Kubernetes¶
Two separate k8s environments managed by GitOps.
Dell k3s Cluster (Dashecorp)¶
Host: Dell server (100.95.212.93), Oslo
GitOps repo: Stig-Johnny/cluster-gitops
Orchestrator: ArgoCD v3.0.4 (self-managed, App of Apps pattern)
Storage: NFS from Synology DS412+ (100.95.36.122:/volume1/docker), StorageClass nfs-csi (default)
What Runs on It¶
| App | Namespace | What |
|---|---|---|
| ArgoCD | argocd | Cluster orchestrator (self-managed) |
| ARC Controller | arc-systems | Actions Runner Controller 0.13.1 |
| ARC Runners | arc-runners | 16 Stig-Johnny + 1 cuti-e + 1 Docker-in-Docker scale sets |
| ATL-E | atl-agent | Agile Team Lead agent (TypeScript, from Stig-Johnny/atl-agent repo, deploy/k8s) |
| vCluster Platform | invotek | vCluster dashboard, exposed via Cloudflare Tunnel at vcluster.invotek.no |
| Kubernetes Dashboard | — | Cluster dashboard |
| NFS Provisioner | — | Helm chart v4.0.18, provisions PVs from DS412+ |
| starc (legacy) | starc | Old client project (MSSQL 20Gi + 20Gi backup) |
ARC Runner Scale Sets¶
Stig-Johnny ApplicationSet (21 repos, arc-linux-{repo}):
Standard resources (250m/512Mi → 1cpu/2Gi): - MCP repos: totp-mcp, pushbullet-sms-mcp, telegram-notifications-mcp, slack-notifications-mcp, claude-memory-mcp, appstoreconnect-mcp, context-layer-mcp, cutie-mcp, deadline-tracker-mcp, infra-health-mcp, submission-checklist-mcp - App repos: heart-e, drink-e, count-e, fast-e - Other: dashecorp, claude-3, atl-agent
Higher resources (500m/1Gi → 2cpu/4Gi): - star-rewards, nutri-e, cutie
cuti-e ApplicationSet (0-2 pods, 250m/512Mi):
- arc-linux-ios-sdk → cuti-e/ios-sdk
- arc-linux-ios-link-sdk → cuti-e/ios-link-sdk
Docker-in-Docker (arc-linux-docker, 0-2 pods, 1cpu/2Gi → 4cpu/8Gi):
- nutri-e only
All runners: Scale 0-3, ghcr.io/actions/actions-runner:latest, auth via SealedSecret github-pat.
ARC Coverage¶
All active repos now have ARC Linux runners configured. No gaps.
Access¶
ArgoCD dashboard: accessible from Dell node.
vCluster Platform: vcluster.invotek.no (Cloudflare Access, post@stigjohnny.no only)
Tablez vCluster (tablez-dev) — Active Client/Partner Project¶
Host: Runs as a vCluster inside the Dell k3s cluster
GitOps repo: tablez-dev/tablez-gitops
Orchestrator: Flux CD (with image automation)
Terraform: Cloudflare tunnel + DNS + Zero Trust (local state)
What Runs on It¶
| Service | Language | Description |
|---|---|---|
| tablez-ai | Docker | LLM gateway, Semantic Kernel, AI agent tool API |
| tablez-api-gateway | C# | API gateway, routing, auth |
| tablez-guest | C# | Guest CRM, profiles |
| tablez-notification | Docker | SMS, email, push notification workers |
| tablez-reservation | C# | Core booking engine + event store |
| tablez-restaurant | C# | Restaurant config, floor plan, schedule |
| Postgres | — | Database |
| Valkey | — | Cache (Redis-compatible) |
| Grafana | — | Dashboards (grafana.invotek.no) |
| Prometheus | — | Metrics (10Gi NFS) |
| Loki | — | Log aggregation (5Gi NFS) |
| Tempo | — | Distributed tracing (5Gi NFS) |
Infrastructure¶
- Grafana exposed at
grafana.invotek.novia Cloudflare Tunnel (tablez-vcluster) - Cloudflare Access: Zero Trust, allowed email: invotekas@gmail.com
- Image automation: Flux watches GHCR for new images, auto-commits updates to gitops repo
- Single environment:
localoverlay only (no staging/production yet)
Supporting Repos¶
| Repo | Role | CI |
|---|---|---|
| tablez-contracts | Shared NuGet library (DTOs, events, interfaces) | nuget-publish |
| tablez-migration | Database schema migrations (human-gated) | request-review only |
| tablez-docs | Architecture, specs, ADRs | None |
| tablez-web | Staff dashboard frontend | None (no CI) |
Gaps¶
- No Dependabot on any tablez repo
- tablez-web has no CI and the most open issues (9)
- Terraform state is local — flagged for remote migration
- 39 open issues across all tablez repos
- No ios-link-sdk runner in ARC (only ios-sdk)
Access¶
Future¶
Dell k3s is designed as shared infrastructure. New projects get their own vCluster tenant — Tablez is the first.