{"id":13374505,"url":"https://github.com/xunholy/k8s-gitops","last_synced_at":"2025-05-15T12:03:46.673Z","repository":{"id":36960367,"uuid":"229538948","full_name":"xunholy/k8s-gitops","owner":"xunholy","description":"Kubernetes cluster powered by GitOps with FluxCD- Unified source of truth, automated workflows, declarative infrastructure, and cutting-edge DevOps practices.","archived":false,"fork":false,"pushed_at":"2025-05-13T07:08:17.000Z","size":24518,"stargazers_count":552,"open_issues_count":17,"forks_count":32,"subscribers_count":8,"default_branch":"main","last_synced_at":"2025-05-13T08:23:34.472Z","etag":null,"topics":["flux","gitops","k8s-at-home","kubernetes","linux","renovate","terraform"],"latest_commit_sha":null,"homepage":"https://xunholy.github.io/k8s-gitops/","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/xunholy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["xUnholy"]}},"created_at":"2019-12-22T08:27:33.000Z","updated_at":"2025-05-13T07:04:55.000Z","dependencies_parsed_at":"2023-09-22T23:05:27.354Z","dependency_job_id":"806a7f13-d150-4615-a14d-b95b26703870","html_url":"https://github.com/xunholy/k8s-gitops","commit_stats":{"total_commits":4609,"total_committers":30,"mean_commits":"153.63333333333333","dds":0.5890648730744197,"last_synced_commit":"ff79b9dc0e0890a94b3baf9e3ad420ffbf615b43"},"previous_names":[],"tags_count":72,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xunholy%2Fk8s-gitops","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xunholy%2Fk8s-gitops/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xunholy%2Fk8s-gitops/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xunholy%2Fk8s-gitops/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/xunholy","download_url":"https://codeload.github.com/xunholy/k8s-gitops/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254337612,"owners_count":22054253,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["flux","gitops","k8s-at-home","kubernetes","linux","renovate","terraform"],"created_at":"2024-07-30T05:00:58.952Z","updated_at":"2025-05-15T12:03:41.656Z","avatar_url":"https://github.com/xunholy.png","language":"Shell","readme":"\u003cdiv align=\"center\"\u003e\n\n\u003cimg src=\"./docs/assets/banner.png\" alt=\"Raspbernetes\"\u003e\n\nMy _Personal_ Homelab Repository\n\n_... managed with Flux, Renovate and GitHub Actions_\n\n\u003c/div\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n[![Discord](https://img.shields.io/discord/673534664354430999?style=for-the-badge\u0026label=discord\u0026logo=discord\u0026logoColor=white\u0026color=blue)](https://discord.gg/home-operations)\u0026nbsp;\u0026nbsp;\n[![Kubernetes](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.raspbernetes.com%2Fkubernetes_version\u0026style=for-the-badge\u0026logo=kubernetes\u0026logoColor=white\u0026color=blue)](https://kubernetes.io/)\u0026nbsp;\u0026nbsp;\n[![Talos](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.raspbernetes.com%2Ftalos_version\u0026style=for-the-badge\u0026logo=talos\u0026logoColor=white\u0026color=blue)](https://talos.dev)\u0026nbsp;\u0026nbsp;\n[![FluxCD](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.raspbernetes.com%2Fflux_version\u0026style=for-the-badge\u0026logo=flux\u0026logoColor=white\u0026color=blue)](https://fluxcd.io/)\u0026nbsp;\u0026nbsp;\n\n\u003c/div\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n[![Age-Days](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.raspbernetes.com%2Fcluster_age_days\u0026style=flat-square\u0026label=Age)](https://github.com/kashalls/kromgo)\u0026nbsp;\u0026nbsp;\n[![Uptime-Days](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.raspbernetes.com%2Fcluster_uptime_days\u0026style=flat-square\u0026label=Uptime)](https://github.com/kashalls/kromgo)\u0026nbsp;\u0026nbsp;\n[![Node-Count](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.raspbernetes.com%2Fcluster_node_count\u0026style=flat-square\u0026label=Nodes)](https://github.com/kashalls/kromgo)\u0026nbsp;\u0026nbsp;\n[![Pod-Count](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.raspbernetes.com%2Fcluster_pod_count\u0026style=flat-square\u0026label=Pods)](https://github.com/kashalls/kromgo)\u0026nbsp;\u0026nbsp;\n[![CPU-Usage](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.raspbernetes.com%2Fcluster_cpu_usage\u0026style=flat-square\u0026label=CPU)](https://github.com/kashalls/kromgo)\u0026nbsp;\u0026nbsp;\n[![Memory-Usage](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.raspbernetes.com%2Fcluster_memory_usage\u0026style=flat-square\u0026label=Memory)](https://github.com/kashalls/kromgo)\u0026nbsp;\u0026nbsp;\n\n\u003c/div\u003e\n\n# 🍼 Overview\n\nThis educational project is designed to provide a hands-on learning experience for mastering Kubernetes cluster configurations and best practices. The repository showcases a declarative implementation of a Kubernetes cluster, following GitOps principles that can be utilized with a variety of tools and workflows.\n\nThe main goal of this project is to demonstrate best practices for implementing enterprise-grade security, observability, and comprehensive cluster configuration management using GitOps in a Kubernetes environment, while fostering learning and growth in the Kubernetes community.\n\nThis repository leverages a range of cutting-edge open-source tools and platforms, forming a comprehensive technology stack that demonstrates the power of the [CNCF ecosystem](https://landscape.cncf.io/).\n\n## 📖 Table of contents\n\n- [🍼 Overview](#-overview)\n - [📖 Table of contents](#-table-of-contents)\n - [🔧 Hardware](#-hardware)\n - [☁️ Cloud Services](#️-cloud-services)\n - [🖥️ Technology Stack](#️-technology-stack)\n - [🤖 Automation](#-automation)\n - [🤝 Acknowledgments](#-acknowledgments)\n - [👥 Contributing](#-contributing)\n - [🚫 Code of Conduct](#-code-of-conduct)\n - [💡 Reporting Issues and Requesting Features](#-reporting-issues-and-requesting-features)\n - [📄 License](#-license)\n\n## 🔧 Hardware\n\n| Device | Description | Quantity | CPU | RAM | Architecture | Operating System | Notes |\n| -------------------------------------------------------------------------------------- | ------------------------ | -------- | ------- | -------- | ------------ | ------------------------------------- | ----- |\n| [Protectli FW6E](https://protectli.com/product/fw6e/) | Router | 1 | 4 Cores | 16GB RAM | AMD64 | [VyOs](https://vyos.io/) | |\n| [Protectli VP2410](https://protectli.com/product/vp2410/) | Kubernetes Control Plane | 3 | 4 Cores | 8GB RAM | AMD64 | [Talos Linux](https://www.talos.dev/) | |\n| [Protectli FW2B](https://protectli.com/product/fw2b/) | Kubernetes Node(s) | 3 | 2 Cores | 8GB RAM | AMD64 | [Talos Linux](https://www.talos.dev/) | |\n| [Raspberry Pi 4 Model B](https://www.raspberrypi.org/products/raspberry-pi-4-model-b/) | Kubernetes Node(s) | 4 | 4 Cores | 8GB RAM | ARM64 | [Talos Linux](https://www.talos.dev/) | Decommisioned |\n| [Rock Pi 4 Model C](https://rockpi.org/rockpi4#) | Kubernetes Node(s) | 6 | 4 Cores | 4GB RAM | ARM64 | [Talos Linux](https://www.talos.dev/) | Decommisioned |\n\n## ☁️ Cloud Services\n\nAlthough I manage most of my infrastructure and workloads on my own, there are specific components of my setup that rely on cloud services.\n\n| Service | Description | Cost (AUD) |\n| ----------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------- | -------------- |\n| [Cloudflare](https://www.cloudflare.com/) | I use Cloudflare in my home network for DNS management and to secure my domain with Cloudflare's services. | ~$69/yr |\n| [GCP](https://cloud.google.com/) | I use Google Cloud Platform (GCP) to manage backups using Google Cloud Storage (GCS) and employ GCP's OAuth for authentication. | ~20/mo |\n| [GitHub](https://github.com/) | I use GitHub for code management and version control, enabling seamless collaboration in addition to OAuth for authentication | Free |\n| [NextDNS](https://nextdns.io/) | I use NextDNS for malware protection and ad-blocking for a safer browsing experience. | ~$30/yr |\n| [UptimeRobot](https://uptimerobot.com/) | I use UptimeRobot to monitor my home services for uninterrupted performance. | ~$84/yr |\n| [Lets Encrypt](https://letsencrypt.org/) | I use Let's Encrypt to generate certificates for secure communication within my network. | Free |\n| | | Total: ~$35/mo |\n\n## 🖥️ Technology Stack\n\nThe below showcases the collection of open-source solutions currently implemented in the cluster. Each of these components has been meticulously documented, and their deployment is managed using FluxCD, which adheres to GitOps principles.\n\nThe Cloud Native Computing Foundation (CNCF) has played a crucial role in the development and popularization of many of these tools, driving the adoption of cloud-native technologies and enabling projects like this one to thrive.\n\n| | Name | Description |\n| --------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------ |-------------------------------------------------------------------------------------------------------------------------------|\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/kubernetes/icon/color/kubernetes-icon-color.svg\"\u003e | [Kubernetes](https://kubernetes.io/) | An open-source system for automating deployment, scaling, and management of containerized applications |\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/flux/icon/color/flux-icon-color.svg\"\u003e | [FluxCD](https://fluxcd.io/) | GitOps tool for deploying applications to Kubernetes |\n| \u003cimg width=\"32\" src=\"https://www.talos.dev/images/logo.svg\"\u003e | [Talos Linux](https://www.talos.dev/) | Talos Linux is Linux designed for Kubernetes |\n| \u003cimg width=\"62\" src=\"https://github.com/cncf/artwork/raw/main/projects/cilium/icon/color/cilium_icon-color.svg\"\u003e | [Cilium](https://cilium.io/) | Cilium is an open source, cloud native solution for providing, securing, and observing network connectivity between workloads |\n| \u003cimg width=\"62\" src=\"https://github.com/cncf/artwork/raw/main/projects/istio/icon/color/istio-icon-color.svg\"\u003e | [Istio](https://istio.io/) | Istio extends Kubernetes to establish a programmable, application-aware network using the powerful Envoy service proxy. |\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/containerd/icon/color/containerd-icon-color.svg\"\u003e | [containerd](https://containerd.io/) | Container runtime integrated with Talos Linux |\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/coredns/icon/color/coredns-icon-color.svg\"\u003e | [CoreDNS](https://coredns.io/) | A DNS server that operates via chained plugins |\n| \u003cimg width=\"32\" src=\"https://metallb.universe.tf/images/logo/metallb-blue.png\"\u003e | [MetalLB](https://metallb.universe.tf/) | Load-balancer implementation for bare metal Kubernetes clusters, using standard routing protocols. |\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/prometheus/icon/color/prometheus-icon-color.svg\"\u003e | [Prometheus](https://prometheus.io) | Monitoring system and time series database |\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/jaeger/icon/color/jaeger-icon-color.svg\"\u003e | [Jaeger](https://jaegertracing.io) | Open-source, end-to-end distributed tracing for monitoring and troubleshooting transactions in complex distributed systems |\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/helm/icon/color/helm-icon-color.svg\"\u003e | [Helm](https://helm.sh) | The Kubernetes package manager |\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/falco/icon/color/falco-icon-color.svg\"\u003e | [Falco](https://falco.org) | Container-native runtime security |\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/flux/flagger/icon/color/flagger-icon-color.svg\"\u003e | [Flagger](https://flagger.app/) | Progressive delivery Kubernetes operator (Canary, A/B Testing and Blue/Green deployments) |\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/opa/icon/color/opa-icon-color.svg\"\u003e | [Open Policy Agent](https://openpolicyagent.org) | An open-source, general-purpose policy engine |\n| \u003cimg width=\"52\" src=\"https://github.com/cncf/artwork/raw/main/projects/kyverno/icon/color/kyverno-icon-color.svg\"\u003e | [Kyverno](https://kyverno.io/) | Kubernetes Native Policy Management |\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/dex/icon/color/dex-icon-color.svg\"\u003e | [Dex](https://github.com/dexidp/dex) | An identity service that uses OpenID Connect to drive authentication for other apps |\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/crossplane/icon/color/crossplane-icon-color.svg\"\u003e | [Crossplane](https://crossplane.io/) | Manage any infrastructure your application needs directly from Kubernetes |\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/litmus/icon/color/litmus-icon-color.svg\"\u003e | [Litmus](https://litmuschaos.io) | Chaos engineering for your Kubernetes |\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/openebs/icon/color/openebs-icon-color.svg\"\u003e | [OpenEBS](https://openebs.io) | Container-attached storage |\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/opentelemetry/icon/color/opentelemetry-icon-color.svg\"\u003e | [OpenTelemetry](https://opentelemetry.io) | Making robust, portable telemetry a built in feature of cloud-native software. |\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/thanos/icon/color/thanos-icon-color.svg\"\u003e | [Thanos](https://thanos.io) | Highly available Prometheus setup with long-term storage capabilities |\n| \u003cimg width=\"32\" src=\"https://github.com/cncf/artwork/raw/main/projects/cert-manager/icon/color/cert-manager-icon-color.svg\"\u003e | [Cert Manager](https://cert-manager.io/) | X.509 certificate management for Kubernetes |\n| \u003cimg width=\"32\" src=\"https://grafana.com/static/img/menu/grafana2.svg\"\u003e | [Grafana](https://grafana.com) | Analytics \u0026 monitoring solution for every database. |\n| \u003cimg width=\"32\" src=\"https://github.com/grafana/loki/blob/main/docs/sources/logo.png?raw=true\"\u003e | [Loki](https://grafana.com/oss/loki/) | Horizontally-scalable, highly-available, multi-tenant log aggregation system |\n| \u003cimg width=\"62\" src=\"https://velero.io/img/Velero.svg\"\u003e | [Velero](https://velero.io/) | Backup and restore, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes. |\n\n## 🤖 Automation\n\nThis repository is automatically managed by [Renovate](https://renovatebot.com/). Renovate will keep all of the container images within this repository up to date automatically. It can also be configured to keep Helm chart dependencies up to date as well.\n\n## 🤝 Acknowledgments\n\nA special thank you to everyone in the [Home Operation Discord](https://discord.com/invite/home-operations) community for their valuable contributions and time. Much of the inspiration for my cluster comes from fellow enthusiasts who have shared their own clusters under the k8s-at-home GitHub topic.\n\nAlso I extend heartfelt thanks to all CNCF contributors for their dedication and expertise, as their collective efforts have been vital in driving innovation and success within the cloud-native ecosystem.\n\nFor more ideas on deploying applications or discovering new possibilities, be sure to explore the [kubesearch.dev](https://kubesearch.dev/) search.\n\n## 👥 Contributing\n\nOur project welcomes contributions from any member of our community. To get started contributing, please see our [Contributor Guide](.github/CONTRIBUTING.md).\n\n### 🚫 Code of Conduct\n\nBy participating in this project, you are expected to uphold the project's [**Code of Conduct**](.github/CODE_OF_CONDUCT.md). Please report any unacceptable behavior to the repository maintainer.\n\n### 💡 Reporting Issues and Requesting Features\n\nIf you encounter any issues or would like to request new features, please create an issue on the repository's issue tracker. When reporting issues, include as much information as possible, such as error messages, logs, and steps to reproduce the issue.\n\nThank you for your interest in contributing to this project! Your contributions help make it better for everyone.\n\n## 📄 License\n\nThis repository is [Apache 2.0 licensed](./LICENSE)\n","funding_links":["https://github.com/sponsors/xUnholy"],"categories":["HCL","Shell","kubernetes","PHP"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxunholy%2Fk8s-gitops","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fxunholy%2Fk8s-gitops","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxunholy%2Fk8s-gitops/lists"}