Closed andrewrynhard closed 2 years ago
It does do this for new clusters as a matter of course (it's not optional). Are you envisioning some kind of migration path for existing configs?
$ talosctl gen config alpha https://alpha.test.com:6443
generating PKI and tokens
created controlplane.yaml
created worker.yaml
created talosconfig
$ yq read controlplane.yaml 'cluster.id'
aDyxAIjAqT3xQn477suiKu0VrBDCiZYfu2I5y9bPLdY=
$ yq read controlplane.yaml 'cluster.secret'
6fRi1GLOoPYwhrskCOSSW7bSWiN1vFUe07vVHvCfVmQ=
$ yq read worker.yaml 'cluster.id'
aDyxAIjAqT3xQn477suiKu0VrBDCiZYfu2I5y9bPLdY=
$ yq read worker.yaml 'cluster.secret'
6fRi1GLOoPYwhrskCOSSW7bSWiN1vFUe07vVHvCfVmQ=
Oh... I see. You mean to generate the ID and secret discretely for insertion into existing configs. Like wg genkey
(which does exactly the same thing).
Something like this, perhaps?
$ talosctl gen clusterkey
Cluster ID: 8Ikkeyarw60jJ0boEM0cpZ+dhfGtb3AIk8ZjftDOd3I=
Cluster Secret: AG9LSRTy8UgFSDuHzT5/ClGB7LkY5ji3hwDlLjGqsX4=
We could do that.
We have it covered in 0.12 docs: https://www.talos.dev/docs/v0.12/guides/upgrading-talos/#machine-configuration-changes
It would be convenient if
talosctl gen
had the ability to generate the clusterid
andsecret
. It would make things like going from 0.12 to 0.13 easier, potentially useful for rotating.