Home

Hi there, my name is Max. Or Maksym, as you wish.

It’s just a homepage. I’m too lazy to fill it with my personal info. Look at my blog posts though

Recent posts

• 26 Dec 2025 unifiunifiletsencrypttl;dr

  Adding Let's Encrypt TLS certificate to UniFi

  TL;DR

  This snippet installs Let’s Encrypt TLS certificate, ensures it is renewed, and makes sure that UniFi is resolved to LAN IP when accessed via FQDN in TLS certificate.

• 26 Dec 2025 local-modetp-link-tapocameratl;dr

  Running TP-Link Tapo cameras without access to internet

  TL;DR

  This snippet shows how to run TP-Link Tapo cameras fully locally, without access to internet.

• 1 May 2020 kuberneteskubernetesflatcarcoreoshypriotoskubesprayk3spulumihelmsmanhelm

  [Outdated] My approach to Kubernetes installation & management on bare metal

  Installation

  • x86_64:
    • CoreOS (now Flatcar Container Linux) as a Linux distro
    • Kubespray as a Kubernetes installer
    • Metallb and NGINX Ingress Controller for incoming traffic
  • arm (Raspberry PI 3B)
    • HypriotOS as a lightweight container-oriented Debian-based Linux
    • k3s as a lightweight Kubernetes distribution with sqlite instead of etcd
    • Metallb and Traefik v1 for incoming traffic

  Configuration

  • Pulumi for everything except Helm charts
  • Helmsman for Helm charts
  • kubie for using multiple Kubernetes contexts simultaneously in different terminals
• 24 Apr 2020 kuberneteskuberneteshelmsmanhelmsopshelm-secretshelm-whatup

  [Outdated] Automating Helm applications installation and upgrade with Helmsman

  As I’ve mentioned in my post about Pulumi, I don’t like helm template approach. In my opinion, it’s better to stick with the tool rather that mimic it’s behaviour. In case of helm “sticking with the tool” also means out of the box support for the standard helm tool, including plugins.

  My tool of choice is Helmsman

• 21 Apr 2020 kuberneteskubernetespulumipythonhelm

  [Outdated] Kubernetes state management with Pulumi and Python

  I like Kubernetes way of declarative workload configuration, but handling cluster state using dozens or hundreds of YAML files is impractical.

  Of course, one can just combine them all into a single uber-YAML . But the harsh reality is, despite the fact that Kubernetes by design can and will apply this configuration asynchronously, and eventually cluster state will achieve the desired state, this “eventually” might be equal to infinity.

  There are certain cases when order matters, for instance when new CRD definitions are added, and then new objects with that kind are declared.

  Another aspect is complexity, which can be encapsulated by tools such as Helm. While Helm is a good solution for the problem of installing third-party apps, it’s not necessary a right choice for your own services, or for lightweight overall cluster configuration.

  And one more thing. I enjoy the kubernetes architecture, even (and especially!) the fact that numerous abstractions are needed to “canonically” expose a single container to the rest of the world. But it doesn’t mean that I enjoy to break a DRY principle, and copy-paste-modify same YAMLs over and over.

  So… Pulumi to the rescue!

subscribe via RSS