Heyy !

Just curious what you recommend your clients now ?

I was looking to use ProtonVPN but since that story, i would prefer an alternative.

What do you guys use for VPN (i think i saw Mullvad in the replies ?)

Either tailscale or cloudflare tunnels are the most adapted solution as other comments said.

For tailscale, as you already set it up, just make sure you have an exit node where your services are. I had to do a bit of tinkering to make sure that the ips were resolved : its just an argument to the tailscale command.

But if you dont want to use tailscale because its to complicated to your partner, then cloudlfare tunnels is the other way to go.

How it works is by creating a tunnel between your services and cloudlare, kind of how a vpn would work. You usually use the cloudlfared CLI or directly throught Cloudflare’s website to configure the tunnel. You should have a DNS imported to cloudflare by the way, because you have to do a binding such as : service.mydns.com -> myservice.local Cloudlfare can resolve your local service and expose it to a public url.

Just so you know, cloudlfare tunnels are free for some of that usage, however cloudlfare has the keys for your ssl traffic, so they in theory could have a look at your requests.

best of luck for the setup !

Exactly thanks!

Haha sorry indeed, it’s Kubernetes related and not Windows WeDontSayItsName related 😄

You are completely right.

However in my mind (might be wrong here) if I use another node, i wouldn’t use the RAID array completely.

While setup up i thought that its either:

• NAS storageClass attached to the RAID array, no longhorn
• with longhorn when there is no RAID, but replication at 3

In either case, the availability of my data would be quite the same right ?

(Then there is options to backup my PV to s3 with longhorn and all that i would have to setup again though )

Thanks for your answer !

I would guess it doesn’t like replica at 1 indeed.

And using a NAS would be a single point of failure indeed, but how I’m using Longhorn right now already is (my storage node goes down, my cluster would be unstable)

Thanks !

Hello ! Thanks for your response!

Yes RAID is used as availability of my data here, with or without longhorn, there wouldn’t be much difference there (especially since i only use one specific node)

And you would be right, since the other nodes are unscheduled, it will be available only on my “storage node” so if this one goes down my storage goes down.

That’s why i might be overkill with longhorn, but there are functions to restore and backup to s3 for exemple that i would need to setup i guess

Hello ! Just adding my two cents for Scaleway. I’ve used them personally for some services (and probably will add s3 storage in the near future)

It’s seems pretty reliable in my opinion.

Still from IT Crowd, it’s when Reynholm get sued by his exwife. The quote isn’t from that episode though

I think you are right indeed, i had the idea to maybe use the GC for AI stuff and play with it. I would probably go with kube and add the NAS in longhorn (that i already set up)

Would have been cool to add yet another machine to the cluster, especially if i could use the NAS for the kube VolumeClaims. 🤔

Also true

I understand! If you need help to do that (or someone to contribute), hit me up ! 😄

Actually yes, I had a look at them since i wanted to write HelmCharts for the community. That’s also where the community can step up, it can only be better 😊

This is the way.

It’s actually how people build their images, in which some include sensitive data (when they should definitely not). It’s the same problem as exposed S3 buckets actually, nothing wrong with docker in itself.