method is patching the extensions onto existing Talos Linux nodes.
customization:
systemExtensions:
officialExtensions:
- siderolabs/iscsi-tools
- siderolabs/util-linux-tools
For detailed instructions, see the Talos documentation on System Extensions and Boot Assets.
Pod Security
SUSE Storage requires pod security enforce: "privileged"
.
By default, Talos Linux applies a baseline
pod security profile across namespaces, except for the kube-system namespace. This default setting restricts SUSE Storage’s ability to manage and access system resources. For more information, see Root and Privileged Permission.
For detailed instructions, see Pod Security Policies Disabled & Pod Security Admission Introduction and the Talos documentation on Pod Security.
Data Path Mounts
You need provide additional data path mounts to be accessible to the Kubernetes Kubelet container.
These mounts are necessary to provide access to the host directories, and attach volumes required by SUSE Storage components.
machine:
kubelet:
extraMounts:
- destination: /var/lib/longhorn
type: bind
source: /var/lib/longhorn
options:
- bind
- rshared
- rw
For detailed instructions, see the Talos documentation on Editing Machine Configuration.
V2 Data Engine
To use V2 volumes, all nodes must meet the V2 Data Engine prerequisites.
machine:
sysctls:
vm.nr_hugepages: "1024"
kernel:
modules:
- name: nvme_tcp
- name: vfio_pci
# - name: uio_pci_generic
Talos Linux v1.7.x and earlier versions do not include the You can use |
Talos Linux Upgrades
When upgrading a Talos Linux node, always include the --preserve
option in the command. This option explicitly tells Talos to keep ephemeral data intact.
Example:
talosctl upgrade --nodes 10.20.30.40 --image ghcr.io/siderolabs/installer:v1.7.6 --preserve
If you do not include the --preserve option, Talos wipes /var/lib/longhorn , destroying all replicas stored on that node.
|
Recovering from an Upgraded Node without Preserving Data
If you were unable to include the --preserve
option in the upgrade command, perform the following steps:
-
On the SUSE Storage UI, go to the Node screen.
-
Select the upgraded node, and then select Edit node and disks in the Operation menu.
-
On the Edit Node and Disks screen, set Scheduling to Disable, delete the disk, and then click Save.
-
Select the upgraded node again, and then select Edit node and disks in the Operation menu.
-
On the Edit Node and Disks screen, add a disk and configure the following settings:
-
Path: Specify
/var/lib/longhorn/
. -
Storage Reserved: Specify a value that matches your requirements. The default value is 30 Gi.
-
Scheduling: Select Enable.
-
-
Click Save.
SUSE Storage synchronizes the replicas based on the configured settings.