docs: update README
This commit is contained in:
Masaki Yatsu
41
README.md
41
README.md
@@ -9,44 +9,47 @@ A remotely accessible Kubernetes home lab with OIDC authentication. Build a mode
|
|||||||
|
|
||||||
### Foundation
|
### Foundation
|
||||||
|
|
||||||
- **Kubernetes**: [k3s](https://k3s.io/) lightweight distribution
|
- **[k3s](https://k3s.io/)**: Lightweight Kubernetes distribution
|
||||||
- **Automation**: [Just](https://just.systems/) task runner with templated configurations
|
- **[Just](https://just.systems/)**: Task runner with templated configurations
|
||||||
- **Remote Access**: [Cloudflare Tunnel](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/) for secure internet connectivity
|
- **[Cloudflare Tunnel](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/)**: Secure internet connectivity
|
||||||
|
|
||||||
### Core Components (Required)
|
### Core Components (Required)
|
||||||
|
|
||||||
- **Database**: [PostgreSQL](https://www.postgresql.org/) cluster with pgvector extension
|
- **[PostgreSQL](https://www.postgresql.org/)**: Database cluster with pgvector extension
|
||||||
- **Identity & Access**: [Keycloak](https://www.keycloak.org/) for OIDC authentication
|
- **[Keycloak](https://www.keycloak.org/)**: Identity and access management with OIDC authentication
|
||||||
|
|
||||||
### Recommended Components
|
### Recommended Components
|
||||||
|
|
||||||
- **Secrets Management**: [HashiCorp Vault](https://www.vaultproject.io/) with [External Secrets Operator](https://external-secrets.io/)
|
- **[HashiCorp Vault](https://www.vaultproject.io/)**: Centralized secrets management
|
||||||
- Used by most stack modules for secure credential management
|
- Used by most stack modules for secure credential storage
|
||||||
- Can be deployed without, but highly recommended
|
- Can be deployed without, but highly recommended
|
||||||
|
- **[External Secrets Operator](https://external-secrets.io/)**: Kubernetes secret synchronization from Vault
|
||||||
|
- Automatically syncs secrets from Vault to Kubernetes Secrets
|
||||||
|
- Provides secure secret rotation and lifecycle management
|
||||||
|
|
||||||
### Storage (Optional)
|
### Storage (Optional)
|
||||||
|
|
||||||
- **Block Storage**: [Longhorn](https://longhorn.io/) distributed block storage
|
- **[Longhorn](https://longhorn.io/)**: Distributed block storage
|
||||||
- **Object Storage**: [MinIO](https://min.io/) S3-compatible storage
|
- **[MinIO](https://min.io/)**: S3-compatible object storage
|
||||||
|
|
||||||
### Data & Analytics (Optional)
|
### Data & Analytics (Optional)
|
||||||
|
|
||||||
- **Interactive Computing**: [JupyterHub](https://jupyter.org/hub) for collaborative notebooks
|
- **[JupyterHub](https://jupyter.org/hub)**: Interactive computing with collaborative notebooks
|
||||||
- **SQL Query Engine**: [Trino](https://trino.io/) for distributed SQL queries across multiple data sources
|
- **[Trino](https://trino.io/)**: Distributed SQL query engine for querying multiple data sources
|
||||||
- **Analytics Database**: [ClickHouse](https://clickhouse.com/) for high-performance analytics
|
- **[ClickHouse](https://clickhouse.com/)**: High-performance columnar analytics database
|
||||||
- **Vector Database**: [Qdrant](https://qdrant.tech/) for vector search and AI/ML applications
|
- **[Qdrant](https://qdrant.tech/)**: Vector database for AI/ML applications
|
||||||
- **Iceberg REST Catalog**: [Lakekeeper](https://lakekeeper.io/) for Apache Iceberg table management
|
- **[Lakekeeper](https://lakekeeper.io/)**: Apache Iceberg REST Catalog for data lake management
|
||||||
- **Business Intelligence**: [Metabase](https://www.metabase.com/) for data visualization
|
- **[Metabase](https://www.metabase.com/)**: Business intelligence and data visualization
|
||||||
- **Data Catalog**: [DataHub](https://datahubproject.io/) for metadata management
|
- **[DataHub](https://datahubproject.io/)**: Data catalog and metadata management
|
||||||
|
|
||||||
### Orchestration (Optional)
|
### Orchestration (Optional)
|
||||||
|
|
||||||
- **Data Orchestration**: [Dagster](https://dagster.io/) for modern data pipelines
|
- **[Dagster](https://dagster.io/)**: Modern data orchestration platform
|
||||||
- **Workflow Orchestration**: [Apache Airflow](https://airflow.apache.org/) for task scheduling
|
- **[Apache Airflow](https://airflow.apache.org/)**: Workflow orchestration and task scheduling
|
||||||
|
|
||||||
### Security (Optional)
|
### Security (Optional)
|
||||||
|
|
||||||
- **Authentication Proxy**: [OAuth2 Proxy](https://oauth2-proxy.github.io/oauth2-proxy/) for adding Keycloak authentication
|
- **[OAuth2 Proxy](https://oauth2-proxy.github.io/oauth2-proxy/)**: Authentication proxy for adding Keycloak authentication
|
||||||
|
|
||||||
## Quick Start
|
## Quick Start
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user