Architecture Overview

Complete system architecture with detailed diagrams

System Architecture

Hardware Layer

Dell PowerEdge R430

2x Intel Xeon E5-2630 v3 (32 cores)
128GB RAM
Hardware RAID Controller
Dual Gigabit NICs
iDRAC Enterprise

↓

Operating System

Talos Linux v1.6.4

Immutable OS
API-driven configuration
No SSH access
Kubernetes-optimized

↓

Kubernetes Cluster

Control Plane

etcd
kube-apiserver
kube-controller-manager
kube-scheduler

Node Components

kubelet
kube-proxy
CoreDNS
Flannel CNI

↓

Workloads

Containers

Web Console (Go + React)
Blog (Astro)
NPM (Nginx Proxy Manager)
Traefik (Ingress)

Virtual Machines

KubeVirt Operator
VM Management
Hardware Virtualization

Network Architecture

Internet

93.8.28.60

↓

Home Router

192.168.1.1

Port 80 → 192.168.1.202:80

Port 443 → 192.168.1.202:443

↓

R430 Node

192.168.1.100

Kubernetes API

Talos API

MetalLB Pool

192.168.1.200-220

Traefik: 192.168.1.200

NPM: 192.168.1.202

Console: 192.168.1.201

iDRAC

192.168.1.190

Remote Management

Virtual Media

↓

Pod Network (Flannel)

10.244.0.0/16

Service Network: 10.96.0.0/12

DNS: cluster.local

Service Architecture

External Access

blog.sortium.fr

→ NPM → Blog Service

npm.sortium.fr

→ NPM Admin UI

↓

Nginx Proxy Manager

192.168.1.202

Reverse Proxy

SSL Certificates (Let's Encrypt)

Domain Management

↓

Blog Service

Namespace: blog

homelab-blog.blog.svc.cluster.local:80

Static Site (Astro)

ConfigMap-based

Web Console

Namespace: console

Backend: Go API

Frontend: React UI

Kubernetes client-go

Traefik

Namespace: traefik

Ingress Controller

LoadBalancer: 192.168.1.200

Internal Routing

↓

Kubernetes API

API Server: 192.168.1.100:6443

Service Discovery

Resource Management

Data Flow

User Request

https://blog.sortium.fr

→

Router

Port Forward 443 → 192.168.1.202:443

→

NPM

SSL Termination & Routing

→

Kubernetes Service

homelab-blog.blog.svc.cluster.local:80

→

Blog Pod

Nginx serving static files

Storage Architecture

Local Path Provisioner

/opt/local-path-provisioner/

↓

NPM Data

10Gi

/data

NPM SSL

1Gi

/etc/letsencrypt

VM Disks

Variable

PVC per VM

Component Details

Talos Linux

Version: v1.6.4

Type: Immutable OS

Config: API-driven

Access: talosctl only

Kubernetes

Version: v1.29.1

Nodes: 1 (control-plane)

CNI: Flannel

DNS: CoreDNS

KubeVirt

Version: v1.1.2

Virtualization: VT-x

Runtime: QEMU/KVM

Management: kubectl/virtctl

MetalLB

Mode: L2

IP Pool: 192.168.1.200-220

Protocol: ARP

Services: LoadBalancer

Traefik

Type: Ingress Controller

IP: 192.168.1.200

Ports: 80, 443

Features: HTTP/HTTPS routing

NPM

Version: latest

IP: 192.168.1.202

Ports: 80, 81, 443

SSL: Let's Encrypt