Home

Awesome

<div align="center"> <img src="./docs/assets/raspbernetes.png" alt="Raspbernetes">

Raspbernetes

My Personal Kubernetes GitOps Repository

... managed with Flux, Renovate and GitHub Actions

</div> <div align="center">

Discord Kubernetes Linux

</div>

🍼 Overview

This educational project is designed to provide a hands-on learning experience for mastering Kubernetes cluster configurations and best practices. The repository showcases a declarative implementation of a Kubernetes cluster, following GitOps principles that can be utilized with a variety of tools and workflows.

The main goal of this project is to demonstrate best practices for implementing enterprise-grade security, observability, and comprehensive cluster configuration management using GitOps in a Kubernetes environment, while fostering learning and growth in the Kubernetes community.

This repository leverages a range of cutting-edge open-source tools and platforms, forming a comprehensive technology stack that demonstrates the power of the CNCF ecosystem.

📖 Table of contents

📚 Documentation

📋 Requirements

In order to effectively utilize this repository, it is important to have the following tools set up in your environment.

🚀 Quick Start

  1. Set up the necessary environment variables:
export GITHUB_TOKEN=<your-token>
export GITHUB_USER=<your-username>
export GITHUB_REPO=<your-repo>
export CLUSTER=<target-cluster>
  1. Verify that your cluster satisfies the prerequisites:
flux check --pre
  1. Run the bootstrap command to install Flux and deploy into the cluster:
task cluster CLUSTER_NAME=cluster-0

Note: Many variables in the cluster depend on your specific configuration and should be modified accordingly. Be sure to review and adjust these variables as needed to match your environment and requirements.

🔧 Hardware

DeviceDescriptionQuantityCPURAMArchitectureOperating SystemNotes
Protectli FW6ERouter14 Cores16GB RAMAMD64VyOs
Protectli VP2410 Kubernetes Control Plane34 Cores8GB RAMAMD64Talos Linux
Protectli FW2BKubernetes Node(s)32 Cores8GB RAMAMD64Talos Linux
Raspberry Pi 4 Model BKubernetes Node(s)44 Cores8GB RAMARM64Talos Linux
Rock Pi 4 Model CKubernetes Node(s)64 Cores4GB RAMARM64Talos Linux

☁️ Cloud Services

Although I manage most of my infrastructure and workloads on my own, there are specific components of my setup that rely on cloud services.

ServiceDescriptionCost (AUD)
CloudflareI use Cloudflare in my home network for DNS management and to secure my domain with Cloudflare's services.~$69/yr
GCPI use Google Cloud Platform (GCP) to manage backups using Google Cloud Storage (GCS) and employ GCP's OAuth for authentication.~20/mo
GitHubI use GitHub for code management and version control, enabling seamless collaboration in addition to OAuth for authenticationFree
NextDNSI use NextDNS for malware protection and ad-blocking for a safer browsing experience.~$30/yr
UptimeRobotI use UptimeRobot to monitor my home services for uninterrupted performance.~$84/yr
Lets EncryptI use Let's Encrypt to generate certificates for secure communication within my network.Free
Total: ~$35/mo

🖥️ Technology Stack

The below showcases the collection of open-source solutions currently implemented in the cluster. Each of these components has been meticulously documented, and their deployment is managed using FluxCD, which adheres to GitOps principles.

The Cloud Native Computing Foundation (CNCF) has played a crucial role in the development and popularization of many of these tools, driving the adoption of cloud-native technologies and enabling projects like this one to thrive.

NameDescription
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/kubernetes/icon/color/kubernetes-icon-color.svg">KubernetesAn open-source system for automating deployment, scaling, and management of containerized applications
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/flux/icon/color/flux-icon-color.svg">FluxCDGitOps tool for deploying applications to Kubernetes
<img width="32" src="https://www.talos.dev/images/logo.svg">Talos LinuxTalos Linux is Linux designed for Kubernetes
<img width="62" src="https://github.com/cncf/artwork/raw/main/projects/cilium/icon/color/cilium_icon-color.svg">CiliumCilium is an open source, cloud native solution for providing, securing, and observing network connectivity between workloads
<img width="62" src="https://github.com/cncf/artwork/raw/main/projects/istio/icon/color/istio-icon-color.svg">IstioIstio extends Kubernetes to establish a programmable, application-aware network using the powerful Envoy service proxy.
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/containerd/icon/color/containerd-icon-color.svg">containerdContainer runtime integrated with Talos Linux
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/coredns/icon/color/coredns-icon-color.svg">CoreDNSA DNS server that operates via chained plugins
<img width="32" src="https://metallb.universe.tf/images/logo/metallb-blue.png">MetalLBLoad-balancer implementation for bare metal Kubernetes clusters, using standard routing protocols.
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/prometheus/icon/color/prometheus-icon-color.svg">PrometheusMonitoring system and time series database
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/jaeger/icon/color/jaeger-icon-color.svg">JaegerOpen-source, end-to-end distributed tracing for monitoring and troubleshooting transactions in complex distributed systems
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/helm/icon/color/helm-icon-color.svg">HelmThe Kubernetes package manager
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/falco/icon/color/falco-icon-color.svg">FalcoContainer-native runtime security
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/flux/flagger/icon/color/flagger-icon-color.svg">FlaggerProgressive delivery Kubernetes operator (Canary, A/B Testing and Blue/Green deployments)
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/opa/icon/color/opa-icon-color.svg">Open Policy AgentAn open-source, general-purpose policy engine
<img width="52" src="https://github.com/cncf/artwork/raw/main/projects/kyverno/icon/color/kyverno-icon-color.svg">KyvernoKubernetes Native Policy Management
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/dex/icon/color/dex-icon-color.svg">DexAn identity service that uses OpenID Connect to drive authentication for other apps
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/crossplane/icon/color/crossplane-icon-color.svg">CrossplaneManage any infrastructure your application needs directly from Kubernetes
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/litmus/icon/color/litmus-icon-color.svg">LitmusChaos engineering for your Kubernetes
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/openebs/icon/color/openebs-icon-color.svg">OpenEBSContainer-attached storage
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/opentelemetry/icon/color/opentelemetry-icon-color.svg">OpenTelemetryMaking robust, portable telemetry a built in feature of cloud-native software.
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/thanos/icon/color/thanos-icon-color.svg">ThanosHighly available Prometheus setup with long-term storage capabilities
<img width="32" src="https://github.com/cncf/artwork/raw/main/projects/cert-manager/icon/color/cert-manager-icon-color.svg">Cert ManagerX.509 certificate management for Kubernetes
<img width="32" src="https://grafana.com/static/img/menu/grafana2.svg">GrafanaAnalytics & monitoring solution for every database.
<img width="32" src="https://github.com/grafana/loki/blob/main/docs/sources/logo.png?raw=true">LokiHorizontally-scalable, highly-available, multi-tenant log aggregation system
<img width="62" src="https://velero.io/img/Velero.svg">VeleroBackup and restore, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes.

🤖 Automation

This repository is automatically managed by Renovate. Renovate will keep all of the container images within this repository up to date automatically. It can also be configured to keep Helm chart dependencies up to date as well.

🤝 Acknowledgments

A special thank you to everyone in the Kubernetes @Home Discord community for their valuable contributions and time. Much of the inspiration for my cluster comes from fellow enthusiasts who have shared their own clusters under the k8s-at-home GitHub topic.

Also I extend heartfelt thanks to all CNCF contributors for their dedication and expertise, as their collective efforts have been vital in driving innovation and success within the cloud-native ecosystem.

For more ideas on deploying applications or discovering new possibilities, be sure to explore the Kubernetes @Home search search.

👥 Contributing

Our project welcomes contributions from any member of our community. To get started contributing, please see our Contributor Guide.

🚫 Code of Conduct

By participating in this project, you are expected to uphold the project's Code of Conduct. Please report any unacceptable behavior to the repository maintainer.

💡 Reporting Issues and Requesting Features

If you encounter any issues or would like to request new features, please create an issue on the repository's issue tracker. When reporting issues, include as much information as possible, such as error messages, logs, and steps to reproduce the issue.

Thank you for your interest in contributing to this project! Your contributions help make it better for everyone.

📄 License

This repository is Apache 2.0 licensed