Archive - Podo Stack

cert-manager: TLS Automation for Kubernetes

Automatic certificate lifecycle, ACME challenges, mTLS with CSI driver, and the GitOps patterns that keep your clusters secure

22 hrs ago • Ilia Gusev

Kubernetes Node Affinity Explained: Beyond nodeSelector

Hard rules, soft preferences, ARM fallback, and the scheduling patterns that actually work in production

Mar 4 • Ilia Gusev

Spot Consolidation, Pod Packing, and the 40% You're Overpaying

Karpenter SpotToSpot, Pod Affinity Traps, Spot vs On-Demand Fallback, Node Lifecycle, and AWS Network-Optimized Instances

Mar 3 • Ilia Gusev

February 2026

Star Schema Explained: The Data Pattern Every Engineer Should Know

Fact tables, dimension tables, and why the star schema is still the backbone of data warehousing

Feb 26 • Ilia Gusev

Docker Image Tagging Strategies: Why :latest Is a Lie

Rolling tags, SemVer, commit hashes - what actually works for production Docker registries

Feb 25 • Ilia Gusev

Flame Graphs in Prod, Prometheus at Scale, and the Signal Nobody Talks About

Continuous Profiling with Pyroscope, Thanos vs VictoriaMetrics, kubectl debug, and an OTel Collector Gateway Pattern

Feb 24 • Ilia Gusev

Signed Images, Runtime Watchtowers, and Why Docker Pull Is an Act of Faith

Supply Chain Trust, Falco Runtime Security, Distroless vs Alpine, and a Kyverno Image Signature Policy

Feb 17 • Ilia Gusev

Golden Paths, Guardrails, and Why Every Platform Needs a Catalog

Platform Engineering Guardrails, Backstage, Crossplane vs Terraform, and a Kyverno PDB policy

Feb 10 • Ilia Gusev

Lazy Pull, Smart Scale, eBPF Network

Stargz Snapshotter, Karpenter vs Cluster Autoscaler, and Cilium kube-proxy replacement

Feb 3 • Ilia Gusev

January 2026

Sidecar-Free Mesh, SLO from YAML, and Labels as Contracts

Istio Ambient, sloth, and Kyverno for platform teams

Jan 27 • Ilia Gusev

Spegel, Pixie, and Why :latest Is Evil

P2P image caching, eBPF for decrypted traffic, a 30s Kyverno policy, and a "terraform plan" one-liner for K8s.

Jan 20 • Ilia Gusev

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts