waifulabs / infrastructure

Kashall's Infrastructure                                  What is this? This is the repository I use to version control my kubernetes cluster I deploy and maintain at home. I currently use Talos to provide a secure, minimal and immutable environment for Kubernetes. Previous iterations of this repository relied on Debian-based Operating Systems which can lead unwanted changes in the base system. How did you do this? Thanks to onedr0p, there is the cluster template that allows you to easily get started with your own kubernetes cluster at home. You don't need to have multiple computers or a fancy setup to get one working. If you're interested, you can also join the community Home Operations. Several people are involved daily and it makes for some interesting conversations. Directory Helper This repository uses the following layout for Kubernetes. ☁️ Cloud Dependencies While most of my infrastructure and workloads are self-hosted I do rely upon the cloud for certain key parts of my setup. This saves me from having to worry about two things. (1) Dealing with chicken/egg scenarios and (2) services I critically need whether my cluster is online or not. | Service | Use | Cost | |---------------------------------------------------------|----------------------------------------------------------------|----------------| | 1Password | Secrets with External Secrets | ~$55/yr | | Cloudflare | Domains, Workers, Pages, and R2 | ~$240/yr | | Backblaze B2 | Backups | $1/m | | GitHub | Hosting this repository and continuous integration/deployments | Free | | Let's Encrypt | Issuing SSL Certificates with Cert Manager | Free | | Migadu | Email Hosting | ~$20/yr | | Pushover | Kubernetes Alerts and application notifications | Free | | UniFi Site Manager | UniFi External Access Management | Free | | | | Total: ~$10/mo | --- 💻 Networking Networking Diagram Networks & Vlans | Name | VLAN | Description | |---------------------|------|-------------------------------------------------------------------------------------| | Management | 1 | Servers + Network Management | | Devices | 2 | Wireless Devices and Workstations | | IoT | 3 | Small devices that *have the potential* to be compromised, so they don't get to talk to each other. | | Services | 4 | No DHCP, Simply a network for Cluster BGP | | "I Don't Trust You" | 86 | Non-affiliated organization issued devices (school or work devices) | 🌐 DNS UniFi released a new feature update with UniFi routers that allow you to create custom dns records to be served to the whole network. I wrote External DNS Unifi Webhook to allow External DNS to gather service and ingress hosts from my clusters and deploy the records to my routers local dns server without any extra local resolvers or moving parts. --- 🔧 Hardware Click to see the rack! Updated 05/25/2024 Office Rack | Device | Count | OS Disk Size | Data Disk Size | Ram | Operating System | Purpose | |-------------------------|-------|--------------|----------------------|------|------------------|-------------------| | UXG Max | 1 | - | - | - | UniFi OS | Router | | UCK G2 Plus | 1 | - | - | - | UniFi OS | Controller | | USW Flex 2.5G 8 PoE | 1 | - | - | - | UniFi OS | Office Switch | U6-LR | 1 | - | - | - | - | Office AP | | Airgradient | 1 | - | - | - | - | Dining Room AP | Server Rack | Device | Count | OS Disk Size | Data Disk Size | Ram | Operating System | Purpose | Network |-------------------------|-------|--------------|----------------------|------|------------------|--------------------|----------| | UDM Pro | 1 | - | - | - | UniFi OS | Router | Lab | | USW 16 Pro Max | 1 | - | - | - | UniFi OS | Switching | Lab | | USW Aggregation | 1 | - | - | - | UniFi OS | Office Aggregation | Office | | U7-Pro | 1 | - | - | - | - | Lab AP | Lab | | UAP-AC-Pro | 1 | - | - | - | - | Dining Room AP | Lab | | USP-PDU-Pro | 1 | - | - | - | - | Rack PDU | Lab | | MS-01 | 3 | 1TB NVMe | 2TB PM9A3 U.2 | 96GB | Talos | Main Cluster | Office | Fran | 1 | 2x1TB SSD | 5x8TB (raidz2) | 64GB | Debian | Storage | Office | JetKVM | 1 | 16GB (Flash) | - | - | JetKVM | Network KVM | Lab | APC Back-Ups 1500 | 1 | - | - | - | - | UPS | - | Meshtastic MQTT GW | 1 | - | - | - | - | MQTT GW | Lab --- ⭐ Stargazers --- Inspiration Thanks to all the people who donate their time to the Home Operations community. Special thanks to: ᗪєνιη ᗷυнʟ, Bᴇʀɴᴅ Sᴄʜᴏʀɢᴇʀs, and Toboshii Nakama for their assistance. Check out kubesearch.dev to see what other users are running in their kubernetes home labs!