-
Longhorn – a Kubernetes-native filesystem
The other day, I took a look at Longhorn again. I briefly looked at it earlier, as a way to get volumes that are writeable from more than one node. I tossed it away then, because I mistook it for nothing more than a glorified NFS server. I was quite wrong. At the time of…
-
RIP Bitnami…and some reflections on convencience vs simplicity
Bitnami, which was once regard as a readily available and reliable source of containers and helm chart, was recently bought by Broadcom. Broadcom has made the decision to host their containers and Helm chart behind a subscription paywall, and no longer provide a helm chart repository or their full docker image catalog for free. While…
-
The road to enterprise at home: Crafting a proper DR strategy.
In my previous post I did a proof of concept of recreating my infrastructure at a secondary node. While it worked, it was highly manual, and it took some downtime until I actually got around to do it. A proper DR solution, however, should be pre-made, ready to be enacted. It can still be partly…
-
The road to enterprise at home: A DR-test!
I’ve had some issues with my kubernetes-node, basically a few random crashes. A bit inconvenient as it’s summer-time. As I am writing this, I am at our cabin and the kubernetes-node is down. But wait a minute? Doesn’t the blog run on kubernetes? Yes, it does. But I do have backup. A while back, I…
-
Single Signon for your home services with Keycloak
Having played around for a couple of months, I have a various bunch of services running in my cluster, which all needs some form of authentication. Some doesn’t even support authentication in itself, but could use some form of login in front of it. I am using traefik for reverse proxy, and it’s always possible…
-
Summing it up! Setting up a web site in 10 minutes.
During the previous months, I have created a lot of infrastructure in Kubernetes. This is stuff that just makes things work if I just configure things correctly. So, I thought I should just go and deploy a simple service, Supermario, that lives on https://github.com/GuopingJia/k8s-games/tree/main/super-mario I like to run a all my things in a namespace,…
-
Kubernetes for beginners: Storage
After my blog post about Kubernetes for geeks: Creating your own Kubernetes Operator, it is time for a lighter and more basic topic: storage. My beginner series wouldn’t be complete without it, so here goes! Kubernetes is made for a lot of various environments: cloud, self-hosted, distributed and not-too-distributed. You need to be able to…
-
Kubernetes for geeks: Creating your own Kubernetes Operator
,As I promised in Kubernetes tip of the day – external-dns, here is the writeup of my automations of firewall openings. As the methods of configuration, and features of, firewalls are more varied than DNS, I quickly realized that this needed to be something built explicitly for Unifi. I had a brief look at The…
-
BGP part three – eBGP between a VPS and on-prem
In my last blog post, I described setting up a VPN tunnel between my home network and the VPS. This is thus the prerequisites for this post, I have a working VPN connection with point-to-point-connections You also need to make sure that firewall rules doesn’t block the traffic, in particular we need port 179 for…
-
BGP part two – A VPN connection to the cloud.
As promised in my last blog post, here is part two of my BGP series. I’ve decided to split it into two, one covering the VPN, and another one covering the BGP end of it. So this one isn’t actually about BGP, it is about IPSEC. I am running services at home – but that…