Posts

SPIFFE / SPIRE for managing AI workload Identity

May 31, 2025 · 8 min read · AI Security Workload Identity SPIFFE Kubernetes

SPIFFE (Secure Production Identity Framework for Everyone) and SPIRE (SPIFFE Runtime Environment) offer a powerful solution for managing identities in dynamic, distributed systems. This makes them highly relevant for securing Generative AI and Agentic AI workloads, which inherently involve complex interactions between …

What are Kamelets?

May 4, 2025 · 3 min read · Kubernetes CRD Apache Camel Java

Apache Kamelets are reusable route snippets based on Apache Camel (Java Integration Framework) that act as pre-built connectors to various external systems and services. Apache Camel: Kamelets are built on top of Apache Camel, a powerful open-source integration framework. Camel provides a wide range of components for …

Nomad setup for multi node development server

Nov 13, 2021 · 4 min read · Nomad Containers Orchestration Tool

Nomad setup with standalone Nomad Server with multiple worker nodes without use of Consul. Let see at high level, what use cases does Nomad support. Simple Container Orchestration (Easier to manage containers than k8s in my opinion) Non-Container based Application Workload Orchestration (This would really excite many …

Kubernetes the Hardway using LXD

Nov 13, 2021 · 1 min read · k8s containers

I am writing an enhanced tutorial for deploying kubernetes cluster on a limited resource system. Highlights: This tutorial is based upon rgmorales 's k8s hard way on LXD Upgraded the base tutorial to use K8s updated version 1.22.3 Used Multipass virtual system to host the Ubuntu Hosting machine If you have very little …

Solving complex state updates using Kafka CQRS

Nov 29, 2020 · 3 min read · Kafka CQRS Java CEP Event streaming

Business Case: Solve Intraday liquidity management and monitor the risks near-realtime. The Primary goals for Intraday liquidity management and monitoring are as follows. Monitor and measure expected daily gross liquidity in-flows and outflows. Monitor and alert intraday liquidity exposures against the available …

Authenticating applications using OpenID Connect on K8s using Sidecar - Part 2

Jul 6, 2020 · 5 min read · k8s open-id oauth2 keyclock kubernetes

Welcome to Part-2 of "Authenticating web applications using OpenID Connect without having to change to app code" I am going to follow this article from openshift to setup and configure OpenID-Client Client Here is the summary of things that you need to perform and you could follow the above article. You have to create …

Authenticating applications using OpenID Connect on K8s using Sidecar - Part 1

Jul 4, 2020 · 2 min read · k8s open-id oauth2 keyclock kubernetes

I am going to author multiple articles under application authentication using popular industry standard method known as OAuth2.0. I will be using OpenID connect in this example. In Part-1, I will be covering deploying opensource keycloak (Identity and access management software) on kubernetes and adding users to access …

Running Elasticsearch, FluentD, Kibana (EFK) on OKE

Jun 30, 2020 · 5 min read · EFK OKE k8s Elasticsearch logs

FluentD is the opensource data collector for unified logging layer. FluentD is CNCF graduated project. Kubernetes pods are frequently created, sometimes crash/fail and in some cases the nodes die or may go offline due to node pool upgrade. So the challenge is, as developers the log data is not preserved and not …