Cheap K8S Cluster with K3S on Bare-Metal Cloud and GitOps Strategy

Written on 2021-11-10

Introduction

This post is a summary of my experiences running Kubernetes for personal and side projects. I’ve tried several approaches: starting with Kubeadm on Scaleway, switching to k3s for simplicity, and eventually moving to a bare-metal cluster on Hetzner. I’ll go over the setups, what worked and what didn’t, and some practical lessons about storage, automation, and cost.

Scaleway with Kubeadm

At the time, I didn’t need a full Kubernetes cluster, just a few lightweight applications:

• CI (Drone CI), essential to my workflow
• My test website and personal website
• Tromé , a small HTTP wrapper for a quirky SOAP API
• My mail server (with MongoDB)
• My OAuth server (using the same MongoDB)
• My IoT metrics aggregator (using TimescaleDB and Redis)

Why this solution?

When I set up this cluster, there were no easy solutions; only Kubeadm was available, and it was somewhat challenging to configure. My setup:

• 1 master node (with an NFS Provisioner)
• 1 tainted node (with a specific public IPv4 for Tromé)
• 1 standard node

Was it good?

Scaleway is a solid provider and worked well overall. Occasionally, I had to reset the master or a node due to system unresponsiveness. The NFS provisioner was unstable and required frequent restarts. Despite my efforts, I couldn’t fully resolve these issues.

After the first year, renewing the internal certificate was more difficult than expected. In the second year, I missed a step during the renewal, which broke communication between the master and nodes, making the K8S API unusable.

Scaleway with k3s

As my needs grew, I spent too much time managing Kubeadm. I added:

• CD (Argo CD), which is very convenient
• My personal CRM (Monica)
• The Outline server (VPN)
• A Socks5 server
• A media server (for transcoding, very resource-intensive) and its components
• Several static websites

Why this solution?

Scaleway remained affordable, and k3s was attractive, easy to use and much simpler than Kubeadm. The infrastructure was similar (I reinstalled the OS on every machine):

• 1 master node
• 1 tainted node for the IP
• 1 standard node

The main difference was switching to Longhorn for storage, which was much faster and more reliable than the NFS Provisioner. I kept an external NFS node for long-term backups.

Was it good?

Absolutely, blazing fast, and I rarely needed to SSH into any nodes (usually just to run htop and leave).

However, Scaleway announced a price increase of about 70%. Paying 90 EUR for a side project was no longer feasible.

Hetzner with k3s

My requirements increased further:

• A finance service (mainly for cryptocurrencies, requiring Postgres and Redis, and demanding due to real-time needs)
• A bot reminder
• Monitoring and alerting with Grafana and Prometheus

Why this solution?

Hetzner auctions are fantastic. I now rent a single server with an i7 and 64GB RAM for less than 40 EUR! Plus, I have a hardware transcoder (Intel GPU) for the media service, enabling HEVC and 4K video transcoding without heavy CPU usage, leaving plenty of resources for other apps.

Was it good?

Definitely! It’s much cheaper and far more powerful. The only downside is the lack of redundancy, but I set up CRON jobs to back up all sensitive data to other providers (SCW Object Storage).

More info

You can check out the current apps running on the cluster at k8s.fruitice.fr