Talos Commands¶
Common talosctl commands for debugging the Talos Linux cluster. Cluster lifecycle (config generation, apply, upgrade, reset) is handled by topf via the justfile recipes — talosctl complements it for read-only inspection and low-level operations.
Default Endpoint
Most commands default to the endpoint configured in ~/.talos/config. Set the default node/endpoint with:
Health Checks¶
Cluster Health¶
Check the overall health of the cluster, including etcd, kubelet, and API server status.
Target a specific node:
Node Dashboard¶
Open an interactive dashboard showing real-time CPU, memory, and service status for a node.
Member List¶
List all cluster members as seen by Talos.
JSON output (useful for scripting):
Service Management¶
List Services¶
Show the status of all Talos services on a node.
Service Logs¶
View logs for a specific Talos service (e.g., etcd, kubelet, apid, containerd).
# etcd logs
talosctl logs etcd --nodes 10.20.10.1
# kubelet logs
talosctl logs kubelet --nodes 10.20.10.1
# Follow logs in real time
talosctl logs etcd --nodes 10.20.10.1 -f
Service Status¶
Get detailed status for a specific service.
etcd Operations¶
Membership¶
List etcd cluster members and their status.
Etcd Status¶
Check etcd health and leadership.
Remove a Member¶
Remove a failed etcd member (use with caution).
Etcd Snapshot¶
Take a snapshot of the etcd database.
etcd Quorum
With a 3-node control plane, losing more than 1 etcd member will break quorum. Always verify etcd membership before performing maintenance.
Kubeconfig¶
Refresh Kubeconfig¶
Generate or refresh the kubeconfig file for kubectl access.
Write to a specific path:
VIP Address
Use the VIP address (10.20.10.0) for kubeconfig generation to ensure HA access to the API server.
Configuration Inspection¶
View Running Config¶
Inspect the current machine configuration running on a node.
Compare Configs¶
Diff the running config against the declared state (all nodes, redacted):
Or against a single rendered file (just render writes them to output/):
Version Information¶
Check the Talos version on a node.
Resource Inspection¶
Kernel Logs (dmesg)¶
View kernel messages from a node.
Follow kernel messages:
Process List¶
List running processes on a node.
Disk Usage¶
Check disk usage on a node.
Container Images¶
List all container images on a node.
Network Interfaces¶
Show network interfaces and addresses.
Routes¶
Show routing table.
Node Operations¶
Reboot¶
Reboot a node (with wait for it to come back).
Shutdown¶
Shut down a node.
Reset¶
Reset a node, wiping its state.
talosctl reset \
--system-labels-to-wipe=EPHEMERAL \
--system-labels-to-wipe=META \
--reboot \
--graceful=false \
--nodes 10.20.10.4
Upgrade¶
Upgrade Talos on a node to a new version.
talosctl upgrade \
--image factory.talos.dev/installer/<schematic-id>:v1.12.4 \
--nodes 10.20.10.1 \
--preserve \
--wait
Troubleshooting Commands¶
Check Pod CIDR and Service CIDR¶
Check Certificate Validity¶
Read Machine Config Patches¶
Check Time Sync¶
Useful Aliases¶
Consider adding these aliases to your shell configuration: