Linux, Containers and Open Source

Extending a VXLAN across nodes with Wireguard Virtualizing environments is something I do quite often in a day-to-day basis, usually, these environments live in different hypervisors. While I don’t always need these environments to talk to each other, from time to time I need some sort of connectivity between them. Getting the VMs running on these hypervisors routed through the lab network is one of the solutions I have been using for a long time....

Running Vault on Podman This post explains how to run a local Vault deployment on Podman for non-production use. I typically use this setup for my lab environments. This setup was tested with: Podman v4.7.2 Podman-compose v1.0.6 Vault v1.15.2 Prerequisites Install the vault client, you can get the binary for your O.S here. curl -L https://releases.hashicorp.com/vault/1.15.2/vault_1.15.2_linux_amd64.zip -o /tmp/vault.zip unzip /tmp/vault.zip && rm -f /tmp/vault.zip sudo mv vault /usr/local/bin/ Generate folder for storing the configs, data, and certs....

Integrating cert-manager with CFSSL Multirootca In a previous post we saw how we could run our own PKI using the CFSSL tooling. This post assumes you have read the previous one. The starting point is an empty Kubernetes cluster, we want to deploy cert-manager on it and on top of that we want to get it configured to issue certificates with our own PKI infrastructure running Multirootca. I’ll be using a Kubernetes v1....

PKI with CFSSL In this post we will learn how to deploy our own Public Key Infrastructure (PKI) by using the CFSSL tooling. This may be useful if you want to run your own Certificate Authority (CA) in order to issue certificates for your systems and/or users. Introduction to CFSSL CFSSL is a tool set created by Cloudflare and released as Open Source software. Before you continue reading this post I’d suggest reading this introductory post to PKI and CFSSL by Cloudflare....

Gateway API for Kubernetes In this post we will go over a new project by the SIG-NETWORK that aims to evolve Kubernetes service networking. I’ll be using a Kubernetes v1.26 (latest at the time of this writing). The tool used to create the cluster is kcli and the command used was: kcli create kube generic -P ctlplanes=1 -P workers=1 -P ctlplane_memory=4096 -P numcpus=8 -P worker_memory=8192 -P image=fedora37 -P sdn=calico -P version=1....