What’s happening?!

It’s time! Time to migrate my cluster to something even more exciting! I’ve got a couple new nodes, I’ve got some motivation, and some time on my hands!

Following the k8s@home template cluster, I’m going to be migrating my cluster to a public format so that it’s viewable online, and also secure!

We’ll be migrating my app deployments from my personal cluster, which I had running on a Hades Canyon NUC, to 3 nodes:

  • Dell PowerEdge R720 (Worker Node)
  • Cisco UCS C220 M3 (Worker Node)
  • Hades Canyon NUC (Control Node)

I’ll be adding content from the k8s@Home readme below for their template cluster, so you can see what we’ll be doing! I’ll be following this initially to a T, so this is accurate!


๐Ÿ’ปย  Systems

  • One or more nodes with a fresh install of Ubuntu Server 20.04. These nodes can be bare metal or VMs.
  • A Cloudflare account with a domain, this will be managed by Terraform.
  • Some experience in debugging problems and a positive attitude ;)

๐Ÿ”งย  Tools

๐Ÿ“ You should install the below CLI tools on your workstation. Make sure you pull in the latest versions.


ansiblePreparing Ubuntu for Kubernetes and installing k3s
direnvExports env vars based on present working directory
fluxOperator that manages your k8s cluster based on your Git repository
ageA simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
go-taskA task runner / simpler Make alternative written in Go
ipcalcUsed to verify settings in the configure script
jqUsed to verify settings in the configure script
kubectlAllows you to run commands against Kubernetes clusters
sopsEncrypts k8s secrets with Age
terraformPrepare a Cloudflare domain to be used with the cluster


helmManage Kubernetes applications
kustomizeTemplate-free way to customize application configuration
pre-commitRuns checks pre git commit
gitleaksScan git repos (or files) for secrets
prettierPrettier is an opinionated code formatter.

โš ๏ธย  pre-commit

It is advisable to install pre-commit and the pre-commit hooks that come with this repository. sops-pre-commit and gitleaks will check to make sure you are not by accident committing your secrets un-encrypted.

After pre-commit is installed on your machine run:

task pre-commit:init

Remember to run this on each new clone of the repository for it to have effect.

Commands are of interest, for learning purposes:

This command makes it so pre-commit runs on git commit, and also installs environments per the config file.

pre-commit install --install-hooks

This command checks for new versions of hooks, though it will occasionally make mistakes, so verify its results.

pre-commit autoupdate

Let’s go!

For the rest of the initial setup, I’m following the README.md on k8s@home’s Template Cluster. Feel free to follow along!

The next post will be about my infrastructure-specific setup, as well as getting everything up and running!