Talm, a configuration manager for Talos Linux, released by The Cozystack project

Developers of a free PaaS platform Cozystack prepared a project Talmdesigned to simplify the configuration of bare-metal servers for Talos Linux, an operating system for running Kubernetes that has a Kubernetes-like API and is configured with a single Yaml manifest. Although Talm was created to describe a declarative installation of Cozystack, it is not specific to that platform and can be used to manage any Talos Linux configuration. The project is developed under the MPL license.

The need to develop another configuration manager for Talos Linux is due to the focus on bare-metal servers. The developers sought to create the simplest interface, similar to Helm and kubectl, utilities familiar to Kubernetes administrators.


Due to the fact that each physical server has a different configuration (MAC addresses, interfaces and disks), it is necessary to have a separate configuration file for each node. We need a simple manager that would allow us to generate such configuration files based on the collected information and update them declaratively.

For this purpose, dynamic generation of configuration files according to a given template is used. There are ready-made presets “generic” and “cozystack”. Talm is able to collect information from the Talos API at the generation stage and use it for the resulting configurations. These configuration files contain no secrets, only changes, allowing them to be conveniently stored in Git and managed declaratively.

For the most part, Talm follows the structure of Helm, using the concept of a chart, which describes templates for generating configurations. Supports Helm-like lookup functions to query the Talos API directly and collect additional metadata to generate configuration files using “go templates” and the library sprig.



 talm template -t templates/controlplane.yaml -e -n › nodes/srv1.yaml

Polls the node “” via the API, generates a new configuration file for it from the template, substituting the necessary data. The resulting configuration file can be immediately applied with just one command:

 talm apply -f nodes/srv1.yaml

Also, in each such configuration file, Talm installs its own modeline, in which it remembers the node’s endpoints and the templates from which it was obtained, so that they can be conveniently used and updated without specifying additional options. Talm supports all the same commands as the upstream talosctl utility, but allows you to pass the node configuration file to them, for example:

 talm dashboard -f nodes/srv1.yaml -f nodes/srv2.yaml -f nodes/srv3.yaml

will display an interactive dashboard for all three nodes. And the command:

 talm get routes -f nodes/srv1.yaml

will display a list of routes on node “srv1”

If necessary, configuration files can be uploaded with the “–full” option to a separate PXE server, which allows nodes to download them automatically. Thus, Talm preserves the variability of bare-metal servers, providing convenient management in accordance with GitOps best practices.

Thanks for reading: