EU infrastructure update: experimenting with Kubernetes

Message ID
DKIM signature
Download raw message
Hi all,

we'd like to provide some transparency around our work in the new EU 
data-center. The gist is: before we start running production services 
there, we'd like to use this chance for some experiments on how we want 
our future infrastructure to look like. One of those experiments is 
trying out Kubernetes.

Kubernetes is known for its complexity, and SourceHut is known for 
valuing simplicity, so what's going on here? Two things, mainly:

First, even though we strive to keep things simple, running sr.ht as a 
whole already comes with some complexity. We already have several 
services, many with multiple components. Some services depend on others. 
There are shared components. Let's face it: spinning up a _complete_ 
sr.ht environment, e.g. for testing, is already a complex task. The 
promise of Kubernetes is to make these things easier. We of course know 
that it won't be "simple", but we'd like to drink the Kool-Aid once and 
see what our infra would look like on Kubernetes, and what that might 
enable for our operations. Now is our chance to do that.

Second, you can run Kubernetes in various ways, some more complex than 
others. We have now deployed a first iteration of a bare-metal cluster 
in the EU DC. It runs all components from packages in the Alpine testing 
repository. Only the ingress controller is (for now) run as a container. 
At our scale, we can well do without any fancy networking plugins or a 
service mesh.

And so, if you are interested, I invite you to take a look at our setup. 
With complete disregard for presentability, I recorded all commands that 
I ran in a bunch of hideous Makefiles. But if you read through the 
README and follow the links in there you just might be able to make 
sense of it ;)


NOTE: we do not yet have any sr.ht services running there, so we do not 
have any Dockerfiles or service definitions to share. We'll post updates 
as things progress.

As always, we're happy to receive any feedback, and I'll try to answer 
questions on a best effort basis if you have any.

Happy hacking,
Reply to thread Export thread (mbox)