- 🔗 Table of Contents
- ❔ Why
⚠️ Disclaimer- 🧾 Prerequisites
- 💻 Installation
- ⚙️ Usage
- 🙋♂️ Support & Assistance
- 🤝 Contributing
- 📋 References
- 👋 Acknowledgements
- ⚖️ License
After some searching on the internet, I wasn't able to find a complete Kubernetes installation tutorial that included all the features I wanted for my home cluster. I've collected bits and pieces of multiples sources and combined them into a single cluster setup example. This repository is the result of my research, trial and error and personal preferences.
Here's a rough relationship diagram that demonstrates each component's high-level purpose.
graph TD;
cert-manager[cert-manager];
dashboard[Kubernetes<br>Dashboard];
dns[External DNS];
vault[HashiCorp<br>Vault];
unsealer[Vault<br>Unsealer];
cert-manager-- Issue certificates -->vault;
vault-- Ingress TLS certificate -->cert-manager;
dashboard-- Ingress TLS certificate -->cert-manager;
dns-- Exposes ingress<br>externally -->vault;
dns-- Exposes ingress<br>externally -->dashboard;
unsealer-- Initialises/Unseals -->vault;
This cluster configuration example is not meant to be used in production. While it can be used as a starting point, there are several changes required to make it stable and secure and these are outside the scope of this project.
To implement this cluster example as-is, you'll need:
- K3s' requirements
- Helm (was tested with version
v3.11.1) - Terraform (was tested with version
v1.3.9) - iSCSI target(s) for remote storage
open-iscsineeds to be installed on all nodes
All cluster components are managed with Helm charts and can be installed mostly independently. For detailed installation instructions, please see the related document
Cluster access is documented here.
By default these services are exposed outside the cluster:
- HashiCorp Vault (
https://vault.domain.local) - Kubernetes Dashboard (
https://k8s-dashboard.domain.local)
- ❤️ Please review the Code of Conduct for guidelines on ensuring everyone has the best experience interacting with the community.
- 🙋♂️ Take a look at the support document on guidelines for tips on how to ask the right questions.
- 🐞 For all features/bugs/issues/questions/etc, head over here.
- ❤️ Please review the Code of Conduct for guidelines on ensuring everyone has the best experience interacting with the community.
- 📋 Please review the contributing doc for submitting issues/a guide on submitting pull requests and helping out.
- Building a bare-metal Kubernetes cluster on Raspberry Pi
- k3s on Raspberry Pi: Introduction
- K3s DNS Setup
- Vault using Kubernetes auth
- External DNS
- Kubernetes Dashboard
- cert-manager
- HashiCorp Vault
- Vault Unsealer
Huge thanks to @lrstanley for letting me use his repository documentation templates!
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Also located here