My home Devops Lab - DEVOPS BLOG

--- ### _Gitea → Jenkins → Harbor → ArgoCD → k3s → Traefik → Longhorn → ELK → Prometheus → HashiCorp Vault → Semaphore → Portainer → Lens_ --- # 🏗️ **1. Introduction** This DevOps platform integrates: - **SCM** (Gitea) - **CI** (Jenkins) - **Registry** (Harbor) - **GitOps CD** (ArgoCD) - **Kubernetes cluster** (k3s) - **Networking** (Traefik, ExternalDNS) - **Storage** (Longhorn) - **Observability** (Prometheus, Grafana, ELK, Portainer, Lens) - **Security** (HashiCorp Vault) - **Automation** (Semaphore / Ansible UI) Goal: > A fully automated, GitOps-driven, self-hosted Kubernetes platform with CI/CD, observability, automated DNS, secure secret management, and cluster automation. --- # 🎨 **2. Main Architecture Diagram * ```mermaid %%{ init: { "flowchart": { "htmlLabels": false, "nodeSpacing": 5, "rankSpacing": 25 }, "themeVariables": { "fontSize": "12px" } } }%% flowchart TB subgraph SCM Gitea[Gitea] end subgraph CI Jenkins[Jenkins] end subgraph Registry Harbor[Harbor] end subgraph GitOps GitOpsRepo[GitOps Repo] ArgoCD[ArgoCD] end subgraph Kubernetes k3s[k3s Cluster] end subgraph Management Traefik[Traefik] ExternalDNS[ExternalDNS] Longhorn[Longhorn] end subgraph Observability Prometheus[Prometheus] KSM[kube-state-metrics] Grafana[Grafana] ELK[ELK Stack] Portainer[Portainer] Lens[Lens / FreeLens] end subgraph Security Vault[HashiCorp Vault] end subgraph Automation Semaphore[Semaphore] end Gitea --> Jenkins Jenkins --> Harbor Jenkins --> GitOpsRepo GitOpsRepo --> ArgoCD ArgoCD --> k3s Harbor --> k3s Traefik --> k3s ExternalDNS --> Traefik Longhorn --> k3s k3s --> Prometheus --> KSM --> Grafana k3s --> ELK k3s --> Portainer k3s --> Lens Vault --> k3s Vault --> Jenkins Vault --> ArgoCD Semaphore --> k3s ``` --- # 🧩 **3. Component Overview** ## **SCM** ### **Gitea** - Stores source code repositories - Triggers Jenkins pipelines - Hosts GitOps repository --- ## **CI (Continuous Integration)** ### **Jenkins** - Builds and tests applications - Performs Docker builds - Pushes images to Harbor - Updates GitOps manifests --- ## **Registry** ### **Harbor** - Private Docker image registry - Helm chart repository - Security scanning (Trivy) --- ## **GitOps** ### **GitOps Repo** - Source of truth for cluster state - Contains all Kubernetes manifests ### **ArgoCD** - Synchronizes manifests into k3s - Self-healing - Version-controlled deployments --- ## **Kubernetes Execution Layer** ### **k3s** - Lightweight Kubernetes - Runs all workloads - Integrates with Traefik and Longhorn --- ## **Networking & Platform** ### **Traefik** — Ingress controller ### **ExternalDNS** — Automated DNS ### **Longhorn** — Distributed block storage --- ## **Observability** ### **Prometheus** — metrics gathering ### **kube-state-metrics** — K8s object metrics ### **Grafana** — dashboards ### **ELK Stack** — logs ### **Portainer** — GUI for Docker/K8s ### **Lens** — DevOps IDE --- ## **Security & Secrets** ### **Vault** - Secret storage - PKI - Dynamic secrets - Integration with Kubernetes --- ## **Automation** ### **Semaphore** - Web UI for Ansible automation - Manages external hosts and maintenance tasks --- # 🚀 **4. CI/CD + GitOps Flow** ```mermaid %%{ init: { "flowchart": { "htmlLabels": false, "nodeSpacing": 5, "rankSpacing": 25 }, "themeVariables": { "fontSize": "12px" } } }%% flowchart LR Gitea --> Jenkins --> Harbor --> GitOpsRepo --> ArgoCD --> k3s ``` --- # 📈 **5. Observability Flow** ```mermaid %%{ init: { "flowchart": { "htmlLabels": false, "nodeSpacing": 5, "rankSpacing": 25 }, "themeVariables": { "fontSize": "12px" } } }%% flowchart TB k3s --> Prometheus --> Grafana k3s --> ELK k3s --> Portainer k3s --> Lens ``` --- # 🔐 **6. Secrets Flow** ```mermaid %%{ init: { "flowchart": { "htmlLabels": false, "nodeSpacing": 5, "rankSpacing": 25 }, "themeVariables": { "fontSize": "12px" } } }%% flowchart LR Vault --> Jenkins Vault --> ArgoCD Vault --> k3s ``` --- # 📦 **7. Data Storage Layout** | Layer | Storage | | --------------- | --------------- | | Git | Gitea | | Docker Images | Harbor | | Cluster Storage | Longhorn | | Logs | Elasticsearch | | Metrics | Prometheus TSDB | | Secrets | HashiCorp Vault | --- # 🧠 **8. When to use each service** |Service|Purpose| |---|---| |Gitea|Source code| |Jenkins|CI| |Harbor|Images| |ArgoCD|CD| |k3s|Runtime| |Traefik|Routing| |Longhorn|Storage| |Prometheus/Grafana|Metrics| |ELK|Logs| |HashiCorp Vault|Secrets| |Semaphore|Automation| |Portainer|GUI| |Lens|DevOps IDE| --- # 🎤 **9. Minimal Presentation Diagram** ```mermaid %%{ init: { "flowchart": { "htmlLabels": false, "nodeSpacing": 5, "rankSpacing": 25 }, "themeVariables": { "fontSize": "12px" } } }%% flowchart TB Gitea --> Jenkins --> Harbor --> GitOpsRepo --> ArgoCD --> k3s k3s --> Observability[Prometheus / Grafana / ELK / Portainer / Lens] Security[HashiCorp Vault] --> k3s Automation[Semaphore] --> k3s ``` ---