Category: k3s
-
+
+
+
+
+
+
Docker registry is an integral part of each k8s cluster. It stores standalone application executables in form of docker images. In general, we have two options to store docker images: As always, self-hosting gives a set of advantages: Let’s take a look at possible self-hosted options: As I am interested…
-
+
+
+
+
+
+
Etcd backups proved their usefulness faster than I thought. I screwed up the configuration so badly, I didn’t even recognize it anymore. I did not want to waste more time, and just restored the DB from the backup. Here are the commands: list backups stop nodes execute on all of…
-
+
+
+
+
+
+
Etcd is key value data store. It is used as default database to store cluster state in kubernetes. You can find there information like connected nodes or deployed resources. Etcd can be deployed in high availability mode. When one of the etcd nodes is down, the rest will elect next…
-
+
+
+
+
+
+
In k3s, traefik is the default ingress controller. It handles incoming HTTP and HTTPS requests and routes them to correct services. If you have multiple domains, subdomains, or need to route different paths to different services, Traefik is an excellent choice. Traefik is a reverse proxy, meaning it is acts…
-
+
+
+
+
+
+
Use case: certain services available only from home network, but still with subdomain and certificate, that all browsers will accept. For example UI for traefik or longorn – I would not necessarily share them outside. Of course you can use self-signed, but there is little inconvenience here and there. The…
-
+
+
+
+
+
+
Syncthing is decentralized file synchronization tool. Key difference between services like Dropbox is, that data never leaves your network, unless you explicitly configure it to do so. pros: cons: There can be many usecases for syncthing. For example: I have not found helm chart for that, but deployment is not…
-
+
+
+
+
+
+
I was thinking abut setting internal docker registry. But for that, I need internally resolved domains. Pihole can help with that, and also have ad blocking as a feature, which is a nice bonus. As DNS server is crucial service, I would like to have two instances running in parallel.…
-
+
+
+
+
+
+
Why would I want to migrate the systemd timer job as a k8s cronjob? One could say, for better resilience and resource utilization in the cluster. Workloads will be scheduled for any available node, not only the one with the timer configured. However, the real reason is, because by doing…
-
+
+
+
+
+
+
Before publishing any service over the internet, it is crucial to configure https. We are doing it mainly for security, privacy and data integrity. Browsers will be annoying users, if your page uses self signed certificates, or do not have it at all. In terms of obtaining certificates we have…
-
+
+
+
+
+
+
If you are running k8s workloads on a linux machine, chances are that you are using Gnome desktop environment as well. With growing number of pods, your mount list will be bigger and bigger. gvfs-udisks2-volume-monitor is Gnome tool that is monitoring volumes and devices, and occasionally can do stuff, like…