I've been doing HomeLab and HomeLab-adjacent things for over 10 years at this point (based on the ago of Pi-hole and Raspberry Pi 2, this would be closer to 8+ years). My first experience in the space was a Raspberry Pi 2 that I used for a few years to
Starting a new Cloud/HomeLab blog at this domain - let me know if you want a contributor invite!
Have you played with anything like Istio to secure in-cluster communications? I think Hashicorp Consul can do something similar to encrypt service to service communications.
I looked into it but I felt at the time it was too complex, maybe I’ll look at it again. Currently I am using wireguard for all cluster node-to-node traffic. It seemed like a reasonable tradeoff at the time, but it is at the network layer instead of application, so I really should revisit that at some point.
That makes sense!
Have you played with anything like Istio to secure in-cluster communications? I think Hashicorp Consul can do something similar to encrypt service to service communications.
I looked into it but I felt at the time it was too complex, maybe I’ll look at it again. Currently I am using wireguard for all cluster node-to-node traffic. It seemed like a reasonable tradeoff at the time, but it is at the network layer instead of application, so I really should revisit that at some point.
Yeah it very adds some extra complexity and it’s more important for if you are hosting in public clouds anyways IMO.