Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
The addition of Consul and Vault gives me a few things. For one, right now I'm handling secrets with a mixture of SOPS and Sealed Secrets. I use Vault in my professional life, and have used both Vault and Consul at my last job. Vault is a beast, so I may as well get better at it; plus its options for secret injection are better.
I've used Talos before and liked it. What was keeping me away was that it doesn't support Longhorn for distributed storage, and my previous experience with Ceph via Rook wasn't good. However, I think this time around I'm ready. I plan on using my existing Proxmox cluster to run Ceph, and expose it to K8s via a CSI.
The addition of Consul and Vault gives me a few things. For one, right now I'm handling secrets with a mixture of SOPS and Sealed Secrets. I use Vault in my professional life, and have used both Vault and Consul at my last job. Vault is a beast, so I may as well get better at it; plus its options for secret injection are better.
Ceph can be technically challenging to support yourself. I'm all for learning new things, but I don't want to be left with some monster I have to constantly administratively feed either. Have you seen https://github.com/canonical/microceph ?
I've briefly run ceph in an external mode, you can actually use a rook deployment to manage it (sort of). Here is the documentation for doing that. For me it didn't pass my testing phase because I need better networking equipment before I can try that.
For vault, I run vault in my cluster, and use a tf-controller to control its state. My Terraform files are automated to deploy as an oci which is used to feed the tf-controller. My main home cluster hasn't been upgraded that much yet but you can find it here for reference. My test "cluster" repo is private, mainly because some of my mistakes are more embarrassing than the mistakes I make with the main one. I don't have experience with consul so I cannot offer any recommendations on that front.
Related posts
- Installing a small kubernetes cluster on cloud VMs
- Introduction to the Kubernetes ecosystem
- Ceph: A Journey to 1 TiB/s
- People who run Nextcloud in Docker: Where do you store your data/files? In a Docker volume, or on a remote server/NAS?
- Any new Opensource projects in (go) looking for contributors. I want to start my journey as an OSS contributor.