K8s

Wherein I document how I migrated some S3 buckets over to the Ceph Rook cluster and with that, made it load-bearing. This is part six of my k8s migration series. So why write a post about migrating S3 buckets, and why do it at this point of the Nomad -> k8s migration? In short, it just fit in here very well. I already planned to make Ceph Rook one of the first services to set up anyway. And then the logical next step is to have a look at what I can then migrate over without any other dependencies. And the answer to that was: Some non-service S3 buckets. With “non-service” I mean those buckets which are not directly tied to specific services running on the cluster, like Mastodon’s media files bucket or Loki’s log storage bucket. Those I will migrate over with their respective services. ...

Wherein I talk about the setup of Ceph Rook on my k8s cluster. This is part five of my k8s migration series. The current setup I’ve been running Ceph as my storage layer for quite a while now. In my current Nomad setup, it provides volumes for my jobs as well as S3 for those apps which support it. In addition, most of my Raspberry Pis are diskless, netbooting off of Ceph’s RBD block devices as their root. At first glance, Ceph might look like you’d need an Ops team of at least three people to run it. But after the initial setup, I’ve found it to be very low maintenance. Adding additional disks or entire additional hosts is very low effort. I went through the following stages, with the exact same cluster, without any outages or cluster recreation: ...

Wherein I talk about the Ingress setup for my Homelab’s k8s cluster with Traefik. This is part four of my k8s migration series. After the initial setup of some infrastructure like external-dns and external-secrets, I went to work on the Ingress implementation for my cluster. I chose Traefik as my Ingress controller. This was mostly driven by the fact that I’m already using Traefik as the proxy in front of my current Nomad cluster, and I’ve become quite familiar with it. ...

Wherein I talk about migrating from Cilium’s L2 announcements for LoadBalancer services to BGP. This is an addendum to the third part of my k8s migration series. BGP instead of L2 announcements? In the last post, I described my setup to make LoadBalancer type services functional in my k8s Homelab with Cilium’s L2 Announcements feature. While working on the next part of my Homelab, introducing Ingress with Traefik, I ran into the issue that the source IP is not necessarily preserved during in-cluster routing. ...

This is the third part of my k8s migration series. This time, I will be talking about using Cilium as the load balancer for my Kubernetes cluster with L2 announcements. But Why? A couple of days ago, I was working on setting up my Traefik ingress for the cluster. While doing so, I yet again had to do a couple of things that just felt weird and hacky. The most prominent of those was using hostPort a lot when setting up the pod. ...