• 0 Posts
  • 39 Comments
Joined 1 year ago
cake
Cake day: June 5th, 2023

help-circle




  • Single node k3s is possible and can do what you’re asking but has some overhead (hence your acknowledgment of overkill). One thing i think it gets right and would help here is the reverse proxy service. It’s essentially a single entity with configuration of all of your endpoints in it. It’s managed programmatically so additions or changes are not needed to he done by hand. It sounds like you need a reverse proxy to terminate the TLS then ingress objects defined to route to individual containers/pods. If you try for multiple reverse proxies you will have a bad time managing all of that overhead. I strongly recommend going for a single reverse proxy setup unless you can automate the multiple proxies setup.


  • notfromhere@lemmy.onetoSelfhosted@lemmy.worldCosmos 0.12 major update
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    1 year ago

    And here I am running a bare metal k3s cluster fully managed by custom ansible playbooks with my templatized custom manifests. I definitely learned a lot going that way. This project looks like it has just about everything covered except high availability or redundancy, but maybe I missed it in the readme. Good work but definitely not for me.













  • Sure! I’m using ansible to manage the hosts, install k3s, and deploy the manifests. I’m looking at switching to nixos for reproducibility purposes. I have a couple Pi 4’s, and a handful of Pi 3Bs. Each one is booting off USB drives (Pi 4s have SSDs and others have thumb drives). Then I have an old computer I turned into a NAS server that is hosting NFS for the PVs of each pod. Then I have a rackmount gigabit switch, and I set up tailscale on each node, and reference everything by the tailnet names. Works really well and I have complete access while I’m away from home.

    Edit: oh yea my NFS server is also hosting a docker server. My ansible stages the docker containers to the local docker server then each pod pulls from the local server to save on bandwidth and if internet goes down I can still do everything locally.