Homelab

Self-hosted infrastructure & platform

Kubernetes Proxmox Ceph Istio Calico eBPF cert-manager MetalLB GitLab CI Tailscale

Self-hosted infrastructure built as an end-to-end production platform: a Kubernetes cluster running on Proxmox virtualization, with Calico container networking in eBPF mode, an Istio ambient service mesh, automated certificate management via cert-manager, and load balancing through MetalLB. Distributed storage is backed by Ceph, and the entire private network is interconnected over a Tailscale mesh. On top of this foundation runs a self-hosted GitLab CE instance with its integrated container registry and automated CI/CD pipelines, complemented by private cloud environments on GCP and Azure for testing and validation.

What it does

It acts as a personal development and deployment platform, covering the full software lifecycle on fully controlled infrastructure.

  • Runs workloads on a production Kubernetes cluster with eBPF networking and an ambient service mesh.
  • Hosts a self-hosted GitLab CE instance with an integrated container registry for code and artifacts.
  • Automates CI/CD pipelines with unit and integration tests ahead of every deployment.
  • Deploys to pre-production validation environments to verify changes before promoting them.
  • Issues and renews TLS certificates automatically through cert-manager.
  • Exposes services via MetalLB and links them securely across the Tailscale mesh.

Architecture

The design separates the virtualization layer from the orchestration layer, with distributed storage and private connectivity as shared foundations.

  • Proxmox as the base hypervisor and Ceph for distributed, replicated storage.
  • A Kubernetes cluster with Calico in eBPF mode for container networking and policy.
  • Istio ambient as the service mesh for traffic, mTLS, and observability without sidecars.
  • cert-manager for automated certificates and MetalLB for bare-metal load balancing.
  • Self-hosted GitLab CE with a container registry and runners for integrated CI/CD.
  • A Tailscale mesh for the private network and private clouds on GCP and Azure for testing.

Stack

The platform combines Proxmox and Ceph at the base, Kubernetes with Calico eBPF, Istio ambient, cert-manager, and MetalLB for orchestration, and GitLab CI alongside Tailscale and clouds on GCP and Azure for CI/CD and validation.

Back to projects