Hi! I’m starting out with self-hosting. I was setting up Grafana for system monitoring of my mini-PC. However, I ran into issue of keeping credentials secure in my Docker Compose file. I ended up using Docker Swarm since it was the path of least resistance. I’ve managed to set up Grafana/Prometheus/Node stack and it’s working well.

However, before continuing with Docker Swarm, I want to check if this is a good idea or will I potentially dig myself into a corner? Some of the options I’ve found while searching:

  • Continue with Docker Swarm and look into automation of stack/swarm in future

    • Ansible playbook has plugins for Docker Swarm.

  • Self-hosted vault: I want to avoid hosting my own secret/password manager at the moment.

  • Kubernetes (k8s / k3s) - I don’t wanna 😭

    • More seriously, I’m actually learning this for work but don’t see the point of implementing it at home. The extra overhead doesn’t seem worth it for a single node cluster.

  • Live dangerously - Store crdentials in plaintext. Also use admin as password for everything

Edit: Most of the services I’m planning on hosting will likely be a single replica service.

  • farcaller@fstab.shEnglish
    0·
    5 months ago

    I run k3s in my homelab as a single node cluster. I’m very familiar with kubernetes in general, so it’s just easier for me to reason with a control plane.

    Some of the benefits I find useful:

    • ArgoCD set to fire and forget will automatically update software versions as they happen. I use nix to lower the burden of maintaining my chart forks. Sometimes they break, but
    • VictoriaMetrics easily collects all the metrics from everything in the cluster with very little manual tinkering, so I am notified when things break, and
    • zfs-localpv provides in-cluster management for data snapshots, so when things do break I can easily roll back to a known good state.

    k3s is, of course, a memory hog, I’d estimate it and cilium (my CNS of choice) eat up about 2Gb ram and a bit under one core. It’s something you can tune to some extent, though. But then, I can easily do pod routing via VPN and create services that will automatically get a public IP from my endless IPv6 pool and get that address assigned a DNS name in like 10 lines of Yaml.

  • Decronym@lemmy.decronym.xyzBEnglish
    0·
    5 months ago

    Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

    Fewer Letters More Letters
    DNS Domain Name Service/System
    Git Popular version control system, primarily for code
    IP Internet Protocol
    NAS Network-Attached Storage
    NFS Network File System, a Unix-based file-sharing protocol known for performance and efficiency
    SMB Server Message Block protocol for file and printer sharing; Windows-native
    VPN Virtual Private Network
    k8s Kubernetes container management package

    8 acronyms in this thread; the most compressed thread commented on today has 13 acronyms.

    [Thread #834 for this sub, first seen 27th Jun 2024, 04:45] [FAQ] [Full list] [Contact] [Source code]

  • Matt The Horwood@lemmy.horwood.cloudEnglish
    0·
    5 months ago

    I use swarm in my home lab, I don’t have any docker things at work so Kubernetes is way more then I want to manage.

    All my stacks are in a git repo, I have an ansible playbook to update them if needed. I also have most things tracked on new releases (https://newreleases.io/) so I know when something needs an update, then I can either update the git repo by hand or use ansible.

    Also have a look at docker contexts, you can manage your swarm from a remote location.

  • phillipgreenii@lemmy.worldEnglish
    0·
    5 months ago

    My personal experience with swarm has been terrible. I would not recommend it for anyone. For me it is full of foot-guns. I found it difficult to debug when things go wacky. The last time I checked, the project was dead, but it feels like it. It doesn’t seem to be many people using it, because I find it difficult finding answers. In addition, there was a docker swarm python script originally, but then it was kinda/sorta implemented into docker itself. They work similarly, but not the same. I often got hung up following directions from the wrong one. I’m in the middle of migrating to k3s and nix.

    Others have talked about a good experience with it, but that wasn’t my story. Is docker and docker compose work for you, then stick with it. If you want something more, I would recommend looking at k3s before jumping into docker swarm.

    On additional note, I have multiple nodes, which is why I went to docker swarm instead of sticking with docker compose. Having only one node might hide some of the issues I had/have with docker swarm .