kontrolplane practical takes on kubernetes, infrastructure, and platform engineering - from real client work.
kyverno enforces security standards, injects defaults, and generates resources in kubernetes using plain yaml. policies are written in the same structure as the resources they act on - no new language required.
cgroups enforce resource isolation for containers in kubernetes. this post covers how they work, how to configure them properly, and the failure modes that occur when they're missing or misconfigured.
