Cloudflare Tunnel Operator: Architecture

Quick Look Repository: Stats: Initial Approach: Ingress Controller I started out with a simple goal in mind that expanded a lot as I proceeded to code it. I wanted to build an Ingress Controller that does just one thing. It should read the annotations from my Ingress Resources, look at the ConfigMap and the target domain and modify the ConfigMap to add the target domain to it....

January 21, 2022 · 4 min · Adyanth H

Building a Kubernetes Operator: Why and How

Motivation The one source of trouble I have with Cloudflare Tunnels is that I cannot have a wildcard or a dynamic way to add and remove services. I needed to SSH into the server, edit the configuration file by hand and restart the service. Not done yet, I needed to copy the configuration changes and make the same on the other redundant server running on a backup ISP link. Still not done, I needed to add an entry on the Cloudflare Dashboard CNAMEing the hostname to the tunnel’s domain....

January 21, 2022 · 5 min · Adyanth H

Migration from Compose to Kubernetes

Background If you have read my previous posts, I actively deploy and maintain multiple services for personal use, running from my home, accessible securely from the internet. I use docker-compose to keep all the 40+ services running smoothly. It works fine but is not a perfect way. If one of the containers goes down and becomes unhealthy, I would not know until I tried to access the service, but it was not....

January 20, 2022 · 2 min · Adyanth H

Redundancy for DNS: Keepalived + Gravity Sync

Requirement for High Availability In the previous post , I talked about how I use Pi-hole for my DNS resolution. DNS is the core component for the internet to work, so if I were to be patching or rebooting the host running Pi-hole, no devices in my home network would be able to use the internet. A simple fix would be to run two separate hosts with Pi-hole, like another Raspberry Pi Zero....

December 19, 2021 · 5 min · Adyanth H

Pi-hole – Network-wide protection

What is Pi-hole? Pi-hole is a DNS sinkhole, used as a network-wide DNS level ad and malware blocker that works with domain blocklists and enforces it. The idea here is simple, you point it to blocklists that are available on the internet (it comes with one pre-enabled), and it takes care of preventing any of your devices from trying to reach those domains. Common examples are activity tracking websites and malware domains that should never be contacted....

December 12, 2021 · 3 min · Adyanth H