Pacholo Amit

Software Engineer

Devops & Cloud Administrator

Full Stack Developer

Linux Systems Administrator

Homelab Enthusiast

Pacholo Amit

Software Engineer

Devops & Cloud Administrator

Full Stack Developer

Linux Systems Administrator

Homelab Enthusiast

Homelab Infrastructure – Repository containing manifests on my local infrastructure running on my homelab servers

Link to Repository here

Homelab Infrastructure

Warning: Documentation is a work in progress

This repository contains the infrastructure used for my homelab. It mainly contains the manifests to run my Kubernetes cluster. The kubernetes distribution used is k3s, whilst the manifests are managed by flux. I am mainly focused on following a GitOps approach to managing my homelab.

Check out the Documentation

Main tools used

  1. FluxCD 2 – GitOps for my HomeLab.
  2. Cloudfared – Cloudflare tunnel for accessing my services.
  3. ingress-nginx – Kubernetes ingress. Cloudflare forwards all requests to the ingress-nginx controller which then routes the requests to the correct service.
  4. Longhorn – K8S distributed & replicated block storage.
  5. Mozilla SOPS – Secrets encryption.
  6. Kube-Prometheus-Stack – Kubernetes monitoring stack.
  7. Velero – K8S and PVC backup. Free and open source by VMware
  8. Descheduler – Kubernetes descheduler. Monitors node resource usage and reassigns workloads to other nodes based on rules.
  9. Renovate – Automated dependency updates for my kubernetes deployments and helm charts.

GitOps

GitOps is applied wherever possible using Flux2.
CI/CD is done by bootstrapping flux into my cluster. Flux polls GitHub for changes and applies them automatically on my server.
It is currently pretty stable and works fine

Accessing services ( ingress-nginx, Cloudflared )

Apps are currently exposed by ingress-nginx and Cloudflared which both run in the cluster. Cloudflared is used to expose services to the internet. Cloudflare forwards all requests to the ingress-nginx controller which then routes the requests to the correct service. The current Cloudflare deployment creates 2 pods on different nodes to ensure high availability.

Cloudflare manages my DNS records for my domain pacholoamit.com and adding routes is as simple as creating an ingress resource and applying a command

cloudflared tunnel route dns home-k3s-cluster route.pacholoamit.com

Storage ( Longhorn )

Longhorn is a great replicated storage option with a great UI for better visualisation. It’s fast and tailor made for
k8s. Developed by the same people responsible for k3s/rancher and other great tools. Official site

Secrets ( Sealed Secrets )

Sealed Secrets is a great tool for managing secrets in k8s. It allows me to encrypt secrets and store them in git. The sealed secret controller then decrypts the secrets and applies them to the cluster. This allows me to store my secrets in git without worrying about them being exposed.

Monitoring ( Kube-Prometheus-Stack )

The kube-prometheus-stack allows me to monitor my cluster, I am able to view the metrics gathered by prometheus on my grafana dashboard.

Backup ( Velero )

Velero allows me to back up selected namespaces and ( with the help of restic ) ship the data to different sources.
In my case I’m using the velero AWS plugin.