Tag: Automation

Why VMware VKS Is a Stronger Enterprise Choice Than KubeVirt | vmtechie.blog KubeVirt is a capable open-source project and a legitimate choice in the right context. But when the workload is enterpr…

The Logfile Navigator, lnav for short, is an advanced log file viewer for the small-scale.

Applying DevOps to networks.

Content feedback and comments

A Figma-like visual editor for TUI applications. Drag-and-drop components, edit properties in real-time, and export to 6 frameworks with one click.

Last April, I wrote a well-received article about the 13 software engineering laws - Hyrum’s, Conway’s, Zawinski’s, and 10 famous others.

Some days I get in bed after a tortuous 4-5 hour session working with Claude or Codex wondering what the heck happened. It's easy to blame the model - there'...

CLI proxy that compresses command outputs for AI coding agents. 60-90% less context pollution. Open source, written in Rust.

Using Grafana Alloy and Docker labels to automatically discover and scrape Prometheus metrics from Docker Compose services.

Let's make a tiny, standalone CA! We'll use a Raspberry Pi 4, YubiKey 5 NFC, and Infinite Noise TRNG.

Introduction
Knock Knock Knock ! Connaissez-vous le port knocking ?
Le tocage à la porte, ou port-knocking, est une méthode...

NixOS : comment j'ai troqué 13 ans de Debian contre un système déclaratif, reproductible et sans mauvaise surprise.

Talk to your infrastructure in plain language, get instant answers, and keep everything on-prem if you want.

Xen Orchestra install/update script. Contribute to ronivay/XenOrchestraInstallerUpdater development by creating an account on GitHub.

I Made MCP 94% Cheaper (And It Only Took One Command)

How to build an answer file?

The biggest shock of my early career was just how much code I needed to read that others wrote. I had never dealt with this. I had a hard enough time understanding my own code. The idea of understandi

Installer Datadog sur un homelab vSphere peut sembler contre-intuitif à cause du coût habituel de la plateforme, mais cela présente des avantages réels en termes de gain de temps et de fonctionnali…

Work around hard NATs and tricky networks with production-grade connectivity nodes you control

An open-source Windows and Office activator featuring HWID, Ohook, TSforge, and Online KMS activation methods, along with advanced troubleshooting.

When you request a certificate from Let’s Encrypt, our servers validate that you control the hostnames in that certificate using ACME challenges. For subscribers who need wildcard certificates or who prefer not to expose infrastructure to the public Internet, the DNS-01 challenge type has long been the only choice. DNS-01 works well. It is widely supported and battle-tested, but it comes with operational costs: DNS propagation delays, recurring DNS updates at renewal time, and automation that often requires distributing DNS credentials throughout your infrastructure.

You never have to see comments again if you don't want to.

Give LLM agents shell access without risking your host system. A practical libvirt guide covering VM creation, snapshots for safe experimentation, and remote access options.

On January 14, 2026, global telnet traffic observed by GreyNoise sensors fell off a cliff. A 59% sustained reduction, eighteen ASNs going completely silent, five countries vanishing from our data entirely. Six days later, CVE-2026-24061 dropped. Coincidence is one explanation.

Comment j'ai obtenu mon propre ASN et utilisé BGP pour annoncer des routes IPv6 depuis chez moi.

The   /api/private/cli   family is useful, but the “standard”/structured passthrough style (where the CLI maps onto   /api/private/cli/

The Nutanix Cloud Bible - A detailed narrative of the Nutanix architecture, how the software and features work and how to leverage it for maximum performance.

Author: Nemanja Ilic

VCF Automation (VCFA) provides very easy way to deploy vSphere Kubernets Service (VKS) Clusters in a multitenant environments. This can be done via UI, Kubernetes API or CLI. This is in my opinion …

We built an open-source proxy that adds tenant isolation to Prometheus, Loki, and Tempo by rewriting queries based on user identity.

A gentle introduction to the Pi coding agent and why I think it’s a glimpse into the future of software.

Accurate vNIC-to-IP mapping is fundamental for virtual networking visibility, security, and troubleshooting. On the Nutanix AHV hypervisor, this mapping becomes especially important for services like Flow Virtual Networking, microsegmentation,...

Instant Linux boxes via SSH. Create stock boxes or OCI image-backed VMs. Scale to zero and pay only for what you use.

Getting from Delhi back to a Minnesota meant unforgiving networks. Tailscale Peer Relays offered a massive improvement.

This guide covers patching the entire VCF 9 platform including all fleet level and domain level components with a full end to end guide

Hi all, just a quick note I wanted to toss out here. If you are looking for a script to add all of your Proxmox virtual machines to HA without having ...

A comprehensive step-by-step guide series to creating Kubernetes managed clusters on Proxmox using Cluster API and Cilium as a CNI.

Today is a big day for us, and for everyone who cares about transparency, privacy, and having full control over their own traffic. We’re finally open-sourcing the protocol that powers AdGuard VPN. And it now has a name: TrustTunnel.

iximiuz Labs founder shares a grounded, hands-on look at agentic coding in a real production codebase: massive speedups, surprising failures, and why domain knowledge still matters most.

A powerful, intuitive Docker platform for everyone. Real-time container management, Compose stacks, Git deployments, and SSO - all free.

Datadog cut off our observability overnight. We migrated to an open Grafana stack in 48 hours. Here’s why vendor lock-in is fading in an AI-native world.

A look at how I used shape vectors to achieve sharp, high-quality ASCII rendering.

Terra is the community Fedora repository which makes it easy to install and maintain software packages.

Let’s start with a question. What is DevOps all about?

A quick introduction to VCF 9 Automation in All Apps mode

An inspection of Claude Code's network requests, system prompt, and context handling by intercepting real traffic.

A few months ago, users started reporting that Ghostty was consuming absurd
amounts of memory, with one user reporting37 GBafter 10 days of uptime.
Today, I'm happy to saythe fix has been found and me

I list my most used Jujutsu commands and how I use them.

In VMware Cloud Foundation (VCF) 9.0, identity management takes a leap forward with the introduction of the VCF Identity Broker (VIDB)—a modern, flexible solution for enabling Single Sign-On (SSO) …

Over the holidays, I was testing some new VMware Cloud Foundation (VCF) upgrade flows in my lab environment, where I ended up bricking SDDC Manager, which was completely my fault! While I had backu…

Lessons learned from 14 years of engineering at Google, focusing on what truly matters beyond just writing great code.

CLI agents like Claude Code make self-hosting dramatically easier and actually fun. This is the first time I would recommend it to normal software-literate people.

Happy New Year! 🎉 Kicking off 2026 with my first blog post of the year 😁 Customers can use the Broadcom Product Lifecycle portal to search for products across the seven Broadcom Software Divisions …

VMs, on the internet, quickly

An unofficial and opinionated book for beginners

How I restructured my software development workflow with asynchronous AI coding agents to dramatically boost developer productivity in 2025.

In previous blog post here, VMware vCloud Foundation 9 – Licensing Part 1 We talked about registering VCF Operations on the Broadcom Portal and applying licenses to VCF Operations. Let’s conti…

What Kabir Writes

I got hacked, my server started mining Monero this morning.

A user friendly TUI for SQL databases. Written in python. Supports SQL server, Mysql, PostreSQL, SQLite, Turso and more. - Maxteabag/sqlit

In an air-gapped or disconnected environment, license entitlement for VMware Cloud Foundation (VCF) involves a multi-step file exchange between the VCF Business Service Console (BSC) and your deplo…

Firstyear's blog

Jose Zarazua

vSphere Zones in VMware Cloud Foundation (VCF) 9.0 have been enhanced to offer greater flexibility in resource consumption and isolation for both vSphere Supervisor Control Plane VMs (Management), …

Brian Scott made an app that's safe, simple, and educational for kids to chat in, using Tailscale's tsnet and connectivity.

The Challenge: When Granularity Is Your Only Option We were dealing with a legacy "beast" of a platform: a critical and systemic service running on traditional infrastructure, glued behind a single IP address. This IP hosted hundreds of distinct TCP ports, each representing different customers, prot

ProxUI - Interface IA pour Proxmox VE et PBS

AI-powered open source real-time monitoring system for metrics, logs, alerts, and observability. No agent required.

The Excavator Doesn't Care About Your Diversity We'd done everything right. Diverse and multiple fiber paths to our remote site.

Learn how to create and manage a multi-machine Uncloud cluster from scratch. This hands-on tutorial walks you through initializing a cluster, adding machines, managing contexts, and deploying your first containerized service.

Lately, I’ve been spending a lot of time getting our company lab set up and configured with all the bells and whistles that VCF 9 brings to the table. The new SSO experience was something I was really looking forward to. Previously, you had to configure the identity provider for every single product and platform, then add in the permissions and then manage that connection seperately. The new SSO experience, powered by the all new Identity Broker, is supposed to alleviate a lot of that management overhead.

Discover how to bypass the network stack for Host-to-VM communication using Linux Virtual Sockets (AF_VSOCK). This article details how to use these sockets to build a high-performance gRPC service in C++ that communicates directly over the hypervisor bus, avoiding TCP/IP overhead entirely.

`CLAUDE.md` is a high-leverage configuration point for Claude Code. Learning how to write a good `CLAUDE.md` (or `AGENTS.md`) is a key skill for agent-enabled software engineering.

Django 6.0 introduces a built-in background tasks framework in `django.tasks`. But don't expect to phase out Celery, Huey or other preferred solutions just yet.

Cloudflare suffered a service outage on November 18, 2025. The outage was triggered by a bug in generation logic for a Bot Management feature file causing many Cloudflare services to be affected.

The Grafana Stack can be an incredible powerful monitoring solution, but through my experience I found out how maintenance intensive it is and how uncertain the…

💚 Secure remote browsing anywhere. . Contribute to BrowserBox/BrowserBox development by creating an account on GitHub.

Windows 11 now supports 1Password and Bitwarden passkeys, enabling faster, safer, and passwordless sign-ins across devices.

When my son was born last April, I had ambitious learning plans for the upcoming 5w paternity leave. As you can imagine, with two kids, life quickly verified this plan 🙃. I did eventually start some projects. One of the goals (sounding rebellious in the current AI hype cycle) was to learn and use neovim for coding. As a Goland aficionado, I (and my wrist) have always been tempted by no-mouse, OSS, gopls based, highly configurable dev setups.

Yaak is a fast, secure, and offline API client with an agent-friendly CLI

Learn how GitLab Runner and GitHub Actions work internally by building your own CI/CD pipeline runner in Python. Covers parallel execution, job dependencies,...

I recently demonstrated how to automate the configuration of the VCF Automation (VCFA) Provider Portal using the new Terraform Provider for VCFA. You can also use the same provider to configure you…

I gave a talk last night at Claude Code Anonymous in San Francisco, the unofficial meetup for coding agent enthusiasts. I decided to talk about a dichotomy I’ve been struggling …

screen sharing for developers https://screego.net/ - screego/server

Some of my favorite tidbits from the past year of working with Go.

I've written a number of little scripts over the years, many of which I use every day. Here's a little collection.

How Tailscale can work with and inside Google Cloud, Microsoft Azure, and Amazon Web Services.

Updates on Tailscale's efforts to improve NAT traversal, for its client and for the web at large.

Anthropic this morning introduced Claude Skills, a new pattern for making new abilities available to their models: Claude can now use Skills to improve how it performs specific tasks. Skills …

Cloudflare investigated CPU performance benchmark results for Workers, uncovering and fixing issues in infrastructure, V8 garbage collection, and OpenNext optimizations. These improvements have made Cloudflare Workers faster for all customers.

Distributed monitoring ting. Contribute to rippleFCL/meshmon development by creating an account on GitHub.

Check out Twingate and supercharge your security: https://bit.ly/3Y1OaZi

How to access to a DSM provisioned Postgres database using User or Client Certificates

VCF.JSON Generator release with content transfer functionality

Simple and efficient cron job monitoring. Get instant alerts when your cron jobs, background workers, scheduled tasks don't run on time.

A quick cli script to tell you if your usb-c cable is bad

https://blueprints.launchpad.net/dragonflow/+spec/neutron-metadata

How we built blockdiff, an open-source tool for rapid block-level diffs and snapshots of VM disks.

The VMware Cloud Foundation (VCF) Installer (Day 0) and SDDC Manager (Day N) supports two common methods for downloading VCF software into a users environment. Connect to Broadcom's online depot (s…

»schneegans.de

Fast, Python-based infrastructure automation. Deploy to SSH servers, Docker, and local machines. 10x faster than Ansible.

Free endpoint monitoring. One-click deployment. Contribute to WCY-dt/ponghub development by creating an account on GitHub.

🔧 pyinfra turns Python code into shell commands and runs them on your servers. Execute ad-hoc commands and write declarative operations. Target SSH servers, local machine and Docker containers. Fas...

A free, open source, self-hosted customer feedback tool 🦊 - astuto/astuto

Contribute to poulpreben/keycloak-to-vcf-scim development by creating an account on GitHub.

License management for both VMware vSphere Foundation (VVF) and VMware Cloud Foundation (VCF) 9.0 is now handled by VCF Operations, which supports keyless entitlement in both Connected and Disconne…

With the release of VMware Cloud Foundation 9.0, VMware is ushering in a new era of private cloud management, where data services become an integral part of the automated platform. A key element of this transformation is VMware Data Services Manager (DSM) 9.0, an advanced Database-as-a-Service (DBaaS) tool that is now fully integrated with VCF...

While preparing for my Black Hat and DEF CON talks in July of this year, I found the most impactful Entra ID vulnerability that I will probably ever find. One that could have allowed me to compromise every Entra ID tenant in the world (except probably those in national cloud deployments). If you are an Entra ID admin reading this, yes that means complete access to your tenant. The vulnerability consisted of two components: undocumented impersonation tokens that Microsoft uses in their backend for service-to-service (S2S) communication, called “Actor tokens”, and a critical vulnerability in the (legacy) Azure AD Graph API that did not properly validate the originating tenant, allowing these tokens to be used for cross-tenant access.

Dry, an interactive cli for Docker containers

News about asciinema development and new releases

Release notes for Ghostty 1.2.0, released on September 15, 2025.

This blog post provides a detailed guide for deploying VCF Instance using Terraform. It covers prerequisites, installation steps for Terraform and VCF, and necessary configurations in Terraform fil…

JiraTUI revolutionizes task management for developers by enabling seamless interaction with Jira from the terminal. Create, update, and track tasks efficiently, all while maintaining focus on your cod

This is a scenario that is not covered very well in our current VCF 9.0 docs (I am working to rectify that), where a customer has more than 1 existing VCF 5.x instance and they want to move to VCF …

I use Homebrew all the time. Whenever I see a new CLI that offers an npm or uv install path alongside a brew one, I choose brew every single time.
And yet, when…

Getting Started

After publishing my long awaited Automated VMware Cloud Foundation (VCF) 9.0 Lab Deployment Script yesterday, I already had a request for a simliar solution to deploy VMware vSphere Foundation (VVF…

Note: this blog is about mapping VLAN tags to NSX segments. The same functionality is described for VPC subnets in this post. Guest VLAN Tagging alone… not great with NSX By default, a virtual machine sends traffic to its vNIC untagged. The virtual switch then receives that traffic into a single VLAN or NSX segment. … Continued

Home internet in the 90s felt simple. You plugged into [Ethernet](https://en.wikipedia.org/wiki/Ethernet), got an [IPv4](https://en.wikipedia.org/wiki/IPv4) address, and you could expose a service dir...

A simple, fast and user-friendly alternative to 'find' - sharkdp/fd

Modern terminal HTTP/TCP latency monitoring tool with real-time visualization. Thinkhttpingmeets modern CLI design with rich terminal UI, phase timing, and advanced analytics.

Master runit Linux init system with comprehensive guide covering installation, configuration, service supervision, and practical examples for efficient system management.

Claude Code is the most delightful AI agent/workflow I have used so far. Not only does it make targeted edits or vibe coding throwaway tools less annoying, ...

Real-time monitoring for Proxmox, Docker, and Kubernetes with AI-powered insights, smart alerts, and a beautiful unified dashboard - rcourtman/Pulse

Claudable is an open-source web builder that leverages local CLI agents, such as Claude Code, Codex, Gemini CLI, Qwen Code, and Cursor Agent, to build and deploy products effortlessly. - opactorai/...

Bonjour à tous ! Aujourd'hui un article pour parler d'une chose simple : la configuration de la solution rsyslog sur un serveur GNU/Linux en utilisant les …

Setting up a Wake-on-LAN server you can reach from a browser, using Tailscale, a webapp, and a little Raspberry Pi.

cross-platform, cli app to perform various operations on string - abhimanyu003/sttr

Li Haoyi, 7 August 2025

Note:`libasound2-dev`system library is required to be installed for Sampler to
play thetriggersound. Usually this library is in
place, but if not - you can install it with your

If you’ve been about VMware Cloud Foundation at all, you’ve likely come across the VCF Planning & Preparation workbook developed and maintained by @cliffcahill and myself, dating as…

An evolving how-to guide for securing a Linux server. - imthenachoman/How-To-Secure-A-Linux-Server

In today’s multi-tenant cloud environments, VMware Cloud Foundation Automation (VCFA) offers a robust layered architecture that seamlessly bridges enterprise-grade infrastructure management with de…

The monitoring and analysis of a complex data center can be much easier with the right tools. The right tool for VMware Cloud Foundation (VCF) is VCF Operations. It gathers the extraordinary amount of metrics generated within the environment, and distills it down into meaningful and actionable information for your optimization, troubleshooting, and planning efforts. … Continued

After years of self-hosting on a VPS in a datacenter, I’ve decided to move my services at home. But instead of just porting services, I’m using this as an opportunity to migrate to a more flexible and

Deploy VMs and LXCs using Proxmox Terraform templates. Includes cloud-init, LXC provisioning, and real-world IaC examples for automation.

Connect everything, from cloud to IoT, with the next-generation global network solution. Simple, resilient, and secure networking in minutes.

Terragrunt vs Terraform: Why I chose Terragrunt to eliminate code duplication, automate state management, orchestrate deployments, and follow pattern-level reuse.

Free, self-hosted customer support platform with shared inbox, automation, and team collaboration. Deploy with a single binary.

In the latest release of D2 (0.7.1), we introduce ASCII outputs.

After Claude Pro changed to weekly limits, I explored self-hosting Qwen3-Coder-480B with 400k context windows. Here's what I learned about costs, alternatives, and why Claude Code still dominates the landscape.

With the improvements of VCF Automation 9 it now includes a new model which supports developer consumer use cases. In context of the tenancy architecture, it provides 2 different types of organizations: VM-Apps-OrgAn organization which is almost identical to what is known from 8.x versions of Aria Automation. Its main purpose is to support VM-based… Read More »

VCF 9 services like VCF Operations now use token based service accounts to connect and integrate to VCF Automation aka VCFA. The use of token based service accounts is not limited to VCF 9 services…

It is wild to think that it has been only a handful of weeks.
Claude Code has considerably changed my relationship to writing and maintaining code at scale. I still write code at the same level of quality, but I feel like I have a new freedom of expression which is hard to fully articulate.
Claude Code has decoupled myself from writing every line of code, I still consider myself fully responsible for everything I ship to Puzzmo, but the ability to instantly create a whole scene instead of going line by line, word by word is incredibly powerful.

I have been exploring some new tools here and there. When I started watching Primeagen, I took a note of several tools that he was using and advocating for. One of them was tmux.
What is tmux? tmux is a terminal multiplexer. What that means is you can have many terminals in one. According to tmux wiki:
tmux is a program which runs in a terminal and allows multiple other terminal programs to be run inside it. Each program inside tmux gets its own terminal managed by tmux, which can be accessed from the single terminal where tmux is running - this called multiplexing and tmux is a terminal multiplexer.

Tailscale and Grafana Labs partner to provide private connectivity between data sources on tailnets and Grafana Cloud instances.

I’ve started writing more Python code lately (because of… AI, you know). In this post, I share the tools, libraries, configs, and other integrations I use for building production-grade Python applications following a frontend-backend architecture.

The moving image below is only 49Kb and has an incredibly high resolution. It's similar to a GIF but instead of showing moving images, it shows moving SVGs!

In the DSM 9.0 Release Notes, the following item about metrics is listed in the What’s New section: You can use the VMware Data Services Manager API to publish PostgreSQL and MySQL metrics to VMware Cloud Foundation 9.0 (VCF) Operations and Prometheus [..] enabling better visibility, alerting, and performance management for all databases that VMware Data Services manages. In this post, I will show how to configure DSM 9.0 to send Postgres and MySQL database metrics to VCF 9.0 Operations. While this process is rather manual in VCF 9.0, we plan to significantly improve this overall experience for users going forward.…

A brief guide on how to switch from a VCF9 Operations instance to a central VCF Operations instance.

Powerful SSL certificate management system with multi-DNS provider support and REST API

Bring all of your authentication into a unified platform.

Fast terminal, state-of-the-art agents, and cloud orchestration for the full software development lifecycle.

Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform - research.md

Identity-based access for users, services, and AI agents that deploys in minutes, scales to every resource, and finally lets you retire your VPN.

TSDProxy is a proxy for tailscale

The purpose of this website is to provide an overview of various Kubernetes networking components with a specific focus on exactly how they implement the required functionality.
The information here can be used for educational purposes, however, the main goal is to provide a single point of reference for designing, operating and troubleshooting cluster networking solutions.
Warning This is not a generic Kubernetes learning resource. The assumption is that the reader is already familiar with basic concepts and building blocks of a Kubernetes cluster – pods, deployments, services.

Sysxplore explores DevOps, Cloud, and Linux topics in a straightforward way, making complex concepts easy to grasp. Our goal is to deliver technical information and make it enjoyable to learn.

This post explains security best practices to use SSH properly and securely

Whether you want to gather statistics, or you need to inspect more in depth what's going on in your network, Sniffnet will get you covered.

Uplinq Accounting AI offers comprehensive financial solutions for small businesses. From tax planning to real-time bookkeeping, we guide you through each financial milestone. Simplify your small businesses accounting journey with Uplinq.

Xe Iaso's personal website.

Xe Iaso's personal website.

Anyone who operates an SSH server somewhere on the Internet is bound to suffer a relentless torrent of inbound connections, probably from some botnet or another, trying to log in with the myriad crede

Should I block ICMP

The horizontal scaling layer for PostgreSQL, deployed as a simple proxy.Load balance queries and shard databases, without application changes.

exploit NAT/firewalls to access TCP/UDP services bound to any system behind victim's NAT

The pitch of modern SaaS is "don't reinvent the wheel." But every wheel you bolt on comes with some friction.

RustDesk is the best open-source remote desktop software. Secure alternative to TeamViewer and AnyDesk with self-hosted servers. Cross-platform support for Windows, macOS, Linux, and Android.

Record right where you work - in a terminal.
To start, runasciinema rec demo.cast, to end pressctrl+dor typeexit.

With additional Kubernetes mode!

Network-wide Ad Blocking

Zero trust access to all your infrastructure, self-hosted applications, and SaaS tools. Easy to deploy and scale. Better than your existing VPN.

We finished pulling seven cloud apps, including HEY, out of AWS and onto our own hardware last summer. But it took until the end of that year for all the long-term contract commitments to end, so 2024 has been the first clean year of savings, and we've been pleasantly surprised that they've been even better than originally estimated. F...

Git is hard: screwing up is easy, and figuring out how to fix your mistakes is fucking impossible. Git documentation has this chicken and egg problem where you can't search for how to get yourself out

This year I decided to refactor my personal cloud infrastructure. Because of various nuances in m...

A web extension that redirects YouTube, Twitter, Instagram, etc. requests to alternative privacy-friendly frontends

Use declarative language to build simpler, faster, scalable and flexible workflows

jq is a lightweight and flexible command-line JSON processor

jless is a command-line JSON viewer designed for reading, exploring, and searching through JSON data.

Ice is a powerful menu bar management tool. While its primary function is hiding and showing menu bar items, it aims to cover a wide variety of additional features to make it one of the most versatile menu bar tools available. - Ice - Menu Bar Manager

Hurl, run and test HTTP requests with plain text and curl. Hurl can run fast automated integration tests.

Secure access / PAM for your internal SSH, HTTPS, MySQL, Postgres and Kubernetes servers with SSO and RBAC.

HashiCorp Validated Designs

The easiest way to run WireGuard VPN + Web-based Admin UI. - wg-easy/wg-easy

Portal is a quick and easy command-line file transfer utility from any computer to another 🌌 ✨ - SpatiumPortae/portal

Automate deployment and configuration of nested VMware Software-Defined Data Center environments including solutions like vSphere, vSAN, NSX, vSphere Kubernetes Service, Avi Load Balancer, Aria Ope...

CLI tool and python library that converts the output of popular command-line tools, file-types, and common strings to JSON, YAML, or Dictionaries. This allows piping of output to tools like jq and ...

jq, but with many interoperable configuration format transcodings and interactive querying. - JFryy/qq

Recall your SSH sessions (also search your SSH config file) - byawitz/ggh

A terminal viewer & processor for JSON, YAML, & TOML (TUI and CLI)

Firezone is a fast, flexible VPN replacement built on WireGuard® that eliminates tedious configuration and integrates with your identity provider.

From bare metal to cloud VMs using Docker, deploy web apps anywhere with zero downtime.

Genuine News About the Data Ecosystem

Build powerful software environments and containerized operations from modular components and simple functions. Perfect for complex software delivery and AI agents. Built by the creators of Docker.

Learn how to create text-based user interfaces (TUIs) using Python and the amazing Textual package.Textual is a rapid application development framework for your terminal or web browser. You can build complex, sophisticated applications in your terminal. While terminal applications are text-based rather than pixel-based, they still provide fantastic user interfaces.The Textual package allows you to create widgets in your terminal that mimic those used in a web or GUI application.Creating TUI Applications with Textual and Python is to teach you how to use Textual to make striking applications of your own. The book's first half will teach you everything you need to know to develop a terminal application.The book's second half has many small applications you will learn how to create. Each chapter also includes challenges to complete to help cement what you learn or give you ideas for continued learning.Here are some of the applications you will create: A basic calculator A CSV viewer A Text Editor An MP3 player An ID3 Editor A Weather application A TUI for pre-commit RSS Reader CalculatorCSV ViewerMP3 Player Weather App

An open-source guide to help you write better command-line programs, taking traditional UNIX principles and updating them for the modern day.

Caddy is a powerful, enterprise-ready, open source web server with automatic HTTPS written in Go

AI SRE and MCP server, incident management, on-call, logs, metrics, traces, and error tracking. 7,000+ happy customers. 60-day money back guarantee.

Sync, search and backup shell history with Atuin.

For everything that happens after you deploy. Antimetal is the AI platform to better understand, manage, and automate your infrastructure.

Browse all Proxmox VE community scripts.

you can control access between clients and databases through the use of NSX DFW rules

A technical blog about Rust, Linux and other topics.

I spent a month repeatedly building my website in Docker, and now have horrors to share.

Since launching the MS-01 in 2024, Minisforum has steadily gained popularity for its unique design that sets it apart from established players in the small form factor (SFF) market. Following the s…

PowerCLI has long established itself as a trusted and widely adopted automation tool across VMware environments. It remains one of the most preferred tools among our customers, and its popularity is reflected in the numbers—we estimate over 1.5 to 2 million downloads each year.

How to use uv and the Python inline script metadata proposal PEP 723 to run scripts seamlessly.

Data Services Manager is the DBaaS for VMware Cloud Foundation (VCF), offering multi-tenanted data services to your end users on-premises, on vSphere.

Having the latest compatible software for one’s NVIDIA vGPU investment should be a priority. New features are added all the time, or there may be security enhancements. In this post I’ll demonstrate a new PowerShell module I’ve built that employs the NVIDIA License System (NLS) API to be able to list and download vGPU software like drivers or the NVIDIA Delegated License Service (DLS).

How to get generated passwords via Fleet Management API, and login to Automation appliance via SSH

The power of Zig's comptime code execution

How a simple terminal trick helps me manage multiple Claude Code instances without losing my mind (or my terminal tabs)

I run Claude Code with --dangerously-skip-permissions flag, giving it full system access. Let me show you a new way of approaching computers.

For one of my network storage PC builds, I was looking for an alternative to Flatcar Container Linux and tried out NixOS again (after an almost 10 year break). There are many ways to install NixOS, and in this article I will outline how I like to install NixOS on physical hardware or virtual machines: over the network and fully declaratively.

After having spent the better part of 2 weeks learning Linux’s cgroup (control group) concept, I thought I better write this down for the next brave soul. 🦸

Lately I’ve been trying to find (and understand) the limits of time syncing between Linux systems. How accurate can you get? What does it take to get that? And what things can easily add measurable amounts of time error?
After most of a month (!), I’m starting to understand things. This is kind of a follow-on to a previous post, where I walked through my setup and goals, plus another post where I discussed time syncing in general. I’m trying to get the clocks on a bunch of Linux systems on my network synced as closely as possible so I can trust the timestamps on distributed tracing records that occur on different systems. My local network round-trip times are in the 20–30 microsecond (μs) range and I’d like clocks to be less than 1 RTT apart from each other. Ideally, they’d be within 1 μs, but 10 μs is fine.
It’s easy to fire up Chrony against a local GPSTechnically, GNSS, which covers multiple satellite-backed navigation systems, not just the US GPS system, but I’m going to keep saying “GPS” for short.
-backed time source and see it claim to be within X nanoseconds of GPS, but it’s tricky to figure out if Chrony is right or not. Especially once it’s claiming to be more accurate than the network’s round-trip time20 μs or so.
, the amount of time needed for a single CPU cache miss50-ish nanoseconds.
, or even the amount of time that light would take to span the gap between the server and the time source.About 5 ns per meter.
I’ve spent way too much time over the past month digging into time, and specifically the limits of what you can accomplish with Linux, Chrony, and GPS. I’ll walk through all of that here eventually, but let me spoil the conclusion and give some limits:
GPSes don’t return perfect time. I routinely see up to 200 ns differences between the 3 GPSes on my desk when viewing their output on an oscilloscope. The time gap between the 3 sources varies every second, and it’s rare to see all three within 20 ns of each other. Even the best GPS timing modules that I’ve seen list ~5 ns of jitter on their datasheets. I’d be surprised if you could get 3-5 GPS receivers to agree within 50 ns or so without careful management of consistent antenna cable length, etc. Even small amounts of network complexity can easily add 200-300 ns of systemic error to your measurements. Different NICs and their drivers vary widely on how good they are for sub-microsecond timing. From what I’ve seen, Intel E810 NICs are great, Intel X710s are very good, Mellanox ConnectX-5 are okay, Mellanox ConnectX-3 and ConnectX-4 are borderline, and everything from Realtek is questionable. A lot of Linux systems are terrible at low-latency work. There are a lot of causes for this, but one of the biggest is random “stalls” due to the system’s SMBIOS running to handle power management or other activities, and “pausing” the observable computer for hundreds of microseconds or longer. In general, there’s no good way to know if a given system (especially cheap systems) will be good or bad for timing without testing them. I have two cheap mini PC systems that have inexplicably bad time syncing behavior,1300-2000 ns.
and two others with inexplicably good time syncing20-50 ns
. Dedicated server hardware is generally more consistent. All in all, I’m able to sync clocks to within 500 ns or so on the bulk of the systems on my network. That’s good enough for my purposes, but it’s not as good as I’d expected to see.

Join me on an exploration of FreshRSS as an alternative to the gone-but-not-forgotten Google Reader. We’ll even walk through setting it up locally with Docker and Tailscale for easy access.

Tired of Annoying Ads and Privacy-Invading Trackers? Here’s How to Take Control...

Minimalist doesn't mean Talos isn't extensible. Let's dive into the topic of extensions to customize and adapt it to our needs.

I'm fortunate enough to live in a place where 10Gbps fiber (FTTH) is not only available but also cheap. Here's how I'm taking advantage of this.

Dave Peck's home on the web. Dave is an independent software developer, investor, and civic technologist.

Explore the benefits of using Python data classes to manage nested structures efficiently and avoid common errors.

SDDC Manager oprations may not be allowed due to System Lock held by Password Manager operation in progress. A password rotation task may have failed on individual components for various reasons. S…

TLDR

vCenter Server ships out of the box a number of system and custom roles, which can be used or users can create their own custom roles containing the required privileges. If you wanted to understand…

An opinion on the trend of content creators promoting Tmux and Zellij for desktop environments – and why these setups may miss the point.

The article outlines how to automate the deployment and configuration of VMware NSX using Terraform, focusing on components like NSX Manager, Fabric, and Edge Transport Nodes. It details installati…

This blog post provides a detailed guide for installing VMware vSphere Supervisor using Terraform. It covers prerequisites, installation steps for Terraform and vSphere Supervisor, and necessary co…

With the new Broadcom licensing changes related to NSX only the stateless firewall is included in the base VCF/NSX license while statefull firewall needs to be licensed separately. VMware Cloud Dir…

Super quick one I want to document here! I got myself on a side quest,
again! No biggie, my ZSH shell was taking ages to load. When I say
ag...

What are these distroless images, really? Why are they needed? What's the difference between a container image built from a distroless base and a container image built from scratch? Let's take a deeper look.

While answering a recent question on the VMware Reddit Community, I came to learn about Authentik, an open source identity provider (IdP), which is pretty feature rich and best of all, you can self…

Change your tools and change your life in 2025.

Abstract Now that we have a Vault, with a TLS Issuing CA, and some idea of how to get certs out of it, lets look at how we can use this in a “real” world scenario to put a valid TLS profile onto a Network Appliance (fancy word for a switch I guess).
Why did I say appliance, and not Router or Switch? Weeeeeell, think about it. You manage a lot of network stuff over HTTPS protocols these days, even when its not actually a web interface you are using to do it.

How I connected Kubernetes clusters across 4 countries with my own ASN, BGP peering, and perhaps too many IPsec tunnels

Don't forget to uv self update before trying those

Hola,
Recently, I have made several changes to the AsBuiltReport.Veeam.VBR script, so I will summarize here all the new capabilities added.
Here is the link to the most recent report in HTML format: Report The first change I will discuss is the support for Microsoft Entra ID. In this case the Veeam Backup & Replication (VBR) Powershell module allows extracting the information of the Tenants that are configured in the VBR infrastructure.

Let’s say you’ve got some kind of service you want to connect to through Tailscale. How do you make it accessible over your tailnet? It's easy for decision paralysis to set in here, so let's consolidate some of the possibilities in one place.

Mac's Tech Blog

Using Linux's fancy networking to keep torrent traffic private

In a previous post, I covered a method to automatically generate DNS zones from an embedded YAML list.
This wasn't the most useful on its own, only ensuring …

Let's walk through a common scenario.

Sample Dashboard Designs to review first thing in the morning while drinking your Coffee or Energy Drink.

Bare metal to production ready in mins; imagine fly.io on your VPS
Sidekick is made to make your life easy as you deploy your applications. It’s meant for people who care about shipping as fast as possible while doing things the right way. Sidekick is designed to allow you to host multiple applications on a single VPS and take care of making them production ready. If you get enough traction, scale up your VPS and call it a day!

A rant about caring

Hola,
Today I am going to share the improvements I have made to the Veeam Backup & Replication infrastructure diagramming tool. This tool uses Graphviz as the engine to draw the diagram and the PSGraph module to generate the code from PowerShell. Here is the link to the project on GitHub:
https://github.com/rebelinux/Veeam.Diagrammer In version 0.6.8 information about SureBackup was added to the infrastructure diagram. In particular, the ability to diagram Application Groups and Virtual Labs has been added.

Ça fait un moment que j’utilise Github comme support OAuth2 pour m’authentifier sur des applications. Toutefois, je me suis toujours contenté de suivre une documentation sans réellement chercher à comprendre ce qu’il se passait sous mes yeux chaque fois que je voulais m’authentifier.
De ce fait, je me suis motivé à écrire cet article à propos du SSO. L’objectif est de découvrir les mécanismes disponibles pour gérer une grande quantité d’utilisateurs et leurs accès aux applications de l’infrastructure.

In this post I will demonstrate how one can automate the downloading of VMware Cloud Foundation bundles with Ansible, for later use with the offline depot functionality, which promises to relieve laborious bundle uploads to SDDC Manager.

Last week I wanted to replace my OpenVPN setup with WireGuard. The basics were well-documented, going beyond the basics was a bit trickier. Let me teach you want I learned.
The basics But first, let’s summarize the basics. I have a server with a hosting provider that I want to use as a VPN server. I won’t delve into details here, since there are so many great explanations on the web already (here, here, here or here), let’s just make a quick summary of a simple setup, as a base for discussing the (slightly) more advanced usages I had to configure myself:

Golden images were supposed to simplify infrastructure, but many teams still build Linux systems like it's 2009. Let's do it differently.

Inmy previous postI showed how to install automatically a virtual machine with pfSense. The automation I reached was around 90%, as I didn’t know how to automate the installation of the software. Than

Adventures trying to minimise disk usage for servers

As someone familiar with VMware and vCenter, but coming reasonably fresh to Proxmox Virtual Edition (PVE) there are a number of important differences when …

Vault est un outil de gestion des secrets développé par Hashicorp. Il permet de stocker et de gérer ces derniers de manière sécurisée. Dans cet article, nous allons voir comment utiliser Vault pour gérer les secrets de vos applications.

Some time ago I bumped into a blog post from Rutger Blom about implementing EVPN integration between NSX-T and vYOS. As I was involved in my recent past with Arista in DC deployments, I was curious…

Slow Rust Builds?
Here are some tips to speed up your compile times.
This list was originally released on my private blo…

Finally, Podman has a Docker Compose alternative

J'utilise constamment des machines virtuelles pour tester des scripts, pour héberger des services, pour faire des tests de déploiement, etc. J'ai pour habitude d'utiliser Proxmox dans le cadre de mon lab, et Libvirt au travail.
Depuis peu, j'approfondis mes connaissances sur les clouds publiques comme AWS, GCP, Azure, etc. Et s'il y a bien une chose qui me fascine, c'est la vitesse à laquelle on peut créer une machine virtuelle.
Il m'arrive d'utiliser Cloud-Init pour automatiser la création de mes machines virtuelles ou Packer pour créer des templates de VM, mais nous parlons de quelques minutes (et non de secondes).
C'est en faisant mes recherches sur ce sujet que je suis tombé sur Firecracker, un projet open-source d'AWS qui permet de créer des microVMs en quelques millisecondes (oui oui, millisecondes). Alors, je veux pouvoir créer des machines virtuelles en quelques millisecondes, mais aussi pouvoir les détruire et les recréer à la volée. De ce fait, ces machines virtuelles pourront être utilisées pour des tests, pour des déploiements, pour des services, etc.

Découvrez la sélection de nos derniers travaux. Des projets Cyllene multiples regroupant de nombreux métiers afin de vous offrir une prestation sur-mesure.

Many engineers have a strained relationship with Bash. I love it though, but I’m very aware of it’s limitations when it comes to error handling and data structures (or lack thereof).
As a result of these limitations I often see Bash scripts written very defensively that define something like:
set -euxo pipefail These are bash builtin options that do more or less sensible things.
e: Exit immediately when a non-zero exit status is encountered u: Undefined variables throws an error and exits the script x: Print every evaluation. o pipefail: Here we make sure that any error in a pipe of commands will fail the entire pipe instead just carrying on to the next command in the pipe. All of these are quite useful, thought I tend to skip the -u flag as bash scripts often interact with global variables that are set outside my scripts. The -x flag is extremely noisy so it’s most often used manually when debugging. And to be honest, I don’t really use -o pipefail either. I guess this is a good place for a few words of caution when it comes to this approach. Feel free to dig into this reddit comment, but to summarize, the behavior of these flags aren’t consistent across Bash versions and they can break your scripts in unexpected ways.

Overview VMware recently released full support for Azure Active Directory (now called Entra ID) integration with vCenter with release 8.0 U2. Unfortunately, their documentation about integration had some major gaps, compelling us to write this guide. VMware’s documents initially recommended opening your vCenter server URL to the public (which you should NEVER do). They’ve since...

Instead of using sshpass to non-interactively provide an SSH password, here is a simpler approach by harnessing the built-in features of OpenSSH...

Prometheus est une solution de supervision créée par Soundcloud en 2012 et open-sourcée en 2015. C'est un incontournable qui se démarque via l'intégration à de nombreux services tiers non supportés nativement.

Mapping Pihole to Tailscale and enabling subnet routing has made accessing my homelab outside the house an absolute joy.

Terraform Associate est une certification officielle de HashiCorp. Celle-ci permet de valider vos connaissances sur Terraform via un examen en ligne. Je vous partage mon expérience dans cet article !

Recently I’ve been looking into setting up BGP EVPN between VMware NSX and VyOS router. I’m using VyOS quite a lot in labs and demos, often as the counterpart to a Tier-0 gateway, and w…

Tmux est un multiplexeur de terminal, celui-ci permet de créer et contrôler des sessions. Il est souvent utilisé pour lancer une commande en fond et pouvoir fermer le terminal sans crainte que le processus ne soit stoppé. Nous allons voir comment l'utiliser.

Everyone loves the Cluster API, but there are some cases where it's not the best solution. We chose not to build with it for several reasons.

DebianRepository est un projet basé sur Docker permettant de déployer un dépôt de paquets Debian en quelques secondes

Want to secure your Proxmox server with a trusted SSL certificate from Let's Encrypt? Check out my post! Includes Home Assistant integration too!

Historically, we have rarely talked about how our servers fetch
the content from the Internet. In this blog we’re going to cover
this gap. We'll discuss how we manage Cloudflare IP addresses
used to retrieve the data from the Internet, how our egress
network design has evolved, how we optimized it for best use
of available IP space and introduce our soft-anycast technology.

SSH port forwarding explained in a clean and visual way. How to use local and remote port forwarding. What sshd settings may need to be adjusted. How to memorize the right flags.

Learn all about network bonding in XCP-ng and some tricks to configure it.

The need I went into some troubles when I wanted to implement NSXT rules. My aim was to keep the order of the rules as intended by the user when he wrote his data without asking him to enter a rule ID manually. If the order is kept then it’s easy to prioritize the rules according to their placement. With the NSX-T Terraform provider the rules are in the form below :

How Relational Databases Work. This post talks about how indexes and transactions work on the inside of relational databases.

Thus far, this series of posts have all been about Layer 2 over Layer 3 models; the customer ethernet frames encapsulated in UDP, traversing L3 networks. The routing has been confined underlay, the customer traffic has stayed within the same network.

Starting today, we are thrilled to announce that you can start building many segregated virtual private networks over Cloudflare Zero Trust, beginning with virtualized connectivity for the connectors Cloudflare WARP and Cloudflare Tunnel

Today I learned that, since macOS High Sierra onwards, you can move a window by starting to drag anywhere on it.

Easily create a Proxmox Ubuntu cloud-init image for use with Terraform, Ansible, and other automation tools

How Docker publishes container ports on the host? How to use SO_REUSEPORT to make multiple containers listening on the same port? How to use iptables to make multiple containers exposed on the same port?

Applying DevOps to networks.

Learn how to create a Kubernetes cluster on Azure, Amazon Web Services (AWS) and Google Cloud

Find the right requests and limits can be tricky. Instead of guessing, you could inspect the application at runtime and extrapolate the values.

Learn how NAT traversal works, how Tailscale can get through and securely connect your devices directly to each other.

Todays topic is VMware Cloud Director inter-tenant routing with a NSX-T backed provider VDCs (pVDC). The reason for writing this post is that some use-cases require routed connectivity between Org VDC

A post about a community function contribution to the open source project VMware Event Broker Appliance to notify you if a ESXi host failure occured.

Cheatsheet to a more maintainable configuration.

Applying DevOps to networks.

Replacing Orange Livebox with another router is widely documented but too kludgy for my taste. I expose a cleaner setup.

Monitor CPU, GPU, and storage, clean junk files, check battery health, and keep your Mac fast with Sensei. Free download.

How to backup and restore K8s applications on vSphere

What are iptables chains, rules, policies, and tables? Describe iptables in layman's terms.

People tend to be visual: we use pictures to understand problems. Mainstream programming languages, on the other hand, operate in an almost completely different kind of abstract space, leaving a big g

Intro
I have been experimenting a lot over the past 18 months with containers and in particular, Kubernetes, and one of the core things I always seemed to get hung up on was part-zero - creating the VMs to actually run K8s. I wanted a CLI only way to build a VM template for the OS and then deploy that to the cluster.
It turns out that with Ubuntu 18.04 LTS (in particular the cloud image OVA) there are a few things need changed from the base install (namely cloud-init) in order to make them play nice with OS Guest Customisation in vCenter.

Checkmk is a leading tool for Infrastructure and Application Monitoring. Simple configuration, scalable, flexible. Open Source and Enterprise.

Introduction Traditionally, Data Centers used lots of Layer 2 links that spanned entire racks, rows, cages, floors, for as far as the eye could see. These...

Implementation of redundant site-to-site VPNs on Linux with WireGuard (instead of IPsec) and BGP.

VXLAN is an overlay network for L2 traffic over an existing IP network. One deployment option is BGP EVPN.

On Linux, a network bridge without any IP address configured will still process IP packets. How to disable such a feature?

Automation is an increasingly interesting topic in pretty much every technology discipline these days. There’s lots of talk about tooling, practices, skill set evolution, and more - but little conversation about fundamentals. What little is published by those actually practicing automation, usually takes the form of source code or technical whitepapers. While these are obviously valuable, they don’t usually cover some of the fundamental basics that could prove useful to the reader who wishes to perform similar things in their own organization, but may have different technical requirements.

A short while back I participated in an internal event. A number of priority customers of our internal cloud service were invited for a feedback session, to voice their thoughts, listen to roadmap sessions and just to get to know each other.
There was one comment made there by one of the participants that has been on my mind since then, and it was something along the lines of:
“I have been using AWS longer than I have been using our internal cloud service – that is more than 5 years.