Tag: Cloud

IntroductionArchitectural Pillar: The 9.0 vs. 9.1A. Distributed Model: VCF 9.0 vs. VCF 9.1B. Centralized Model: VCF 9.0 vs. VCF 9.1Deep Dive: The Virtual Network Appliance (VNA)Decentralizing State…

Over the weekend, I had to re-deploy a portion of my VCF 9.1 Fleet, including VCF Operations, VCF Management Services, VCF License Server, SDDC Manager and VCF Automation, due to some workflows I w…

VMware Cloud Foundation (VCF) 9.1 is now generally available! 🥳 In addition to the revamped VCF 9.1 Technical Documentation which includes the 9.1 release notes, which everyone should be reviewing …

Last Updated May 4, 2026

Transitioning your VMware vSphere environment to VMware Cloud Foundation (VCF) is a strategic move that shifts your infrastructure from a collection of managed silos to a unified private cloud.  In my recent webinar with Brent Douglas where we dove deep into the converge process, the turnout was massive. Below are the Top 10 “must-know” questions … Continued

In the ever-evolving landscape of private cloud, technical debt often hides in the most fundamental places, like your DNS naming convention. For many years, .local was the go-to Top-Level Domain (TLD) for internal Active Directory environments. However, as per RFC 6762, .local is now officially reserved for Multicast DNS (mDNS) and is no longer recommended … Continued

Adding clarity after the NC2 on Google Cloud article and illustrating how OVHcloud completes the picture.

We’ve all been there. We deploy an appliance and then we can’t find the password. We try to log in a few times and the accout gets locked out. For administrators managing VMware Cloud F…

Docker Offload is now generally available. Docker runs in any environment, even VDIs, no workarounds, no compromise. Built for enterprise teams.

Complete guide to using NGINX as an API gateway in 2026, covering configuration, load balancing, rate limiting, and the Kubernetes ingress-nginx retirement.

NixOS : comment j'ai troqué 13 ans de Debian contre un système déclaratif, reproductible et sans mauvaise surprise.

How to build a single global queue for distributed systems on object storage: Start with a single file on object storage, then add write batching, a stateless broker, and high-availability.

Create and configure Tunnels for public applications, Workers VPC, and Load Balancing without leaving the Core Dashboard — now with native integrations and unified visibility.

See how I built a Proxmox and Ceph home lab with 5 nodes, 17TB NVMe storage, dual 10Gb LACP, and Talos Kubernetes running on distributed Ceph.

Give LLM agents shell access without risking your host system. A practical libvirt guide covering VM creation, snapshots for safe experimentation, and remote access options.

Short blog about my experiences with Nutanix CE and which workarounds I needed.

Crack, splash, boom! In 2024, the VMware ecosystem endured a seismic shift. Broadcom acquired VMware and quickly introduced a controversial change in its pricing model — shifting from a vRAM-based system to one centered on per physical core (pCore) licensing — and shaking the veritable ground users stood upon. What once allowed customers to pay for […]

The Nutanix Cloud Bible - A detailed narrative of the Nutanix architecture, how the software and features work and how to leverage it for maximum performance.

Author: Nemanja Ilic

Walkthrough on how to build and deploy a Telegram bot to Cloudflare Workers. Durable Objects are used for per-person DB and grammY is used to interact with the Telegram API

Instant Linux boxes via SSH. Create stock boxes or OCI image-backed VMs. Scale to zero and pay only for what you use.

A comprehensive step-by-step guide series to creating Kubernetes managed clusters on Proxmox using Cluster API and Cilium as a CNI.

| Small Office/Home Office (SOHO)| Small-to medium-sized business (SMB)| Medium-to large-sized enterprises (MLE)

A curated list of awesome resources, tools, libraries, and projects for the Mistral AI ecosystem. - samouraiworld/awesome-mistral

In VMware Cloud Foundation (VCF) 9.0, identity management takes a leap forward with the introduction of the VCF Identity Broker (VIDB)—a modern, flexible solution for enabling Single Sign-On (SSO) …

Running six Claude Code agents in parallel from an iPhone. A cloud VM, Tailscale, mosh, and push notifications enable async development from anywhere.

“Bye bye bye.” It took some time, and a serious amount of research, but I have finally crossed the finish line. I have officially migrated my digital life to pure, EU-hosted solutions.

VCF 9 adopts a streamlined, subscription-based licensing model that simplifies management and compliance: Single license file replaces multiple component-specific keys (vCenter, ESXi, NSX, etc.) Li…

Recent advancements in Cloudflare Python Workers means fast cold starts, comprehensive package support, and a great developer experience. We explain how they were achieved and show how Python can be used to build serverless applications on Cloudflare.

Cloudflare suffered a service outage on November 18, 2025. The outage was triggered by a bug in generation logic for a Bot Management feature file causing many Cloudflare services to be affected.

We made the switch from AWS-hosted MongoDB Atlas to a self-hosted solution on Hetzner, resulting in a 90% reduction in costs while maintaining performance and reliability.

We saved 76% on our cloud bills while tripling our capacity by migrating to Hetzner from AWS and DigitalOcean. Digital Society is a not-for-profit cooperative helping you get your projects off the ground and realise the value of your data.

How Tailscale can work with and inside Google Cloud, Microsoft Azure, and Amazon Web Services.

Cloudflare investigated CPU performance benchmark results for Workers, uncovering and fixing issues in infrastructure, V8 garbage collection, and OpenNext optimizations. These improvements have made Cloudflare Workers faster for all customers.

With the release of VMware Cloud Foundation 9.0, VMware is ushering in a new era of private cloud management, where data services become an integral part of the automated platform. A key element of this transformation is VMware Data Services Manager (DSM) 9.0, an advanced Database-as-a-Service (DBaaS) tool that is now fully integrated with VCF...

Just wanted to share my (successful) procedure for creating in PVE9 a VM Template for a Debian Trixie Server with Cloud-Init, which I have done in the past for previous Debian versions in PVE8. This is most useful to quickly spin up a Debian server for any purpose.

On August 21, 2025, an influx of traffic directed toward clients hosted in AWS us-east-1 caused severe congestion on links between Cloudflare and us-east-1. In this post, we explain what the failure was, why it occurred, and what we’re doing to make sure this doesn’t happen again.

If you’ve been about VMware Cloud Foundation at all, you’ve likely come across the VCF Planning & Preparation workbook developed and maintained by @cliffcahill and myself, dating as…

In today’s multi-tenant cloud environments, VMware Cloud Foundation Automation (VCFA) offers a robust layered architecture that seamlessly bridges enterprise-grade infrastructure management with de…

After Claude Pro changed to weekly limits, I explored self-hosting Qwen3-Coder-480B with 400k context windows. Here's what I learned about costs, alternatives, and why Claude Code still dominates the landscape.

Tailscale and Grafana Labs partner to provide private connectivity between data sources on tailnets and Grafana Cloud instances.

Fast terminal, state-of-the-art agents, and cloud orchestration for the full software development lifecycle.

Sysxplore explores DevOps, Cloud, and Linux topics in a straightforward way, making complex concepts easy to grasp. Our goal is to deliver technical information and make it enjoyable to learn.

The cloud you own. Hardware, with the software baked in, for running infrastructure at scale.

We finished pulling seven cloud apps, including HEY, out of AWS and onto our own hardware last summer. But it took until the end of that year for all the long-term contract commitments to end, so 2024 has been the first clean year of savings, and we've been pleasantly surprised that they've been even better than originally estimated. F...

Litestream is an open-source, real-time streaming replication tool that lets you safely run SQLite applications on a single node.

Discover how to design tailored multicloud connectivity scenarios with Megaport and Megaport Cloud Router (MCR). From physical layer configurations to cloud-specific connectivity options, explore resilient and scalable architectures that simplify network complexity. Gain insights into HA designs, dual data center strategies, and step-by-step guidance for building a better network.

From bare metal to cloud VMs using Docker, deploy web apps anywhere with zero downtime.

The latest VMware Cloud Foundation (VCF) 9 resources

VMware Cloud Foundation 9 (VCF 9) has been released and with it comes brand new Cloud Management Platform – VCF Automation (VCFA) which supercedes both Aria Automation and VMware Cloud Direct…

Omni est un outil incroyable qui va vous permettre de gérer des machines Talos n'importe où. Laissez-moi vous présenter Omni, et comment l'interfacer avec Kubevirt pour créer des clusters Kubernetes en un claquement de doigts.

Omnissa recently released their Ports and Protocols tool! There are listings for Horizon1, Omnissa Access and UEM at present. Customized lists can be downloaded in Excel and PDF formats. I wanted to see if I could somehow find this information JSON-formatted. The Horizon listing also includes information for App Volumes, Dynamic Environment Manager and Unified Access Gateway. ↩︎

Today we’re excited to release Railpack — the next iteration of the Railway builder, developed from the ground up based on everything we’ve learned from building over 14 million apps with Nixpacks.

We're Rivet, a new open-source, self-hostable serverless platform. We've been in the weeds with SQLite-on-the-server recently and – boy – do we have a lot of thoughts to share. Give us a star on GitHub, we'll be sharing a lot more about SQLite soon!

The article outlines how to automate the deployment and configuration of VMware NSX using Terraform, focusing on components like NSX Manager, Fabric, and Edge Transport Nodes. It details installati…

Oracle is not a very popular cloud hosting service, but they have an unusually attractive free tier offering. You can run the following two VMs for free 24/7:

With the new Broadcom licensing changes related to NSX only the stateless firewall is included in the base VCF/NSX license while statefull firewall needs to be licensed separately. VMware Cloud Dir…

Live Migration of Workloads with VMware HCX: A Customer Story

Introduction Some of you are using NSX for many years already and are aware of the different changes and improvements implemented in the last years. I personally started with NSX in version 2.3 and one of the first important improvements I recognized is “MultiTEP” for edge nodes from type VM. It was released with NSX 2.5 and officially added to the reference design guide.
By the way: The reference design guide is still a great resource to learn the design pricipals for NSX implementaions. This is especially interesting for those who might be new to NSX.

How I connected Kubernetes clusters across 4 countries with my own ASN, BGP peering, and perhaps too many IPsec tunnels

Hola,
Recently, I have made several changes to the AsBuiltReport.Veeam.VBR script, so I will summarize here all the new capabilities added.
Here is the link to the most recent report in HTML format: Report The first change I will discuss is the support for Microsoft Entra ID. In this case the Veeam Backup & Replication (VBR) Powershell module allows extracting the information of the Tenants that are configured in the VBR infrastructure.

Mac's Tech Blog

In a previous post, I covered a method to automatically generate DNS zones from an embedded YAML list.
This wasn't the most useful on its own, only ensuring …

Deploying modern web apps – with all the provisions needed to be fast and secure while easily updateable – has become so hard that many developers don’t dare do it without a PaaS (platform-as-a-service). But that’s ridiculous. Nobody should have to pay orders of magnitude more for basic computing just to make deployment friendly and usable. That’s a job for open source, and Rails 8 is ready to solve it. So it’s with great pleasure that we are now ready with the final version of Rails 8.0, after a successful beta release and several release candidates!

In this new version, we’ve added the “official” support for the newvSphere and vSAN 8.3 APIsand Veeam Backup & Replication v12.

You've been lied to. You don't need the cloud – you can just run servers and save 10x your AWS costs. It's not that difficult.

Bare metal to production ready in mins; imagine fly.io on your VPS
Sidekick is made to make your life easy as you deploy your applications. It’s meant for people who care about shipping as fast as possible while doing things the right way. Sidekick is designed to allow you to host multiple applications on a single VPS and take care of making them production ready. If you get enough traction, scale up your VPS and call it a day!

transhumanist and high functioning loser; instantiated simulation, statically stuck in superposition, calculated computationally complex, technomancer at will

Extension du lab à l ecosystème Xen via XCP-ng et Xen Orchestrator. Installation des solutions et principes de base

Ça fait un moment que j’utilise Github comme support OAuth2 pour m’authentifier sur des applications. Toutefois, je me suis toujours contenté de suivre une documentation sans réellement chercher à comprendre ce qu’il se passait sous mes yeux chaque fois que je voulais m’authentifier.
De ce fait, je me suis motivé à écrire cet article à propos du SSO. L’objectif est de découvrir les mécanismes disponibles pour gérer une grande quantité d’utilisateurs et leurs accès aux applications de l’infrastructure.

After having automated the downloading of bundles for an offline depot in my lab I got the idea of experimenting with hosting it using a containerized nginx instance.

In this post I will demonstrate how one can automate the downloading of VMware Cloud Foundation bundles with Ansible, for later use with the offline depot functionality, which promises to relieve laborious bundle uploads to SDDC Manager.

While I was testing the new Release 8.0.3 from Broadcom, I ran into a few problems getting my nested lab...

Kubernetes doesn't load balance long-lived connections, and some Pods might receive more requests than others. If you're using HTTP/2, gRPC, RSockets, AMQP or any other long-lived connection such as a database connection, you might want to consider client-side load balancing.

Créer une infrastructure VPN hybride avec Headscale pour connecter des serveurs locaux et distants.

Posted:2024-05-25

Découvrons ensemble comment utiliser le GPG pour sécuriser ses échanges (fichiers, mail, commits) et comment stocker ses clés sur une Yubikey pour plus de sécurité !

Golden images were supposed to simplify infrastructure, but many teams still build Linux systems like it's 2009. Let's do it differently.

Inmy previous postI showed how to install automatically a virtual machine with pfSense. The automation I reached was around 90%, as I didn’t know how to automate the installation of the software. Than

Adventures trying to minimise disk usage for servers

In my 2022 December rumination about vCF I delved into how a union between VMware Cloud Foundation and a credential storage solution could make for a powerful combination.

As someone familiar with VMware and vCenter, but coming reasonably fresh to Proxmox Virtual Edition (PVE) there are a number of important differences when …

Vault est un outil de gestion des secrets développé par Hashicorp. Il permet de stocker et de gérer ces derniers de manière sécurisée. Dans cet article, nous allons voir comment utiliser Vault pour gérer les secrets de vos applications.

Slow Rust Builds?
Here are some tips to speed up your compile times.
This list was originally released on my private blo…

J'utilise constamment des machines virtuelles pour tester des scripts, pour héberger des services, pour faire des tests de déploiement, etc. J'ai pour habitude d'utiliser Proxmox dans le cadre de mon lab, et Libvirt au travail.
Depuis peu, j'approfondis mes connaissances sur les clouds publiques comme AWS, GCP, Azure, etc. Et s'il y a bien une chose qui me fascine, c'est la vitesse à laquelle on peut créer une machine virtuelle.
Il m'arrive d'utiliser Cloud-Init pour automatiser la création de mes machines virtuelles ou Packer pour créer des templates de VM, mais nous parlons de quelques minutes (et non de secondes).
C'est en faisant mes recherches sur ce sujet que je suis tombé sur Firecracker, un projet open-source d'AWS qui permet de créer des microVMs en quelques millisecondes (oui oui, millisecondes). Alors, je veux pouvoir créer des machines virtuelles en quelques millisecondes, mais aussi pouvoir les détruire et les recréer à la volée. De ce fait, ces machines virtuelles pourront être utilisées pour des tests, pour des déploiements, pour des services, etc.

Découvrez la sélection de nos derniers travaux. Des projets Cyllene multiples regroupant de nombreux métiers afin de vous offrir une prestation sur-mesure.

Overview VMware recently released full support for Azure Active Directory (now called Entra ID) integration with vCenter with release 8.0 U2. Unfortunately, their documentation about integration had some major gaps, compelling us to write this guide. VMware’s documents initially recommended opening your vCenter server URL to the public (which you should NEVER do). They’ve since...

Sysadmin doing syadmin stuff

Instead of using sshpass to non-interactively provide an SSH password, here is a simpler approach by harnessing the built-in features of OpenSSH...

Prometheus est une solution de supervision créée par Soundcloud en 2012 et open-sourcée en 2015. C'est un incontournable qui se démarque via l'intégration à de nombreux services tiers non supportés nativement.

I want my services to be sturdy, cheap & easy to maintain. I want very few moving parts, and I treat the hardware as disposable and unreliable. Ansible allows me to achieve a lot at very little cost.

Consul Associate est une certification officielle de HashiCorp. Celle-ci permet de valider vos connaissances sur Consul via un examen en ligne. Je vous partage mon expérience dans cet article !

Recently I’ve been looking into setting up BGP EVPN between VMware NSX and VyOS router. I’m using VyOS quite a lot in labs and demos, often as the counterpart to a Tier-0 gateway, and w…

Consul est un outil permettant de gérer des micro-services, de la haute-disponibilité, mais aussi la sécurité et la communication entre les services. Cette page est condensé de ce que j'ai pu apprendre sur le sujet.

Five years of technical blogging followed by six months of active development resulted in an online learning-by-doing platform for DevOps, SRE, and Platform Engineers.

Everyone loves the Cluster API, but there are some cases where it's not the best solution. We chose not to build with it for several reasons.

Want to secure your Proxmox server with a trusted SSL certificate from Let's Encrypt? Check out my post! Includes Home Assistant integration too!

Cert-Manager est un programme permettant de gérer les certificats (ainsi que leurs renouvellements) sur des clusters Kubernetes. Nous allons voir comment déployer Cert-Manager et générer nos premiers certificats

Ce guide vous explique comment configurer un serveur DNS et DHCP en utilisant DNSMASQ. Il couvre l'installation, la configuration du DHCP et du DNS, ainsi que la gestion des baux statiques.

Lorsque nous avons de nombreux serveurs, il convient d'automatiser chacun des déploiements que nous réalisons. Et lorsque la majorité sont sous Debian, ces déploiements peuvent prendre la forme de fichiers .deb. Nous verrons donc sur cette page comment créer notre propre dépôt Debian

A next-generation sharing platform built on top of OpenZiti, a programmable zero-trust network overlay.

Lorsqu'on multiplie les infrastructures (locales, distante etc..), avoir un VPN de Mesh permet de vous faciliter la vie. Nous allons donc installer et configurer Tinc

Historically, we have rarely talked about how our servers fetch
the content from the Internet. In this blog we’re going to cover
this gap. We'll discuss how we manage Cloudflare IP addresses
used to retrieve the data from the Internet, how our egress
network design has evolved, how we optimized it for best use
of available IP space and introduce our soft-anycast technology.

SSH port forwarding explained in a clean and visual way. How to use local and remote port forwarding. What sshd settings may need to be adjusted. How to memorize the right flags.

This is my documentation of how I publish my notes from a private [[Obsidian]] vault to my

The need I went into some troubles when I wanted to implement NSXT rules. My aim was to keep the order of the rules as intended by the user when he wrote his data without asking him to enter a rule ID manually. If the order is kept then it’s easy to prioritize the rules according to their placement. With the NSX-T Terraform provider the rules are in the form below :

Thus far, this series of posts have all been about Layer 2 over Layer 3 models; the customer ethernet frames encapsulated in UDP, traversing L3 networks. The routing has been confined underlay, the customer traffic has stayed within the same network.

Starting today, we are thrilled to announce that you can start building many segregated virtual private networks over Cloudflare Zero Trust, beginning with virtualized connectivity for the connectors Cloudflare WARP and Cloudflare Tunnel

Whiletroubleshooting of a failed SDDC Manager deploy taskin Cloud Foundation 4.4 together with VMware support, the engineer showed a way to update the SDDC bring-up parameters. This can be very helpfu

A technical dive into traditional TCP proxying over HTTP

Traefik est un reverse-proxy qui se démarque des autres par son systeme de provider et de middleware. Il ne réinvente pas la roue, mais il est particulièrement efficace lorsque l'on a un grand nombre de redirections à paramétrer ou que nous avons des règles qui changent régulièrement.

Delivering consistent performance while maintaining data resiliency is a key tenet behind enterprise storage solutions. VMware vSAN is the industry leading distributed storage system built right into VMware vSphere, and is designed to offer the highest level of resiliency and performance, with the maximum amount of agility should hardware faults occur, or demands of the … Continued

In this blog post, I will help you with the set of steps needed to enable MinIO service on a “vSphere with Tanzu” Supervisor cluster. I will not explain about MinIO, feel free to read about MinIO o…

Today at 1651 UTC, we opened an internal incident entitled "Facebook DNS lookup returning SERVFAIL" because we were worried that something was wrong with our DNS resolver 1.1.1.1. But as we were about to post on our public status page we realized something else more serious was going on.

Lorsqu'il s'agit d'initialiser une machine virtuelle dans une infrastructure VMWare vSphere, les systèmes Linux sont le parent pauvre....

Easily create a Proxmox Ubuntu cloud-init image for use with Terraform, Ansible, and other automation tools

Learn how to create a Kubernetes cluster on Azure, Amazon Web Services (AWS) and Google Cloud

Software-Defined Datacenters | NSX-T | NSX-ALB | VMware Cloud Foundation (VCF)

If you have ever tried to troubleshoot an NSX-v Management Appliance or Edge, you probably noticed that you are quite limited in the execution of your controls. That’s because in NSX-v you are standardly limited with most of the time only esxcli, even when you are logged in as admin.

To get past

Todays topic is VMware Cloud Director inter-tenant routing with a NSX-T backed provider VDCs (pVDC). The reason for writing this post is that some use-cases require routed connectivity between Org VDC

A post about a community function contribution to the open source project VMware Event Broker Appliance to notify you if a ESXi host failure occured.

In this post, we will investigate the performance of disk encryption on Linux and explain how we made it at least two times faster for ourselves and our customers!

A rundown of seven common mistakes is system architecture diagrams and how to fix them

Replacing Orange Livebox with another router is widely documented but too kludgy for my taste. I expose a cleaner setup.

Troubleshooting in Kubernetes can be a daunting task. In this article you will learn how to diagnose issues in Pods, Services and Ingress.

If you work with computer networks sooner or later you will have to learn how to efficiently work with IP addresses and networks. As you probably guessed from the title of this post, we'll be learning how to create, modify and perform operations on IP objects using Python. Having to

Monitor CPU, GPU, and storage, clean junk files, check battery health, and keep your Mac fast with Sensei. Free download.

Using CAPV to deploy K8s clusters with vSphere CNS

How to backup and restore K8s applications on vSphere

Step by step guide for using cloud-init on vSphere

Intro
I have been experimenting a lot over the past 18 months with containers and in particular, Kubernetes, and one of the core things I always seemed to get hung up on was part-zero - creating the VMs to actually run K8s. I wanted a CLI only way to build a VM template for the OS and then deploy that to the cluster.
It turns out that with Ubuntu 18.04 LTS (in particular the cloud image OVA) there are a few things need changed from the base install (namely cloud-init) in order to make them play nice with OS Guest Customisation in vCenter.

Checkmk is a leading tool for Infrastructure and Application Monitoring. Simple configuration, scalable, flexible. Open Source and Enterprise.

Introduction Traditionally, Data Centers used lots of Layer 2 links that spanned entire racks, rows, cages, floors, for as far as the eye could see. These...

For ease of configuration, virtual guests are usually connected to a layer 2 network. However, hypervisors can be turned into layer 3 routers...

Linux uses an LPC-trie for looking up routes. It provides good performance with low memory use even with millions of routes.

A short while back I participated in an internal event. A number of priority customers of our internal cloud service were invited for a feedback session, to voice their thoughts, listen to roadmap sessions and just to get to know each other.
There was one comment made there by one of the participants that has been on my mind since then, and it was something along the lines of:
“I have been using AWS longer than I have been using our internal cloud service – that is more than 5 years.