Going Mobile: Part 3
A change of plans:
The original design in part 2 had a few missing parts:
- It didn't include the hosting of the Headscale server required for our Tailscale overlay network.
- The assumption of being able to have 2 physical location wasn't correct in the context of Longhorn, and doing so would have caused a split-brain issue, so a third location running only an agent node is added.
- There are a few options for k3s architecture, considering the addition of Location 4 (Cloud hosting) for the Headscale server, I have opted for the High Availability External DB by running etcd on the same machine as the Headscale server.
The new design:
Ingresses:
There are a few options for Ingresses and making applications running on the platform available on the internet:
- Traefik ingresses
- Tailscale sidecar for each application
- Tailscale Kubernetes Operator - in Alpha at time of writing
- Cloudflared
In the cases of 1,2,3 access would be restricted to the machines within the Tailscale network, and for 4 access would be tunneled through Cloudflare.
Whats next:
- Applications
- Testing
- Chaos Engineering Exercises
Explore the series:
This post is part of the 'Going Mobile' series. Explore the series further:
- Going Mobile: Part 1 - Introduction to the series
- Going Mobile: Part 2 - The design.
- You are here: Going Mobile: Part 3 - Understanding a change in the scope.
- Next: Going Mobile: Part 4 - Going further into Networking, Monitoring and Chaos engineering
- Going Mobile: Part 5 - Covering some troubleshooting, wrapping it up, and the future.