Dustin
74fa9264df
The `xactfetch` script now uses a helper tool, `secretsocket` to handle looking up secrets. This tool supports various secret source types, including files, environment variables, and external commands. Separating this functionality out of the main script makes it a lot more flexible and pluggable. It's main purpose, though, was actually to allow `xactfetch` to run in a container while communicating with `rbw` outside that container, specifically for development puposes. The `secretsocket` tool reads its configuration from a TOML document. This document defines the secrets the tool handles, and how to look them up. Note that the `xactfetch` container image no longer defines the `XDG_CONFIG_HOME` environment variable, as it uses Chromium instead of Firefox now, and the former does not work with a read-only config directory. As such, we have to mount the `rbw` configuration in the default location. |
||
|---|---|---|
| argocd | ||
| authelia | ||
| autoscaler | ||
| cert-manager | ||
| collectd | ||
| dch-root-ca | ||
| dch-webhooks | ||
| device-plugins | ||
| docker-distribution | ||
| dynk8s-provisioner | ||
| firefly-iii | ||
| fleetlock | ||
| grafana | ||
| home-assistant | ||
| hudctrl | ||
| ingress | ||
| invoice-ninja | ||
| jenkins | ||
| keyserv | ||
| kitchen | ||
| loki-ca | ||
| metrics | ||
| ntfy | ||
| paperless-ngx | ||
| photoframesvc | ||
| phpipam | ||
| postgresql | ||
| prometheus_speedtest | ||
| promtail | ||
| rent-reminder | ||
| restic-exporter | ||
| scanservjs | ||
| sealed-secrets | ||
| setup | ||
| sshca | ||
| step-ca | ||
| storage | ||
| victoria-metrics | ||
| websites | ||
| xactfetch | ||
| README.md | ||
README.md
Dustin's Kubernetes Cluster
This repository contains resources for deploying and managing my on-premises Kubernetes cluster
Cluster Setup
The cluster primarily consists of libvirt/QEMU+KVM virtual machines. The Control Plane nodes are VMs, as are the x86_64 worker nodes. Eventually, I would like to add Raspberry Pi or Pine64 machines as aarch64 nodes.
All machines run Fedora, using only Fedora builds of the Kubernetes components
(kubeadm, kubectl, and kubeadm).
See Cluster Setup for details.
Jenkins Agents
One of the main use cases for the Kubernetes cluster is to provide dynamic agents for Jenkins. Using the Kubernetes Plugin, Jenkins will automatically launch worker nodes as Kubernetes pods.
See Jenkins Kubernetes Integration for details.
Persistent Storage
Persistent storage for pods is provided by Longhorn. Longhorn runs within the cluster and provisions storage on worker nodes to make available to pods over iSCSI.
See Persistent Storage Using Longorn for details.