Kubernetes Service Mesh & Networking
Production Kubernetes networking: Cilium CNI, MetalLB, Gateway API migration, and Istio service mesh with mTLS and canary.
-
1
Part 1 of 5
Cilium CNI: eBPF Networking and Network Policies for Production Kubernetes
Calico works fine until you need to debug why pod X can’t reach pod Y across namespaces. Then you’re staring at iptables dumps with thousands of…
16 min read·Apr 2026
-
2
Part 2 of 5
Install MetalLB on Kubernetes
MetalLB fills the one gap that bare-metal Kubernetes has no native answer for: Services of type LoadBalancer. On managed clusters like EKS or GKE, the cloud…
16 min read·Apr 2026
-
3
Part 3 of 5
Kubernetes Gateway API: Migrate from Ingress with Weighted and Header Routing
Ingress served Kubernetes well for years, but its annotation-driven configuration hit a wall when you needed weighted routing or header matching. Every controller interpreted annotations differently,…
5 min read·Apr 2026
-
4
Part 4 of 5
Migrate from Ingress NGINX to Kubernetes Gateway API
The ingress-nginx controller that roughly half of all Kubernetes clusters depend on is entering retirement. Best-effort maintenance from 1-2 volunteer maintainers ended in March 2026. No…
12 min read·Mar 2026
-
5
Part 5 of 5
Install Istio on Kubernetes: mTLS, Canary and Traffic Routing
Install Istio service mesh on Kubernetes 1.34: enable strict mTLS, deploy a v1/v2 sample app, split traffic 90/10 with VirtualService, and verify with Kiali topology graph.
14 min read·Apr 2026