https://blogs.law.harvard.edu/tech/rss https://this-is-fine.io/tags/cert-manager/ Recent content in Cert-Manager on Fuchsbau https://this-is-fine.io/tags/cert-manager/ https://source.unsplash.com/2000x1322/?fox 1440 Hugo 0.125.4 de-DE Wed, 20 May 2026 22:26:11 UT https://this-is-fine.io/posts/20251122-envoy-gateway-headscale-routes/ Sat, 22 Nov 2025 08:00:00 UT ff0x https://this-is-fine.io/posts/20251122-envoy-gateway-headscale-routes/ The lab used to run Traefik with its own CRDs (IngressRoute, Middleware, and friends). Gateway API standardises routes; Envoy Gateway is the controller here — one Helm install, three shared Gateways, and per-app HTTPRoute resources instead of Traefik-only objects. Traefik is excellent at the edge, but its CRDs are controller-specific. Moving to Gateway API was less about feature envy and more about portability: the same HTTPRoute can be read by another implementation if you ever switch controllers. Envoy Gateway is the implementation here; the routes stay standard Kubernetes objects. Infrastructure