Pim Widdershoven

Talos Linux is a Kubernetes-only OS — minimal core, system extensions for the rest, and an API for everything. This post covers why I picked it, how I bootstrap a 3-node cluster with PXE, and the configuration files you need to follow along.

Passwords are losing their footing as the primary authentication mechanism. This post explores how cryptographic proof, hardware security keys, passkeys, digital signatures, and attestation are shifting the foundation of digital trust — and what that means for your accounts, your architecture, and Zero Trust.

Implementation guide for creating an ArgoCD cluster that manages its own configuration and updates through GitOps, including repository structure, app-of-apps pattern, and self-healing configuration.

Limit exposure of web applications on Kubernetes using Traefik ingress controller with IP whitelist middleware configuration.

Running Kubernetes on bare metal can be challenging on several aspects. One of those is the use of load balancers. MetalLB is a bare metal load balancer that uses ARP to dynamically create new load balancers using dedicated internal IP addresses.