Applications
Everything past bootstrap is reconciled by ArgoCD from
kubernetes/apps/.
One directory per addon; dropping a new directory there is how a new
addon gets into the cluster. Each entry below links to its source and,
where applicable, the LAN endpoint it serves.
Addons
Section titled “Addons”| Addon | What it does | Access | Source |
|---|---|---|---|
| AdGuard Home | LAN DNS resolver and ad-blocker; fronts *.lab.jackhall.dev for any device pointed at it. | DNS 192.168.1.200UI https://adguard.lab.jackhall.dev | adguard-home/ |
| Alloy | Per-node log collector — a DaemonSet tailing every pod’s stdout into Loki; also hosts the cluster OTLP receiver. | None (cluster-internal) | alloy/ |
| ARC controller | Actions Runner Controller — manages the GitHub Actions runner scale sets. See Automation / CI for how workflows reach these pools. | None (operator) | arc-controller/ |
| ARC runners — brazostech | GitHub Actions runner scale set for the brazostech GitHub App installation. See Automation / CI. | None (ephemeral pods) | arc-runners-brazostech/ |
| ARC runners — raptgroup | GitHub Actions runner scale set for the operator’s raptgroup GitHub App installation. See Automation / CI. | None (ephemeral pods) | arc-runners-raptgroup/ |
| Homepage | Cluster dashboard; auto-discovers other addons via gethomepage.dev/* annotations on their HTTPRoutes. | https://dashboard.lab.jackhall.dev | homepage/ |
| Hubble UI | Cilium’s network-flow observability UI — live service map and L4/L7 flow log. | https://hubble.lab.jackhall.dev | hubble-ui/ |
| kube-prometheus-stack | Prometheus, Grafana, Alertmanager, node-exporter, kube-state-metrics — the metrics-and-alerts half of the observability stack. | https://grafana.lab.jackhall.dev | kube-prometheus-stack/ |
lab Gateway | The single Gateway API Gateway every web-exposed addon attaches to; terminates TLS for *.lab.jackhall.dev. | LB 192.168.1.201 | lab-gateway/ |
| Loki | Single-binary log store — the searchable log backend across all six nodes, queried from Grafana. | None (ClusterIP) | loki/ |
| metrics-server | Kubernetes Metrics API extension; backs kubectl top and Homepage’s cluster CPU/RAM widget. | None (metrics.k8s.io API) | metrics-server/ |
kube-prometheus-stack, Loki, and Alloy are three Applications
that together make up the self-hosted observability stack
— that page narrates how they fit, and
Observability for developers
is the contract for instrumenting an app.
How the LAN endpoints fit together
Section titled “How the LAN endpoints fit together”Two LB IPs out of the Cilium .200–.230 pool carry every addon’s
traffic:
192.168.1.200— AdGuard Home DNS. First hop for any device configured to use it. Resolves*.lab.jackhall.devto.201via a wildcard rewrite.192.168.1.201— ThelabGateway. Terminates TLS with the Let’s Encrypt wildcard cert and routes byHost:header to the addon behind each hostname (dashboard,adguard,hubble, …) viaHTTPRoutes in the addons’ own namespaces.
See Split-horizon DNS for why DNS resolves the way it does, and the per-addon page (where one exists) for what each addon actually does.