khuedoan-homelab/docs/milestones.md
Khue Doan ad5e8cef86 Use VM instead of container for Kubernetes node
Squashed commit of the following:

commit 421e849664810ae41e493049edcc1ac2846ca6fc
Author: Khue Doan <khuedoan98@gmail.com>
Date:   Mon Apr 26 22:09:35 2021 +0700

    Move k8s nodes to LXD virtual machines instead of containers

    Avoid kernel issue and improve security (not using privileged containers)

commit 0ce297d0aee30e2253cd69c4ac93f21cf637f25a
Author: Khue Doan <khuedoan98@gmail.com>
Date:   Mon Apr 26 21:25:11 2021 +0700

    Adjust priority
2021-04-26 22:24:11 +07:00

2.1 KiB

Milestones

  • 0.0.1-alpha:
    • Bare metal provisioning with PXE
    • LXD cluster
    • Terraform state backend (etcd)
    • RKE cluster
    • Core services (Vault, Gitea, DroneCI, ArgoCD,...)
    • Public services to the internet (via port forwarding or Cloudflare Tunnel)
  • 0.0.2-alpha:
    • VPN (Wireguard)
    • Access the lab from the internet via VPN
    • Container registry (just pull through cache for faster cluster build time)
  • 0.1.0-beta:
    • Easy initial controller setup (with only Docker or Vagrant)
    • Fast metal image preparation
    • Mount metal image without sudo (7zip?)
    • Automated metal secrets generation and management
    • Automated ./infra authentication from ./metal (Terraform backend and provider)
    • Metal node automatic patching
    • Seperate network
    • Local DNS (PiHole?)
    • Jump box (or HashiCorp Boundary?)
    • Habor (private container registry for new applications)
    • Self managed infrastucture
    • Mirror all git repositories from GitHub automatically (with git hook for faster sync?)
    • Monitoring and alerting
    • Addition services (NextCloud, PeerTube, mailcow, Mattermost/Rocket Chat,...)
    • Dashboard for services
    • SSO
    • Backup solution (3 copies, 2 seperate devices, 1 offsite)
    • Automatic release
  • 1.0.0:
    • 100% automated (including backups and secrets management, double check with a full rebuild)
    • Backup encrytion
    • Secure by default
    • DRY
    • Complete documentation and architecture diagram (automated update if possible)
  • 1.0.1:
    • Bug fixes (TBD)
  • 1.1.0:
    • Addition services (TBD)
  • Backlog:
    • Automated testing
    • Security review/audit
    • Migrate to RKE2 (new Terraform provider for RKE2 is not release yet)
    • HA for everything
    • Production ready LXD https://github.com/lxc/lxd/blob/master/doc/production-setup.md
    • Cross platform inital controller support (Linux, macOS, Windows)
    • Walkthrough building tutorial and feature demo