@netops2devops.net.bsky.social
Kubernetes platform Security Engineer by profession. Also a recovering network engineer. Open source exuberant. Fan of open standards. Spends way too much time in homelab
#Kyverno also has this super awesome feature to generate new objects (like NetworkPolicy) during admission review which is definitely not a thing in Gatekeeper from what I can tell.
03.08.2025 02:51 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0the policy I was trying to write already comes ready made in #Kyverno policy library and it's less than 20 lines of YAML!!
kyverno.io/policies/oth...
As much as I love #OPA the developer experience around using it with gatekeeper is a bit rough (IMO).
After struggling with embedding Rego inside YAML on top of having to write constraint template, then a constraint file just to create 1 basic admission policy, I am switching teams from #Gatekeeper to #Kyverno and as it turns out ..
03.08.2025 02:45 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0Could you elaborate on the problem you're currently working on? Just curious ๐
02.08.2025 03:18 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0The nano textured display with a slight matte finish on the new MacBook Pro laptops is just ๐ฅ Totally worth the $$$
28.07.2025 01:06 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0Are you using OPA with kube-mgmt ? As in whatโs doing the policy enforcement here?
17.07.2025 01:29 โ ๐ 2 ๐ 0 ๐ฌ 1 ๐ 0Checkout taskfile ๐ no Makefile just YAML
08.07.2025 01:11 โ ๐ 1 ๐ 0 ๐ฌ 1 ๐ 0Are you using โomitemptyโ in your struct tags?
25.06.2025 23:15 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0#Kubernetes tends to seem more complex from the outside than it truly is once you realize it's just an API server managing the infra.
18.06.2025 20:17 โ ๐ 1 ๐ 0 ๐ฌ 0 ๐ 0I am really starting to appreciate how @openpolicyagent.bsky.social docs have been re-organized in the recent update!
15.06.2025 19:36 โ ๐ 1 ๐ 0 ๐ฌ 0 ๐ 0
Is pkg.go.dev down? #golang
12.06.2025 19:50 โ ๐ 1 ๐ 0 ๐ฌ 1 ๐ 0
Upcoming changes in #Cilium 1.18.0 will bring significant improvements for operating #Kubernetes in #IPv6 only networks! One big ticket item is that now you can use the default tunnel mode with an IPv6 only underlay. I shared my configs in GitHub issue comments github.com/cilium/ciliu...
26.05.2025 00:40 โ ๐ 4 ๐ 0 ๐ฌ 0 ๐ 0Is gorilla/mux even maintained anymore?
12.05.2025 01:12 โ ๐ 1 ๐ 0 ๐ฌ 0 ๐ 0Actually not hard at all. I have been running an IPv6 only K3s cluster using #cilium in native routing mode for over a year now and itโs been pretty rock solid!
03.05.2025 16:36 โ ๐ 2 ๐ 0 ๐ฌ 0 ๐ 0While #Cilium is most commonly used as a CNI, not much has been documented about its capabilities outside of #Kubernetes, specially as a standalone NAT46x64 gateway for #IPv6 only networks. netops2devops.net/posts/cilium...
01.05.2025 20:29 โ ๐ 3 ๐ 0 ๐ฌ 0 ๐ 0I've been learning some concurrency in #Go using goroutines so I wrote a really dumb program that launches a workerpool to clone all publicly available repositories of an organization from Github. The obvious natural step next is to feed those repos to a secret scanning tool such as #gitleaks ๐
18.04.2025 00:50 โ ๐ 4 ๐ 0 ๐ฌ 1 ๐ 0Itโs a matter of perspective. Letโs look at it the other way around
- In C/C++ thereโs absolutely no garbage collector whatsoever
- Go has a built in garbage collector
- In Rust, you are the garbage collector
I explicitly wanted to use a CNI that can also be used in production :) #kind is ๐ฅ
15.04.2025 23:36 โ ๐ 1 ๐ 0 ๐ฌ 1 ๐ 0Depends on how simple of a web server you want to build. If your use case is minimal I think the built in httpServer is a great option. Iโve been reading Echo docs echo.labstack.com and it seems much better in terms of documentation compared to Gin. Iโm sure Gin works great too. Itโs stil maintained
13.04.2025 17:04 โ ๐ 1 ๐ 0 ๐ฌ 0 ๐ 0Most engineers who level up and eventually become executives usually drift away from their engineering grassroots as they become less hands on and focus more on business. But then there are people like Mitchell Hashimoto who still enjoy getting into the weeds and for that he has my respect ๐ซก
13.04.2025 05:57 โ ๐ 1 ๐ 0 ๐ฌ 0 ๐ 0
Granted less than ideal but if it helps you can download a go module to your GOMODCACHE and generate docs there for reading.
12.04.2025 05:18 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0But yea I do agree in that Slices can definitely be a trip wire for anyone who is new to Go ๐ I had my fair share of those during advent of code last year
10.04.2025 02:04 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0My eyes open up wide any time I see any pointers being passed around to a function because of this. But the intro to go docs makes it pretty clear that one should pass pointers only when mutating the original data is desired.
10.04.2025 02:00 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0Changing any values while passing reference (explicitly or implicitly) will mutate the data
09.04.2025 22:49 โ ๐ 1 ๐ 0 ๐ฌ 0 ๐ 0Iโm new to Go so correct me if Iโm wrong here but the default behavior in Go functions is to use call by value so the values get copied over to bork() and original data is not mutated except when youโre passing a slice (which in itself is a reference to an array)
09.04.2025 22:47 โ ๐ 2 ๐ 0 ๐ฌ 2 ๐ 0As someone new to #Golang (who is still very much learning) so far I have gotten a LOT of value from www.practical-go-lessons.com After reading almost half of the ebook online (for free) I started felt guilty and ended up purchasing the e-Book. Totally worth it in my opinion.
09.04.2025 04:41 โ ๐ 3 ๐ 0 ๐ฌ 1 ๐ 0
Also see github.com/golang-stand...
26.03.2025 03:32 โ ๐ 3 ๐ 0 ๐ฌ 0 ๐ 0
