## Lovenet Home Operations Repository
_Managed by Flux, Renovate and GitHub Actions_ :robot:
[![Kubernetes](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.thesteamedcrab.com%2Fquery%3Fformat%3Dendpoint%26metric%3Dkubernetes_version&style=for-the-badge&logo=kubernetes&logoColor=white&color=blue&label=%20)](https://github.com/kashalls/kromgo/)
[![Renovate](https://img.shields.io/github/actions/workflow/status/rwlove/home-ops/renovate.yaml?branch=main&label=&logo=renovatebot&style=for-the-badge&color=blue)](https://github.com/rwlove/home-ops/actions/workflows/renovate.yaml)
[![Documentation](https://img.shields.io/badge/documentation-blue?&style=for-the-badge)](https://rwlove.github.io/home-ops/)
Kubernetes Cluster Information:
[![Age-Days](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.thesteamedcrab.com%2Fquery%3Fformat%3Dendpoint%26metric%3Dcluster_age_days&style=flat-square&label=Age)](https://github.com/kashalls/kromgo/)
[![Node-Count](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.thesteamedcrab.com%2Fquery%3Fformat%3Dendpoint%26metric%3Dcluster_node_count&style=flat-square&label=Nodes)](https://github.com/kashalls/kromgo/)
[![Pod-Count](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.thesteamedcrab.com%2Fquery%3Fformat%3Dendpoint%26metric%3Dcluster_pod_count&style=flat-square&label=Pods)](https://github.com/kashalls/kromgo/)
[![CPU-Usage](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.thesteamedcrab.com%2Fquery%3Fformat%3Dendpoint%26metric%3Dcluster_cpu_usage&style=flat-square&label=CPU)](https://github.com/kashalls/kromgo/)
[![Memory-Usage](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.thesteamedcrab.com%2Fquery%3Fformat%3Dendpoint%26metric%3Dcluster_memory_usage&style=flat-square&label=Memory)](https://github.com/kashalls/kromgo/)
[![Check Links](https://github.com/rwlove/home-ops/actions/workflows/lychee.yaml/badge.svg)](https://github.com/rwlove/home-ops/actions/workflows/lychee.yaml)
Overview
This is the configuration for my GitOps homelab Kubernetes cluster. This cluster runs home software services for my residence. It is quite complex and there are a lot of interdependencies but the declarative nature of GitOps allows me to manage this mesh of code. The software services fall into a few primary categories:
Core Components
Infrastructure
Networking
- cilium: Kubernetes Container Network Interface (CNI).
- cert-manager: Creates SSL certificates for services in my Kubernetes cluster.
- external-dns: Automatically manages DNS records from my cluster in a cloud DNS provider.
- ingress-nginx: Ingress controller to expose HTTP traffic to pods over DNS.
- Cloudflared: Cloudflare tunnel client.
Storage
- Rook-Ceph: Distributed block storage for peristent storage..
- Minio: S3 Compatible Storage Interface.
- Longhorn: Cloud native distributed block storage for Kubernetes.
- NFS: NFS storage.
GitOps
:gear: Configuration
:gear: Hardware
Hostname |
Device |
CPU |
RAM |
OS |
Role |
Storage |
IOT |
Network |
master1 |
Intel NUC7PJYH |
4 |
8 GB |
CentOS 9 |
k8s Master |
|
|
|
master2 |
VM on beast |
3 |
8 GB |
CentOS 9 |
k8s Master |
|
|
|
master3 |
VM on beast |
3 |
8 GB |
CentOS 9 |
k8s Master |
|
|
|
worker1 |
ThinkCentre M910x |
8 |
32 GB |
CentOS 9 |
k8s Worker |
longhorn NVMe |
Z-Stick 7 |
iot/sec-vlan |
worker2 |
ThinkCentre M910x |
8 |
32 GB |
CentOS 9 |
k8s Worker |
longhorn NVMe |
|
iot/sec-vlan |
worker3 |
ThinkCentre M910x |
8 |
32 GB |
CentOS 9 |
k8s Worker |
longhorn NVMe, ceph osd |
Sonoff |
iot/sec-vlan |
worker4 |
ThinkCentre M910x |
8 |
32 GB |
CentOS 9 |
k8s Worker |
longhorn NVMe |
Coral USB |
iot/sec-vlan |
worker5 |
VM on beast |
10 |
24 GB |
CentOS 9 |
k8s Worker |
longhorn NVMe, ceph osd |
|
iot/sec-vlan |
worker6 |
VM on beast |
10 |
24 GB |
CentOS 9 |
k8s Worker |
longhorn NVMe, ceph osd |
skyconnect |
iot/sec-vlan |
worker7 |
VM on beast |
10 |
24 GB |
CentOS 9 |
k8s Worker |
longhorn NVMe, ceph osd |
|
iot/sec-vlan |
worker8 |
VM on beast |
10 |
48 GB |
CentOS 9 |
k8s Worker |
longhorn NVMe, ceph osd |
nVIDIA P40 |
iot/sec-vlan |
Network
Click to see a high level physical network diagram
Name |
CIDR |
VLAN |
Notes |
Management VLAN |
|
|
TBD |
Default |
192.168.0.0/16 |
0 |
|
IOT VLAN |
10.10.20.1/24 |
20 |
|
Guest VLAN |
10.10.30.1/24 |
30 |
|
Security VLAN |
10.10.40.1/24 |
40 |
|
Kubernetes Pod Subnet (Cilium) |
10.42.0.0/16 |
N/A |
|
Kubernetes Services Subnet (Cilium) |
10.43.0.0/16 |
N/A |
|
Kubernetes LB Range (CiliumLoadBalancerIPPool) |
10.45.0.1/24 |
N/A |
|
☁️ Cloud Dependencies
Service |
Use |
Cost |
1Password |
Secrets with External Secrets |
~$65 (1 Year) |
Cloudflare |
Domain |
Free |
GitHub |
Hosting this repository and continuous integration/deployments |
Free |
Mailgun |
Email hosting |
Free (Flex Plan) |
Pushover |
Kubernetes Alerts and application notifications |
$10 (One Time) |
Frigate Plus |
Model training services for Frigate NVR |
$50 (1 Year) |
|
|
Total: ~$9.60/mo |
Noteworthy Documentation
Initialization and Teardown
Github Webhook
Limits and Requests Philosophy
Debugging
Home-Ops Search
@whazor created this website as a creative way to search Helm Releases across GitHub. You may use it as a means to get ideas on how to configure an applications' Helm values.