Introduction

Warning

These docs contain information that relates to my setup. They may or may not work for you.

Lovenet Home Operations Repository

Managed by Flux, Renovate and GitHub Actions 🤖

Kubernetes Cluster Information:

Overview

This is the configuration for my GitOps homelab Kubernetes cluster. This cluster runs home software services for my residence. It is quite complex and there are a lot of interdependencies but the declarative nature of GitOps allows me to manage this mesh of code. The software services fall into a few primary categories:

Home Automation (Home Assistant, ESPHome, Node-Red, EMQX, ZWave JS UI, Zigbee2MQTT)
Home Metering and Monitoring (Weather Station, Power Monitoring, Sensors)
Home Security (Frigate, Double Take)
IOT Devices (WLED, Ratgdo)

Core Components

Infrastructure

CentOS 9 Stream: Kubernetes Node Operating System.
crun: Container Runtime implemented in C.
nVIDIA Container Toolkit: Container Runtime for nVIDIA GPUs.

Networking

cilium: Kubernetes Container Network Interface (CNI).
cert-manager: Creates SSL certificates for services in my Kubernetes cluster.
external-dns: Automatically manages DNS records from my cluster in a cloud DNS provider.
ingress-nginx: Ingress controller to expose HTTP traffic to pods over DNS.
Cloudflared: Cloudflare tunnel client.

Storage

Rook-Ceph: Distributed block storage for peristent storage..
Minio: S3 Compatible Storage Interface.
Longhorn: Cloud native distributed block storage for Kubernetes.
NFS: NFS storage.

GitOps

Flux2: Declarative Cluster GitOps
actions-runner-controller: Self-hosted Github runners.
sops: Managed secrets for Kubernetes which are commited to Git.
Rennovate: Automated Cluster Management.

⚙️ Configuration

⚙️ Hardware

Hostname	Device	CPU	RAM	OS	Role	Storage	IOT	Network
master1	Intel NUC7PJYH	4	8 GB	CentOS 9	k8s Master
master2	VM on beast	3	8 GB	CentOS 9	k8s Master
master3	VM on beast	3	8 GB	CentOS 9	k8s Master
worker1	ThinkCentre M910x	8	32 GB	CentOS 9	k8s Worker	longhorn NVMe	Z-Stick 7	iot/sec-vlan
worker2	ThinkCentre M910x	8	32 GB	CentOS 9	k8s Worker	longhorn NVMe		iot/sec-vlan
worker3	ThinkCentre M910x	8	32 GB	CentOS 9	k8s Worker	longhorn NVMe, ceph osd	Sonoff	iot/sec-vlan
worker4	ThinkCentre M910x	8	32 GB	CentOS 9	k8s Worker	longhorn NVMe	Coral USB	iot/sec-vlan
worker5	VM on beast	10	24 GB	CentOS 9	k8s Worker	longhorn NVMe, ceph osd		iot/sec-vlan
worker6	VM on beast	10	24 GB	CentOS 9	k8s Worker	longhorn NVMe, ceph osd	skyconnect	iot/sec-vlan
worker7	VM on beast	10	24 GB	CentOS 9	k8s Worker	longhorn NVMe, ceph osd		iot/sec-vlan
worker8	VM on beast	10	48 GB	CentOS 9	k8s Worker	longhorn NVMe, ceph osd	nVIDIA P40	iot/sec-vlan

Network

Click to see a high level physical network diagram

Name	CIDR	VLAN	Notes
Management VLAN			TBD
Default	`192.168.0.0/16`	0
IOT VLAN	`10.10.20.1/24`	20
Guest VLAN	`10.10.30.1/24`	30
Security VLAN	`10.10.40.1/24`	40
Kubernetes Pod Subnet (Cilium)	`10.42.0.0/16`	N/A
Kubernetes Services Subnet (Cilium)	`10.43.0.0/16`	N/A
Kubernetes LB Range (CiliumLoadBalancerIPPool)	`10.45.0.1/24`	N/A

☁️ Cloud Dependencies

Service	Use	Cost
1Password	Secrets with External Secrets	~$65 (1 Year)
Cloudflare	Domain	Free
GitHub	Hosting this repository and continuous integration/deployments	Free
Mailgun	Email hosting	Free (Flex Plan)
Pushover	Kubernetes Alerts and application notifications	$10 (One Time)
Frigate Plus	Model training services for Frigate NVR	$50 (1 Year)
		Total: ~$9.60/mo

Noteworthy Documentation

Initialization and Teardown Github Webhook Limits and Requests Philosophy Debugging

Home-Ops Search

@whazor created this website as a creative way to search Helm Releases across GitHub. You may use it as a means to get ideas on how to configure an applications' Helm values.