post series

This Site: FastAPI 4 posts
  1. Technical SEO on a FastAPI blog: what this site actually does 2026-06-05
  2. Storing persistent data in Yandex Cloud S3 from a FastAPI app 2026-06-03
  3. How this site is built 2026-06-01
  4. Security defaults in a FastAPI app: headers, auth, and input validation 2026-05-20
Proxy & VPN 6 posts
  1. Shadowsocks proxy in Kubernetes 2026-06-02
  2. Rotating Tor HTTP proxy in Kubernetes 2026-05-30
  3. VPN status monitoring: WireGuard + IKEv2 in real time 2026-05-27
  4. IKEv2 and WireGuard running in separate Kubernetes namespaces 2026-05-08
  5. Three proxies on one server: HTTP, SOCKS5, and Shadowsocks 2026-05-03
  6. Proxy mesh in Kubernetes: Tor exit nodes and geo-routing with hola-proxy 2026-04-19
.NET on Kubernetes 5 posts
  1. NuGet library CI: versioning from branch name and dual-registry publish 2026-05-29
  2. SonarQube in GitLab CI: dotnet-sonarscanner and coverage delta 2026-05-28
  3. ELK in Kubernetes: Elasticsearch, APM Server, and Kibana 2026-03-17
  4. OpenTelemetry in .NET: traces, metrics, and logs with minimal boilerplate 2026-03-13
  5. Multi-stage Dockerfile for .NET: build once, run lean 2026-03-08
GitLab CI Pipelines 7 posts
  1. GitLab CI multi-environment pipeline: workflow rules and deploy gates 2026-05-26
  2. Trivy + SonarQube: security scanning in a GitLab CI pipeline 2026-04-07
  3. Helm chart testing: lint, unit tests, and ct in CI 2026-03-26
  4. GitLab CI DinD: Docker builds with BuildKit caching 2026-03-25
  5. GitLab CI Docker deploy pipeline: build, push, and rolling update 2026-03-07
  6. GitLab Runner in Kubernetes 2026-02-24
  7. SonarQube in Kubernetes: deployment and GitLab CI integration 2026-02-19
Secrets Management 7 posts
  1. consul-template in the GitLab CI deploy job 2026-05-22
  2. Vault JWT auth from GitLab CI: no static tokens 2026-05-21
  3. External Secrets Operator + HashiCorp Vault: Kubernetes auth flow 2026-03-19
  4. SealedSecrets: storing encrypted kubeconfigs in git 2026-02-17
  5. External Secrets Operator with HashiCorp Vault: JWT auth and KV v2 2026-02-13
  6. Sealed Secrets: the full ceremony from install to cluster migration 2026-02-11
  7. HashiCorp Vault: bootstrap, unseal, and Kubernetes auth 2026-02-10
FluxCD & GitOps 9 posts
  1. Debugging Flux reconciliation: a field guide 2026-05-17
  2. Adding a new environment to a FluxCD hub-and-spoke cluster 2026-04-30
  3. Kustomize configMapGenerator and secretGenerator 2026-04-18
  4. Flux Image Update Automation: auto-bump image tags in git 2026-04-12
  5. GitLab CI for an infra repo: lint, validate, and flux reconcile 2026-04-03
  6. Flux Notification Controller: commit status, Telegram, Mattermost 2026-03-01
  7. FluxCD hub-and-spoke: one cluster to manage them all 2026-02-09
  8. Kustomize base/custom/patch: DRY Helm values across environments 2026-02-07
  9. FluxCD hub-and-spoke: managing multiple Kubernetes clusters from one git repo 2026-02-02
AlertManager Routing 3 posts
  1. abot: Alertmanager proxy for Telegram and Mattermost notifications 2026-05-12
  2. Alertmanager routing: Telegram notifications with inhibition rules 2026-03-20
  3. Alertmanager routing to Telegram and Mattermost 2026-03-04
Prometheus Monitoring Stack 11 posts
  1. Multi-cluster Prometheus: remote_write to central VictoriaMetrics 2026-05-10
  2. Blackbox exporter and Prometheus Probes for endpoint monitoring 2026-05-06
  3. kube-prometheus-stack: the full monitoring setup 2026-03-18
  4. Grafana datasource and dashboard provisioning via ConfigMap 2026-03-16
  5. Prometheus recording rules: pre-aggregating expensive queries 2026-03-11
  6. VictoriaMetrics Operator: VMAgent, VMSingle, VMServiceScrape 2026-03-06
  7. kube-prometheus-stack on multi-cluster: spoke Prometheus, central Grafana 2026-02-27
  8. Prometheus exporters in Kubernetes: kafka, mongodb, redis, and more 2026-02-21
  9. node-exporter alerting: clocks, disks, and inotify limits 2026-02-20
  10. Kafka alerting in Kubernetes: from broker down to consumer lag 2026-02-18
  11. Writing good PrometheusRules: structure, labels, and unit tests 2026-02-16
k3s with Ansible 3 posts
  1. Ansible for multi-cluster k3s management 2026-05-01
  2. Bootstrapping k3s clusters with Ansible and Flux 2026-02-12
  3. Ansible playbook for k3s: sysctl, kernel modules, and Cilium bootstrap 2026-02-03
k0s Cluster Setup 7 posts
  1. Deploying to k0s with a shell script instead of CI/CD 2026-04-28
  2. Self-hosted Docker registry inside the k0s cluster 2026-04-22
  3. Automatic TLS with cert-manager, Let's Encrypt, and Traefik IngressRoutes 2026-04-15
  4. Helm charts declared in k0s config: Flannel, Traefik, cert-manager, Prometheus 2026-04-10
  5. Setting up a Debian VPS for k0s: sysctl, kernel modules, and the install 2026-04-05
  6. cert-manager: wildcard certificates with DNS-01 challenge 2026-04-01
  7. Traefik Middleware for security headers: HSTS, CSP, and frame protection 2026-03-02
APISIX Ingress 3 posts
  1. OpenTelemetry bridge: APISIX → otel-collector → Elasticsearch APM 2026-04-13
  2. APISIX as Kubernetes ingress: rate limiting, JWT routing, and Lua plugins 2026-03-03
  3. APISIX as a Kubernetes ingress: global rules, TLS, and OpenTelemetry 2026-02-22
Cilium Deep-Dive 5 posts
  1. Cilium L2 LoadBalancer on bare-metal k3s 2026-03-29
  2. Cilium NetworkPolicy: default-deny and DNS-aware rules 2026-03-27
  3. Cilium network policy: default-deny and workload isolation 2026-02-28
  4. Hubble: network observability built into Cilium 2026-02-08
  5. Cilium as kube-proxy replacement with L2 LoadBalancer on k3s 2026-02-06
Logs & Observability 6 posts
  1. Elasticsearch Index Lifecycle Management 2026-03-22
  2. Loki and LogQL: logs without Elasticsearch overhead 2026-03-21
  3. Vector: log pipeline from Kubernetes to Elasticsearch 2026-03-15
  4. Elasticsearch in Kubernetes: HelmRelease, ingest pipelines, and bootstrap 2026-03-14
  5. VictoriaLogs + Vector: replacing EFK with a lightweight log stack 2026-03-09
  6. Elastic APM Server in Kubernetes 2026-02-14