Overview

Architected, deployed, and maintained an enterprise-grade on-premise infrastructure, evolving from legacy virtualization to a sophisticated, fully automated Cloud-Native platform. Spearheaded the migration to Kubernetes (OKD/OpenShift), implementing GitOps practices, Zero Trust security, and full-stack observability.


Cloud-Native Infrastructure & Orchestration
  • Kubernetes Migration: Led the strategic migration of workloads from Docker Compose to K3s, and ultimately to OKD (OpenShift), enabling enterprise-level orchestration.
  • GitOps Implementation: Established a declarative delivery model using ArgoCD for continuous deployment and Tekton for CI pipelines, integrating with self-hosted Gitea and Quay registries.
  • Cluster Management: Managed full lifecycle of bare-metal clusters (IPI/SNO), including automated provisioning, scaling, and seamless upgrades (up to OKD 4.21).
Storage & Virtualization
  • Software-Defined Storage: Deployed and tuned Ceph/ODF (Rook) and MinIO for high-performance block and object storage.
  • Hybrid Workloads: Leveraged KubeVirt to orchestrate legacy Virtual Machines alongside containerized microservices.
  • Historical Evolution: Progressed through VMware Workstation, KVM/QEMU, and FreeNAS/TrueNAS before converging on hyper-converged infrastructure.
Networking & Security
  • Advanced Networking: Implemented OVN-K8s, MetalLB, Gateway API, and Istio Service Mesh for complex traffic management and ingress control.
  • Zero Trust Security: Enforced security policies using Kyverno, Stackrox, and NetworkPolicies. Managed identity and access via Zitadel (OIDC) and Vault.
  • Edge Networking: Configured pfSense, UniFi, and Cloudflare DDNS for robust edge routing and connectivity.
Observability & Reliability
  • Full-Stack Monitoring: Built comprehensive observability pipelines using Prometheus, Grafana, Loki, and VictoriaMetrics for metrics and logs.
  • Performance Tuning: Implemented Network Observability, Power Monitoring, and Dragonfly for efficient image distribution.
  • Resiliency: Designed backup and disaster recovery strategies using Velero and External Secrets.

Technology Stack

  • Platforms: OKD (OpenShift), Kubernetes, K3s, Docker, MicroShift.
  • IaC & Config: Ansible, Terraform, Helm, Kustomize.
  • CI/CD: ArgoCD, Tekton, GitLab CI, GitHub Actions.
  • Storage: Ceph, Rook, MinIO, Longhorn, TrueNAS (ZFS).
  • Networking: Istio, Traefik, MetalLB, OVN-K8s, pfSense.
  • Observability: Prometheus, Grafana, Loki, VictoriaMetrics, Stackrox.
  • Languages: Python, Bash, Go.

GitHub

https://github.com/ArthurVardevanyan/HomeLab


Screenshots

HomeLab Screenshots.

Click on an Image to Expand it

Heimdall Dashboard
ArgoCD

Timeline / Process

For more detailed and up to date information check: CHANGELOG

  • Windows Server

    Early 2016

    • Focus: Enterprise Windows environment simulation.
    • OS: Windows Server 2012 R2.
    • Key Tech: Active Directory Domain Services, IIS, DNS, DHCP.
    • Hardware: Initial dedicated server hardware acquisition.
  • VMware Workstation

    Late 2016

    • Focus: Desktop Virtualization and Linux exploration.
    • Platform: VMware Workstation Pro 12 running on Windows.
    • Experiments: Early Linux adoption (Ubuntu, Kali, Mint) running as VMs. OpenVPN (August 2016) running in a custom VM.
    • Key Tech: XRDP for remote access, Virtual Network Editor.
  • The Rise of Self-Hosting

    2017 - 2018

    • Infrastructure: Introduction of FreeNAS for storage and pfSense for routing (August 2017). OpenVPN on pfSense (February 2017).
    • Workloads: Nextcloud (v11) inception, Bind9 DNS.
    • OS: Shift towards Ubuntu Server 16.04 as the primary host.
    • Desktop: Deep dive into Ubuntu Desktop and ZFS on Linux.
    • Apps: Nextcloud, Spotify on Linux, and Minecraft Servers.
  • Advanced Storage & Networking

    2019

    • Storage: Heavy focus on FreeNAS tuning (ZFS RAID levels, SSD Caching, Scrubs).
    • Networking: Virtualizing pfSense, VLAN segmentation
    • Key Tech: iSCSI for VM storage, NFS for file sharing.
    • Experiments: Active Directory on Linux (Samba 4).
  • Hardware & Passthrough

    2020

    • Hardware: Raspberry Pi 4 for OctoPrint.
    • OS: Distro hopping (Pop!_OS, Manjaro, Fedora).
    • Migrations: P2V (Physical to Virtual) migrations of legacy Windows machines.
    • Networking: WireGuard (April 2020) exploration.
  • The Docker Era

    Early 2021 - August 2021

    • Early 2021: Researching Docker, Podman, and container networking.
    • June 15, 2021: Initial Commit establishing the Docker environment.
    • June 18, 2021: Implementation of `macvlan` network routes, moving away from simple bridge networking.
    • June 25, 2021: Cockpit configuration for server management.
    • July 31, 2021: Introduction of Portainer for UI-based container management.
    • Workloads: Nextcloud, MariaDB, HomeAssistant, Spotify Analytics, Pi-Hole, GitLab (Code Hosting).
  • Kubernetes Migration

    August 2021 - December 2021

    • August 22, 2021: First Kubernetes-related commits appear.
    • September 8, 2021: "Kubernetes Move" - The official migration point from Docker Compose.
    • November 28, 2021: Full conversion to Longhorn PV/PVCs, enabling stateful workload mobility.
    • December 10, 2021: Bitwarden (Vaultwarden) inception for password management.
    • Late 2021: Introduction of Kubernetes Dashboard, Metrics Server, and Kube Eagle for cluster visibility.
    • Workloads: Prometheus/Grafana stack, Heimdall Dashboard, Bitwarden, Uptime Kuma, Cert-Manager, Hashicorp Vault.
  • The OKD Migration

    Early 2022

    • January 16, 2022: Upgrade of K3s to High Availability (HA) mode.
    • February 6, 2022: pfSense physical inception, replacing the default ISP router.
    • March 27, 2022: Automated Sandbox OKD Installation.
    • March 28, 2022: Inception of ArgoCD, establishing the GitOps workflow.
    • May 21, 2022: Gitea inception, replacing GitLab.
    • May 21, 2022: Tekton pipelines implemented.
    • May 22, 2022: MinIO, Quay, and Postgres inception.
  • Security & Stability

    Late 2022

    • October 20, 2022: Stackrox inception for continuous security monitoring.
    • November 3, 2022: TrueNAS inception serving as an S3 backup target.
    • November 25, 2022: Smoke Tests implementation for cluster validation.
  • Identity & Observability

    Early 2023

    • January 11, 2023: Network Observability inception.
    • April 27, 2023: Keep Alive service for connection persistence.
    • May 1, 2023: Zitadel inception, replacing Keycloak.
  • Developer Experience & Serverless

    Late 2023

    • October 29, 2023: Eclipse Che inception.
    • October 30, 2023: Kyverno and Image Puller inception.
    • November 21, 2023: Knative Serverless inception.
  • Hybrid Networking & Storage

    Early 2024

    • January 31, 2024: Kube-VIP inception.
    • February 9, 2024: UniFi Network Application inception, marking the shift from pfSense to UniFi hardware.
    • February 2024: External Secrets Operator and MongoDB Operator.
    • March 7, 2024: GitHub Runners for self-hosted CI/CD capacity.
    • April 5, 2024: Strategic shift to Ceph.
    • May 27, 2024: Velero inception for disaster recovery.
  • Virtualization & Edge

    Late 2024

    • June 28, 2024: KubeVirt inception.
    • July 4, 2024: NMState for declarative network configuration.
    • July 13, 2024: Nested Virtualization enabled in KubeVirt.
    • September 8, 2024: MicroShift inception.
    • September 11, 2024: External DNS and OLM (Operator Lifecycle Manager) enhancements.
    • October 10, 2024: AWX inception.
    • Late 2024: Blackbox Exporter, Observability Operator, and NTP standardization.
    • December 2024: UniFi WireGuard implementation.
    • December 13, 2024: Netbox inception.
  • The Bare Metal Rebuild

    Early 2025

    • Early 2025: Major Rebuild - Transition to OKD Baremetal IPI with Agent-based Installer.
    • March 7, 2025: Single Node OpenShift (SNO) deployment with LVM storage serving as a critical stop-gap during the bare-metal migration.
    • March 31, 2025: Deployment Validation operator.
    • April 1, 2025: OpenShift Power Monitoring.
    • April 5, 2025: Automated Nested OKD/OpenShift support in KubeVirt.
    • April 16, 2025: KFCA (Kubernetes Full Cluster Audit).
  • Hardware Acceleration & Observability 2.0

    Late 2025

    • July 22, 2025: Immich inception.
    • August 9, 2025: Kube Descheduler for workload optimization.
    • August 30, 2025: UNAS inception for storage workloads.
    • October 3, 2025: Nextcloud Architecture Rebuild - Migration to FPM/S3 architecture.
    • November 8, 2025: GPU Integration (#281) and Node Feature Discovery.
    • November 15, 2025: OpenShift Service Mesh.
    • November 18, 2025: Adoption of VictoriaMetrics.
    • Late 2025: BMC Shim for bare-metal autoscaling.