High-availability Kubernetes cluster deployed with kubeadm and managed declaratively through GitOps.
This repository serves as the source of truth for my private Kubernetes cluster.
Cluster provisioning and lifecycle management are handled using a custom Ansible playbook kubernetes-ansible.
Flux CD deploys all manifests and configurations stored in Git to the Kubernetes cluster.
Renovate is configured to automatically check and update all dependencies and Helm charts in the repository.
A high-level overview of the repository layout:
📁 k8s-gitops
├── 📁 apps # applications
├── 📁 cluster # Flux configuration
│ ├── 📁 kustomizations # Flux Kustomization objects for applications
│ ├── 📁 flux-system # Flux bootstrap components (GitOps controllers)
│ ├── 📁 helmrepositories # Helm repositories definitions for applications
│ └── 📁 notifications # Notification configurations
└── 📁 crds # crds- .github directory contains GitHub related files
- Each application lives in its own directory under
apps/and is managed by a Flux Kustomization object located incluster/kustomizations. - This setup allows each application to be reconciled independently, so deleting or updating one app does not affect the others.
- Exceptions occur when an application depends on another; in such cases, dependencies are explicitly specified in the Kustomization configuration.
Secrets are encrypted using SOPS with age keys, allowing safe storage directly in Git and secure collaboration.
| Device | Num | OS Disk Size | Data Disk Size | Ram | OS | Role |
|---|---|---|---|---|---|---|
| HP EliteDesk 800 G4 | 3 | 256GB Samsung NVMe | - | 16GB | Debian 13 | Kubernetes Control Plane |
| Minisforum MS-01 | 3 | 1TB Samsung NVMe 990 Pro | 4TB Samsung NVMe 990 Pro | 64GB | Debian 13 | Kubernetes Worker Nodes |
| Minisforum N5 Pro | 1 | 1TB Samsung NVMe 990 Pro | 5x22TB Seagate Exos X22 | 64GB | TrueNAS Core | NAS |
| Raspberry Pi 5 | 1 | 1TB Samsung NVMe 980 Pro | - | 16GB | Debian 12 | Toolbox / Ready to break |
Note: Hardware was purchased before the AI-driven price explosion
This cluster is built and operated by a single person and is tailored to my personal needs and learning goals.
The primary objective of this project is learning and experimentation. While the configuration works for my environment, it may not be suitable for yours.
If you plan to build something similar:
- Do not blindly copy & paste
- Take time to understand what each component does
- Adapt ideas to your own requirements and constraints
Getting inspired by how others design and operate their infrastructure is always valid — just make sure you understand why things are done a certain way before adopting them.