Mika<p>I've just merged a huge PR to my <a href="https://sakurajima.social/tags/Orked" rel="nofollow noopener noreferrer" target="_blank">#Orked</a> (O-tomated RKE Distribution - GREAT NAME I KNOW) that makes it easier than ever for anyone to set up a production-ready <a href="https://sakurajima.social/tags/RKE2" rel="nofollow noopener noreferrer" target="_blank">#RKE2</a> <a href="https://sakurajima.social/tags/Kubernetes" rel="nofollow noopener noreferrer" target="_blank">#Kubernetes</a> cluster in their <a href="https://sakurajima.social/tags/homelab" rel="nofollow noopener noreferrer" target="_blank">#homelab</a><span>.<br><br>With this collection of scripts, all you need to do is just provision the nodes required, including a login/management node, and run the scripts right from the login node to configure all of the other nodes to make up the cluster. This setup includes:<br><br>- Configuring the Login node with any required or essential dependencies (such as </span><a href="https://sakurajima.social/tags/Helm" rel="nofollow noopener noreferrer" target="_blank">#Helm</a>, <a href="https://sakurajima.social/tags/Docker" rel="nofollow noopener noreferrer" target="_blank">#Docker</a>, <a href="https://sakurajima.social/tags/k9s" rel="nofollow noopener noreferrer" target="_blank">#k9s</a>, <a href="https://sakurajima.social/tags/kubens" rel="nofollow noopener noreferrer" target="_blank">#kubens</a>, <a href="https://sakurajima.social/tags/kubectx" rel="nofollow noopener noreferrer" target="_blank">#kubectx</a><span>, etc.)<br><br>- Setup passwordless </span><a href="https://sakurajima.social/tags/SSH" rel="nofollow noopener noreferrer" target="_blank">#SSH</a><span> access from the Login node to the rest of the Kubernetes nodes<br><br>- Update the </span><code>hosts</code><span> file for strictly necessary name resolution on the Login node and between the Kubernetes nodes<br><br>- Necessary, best practice configurations for all of the Kubernetes nodes including networking configuration, disabling unnecessary services, disabling swap, loading required modules, etc.<br><br>- Installation and configuration of RKE2 on all the Kubernetes nodes and joining them together as a cluster<br><br>- Installation and configuration of </span><a href="https://sakurajima.social/tags/Longhorn" rel="nofollow noopener noreferrer" target="_blank">#Longhorn</a><span> storage, including formatting/configuring their virtual disks on the Worker nodes<br><br>- Deployment and configuration of </span><a href="https://sakurajima.social/tags/MetalLB" rel="nofollow noopener noreferrer" target="_blank">#MetalLB</a><span> as the cluster's load-balancer<br><br>- Deployment and configuration of </span><a href="https://sakurajima.social/tags/Ingress" rel="nofollow noopener noreferrer" target="_blank">#Ingress</a> <a href="https://sakurajima.social/tags/NGINX" rel="nofollow noopener noreferrer" target="_blank">#NGINX</a><span> as the ingress controller and reverse proxy for the cluster - this helps manage external access to the services in the cluster<br><br>- Setup and configuration of </span><a href="https://sakurajima.social/tags/cert-manager" rel="nofollow noopener noreferrer" target="_blank">#cert-manager</a> to obtain and renew <a href="https://sakurajima.social/tags/LetsEncrypt" rel="nofollow noopener noreferrer" target="_blank">#LetsEncrypt</a> certs automatically - supports both <a href="https://sakurajima.social/tags/DNS" rel="nofollow noopener noreferrer" target="_blank">#DNS</a> and HTTP validation with <a href="https://sakurajima.social/tags/Cloudflare" rel="nofollow noopener noreferrer" target="_blank">#Cloudflare</a><span><br><br>- Installation and configuration of </span><a href="https://sakurajima.social/tags/csi-driver-smb" rel="nofollow noopener noreferrer" target="_blank">#csi-driver-smb</a><span> which adds support for integrating your external SMB storage to the Kubernetes cluster<br><br>Besides these, there are also some other </span><i>helper</i> scripts to make certain related tasks easy such as a script to set a unique static IP address and hostname, and another to toggle <a href="https://sakurajima.social/tags/SELinux" rel="nofollow noopener noreferrer" target="_blank">#SELinux</a><span> enforcement to on or off - should you need to turn it off (temporarily).<br><br>If you already have an existing RKE2 cluster, there's a step-by-step guide on how you could use it to easily configure and join additional nodes to your cluster if you're planning on expanding.<br><br>Orked currently expects and supports </span><a href="https://sakurajima.social/tags/RockyLinux" rel="nofollow noopener noreferrer" target="_blank">#RockyLinux</a> 8+ (should also support any other <a href="https://sakurajima.social/tags/RHEL" rel="nofollow noopener noreferrer" target="_blank">#RHEL</a> distros such as <a href="https://sakurajima.social/tags/AlmaLinux" rel="nofollow noopener noreferrer" target="_blank">#AlmaLinux</a>), but I am planning to improve the project over time by adding more <a href="https://sakurajima.social/tags/Linux" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> distros, <a href="https://sakurajima.social/tags/IPv6" rel="nofollow noopener noreferrer" target="_blank">#IPv6</a> support, and possibly even <a href="https://sakurajima.social/tags/K3s" rel="nofollow noopener noreferrer" target="_blank">#K3s</a> for a more lightweight <a href="https://sakurajima.social/tags/RaspberryPi" rel="nofollow noopener noreferrer" target="_blank">#RaspberryPi</a><span> cluster for example.<br><br>I've used this exact setup to deploy and manage vital services to hundreds of unique clients/organisations that I've become </span><i>obsessed</i><span> with sharing it to everyone and making it easier to get started. If this is something that interests you, feel free to check it out!<br><br>If you're wondering what to deploy on a Kubernetes cluster - feel free to also check out my </span><a href="https://sakurajima.social/tags/mika" rel="nofollow noopener noreferrer" target="_blank">#mika</a> helm chart repo 🥳<span><br><br></span>🔗 <a href="https://github.com/irfanhakim-as/orked" rel="nofollow noopener noreferrer" target="_blank">https://github.com/irfanhakim-as/orked</a><span><br><br></span>🔗 <a href="https://github.com/irfanhakim-as/charts" rel="nofollow noopener noreferrer" target="_blank">https://github.com/irfanhakim-as/charts</a></p>