Kubernetes (RKE2) on Ubuntu LTS, Rancher for governance, Podman for rootless containers. Identity with Samba 4 + Authentik, collaboration via Zimbra, and observability with Wazuh, Prometheus, and Grafana. Client freedom: 10 Ubuntu-based desktops tuned to user personas.
3× Ubuntu Server LTS; RKE2 Kubernetes with Rancher for lifecycle, RBAC, and multi-cluster governance.
Podman-only (daemonless/rootless); Longhorn for CSI storage; MetalLB for L2 LB; Cert-Manager for PKI.
Samba 4 AD as source of truth; Authentik for SSO/MFA and modern protocols.
Zimbra CE with ClamAV + SpamAssassin for secure mail and collaboration.
Wazuh SIEM/XDR; Prometheus + Grafana for metrics and dashboards.
Velero with MinIO (S3-compatible) for cluster and PVC backups; snapshot-aware via CSI.
Standard; broad hardware support.
Office-friendly; Windows-like UX.
Management-friendly polish.
Developer and engineering focus.
Power users; KDE workflow.
Legacy hardware (XFCE).
Ultra-light, thin clients.
Traditional desktop paradigm.
Kiosk/public terminals.
R&D, newest KDE.