Come say hi at booth 951 for the last day of #KubeCon! Grab some stickers and socks and learn about identity awareness proxies, clientless access to K8s and our first class MCP support so you don’t have to implement OAuth! 👀 #AgenticAI #MCP #SSH

AI is accelerating change—and some jobs will be lost. But fear is the real enemy. Instead of fearing job loss, experiment with AI and build new skills to evolve with the times. #AI #FutureOfWork

The team chatting with an attendee at #KubeCon Come say hi. And learn about clientless access to Kubernetes!

Come say hey at Booth 951 and snag some socks and Pomeranian stickers. Maybe also learn about @pomerium_io’s Identity Aware Proxy, native SSH and MCP too! 👀 #KubeCon

Catch the full convo with @TejasKumar_ 👇 https://t.co/K0qyJPmTqz

UX is better when you don't take people out of context. We've always wanted assistance, like execs with assistants. Now, AI gives everyone an executive assistant. #UX #AI #Productivity #AgenticAI

We got setup yesterday. If you’re at KubeCon ATL come say hi! We’re booth 951 near the coffee bar. #KubeCon

Sometimes Postgres isn't the Answer. Pomerium v0.31 introduces a new file-based storage option for it's databroker using Pebble, a key-value store, with Raft clustering as an alternative to Postgres. Why? Not every team has a DBA and at scale, Postgres can be harder to operate.

Great video from Filip Lebiecki on @pomerium_io's native SSH capabilities! "...  it feels well effortless. And the seemingly simple new approach,the one that makes secure SSH feel so smooth ..." Go smash that subscribe button on Filip's YouTube! https://t.co/Y5J7EiDDfM

Hard blanket recs are hard: Cost of consistency? Maybe a couple of users log out. Self-healing, eventually consistent is the goal.

Health and readiness checks are often overlooked but crucial for zero-downtime scaling. Making your Kubernetes cluster or on-prem environment operate reliably is surprisingly difficult. Read how we optimized readiness checks in Pomerium: https://t.co/yaSG2dhZXJ #DevOps

Raft is production-ready. Etcd (Kubernetes' storage) and HashiCorp use it. Nomad, Vault, CockroachDB and other modern SQL DBs rely on Raft for consistency across instances. Consistency comes at a cost.

Redis has primitives, but basic key-value stores hit limits with watch mechanisms and complex indexing. The database meme is generally true: PostgreSQL to fancy solutions back to PostgreSQL. We're still supporting Postgres alongside new options. #DataStorage #PostgreSQL

New in Pomerium 0.31: A self-healing file-based Databroker with no Postgres required. https://t.co/3zKVsWR5DW

Next month, the Pomerium team is headed to Atlanta for KubeCon North America! Stop by Booth 951, and pick up some cool swag, demos, and discussions about security and Kubernetes while you're there.

Pomerium's data broker storage evolution: Started with cookies, moved to Redis, then PostgreSQL. Now adding file-based storage with clustering and leader election for self-healing, eventually consistent systems. Sometimes the simple solution wins.

Why does Pomerium use a data broker? Our architecture separates authentication, proxy, and authorization into distinct services. Early versions stored session state in cookies, but the data broker evolved to coordinate session data between components more effectively.

RT @nickytonline: Just finished recording my https://t.co/LLzhFkPvQj podcast episode with Nicolas. Dropping later in November. Pull out you…

Flipping the switch doesn’t mean a Kubernetes pod is ready. With Pomerium, it also needs group memberships and policy data before it can serve traffic. Readiness probes make sure pods are truly ready, not just turned on. #Kubernetes #Pomerium #DevOps #CloudNative

Kubernetes: “All systems go.” Users: “Nothing works.” #Kubernetes #CloudNative #DevOps https://t.co/ChPtTltcHX