Hi,
I would like some guidance on how to approach this with NixOS , bear in mind I have read pretty much all the docs and listen to some YT videos but I have no real experience with NixOS. I’m trying to assess if NixOS is the tool for the job before I fully commit.
I need to deploy on a green field a new K8s cluster , is has some hard requirements like :
- End to End Encryption
- Mutual TLS
- Encryption At Rest
- An API Gateway + Ingress Controll in k8s parlance
- SPIFEE or similar to avoid the “zero-credential” problem
- AutoScale
Now K8s is a large beast that requires expertise and time but I can achieve all the above with it.
I’m attaching an image so we can have an idea of what I’m talking about.
The diagrams are over simplified regrding connections
( I don’t want anyone to fish for me I just want to get pointers )
Is this even a valid use case ?
How would you design this with NixOs ?
How would you maximise resource usage ?
How to deal with a host fail over ?
AutoScaling & Node-Balancing ?
How to deal with the sidecar functionally of k8s, do you build a package with multiple software within ?
I was unable to find in my endeavours a post/video that refers in how to build more advanced infrastructure with NixOs that goes beyond a normal webserver+backend.
Thank you all for your time.