Your cluster is not as secure as you think — common K8s security gaps
Default Kubernetes is designed for convenience, not security. Most clusters have the same five gaps, and most teams don't know until something breaks.
Paperless-ngx on Kubernetes — from scanner to searchable archive
Documents go from a network scanner to a classified, searchable archive without manual steps. The entire pipeline runs on Kubernetes, backed by NAS storage.
Running Kubernetes on Raspberry Pi — the real cost and the real lessons
Everyone shows the glamorous kubectl output. Nobody shows the SD card failures, the ARM64 image hunt, or the power draw math. Here's the honest version.
FluxCD vs ArgoCD — an opinionated comparison
Both reconcile. Both work. But they make fundamentally different assumptions about who controls the cluster. Here's why I chose FluxCD.
Your homelab is your best interview
Running production-grade infrastructure at home taught me more about DevOps than any certification prep course. Here's why I think every engineer should try it.