# Talosctl CLI Essentials This guide covers essential talosctl commands and usage patterns for effective Talos cluster administration. ## Command Structure and Context ### Basic Command Pattern ```bash talosctl [global-flags] [command-flags] [arguments] # Examples: talosctl -n get members talosctl --nodes , service kubelet talosctl -e -n upgrade --image ``` ### Global Flags - `-e, --endpoints`: API endpoints to connect to - `-n, --nodes`: Target nodes for commands (defaults to first endpoint if omitted) - `--talosconfig`: Path to Talos configuration file - `--context`: Configuration context to use ### Configuration Management ```bash # Use specific config file export TALOSCONFIG=/path/to/talosconfig # List available contexts talosctl config contexts # Switch context talosctl config context # View current config talosctl config info ``` ## Cluster Management Commands ### Bootstrap and Node Management ```bash # Bootstrap etcd cluster on first control plane node talosctl bootstrap --nodes # Apply machine configuration talosctl apply-config --nodes --file talosctl apply-config --nodes --file --mode reboot talosctl apply-config --nodes --file --dry-run # Reset node (wipe and reboot) talosctl reset --nodes talosctl reset --nodes --graceful=false --reboot # Reboot node talosctl reboot --nodes # Shutdown node talosctl shutdown --nodes ``` ### Configuration Patching ```bash # Patch machine configuration talosctl -n patch mc --mode=no-reboot -p '[{"op": "replace", "path": "/machine/logging/destinations/0/endpoint", "value": "tcp://new-endpoint:514"}]' # Patch with file talosctl -n patch mc --patch @patch.yaml --mode reboot # Edit machine config interactively talosctl -n edit mc --mode staged ``` ## System Information and Monitoring ### Node Status and Health ```bash # Cluster member information talosctl get members talosctl get affiliates talosctl get identities # Node health check talosctl -n health talosctl -n ,, health --control-plane-nodes ,, # System information talosctl -n version talosctl -n get machineconfig talosctl -n get machinetype ``` ### Resource Monitoring ```bash # CPU and memory usage talosctl -n cpu talosctl -n memory # Disk usage and information talosctl -n disks talosctl -n df # Network interfaces talosctl -n interfaces talosctl -n get addresses talosctl -n get routes # Process information talosctl -n processes talosctl -n cgroups --preset memory talosctl -n cgroups --preset cpu ``` ### Service Management ```bash # List all services talosctl -n services # Check specific service status talosctl -n service kubelet talosctl -n service containerd talosctl -n service etcd # Restart service talosctl -n service kubelet restart # Start/stop service talosctl -n service start talosctl -n service stop ``` ## Logging and Diagnostics ### Log Retrieval ```bash # Kernel logs talosctl -n dmesg talosctl -n dmesg -f # Follow mode talosctl -n dmesg --tail=100 # Service logs talosctl -n logs kubelet talosctl -n logs containerd talosctl -n logs etcd talosctl -n logs machined # Follow logs talosctl -n logs kubelet -f ``` ### System Events ```bash # Monitor system events talosctl -n events talosctl -n events --tail # Filter events talosctl -n events --since=1h talosctl -n events --grep=error ``` ## File System and Container Operations ### File Operations ```bash # List files/directories talosctl -n list /var/log talosctl -n list /etc/kubernetes # Copy files to/from node talosctl -n copy /local/file /remote/path talosctl -n cp /var/log/containers/app.log ./app.log # Read file contents talosctl -n read /etc/resolv.conf talosctl -n cat /var/log/audit/audit.log ``` ### Container Operations ```bash # List containers talosctl -n containers talosctl -n containers -k # Kubernetes containers # Container logs talosctl -n logs --kubernetes # Execute in container talosctl -n exec --kubernetes -- ``` ## Kubernetes Integration ### Kubernetes Cluster Operations ```bash # Get kubeconfig talosctl kubeconfig talosctl kubeconfig --nodes talosctl kubeconfig --force --nodes # Bootstrap manifests talosctl -n get manifests talosctl -n get manifests -o yaml | yq eval-all '.spec | .[] | splitDoc' - > manifests.yaml # Upgrade Kubernetes talosctl --nodes upgrade-k8s --to v1.34.1 talosctl --nodes upgrade-k8s --to v1.34.1 --dry-run ``` ### Resource Inspection ```bash # Control plane component configs talosctl -n get apiserverconfig -o yaml talosctl -n get controllermanagerconfig -o yaml talosctl -n get schedulerconfig -o yaml # etcd configuration talosctl -n get etcdconfig -o yaml ``` ## etcd Management ### etcd Operations ```bash # etcd cluster status talosctl -n ,, etcd status # etcd members talosctl -n etcd members # etcd snapshots talosctl -n etcd snapshot db.snapshot # etcd maintenance talosctl -n etcd defrag talosctl -n etcd alarm list talosctl -n etcd alarm disarm # Leadership management talosctl -n etcd forfeit-leadership ``` ### Disaster Recovery ```bash # Bootstrap from snapshot talosctl -n bootstrap --recover-from=./db.snapshot talosctl -n bootstrap --recover-from=./db.snapshot --recover-skip-hash-check ``` ## Upgrade and Maintenance ### OS Upgrades ```bash # Upgrade Talos OS talosctl upgrade --nodes --image ghcr.io/siderolabs/installer:v1.11.x talosctl upgrade --nodes --image ghcr.io/siderolabs/installer:v1.11.x --stage # Monitor upgrade progress talosctl upgrade --nodes --image --wait talosctl upgrade --nodes --image --wait --debug # Rollback talosctl rollback --nodes ``` ## Resource System Commands ### Resource Management ```bash # List resource types talosctl get rd # Get specific resources talosctl get talosctl get -o yaml talosctl get --namespace= # Watch resources talosctl get --watch # Common resource types talosctl get machineconfig talosctl get members talosctl get services talosctl get networkconfig talosctl get secrets ``` ## Local Development ### Local Cluster Management ```bash # Create local cluster talosctl cluster create talosctl cluster create --controlplanes 3 --workers 2 # Destroy local cluster talosctl cluster destroy # Show local cluster status talosctl cluster show ``` ## Advanced Usage Patterns ### Multi-Node Operations ```bash # Run command on multiple nodes talosctl -e -n ,, # Different endpoint and target nodes talosctl -e -n , ``` ### Output Formatting ```bash # JSON output talosctl -n get members -o json # YAML output talosctl -n get machineconfig -o yaml # Table output (default) talosctl -n get members -o table # Custom column output talosctl -n get members -o columns=HOSTNAME,MACHINE\ TYPE,OS ``` ### Filtering and Selection ```bash # Filter resources talosctl get members --search talosctl get services --search kubelet # Namespace filtering talosctl get secrets --namespace=secrets talosctl get affiliates --namespace=cluster-raw ``` ## Common Command Workflows ### Initial Cluster Setup ```bash # 1. Generate configurations talosctl gen config cluster-name https://cluster-endpoint:6443 # 2. Apply to nodes talosctl apply-config --nodes --file controlplane.yaml talosctl apply-config --nodes --file worker.yaml # 3. Bootstrap cluster talosctl bootstrap --nodes # 4. Get kubeconfig talosctl kubeconfig --nodes ``` ### Cluster Health Check ```bash # Check all aspects of cluster health talosctl -n ,, health --control-plane-nodes ,, talosctl -n ,, etcd status talosctl -n ,, service kubelet kubectl get nodes kubectl get pods --all-namespaces ``` ### Node Troubleshooting ```bash # System diagnostics talosctl -n dmesg | tail -100 talosctl -n services | grep -v Running talosctl -n logs kubelet | tail -50 talosctl -n events --since=1h # Resource usage talosctl -n memory talosctl -n df talosctl -n processes | head -20 ``` This CLI reference provides the essential commands and patterns needed for day-to-day Talos cluster administration and troubleshooting.