update readme

CONTRIBUTING.md

@@ -0,0 +1,15 @@
+# Contributing Guidelines
+
+## Reporting an issue
+
+* Create an issue describing the problem.
+
+## Submitting a Pull Request
+
+All commits require a [DCO](https://developercertificate.org/) sign-off.
+This is done by committing with the `--signoff` flag.
+
+* Create an issue describing the problem and your proposed solution.
+* Wait for feedback from the maintainers.
+* Fork the repo, develop and test your code changes.
+* Submit a pull request.

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2021 Serge
+Copyright (c) 2021 Serge Logvinov
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -1,46 +1,66 @@
 # Terraform examples to launch Talos.
 
-I store here the terraform code to launch Talos in the clouds.
-I wouldn't use the terrafrom modules from internet.
-The goal is to create all cloud services from scratch.
+This repository was created to store Terraform code for launching Talos in the clouds/bare-metal.
+When I added features/cloud platform integrations to Talos, I needed to run tests manually.
+To make things easier, I created this repository.
+
+There are no GitOps best practices here - no FluxCD, ArgoCD, or other GitOps tools.
+Each step is applied manually because I need to test everything to ensure it works as expected.
+
+* I chose not to use Terraform modules from the internet; the goal here is to build all cloud services from scratch.
+* I `don’t maintain backward compatibility` and always use the latest versions of Terraform and cloud provider tools.
+* Kubernetes isn’t fully ready for multi-cloud environments, as many components were designed for single-environment setups. So did some changes to each cloud provider controllers to improve compatibility. (like CCM, CSI, etc.)
+* The [Talos CCM](https://github.com/siderolabs/talos-cloud-controller-manager) project was created to make multi-cloud setups more cloud-native, addressing some common issues in multi-cloud environments.
+
+Some examples are production ready, and I’ve been using them with minor adjustments to fit company’s needs.
+In most cases in my production setup, I use two or more cloud providers within a single Kubernetes cluster.
+
+Everything here is under the `MIT license`.
+Feel free to clone, copy the code.
+If this project helps you, please give it a `star`.
+It helps me to understand how many people are interested in this project/ideas.
+And it motivates me to keep working on it. Your support encourages me to add/sync new features.
 
 ## Ideas
 
-First, I will create separate clusters on each cloud provider, test them thoroughly, and bring them close to production readiness. When I merge these separate Kubernetes clusters into one, they will have a single control plane.
+First, I will create separate clusters on each cloud provider, test them thoroughly, and bring them close to production readiness.
+When I merge these separate Kubernetes clusters into one, they will have a single control plane.
 
 Why is it so important?
 
 Having a single Kubernetes control plane that spans multiple cloud providers can offer several benefits:
 
-* Improved resilience and availability: By using multiple cloud providers, you can reduce the risk of downtime due to a single point of failure.
+* Improved resilience and availability: By using multiple cloud providers, you can reduce the risk of downtime due to cloud provider outages or other issues.
 * Flexibility: A single control plane allows you to easily move workloads between different cloud providers, depending on your needs.
 * Cost savings: You can take advantage of the different pricing models and discounts offered by different cloud providers to save on costs.
 * Improved security: By using multiple cloud providers, you can implement a defense-in-depth strategy to protect your data and reduce the risk of a security breach.
 * Decrease the time to recovery (TTR)
 
 ## Clouds
 
-| Platform | Checked Talos version | Addons | Setup type | Nat-IPv4 | IPv6 | Pod with IPv6 |
+| Platform | Checked Talos version | Addons | Setup type | Nat-IPv4 | IPv6 | Pod with global IPv6 |
 |---|---|---|---|---|---|---|
-| [Azure](azure)         | 1.3.4  | CCM,CSI,Autoscaler | many regions, many zones | ✓ | ✓ | |
+| [Azure](azure)         | 1.3.4  | CCM,CSI,Autoscaler | many regions, many zones | ✓ | ✓ | ✗ |
 | [Exoscale](exoscale)   | 1.3.0  | CCM,Autoscaler     | many regions | ✗ | | |
 | [GCP](gcp-zonal)       | 1.3.4  | CCM,CSI,Autoscaler | one region, many zones | ✓ | ✓ | ✓ |
 | [Hetzner](hetzner)     | 1.7.6  | CCM,CSI,Autoscaler | many regions, one network zone | ✗ | ✓ | ✓ |
 | [Openstack](openstack) | 1.3.4  | CCM,CSI            | many regions, many zones | ✓ | ✓ | ✓ |
-| [Oracle](oracle)       | 1.3.4  | CCM,CSI,Autoscaler | one region, many zones | ✓ | ✓ |
+| [Oracle](oracle)       | 1.3.4  | CCM,CSI,Autoscaler | one region, many zones | ✓ | ✓ | |
 | [Proxmox](proxmox)     | 1.7.6  | CCM,CSI            | one region, mny zones | ✓ | ✓ | ✓ |
-| [Scaleway](scaleway)   | 1.7.6  | CCM,CSI            | one region | ✓ | ✓ | |
+| [Scaleway](scaleway)   | 1.7.6  | CCM,CSI            | one region | ✓ | ✓ | ✓ |
 
 ## Known issues
 
 * Talos does not support upstream Oracle CSI, use my [fork](https://github.com/sergelogvinov/oci-cloud-controller-manager)
 
 ## Multi cloud compatibility
 
-CCM compatibility, which can work together:
+CCM controllers have different modes:
 * Talos CCM in mode: `cloud-node`
 * Other CCMs in mode: `cloud-node-lifecycle`
 
+CCM compatibility has been tested in multi-cloud setups, and in most cases, they work well together.
+
 |   | Azure | GCP | Hetzner | Openstack | Proxmox |
 |---|---|---|---|---|---|
 | Azure     | | ✓ | ✓ | ✓ | ✓ |
@@ -60,3 +80,10 @@ And I can disable conntrack too.
 * **coredns-local** (daemonsets) uses dummy interface on al nodes and has ip ```169.254.2.53```
 It decrease the dns response (all traffic does not leave the node).
 * **rancher.io/local-path** as default storage class.
+
+The common deployoment you can find in [_deployments](/_deployments/) folder.
+
+## References
+
+* [Talos](https://www.talos.dev/)
+* [Talos CCM](https://github.com/siderolabs/talos-cloud-controller-manager)

aws/README.md

@@ -0,0 +1,3 @@
+# AWS
+
+Status: **abandoned**

digitalocean/README.md

@@ -0,0 +1,3 @@
+# Digitalocean
+
+Status: **abandoned**

proxmox/deployments/talos-ccm.yaml

@@ -1,7 +1,8 @@
 
 image:
-  repository: ghcr.io/sergelogvinov/talos-cloud-controller-manager
-  tag: nodeipam
+  # repository: ghcr.io/sergelogvinov/talos-cloud-controller-manager
+  pullPolicy: Always
+  tag: edge
 
 service:
   containerPort: 50258
@@ -14,6 +15,7 @@ logVerbosityLevel: 4
 
 enabledControllers:
   - cloud-node
+  - node-csr-approval
   - node-ipam-controller
 
 extraArgs:

proxmox/variables.tf

@@ -38,7 +38,7 @@ variable "vpc_main_cidr" {
 variable "release" {
   type        = string
   description = "The version of the Talos image"
-  default     = "1.8.0"
+  default     = "1.7.6"
 }
 
 data "sops_file" "tfvars" {