#k8s

Not🐧A🐧Convicted🐧Felonsleepyfox@hachyderm.io
2025-05-30

This post brought to you by the "This #K8s cluster with 100 JVM 'microservices' could have been an app on my #RaspberryPi" association.

2025-05-30

5,000 trains. 400+ internal projects. 200-page security manifesto.

And just four months to go cloud native with Talos Linux.

siderolabs.com/case-studies/fr

#kubernetes #CloudNative #K8s #ContainerOrchestration #SNCF #TalosLinux

2025-05-29

I generally rather enjoy working with #k8s #helm charts to deploy complex server side apps.

The lack of silly walks is satisfying.
Helm: "May I have my Configuration Burger so I can deploy your app please?"

Me: Here you go! 600 lines of YAML! OPEN WIDE!

Only problem is that when you're 300 lines in editing all the values to be correct it feels like THIS point people used to talk about hitting while building electronics projects:

2025-05-29

Istio как мультикластерное решение: возможности, подходы и компромиссы

Привет, Хабр. Продолжаем изучение Istio и сегодня рассмотрим некоторые интересные особенности, которые в дальнейшем могут облегчить сопровождение и развитие сервисной mesh-инфраструктуры в Kubernetes. С ростом распределённых систем и микросервисных архитектур в Kubernetes всё чаще встаёт вопрос о построении надёжной, масштабируемой и безопасной сетевой инфраструктуры. Когда одного кластера становится недостаточно, возникает потребность объединить несколько инсталляций в единую mesh-сеть. Здесь и появляется Istio, как кандидат на реализацию мультикластерной архитектуры.

habr.com/ru/articles/913908/

#devops #istio #kubernetes #k8s #sre

2025-05-29

In case you want to get your hands dirty with Traefik, Kubernetes and the new GatewayAPI, I got you covered.

Here is another vagrant-libvirt setup that has #k3s, #Traefik and a #Nginx deployment. Instead of using a #Kubernetes #ingress or a Traefik ingressroute, this setup uses the #GatewayAPI resources like Gateways and HTTPRoutes.

codeberg.org/johanneskastl/tra
github.com/johanneskastl/traef

As usual, #Ansible does the heavy lifting and deploys everything in the cluster.

Have a lot of fun.

#k8s #Kubernetes #Traefik #Ingress #GatewayAPI #DevOps #vagrant #libvirt #Nginx #HellYeah

2025-05-29

Как я перестал страдать и полюбил CoreDNS: три истории

Всем привет! Я Саша Краснов, CTO контейнерной платформы «Штурвал». В апреле прошла юбилейная DevOpsConf 2025, на которой мне посчастливилось выступать с докладом. Рассказывал я про хаки, которые позволяют автоматизировать использование DNS. Эта статья построена на базе моего доклада и трех реальных историй: — управление DNS из git; — собственный nip.io ; — как и зачем писать плагины для CoreDNS. Приходите под кат, там интересно :) Попасть под кат

habr.com/ru/companies/chislite

#coredns #dns #kubernetes #k8s #nipio #git #github #плагины #штурвал #devops

VictoriaMetricsvictoriametrics
2025-05-29

✨ It’s a big day for the community!
We’re kicking off our first-ever & Call today at 5 pm BST / 6 pm CEST / 9 am PST.
We'll talk about how to optimise data collected by default in k8s-stack helm chart, incl. topics such as:
🔭 Cardinality explorer
🎥 Stream aggregation
📈 Unused
🔍 Explore powerful features
💬 Hear top user Q&As

youtube.com/live/yfNa9cvUAVQ

2025-05-28

K8s как основа: строим инфраструктурную платформу

Kubernetes является мощным инструментом для оркестрации контейнеризированных приложений. Построение инфраструктурной платформы на основе K8s является очень нетривиальной задачей, и в этой статье мы рассмотрим основные вопросы и проблемы, возникающие при разработке архитектуры платформы.

habr.com/ru/companies/otus/art

#k8s #architecture #kubernetes #оркестрация_контейнеров #архитектура_платформы

2025-05-27

Migrating from Sealed Secrets to Infisical in my homelab.

2025-05-27

Edge infrastructure isn’t a scaled-down copy of the cloud.

Kubernetes may have been designed for connected, stable, and resource-rich environments, but now it's making its mark at the edge. And everything is changing.

edgeir.com/when-kubernetes-hit
#kubernetes #k8s #edgecomputing

2025-05-26

Has anyone run #K8S nodes across the internets? For example, control plane running in one location (eg #homelab) and worker nodes in a DC?

@sheogorath any experience with this?

Adriana Villela 🇧🇷🇨🇦adrianamvillela@hachyderm.io
2025-05-26

If you're curious about how to configure HPA on OTel Collectors managed by the #OpenTelemetry Operator, then check out my latest article!

Big thanks to Jacob Aronoff for helping me unpack some of this!

adri-v.medium.com/lets-learn-a

#k8s #Kubernetes #horizontalPodAutoscaler

Putting aside the question of *which* node should be advertising a given service via BGP - *what* would it advertise? Services /can/ have multiple IPs but that's not usually the case. It's primarily a single ClusterIP to indirect backends right?

Okay so *somehow* the IP gets advertised but what range do you put on it?

The entire service CIDR sure is convenient but then what? All services hit the same node and get converted to in-cluster IP forwarding? Can you even advertise a range with multiple gateways? Probably. But this is also playing roulette with nodes not having a backend on them. Even if you made the route advertisement only the nodes with backends for the service, it'd be quite a weighty way to do the indirection, and you're now moving that indirection *outside* the cluster - which is cool but seems to violate the idea that services should be internal-only.

@hugo Halp

#Networking #Kubernetes #k8s #Cilium #CiliumCNI

So the default kubernetes service has no `selector` in spec, which, according to the v1 `Service` spec:

> If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify.

But fetching endpoints (or endpointslices rather) yields none for the default service. This would explain the CNI not doing anything about the Service. Does not explain the lack of service routing for ones that *do* have endpointSlices

Am I missing some Cilium option to make it manage the endpoint?

#Cilium #CiliumCNI #Kubernetes #k8s

Capricious Daycapriciousday
2025-05-24

What is the practical benefit of splitting persistent volume and persistent volume claim resource definitions in kubernetes when they have a 1:1 mapping? Is it helpful or just extra boilerplate you're forced to write?

Felt like I was thrashing semi-blindly with my CNI config so i read the Kubernetes/Cilium for network engineers book. Couple new tidbits but looks like I am stuck waiting till 2026 for the proper O'Reilly one.

Meantime - labs I guess

#Cilium #CiliumCNI #Kubernetes #k8s

2025-05-23

What I'm really trying to do: build an nginx config bundle (conf + certificates) as a Secret with an in-cluster metaoperator and then sync that to a set of external proxies.

#Kubernetes #HomeLab #k8s

2025-05-23

What is the most lightweight way to monitor a #Kubernetes object for changes outside of a cluster? Specifically, I want to know when an object changes and fire a hook script with the updated object.

Is this just shell-operator?

#HomeLab #k8s

2025-05-23

We released c4k-forgejo in order to improve the keycloak integration:

repo.prod.meissa.de/meissa/c4k

#c4k #forgejo #devops #clojure #k8s

Jam-packed talk full of crazy stuff with IPv6 SRV.
I think I understood like maybe a half of it.

youtube.com/watch?v=vJaOKGWiyv

#IPv6 #Networking #Kubernetes #k8s #Cilium

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst