Firsts look at what volumes are, then look at the Volume= quadlet option and remember that any data not part of a volume is going to be deleted.

Once you set up a volume you can just copy data inside of it from the host using the path you specified in the Volume and access it inside the container using the target path you specified in the volume.

If you only want to copy something once then you can use podman cp (though you will still need volumes if your container has any persistent data!)

You triggered the independent thought alarm

There’s a solution you’re not seeing, make the notebook part of the production cluster.

Run a multi-cluster k8s on your notebook to test then?

Check DNS, MTU and do a full wireshark capture from the Client using both curl and the browser.

I didn’t consider it as valid, one on (phone and internal nvme1), the second one on nvme2 and the third one in the cloud.

Though I have only two copies of normal data myself, I consider live and cloud to be enough for most data. Everything very important has more backups in other ways (bitwarden has an exportable local version on every logged in device, images are stored in immich on my server making it 3 devices)

• Maintain three (3) copies of your data: This includes the original data and at least two copies.
• Use two (2) different types of media for storage: Store your data on two distinct forms of media to enhance redundancy.
• Keep at least one (1) copy off-site: To ensure data safety, have one backup copy stored in an off-site location, separate from your primary data and on-site backups.

You have 3 copies, one on your phone and nvme, one on the backup nvme and one in the cloud. You have 2 media, internal SSD and cloud (your phone would count as a third if it wasn’t auto synced) You have 1 off-site in the cloud

Find a new service you like, add it using rootless podman. That way you can test it without affecting your running system.

Try sysctl -w net.ipv4.conf.all.rp_filter=2 on the PC (not vps) or =0 if that doesn’t work

Do a ping of 8.8.8.8 from your user, then open a new console and run tcpdump -i <interface> with first your uplink, then wg0. The packets should be seen on wg0 if they’re routed correctly and the problem then is on the vps side. Otherwise it’s a problem on your local config.

Did you add the vps IP to the routing table of your user? ip r add 10.0.0.2/32 dev wg0 table 1070?

// abandon all hope ye who commit here
(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])

Edith: damit, Not the first to post this abomination

I have rss feeds for my main service updates so I know what new features I have, the services mostly run in podman containers and update automatically each Monday. I also have daily backups (timed to run just before the update on monday) in case anything does break.

If it breaks I fix it depending on how much I want/need it, mostly it’s a matter of half an hour to fix it and with my current NixOS/Podman system I haven’t yet needed to fix anything this year so it breaks infrequently.

Also why are you using Kubernetes on a single host if you want minimal maintenance? XD

My recommendation is to switch to just managing containers, you should just be able to export the volumes out of kubernetes and import them as normal volumes, as long as they’re mounted in the right place you keep your data and if it doesn’t work just try again. Not like you need to destroy the current system to slowly replace it.

Edit: I also recommend to update and reboot frequently, this stops updates and unstable configurations from piling up.