Technology
Not Everyone Needs Kubernetes
I explain why Kubernetes isn't the only solution for every project, highlighting the advantages of simplicity and cost-effectiveness based on my 20 years of.
#kubernetes
36 posts found.
Tutorials
✍️ Hand-written
Swap Fire: My Kubernetes Experiment on a 7.6 GB VPS
A pragmatic analysis of swap memory issues and their solutions encountered while experimenting with Kubernetes on a small VPS.
Technology
Trying to Solve Every Problem With Kubernetes: Unnecessary…
From small projects to enterprise systems, the operational load and cost of trying to solve every problem with Kubernetes — through my own experience.
Technology
Service Mesh Sidecar Overhead: A Hidden Performance Tax
I dig into the hidden performance costs of the service mesh sidecar pattern — resource consumption, latency, and operational cost — and how to reason about…
Career
Ephemeral Storage Crisis in Production: Containers' Instant Memory…
Read Mustafa Erbay's take on the crises caused by ephemeral storage in the container world and how these instant memory wars affect your career…
Tutorials
Hidden IPVS Issues in Kubernetes Clusters and How to Solve Them
Take a deep dive into the IPVS issues you run into in critical Kubernetes clusters. This guide walks through the subtleties of IPVS and the performance…
Technology
Broadcast Storms in Virtual Networks: The Hidden Killer of…
Examine the causes and impact of broadcast storms that can erupt inside virtual networks of microservice architectures, and learn how to prevent this…
Tutorials
A Hidden Resource Exhaustion War: The Deadly Dance of Containers
Learn about the hidden resource-exhaustion war containers fight, and how to manage this deadly dance. Performance optimization and stability included…
Tutorials
Kubernetes Service Discovery Crisis: The Dark Side of DNS
Are you wrestling with service discovery issues in Kubernetes? Explore the limitations of DNS and how to overcome these challenges.
Tutorials
Hidden Network Policy Crises in Production: Kubernetes War Stories
Overlooked details in Kubernetes Network Policies can spark unexpected crises in production. In this article we'll dig into common pitfalls and…
Tutorials
Kubernetes Network Policy Errors: A Battlefield at Midnight...
A comprehensive guide to fighting Kubernetes Network Policy errors. Understand common pitfalls and save your night with practical solutions.
Technology
ConfigMap and Secret Management in Kubernetes: The Anatomy of an…
Explore the challenges, best practices, and solutions around managing ConfigMaps and Secrets in Kubernetes. Learn how to head off the operational nightmares.
Technology
Kubernetes Network Policies: Invisible Walls Between Pods
Learn how to secure network traffic between pods using Kubernetes Network Policies. A from-A-to-Z guide with detailed examples for Network…
Technology
Kubernetes Pod Security: Invisible Battles with Network Policies
Discover the power of Network Policies for securing pod-to-pod networking in Kubernetes. Effective answers to invisible threats.
Tutorials
Defense Strategies Against Kubernetes DNS Cache Poisoning
Learn effective defense strategies against DNS cache poisoning attacks in Kubernetes environments. Discover methods to strengthen your security.
Tutorials
Kubernetes Pod-to-Pod Network Policies Battles: Securing the Mesh…
Learn step by step how to secure pod-to-pod network communication in Kubernetes with Network Policies. A detailed guide with examples.
Tutorials
Kubernetes API Server Audit Log: Policy and SIEM Pipeline
Collecting Kubernetes audit logs without drowning in noise: a practical approach to policy, retention, masking and SIEM correlation.
Tutorials
Kubernetes Control Plane Certificate Expiry: A Runbook
When API Server access suddenly breaks with x509 errors; certificate renewal and safe recovery steps for kubeadm-based clusters.
Technology
Kubernetes Etcd Encryption at Rest + KMS Design
Protecting Secrets with real cryptography rather than just base64: encryption configuration, KMS integration, and an operational rotation model.
Tutorials
Phased Hardening of Kubernetes with PSA + Kyverno
Roll out security guardrails in production clusters gradually with Pod Security Admission (PSA) and Kyverno: an audit→warn→enforce plan.
Tutorials
Kubernetes RBAC: Least Privilege + Break-Glass Model
A practical RBAC framework for role design, identity integration, and time-boxed emergency access (break-glass) without depending on cluster-admin.
Tutorials
GitOps Secrets Management with SOPS + age
A practical SOPS + age setup and operational discipline for keeping encrypted secrets in Git and decrypting them safely inside CI/CD and the cluster.
Tutorials
Kubernetes Admission Webhook Timeouts: A Runbook for Frozen Deploys
Field runbook to rapidly triage hung deploys caused by Validating/Mutating webhook latency and apply a risk-controlled mitigation.
Tutorials
Kubernetes ETCD Quorum Loss: Triage and Recovery Runbook
A runbook for quickly diagnosing ETCD quorum during API 5xx/timeout storms and walking through safe recovery steps via snapshot restore.
Tutorials
Workload Identity and mTLS with SPIFFE/SPIRE
A guide to wiring service-to-service mTLS through SPIFFE identities and SPIRE-issued short-lived certificates instead of relying on IPs and static secrets.
Tutorials
Protecting the Kubernetes Control Plane with API Priority and Fairness
A practical APF setup that prioritizes critical traffic and fairly queues noisy callers, lowering the risk of API server overload.
Tutorials
Designing Maintenance Waves for Kubernetes Node OS Patching
Roll out node patches in maintenance waves rather than all-at-once: drain, PDB, parallelism, and a safe rollback path.
Tutorials
Publishing Services on Bare Metal Kubernetes with MetalLB
A clear design framework based on MetalLB for publishing services on bare metal Kubernetes clusters without a cloud load balancer.
Technology
Microservice Architecture with Kubernetes
A practical guide that addresses service boundaries, traffic management, SLOs, and platform responsibilities together when designing microservices on…
Tutorials
Safe Version Promotion with Argo CD Image Updater
A guide for setting up a safe promotion model on a GitOps pipeline without leaving container versions to uncontrolled automation.
Tutorials
Gradually Tightening Kubernetes Network Policies with Cilium
A guide to moving Kubernetes network policy from observability into enforced control without breaking production.
Tutorials
Runtime Security Observation with Falco
A Falco-based setup guide for surfacing suspicious runtime behavior across Linux and Kubernetes environments.
Tutorials
Multi-Environment Promotion Pipeline with GitOps
A practical, GitOps-based guide for building a controlled promotion flow across development, test, and production environments.
Tutorials
External Secrets Flow for Kubernetes Secret Rotation
A guide based on External Secrets for pulling secret data from a central vault and applying rotation in Kubernetes environments.
Technology
Cost-Aware Design on a Kubernetes Platform
Practical principles for a Kubernetes platform architecture that scales on the cloud while keeping budget discipline.
Technology
Kubernetes Is Not For Everyone: A Look With 20 Years of Experience
With 20 years of system architecture experience, I discuss why Kubernetes is not the right solution for everyone, focusing on cost and complexity.