This repository is my home Kubernetes cluster in a declarative state. Flux watches the kubernetes folder and will make the changes to the cluster based on the YAML manifests.
- backube/volsync and backube/snapscheduler: Backup and recovery of persistent volume claims.
- cilium/cilium: Kubernetes CNI.
- external-secrets/external-secrets: Managed Kubernetes secrets using 1Password Connect.
- jetstack/cert-manager: Creates SSL certificates for services in my Kubernetes cluster.
- kubernetes-sigs/external-dns: Automatically manages DNS records from my cluster in CloudFlare.
- kubernetes/ingress-nginx: Ingress controller to expose HTTP traffic to pods over DNS.
- mozilla/sops: Manages secrets for Kubernetes, Ansible and Terraform which are committed to git.
- rancher/system-upgrade-controller: Handles Kubernetes and Talos upgrades automatically.
- rook/rook: Distributed block storage for peristent storage.
- siderolabs/talos: The Kubernetes Operating System.
- Github Actions for checking code formatting and running periodic jobs
- Renovate keeps the application charts and container images up-to-date
- 1Password for managing secrets via external-secrets.
- AWS SES for sending emails.
- Cloudflare tunnels for exposing services & creating certificates & managing domains.
- Cloudflare R2 for daily backups.
- Pushover for sending alerts.
Total cloud costs yearly is approximately ~$150/year.
This Git repository contains the following directories.
π ansible # Ansible playbooks my router
π hacks # Contains random scripts
π kubernetes # Kubernetes cluster defined as code
ββπ bootstrap # Flux installation to bootstrap cluster
ββπ flux # Main Flux configuration of repository
ββπ apps # Apps deployed into my cluster grouped by namespace
π talos # Contains the configuration for Talos operating system
π terraform # Contains Cloudflare terraformarchitecture-beta
group home(cloud)[Home]
service wan(cloud)[WAN]
service udm(internet)[UDM] in home
service uswa(internet)[USW Aggregate] in home
service usw(internet)[USW] in home
service ap(internet)[Wifi AP] in home
service n1(server)[Node1] in home
service n2(server)[Node2] in home
service n3(server)[Node3] in home
service nas(server)[NAS] in home
service clients(server)[Other Clients] in home
junction j1 in home
junction j2 in home
wan:R -- L:udm
udm:R -- L:uswa
usw:L -- R:uswa
n1:T -- R:j1
n2:B -- T:j1
n3:T -- L:j1
j1:B -- T:uswa
j2:L -- B:ap
j2:R -- B:clients
j2:T -- B:usw
nas:T -- B:j2
| Device | Count | OS Disk Size | Data Disk Size | Ram | Operating System | Purpose |
|---|---|---|---|---|---|---|
| UDM-Pro-Max | 1 | - | - | - | Unifi | Router |
| USW-Pro-Aggregation | 1 | - | - | - | Unifi | Switch |
| USW-Pro-Max-24-PoE | 1 | - | - | - | Unifi | Switch |
| UAP-AC-Lite | 1 | - | - | - | Unifi | WiFi AP |
| ER-10X | 1 | - | - | - | EdgeOS | Switch |
| PiKVM V4 Mini | 1 | - | - | - | PiKVM | KVM |
| TESmart HDMI KVM Switch 8 Ports | 1 | - | - | - | - | KVM Switch |
| CyberPower CP1500PFCRM2U | 1 | - | - | - | UPS | |
| USP-PDU-Pro | 1 | - | - | - | Unifi | PDU |
| Synology DS920+ | 1 | - | 2x8TB & 2x16TB | 20GB | DSM | NAS |
| MS-01 i9-13900H | 3 | 1TB | 2TB | 96GB | Talos | Control Plane |
Thanks to all the people who donate their time to the Kubernetes @Home community.
This repository was built off the onedr0p/template-cluster-k3s repository.
See LICENSE