Skip to content

Latest commit

 

History

History
325 lines (283 loc) · 19.2 KB

README.md

File metadata and controls

325 lines (283 loc) · 19.2 KB

East4Ming's Homelab2

FeaturesGet StartedDocumentation

tag document license stars

The project forked from khuedoan/homelab, 99% of the credit goes to him. Thanks Khuedoan.

HighLight:

Compared to the khuedoan/homelab project, the following adjustments have been made to this project:

  • 🥾 Automated bare metal provisioning with netboot.xyz
  • 🐧 OS changed to Ubuntu 24.04
  • 🕸 Use Tailscale Operator replace nginx ingress/cert-manager/cloudflared/external-dns...; Install tailscale on node
  • 🐝Cilium Tuning

Ubuntu: Kured adapts to ubuntu; The relevant packages are modified to ubuntu's; ubuntu sysctl tuning; automatic adapts to ubuntu; Disable root login and use normal user

Cilium Tuning: include: update version/native routing mode/bpf masquerade/DSR/Bypass iptables connection tracking/bandwidthManager/pod BBR/XDPAcceleration/netkit/servicemonitor/grafana dashboards...(However, the compatibility is relatively lower, and the network/hardware/OS requirements are higher.)

This project utilizes Infrastructure as Code and GitOps to automate provisioning, operating, and updating self-hosted services in my homelab. It can be used as a highly customizable framework to build your own homelab.

What is a homelab?

Homelab is a laboratory at home where you can self-host, experiment with new technologies, practice for certifications, and so on. For more information, please see the r/homelab introduction and the Home Operations Discord community (formerly known as k8s-at-home).

Overview

Project status: ALPHA

This project is still in the experimental stage, and I don't use anything critical on it. Expect breaking changes that may require a complete redeployment. A proper upgrade path is planned for the stable release. More information can be found in the roadmap below.

Hardware

Hardware

  • 4 × Intel N100 Mini-hosts(3 x Jumper N100 Pro II + 1 x Cheshi N100):
    • CPU: Intel(R) N100
    • RAM: 16GB(Jumper) or 32GB(Cheshi)
    • SSD: 1TB
  • XikeStor SKS3200M-8GPY1XF switch:
    • Ports: 8+1
    • Speed: 8 x 2.5Gbps twisted pair ports and 1 x 10G fiber optic port

Features

  • VPN (Tailscale) Interconnection, Offsite Office, Home Office, Anytime, Anywhere Intranet Access
  • Common applications: Gitea, Jellyfin, Paperless...
  • Automated bare metal provisioning with PXE boot - netboot.xyz
  • Automated Kubernetes installation and management
  • Installing and managing applications using GitOps
  • Automatic rolling upgrade for OS and Kubernetes
  • Automatically update apps (with approval)
  • Modular architecture, easy to add or remove features/components
  • Automated certificate management (Tailscale HTTPS)
  • Automatically update DNS records for exposed services (Tailscale MagicDNS)
  • Expose services to the internet securely with Tailscale Funnel
  • CI/CD platform
  • Private container registry
  • Distributed storage
  • Support multiple environments (dev, prod)
  • Monitoring and alerting
  • Automated backup and restore
  • Single sign-on
  • Infrastructure testing

Some demo videos and screenshots are shown here. They can't capture all the project's features, but they are sufficient to get a concept of it.

🐾Notes

My own demo videos haven't been recorded yet.

Demo
Deploy with a single command (after updating the configuration files)
PXE boot
netboot.xyz
Tailscale Kubernetes Operator, VPN/Tunnel/DNS/HTTPS/Certs/...
Observe network traffic with Hubble, built on top of Cilium and eBPF
Homepage powered by... Homepage
Monitoring dashboard powered by Grafana
Git server powered by Gitea
Matrix chat server
Continuous integration with Woodpecker CI
Continuous deployment with ArgoCD
ntfy displaying received alerts
Self-hosted AI powered by Ollama (experimental, not very fast because I don't have a GPU)

Tech stack

Logo Name Description
Ansible Automate bare metal provisioning and configuration
Netboot.xyz Netboot your favorite operating systems in one place
ArgoCD GitOps tool built to deploy applications to Kubernetes
Tailscale HTTPS Certs Tailscale HTTPS Certificates
Cilium eBPF-based Networking, Observability and Security (CNI, LB, Network Policy, etc.)
Tailscale MagicDNS DNS
Tailscale Funnel Tunnel
Docker Ephemeral PXE server
Tailscale Kubernetes Operator Tailscale Kubernetes Operator lets you: K8s API Server Proxy; Ingress; Egress; DNS; Certs...
Ubuntu Server Base OS for Kubernetes nodes
Gitea Self-hosted Git service
Grafana Observability platform
Helm The package manager for Kubernetes
K3s Lightweight distribution of Kubernetes
Kanidm Modern and simple identity management platform
Kubernetes Container-orchestration system, the backbone of this project
Loki Log aggregation system
Nix Convenient development shell
ntfy Notification service to send notifications to your phone or desktop
Prometheus Systems monitoring and alerting toolkit
Renovate Automatically update dependencies
Rook Ceph Cloud-Native Storage for Kubernetes
Woodpecker CI Simple yet powerful CI/CD engine with great extensibility
Zot Registry Private container registry

Get Started

Roadmap

See roadmap and open issues for a list of proposed features and known issues.

Contributing

Any contributions you make are greatly appreciated.

Please see contributing guide for more information.

License

Copyright © 2020 - 2024 East4Ming

Distributed under the GPLv3 License. See license page or LICENSE.md file for more information.

Acknowledgements

References:

Here is a list of the contributors who have helped to improve this project. Big shout-out to them!

If you feel you're missing from this list, please feel free to add yourself in a PR.

Stargazers over time

Stargazers over time