I have build a k8s cluster 3 years ago, with tinc connect nodes in different location(cloud and home). Concept proved, it was tear down afterward.
Today I am going to put it in a long run, to put all my public service on k8s and make cloud provider switch easy.
After 3 years, k8s ecosystem is much mature, and many thing have improved.
Microk8s can be installed by snap, and tinc is replaced by wireguard.
When there is multiple NICs, k8s will use the default route interface(eth0), here is the fix.
vi /var/snap/microk8s/current/args/kube-apiserver --advertise-address=<MASTER IP> vi /var/snap/microk8s/current/args/etcd --advertise-client-urls=https://<MASTER IP>:12379 # microk8s.stop # microk8s.start
vi /var/snap/microk8s/current/args/flanneld --iface="wg0" #systemctl restart snap.microk8s.daemon-flanneld.service
Now the cluster is ready.
Then create a ghost deployment, copy all my blog data here(much more to say later).
Setup a haproxy ingress controller, and add a ingress resource point to blog service(much simpler than modify conf file).
Use cert-manager to setup letsencrypt, not cron anymore!
Now what you see here is served from my home servers.