EAC RCIIS: ICT Infrastructure & Hosting Documentation¶
Deployment Phases¶
Follow these phases in order to stand up a new environment from scratch.
-
1. Plan
Choose your deployment model, size the cluster, and define network and security requirements.
-
2. Prepare
Install tooling, configure IaC parameters, set up access credentials, and prepare hardware.
-
3. Build
Provision compute, networking, load balancers, storage, and encryption using Formae modules.
-
4. Install Talos
Apply machine configurations, boot Talos Linux, and bootstrap the Kubernetes cluster.
-
5. Cloudflare ---
Configure DNS zones, WAF rules, tunnels, and TLS certificates.
-
6. Validate ---
Run connectivity tests, security audits, backup tests, and complete the handover checklist.
-
7. Day-2 Operations ---
Talos upgrades, certificate rotation, backup procedures, scaling, and incident response.
Deployment Models¶
This manual covers multiple deployment targets. Each page uses tab groups so you can switch between environments:
| Model | Status | Description |
|---|---|---|
| AWS | Available | EC2 instances provisioned via Formae (Pkl-based IaC) |
| Bare Metal | Planned | Physical servers with direct Talos installation |
| Proxmox VMs | Planned | Virtual machines on Proxmox VE hypervisor |
Quick Links¶
| Task | Page |
|---|---|
| Install Formae, Pkl, AWS CLI, talosctl | Install Tooling |
| Configure VPC, subnets, NAT gateways | Network Fabric |
| Build and register a Talos AMI | Provision Compute |
| Configure security groups and port rules | Firewall Rules |
| Set up NLB for K8s and Talos API | Load Balancing |
| EBS volumes and encryption | Storage · Encryption |