-
Kubernetes DR Part 4 – Addendum: How I solved the complete DR activation
My DR activation strategy is about injecting state into the ArgoCD applications. One state I am already injecting globally is the cluster I am on, via the in-cluster secret, and based on that I set the env variable to either prod or DR. This is done through the cluster generator. I basically set the cluster…
-
Kubernetes DR Part 3 – migrating the workload applications
In my previous blog post, I got as far as having an identical gitea in DR, with the same repositories that exists on-prem. They will, of course, not stay identical for very long without finding a way to keep them in sync. Before starting to migrate applications to applicationsets and create them in DR, I…
-
Kubernetes DR Part 2: Building infrastructure applicationsets for my clusters.
Having installed a new cluster including getting ArgoCD to run, it’s time to think about deploying some applications. From earlier, I have simple applications that are very much tailored to running on my already existing cluster: Setting up a DR cluster, I need to make my DR cluster creating similar applications with some properties changed.…
-
Setting up a second DR cluster part 1 – bootstrap script.
My primary cluster was installed manually. While I have retroactively created some scripts and put it in my bootstrap repository, it had never been tested end-to-end. Creating a DR cluster (still only one node) was a perfect opportunity to test that. The goal of the bootstrap repo/script is to have scripted procedure to install the…
-
A real incident: Longhorn recovery
Running Longhorn with multiple replicas over long distance isn’t exactly recommended. Longhorn works best on a local network, where network in general is stable and you don’t lose connectivity between the nodes so often. I ignored this for a while, because I wanted to test a dual-node longhorn setup, but in the end I paid…
-
Longhorn – a Kubernetes-native filesystem
The other day, I took a look at Longhorn again. I briefly looked at it earlier, as a way to get volumes that are writeable from more than one node. I tossed it away then, because I mistook it for nothing more than a glorified NFS server. I was quite wrong. At the time of…
-
RIP Bitnami…and some reflections on convencience vs simplicity
Bitnami, which was once regard as a readily available and reliable source of containers and helm chart, was recently bought by Broadcom. Broadcom has made the decision to host their containers and Helm chart behind a subscription paywall, and no longer provide a helm chart repository or their full docker image catalog for free. While…
-
The road to enterprise at home: Crafting a proper DR strategy.
In my previous post I did a proof of concept of recreating my infrastructure at a secondary node. While it worked, it was highly manual, and it took some downtime until I actually got around to do it. A proper DR solution, however, should be pre-made, ready to be enacted. It can still be partly…
-
The road to enterprise at home: A DR-test!
I’ve had some issues with my kubernetes-node, basically a few random crashes. A bit inconvenient as it’s summer-time. As I am writing this, I am at our cabin and the kubernetes-node is down. But wait a minute? Doesn’t the blog run on kubernetes? Yes, it does. But I do have backup. A while back, I…
-
Single Signon for your home services with Keycloak
Having played around for a couple of months, I have a various bunch of services running in my cluster, which all needs some form of authentication. Some doesn’t even support authentication in itself, but could use some form of login in front of it. I am using traefik for reverse proxy, and it’s always possible…