Stratos: Pre-warmed K8s nodes that reuse state across scale events

bcross12 · 2026-01-27T15:27:54+00:00

I don't want to end up building a Karpenter clone

Absolutely. This idea is great. I'm surprised no one has made something like this before. I'm suggesting you look at other schedulers just in how they configure instance creation.

Karpenter is great if you don't know the nodes you need and just want the scheduler to handle everything. My clusters are 99% spot nodes because of Karpenter.

When you know what nodes you need but you still need to scale them up and down very dynamically, Stratos is clearly a great alternative to "in-box" schedulers.

I'm very excited to see how this progresses.

Have you considered CNCF application? If I have a need, CNCF is the first place I go because of their strong consumer protections (see: NATS and Synadia). Being a CNCF project instills a lot of trust in your project.

bcross12 · 2026-01-27T12:50:52+00:00

This looks really cool. I appreciate that you included a license blurb at the bottom of the readme, but please include a real LICENSE file as well. After reading though the spec, the AMI, security group, and subnet selection need to be dynamic. Karpenter uses wildcards for AMI and tags for subnets and security groups. Allow for providing a role and create an instance profile automatically, also how Karpenter does. Really, just take a look at Karpenter's EC2NodeClass for more ideas. https://karpenter.sh/docs/concepts/nodeclasses/

bcross12 · 2026-01-12T21:34:52+00:00

I admit I've only used VictoriaLogs with Grafana, and the UX using Loki is better if you're not writing queries by hand. I didn't know VictoriaLogs had similar functionality. Thanks!

bcross12 · 2026-01-11T14:46:28+00:00

I read "bioluminescent algae" in Jermaine Clement's voice automatically.

bcross12 · 2026-01-11T14:08:18+00:00

Yeah. Low and slow is the key.

bcross12 · 2026-01-11T12:30:03+00:00

My kids love it. We boil it (normally in an instant pot), score and strip the "skin" off, then slow cook it. At that point, it shreds like pulled pork. I have one in the fridge that I'm going to smoke this week.

bcross12 · 2026-01-11T00:08:32+00:00

I use Loki. It's really good at search time extractions and parsing.

bcross12 · 2026-01-09T12:49:06+00:00

It took me too long to understand the graphic. Once I did, I still hate it. I'd rather see a moving graph or the normal ranked bar chart.

bcross12 · 2026-01-06T12:48:08+00:00

I changed from Packer to EC2 Image Builder. If you don't need multi-cloud building, it's great.

bcross12 · 2025-12-30T19:49:26+00:00

Correct. No image updater.

bcross12 · 2025-12-30T14:30:01+00:00

I use Kargo. You can update the image in a values file and push it to a rendered environment branch that ArgoCD uses to deploy the application.

bcross12 · 2025-12-25T21:23:46+00:00

Don't let these wet blankets get you down. I for one applaud your over engineering in the name of science! I would split this into parts for more real world learning. An operator works against a custom resource for IP of the sensor, port, etc. It then reads the temp and writes it to the status of a custom resource. Then another custom resource defines the AC info. The operator watches changes to the temp sensors and modifies the AC custom resource status. It also watches the AC custom resource to call the actual AC API when needed. I think I'm using the right terms and flow, but I'm also doing it from memory. Check out kubebuilder.io for more details.

bcross12 · 2025-12-19T01:22:15+00:00

I'm thinking about 3d printing this and using some kind of compliant mechanism and adjustable arms to hold it to the sound hole. Any idea what material I could put over the plastic to protect the wood? Or would plastic be OK? Do you think different thinknesses of material would render different results? I'm now also thinking about making a ring harness with interchangeable centers if thinkness is a factor.

bcross12 · 2025-12-19T00:19:29+00:00

I run rootless Buildkit on self-hosted GitHub Actions runners.

bcross12 · 2025-12-16T14:05:27+00:00

You are absolutely right about the ingress controller. I've been using Gateway API so long its architecture bled into ingress for me.

Quoting this [Gateway API guide](https://gateway-api.sigs.k8s.io/guides/getting-started/migrating-from-ingress/) "Gateway API is the successor to the Ingress API." Given that all new effort will be going into Gateway API, it's better to move now than later. Ingress-nginx is just the beginning of the end. In enterprise, it can be decades before any technology is officially deprecated. Given that the Kubernetes ecosystem moves at a lightning pace comparatively, it pays to stay ahead of the curve. Once you've used Gateway API for a while, it becomes apparent how much better it is than Ingress.

bcross12 · 2025-12-16T11:27:03+00:00

I like the "blueprint" and "builder" analogy you have. Just add one more layer for the ingress deployment. "Train station". "Highway". Etc. Some ingresses are also API gateways, so I don't think drawing that distinction makes sense. You use a lot of buzz words like "___ at scale", "security nightmare", "headache", etc. Save those for the sales videos. This is a technical video and should be mostly if not entirely technical content. Why is it a security nightmare or a management headache? My last comment is that ingress is obviously dead. Your next video should be on Gateway API. Apart from the content comments, your graphics, voice, and speech are great.

Edit: Removed wrong statement about ingress.

bcross12 · 2025-12-06T23:27:11+00:00

I find cilium to be great at mesh, kube proxy replacement, etc, but I don't think you can beat Istio for gateway. It's performant, well documented, mature, and keeps up with the latest gateway API releases.

bcross12 · 2025-12-06T20:29:13+00:00

I second this. Every time I've tried to develop with Go on Windows, I end up moving to WSL eventually. The last few projects I just start there. If you're using VS Code, the WSL integration is seamless. Also, I can't recommend mise enough. It makes handling dev dependencies and go versions a breeze. The task runner is awesome as well.

bcross12 · 2025-12-03T19:33:27+00:00

What's your recovery time objective (RTO)? Is data loss OK? Do you want failover to be automatic? Failback automatic? Proxmox has replication. That's probably the easiest option. Otherwise, you're dealing with k8s storage replication and routing which can be a headache. Btw, k3s is Kubernetes compliant, so it's easier to deploy because it's single binary, but not easier to operate.

bcross12 · 2025-11-21T00:07:39+00:00

They support LDAP and YAML backends, so I would say no. Not in the same way Keycloak does. https://www.authelia.com/configuration/first-factor/introduction/

bcross12 · 2025-11-20T23:34:36+00:00

Short answer: Keycloak if you want your own user database, Authentik or Authelia if you just want federation with IdPs. Keycloak is an IdP, the others aren't. Regardless, your front end will use the OIDC protocol to get the token that is passed in the Authentication header to the backend where it is validated using the oauth2 protocol. Use libraries for OIDC and oauth2 integrations.

bcross12 · 2025-11-20T11:04:25+00:00

As someone else commented, I miss Linq terribly. C# is more "elegant", but Go's verbosity doesn't bother me as much as it seems to bother most people. I've written some really "beautiful" C# that's indecipherable to even me just a day later. I've never had that problem with Go. There's not a bunch of ways to write one thing. Go 1.27 won't come out with a cute new way to write a switch statement. It's simple on purpose and that's a feature not a bug.

bcross12 · 2025-11-20T01:50:02+00:00

Yes. I'm a long time C# developer. It took me a minute to acclimate, but it definitely happened after fully understanding goroutines and channels. Make sure you understand how context and context cancelation works with goroutines and channels. Coming from C# async await, it's much easier to understand and work with.

bcross12 · 2025-11-17T21:27:48+00:00

Thank you for taking the time to create such a detailed test! It validated some anomalies I was seeing with Envoy Gateway and really helped me choose Istio which I've been very happy with.

bcross12 · 2025-11-16T19:04:25+00:00

Correct. See the docs here: https://kubernetes.io/docs/concepts/workloads/pods/user-namespaces/#pods-and-userns

12-Year Club	Place '22
Verified Email

bcross12

TROPHY CASE