- cross-posted to:
- linux@programming.dev
- cross-posted to:
- linux@programming.dev
i’ve been mucking about with calico on my #homelab #kubernetes cluster, and it took me far far too long to visit the whisker console: https://docs.tigera.io/calico/latest/observability/view-flow-logs
this is unbelievably helpful for debugging firewall rules
i’m very tempted to switch to calico on my non-k8s systems now (e.g. Linux gaming PC), so i can be back to only having 1 firewall abstraction in my brain
yeah, when I say “far far too long” I think I’m on roughly the same window of time there 🫂 that said, still manage my nftables firewall on my other systems with
firewalldand those concepts of zones has never really clicked in my braini did try cilium first, but it currently doesn’t work on Raspberry Pi 4B nodes: https://github.com/cilium/proxy/issues/1027
and now that my understanding of calico has improved, i appreciate that it works outside of Kubernetes, too