philipp/doran
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
doran/docs/bootstrap-status-report.md
Philipp 2a32461e39 feat: bootstrap hetzner k3s deployment
2026-03-28 20:53:29 +01:00

2.7 KiB
Raw Blame History

Status: partially successful, not fully healthy yet.

What worked

  • Hetzner VM provisioned
  • k3s installed and running
  • node is Ready
  • namespaces created
  • Forgejo is up
  • registry is up
  • Redpanda is up
  • near-intents-ingest is up

What is still broken

  • dummy-reactor, dummy-executor, dummy-consumer are failing because Kafka/Redpanda topic metadata is not healthy yet:
    • This server does not host this topic-partition
  • ingress-nginx is crashing
  • cert-manager webhook/cainjector are crashing
  • so public HTTPS ingress is not ready
  • therefore Git/registry/CI are not yet usable via domain names

So the honest report is:

  • cluster bootstrap succeeded
  • platform/app stack is only partially healthy
  • we still need another fix pass before calling this “working”

How to interact with it right now

  1. Use kubectl
export KUBECONFIG=$PWD/.state/hetzner/kubeconfig.yaml
kubectl get nodes -o wide
kubectl get pods -A
kubectl -n unrip get pods
kubectl -n forgejo get pods,svc
kubectl -n registry get pods,svc
  1. Access Forgejo right now Since ingress is broken, use port-forward:
kubectl -n forgejo port-forward svc/forgejo 3000:3000

Then open:

http://127.0.0.1:3000
  1. Access the registry right now Also via port-forward:
kubectl -n registry port-forward svc/registry 5000:5000

Then from your machine:

docker login 127.0.0.1:5000 -u unrip

And push/pull like:

docker tag unrip:bootstrap 127.0.0.1:5000/unrip:test
docker push 127.0.0.1:5000/unrip:test
  1. Watch logs
kubectl -n unrip logs deploy/near-intents-ingest -f
kubectl -n unrip logs deploy/dummy-reactor -f
kubectl -n unrip logs deploy/dummy-executor -f
kubectl -n unrip logs deploy/dummy-consumer -f
kubectl -n forgejo logs deploy/forgejo -f
kubectl -n registry logs deploy/registry -f

How Git would work once Forgejo is usable After port-forward or later ingress:

git remote add forgejo http://127.0.0.1:3000/<owner>/<repo>.git
git push forgejo main

How CI/CD is supposed to work Intended flow:

  1. code lives in Forgejo
  2. Forgejo runner executes .forgejo/workflows/deploy.yml
  3. workflow builds image
  4. pushes image to registry
  5. updates unrip deployments in Kubernetes

Current reality:

  • not ready yet
  • because ingress/cert-manager are unhealthy
  • and we havent verified a full Forgejo runner deploy cycle

Bottom line

  • Kubernetes cluster: yes
  • server provisioning: yes
  • basic platform pieces: partially
  • usable Git/CI/CD stack: not yet
  • unrip app pipeline: not yet

Most important next fixes

  1. fix k3s manifest/platform issues:
    • ingress-nginx RBAC/crash
    • cert-manager install/CRDs/RBAC
  2. fix Redpanda/topic metadata issue so reactor/executor/consumer run
  3. only then wire Forgejo + registry + CI as usable