Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/jefedavis/k8s-homeops
https://github.com/jefedavis/k8s-homeops
fluxcd k8s-at-home talos
Last synced: about 2 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/jefedavis/k8s-homeops
- Owner: JefeDavis
- License: mit
- Created: 2022-09-24T01:17:11.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2024-04-14T08:12:06.000Z (9 months ago)
- Last Synced: 2024-04-14T08:45:01.747Z (9 months ago)
- Topics: fluxcd, k8s-at-home, talos
- Language: CSS
- Homepage:
- Size: 2.29 MB
- Stars: 3
- Watchers: 1
- Forks: 2
- Open Issues: 19
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# k8s-HomeOps
### Core Components
- [actions-runner-controller](https://github.com/actions/actions-runner-controller): Self-hosted Github runners.
- [cert-manager](https://cert-manager.io/docs/): Creates SSL certificates for services in my Kubernetes cluster.
- [external-dns](https://github.com/kubernetes-sigs/external-dns): Automatically manages DNS records for my cluster.
- [metallb](https://metallb.universe.tf/): Bare-Metal Load-balancer
implementation.
- [ingress-nginx](https://github.com/kubernetes/ingress-nginx/): Ingress controller to expose HTTP traffic to pods over DNS.
- [synology-csi](https://github.com/SynologyOpenSource/synology-csi): The official Container Storage Interface driver for Synology NAS.
- [sops](https://toolkit.fluxcd.io/guides/mozilla-sops/): Managed secrets for Kubernetes, Ansible and Terraform which are commited to Git.
- [tf-controller](https://github.com/weaveworks/tf-controller): Additional Flux component used to run Terraform from within a Kubernetes cluster.
- [volsync](https://github.com/backube/volsync) and [snapscheduler](https://github.com/backube/snapscheduler): Backup and recovery of persistent volume claims.
- [system-upgrade-controller](https://github.com/rancher/system-upgrade-controller) Automatically updates kubernetes based off of a plan.### GitOps
[Flux](https://github.com/fluxcd/flux2) watches my [kubernetes](./kubernetes/) folder (see Directories below) and makes the changes to my cluster based on the YAML manifests.
The way Flux works for me here is it will recursively search the [kubernetes/apps](./kubernetes/apps) folder until it finds the most top level `kustomization.yaml` per directory and then apply all the resources listed in it. That aforementioned `kustomization.yaml` will generally only have a namespace resource and one or many Flux kustomizations. Those Flux kustomizations will generally have a `HelmRelease` or other resources related to the application underneath it which will be applied.
[Renovate](https://github.com/renovatebot/renovate) watches my **entire** repository looking for dependency updates, when they are found a PR is automatically created. When some PRs are merged [Flux](https://github.com/fluxcd/flux2) applies the changes to my cluster.
### Directories
This Git repository contains the following directories under [kubernetes](./kubernetes/).
```sh
📁 k8s-home-ops
├── 📁 kubernetes # kubernetes configurations
│ ├── 📁 apps # applications
│ │ └─ 📁 network # namespace folder
│ │ └─ 📁 cert-manager # application folder
│ ├── 📁 bootstrap # bootstrap procedures
│ ├── 📁 flux # core flux configuration
│ └── 📁 templates # re-useable components
└── 📁 infrastructure # infrastructure configuration
```### Cluster layout
Below is a a high level look at the layout of how my directory structure with Flux works. In this brief example you are able to see that `authentik` will not be able to run until `cloudnative-pg` is ready, which itself requires `rook-ceph-cluster` to be ready
```mermaid
flowchart TD
id01>Kustomization: cluster] ==>|Creates| id02>Kustomization: cluster-apps]
id02 ==>|Creates| id06>Kustomization: cluster-apps-rook-ceph]
id02 ==>|Creates| id07>Kustomization: cluster-apps-rook-ceph-cluster]
id02 ==>|Creates| id08>Kustomization: cluster-apps-cloudnative-pg]
id02 ==>|Creates| id09>Kustomization: cluster-apps-authentik-database]
id02 ==>|Creates| id10>Kustomization: cluster-apps-authentik]
id06 ==>|Creates| id11(HelmRelease: rook-ceph-operator)
id07 -.->|Depends on| id06
id07 ==>|Creates| id12(HelmRelease: rook-ceph-cluster)
id08 -.->|Depends on| id07
id08 ==>|Creates| id13(HelmRelease: cloudnative-pg)
id09 -.->|Depends on| id08
id09 ==>|Creates| id14[PGCluster: pg-authentik]
id10 -.->|Depends on| id09
id10 ==>|Creates| id15(HelmRelease: authentik)
```