The Cloud Native Craftsman¶
Welcome to my website. I’m Mischa, a Cloud Native Engineer from Amsterdam.
Here I share thoughts and learnings about technical topics such as Microsoft
Azure, Kubernetes, Cloud Native technologies, DevOps and Linux. I’m also very
interested in anything that increases my productivity, so you will also find
writings on Zettelkasten, (Neo)vim, study techniques and anything that has to do
with taking notes.
In 2024 I was awared the Microsoft MVP title for my efforts of sharing knowledge
with the community.
Years of sharing knowledge on YouTube and this blog have uncovered a talent for
tackling difficult technical topics and explaining them in simple terms to
others.
In other words, I’ve found out that I have a knack for teaching. Following this
curiousity I started a Skool Community
where I create video courses on Kubernetes, Productivity, DevOps and much more.
My courses are also available on
Udemy
My courses have been received very well and I receive plenty of positive
feedback.
This blog is also available for your preferred RSS reader. Use
this link.
Sign Up For My Free Newsletter¶
Socials¶
📚 My Skool Community
🐦 Twitter - X
💻 LinkedIn
💾 GitHub
🎥 YouTube

Most Recent Posts¶
[!IMPORTANT] Remember to create a custom image including iscsi-tools when using the Synology CSI driver
Set up CLI environment and set databases to maintenance mode export TALOS_CP="192.168.100.107" export TALOS_W1="192.168.100.245" export TALOS_W2="192.168.100.60" export TALOS_W3="192.168.100.228" # Set databases to maintenance mode k cnp maintenance set --all-namespaces [!WARNING] Use the --preserve flag on single-node control plane clusters. Only needed for the control plane node.
Upgrade path from 1.7.5 to 1.7.7 from 1.7.7 to 1....
Now that I’m daily driving Arch Linux again, I’ve been thinking about how to handle my tasks. I use Apple Reminders because the iWatch functionality with Siri is so good. I’ve been thinking of setting up a self-hosted solution, but then I would lose the Siri integration.
In the meantime, I figured I would just try to access Apple Reminders from Linux. Using it from the browser worked surprisingly well....
I’ve been daily driving Qutebrowser for over a month now, and I’m starting to feel at home in it.
Since it doesn’t have any extensions, you have to hack things together yourself, which is why I like it so much.
Today I wanted to add an article to my Wallabag instance, which I usually did by using the browser extension.
I installed this Wallabag CLI:
https://github.com/artur-shaik/wallabag-client
pipx install wallabag-client
After setting up the config I can now add entries from the command line....
Transition to manifest V3 is now starting and Ublock Origin might not be supported in Chrome in the future.
Because of my transition from a mouse to a pen tablet, I’ve already been experimenting with Qutebrowser for the past couple of weeks and I really enjoy it. It feels much closer to vim because I can run commands like this: “:set darkmode” which feels familiar and I can search my history very easily....
I upgraded my homelab cluster using Talos Linux today.
I made a mistake and forgot to use the custom-built image using iscsi-tools.
Learning the hard way.
Here are my notes:
Talos upgrade [!IMPORTANT] Remember to create a custom image including iscsi-tools
Set up CLI environment and set databases to maintenance mode export TALOS_CP="192.168.100.107" export TALOS_W1="192.168.100.245" export TALOS_W2="192.168.100.60" k cnp maintenance set --all-namespaces [!WARNING] Use the --preserve flag on single-node control plane clusters....
I relied on iCloud sync for my Obsidian backup for many years. However, my vault has grown significantly and has reached nearly 3500 notes. This leads to problems when opening the vault on other iOs devices, because iCloud sync removes files from devices when they are not used. When the vault is reopened, it takes over 5 minutes to sync everything. Having this 5 minute waiting time every time I open up my vault on my iPad was a problem which I needed to address....
I’m planning to do a series on Linux on my YouTube channel. The idea is to cover the fundamentals of Linux, either by teaching them myself or to link to existing resources. When the basics are done, I will take over and we’ll build an Arch Linux desktop together.
I use my MacBook for normal productive work and coding, and I have a Thinkpad T480 which I have for experimentation, and mostly for writing notes and browsing while I’m in the living room....
Just realized I never posted on the blog that I achieved the CKS a month ago.
I even created a study guide for it:
Links: 202406152006
I’ve been obsessed with Devcontainers and Devpods recently, and I’m learning a lot about portable dev environments. This is truly the next level of config management and the future of dev environments in my opinion.
I relied on brew as my package manager, however, I ran into problems when I wanted to run my Linux dev containers on my M2 Silicon Mac. Linux brew is not supported on ARM architecture....
This is hands down the best CLI for downloading YouTube videos.
I needed this to transfer some of my private videos to Vimeo. Don’t use this to break YouTube’s terms please.
https://github.com/kkdai/youtube
Links: 202405121505
Introduction I’m working on a project where I’m migrating an Azure Pipeline to GitHub Actions. So far I’ve found the GitHub Actions very intuitive to work with and it was a very easy transition from Azure Pipelines.
One requirement was to increase the version with every build. In the previous setup they were using the build ID, but I’m an advocate of always using semantic versioning if possible, so I wondered if this could be done using the GitHub Actions....
When solving a killercoda challenge I ran into some confusion. Even though my solution worked, there was a difference which I wanted to get clear on.
I wrote this:
apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: np namespace: space1 spec: podSelector: {} policyTypes: - Egress egress: - to: - namespaceSelector: matchLabels: kubernetes.io/metadata.name: space2 - to: ports: - protocol: TCP port: 53 - protocol: UDP port: 53 But the provided course solution was this:...
There are two things which I’m dreading most for the CKS exam: writing Network Policies and configuring RBAC under heavy time pressure.
I’ve heard from colleagues that the exam has many questions of this nature, so it will be a good way of scoring points. However, regardless of the exam, the fact that I’m dreading these topics also shows that I’m not familiar enough with them and therefore this is a point where I should improve....
It seems like I will have a couple of hours a day which I can allot to study in the coming month. This will be the perfect moment to start working on a goal I’ve had for a long time: getting my Certified Kubernetes Security Specialist certification.
t’s not going to be easy. I’m quite intimidated by all of the new things I’ll have to learn. But that’s a good sign....
Removing backgrounds from images is always an annoying task which I always need to google. And every time I end up on a different website where you can upload an image and then download a low-resolution version without the background, and you’ll have to pay for the high-resolution.
Turns out MacOS preview can do this just fine. I keep finding these little gems in MacOS that completely remove the need for any external app or saas....
In a recent analysis, I explored two notable solutions for synchronizing secrets from Azure Key Vaults to AKS (Azure Kubernetes Service) clusters: akv2k8s and the Azure Key Vault Provider for the Secret Store CSI Driver. Here, I present my findings and recommendations based on the functionality, maintenance requirements, and integration capabilities of these tools.
Akv2k8s, maintained by Sparebanken, is an open-source tool designed for the synchronization of secrets. Being dependent on an external tool for Kubernetes secrets synchronization is an undesirable situation and poses several challenges....
This document is the result of my research into the Gateway API. It aims to briefly describe the Gateway API for Kubernetes, a typical implementation of ingress traffic using NGINX in AKS and how this setup could benefit from implementing the Gateway API.
Introduction Gateway API is an official Kubernetes project focused on L4 and L7 routing in Kubernetes. This project represents the next generation of Kubernetes Ingress, Load Balancing, and Service Mesh APIs....
Super useful
https://dannorth.net/hugo-redirects/
Links: 202403071003
I’m an avid reader, and this list is far from complete. But I wanted to start writing down the ones I’m reading now, and the ones I’ve read in the past. I’m mostly writing down titles but I’ll include the author when I remember the name.
2024 How To Take Smart Notes
Getting Things Done
2023 The Lords of the North
The Pale Horseman
The Last Kingdom
Born to Run 2...
I’ve just released a comprehensive video delving deep into my Neovim setup and command-line centric workflow. This video is a response to the curiosity of my YouTube subscribers. It’s an all-inclusive guide from A to Z, detailing the rationale behind my configuration choices. I’ve spent years perfecting my workflow and this video has been several months in the making, so I’m excited that I can finally share it with you....