How to Update a Talos Kubernetes Cluster with Terraform?

In my experience, Terraform is best used for infrastructure setup. It can become cumbersome for tasks like upgrades which might be better handled manually. Some coworkers insist everything needs to be Terraform-managed, which can be frustrating in practice.

It's wise to use talosctl for updates because it performs checks that the Terraform provider likely skips. After utilizing talosctl, update your Terraform configurations accordingly.

Is there a method to import manual changes back into the Terraform state file? I'm facing issues with refactoring Terraform code, especially when moving portions into modules, which ends up causing drift in states. Any tips would be appreciated!

Here's the documentation link that I found for Talos upgrading, it might clarify things for you: https://docs.siderolabs.com/talos/v1.8/configure-your-talos-cluster/lifecycle-management/upgrading-talos

Make sure to adhere to the specified upgrade paths outlined in the documentation. For example, if you're upgrading from version 1.0.0 to 1.2.4, you'd typically follow this sequence:
- Upgrade from 1.0 to the latest patch of 1.0 (e.g., to v1.0.6)
- Then go from v1.0.6 to the latest patch of 1.1 (like v1.1.2)
- Finally, upgrade from v1.1.2 to v1.2.4.
This method ensures you're upgrading smoothly and safely.

You shouldn't update Kubernetes separately from Talos; they upgrade together since Talos manages components like kubelet and control plane as a single unit. Using Terraform directly for the upgrade isn't ideal because it tries to enforce image state, which could lead to recreating nodes rather than performing a rolling upgrade. Here's a recommended upgrade flow:
1. Update your Talos MachineConfig for the new Talos image.
2. Use talosctl upgrade to progress the new version rollout onto control plane nodes.
3. Once those are healthy, repeat for worker nodes.
4. Validate cluster stability afterward before adjusting the Talos version in your Terraform files.