Calico vs. Cilium
Feb 17 · 4 min read · If you have ever set up a Kubernetes cluster "the hard way" or even on a managed cloud provider, you have faced the question: "Which CNI should I use?" For a long time, this was a boring decision. You picked the default, or you picked the one that wo...
Join discussionKubernetes Network Policies Guide for Pod Security
Feb 13 · 7 min read · Kubernetes Network Policies Guide for Pod Security Implementing zero-trust networking with Calico and Cilium As Kubernetes clusters grow in complexity and scale, the default "allow-all" networking model becomes a critical security vulnerability. In 2...
Join discussionCilium Service Mesh: eBPF Networking for Kubernetes
Feb 12 · 4 min read · Cilium Service Mesh: eBPF Networking for Kubernetes The 3 AM Production Incident That Changed Everything Six months ago, our infrastructure failed spectacularly. Here's what I learned. Table of Contents Why Traditional Approaches Break Modern Cloud-...
Join discussionCilium ClusterMesh Deep Dive: Connecting Kubernetes Clusters with eBPF
Feb 4 · 16 min read · I’ve been slow with the blog posts, I’ve been very busy getting to grips with new tools, systems, ways of working, and just trying to learn as much as I can since starting my new role at a new company 6 months ago and not making my head explode… All ...
Join discussion
Containerlab: OpenBGPD and Cilium
Jan 18 · 1 min read · I forced OpenBSD, Talos Linux, and Cilium into a single BGP-powered Containerlab environment. It's a weird combination that probably shouldn't exist, but sometimes you build things just to see if you can. 💡 Pro-tip: Do not try this in production. 🌩...
Join discussionStop Drifting: How to Lock Down Your Cilium CNI with Argo CD
Jan 18 · 6 min read · In my last post, Stop Using the Wrong CNI: Why Your Homelab Deserves Cilium in 2026, we established a production-grade networking foundation for our Talos Kubernetes cluster. But a powerful CNI is only half the story. To truly manage our cluster like...
Join discussion
Stop Using the Wrong CNI: Why Your Homelab Deserves Cilium in 2026
Jan 11 · 6 min read · In my last post, The Four-Repo GitOps Structure for My Homelab Platform, I laid out the architectural blueprint for managing my homelab like a production environment. Building on the automation I detailed in my popular post, Need for Speed: Automatin...
Join discussion
From Packets to Identity: How Cilium Rewrites Kubernetes Security
Dec 29, 2025 · 3 min read · The Hidden Problem After Fixing Latency After replacing kube-proxy with Cilium’s eBPF dataplane, the cluster felt smooth. No CPU spikes. No rollout-induced latency cliffs. No iptables during incidents. But something else became obvious once the noise...
Join discussion
It's always DNS
Nov 10, 2025 · 4 min read · When DNS Meets eBPF: How a Resolver Choice caused production downtime We hit an outage after shipping network policy changes on a cluster that uses Cilium in kube-proxy replacement mode. Minutes later a nginx server being used by other services start...
Join discussion