As I wrote in part 1, not only the license of Nomad was changed, but also the license of Vault. But more than this license change, I'd like to have a secrets solution that's not yet another deployment to manage. Here's the solution I'm currently using. Nothing is set in stone, but for now, it works great.
Homelab migration from Nomad to Kubernetes - The reason behind the change
A few years ago I started using Nomad in my homelab. I've always liked Nomad, a lot. The simplicity of bootstrapping a cluster, the integrations with the entire Hashicorp suite, the ease of deploying new applications, ... But things have changed.
Add native Kubernetes health checks to SparkApplication CRD
The spark-operator is a convenient way to start managing Spark applications in a Kubernetes native way. It does however miss some basic functionalities, like adding livenessProbes to name something. Let's see how we can overcome these shortcomings quite easily.
Use Hashicorp Vault to generate tokens for the Kubernetes Dashboard
Deploying the Kubernetes Dashboard is quite easy. There's a Helm chart with good documentation. It gets harder when you want to limit the access to this dashboard. This post provides a way to setup readonly
access to the dashboard.
Mirror upstream container image to local registry - Revisited
In my previous blog post, I used skopeo
to mirror upstream images to my local Docker Registry. This worked well, as long as I didn't need multi-arch images. Some images, like for log collection, need to be run on multiple architectures in my homelab, so this became a blocking issue.