Tag: Automation

There are a number of exciting enhancements to VMware Cloud Foundation (VCF) Single Sign-On (SSO) with the release of VCF 9.1 from Generic OIDC/SAML2 Identity Provider (IdP) support, streamline way…

VMware Cloud Foundation (VCF) 9.1 introduces a few new updates with the license entitlement workflow between VCF Operations and VCF Business Service Console (BSC) for users operating in an air-gapp…

In VCF Automation 9.1 we can assign External IP to a particular VM that is connected to private or transit subnets and access it directly via that IP. This is similar to assigning public floating I…

Over the weekend, I had to re-deploy a portion of my VCF 9.1 Fleet, including VCF Operations, VCF Management Services, VCF License Server, SDDC Manager and VCF Automation, due to some workflows I w…

When you delete a Kubernetes (K8s) cluster, you can sometimes end up with orphaned disks (persistent volumes) on your datastore. It can be difficult to identify them and they can take up unnecessar…

This post outlines how organizations can leverage public APIs of the VMware Cloud Foundation platform for custom automation. It emphasizes obtaining authentication tokens across various endpoints, …

My VCF homelab runs on GMKTec K8 Plus nodes which have AMD Ryzen CPU with 16 threads – which means the biggest VM that can be powered on can have only 16 vCPUs. However VCF Automation runs on…

Comment Mise arrive à résoudre les problèmes de Krew et du tooling interne des équipes SRE en général

Fast, Declarative, Reproducible, and Composable Developer Environments using Nix

About two years ago I wrote blog post on how to create self-contained lab in VMware Cloud Director cloud environment with equivalent functionality to physical lab that can be rapidly deployed with …

tsnet let Cleric embed Tailscale into their AI SRE, replacing VPNs and VPC peering with a programmable, zero-config overlay network.

To track CPU Support in VCF releases, we have a dedicated KB article that shows which CPU are either Deprecated or Discontinued. See CPU Support Deprecation and Discontinuation In VCF Releases R…

Comment j'utilise Mise au quotidien pour gérer mes versions d'outils, mes variables d'environnement et mes secrets sur plusieurs projets

A blog by James Adam, of lazyatom.com fame.

A practical field-focused walkthrough of building an All Apps Organization in VMware Cloud Foundation 9 using VCF Automation, with emphasis on regions, quotas, networking design, and why manual setup matters over quick start.

Learn how to automate vSphere power management using Ansible and SemaphoreUI, scheduling ESXi host shutdowns based on Octopus Agile energy tariffs to cut costs.

The open source Git project just released Git 2.54. Here is GitHub’s look at some of the most interesting features and changes introduced since last time.

Also available in: 日本語 This year I completely restructured my Obsidian workflow.

Learn how to use the VCF 9.0 SDDC Manager API to set custom password rotation schedules beyond the 30, 60 and 90 day UI presets

Configuring VMware Cloud Foundation (VCF) Single Sign-On (SSO), introduced in VCF 9.0, can be quite lengthy, especially when you go through the workflow for the first time. For my lab setup, I use …

Fixes 120 issues (addressing 219 👍). Render Markdown in the terminal with bun ./file.md, Bun.WebView headless browser automation, in-process Bun.cron() scheduler, async stack traces for native errors, 2.3x faster URLPattern, 2x faster Bun.Glob.scan, cgroup-aware parallelism on Linux, and many bugfixes and Node.js compatibility improvements.

tui-use lets agents interact with programs that expect a human at the keyboard — REPLs, debuggers, TUI apps, and anything else bash can't reach. - onesuper/tui-use

After deploying a new VMware Cloud Foundation environment in my lab, I typically apply a set of post-deployment configurations across components such as vCenter and NSX, depending on the specific s…

When Isshinto a server for the first time, I’m confronted with a dialog which asks me to verify I’m actually talking to the machine I expect to be talking to.

A practical field-focused walkthrough of deploying a Supervisor in VMware Cloud Foundation 9, with emphasis on networking design, VPC versus NSX Classic, Tier-0 architecture, routing, VKS operations, and preparing the platform for namespaces and Supervisor Services.

Auto-Save Claude Code Plans to Obsidian. GitHub Gist: instantly share code, notes, and snippets.

A complete guide to CLAUDE.md, custom commands, skills, agents, and permissions, and how to set them up properly.

Every NanoClaw agent will access external services through OneCLI's Agent Vault, a gateway that handles credential injection, access policies, and approvals so agents never hold raw API keys.

Full courses + unlimited support: https://www.skool.com/ai-automation-s...
All my FREE resources: https://www.skool.com/ai-automation-s...
Apply for my YT podcast: https://podcast.nateherk.com/apply
Work with me: https://uppitai.com/

Back in 2020, the vSphere UI was the only way to create your own custom Virtual Machine Classes, there was not a vSphere API and while you can directly connect to vSphere Supervisor Control Plane, …

CLI proxy that compresses command outputs for AI coding agents. 60-90% less context pollution. Open source, written in Rust.

Let's make a tiny, standalone CA! We'll use a Raspberry Pi 4, YubiKey 5 NFC, and Infinite Noise TRNG.

NixOS : comment j'ai troqué 13 ans de Debian contre un système déclaratif, reproductible et sans mauvaise surprise.

Zero-touch node patching for Proxmox clusters bygyptazy.

Xen Orchestra install/update script. Contribute to ronivay/XenOrchestraInstallerUpdater development by creating an account on GitHub.

How to build an answer file?

The biggest shock of my early career was just how much code I needed to read that others wrote. I had never dealt with this. I had a hard enough time understanding my own code. The idea of understandi

When you request a certificate from Let’s Encrypt, our servers validate that you control the hostnames in that certificate using ACME challenges. For subscribers who need wildcard certificates or who prefer not to expose infrastructure to the public Internet, the DNS-01 challenge type has long been the only choice. DNS-01 works well. It is widely supported and battle-tested, but it comes with operational costs: DNS propagation delays, recurring DNS updates at renewal time, and automation that often requires distributing DNS credentials throughout your infrastructure.

Give LLM agents shell access without risking your host system. A practical libvirt guide covering VM creation, snapshots for safe experimentation, and remote access options.

Creating Talos Kubernetes cluster using VMware.

mise-en-place documentation

Comment j'ai obtenu mon propre ASN et utilisé BGP pour annoncer des routes IPv6 depuis chez moi.

Crack, splash, boom! In 2024, the VMware ecosystem endured a seismic shift. Broadcom acquired VMware and quickly introduced a controversial change in its pricing model — shifting from a vRAM-based system to one centered on per physical core (pCore) licensing — and shaking the veritable ground users stood upon. What once allowed customers to pay for […]

VCF Automation (VCFA) provides very easy way to deploy vSphere Kubernets Service (VKS) Clusters in a multitenant environments. This can be done via UI, Kubernetes API or CLI. This is in my opinion …

A comprehensive step-by-step guide series to creating Kubernetes managed clusters on Proxmox using Cluster API and Cilium as a CNI.

A quick introduction to VCF 9 Automation in All Apps mode

Harvest a host's real configuration and turn it into Ansible roles/playbooks. Safe-by-default, with optional SOPS encryption.

Running six Claude Code agents in parallel from an iPhone. A cloud VM, Tailscale, mosh, and push notifications enable async development from anywhere.

Happy New Year! 🎉 Kicking off 2026 with my first blog post of the year 😁 Customers can use the Broadcom Product Lifecycle portal to search for products across the seven Broadcom Software Divisions …

Last month i shared a screenshot of a single switch validation. 12 tests.

What Kabir Writes

In an air-gapped or disconnected environment, license entitlement for VMware Cloud Foundation (VCF) involves a multi-step file exchange between the VCF Business Service Console (BSC) and your deplo…

Ten field-tested Kubernetes capabilities - topology spread, disruption budgets, admission policies, autoscaling guardrails, and more - that most teams ignore but instantly boost resilience, velocity.

BrowserBox streams a full modern browser to any client with low latency. Keep web risk off the endpoint while teams browse, automate, and embed safely.

✳️ IntroductionWith the release of VMware Cloud Foundation 9 (VCF 9), VMware has introduced a major architectural evolution—consolidating Day-2 operations, automation, and lifecycle tasks into VCF Operations (VCF OPS).One of the most notable changes is how Workload Domains (WLDs) are created. Previously, administrators used the SDDC Manager GUI to provision a new WLD. In VCF 9, this process now happens exclusively through VCF OPS, offering more flexibility, automation, and integration with moder

I recently demonstrated how to automate the configuration of the VCF Automation (VCFA) Provider Portal using the new Terraform Provider for VCFA. You can also use the same provider to configure you…

When deploying a new VMware Cloud Foundation (VCF) Fleet, users can choose from two different deployment models: Simple (one-node) or High-Availability (3-node) within the VCF Installer, which appl…

I've written a number of little scripts over the years, many of which I use every day. Here's a little collection.

Anthropic this morning introduced Claude Skills, a new pattern for making new abilities available to their models: Claude can now use Skills to improve how it performs specific tasks. Skills …

Fast, Python-based infrastructure automation. Deploy to SSH servers, Docker, and local machines. 10x faster than Ansible.

Free endpoint monitoring. One-click deployment. Contribute to WCY-dt/ponghub development by creating an account on GitHub.

License management for both VMware vSphere Foundation (VVF) and VMware Cloud Foundation (VCF) 9.0 is now handled by VCF Operations, which supports keyless entitlement in both Connected and Disconne…

With the release of VMware Cloud Foundation 9.0, VMware is ushering in a new era of private cloud management, where data services become an integral part of the automated platform. A key element of this transformation is VMware Data Services Manager (DSM) 9.0, an advanced Database-as-a-Service (DBaaS) tool that is now fully integrated with VCF...

This blog post provides a detailed guide for deploying VCF Instance using Terraform. It covers prerequisites, installation steps for Terraform and VCF, and necessary configurations in Terraform fil…

I use Homebrew all the time. Whenever I see a new CLI that offers an npm or uv install path alongside a brew one, I choose brew every single time.
And yet, when…

After publishing my long awaited Automated VMware Cloud Foundation (VCF) 9.0 Lab Deployment Script yesterday, I already had a request for a simliar solution to deploy VMware vSphere Foundation (VVF…

Claude Code is the most delightful AI agent/workflow I have used so far. Not only does it make targeted edits or vibe coding throwaway tools less annoying, ...

In today’s multi-tenant cloud environments, VMware Cloud Foundation Automation (VCFA) offers a robust layered architecture that seamlessly bridges enterprise-grade infrastructure management with de…

After years of self-hosting on a VPS in a datacenter, I’ve decided to move my services at home. But instead of just porting services, I’m using this as an opportunity to migrate to a more flexible and

Deploy VMs and LXCs using Proxmox Terraform templates. Includes cloud-init, LXC provisioning, and real-world IaC examples for automation.

Free, self-hosted customer support platform with shared inbox, automation, and team collaboration. Deploy with a single binary.

I recently deployed the latest release of VMware Data Services Manager (DSM) 9.0 in my VMware Cloud Foundation (VCF) 9.0 lab to explore the new integration with VCF Automation (VCFA), allowing orga…

With the improvements of VCF Automation 9 it now includes a new model which supports developer consumer use cases. In context of the tenancy architecture, it provides 2 different types of organizations: VM-Apps-OrgAn organization which is almost identical to what is known from 8.x versions of Aria Automation. Its main purpose is to support VM-based… Read More »

VCF 9 services like VCF Operations now use token based service accounts to connect and integrate to VCF Automation aka VCFA. The use of token based service accounts is not limited to VCF 9 services…

It is wild to think that it has been only a handful of weeks.
Claude Code has considerably changed my relationship to writing and maintaining code at scale. I still write code at the same level of quality, but I feel like I have a new freedom of expression which is hard to fully articulate.
Claude Code has decoupled myself from writing every line of code, I still consider myself fully responsible for everything I ship to Puzzmo, but the ability to instantly create a whole scene instead of going line by line, word by word is incredibly powerful.

When working on my homelab, I regularly need to pass credentials to my tools. A naive approach is to just store the token in clear text, but there's a better alternative. Let's see how direnv and the Bitwarden password manager's CLI can be hooked together to let me keep my infrastructure credentials safe, in a simple, sturdy setup!

tail -f your gmail. Contribute to c4pt0r/gmailtail development by creating an account on GitHub.

Powerful SSL certificate management system with multi-DNS provider support and REST API

Use declarative language to build simpler, faster, scalable and flexible workflows

GitHub issues is almost the best notebook in the world. Free and unlimited, for both public and private notes. Comprehensive Markdown support, including syntax highlighting for almost any language. Plus …

Let's Encrypt for VMware ESXi with easy installation using pre-built VIB or offline bundle. Auto-renewal of certificates. - w2c/letsencrypt-esxi

Automate deployment and configuration of nested VMware Software-Defined Data Center environments including solutions like vSphere, vSAN, NSX, vSphere Kubernetes Service, Avi Load Balancer, Aria Ope...

CLI tool and python library that converts the output of popular command-line tools, file-types, and common strings to JSON, YAML, or Dictionaries. This allows piping of output to tools like jq and ...

Build powerful software environments and containerized operations from modular components and simple functions. Perfect for complex software delivery and AI agents. Built by the creators of Docker.

Caddy is a powerful, enterprise-ready, open source web server with automatic HTTPS written in Go

For everything that happens after you deploy. Antimetal is the AI platform to better understand, manage, and automate your infrastructure.

Nutanix Builder v1.0.0 released and good to go for EUC image builds

PowerCLI has long established itself as a trusted and widely adopted automation tool across VMware environments. It remains one of the most preferred tools among our customers, and its popularity is reflected in the numbers—we estimate over 1.5 to 2 million downloads each year.

Data Services Manager is the DBaaS for VMware Cloud Foundation (VCF), offering multi-tenanted data services to your end users on-premises, on vSphere.

Having the latest compatible software for one’s NVIDIA vGPU investment should be a priority. New features are added all the time, or there may be security enhancements. In this post I’ll demonstrate a new PowerShell module I’ve built that employs the NVIDIA License System (NLS) API to be able to list and download vGPU software like drivers or the NVIDIA Delegated License Service (DLS).

The latest VMware Cloud Foundation (VCF) 9 resources

VMware Cloud Foundation 9 (VCF 9) has been released and with it comes brand new Cloud Management Platform – VCF Automation (VCFA) which supercedes both Aria Automation and VMware Cloud Direct…

How to get generated passwords via Fleet Management API, and login to Automation appliance via SSH

I run Claude Code with --dangerously-skip-permissions flag, giving it full system access. Let me show you a new way of approaching computers.

Hey! I'm a student and professional bug-creator. I like to explore new stuff, and share my experiences on this blog!

J.HOMMET.NET - Humain analogue dans un monde numérique.

Today we’re excited to release Railpack — the next iteration of the Railway builder, developed from the ground up based on everything we’ve learned from building over 14 million apps with Nixpacks.

Introduction to the deploy.sh Script The deploy.sh script is a fundamental tool in the VMware Aria Automation ecosystem (formerly vRealize Automation), responsible for deploying, configuring, and managing all components of this advanced environment. Located in the /opt/scripts/ directory on the Aria Automation virtual machine, it serves as the central orchestration point for the entire system....

GitHub Actions suggests using code like echo ... >> $GITHUB_ENV, but echo ... | tee -a $GITHUB_ENV is often better.

The article outlines how to automate the deployment and configuration of VMware NSX using Terraform, focusing on components like NSX Manager, Fabric, and Edge Transport Nodes. It details installati…

This blog post provides a detailed guide for installing VMware vSphere Supervisor using Terraform. It covers prerequisites, installation steps for Terraform and vSphere Supervisor, and necessary co…

Abstract Now that we have a Vault, with a TLS Issuing CA, and some idea of how to get certs out of it, lets look at how we can use this in a “real” world scenario to put a valid TLS profile onto a Network Appliance (fancy word for a switch I guess).
Why did I say appliance, and not Router or Switch? Weeeeeell, think about it. You manage a lot of network stuff over HTTPS protocols these days, even when its not actually a web interface you are using to do it.

How I connected Kubernetes clusters across 4 countries with my own ASN, BGP peering, and perhaps too many IPsec tunnels

Don't forget to uv self update before trying those

Hola,
Recently, I have made several changes to the AsBuiltReport.Veeam.VBR script, so I will summarize here all the new capabilities added.
Here is the link to the most recent report in HTML format: Report The first change I will discuss is the support for Microsoft Entra ID. In this case the Veeam Backup & Replication (VBR) Powershell module allows extracting the information of the Tenants that are configured in the VBR infrastructure.

Let’s say you’ve got some kind of service you want to connect to through Tailscale. How do you make it accessible over your tailnet? It's easy for decision paralysis to set in here, so let's consolidate some of the possibilities in one place.

Mac's Tech Blog

Using Linux's fancy networking to keep torrent traffic private

In a previous post, I covered a method to automatically generate DNS zones from an embedded YAML list.
This wasn't the most useful on its own, only ensuring …

Let's walk through a common scenario.

Sample Dashboard Designs to review first thing in the morning while drinking your Coffee or Energy Drink.

Bare metal to production ready in mins; imagine fly.io on your VPS
Sidekick is made to make your life easy as you deploy your applications. It’s meant for people who care about shipping as fast as possible while doing things the right way. Sidekick is designed to allow you to host multiple applications on a single VPS and take care of making them production ready. If you get enough traction, scale up your VPS and call it a day!

A rant about caring

Hola,
Today I am going to share the improvements I have made to the Veeam Backup & Replication infrastructure diagramming tool. This tool uses Graphviz as the engine to draw the diagram and the PSGraph module to generate the code from PowerShell. Here is the link to the project on GitHub:
https://github.com/rebelinux/Veeam.Diagrammer In version 0.6.8 information about SureBackup was added to the infrastructure diagram. In particular, the ability to diagram Application Groups and Virtual Labs has been added.

Ça fait un moment que j’utilise Github comme support OAuth2 pour m’authentifier sur des applications. Toutefois, je me suis toujours contenté de suivre une documentation sans réellement chercher à comprendre ce qu’il se passait sous mes yeux chaque fois que je voulais m’authentifier.
De ce fait, je me suis motivé à écrire cet article à propos du SSO. L’objectif est de découvrir les mécanismes disponibles pour gérer une grande quantité d’utilisateurs et leurs accès aux applications de l’infrastructure.

In this post I will demonstrate how one can automate the downloading of VMware Cloud Foundation bundles with Ansible, for later use with the offline depot functionality, which promises to relieve laborious bundle uploads to SDDC Manager.

Last week I wanted to replace my OpenVPN setup with WireGuard. The basics were well-documented, going beyond the basics was a bit trickier. Let me teach you want I learned.
The basics But first, let’s summarize the basics. I have a server with a hosting provider that I want to use as a VPN server. I won’t delve into details here, since there are so many great explanations on the web already (here, here, here or here), let’s just make a quick summary of a simple setup, as a base for discussing the (slightly) more advanced usages I had to configure myself:

Golden images were supposed to simplify infrastructure, but many teams still build Linux systems like it's 2009. Let's do it differently.

Inmy previous postI showed how to install automatically a virtual machine with pfSense. The automation I reached was around 90%, as I didn’t know how to automate the installation of the software. Than

Adventures trying to minimise disk usage for servers

As someone familiar with VMware and vCenter, but coming reasonably fresh to Proxmox Virtual Edition (PVE) there are a number of important differences when …

Vault est un outil de gestion des secrets développé par Hashicorp. Il permet de stocker et de gérer ces derniers de manière sécurisée. Dans cet article, nous allons voir comment utiliser Vault pour gérer les secrets de vos applications.

Some time ago I bumped into a blog post from Rutger Blom about implementing EVPN integration between NSX-T and vYOS. As I was involved in my recent past with Arista in DC deployments, I was curious…

Slow Rust Builds?
Here are some tips to speed up your compile times.
This list was originally released on my private blo…

Finally, Podman has a Docker Compose alternative

J'utilise constamment des machines virtuelles pour tester des scripts, pour héberger des services, pour faire des tests de déploiement, etc. J'ai pour habitude d'utiliser Proxmox dans le cadre de mon lab, et Libvirt au travail.
Depuis peu, j'approfondis mes connaissances sur les clouds publiques comme AWS, GCP, Azure, etc. Et s'il y a bien une chose qui me fascine, c'est la vitesse à laquelle on peut créer une machine virtuelle.
Il m'arrive d'utiliser Cloud-Init pour automatiser la création de mes machines virtuelles ou Packer pour créer des templates de VM, mais nous parlons de quelques minutes (et non de secondes).
C'est en faisant mes recherches sur ce sujet que je suis tombé sur Firecracker, un projet open-source d'AWS qui permet de créer des microVMs en quelques millisecondes (oui oui, millisecondes). Alors, je veux pouvoir créer des machines virtuelles en quelques millisecondes, mais aussi pouvoir les détruire et les recréer à la volée. De ce fait, ces machines virtuelles pourront être utilisées pour des tests, pour des déploiements, pour des services, etc.

Découvrez la sélection de nos derniers travaux. Des projets Cyllene multiples regroupant de nombreux métiers afin de vous offrir une prestation sur-mesure.

Many engineers have a strained relationship with Bash. I love it though, but I’m very aware of it’s limitations when it comes to error handling and data structures (or lack thereof).
As a result of these limitations I often see Bash scripts written very defensively that define something like:
set -euxo pipefail These are bash builtin options that do more or less sensible things.
e: Exit immediately when a non-zero exit status is encountered u: Undefined variables throws an error and exits the script x: Print every evaluation. o pipefail: Here we make sure that any error in a pipe of commands will fail the entire pipe instead just carrying on to the next command in the pipe. All of these are quite useful, thought I tend to skip the -u flag as bash scripts often interact with global variables that are set outside my scripts. The -x flag is extremely noisy so it’s most often used manually when debugging. And to be honest, I don’t really use -o pipefail either. I guess this is a good place for a few words of caution when it comes to this approach. Feel free to dig into this reddit comment, but to summarize, the behavior of these flags aren’t consistent across Bash versions and they can break your scripts in unexpected ways.

Overview VMware recently released full support for Azure Active Directory (now called Entra ID) integration with vCenter with release 8.0 U2. Unfortunately, their documentation about integration had some major gaps, compelling us to write this guide. VMware’s documents initially recommended opening your vCenter server URL to the public (which you should NEVER do). They’ve since...

Instead of using sshpass to non-interactively provide an SSH password, here is a simpler approach by harnessing the built-in features of OpenSSH...

Prometheus est une solution de supervision créée par Soundcloud en 2012 et open-sourcée en 2015. C'est un incontournable qui se démarque via l'intégration à de nombreux services tiers non supportés nativement.

Mapping Pihole to Tailscale and enabling subnet routing has made accessing my homelab outside the house an absolute joy.

Terraform Associate est une certification officielle de HashiCorp. Celle-ci permet de valider vos connaissances sur Terraform via un examen en ligne. Je vous partage mon expérience dans cet article !

Recently I’ve been looking into setting up BGP EVPN between VMware NSX and VyOS router. I’m using VyOS quite a lot in labs and demos, often as the counterpart to a Tier-0 gateway, and w…

Tmux est un multiplexeur de terminal, celui-ci permet de créer et contrôler des sessions. Il est souvent utilisé pour lancer une commande en fond et pouvoir fermer le terminal sans crainte que le processus ne soit stoppé. Nous allons voir comment l'utiliser.

Everyone loves the Cluster API, but there are some cases where it's not the best solution. We chose not to build with it for several reasons.

DebianRepository est un projet basé sur Docker permettant de déployer un dépôt de paquets Debian en quelques secondes

Want to secure your Proxmox server with a trusted SSL certificate from Let's Encrypt? Check out my post! Includes Home Assistant integration too!

Historically, we have rarely talked about how our servers fetch
the content from the Internet. In this blog we’re going to cover
this gap. We'll discuss how we manage Cloudflare IP addresses
used to retrieve the data from the Internet, how our egress
network design has evolved, how we optimized it for best use
of available IP space and introduce our soft-anycast technology.

SSH port forwarding explained in a clean and visual way. How to use local and remote port forwarding. What sshd settings may need to be adjusted. How to memorize the right flags.

Learn all about network bonding in XCP-ng and some tricks to configure it.

The need I went into some troubles when I wanted to implement NSXT rules. My aim was to keep the order of the rules as intended by the user when he wrote his data without asking him to enter a rule ID manually. If the order is kept then it’s easy to prioritize the rules according to their placement. With the NSX-T Terraform provider the rules are in the form below :

How Relational Databases Work. This post talks about how indexes and transactions work on the inside of relational databases.

Thus far, this series of posts have all been about Layer 2 over Layer 3 models; the customer ethernet frames encapsulated in UDP, traversing L3 networks. The routing has been confined underlay, the customer traffic has stayed within the same network.

Starting today, we are thrilled to announce that you can start building many segregated virtual private networks over Cloudflare Zero Trust, beginning with virtualized connectivity for the connectors Cloudflare WARP and Cloudflare Tunnel

Today I learned that, since macOS High Sierra onwards, you can move a window by starting to drag anywhere on it.

Easily create a Proxmox Ubuntu cloud-init image for use with Terraform, Ansible, and other automation tools

How Docker publishes container ports on the host? How to use SO_REUSEPORT to make multiple containers listening on the same port? How to use iptables to make multiple containers exposed on the same port?

Applying DevOps to networks.

Learn how to create a Kubernetes cluster on Azure, Amazon Web Services (AWS) and Google Cloud

Find the right requests and limits can be tricky. Instead of guessing, you could inspect the application at runtime and extrapolate the values.

Learn how NAT traversal works, how Tailscale can get through and securely connect your devices directly to each other.

Todays topic is VMware Cloud Director inter-tenant routing with a NSX-T backed provider VDCs (pVDC). The reason for writing this post is that some use-cases require routed connectivity between Org VDC

A post about a community function contribution to the open source project VMware Event Broker Appliance to notify you if a ESXi host failure occured.

Cheatsheet to a more maintainable configuration.

Applying DevOps to networks.

Replacing Orange Livebox with another router is widely documented but too kludgy for my taste. I expose a cleaner setup.

Monitor CPU, GPU, and storage, clean junk files, check battery health, and keep your Mac fast with Sensei. Free download.

How to backup and restore K8s applications on vSphere

What are iptables chains, rules, policies, and tables? Describe iptables in layman's terms.

People tend to be visual: we use pictures to understand problems. Mainstream programming languages, on the other hand, operate in an almost completely different kind of abstract space, leaving a big g

Intro
I have been experimenting a lot over the past 18 months with containers and in particular, Kubernetes, and one of the core things I always seemed to get hung up on was part-zero - creating the VMs to actually run K8s. I wanted a CLI only way to build a VM template for the OS and then deploy that to the cluster.
It turns out that with Ubuntu 18.04 LTS (in particular the cloud image OVA) there are a few things need changed from the base install (namely cloud-init) in order to make them play nice with OS Guest Customisation in vCenter.

Checkmk is a leading tool for Infrastructure and Application Monitoring. Simple configuration, scalable, flexible. Open Source and Enterprise.

Introduction Traditionally, Data Centers used lots of Layer 2 links that spanned entire racks, rows, cages, floors, for as far as the eye could see. These...

Implementation of redundant site-to-site VPNs on Linux with WireGuard (instead of IPsec) and BGP.

VXLAN is an overlay network for L2 traffic over an existing IP network. One deployment option is BGP EVPN.

On Linux, a network bridge without any IP address configured will still process IP packets. How to disable such a feature?

Automation is an increasingly interesting topic in pretty much every technology discipline these days. There’s lots of talk about tooling, practices, skill set evolution, and more - but little conversation about fundamentals. What little is published by those actually practicing automation, usually takes the form of source code or technical whitepapers. While these are obviously valuable, they don’t usually cover some of the fundamental basics that could prove useful to the reader who wishes to perform similar things in their own organization, but may have different technical requirements.

A short while back I participated in an internal event. A number of priority customers of our internal cloud service were invited for a feedback session, to voice their thoughts, listen to roadmap sessions and just to get to know each other.
There was one comment made there by one of the participants that has been on my mind since then, and it was something along the lines of:
“I have been using AWS longer than I have been using our internal cloud service – that is more than 5 years.