from Hacker News

My self-hosting infrastructure, fully automated

by rmbryan on 1/21/22, 10:52 PM with 222 comments

by khuedoan on 1/22/22, 2:56 AM
Repo owner here, I just created this account, I'm a long time HN lurker.
I was surprised to find this on Hacker News, I wanted to wait until the stable release before posting on HN, but thank you for posting :)
This project is still in alpha stage, but please feel free to critique; I'd appreciate it.
Edit 1: After reading some of the comments, I want to clarify a few things:
- Because it is currently in the alpha stage, I do not host anything important on it.
- This is also my learning environment, I use Kubernetes in my day job.
- Yes it is overkill ;)
Edit 2: Wording
by nyellin on 1/22/22, 9:47 AM
To everyone saying that Kubernetes is unnecessary, try implementing autoscaling, service discovery, secrets management, and autohealing in a vendor independent way without it.
Of course none of that is necessary for a self hosted home lab, but neither is gitops.
This is a very nice example of how to set stuff up properly.
OP, I would love to see Robusta (https://robusta.dev) as part of this too. It's definitely in line with your vision of automating everything, as it let's you automate the response to alerts and other events in your cluster. (Disclaimer: I'm one of the maintainers)
by simonw on 1/21/22, 11:38 PM
This is very cool!
Have you considered something like Tailscale so you can securely access it from outside your home? I've been thinking about spinning up my own home server that way, seeing as Tailscale makes it easy to securely access it from my phone when I'm out and about.
by candiddevmike on 1/22/22, 2:35 AM
I enjoy reading about homelabs that aren't using kubernetes or some other scheduler and how they're doing it/what the full stack looks like. This is just another "how I installed kubernetes" thing only without any real scale behind it. There are other ways to deploy and run things, and it takes people toying around with alternatives for something unique to spring up.
by extinctpotato on 1/22/22, 12:31 AM
This is a very good example of how you can save yourself the mental hurdle of remembering how to configure something etc.
I can only suspect how much time, trial and error this must've taken. This is my main issue with IaC. The concept really lends itself to any kind of modern infra, however I'm really put off by the sheer amount of time it takes me to whip out a bunch of Ansible playbooks and helper scripts, and on top of that make sure that all of them are idempotent.
Maybe I'm doing something wrong and this should be easy?
by erulabs on 1/22/22, 1:20 AM
Awesome! hajimari is neat, haven't seen that before. I'm building a startup that's trying to put a good chunk of this in a box for folks to buy and plug-n-play self-hosting (as much as that is possible). Since you're running k3s already, you might checkout our templates at https://kubesail.com/templates for more home-hosting apps :)
by goodpoint on 1/22/22, 12:39 AM
Deploying services is 1% of the work. Maintaining them, fixing bugs and bottlenecks is the real works.
And you cannot do when you deploy tools worth millions of lines of code.
Complexity matters. Those popular products make sense only if you have a 20 engineers is your team or you don't care about reliability.
by 616c on 1/22/22, 12:35 AM
Pretty sweet. I have been called a devops person by others around me (and I am hesitant to proudly identify as one) because this homelab is more impressive and modular than a lot of stuff I have seen colleagues and I put together for professional stuff.
Well done. I was not aware of the Cloudflare solution. Is this something someone can use, _with_ their Cloudflare Access offering, for personal dev/lab envs without breaking the bank?
by qbasic_forever on 1/22/22, 5:58 AM
Very cool, this is like a perfect little kubernetes development environment. The combo of tekton + gitea + k8s is really nice and just a shame it takes bodging all the lego pieces together manually right now. I wish there were a one click exe install like Docker for Desktop that gave people an entire environment like this on their desktop. Like a little private github but so much more powerful.
If you're looking for some nice stuff to develop on an environment like this, check out VS Code and Google's cloud code addon: https://marketplace.visualstudio.com/items?itemName=GoogleCl... It's not totally tied to their GCE cloud offerings and is actually just a VS Code integration of their Skaffold tool (a fantastic inner dev loop tool for k8s). It works great with minikube or any other k8s cluster, presumably this one too. You can very quickly get up and running with code in your IDE now running and debugging on your k8s environment.
by surfsvammel on 1/22/22, 9:46 AM
How much energy does this consume?
I have done some home lab going on over the years, and find that trying to do more on less W has been the most fun.
by comprev on 1/22/22, 11:47 AM
I use something very bare bones as the host OS, say Alpine, and install Docker with a handful of other tools for basic sysadmin tasks (curl, etc.).
For a single server deployment docker-compose is very useful.
by JamesAdir on 1/22/22, 7:06 PM
For people who self host with like setups or even simpler - how you guarantee network access? where I live internet might be shaky at times, and for that I can't access my home setup while away. How do you deal with that?
by AdrianoKF on 1/22/22, 11:25 AM
I recently wanted to give my current RPi4 home server a GitOps makeover, migrating services (Home Assistant, Nextcloud and others) to k3s in the process.
What has been an obstacle is the availability of officially maintained Docker images for some of the components I've been wanting to use - afaict neither Argo CD nor Rook have official armv7/aarch64 images (though it seems Argo will release one soon).
Until then, I'll hold off on that pet project until I get my hands on a reasonably priced x86 SFF PC (the ThinkCentre M700 Tiny from TFA looks interesting!).
by cyfex on 1/22/22, 8:09 AM
I always found the hurdle with self-hosting to be maintaining, not the initial setup. Things like upgrading, in order to keep getting security fixes, and verifying everything works after the upgrade, are what has taken the most effort and time in the past for me.
This looks like a great setup by the author, but difficult to maintain in the long run without significant time investment.
by akkartik on 1/22/22, 1:21 AM
The question I have whenever I see something like this is what the upgrade process looks like. How much time do you spend per month upgrading dependencies, how many mailing lists you're subscribed to, etc. When the log4j thing blew up, how long did it take you to gain confidence that you were no longer impacted?
by mikesabbagh on 1/22/22, 4:54 AM
it amazes me that hacker news run on a single node.
All this work is nice and beautiful, the problem will come when you try to update different components.
by gigel82 on 1/22/22, 1:27 AM
This needs a companion guide about how to set up the host machine. Which Linux distro to choose, how to set it up / harden it, nftables / firewall, public key login, etc.
If anyone has one handy, I'd appreciate a link.
by gorgoiler on 1/22/22, 2:02 PM
I wonder how the fan noise is on those M700s. These little Lenovo machines are very pleasant. My only wish with my M93 is that the temperature would stay below 50’C and keep it 100% silent.
by ianunruh on 1/23/22, 6:40 AM
It's sad to see so many people that are dismissive of this setup, because they have some preconceived notions about Kubernetes and other tooling that's used. What has happened to curiosity? Of course nothing about this is "necessary", but the fun is in trial and error. In my experience running Kubernetes in my homelab and colo, every issue has been a learning opportunity, and was usually because of my own mistakes.
by nodesocket on 1/22/22, 4:42 PM
What do you use to provision Kubernetes persistent volumes on bare metal? I’m looking at open-ebs (https://openebs.io/).
Also, when you bump the image tag in a git commit for a given helm chart, how does that get deployed? Is it automatic, or do you manually run helm upgrade commands?
by endofreach on 1/22/22, 9:03 PM
Now all we need is robots hooked into a Ci/CD pipeline that turn on computers and initiate the process. And a few more years to automate computer production, let the computers find bugs & optimize computers, and we have a full circle of life.
Good first version, i am excited for the beta!
by jaimex2 on 1/22/22, 9:09 AM
I miss LAMP :(
by turtlebits on 1/22/22, 12:31 AM
This is cool, but are you doing this as learning experience? For a homelab it seems severely overkill. I understand it all being self-hosted, but it could be drastically simpler if you adopt a few SaaS products (using free-tier)
by whalesalad on 1/22/22, 12:39 AM
Bravo, nice work! I am certainly going to use this as a model for my personal setup. Right now I have a few different hosts running different hypervisors, but would like to consolidate on kube and an iaas tool.
by mrslave on 1/22/22, 7:22 AM
I've been eyeing off OpenStack for sometime for a similar use case, but I must admit it is an uninformed opinion. What am I missing between the two solutions (OpenStack vs this specific custom solution)?
by Lamad123 on 1/22/22, 12:54 AM
I unaccidentally remembered Gilfoyle's famed "what do I do?!"
by unixhero on 1/22/22, 12:14 AM
Extremely impressive
by divbzero on 1/22/22, 2:01 AM
I was happy to see that this project describes self-hosting in the fullest sense, from hardware on up.
by throwaway894345 on 1/22/22, 1:08 AM
This is great. Would love to see something like this packaged as a “homelab cluster distro”!
by quocanh on 1/22/22, 12:05 AM
I love this!
Do you experiment with your tech stack? Swapping things in and out to see which apps are best?
by iamgopal on 1/22/22, 11:26 AM
Is there similar repo for SAAS apps ? Not too fancy, just Django and a db.
by ekianjo on 1/22/22, 2:11 AM
You don't need Kubernetes to do self-hosting. Completely overkill.
by josephd79 on 1/26/22, 2:48 PM
bookmarked. Really cool.
by kstenerud on 1/22/22, 8:21 AM
This is definitely cool, but it also highlights a huge problem we have with software nowadays.
There are 19 stacks in this repository. 19 pieces of software that require their own maintenance, JUST TO RUN YOUR APPLICATIONS! The amount of extra work required just to host the software that views your pictures, plays your videos, and allows chat with people is absolutely insane.
I'm not talking about this particular repo; it's just indicative of how complicated things have become that you must do the equivalent of building and maintaining your own operating system just to get even simple things done. And I belive that it's unnecessarily complicated (once again, not this repo, but rather the state of affairs in general). We're at an inflection point in the industry, and haven't come out the other side yet.
by walrus01 on 1/22/22, 1:53 AM
my main objection to this is choosing host machines that don't meet the criteria of anything like serious server-grade hardware.
if this is for a home lab where any one of the services run on it are not actually going to affect you if it goes belly up? or the whole host machine? sure, okay, but that's self hosting a home lab, not self-hosting actual infrastructure...
clearly the hardware shown in the image is meant to be small, not noisy, and not take up a lot of space, and operate in somebody's house.
but the people I know who seriously self host all their stuff have it on something like a few old Dell R620 1U servers with 1+1 dual hot swap power supplies, RAID-1 for the operating system boot, RAID-1 or RAID-6 (or something like mdadm raid6) for storage drives (again all hot swap capable), etc.
note that I am not talking about a lot of money here, you can buy the hardware I described in the preceding paragraph for $300 on eBay and then add your own choice of SSDs.
and not in a house, but in something like a small to medium sized ISP's colocation environment, with UPS, generator backed power, etc. also attached to network equipment and a DIA circuit that's considerably more serious than a tp-link unmanaged switch attached to a residential internet service.