- cross-posted to:
- homelab@selfhosted.forum
- cross-posted to:
- homelab@selfhosted.forum
(First blog post ever, would appreciate your input!)
Edit: Title was a lil clickbaity
(First blog post ever, would appreciate your input!)
Edit: Title was a lil clickbaity
Nice work! This was the reason I moved my homelab stack to k8s with Cilium.
Same here. K8s makes stuff like this so mucb easier, since you can declaratively control traffic flow via NetworkPolicies.
And with cilum you ca use hubble to visualize whay traffic is currently happening, in order to figure out what is actually needed.
I also use Cilium as my host based firewall instead of ufw/firewalld.
https://docs.cilium.io/en/latest/security/host-firewall/
I’ve been waiting for the L7 host policies before applying it to the host, looks like beta is here. I’ll give that a shot.