CODEX

Image for post
Image for post
Photo by Philipp Katzenberger on Unsplash

The technical landscape recently has been all about security and the protection of data. You will have noticed that most websites now run solely over HTTPS. But did you know that people can still track what you do by looking at your DNS queries? Today we take a look at what DNS over HTTPS is, why you need it, and how you can set it up.

What is DoH?

DoH leverages the same encryption afforded to data transfer between you and websites which…


CODEX

Image for post
Image for post
Photo by Miłosz Klinowski on Unsplash

With a fully working k3s cluster at our disposal, and access to dashboards of its contents we need to consider locking access down, especially when we want to deploy other (potentially insecure) apps to our cluster.

Part 1: Introduction
Part 2: The Foundations
Part 3: Storage
Part 4: Monitoring
Part 5: Security

The Problem

Everything we have deployed up to date is readily accessible to anyone with the URL. This isn’t so bad if it’s only on your local network (let’s ignore the fact that people can gain access to your local network for now), but as soon as you expose it…


CODEX

Image for post
Image for post
Photo by Ibrahim Boran on Unsplash

With the previous articles in this series, you will have created a 3 node k3s cluster running on RPis. But how do you know it's working? How do you know that a node is struggling? Or even worse, down? Monitoring has been crucial for the health of my cluster pointing out the pain points where improvements were needed. Today I will work through how I did it so you can follow along with your own cluster

Part 1: Introduction
Part 2: The Foundations
Part 3: Storage
Part 4: Monitoring
Part 5: Security

Node-Exporter

The first critical piece of the puzzle is…


CODEX

Image for post
Image for post
Photo by Harrison Broadbent on Unsplash

With a great cluster, capabilities come great storage requirements. But how do we cater for them? I wanted to keep ownership of my own data, so cloud storage was immediately out. Having a fancy NAS setup was out too due to costs. That left me with a very limited number of options.

Part 1: Introduction
Part 2: The Foundations
Part 3: Storage
Part 4: Monitoring
Part 5: Security

Local Path Storage

K3s ships with local path storage capability. This means that the persistent volume will be stored locally on the node for which it is deployed. This can obviously lead to some unexpected…


CODEX

Image for post
Image for post
Photo by Louis Reed on Unsplash

In my previous article, I gave you the lowdown of what is in my cluster. Now, let's take a look at what it took to get it in place.

Part 1: Introduction
Part 2: The Foundations
Part 3: Storage
Part 4: Monitoring
Part 5: Security

Hardware

I am running a cluster of 3 RPis — 1 Pi4 and 2 Pi 3B+s. Each of those is connected individually to a power supply and a switch. I don’t have any fancy PoE hats, although that would be a very good improvement for my setup. One key thing to mention at this point is…


CODEX

Image for post
Image for post
Photo by Harrison Broadbent on Unsplash

I like to think of myself as a bit of a tinkerer. I’m willing to be my own sysadmin, more than happy to learn and to put the time in to really understand how things are working together. I have had my home setup running on a small RPi cluster for a few years now, and the setup has been constantly evolving. Now, I’m finally in a position where everything seems to be managing itself, with a degree of self-healing. I’m going to share the core components with you today.

I am going to be writing a series of posts…

Scott Jones

Home automation enthusiast. Self titled k8s Guru. RPi cluster god

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store