Kubernetes: Azure Arc in a Talos Kubernetes Cluster

Azure Arc lets you connect a Kubernetes cluster to Azure and manage it from the portal, regardless of where it runs. In this case, a Talos cluster running on VMware at home, but it could be any Kubernetes cluster running anywhere. The cluster does not need any inbound ports open - the Arc agents run inside the cluster and maintain an outbound connection to Azure.

You also get MFA and Entra ID integration for authentication, and a live view of the cluster's resources in the portal.

Kubernetes: 3TB Less Storage, 80GB Less RAM, and More Features

After getting the Talos cluster running and ArgoCD wired up, the next thing to do was actually move workloads into it. That process ended up being a general cleanup as well - going through what was running, deciding what was still needed, and getting rid of the rest. The result was 3TB less storage consumed and 80GB less RAM allocated across the hosts, while actually running more services than before.

I have been running Kubernetes for a while, but still had a lot of the "one VM per service" mindset from before. Also wasn't really confident enough in Kubernetes to just move my workloads into it and delete the old VMs.

I also started moving VMs to Containers due to all the security vulnerabilites that have been popping up around Linux and other stuff lately. So it is either patching VMs more often or moving more into containers.

Kubernetes, Unifi, BGP and Talos in a Homelab

Last year I started looking into Kubernetes for the first time. There are a lot of options - k3s, k0s, Talos, kubeadm - and a lot of new terms to get your head around. I started with k3s, and have been running it for half a year. The last week I have been slowly but surely transitioning to Talos. A fully automated GitOps-driven cluster that I can wipe and rebuild from scratch in under an hour.

• Real LoadBalancer IPs with BGP peering to my Unifi UDM-PRO.
• Traefik with Gateway API for routing. cert-manager for TLS.
• External Secrets Operator with Azure Key Vault for secrets management.

The whole stack is in a single git repository and ArgoCD takes care of the syncing. But how did we get here?

Building a VMware SelfService Portal with PowerShell and Azure

Last month I tried to build a SelfService Portal for VMware vCenter as an alternative to a full automation platform. The goal was to let users provision VMs in minutes, without the overhead that comes with running a full platform. The whole thing runs on Azure services for under $15 per month.

I wanted to see how far I could get using GitHub Copilot and Claude Code to generate most of the code, while still building something I understand and can maintain myself.

A Start on Dante - A journey into the world of Digital AV

For over 15 years I have been using analog audio equipment and last month i made the move to Dante. Learning Dante has been a journey, and I wanted to share my experience with you. I will go through the setup, the issues I faced, and the good things about Dante.

New year, new place

For a while i wanted to change where my blog was placed, as i just used some expsensive webhotel as i was in need for something very reliable years years ago.

Over time the solution got more and more expensive, while my requirements went more and more down. For web i only need static web-files now on this domain, so therefore my options was more open than ever before.

What?

I decided due to my new job, looking into Static Web Apps from Microsoft/Azure, which i highly recommend. They have a free tier, which seems good enough for most people. It also supports Hugo in that regard that if you map it to Github it will automatically build in Git and push it to the Static Web App, when you make a change something. Without the need to write a Pipeline yourself.

NSX Troubleshooting, what changed in the firewall?

I found a neat feature that I didn't know in the NSX Manager during a late night. Every publish/change makes a configuration point, that you can see what changed from then -> now.

This can be good for troubleshooting, something that stops working, that might be due to a DFW Configuration issue.

Go to the DFW, over the categories click "Actions" -> Under Drafts click "View" You will be presented with the saved configurations:

So lets go into troubleshooting mode, and lets say something stopped working at 10:32. I can find the date in the above screenshot and point at the dots and see the timestamps - look below: