2025-12-04 Notes

December 4, 2025 · Mario Jason Braganza

Goals + Recap

Figured out every thing I needed that I needed to spin up the cluster the way I wanted it. (Update 2025-12-04: Figured out everything I need to deploy and expose an app, as well)
Figured things out at a brisk clip yesterday (not fast, not slow either). Got Kanboard up and running!
Will try and redo Kanboard (once again); this time with an gitopsy Flux CD approach
And leave it at that, since the rest of the day is filled with meeetings

The plan is to redo the cluster again and do my own instance of
- K3s
- Sealed Secrets
- Certmanager
- ~~Letsencrypt~~ (using pre existing Letsencrypt certs)
- Get Traefik Ingress to work
- Figure out a way to get certs automatically into the cluster
And once that is done, figure out an app to move (Miniflux or Hedgedoc?); 2025-12-03: Kanboard it is!
Begin by moving (lifting and shifting in popular parlance) Kanboard to the cluster
- Cert will probably be needed (Wildcard cert works now, just like it does without the cluster)
- Convert a docker-compose to kubernetes manifests
- Learn how to configure an app with code
- Learn how to store data and back it up
- Figure out secrets, if there are any (for now sealed secrets ok, figure out vault and vault injection later)
- Learn how to tunnel through and reverse proxy
- Make Kubernetes manifests work with flux
- Figure out how to automate manual manifests
- Once another app is done, then start live deploys. Prototype locally and once it works, migrate to production immediately
- Convert Kubernetes manifests to Helm Charts (optional, based on energy)

Updated my reading list for November
Did my NMC run. It’s always fun getting new members into the Kubernetes community
Now to focussed work
2025-12-04 08:25: I love Kubernetes namespaces! Lets me delete everything in a jiffy!
2025-12-04 08:50: Client call

Back
2025-12-04 11:18: Learning to handwrite kubernetes manifests with the help of IDE completion
2025-12-04 11:55: Troubleshot my first yaml mistyped key. I should not depend on the IDE so much. I know I have to use ReadWriteOnce and yet, somehow I have ReadWriteMany!
But the speed at which I can tear down and recreate stuff and iterate is amazing!
2025-12-04 12:30: Bumped version in a yaml, Flux made the deployment follow suit! Woohoo!
2025-12-04 12:43: Both my automation controllers are borked. Need to figure out what to do.
2025-12-04 12:58: Lunch

Killing cluster. Rebuilding bit by bit. paying attention.
Besides one more good thing to try is to move even my cluster state to the big hdd
2025-12-04 13:42: Got cluster up! Verified data is now stored on the big hdd
2025-12-04 14:23: Installed flux without the additional image controllers. So far so good
2025-12-04 14:33: Troubleshooting errors comes more easily now
2025-12-04 14:41: Sealed secrets installed. It also took my letsencrypt cert that I create with the new key
2025-12-04 14:42: Client call

Trying to get back into the swing of things
2025-12-04 16:52: Realised the new cluster is a clean sweep too.
2025-12-04 16:58: Traefik and kanboard deployed in minutes! Gitops is amazing!
2025-12-04 17:00: Client call

Somehow managed to screw up Traefik. Redoing
Fat fingered and deleted both my flux repo and my files. That should teach me not to do things at night after a stressful day
Well, one advantage is this will let me do things even more simpler! Now that I’ve gotten a grasp on things.
Worst case, I had made a paranoid backup in the morning. I can refer to that and redo things
2025-12-04 21:38: Simplified the config maps I use for Helm Releases
2025-12-04 22:31: Cert ready for Traefik
2025-12-04 23:12: Nothing seems to work Traefik wise. Calling it a night. Will start afresh with a new cluster tomorrow.

Feedback on this post?
Mail me at feedback at this domain.