Skip to content

matoruru/home-kubernetes

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Home-Kubernetes

Introduction

Welcome to my Home-Kubernetes repository! My Home-Kubernetes cluster is a lightweight, flexible setup designed for middle-scale, personal projects. This setup can be easily adapted to suit various home automation needs, media servers, and other personal services.

Please refer to the /manifests folder for its details.

Architecture Diagram

All HTTPS traffics to the cluster are coming through Cloudflare Tunnels. For public contents like homepages it just directly allow to access to the web server. But for protected contents like any management clients such as Argo CD, it requires the user to be authenticated by Azure AD.

Components

The cluster is composed of three Raspberry Pi 4 devices, each with 8GB of RAM. One Pi serves as the control plane node, while the other two function as worker nodes. The cluster was set up using Kubeadm on Ubuntu Server 22.04 LTS.

Self-managed. Manages all applications with the beautiful UI.

My GitHub Action Runners are self-hosted, run on my Raspberry Pis. Runner's Dockerfiles are stored in /gha-runner-images folder.

Fetches Secrets from Azure Key vault and generates K8s Secret resources. Most of applications are relying on this. Can work with Workload Identity.

Quote from the official docs:

Along with support for Kubernetes Ingress resources, Istio also allows you to configure ingress traffic using either an Istio Gateway or Kubernetes Gateway resource. A Gateway provides more extensive customization and flexibility than Ingress, and allows Istio features such as monitoring and route rules to be applied to traffic entering the cluster.

Exposes in-cluster services to the Internet through Cloudflare Tunnel.