I have a small VPS that hosts some services I use daily and I’d like to migrate that to a K8s cluster. One of the services being hosted is my personal website, built with Hugo and served by Caddy.
Right now, I have the code for my website on Codeberg and I have a CI pipeline that builds the website and uploads it to my VPS via rsync.
I want to move the website to the k8s cluster, but I have no idea how to do it “securely”. What I have right now is a separate user on my VPS called deploy and it rsyncs the files to the data directory Caddy is using to serve my files.
I thought I could do the same on the k8s cluster server, but it’s usually not a good idea to mount host paths with k8s unless absolutely necessary, because container escaping is an actual problem.
So far the only alternative I could think of is to change the CI pipeline to publish my website on another branch and signal it to my K8s cluster so the files should be updated, but I’d like to know what better options exist and how easy they are to setup.
My advice would be to have the server running on the cluster serving the static folder mounted through a network drive in the container. Then you just need to sync the content to the drive as the last step in your CI.
Alternatively, you will need to bake the static content in the container but then you will have to host it somewhere for the closer to get.
How is this different than mounting the folder with the static website using
hostPath?I imagine you are using k8s because you want to learn the platform.
In a real cluster with multiple machines, you don’t know which machine will run your container (that’s the point of clusters).
Do you need to host your files on a storage server and link these files to the containers through nfs.
See this post for an example on his to do it.