Architettura¶
Panoramica¶
graph TB
subgraph Proxmox["Proxmox Host (192.168.178.162)"]
subgraph Cluster["Kubernetes Cluster"]
CP[Control Plane<br/>192.168.178.50]
W1[Worker 1<br/>192.168.178.51]
W2[Worker 2<br/>192.168.178.52]
end
ZFS[(ZFS Pools<br/>flash / spacex)]
end
Internet((Internet)) -->|Cloudflare DNS| Traefik
Traefik -->|Gateway API| Apps
subgraph Apps["Applicazioni"]
HA[Home Assistant]
Immich[Immich]
Grafana[Grafana]
More[...]
end
Cluster -->|NFS-CSI| ZFS
Flux[Flux CD] -->|GitOps| Cluster
GitHub[GitHub Repo] -->|Pull| FluxFlusso GitOps¶
sequenceDiagram
participant Dev as Developer
participant GH as GitHub
participant Flux as Flux CD
participant K8s as Cluster
Dev->>GH: git push (main)
Flux->>GH: Poll ogni 1m
Flux->>K8s: Apply Kustomization
K8s-->>Flux: Status (Ready/Failed)
alt Errore
Flux->>Telegram: Alert errore
endStruttura Repository¶
โโโ clusters/production/ # Entry point Flux: definisce le Kustomization
โ โโโ secrets.yaml # Kustomization per SOPS secrets
โ โโโ infrastructure.yaml # Kustomization per infrastruttura
โ โโโ apps.yaml # Kustomization per applicazioni
โโโ infrastructure/ # Componenti di piattaforma
โ โโโ crds/ # Gateway API CRDs
โ โโโ metallb/ # Load balancer L2
โ โโโ cert-manager/ # Certificati TLS wildcard
โ โโโ nfs-csi/ # Storage driver NFS
โ โโโ traefik/ # Ingress controller + Gateway
โ โโโ kube-system/ # Patch sistema (metrics-server, ecc.)
โ โโโ notifications/ # Flux โ Telegram alert
โโโ apps/ # Applicazioni utente
โ โโโ authentik/ # SSO / Identity Provider
โ โโโ home-assistant/ # Domotica
โ โโโ immich/ # Photo management
โ โโโ grafana/ # Dashboard metriche
โ โโโ prometheus/ # Monitoring stack
โ โโโ gatus/ # Uptime monitoring
โ โโโ ... # Altre app
โโโ scripts/ # Script di diagnostica
Dipendenze tra Kustomization¶
graph LR
secrets[secrets] --> infrastructure
infrastructure --> appsFlux applica le risorse nell'ordine: secrets โ infrastructure โ apps. Ogni livello dipende dal precedente tramite dependsOn.