K8s Reflection Board

k8s.karamjitbrar.com · personal cloud-native lab

From Git Commit to Live Traffic

This cluster is built to show production-like platform habits on a personal stack: GitOps first, mesh-aware traffic, secure ingress, and observable workloads.

OCI ARM ArgoCD Istio + Kiali Prometheus + Grafana cert-manager
🧬Cluster DNA
Platform
Oracle Cloud (OCI) ARM
Architecture
aarch64 / arm64
Host OS
Oracle Linux 9.6
Kernel
6.12.0 UEK
Ingress Layer
NGINX Ingress Controller
Service Mesh
Istio + Kiali
Delivery Model
ArgoCD + ApplicationSets
Image Flow
GitHub Actions → GHCR
TLS
Let's Encrypt via cert-manager
Observability
Prometheus + Grafana
🌐Traffic Journey
  1. 1DNS points traffic to the ingress endpoint.
  2. 2NGINX terminates TLS and routes by host/path.
  3. 3Istio policies shape service-to-service flow.
  4. 4App metrics are scraped and visualized.
  5. 5ArgoCD continuously reconciles drift to Git.
📌Operating Principles
  • Git is the source of truth; manual cluster edits are temporary.
  • Each app is declarative and continuously reconciled.
  • Ingress + certificates are automated for secure defaults.
  • Observability is built in, not added later.

Built and operated by Karamjit Brar · Cloud-native learning in public