Pim Widdershoven

Cilium replaces Flannel and kube-proxy on Talos. You get identity-based policies, kernel-level enforcement, packet-level observability through Hubble, the Gateway API for HTTP routing, and L2 announcement so you can expose Services on a bare-metal home network.

Talos Linux is a Kubernetes-only OS — minimal core, system extensions for the rest, and an API for everything. This post covers why I picked it, how I bootstrap a 3-node cluster with PXE, and the configuration files you need to follow along.

Passwords are losing their footing as the primary authentication mechanism. This post explores how cryptographic proof, hardware security keys, passkeys, digital signatures, and attestation are shifting the foundation of digital trust — and what that means for your accounts, your architecture, and Zero Trust.

Implementation guide for creating an ArgoCD cluster that manages its own configuration and updates through GitOps, including repository structure, app-of-apps pattern, and self-healing configuration.

Limit exposure of web applications on Kubernetes using Traefik ingress controller with IP whitelist middleware configuration.