Migration From Kubeadm+Ansible To ClusterAPI+Talos: A Swiss Bank's Journey

This conference talk explores the challenging migration of 35 Kubernetes clusters in an air-gapped environment with custom PKI infrastructure from a legacy Kubeadm+Ansible setup to ClusterAPI+Talos without downtime at PostFinance, a Swiss bank. Follow the complete journey from the initial legacy provisioning system through the migration path and tooling development. Discover solutions to complex challenges encountered along the way, including etcd quorum loss, kube-apiserver configuration matching, etcd encryption key mismatches, and more. Watch a live demonstration of the migration process and learn how the team manages their cluster fleet using ArgoCD, with insights on Talos configuration templating and ClusterAPI workload cluster visualization through ApplicationSets. The presentation concludes by addressing the critical chicken/egg bootstrapping problem of establishing the first ClusterAPI management clusters in such a restricted environment.