Starting a new Cloud/HomeLab blog at this domain - let me know if you want a contributor invite!

  • notfromhere@lemmy.ml
    link
    fedilink
    arrow-up
    2
    ·
    8 months ago

    I get what the author is talking about with losing trust in your services when they are unavailable. I have found that a Raspberry Pi 3/4 cluster running k3s utilizing NAS storage has very good uptime and honestly I think my internet service goes down more than my homelab services.

    • jaxOPMA
      link
      fedilink
      arrow-up
      2
      ·
      8 months ago

      Thanks! I find most of the issues occur during upgrades to services, but that is to be expected.

      My internet service is usually more of an issue than most services I run. Though some things take longer to get tweaked and running well and that can cause issues.

      • notfromhere@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        8 months ago

        Upgrades to services - that’s why I run dev namespaces and copy over my production shares to dev and utilize zfs snapshotting.

        I haven’t set up testing yet and only just started with prometheus monitoring but so far things run pretty well.

        • jaxOPMA
          link
          fedilink
          arrow-up
          2
          ·
          8 months ago

          Oh, dev namespaces are a good idea. Do you have a dev domain then too?

          • notfromhere@lemmy.ml
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            8 months ago

            I toyed with dev domain but ended up using namespace.tld and postfixing -dev to my namespace so it works out to service.tld and service-dev.tld.

            • jaxOPMA
              link
              fedilink
              arrow-up
              2
              ·
              8 months ago

              Ah okay that makes sense, you’re using the internal cluster domain to route to services

              • notfromhere@lemmy.ml
                link
                fedilink
                arrow-up
                1
                ·
                8 months ago

                I have automated traefik to route the traffic, it sets the dns and ingress route. I’m also doing as you suggested for service to service connections.

                • jaxOPMA
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  8 months ago

                  That makes sense!

                  Have you played with anything like Istio to secure in-cluster communications? I think Hashicorp Consul can do something similar to encrypt service to service communications.