Yeah - I did come down a bit harder on helm charts than perhaps I intended - but starting out with them was a confusing mess for me. Especially since they all create a new 'custom-to-this-thing' config file for you to work with rather than 'standard yml you can google'. The layer of indirection was very confusing when I was learning. Once I abandoned them and realized how simple a basic deployment in k8s really is then I was able to actually make progress.
I've deployed half a dozen or so services now and I still don't think I'd bother with helm for any of it.
Yeah - k8s has a bit of a steep learning curve. I recentlyish make the conversion from "a bunch of docker-compose files" to microk8s myself. So here are some thoughts for you (in no particular order).
I would avoid helm like the plague. Everybody is going to recommend it to you but it just puts a wrapper on a wrapper and is MUCH more complicated than what you're going to need because you're not spinning up hundreds of similar-but-different services. Making things into templates adds a ton of complexity and overhead. It's something for a vendor to do, not a home-gamer. And you're going to need to understand the basics before you can create helm charts anyway.
The actual yml files you need are actually relatively simple compared to a helm chart that needs to be parameterized and support a bazillion features.
So yes - you're going to create a handful of yml files and kubectl apply -f them. But - you can do that with Ansible if you want, or you can combine them into a single yml (separate sections with ----).
What I do is - for each service I create a directory. In it I have name_deployment.yml, name_service.yml, name_ingress.yml and name_pvc.yml`. I just apply them when I change them, which isn't frequent. Each application I deploy generally has its own namespace for all its resources. I'll combine deployments into a NS if they're closely related (e.g. prometheus and grafana are in the same NS).
Do yourself a favor and install kubens which lets you easily see and change your namespace globally. Gawd I hate having to type out my namespace for everything. 99% of the time when you can't find a thing with kubectl get you're not looking in the right namespace.
You're going to need to sort out your storage situation. I use NFS for long-term storage for my pods and have microk8s configured to automatically create space on my NFS server when pods request a PV (persistent volume). You can also use local directories but that won't cluster.
There are two basic types of "ingress" load balancing. "ClusterIp" means the cluster controller will act like a hostname-based router for HTTP. You can point your DNS entries at that server and it will route to your pods on their internal IP address based on the DNS name of the request. It's easy to use and works very well - but it only works for HTTP traffic. The other is to use LoadBalancerIp that will give your pods an IP address on the network that you can connect to directly. The former only works for HTTP, the latter will let you use any ports (e.g. ssh for a forgejo instance).
I realize you're inexperienced and excited, but this is truly no big deal. Port scans are quite common and aren't even always malicious. You can use nmap to scan systems yourself - just to see what's out there or to test if your firewalls are woking, etc.
It's funny because this is a conspiracy theory that both liberals and MAGA absolutely believe in despite the total lack of any evidence (besides, "you know" or "c'mon, of course there is").
People have a psychological bias to humanize anything that communicates with them and companies are trying to latch onto that mechanism because they benefit when people get an emotional attachment to websites. So I think Google and many others are trying to make people think of websites as things with agencies, rather than machines controlled by people. And yea I think they are partly successful.
This is just stupid. I'm not going to sugar coat it. Nobody thinks their computer is a sentient creature save for some tiny percentage of people who may be mentally ill or otherwise disabled.
People can’t even tell the difference between their operating system and their apps.
There is an ENORMOUS difference between not understanding different layers of the technology stack and thinking your computer is a thinking creature.
Like I said originally - do you think people believe their television wants to sell them "Tide"? Or do they realize that it's the advertising company. As you say - people love to "humanize anything that communicates with them" and they "do not understand technology".
I get the "nobody ever went broke underestimating the intelligence of the general public" vibe - but do you really think that people believe that websites act with agency to sell them things?
I understand that it's not the "YouTube program" having its own agency and making this decision - it's the team behind it, driven by engagement metrics and growth targets. But does the average user understand this distinction?
Yes.
What a stupid question. Does the author think that people believe televisions want to sell them things too?
The Wayland security model is far more restrictive. Accessibility tools need to screen capture, create input events on your behalf, etc. Such things aren't possible under Wayland (yet?).
Yeah - I did come down a bit harder on helm charts than perhaps I intended - but starting out with them was a confusing mess for me. Especially since they all create a new 'custom-to-this-thing' config file for you to work with rather than 'standard yml you can google'. The layer of indirection was very confusing when I was learning. Once I abandoned them and realized how simple a basic deployment in k8s really is then I was able to actually make progress.
I've deployed half a dozen or so services now and I still don't think I'd bother with helm for any of it.