talosctl

Apply a config to a fresh node

$ talosctl apply-config [[-i|--insecture]] [[-n|--nodes]] [control_plane_ip] [[-f|--file]] [path/to/control_plane.yaml]

$ talosctl bootstrap [[-n|--nodes]] [node_ip]

$ talosctl edit [resource_to_edit] [[-n|--nodes]] [node_ip]

$ talosctl get [resource_to_get] [[-n|--nodes]] [node_ip]

$ talosctl kubeconfig [[-n|--nodes]] [node_ip]

$ talosctl reset [[-n|--nodes]] [node_ip]

talosctl [global-options] command [command-options] [arguments]

--config
    Specifies the path to a configuration file, often used for commands like gen config.

--context
    Defines the cluster context from the talosconfig to use for the command.

--endpoints [,...]
    Overrides the API endpoints to connect to the Talos API. Can specify multiple endpoints.

-h, --help
    Displays help information for talosctl or a specific subcommand.

--insecure
    Allows insecure connections to the Talos API (use with caution in production).

--log-level
    Sets the logging level (e.g., 'debug', 'info', 'warn', 'error').

--nodes [,...]
    Specifies target nodes by IP address to execute the command on. Useful for node-specific operations.

--output
    Sets the output format (e.g., 'json', 'yaml', 'text', 'short').

--server
    Specifies a single Talos API endpoint to connect to.

--talosconfig
    Specifies the path to the talosconfig file (default: ~/.talos/config).

--timeout
    Sets a timeout for the operation (e.g., '5m', '30s').

--wait
    Causes the command to wait for an operation to complete before exiting.

talosctl is the primary command-line interface for interacting with Talos Linux clusters.
It serves multiple critical functions, including generating Talos configuration files, provisioning new machines, and performing lifecycle management operations on a running Talos cluster.
It provides powerful capabilities to inspect cluster state, apply configurations, manage machine certificates, and troubleshoot nodes.
Many of its subcommands mirror functionalities often found in kubectl, allowing users to query Kubernetes resources directly through the Talos API, even when the Kubernetes control plane is not yet fully operational.
talosctl is an indispensable tool for anyone deploying, managing, or debugging a Talos Linux environment, offering a unified interface for both initial setup and ongoing operations.

Using --insecure flag is highly discouraged in production environments as it bypasses TLS certificate validation, making communication vulnerable to man-in-the-middle attacks.
Many commands require appropriate API access and permissions configured within the talosconfig file.
Due to its direct interaction with the Talos OS, misuse of powerful commands (e.g., reset, bootstrap) can lead to data loss or cluster instability.
Understanding the underlying Talos Linux architecture and Kubernetes concepts is crucial for effective use.

talosctl organizes its functionality through a rich set of subcommands, each designed for specific tasks.
Common subcommands include:
gen (for generating configurations and certificates),
bootstrap (for initializing a control plane),
apply (for applying new configurations),
read (for reading files from nodes),
containers (for managing host containers),
logs (for fetching logs),
events (for cluster events),
version (for displaying Talos version),
health (for checking cluster health),
reset (for resetting nodes), and many others for interacting with Kubernetes resources directly.

The talosconfig file (typically at ~/.talos/config) is central to talosctl's operation.
It stores information about registered Talos clusters, including API endpoints, authentication credentials (client certificates and keys), and contexts.
This file allows users to manage multiple Talos clusters and switch between them easily without repeatedly specifying connection details.

talosctl was developed as an integral part of the Talos Linux project by Sidero Labs (formerly Talos Systems). It emerged from the need for a robust, secure, and unified command-line tool to manage the minimal, immutable Talos operating system, specifically designed for running Kubernetes.
Its development has been closely tied to the evolution of Talos Linux, providing users with a comprehensive interface for tasks ranging from initial cluster provisioning and configuration generation to advanced troubleshooting and lifecycle management of Kubernetes infrastructure.

kubectl(1), helm(1), docker(1)