07b7ee62d3
Aula 08 - Cluster Kubernetes HA: - Setup interativo com OpenTofu para Talos na Hetzner - CCM, CSI Driver, Cluster Autoscaler, Metrics Server - NGINX Ingress com LoadBalancer (HTTP/HTTPS/SSH) Aula 09 - n8n na Hetzner: - Deploy via Helm com PostgreSQL e Redis - Suporte multi-tenant com add-client.sh - Integração com Hetzner CSI para volumes persistentes Aula 10 - GitLab na Hetzner: - Setup agnóstico: CloudFlare (trusted proxies) ou Let's Encrypt - Anti-affinity para distribuir webservice/sidekiq em nós diferentes - Container Registry e SSH via TCP passthrough - Documentação do erro 422 e solução com trustedCIDRsForXForwardedFor Melhorias gerais: - READMEs atualizados com arquitetura e troubleshooting - Scripts cleanup.sh para todas as aulas - CLAUDE.md atualizado com contexto do projeto
52 lines
1.1 KiB
YAML
52 lines
1.1 KiB
YAML
# Talos Worker Configuration Patch
|
|
# Base configuration for worker nodes
|
|
machine:
|
|
# Network optimizations
|
|
sysctls:
|
|
net.core.somaxconn: "8192"
|
|
net.ipv4.tcp_max_syn_backlog: "8192"
|
|
net.core.netdev_max_backlog: "5000"
|
|
net.ipv4.ip_local_port_range: "1024 65535"
|
|
net.ipv4.tcp_tw_reuse: "1"
|
|
net.ipv4.tcp_fin_timeout: "15"
|
|
fs.file-max: "2097152"
|
|
fs.inotify.max_user_watches: "524288"
|
|
vm.max_map_count: "262144"
|
|
|
|
# Kubelet configuration
|
|
kubelet:
|
|
extraArgs:
|
|
cloud-provider: external
|
|
max-pods: "110"
|
|
kube-reserved: "cpu=100m,memory=200Mi"
|
|
system-reserved: "cpu=100m,memory=100Mi"
|
|
# Force kubelet to use private network IP
|
|
nodeIP:
|
|
validSubnets:
|
|
- 10.0.0.0/8
|
|
|
|
# Time sync
|
|
time:
|
|
servers:
|
|
- ntp1.hetzner.de
|
|
- ntp2.hetzner.com
|
|
- ntp3.hetzner.net
|
|
|
|
# Features
|
|
features:
|
|
rbac: true
|
|
stableHostname: true
|
|
|
|
cluster:
|
|
# Network configuration
|
|
network:
|
|
cni:
|
|
name: flannel
|
|
flannel:
|
|
extraArgs:
|
|
- --iface-can-reach=10.0.1.1
|
|
dnsDomain: cluster.local
|
|
serviceSubnets:
|
|
- 10.96.0.0/12
|
|
podSubnets:
|
|
- 10.244.0.0/16 |