Tool | Purpose |
---|---|
flux | Operator that manages your k8s cluster based on your Git repository |
go-task | A task runner / simpler Make alternative written in Go |
sops | Encrypts k8s secrets with GnuPG |
Node | Hostname | RAM | Storage | Function | Operating System |
---|---|---|---|---|---|
Raspberry Pi Compute Module 4 | w7 | 8GB | 2TB SSD | Kube Worker | Talos 1.8.0-alpha.1 |
Raspberry Pi Compute Module 4 | cm4-1 | 8GB | 32GB eMMC | Kube Worker | Talos 1.8.0-alpha.1 |
Lenovo ThinkCentre M910q Tiny | w-amd-1 | 32GB | 1TB Kingston DC SSD + 256GB SSD | Kube Worker | Talos 1.8.0-alpha.1 |
Custom Haswell mATX system | w-amd-2 | 32GB | 480GB Transcend SSD, 275GB Crucial SSD + 320GB HDD | Kube Worker | Talos 1.8.0-alpha.1 |
HP EliteDesk 800 G2 | w-amd-3 | 32GB | 256GB SSD | Kube Worker | Talos 1.8.0-alpha.1 |
Lenovo ThinkCentre M910q Tiny | m1 | 16GB | 256GB SSD x 2 | Kube Master | Talos 1.8.0-alpha.1 |
Node | Hostname | RAM | Storage | Function | Operating System |
---|---|---|---|---|---|
Synology NAS | NAS | 16GB | 2 x 3TB HDD (SMR for backups), 2 x 8TB HDD, 1 TB NVME, 256GB NVME for storage pool cache | NFS Server | DSM 7 |
Vendor | Model | Function |
---|---|---|
Juniper | EX2200-48P-4g | Hallway switch with PoE+ and fiber uplinks to rack |
Juniper | EX3300-48P | Rack switch with PoE++ and 10G SFP+ |
Ubiquiti | Unifi USW-Flex-Mini | Bedroom switching (gaming iTX system, Apple TV 4K and Steam Deck) |
Qotom | TLSense C3758 (TekLager.se) | Main router |
All nodes are connected to a dual-stack network, with private IPv4 and public IPv6. Kubernetes' nodes are on their own VLAN which has access to the NAS.
While most of my infrastructure and workloads are self-hosted I do rely upon the cloud for certain key parts of my setup. This saves me from having to worry about two things. (1) Dealing with chicken/egg scenarios and (2) services I critically need whether my cluster is online or not.
The alternative solution to these two problems would be to host a Kubernetes cluster in the cloud and deploy applications like HCVault, Vaultwarden, ntfy, and Gatus. However, maintaining another cluster and monitoring another group of workloads is a lot more time and effort than I am willing to put in.
Service | Use | Cost |
---|---|---|
Cloudflare | Domain(s) and S3 | ~$20/yr |
GCP | Voice interactions with Home Assistant over Google Assistant | Free |
GitHub | Hosting this repository and continuous integration/deployments | Free |
Fastmail | Email hosting | ~$99/yr |
NextDNS | My router DNS server which includes AdBlocking | ~$20/yr |
Kapsi internet-users association | Hosts my off-site backup aka minio (S3), Bitwarden and own website | 40€/yr |
updown.io | External monitoring (IPv4/IPv6) | ~€5/yr |
Bilance | Budgeting app for iOS and Android | ~30€/yr |
1Password | External Secrets and secret management | Free for the moment |
Total: ~40€/mo |