Docker hosts
Most workloads in this homelab run on Kubernetes. A handful do not — and for those, plain Docker is the right tool. This page collects the ones that exist.
When Docker, when Kubernetes
| Use Docker host | Use Kubernetes |
|---|---|
| Single-node, single-purpose appliance (Syncthing, Home Assistant on a NAS) | Anything multi-replica, multi-node, or with internal dependencies |
Local dev / experimentation (k3d) | Anything serving real users |
| Hardware that can't run Kubernetes (NAS app catalog, ARM SBCs) | The two real clusters: Talos and K3s |
The split is pragmatic — Kubernetes is the default; Docker hosts cover the cases where pulling in a whole cluster is overkill.
Synology DS723+ — Syncthing
The Synology DS723+ hot-storage NAS runs Docker on its own engine through Synology's built-in Container Manager (the modern replacement for Synology Docker). One container is interesting:
- Syncthing — runs continuously, replicating selected datasets between the homelab and the NAS. The NAS is the "hot" off-site target; Syncthing is the only continuous mover keeping the remote dataset live.
The Synology node sits on the home management VLAN at 192.168.0.5, and is a member of the home NetBird network — so the homelab clusters can reach Syncthing's REST API without it being publicly exposed.
# Container summary
services:
syncthing:
image: lscr.io/linuxserver/syncthing
network_mode: host
volumes:
- /volume1/syncthing/config:/config
- /volume1/syncthing/data:/data
restart: unless-stopped
Why Docker and not in-cluster Syncthing? Because the NAS itself is the destination — running the agent on the box that owns the disks avoids a hop and keeps replication working even if the cluster is down.
k3d — local Kubernetes for development
k3d wraps K3s in a Docker container, giving you a throwaway Kubernetes cluster on a workstation in seconds. Useful for:
- Validating manifests before pushing to the real cluster.
- Testing Renovate-bumped charts locally.
- Reproducing a bug from production with a known image and config.
Quick start:
k3d cluster create \
--volume /home/johnny/arr:/data \
-p "30000-30010:30000-30010" \
arr
The --volume mount and port range are placeholders — swap in whatever the test setup needs. k3d cluster delete arr when you're done.
Ansible-provisioned Docker hosts
Any Linux host that needs the Docker engine is brought up to spec by the docker-host Ansible role. The role handles:
- Engine + CLI install
- Daemon defaults (
storage-driver, log rotation) - The
dockergroup + non-root membership
That same role is reusable for any future appliance — set the host's group to docker_hosts and apply.
Where to look next
- Hot storage (Synology) — physical context for the Syncthing host
- Ansible — how Docker hosts are configured
- K3s — when "almost-Kubernetes" is the right choice instead of plain Docker