gracefull upgrades through terraform

[camaeel]

Currently there is no option to trigger talos upgrade through terraform provider. If I aplly new kubernetes version through talos resources all nodes get patched simultaneously. It would be great to have resources to upgrade both talos itself and kubernetes in a gracefull way one by one node (like talosctl upgrade and taloscyl upgrade-k8s does).

Another option could be, to have builtin upgrade controller in talos controllers.

[M4t7e]

IMHO, this is by far one of the most important functionalities missing in the Talos Terraform provider. To manage a Talos K8s cluster using only Terraform, we need a declarative and idempotent way to specify a target version. The lifecycle of a cluster should be considered more thoroughly. The Talos and Kubernetes versions also have be compatible with the additional components that may be needed, such as external CCM, CNI, CSI, etc. Talos introduces imperative change management here, which is undesirable in a Terraform environment. Therefore, I don't see any feasible way to conduct proper lifecycle management with this module.

[hegerdes]

As a workaround you can specify the parallelism Terrafrom Docs arg and setting it to 1 default is 10. So terraform will only do one resource at the time. When you pair this with the terraform time resource you can archive wait till the node is done.

Not pretty but bast we can do right now besides from gracefully replacing nodes

[perfectra1n]

Yeah, without a way to run talosctl upgrade when changing Talos versions or extensions via this provider is rough - it makes all the work done on this provider for naught. It is possible to first create the cluster using this provider, but being unable to upgrade the cluster through this provider is a huge bummer.