norn v2: from kubernetes to nomad

Norn started as a Kubernetes control plane — Docker builds, minikube, the whole ceremony. v2 rips that out for Nomad + Consul + Tailscale.

why#

Kubernetes is great if you’re running a platform team. For a single-node homelab it’s overhead without payoff. Nomad gives me:

• Single binary — no etcd, no kubelet, no kube-proxy
• Docker driver — same container workflow, less ceremony
• Consul integration — service discovery without CoreDNS
• Tailscale mesh — cross-node networking without CNI plugins

the pipeline#

Every deploy follows the same saga:

clone → build → test → snapshot → migrate → submit → healthy → forge → cleanup

forge is the interesting one — it provisions cloudflared tunnels for public endpoints. No ingress controllers, no cert-manager. Cloudflare handles TLS and routing.

infraspec#

Apps declare themselves in infraspec.yaml:

name: signal-sideband
deploy: true
repo:
  autoDeploy: true
processes:
  web:
    port: 3001
    health:
      path: /health
infrastructure:
  postgres:
    database: signal_sideband

Norn reads this, generates a Nomad job, manages the lifecycle. One file, everything declared.

what’s next#

• Multi-node federation via Tailscale
• Cron jobs as first-class citizens
• Log aggregation (currently just nomad alloc logs)