A lightweight K3s-based Kubernetes cluster, currently running version
v1.32.5+k3s1as of 9 June March 2025, which is tailored for my personal homelab that hostsHome Assistant,InfluxDB,Grafana,MQTT,UniFi Controller,MongoDB,Wordpress, and more.
To better understand Kubernetes concepts, I wrote all deployment .yaml files myself from scratch, instead of relying solely on third-party Helm charts:
- fully orchestrated Kubernetes stack built for Raspberry Pi
- Ideal for self-hosted services: Home Assistant, databases, dashboards, network management, etc.
- Modular and portable—spin up the same stack at home, office, or remote sites
- Kubernetes Distribution: Rancher K3s
- Load Balancer: MetalLB
- Ingress/Reverse Proxy: NGINX (replacing the default Traefik ingress controller)
- Nodes: Raspberry Pi 4 Model B (ARM64, 8GB RAM)
- Operating System: Raspbian Bullseye 64-bit
- Storage and Backups:
- Persistent storage via dedicated Raspberry Pi NFS server (SSD-based, 500GB)
- Automatic backups to Google Drive and GitHub
Feel free to explore, reuse, or adapt this repo for your own Kubernetes learning journey!
In file /boot/cmdline.txt add the following to the end of the file:
cgroup_enable=cpuset cgroup_enable=memory cgroup_memory=1
Then to install k3s with the default load balancer disabled:
curl -sfL https://get.k3s.io | sh -s - --disable=traefik --disable servicelb --write-kubeconfig-mode 644
Follow this tutorial to configure your pi as a NFS: https://pimylifeup.com/raspberry-pi-nfs/
Then to setup the nfs-client-provisioner in k3s:
cd pv_nfs
kubectl apply -f class.yaml
kubectl apply -f rbac.yaml
kubectl apply -f deployment.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/cloud/deploy.yaml
cd metallb
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.15.2/config/manifests/metallb-native.yaml
vi config.yaml #edit and set the IP address range that has been reserved on your DCHP server
kubectl apply -f config.yaml
Below will install cert-manager v1.17.2, which is the latest version as of 9th June 2025.
cd ingress
kubectl create namespace cert-manager
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.17.2/cert-manager.yaml
vi letsencrypt.yaml #update the email address!
kubectl apply -f letsencrypt.yaml
Remeber to open ports 80 and 443 on your firewall / router, and redirect traffic to the master node ingress ip from metallb load balancer. In this example it would be 192.168.1.110. So direct port traffic from both 80 and 443 to 192.168.1.110 respectively.
for each container app, deploy pv.yaml to create the persistent volume and then deployment.yaml and svc.yaml. Remember to edit pv.yaml and enter your NFS IP address and folder. That's it :)