diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..4a36858 --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +values.default.yaml +*.env* +*.json +!*sealed.json \ No newline at end of file diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..6953d1e --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2023 Hamothy + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..191fabb --- /dev/null +++ b/README.md @@ -0,0 +1,88 @@ +# Server Configuration + +At the time of writing, I have one single VPS that I use to host my personal +projects. Initially, I started out with docker and having folders of compose +files. I quickly ran into issues re-deploying multiple services at once, +shoehorning traefik configuration into docker and various other tidbits here and +there. + +So I decided to bite the bullet and dive into the fabled/dreaded +_**Kubernetes**_. + +It's important to note that this is **mostly for learning**, a single node +cluster isn't very effective and honestly makes things a lot harder in a lot of +places compared to docker config. However, I'm fascinated at the fact that you +can interact with a single node cluster the same way you'd do with hundreds of +clusters, it's a pretty powerful abstraction! + +Also, _technically_ I'm using [**k3s**](https://k3s.io/) for this single node +cluster. + +## High-Level Architecture + +![server-architecture](assets/server-architecture.png) + +### Example Request + +![gitea-example-request](assets/gitea-example.png) + +## Useful Commands + +1. Get the Bearer Token + + ```shell + kubectl -n create token + ``` + +2. Load in Environment Variables via `.env` (Although, based on + [this stackoverflow post](https://stackoverflow.com/questions/51419102/is-it-possible-to-source-a-env-file-to-create-kubernetes-secrets), + there is some odd behaviour with the command) + + ```shell + kubectl create secret generic --from-env-file=.env + ``` + +3. Perform PVC Storage Expansion + + ```shell + kubectl patch pvc -p '{"spec":{"resources":{"requests":{"storage":""}}}}' + ``` + +4. Annotation to Allow Secret to be Managed by Sealed Secrets + + ```yaml + annotations: + sealedsecrets.bitnami.com/managed: "true" + ``` + +## Tools Used + +- [k3s](https://k3s.io/) +- [krew](https://krew.sigs.k8s.io/) +- [helm](https://helm.sh/) +- [sealed-secrets](https://sealed-secrets.netlify.app/) + +## Liked Resources + +- [Phippy goes to the zoo](https://www.youtube.com/watch?v=R9-SOzep73w&t=353s) +- https://blog.zachinachshon.com/k8s-dashboard/ +- https://medium.com/codex/sealed-secrets-for-kubernetes-722d643eb658 +- https://release.com/blog/kubernetes-secrets-management-a-practical-guide +- https://faun.pub/free-ha-multi-architecture-kubernetes-cluster-from-oracle-c66b8ce7cc37 + +## TODO + +- [ ] Setup [keel.sh](https://keel.sh/) for automatically retrieving the latest + docker hub images and re-deploying my services. +- [ ] Experiment with a two-node cluster using Oracle's [Always Free](https://docs.oracle.com/en-us/iaas/Content/FreeTier/freetier_topic-Always_Free_Resources.htm) tier. + +## Acknowledgement + +Sincere thanks to one of my best friends +[winston](https://github.com/nekowinston) for helping me set up the cluster, +troubleshoot configurations and taking the time to walk me through concepts. I +really couldn't have done it this fast without him! + +## License + +[MIT](LICENSE) diff --git a/assets/gitea-example.png b/assets/gitea-example.png new file mode 100644 index 0000000..ef8e2f1 Binary files /dev/null and b/assets/gitea-example.png differ