Setting up Self Labs

Is there any good automation to set up VMs and/or Containers for Giteas + K8S for such labs we can try out FluxCD for example? This would include 1 machine or 2 machine.

I have done such personal projects in the past. It’s easier with VMs using something like Vagrant, but gets really hard when doing it with Docker, as needs to run in privileged mode and chown/chmod socket files (pipes) for access to Docker Daemon outside of the container.

I don’t know of any off hand. Some of this could be handled with helm (a K8s package manager) which would automate installing gitea and FluxCD into a single cluster; you might need to add a bit of YAML to the chart to expose gitea’s https server outside of the cluster.

It’s more complicated if you are using an image builder solution.

First, you’ll need to have rights to publish the image. On cloud solutions, with ECR, ACR, GCR (now GAR), you’ll need to have least-privilege rights to have image write ability. One doesn’t want static credentials and optimally would use federated authN with something like IRSA on EKS or Workload Identity on Azure or GCP.

Secondly, if you are using docker to build/publish images, there will need to be elevated privileges to access a docker daemon. Even on local dev test solutions, setting up Jenkins with a worker that could build images was complex, as I needed to access a mounted file socket from the host to the container.

Lastly, with Gitea it is more complex with multiple systems, as you have to handle TLS, tokens, and/or SSH. For TLS, you can use cert-manager, but would need ownership of a domain for trusted certs, or the ability to copy a private self-sign key on the client.

If this is done on a single VM, some of this can be skipped, useful for teaching the content. I was wondering what was used to set up the lab for FluxCD. I suppose I can tinker around on the VM and figure it out.