Blogs

Omni is a Kubernetes management platform for Talos-based Kubernetes clusters that is available via a Business Source License which allows free installations in non-production environments. This makes it a perfect fit for powering my homelab’s Kubernetes environment. When setting up, I noticed that Omni supports SAML-based authentication, but only provides documentation for a few selected providers: Auth0 Workspace ONE Okta Entra ID Unify Identity Enterprise Keycloak I am running Authentik as IAM provider in my homelab, and thus had to do some research in order to find a working configuration. After talking to other community members in the Talos Slack community, I decided to document the needed steps. ...

Paris 2024 will mark my third KubeCon, and my first time at Rejekts to go along with it. In order to not get completely overwhelmed by two conferences back to back, I took a good look at the conferences’ schedules over the weekend, and identified a few talks and larger topics I will be focusing on: Kubernetes Networking and the Gateway API Platforms built on Kubernetes Kubernetes Deep Dives Let’s have a look at a few talks from those topics, and why I picked them. ...

One of my goals for 2024 is to get my homelab back up and running. Since I want to be able to access my applications on easy-to-remember domains, I use Traefik as a reverse-proxy. This allows me to access my applications on subdomains or paths, like this: https://prometheus.dbodky.me https://dbodky.me/grafana While the former is easy to set up, the latter can be a bit tricky sometimes. In this post, I’ll explain why and show you how to set up Traefik to reverse-proxy applications on subpaths. ...

Though I’m no fortune teller, thought leader, or expert (not even a senior while we’re at it), 2024 is going to be my third year in the cloudnative space. I’ve been working with Kubernetes and related technologies for most of this time, got certified twice, and formed my own opinion(s) regarding many things in the ecosystem. Therefore, I want to share three projects that I think could become important to me in 2024. ...

Being involved in various projects with a high cadence of commits every day makes it easier for bad actors to try and slip in nasty stuff - if we don’t sign our commits, that is. Recently, a few stories about spoofed commits made it into my Twitter feed, namely by Eddie Jaoude and David Flanagan, aka rawkode: This why you MUST sign your commits!! So when someone tries to spoof your git commits, it clearly shows "unverified" and you know not to trust it Big thank you to @intrigus_ who showed me from the GitHub logs we can see who it is - I have reported this repo and user to GitHub pic.twitter.com/kvluaNPDt1 ...