Skip to content

Latest commit

 

History

History
151 lines (133 loc) · 5.66 KB

README.md

File metadata and controls

151 lines (133 loc) · 5.66 KB

😎 Lab Joel 😎

This repo configures my Kubernetes HomeLab. I use this for learning but also to host some functional services on my home network.

All apps are deployed/configured via GitOps using ArgoCD.

💻 Hardware

The cluster is running HA k3s with all nodes being both a master and a worker node.

🟢 3x Nodes 🟢

  • Model: Lenovo Thinkcentre M900 Tiny
  • CPU: Intel i5-6500T
  • RAM: 32GB DDR4
  • Storage: 256GB SSDs
  • OS: Debian 12

🚀 Installed Apps & Tools

Apps

End User Applications

Logo Name Description
Falco Container runtime security monitoring and alerting.
Home Assistant Smart home integrations and automations.
Home Page Home landing page for all apps and services.
TeslaMate A powerful, self-hosted data logger for your Tesla.

System

Applications/services core to the cluster

Logo Name Description
ArgoCD Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
Authentik Used for SSO and other auth workflows.
cert-manager X.509 certificate management for Kubernetes.
Cloudflare Zero Trust Used for private tunnels to expose public services (without requiring a public IP).
Grafana The open observability platform.
Longhorn Cloud native distributed block storage for Kubernetes.
Prometheus An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach.
Renovate Automated dependency updates.
Traefik Used as the Kubernetes ingress controller/reverse proxy.
Sealed Secrets A Kubernetes controller and tool for one-way encrypted Secrets.

Tools

Tools used for managing the cluster

Logo Name Description
Ansible An automation platform for bootstrapping the physical nodes.
k3s A lightweight Kubernetes distribution.

📷 Demo/Images

Home Page

Home Page

⚙️ Bootstrapping Steps

Deploy ArgoCD to the Kubernetes Cluster

cd system & make bootstrap

Note

ArgoCD needs setup first so all other apps and tools can be deployed

✔️ TODO

  • Setup federated identity for apps
  • Setup cloudflare tunnel for public access
  • Setup Falco for runtime security