__   ____          ___             __                 __                     ___   __  _
   / /__( __ )_____   / _/  ____ _____/ /   _____  ____  / /___  __________     /  /  / /_(_)___ ___  ___
  / //_/ __  / ___/  / /   / __ `/ __  / | / / _ \/ __ \/ __/ / / / ___/ _ \    / /  / __/ / __ `__ \/ _ \
 / ,< / /_/ (__  )  / /   / /_/ / /_/ /| |/ /  __/ / / / /_/ /_/ / /  /  __/   / /  / /_/ / / / / / /  __/
/_/|_|\____/____/  / /    \__,_/\__,_/ |___/\___/_/ /_/\__/\__,_/_/   \___/  _/ /   \__/_/_/ /_/ /_/\___/
                  /__/                                                      /__/

Welcome to the (Kubernetes) Humble Home Lab repo. The source of truth for my bare metal cluster running on Talos Linux.

The goal here is to deepen my understanding of k8s, become the GitOps mindset, and share what I learn along the way.

All of this is connected to a Ubiquiti network with VLANS configured for IoT, Management, DMZ, and Cameras.

Talos is an immutable, API driven operating system designed specifically for Kubernetes. Talos is configured declaritively and is a great choice for a GitOps driven workflow.

For me, a home lab about tinkering and learning. So I set off to learn Kubernetes with a goal to grow my skillset and have an infrastructure that allows me to scale and provide useful, locally hosted applications for my family.

Networking in my cluster is handled by Cilium.

I'm using Envoy Gateway to manage application traffic coming into the cluster.

To keep a pulse on the cluster, I'm using: Prometheus, Grafana, VictoriaLogs, Alertmanager, Gatus, and Fluentbit.

Persistent storage is provided by Rook-Ceph, utilizing the 1TB NVMe drives on each worker.

The backbone of this cluster is Flux CD — a GitOps controller that reconciles my entire Kubernetes state from a Git repository.

My ultimate goal is to have Flux and Renovate handle most of the deployments and updates to the cluster.

The core idea: Git is the single source of truth. Flux continuously compares what's in Git against what's running in the cluster, and corrects any difference — whether that's a new commit you pushed, or a "drift" caused by a manual change someone made directly on the cluster.

flowchart TD
    Dev["👩‍💻 You push YAML to Git"] --> Git[("📂 Git Repo
    Source of Truth")]
    Git -->|"Flux polls ~every 1 min"| Fetch["Flux fetches
    latest manifests"]
    Fetch --> Diff{"Cluster state = Git state?"}
    Diff -->|"✅ Already in sync"| Idle["Flux idles"]
    Idle -.->|"next poll"| Fetch
    Diff -->|"❌ Out of sync"| Apply["Flux applies manifests to Kubernetes"]
    Apply --> Cluster["☸️ Kubernetes creates / updates resources"]
    Cluster -->|"sync complete"| Diff
    Drift["⚠️ Someone manually changes the cluster"] -.->|"causes drift"| Diff

    classDef gitNode fill:#6e40c9,stroke:#4a2d8c,color:#fff
    classDef fluxNode fill:#326ce5,stroke:#1e4db3,color:#fff
    classDef k8sNode fill:#81D4FA,stroke:#0277BD,color:#000
    classDef devNode fill:#2ea44f,stroke:#1a7036,color:#fff
    classDef driftNode fill:#FFE082,stroke:#F57C00,color:#000

    class Git gitNode
    class Fetch,Diff,Idle fluxNode
    class Apply,Cluster k8sNode
    class Dev devNode
    class Drift driftNode

I made a Youtube video that gives a general overview of my configuration and the core components.

Special thanks to the most excellent onedr0p/cluster-template. It provides a clean, modern foundation for Talos + Flux-based clusters — and taught me how to organize manifests properly, use SOPS, and implement GitOps the right way.

If you're interested in this type of thing, I encourage you to build your own home lab. It doesn't have to be Kubernetes. Grab ANY old computer and see what you can deploy on it.

Embrace the process. It will be infuriating at times, blissful at others.

You'll build some really cool stuff along the way. And your brain waves will expand.