andreivasiliu.comThe State of Persistence - Deploying Longhorn on Talos LinuxIntroduction: The Paradox of Statelessness Kubernetes is designed to be ephemeral. Pods die, nodes are replaced, and the cluster heals itself. This "stateless" philosophy is efficient for application Feb 14·6 min read
andreivasiliu.comThe Path to Automated TLS - Part 3 Automated Certificates with Cert-ManagerIntroduction: Locking it Down - From HTTP to HTTPS In the preceding chapters, we established the networking foundation for a production-grade bare-metal Kubernetes platform. In Chapter 1, we implemented MetalLB to provide stable LoadBalancer IPs, so...Feb 6·6 min read
andreivasiliu.comThe Path to Automated TLS - Part 2 The Gateway to the Cluster - Traefik and TechnitiumIntroduction: From IP Address to Intelligent Gateway In Chapter 1, we laid the foundational pillar by solving the bare-metal IP address problem with MetalLB. Our test NGINX service successfully acquired the IP 10.20.0.90, proving our cluster can now ...Feb 4·8 min read
andreivasiliu.comThe Path to Automated TLS - Part 1 Bridging the Gap - Networking with MetalLBThe Path to Automated TLS: A Three-Part Guide The path to achieving fully automated, production-grade TLS on a bare-metal Kubernetes homelab is a rewarding but detailed journey. To do it justice, I've structured this guide as a three-part series... a...Feb 2·6 min read
andreivasiliu.comFrom Vault to Pod: Automating Kubernetes Secrets with 1Password and External SecretsAfter building a Kubernetes cluster and setting up Argo CD to manage its configuration, what's the very next thing you should install? For me, both in production and in my homelab, the answer is always the same: External Secrets Operator. This post e...Jan 23·6 min read