01 - Talos Linux

Welcome to the first post in my series where I document my journey with setting up a home lab using Talos Linux. Talos Linux is not just another Linux distribution; it's an immutable, secure OS tailored for running Kubernetes clusters efficiently. Both in my professional environment and now in my personal setup, Talos Linux has proven to be a robust choice.

Why Talos Linux?

Before we dive into the setup, let's explore why I chose Talos:

  • Security: With an immutable design, Talos minimizes attack vectors by not allowing runtime modifications to system files.
  • Simplicity: Its declarative configuration system reduces the complexity of managing node configurations.
  • Kubernetes Native: Built from the ground up for Kubernetes, ensuring seamless integration without the overhead typical of other Linux distributions.

Expectations

My goals for this home lab project are multifaceted:

  • Cluster Capabilities: I aim to run a multi-node Kubernetes cluster capable of handling both stateful and stateless applications. This setup will allow me to experiment with various workloads, from simple web apps to more complex database-driven services.

  • Mobile Access: Ensuring that I can access my homelab from my mobile devices is crucial.

  • Data Management: Implementing a robust backup solution where databases are periodically backed up to an S3-compatible storage provider to safeguard against data loss.

Tech Stack

Here's the technology stack I've selected for this project:

  • Talos - For its security features and Kubernetes-native approach.
  • Kubernetes - The heart of the cluster, managing containerized workloads and services.
  • Tailscale / Cloudflare Tunnels - For secure, remote access to my home network and services.
  • Cilium - As the Container Network Interface (CNI), providing network security, load balancing, and more with eBPF.
  • OpenEBS - For storage management within Kubernetes, although at work we've used Longhorn, I'm keen to explore OpenEBS at home for its simplicity and Kubernetes-native integration.
  • FluxCD - Instead of ArgoCD, which we use at work, FluxCD will be my choice at home to manage Kubernetes configurations as code.

Network Setup

A simplified diagram of my home network setup:

Shows my current home network

Breakdown:

  • Router: Acts solely as a gateway to my ISP, keeping the network edge simple.

  • PiHole: Manages all DHCP requests and provides ad-blocking DNS services across the network, enhancing privacy and reducing bandwidth usage.

  • Proxmox Server: My old desktop PC has been repurposed into a Proxmox host, connected via my Unifi switch. This server will host my Talos nodes in virtual machines, giving me flexibility in testing and deployment.

  • Unifi WiFi Hotspot: Segregates network traffic by creating different SSIDs for work, IoT devices, and personal use, improving security and network management.

Next Steps

In upcoming posts, I will detail:

  • The installation process of Talos Linux on virtual machines within Proxmox.
  • Configuring Kubernetes with Talos, including setting up the control plane and worker nodes.
  • Integrating network solutions like Tailscale for secure remote access.
  • Implementing and testing my chosen CNI and CSI solutions within the cluster.

Stay tuned as I take you through each step of setting up and optimizing a Kubernetes cluster with Talos Linux at home!