chin_waghing

joined 1 year ago
[–] chin_waghing@alien.top 1 points 11 months ago

Sounds very cool, and I'm going to be a huge ass and say that could have easily been done with k3s and either flux or argo image watcher.

+1 for terraform at home tho, I do the same and people look at me like I've curb stomped their child

[–] chin_waghing@alien.top 1 points 11 months ago

I've had hit and miss success with OVH. For some reason K3s would fail to install with some weird errors on their infra. This is probably fixed now.

If you intend to use OVH, get familiar with their Openstack UI and then Openstack terraform provider as it makes storing everything in git and state alot easier.

Hetzner I've not personally used, but lots of people preach about it.

RE K3s. Maybe I suck at english but from what you're saying it sounds like you want to host the control plane for k3s on prem and have a VPN to the nodes on the cloud? I would avoid this, Kubernetes gets a little funky when high latency, pod status may not be reported properly etc.

If that's not the case and you have the entire k3s cluster on your cloud provider of choice, then you'll be fine. One thing to note is Load balancing etc on your own cluster on a cloud provider can get a little tricky, but if you plane to just use kind: service with type: ClusterIP or using nginx ingress or traefik on the lan on the cloud provider, and connect the 2 networks (home and cp) via VPN, you could get away with no fiddly LB.

If you're not 100% set on k3s and rolling your own k8s, use the cloud providers managed solution, as they make life a little easier with things like storage CSI dirvers and LB controllers.

I hope this helps at all? This was quite a word vomit so sorry if this just ruined everything

[–] chin_waghing@alien.top 0 points 11 months ago (1 children)

For cloudflare tunnels no, it does a nat punch through I think it's called, where it connects from inside your network out to 2 edge locations to cloudlfare, where it then can send traffic back and forwards.

If I wanted to expose by port forwarding, then yes you are correct, I could configure ddns.

Personally, I would configure my own version of DDNS where it's just a cron job once every 5 minutes to run terraform and check if my public IP has changed, and if it has run an apply.

Does that answer the question?

[–] chin_waghing@alien.top 0 points 11 months ago (3 children)

I use it within my Kubernetes to expose services outsides my house, and then I use Azure AD to manage access.

I know this isn’t very self hosted, but for me where I have a dynamic IP and don’t want to play with port forwarding, it’s really good. Nice and easy especially with Kubernetes and the helm chart I wrote

 

At work, I spend my day writing Terraform and Yaml and CICD pipelines to apply said resources.

In my home lab I run a 2 (soon to be more) node K3S cluster, which I manage with Flux and a lot of other things.

My main question

I am looking for a router that has one (or more) of the below:

  • Good terraform support
  • Good Scripting language (Please not the mikrotik language)

Ideally I want to store my routers config in git, and build a CI solution around the config. Not sure how I will deal with the chicken and egg issue of if there is no internet how do you git pull the repo

What I've found so far

Currently, I am leaning towards the Juniper solution, but that means removing the CCNA knowledge from my brain to fit their syntax in

Any help would be greatly appreciated!