Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/JefeDavis/k8s-HomeOps

fluxcd k8s-at-home talos

Last synced: about 2 months ago
JSON representation

Host: GitHub
URL: https://github.com/JefeDavis/k8s-HomeOps
Owner: JefeDavis
License: mit
Created: 2022-09-24T01:17:11.000Z (about 2 years ago)
Default Branch: main
Last Pushed: 2024-04-14T08:12:06.000Z (5 months ago)
Last Synced: 2024-04-14T08:45:01.747Z (5 months ago)
Topics: fluxcd, k8s-at-home, talos
Language: CSS
Homepage:
Size: 2.29 MB
Stars: 3
Watchers: 1
Forks: 2
Open Issues: 19
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # k8s-HomeOps

### Core Components

- [actions-runner-controller](https://github.com/actions/actions-runner-controller): Self-hosted Github runners.

- [cert-manager](https://cert-manager.io/docs/): Creates SSL certificates for services in my Kubernetes cluster.

- [external-dns](https://github.com/kubernetes-sigs/external-dns): Automatically manages DNS records for my cluster.

- [metallb](https://metallb.universe.tf/): Bare-Metal Load-balancer

implementation.

- [ingress-nginx](https://github.com/kubernetes/ingress-nginx/): Ingress controller to expose HTTP traffic to pods over DNS.

- [synology-csi](https://github.com/SynologyOpenSource/synology-csi): The official Container Storage Interface driver for Synology NAS.

- [sops](https://toolkit.fluxcd.io/guides/mozilla-sops/): Managed secrets for Kubernetes, Ansible and Terraform which are commited to Git.

- [tf-controller](https://github.com/weaveworks/tf-controller): Additional Flux component used to run Terraform from within a Kubernetes cluster.

- [volsync](https://github.com/backube/volsync) and [snapscheduler](https://github.com/backube/snapscheduler): Backup and recovery of persistent volume claims.

- [system-upgrade-controller](https://github.com/rancher/system-upgrade-controller) Automatically updates kubernetes based off of a plan.

### GitOps

[Flux](https://github.com/fluxcd/flux2) watches my [kubernetes](./kubernetes/) folder (see Directories below) and makes the changes to my cluster based on the YAML manifests.

The way Flux works for me here is it will recursively search the [kubernetes/apps](./kubernetes/apps) folder until it finds the most top level `kustomization.yaml` per directory and then apply all the resources listed in it. That aforementioned `kustomization.yaml` will generally only have a namespace resource and one or many Flux kustomizations. Those Flux kustomizations will generally have a `HelmRelease` or other resources related to the application underneath it which will be applied.

[Renovate](https://github.com/renovatebot/renovate) watches my **entire** repository looking for dependency updates, when they are found a PR is automatically created. When some PRs are merged [Flux](https://github.com/fluxcd/flux2) applies the changes to my cluster.

### Directories

This Git repository contains the following directories under [kubernetes](./kubernetes/).

```sh

📁 k8s-home-ops

├── 📁 kubernetes                 # kubernetes configurations

│   ├── 📁 apps                   # applications

│   │   └─ 📁 network             # namespace folder

│   │      └─ 📁 cert-manager     # application folder

│   ├── 📁 bootstrap              # bootstrap procedures

│   ├── 📁 flux                   # core flux configuration

│   └── 📁 templates              # re-useable components

└── 📁 infrastructure             # infrastructure configuration

```

### Cluster layout

Below is a a high level look at the layout of how my directory structure with Flux works. In this brief example you are able to see that `authentik` will not be able to run until `cloudnative-pg` is ready, which itself requires `rook-ceph-cluster` to be ready

```mermaid

flowchart TD

  id01>Kustomization: cluster] ==>|Creates| id02>Kustomization: cluster-apps]

  id02 ==>|Creates| id06>Kustomization: cluster-apps-rook-ceph]

  id02 ==>|Creates| id07>Kustomization: cluster-apps-rook-ceph-cluster]

  id02 ==>|Creates| id08>Kustomization: cluster-apps-cloudnative-pg]

  id02 ==>|Creates| id09>Kustomization: cluster-apps-authentik-database]

  id02 ==>|Creates| id10>Kustomization: cluster-apps-authentik]

  id06 ==>|Creates| id11(HelmRelease: rook-ceph-operator)

  id07 -.->|Depends on| id06

  id07 ==>|Creates| id12(HelmRelease: rook-ceph-cluster)

  id08 -.->|Depends on| id07

  id08 ==>|Creates| id13(HelmRelease: cloudnative-pg)

  id09 -.->|Depends on| id08

  id09 ==>|Creates| id14[PGCluster: pg-authentik]

  id10 -.->|Depends on| id09

  id10 ==>|Creates| id15(HelmRelease: authentik)

```