CODEX
The technical landscape recently has been all about security and the protection of data. You will have noticed that most websites now run solely over HTTPS. But did you know that people can still track what you do by looking at your DNS queries? Today we take a look at what DNS over HTTPS is, why you need it, and how you can set it up.
What is DoH?
DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol (Wikipedia)
DoH leverages the same encryption afforded to data transfer between you and websites which…
CODEX
With a fully working k3s cluster at our disposal, and access to dashboards of its contents we need to consider locking access down, especially when we want to deploy other (potentially insecure) apps to our cluster.
Part 1: Introduction
Part 2: The Foundations
Part 3: Storage
Part 4: Monitoring
Part 5: Security
The Problem
Everything we have deployed up to date is readily accessible to anyone with the URL. This isn’t so bad if it’s only on your local network (let’s ignore the fact that people can gain access to your local network for now), but as soon as you expose it…
CODEX
With the previous articles in this series, you will have created a 3 node k3s cluster running on RPis. But how do you know it's working? How do you know that a node is struggling? Or even worse, down? Monitoring has been crucial for the health of my cluster pointing out the pain points where improvements were needed. Today I will work through how I did it so you can follow along with your own cluster
Part 1: Introduction
Part 2: The Foundations
Part 3: Storage
Part 4: Monitoring
Part 5: Security
Node-Exporter
CODEX
With a great cluster, capabilities come great storage requirements. But how do we cater for them? I wanted to keep ownership of my own data, so cloud storage was immediately out. Having a fancy NAS setup was out too due to costs. That left me with a very limited number of options.
Part 1: Introduction
Part 2: The Foundations
Part 3: Storage
Part 4: Monitoring
Part 5: Security
Local Path Storage
K3s ships with local path storage capability. This means that the persistent volume will be stored locally on the node for which it is deployed. This can obviously lead to some unexpected…
CODEX
In my previous article, I gave you the lowdown of what is in my cluster. Now, let's take a look at what it took to get it in place.
Part 1: Introduction
Part 2: The Foundations
Part 3: Storage
Part 4: Monitoring
Part 5: Security
Hardware
I am running a cluster of 3 RPis — 1 Pi4 and 2 Pi 3B+s. Each of those is connected individually to a power supply and a switch. I don’t have any fancy PoE hats, although that would be a very good improvement for my setup. One key thing to mention at this point is…
CODEX
I like to think of myself as a bit of a tinkerer. I’m willing to be my own sysadmin, more than happy to learn and to put the time in to really understand how things are working together. I have had my home setup running on a small RPi cluster for a few years now, and the setup has been constantly evolving. Now, I’m finally in a position where everything seems to be managing itself, with a degree of self-healing. I’m going to share the core components with you today.
I am going to be writing a series of posts…
Scott Jones
Home automation enthusiast. Self titled k8s Guru. RPi cluster god
