Tag: Monitoring

The Logfile Navigator, lnav for short, is an advanced log file viewer for the small-scale.

Getting error 8007EFE when checking for Windows Updates on your old version of Windows? Legacy Update continues support for Windows XP, Vista, 7, 8.1, etc. where Microsoft left off.

Last April, I wrote a well-received article about the 13 software engineering laws - Hyrum’s, Conway’s, Zawinski’s, and 10 famous others.

Some days I get in bed after a tortuous 4-5 hour session working with Claude or Codex wondering what the heck happened. It's easy to blame the model - there'...

AvSAN stretched clusteris a deployment model where a single vSAN cluster is extended acrosstwo geographically separated data centers, with a third site hosting theWitness Appliance. This architecture

Tu viens de monter un nouveau serveur Linux (un VPS, une VM Proxmox, un Raspberry Pi), SSH est activé, tu t'y connectes avec ton mot de passe, ça marche, affaire classée. Sauf que si ton serveur est exposé sur internet, il se fait scanner en continu par des bots qui

CLI proxy that compresses command outputs for AI coding agents. 60-90% less context pollution. Open source, written in Rust.

Using Grafana Alloy and Docker labels to automatically discover and scrape Prometheus metrics from Docker Compose services.

Complete guide to using NGINX as an API gateway in 2026, covering configuration, load balancing, rate limiting, and the Kubernetes ingress-nginx retirement.

FastAPI framework, high performance, easy to learn, fast to code, ready for production

Step-by-step field note for running OpenCode with LM Studio locally using Qwen3.5 9B and 0.8B, including Telegram bot workflow, local config, and M1 performance tradeoffs.

NixOS : comment j'ai troqué 13 ans de Debian contre un système déclaratif, reproductible et sans mauvaise surprise.

Talk to your infrastructure in plain language, get instant answers, and keep everything on-prem if you want.

A practical workflow for running 4–8 parallel coding agents using Claude Code, tmux, and a Markdown-based feature design system.

How to build a single global queue for distributed systems on object storage: Start with a single file on object storage, then add write batching, a stateless broker, and high-availability.

Zero-touch node patching for Proxmox clusters bygyptazy.

Trial expired and vCenter won’t boot? Learn how to license a standalone ESX 9.0 host using a private license file and esxcli entitlement commands.

The biggest shock of my early career was just how much code I needed to read that others wrote. I had never dealt with this. I had a hard enough time understanding my own code. The idea of understandi

Create and configure Tunnels for public applications, Workers VPC, and Load Balancing without leaving the Core Dashboard — now with native integrations and unified visibility.

Installer Datadog sur un homelab vSphere peut sembler contre-intuitif à cause du coût habituel de la plateforme, mais cela présente des avantages réels en termes de gain de temps et de fonctionnali…

An open-source Windows and Office activator featuring HWID, Ohook, TSforge, and Online KMS activation methods, along with advanced troubleshooting.

Is ProxCenter the vCenter for Proxmox? A deep look at ProxCenter for Proxmox, including DRS, HA, rolling updates, and multi-cluster management.

When you request a certificate from Let’s Encrypt, our servers validate that you control the hostnames in that certificate using ACME challenges. For subscribers who need wildcard certificates or who prefer not to expose infrastructure to the public Internet, the DNS-01 challenge type has long been the only choice. DNS-01 works well. It is widely supported and battle-tested, but it comes with operational costs: DNS propagation delays, recurring DNS updates at renewal time, and automation that often requires distributing DNS credentials throughout your infrastructure.

Comprenez la différence MTU MSS pour éviter la fragmentation réseau. Tutoriel complet : config, tests ping, Jumbo Frames et exemples Kubernetes.

Deploy More Resilient Apps. Hatchet is a platform for building distributed web apps that solves scaling problems like concurrency, fairness, and rate limiting.

Per-component uptime from tagged incidents.

You never have to see comments again if you don't want to.

I recently picked up a Starlink Mini to use as a backup connection for my home network. The underlying technology is fascinating - thousands of satellites in low Earth orbit delivering broadband almost anywhere. With the new £4.50 standby plan, it's an excellent way to keep things online.

If you work with Proxmox clusters long enough, you will likely have a cluster that you need to remove a node from. This is a fairly easy process using...

A modern iperf3 alternative with a live TUI, multi-client server, and QUIC support. Built in Rust. - lance0/xfr

The   /api/private/cli   family is useful, but the “standard”/structured passthrough style (where the CLI maps onto   /api/private/cli/

Author: Nemanja Ilic

VCF Automation (VCFA) provides very easy way to deploy vSphere Kubernets Service (VKS) Clusters in a multitenant environments. This can be done via UI, Kubernetes API or CLI. This is in my opinion …

We built an open-source proxy that adds tenant isolation to Prometheus, Loki, and Tempo by rewriting queries based on user identity.

Contribute to lukilabs/beautiful-mermaid development by creating an account on GitHub.

Walkthrough on how to build and deploy a Telegram bot to Cloudflare Workers. Durable Objects are used for per-person DB and grammY is used to interact with the Telegram API

A gentle introduction to the Pi coding agent and why I think it’s a glimpse into the future of software.

Instant Linux boxes via SSH. Create stock boxes or OCI image-backed VMs. Scale to zero and pay only for what you use.

This guide covers patching the entire VCF 9 platform including all fleet level and domain level components with a full end to end guide

iximiuz Labs founder shares a grounded, hands-on look at agentic coding in a real production codebase: massive speedups, surprising failures, and why domain knowledge still matters most.

GoReplay is a versatile open-source tool designed to capture and replay live HTTP traffic. Perfect for replay production traffic and conducting comprehensive traffic replay testing, it allows you to seamlessly record and replay traffic in staging environments for effective debugging and quality assurance.

A powerful, intuitive Docker platform for everyone. Real-time container management, Compose stacks, Git deployments, and SSO - all free.

Datadog cut off our observability overnight. We migrated to an open Grafana stack in 48 hours. Here’s why vendor lock-in is fading in an AI-native world.

A look at how I used shape vectors to achieve sharp, high-quality ASCII rendering.

Let’s start with a question. What is DevOps all about?

Why zombie instances survive health checks, and what the choice between server-side and client-side load balancing means for how fast your system detects and reacts to failure.

An inspection of Claude Code's network requests, system prompt, and context handling by intercepting real traffic.

A few months ago, users started reporting that Ghostty was consuming absurd
amounts of memory, with one user reporting37 GBafter 10 days of uptime.
Today, I'm happy to saythe fix has been found and me

We usually learn that 1 kilobyte is 1024 bytes, 1 MB is 1024 kilobytes, etc. But is this true or a kilobyte is precisely 1000 bytes?

Protection & more importantly, recovery of VMware Cloud Foundation (VCF) is something I and Ken Gould have worked closely on for a number of years now. Whether it was a VVD based deployment or …

Lessons learned from 14 years of engineering at Google, focusing on what truly matters beyond just writing great code.

CLI agents like Claude Code make self-hosting dramatically easier and actually fun. This is the first time I would recommend it to normal software-literate people.

Harvest a host's real configuration and turn it into Ansible roles/playbooks. Safe-by-default, with optional SOPS encryption.

Running six Claude Code agents in parallel from an iPhone. A cloud VM, Tailscale, mosh, and push notifications enable async development from anywhere.

Last month i shared a screenshot of a single switch validation. 12 tests.

How to reset the thermostat, and CodeRabbit as a case study

When we talk about routing, we often picture routers, firewalls, and network appliances moving traffic across large networks.

How I built MacThrottle, a menu bar app that tells me when my Mac is thermal throttling, and the journey to find the right macOS APIs.

I was chatting with a close friend of mine and he sent me a link to his new SaaS that he's developing.

Découvrez comment déployer un cluster Kubernetes entièrement en IPv6 avec Talos OS.

Learn how to clone PostgreSQL databases instantly using reflinks. Turn slow template copies into milliseconds with PostgreSQL 18's new file copy options.

Let’s relearn web caching together.

In previous blog post here, VMware vCloud Foundation 9 – Licensing Part 1 We talked about registering VCF Operations on the Broadcom Portal and applying licenses to VCF Operations. Let’s conti…

VCF 9 adopts a streamlined, subscription-based licensing model that simplifies management and compliance: Single license file replaces multiple component-specific keys (vCenter, ESXi, NSX, etc.) Li…

What Kabir Writes

I recently ran into a claim: Docker Compose is outdated and K3s is the king for my 1Gb VPS. At the same time, docker-compose.py is effectively deprecated, with Compose now shipped as a built-in docker compose command. That alone is not a problem, but it raised a reasonable question: has the role of Docker Compose actually changed, or is this just noise from the Kubernetes church?

How NSVisualEffectView renders blur effects under the hood, and building a custom material view from scratch using CABackdropLayer.

Master Japanese naturally while watching Netflix, YouTube, and Bilibili. AI-powered tool that turns your streaming time into effective language learning.

I got hacked, my server started mining Monero this morning.

In VCF Operations 9 we introduced a feature called Log Assist which allows you to upload Support Bundles to Broadcom Support from VCF Operations itself. Here's how it works.First, you must Register and License your VCF Operations instance, documentation on how to do that can be found here.Second, you must have a Unified Cloud Proxy deployed in your environment. I covered how to deploy these previously here. Be sure to confirm Log Assist is Activated on your Unified Cloud Proxy.Third, you must

Jose Zarazua

For resource constrained environments, deploying VMware Cloud Foundation (VCF) can take longer, especially when deploying on top of a Nested ESXi configuration. However, the VCF Installer does prov…

Network latency is an important factor when designing a VMware Cloud Foundation (VCF) Fleet and to assist VCF architects in understanding the various latency maximums, we have just published a new …

Recent advancements in Cloudflare Python Workers means fast cold starts, comprehensive package support, and a great developer experience. We explain how they were achieved and show how Python can be used to build serverless applications on Cloudflare.

Learn JavaScript design and performance patterns for building more powerful web applications.

AI-powered open source real-time monitoring system for metrics, logs, alerts, and observability. No agent required.

With a Red Hat Developer Subscription (for Individuals) it’s possible to get Red Hat Enterprise Linux (RHEL) licensing valid for up to 16 systems for a home lab at no cost!

PDM 1.0 atteint le statut GA après une phase de développement d’environ douze mois, ponctuée par des versions alpha et bêta successives. Proxmox Data Center Manager se présente comme une plateforme de gestion unifiée, visant à fournir une alternative aux solutions établies comme vCenter ou Xen Orchestra pour l’administration d’infrastructures virtualisées sous Proxmox VE.

A guide on building a simple Linux distribution from scratch. Detailed guide on building the kernel and the init process. Finally, a little distribution is built with u-root that is capable of connecting to the Internet.

Bun has been acquired by Anthropic. Anthropic is betting on Bun as the infrastructure powering Claude Code, Claude Agent SDK, and future AI coding products & tools.

Today, I will play with the Offline Depot Web Server. There is an official documentation provided by BROADCOM which I followed in general. But there are some details the link does not describe deta…

Django 6.0 introduces a built-in background tasks framework in `django.tasks`. But don't expect to phase out Celery, Huey or other preferred solutions just yet.

An exploration of DNS and Name-to-IP translation. This deep dive explores NSS, getaddrinfo, systemd-resolved and more!

Cloudflare suffered a service outage on November 18, 2025. The outage was triggered by a bug in generation logic for a Bot Management feature file causing many Cloudflare services to be affected.

The Grafana Stack can be an incredible powerful monitoring solution, but through my experience I found out how maintenance intensive it is and how uncertain the…

💚 Secure remote browsing anywhere. . Contribute to BrowserBox/BrowserBox development by creating an account on GitHub.

We saved 76% on our cloud bills while tripling our capacity by migrating to Hetzner from AWS and DigitalOcean. Digital Society is a not-for-profit cooperative helping you get your projects off the ground and realise the value of your data.

Phase 3: Role AssignmentAssign the service roles in vCenterAssign the service roles in NSXAssign the service roles in VCF OperationsAssign the service roles in VCF AutomationAssign the service role…

Visualize your API endpoints and explore them interactively, also support Django ninja & Litestar - allmonday/fastapi-voyager

Update - February 23, 2026 After some great feedback from the YouTube community, here's a list of additional tips and troubleshooting steps for those still experiencing issues: VMware Workstation Specific Ensure Open VM Tools is installed and running Keep the VM in full screen mode and the mouse focused Set the resolution lower than the

When users log in to a vCenter Server to manage roles and permissions within a VMware Cloud Foundation (VCF) 9.0 environment, they may notice several accounts that already have vSphere permissions …

Data API Framework for AI Agents and Data Apps

Screego - open source screen sharing for developers

screen sharing for developers https://screego.net/ - screego/server

Some of my favorite tidbits from the past year of working with Go.

As all developers, I’ve been using git since the dawn of time, since its commands were an inscrutable jumble of ill-fitting incantations, and it has remained this way until today.
Needless to say, I j

How to start really getting Ruby, especially blocks.

Anthropic this morning introduced Claude Skills, a new pattern for making new abilities available to their models: Claude can now use Skills to improve how it performs specific tasks. Skills …

Cloudflare investigated CPU performance benchmark results for Workers, uncovering and fixing issues in infrastructure, V8 garbage collection, and OpenNext optimizations. These improvements have made Cloudflare Workers faster for all customers.

Multipath TCP (MPTCP) for Linux, an extension to TCP that enhances connection redundancy and performance by utilizing multiple underlying TCP sessions simultaneously. This site provides installation guides, debugging tools, FAQs, and a list of apps supporting MPTCP, aimed at facilitating the adoption and implementation of MPTCP for Linux users and developers.

Kuvasz is an open-source, self-hosted uptime monitoring solution that provides comprehensive monitoring capabilities for websites and services.

Distributed monitoring ting. Contribute to rippleFCL/meshmon development by creating an account on GitHub.

Lightweight server monitoring with historical data, Docker stats, and alerts.

I recently shipped anon-trivial Ghostty feature (unobtrusive macOS automatic updates)that waslargelydeveloped with AI.

Most organizations rely on a single Identity Provider (IdP) such as Symantec VIP AuthHub, Okta, Microsoft Entra ID, or PingFederate to provide common identity and access management. However, for so…

Simple and efficient cron job monitoring. Get instant alerts when your cron jobs, background workers, scheduled tasks don't run on time.

An hour after celebrating a successful validation in the VCF 9.0 installer and getting ready for real deployment testing (which I made a short LinkedIn post about yesterday), things went sideways. …

Ideas grow better together

Fast, Python-based infrastructure automation. Deploy to SSH servers, Docker, and local machines. 10x faster than Ansible.

Free endpoint monitoring. One-click deployment. Contribute to WCY-dt/ponghub development by creating an account on GitHub.

Capture your web app's complete development timeline for AI debugging. Unified logs, browser events, and automatic screenshots.

Contribute to poulpreben/keycloak-to-vcf-scim development by creating an account on GitHub.

Over two years ago, inone of my first public talks about Ghostty,
I shared my vision forlibghostty: an embeddable library for any application
to embed their own fully functional, modern, and fast term

License management for both VMware vSphere Foundation (VVF) and VMware Cloud Foundation (VCF) 9.0 is now handled by VCF Operations, which supports keyless entitlement in both Connected and Disconne…

Akvorado 2.0 is out! It introduces a major architectural change with a new outlet service, as well as smaller changes detailed in this post.

News about asciinema development and new releases

Release notes for Ghostty 1.2.0, released on September 15, 2025.

A brief guide to upgrading from VCF5.X to VCF9 on a brownfield site.

The Intel 285K CPU in my high-end 2025 Linux PC died again! 😡 Notably, this was the replacement CPU for the original 285K that died in March, and after reading through the reviews of Intel CPUs on my electronics store of choice, many of which (!) mention CPU replacements, I am getting the impression that Intel’s current CPUs just are not stable 😞. Therefore, I am giving up on Intel for the coming years and have bought an AMD Ryzen 9950X3D CPU instead.

WinBoat lets you run any Windows application on Linux with seamless desktop integration. Elegant interface, automated installs, filesystem integration, and native OS-level windows.

Getting Started

Warning: Contains tongue-in-cheek language that might feel provocative if you have invested part of your identity into y…

“It’s always DNS” is a famous meme among network people. Name resolution is technically quite simple. It’s “just” translating a hostname like jan.wildeboer.net to an IP address. What could possibly go wrong? I am a radical optimist and detail-obsessed knowledge collector, so I decided to find out. As part of my goal to make my home network a little island of Digital Sovereignty, meaning that everything at home should JustWork™, even with no working internet connection, a DNS server is needed.

A powerful, real-time log analysis terminal UI inspired by k9s. Analyze log streams with beautiful charts, AI-powered insights, and advanced filtering.

Modern terminal HTTP/TCP latency monitoring tool with real-time visualization. Thinkhttpingmeets modern CLI design with rich terminal UI, phase timing, and advanced analytics.

Master runit Linux init system with comprehensive guide covering installation, configuration, service supervision, and practical examples for efficient system management.

Go’s interfaces are very funny. Rather than being explicitly implemented, like
in Java or Rust, they are simply a collection of methods (a “method set”) that
the concrete type musthappento have. This

Real-time monitoring for Proxmox, Docker, and Kubernetes with AI-powered insights, smart alerts, and a beautiful unified dashboard - rcourtman/Pulse

Just wanted to share my (successful) procedure for creating in PVE9 a VM Template for a Debian Trixie Server with Cloud-Init, which I have done in the past for previous Debian versions in PVE8. This is most useful to quickly spin up a Debian server for any purpose.

On August 21, 2025, an influx of traffic directed toward clients hosted in AWS us-east-1 caused severe congestion on links between Cloudflare and us-east-1. In this post, we explain what the failure was, why it occurred, and what we’re doing to make sure this doesn’t happen again.

This was a tough decision, having used Gmail since 2007/2008. However, I had to draw the line and stop giving Google my data for free.
The problem with email is …

Note:`libasound2-dev`system library is required to be installed for Sampler to
play thetriggersound. Usually this library is in
place, but if not - you can install it with your

In this article I will walk you through how to install Proxmox Backup Server (PBS) 4.0 inside of a VM running on Proxmox 9.0.

This post describes how to configure Avi Load Balancer in front of of VCF Automation (VCFA) to provide more secure access to the cloud service. Usage of Avi Load Balancer for tenant IaaS services i…

If you’ve been about VMware Cloud Foundation at all, you’ve likely come across the VCF Planning & Preparation workbook developed and maintained by @cliffcahill and myself, dating as…

An evolving how-to guide for securing a Linux server. - imthenachoman/How-To-Secure-A-Linux-Server

Kener is a free, open-source status page and uptime monitor. Deploy with Docker in under 2 minutes. Track 11 service types, manage incidents, schedule maintenance, and notify subscribers — all from one platform.

After 15 years on macOS, I made the leap to Arch Linux using Omarchy. Here's what I discovered about the trade-offs, workflow changes, and why shorter battery life and fan noise haven't sent me back to my MacBook.

The monitoring and analysis of a complex data center can be much easier with the right tools. The right tool for VMware Cloud Foundation (VCF) is VCF Operations. It gathers the extraordinary amount of metrics generated within the environment, and distills it down into meaningful and actionable information for your optimization, troubleshooting, and planning efforts. … Continued

The visual policy editor gives you a tabular view of each section of your policy file, and allows you to add, edit, and delete individual policy entries using visual forms.

On a few occasions, I have noticed that after the initial deployment of VMware Cloud Foundation (VCF) 9.0 that also includes VCF Automation (VCFA), the VCFA VM can experience a sustained CPU usage …

Free, self-hosted customer support platform with shared inbox, automation, and team collaboration. Deploy with a single binary.

Stop vibe-coding blindly! Why reading AI-generated code is crucial in 2025. Avoid security flaws, architectural decay, and knowledge loss when using Claude Code or any other tool.

I recently deployed the latest release of VMware Data Services Manager (DSM) 9.0 in my VMware Cloud Foundation (VCF) 9.0 lab to explore the new integration with VCF Automation (VCFA), allowing orga…

Observable Frameworkis anopen-sourcestatic site generator for data apps, dashboards, reports, and more. Framework includes a preview server for local development, and a command-line interface for auto

In the latest release of D2 (0.7.1), we introduce ASCII outputs.

With the improvements of VCF Automation 9 it now includes a new model which supports developer consumer use cases. In context of the tenancy architecture, it provides 2 different types of organizations: VM-Apps-OrgAn organization which is almost identical to what is known from 8.x versions of Aria Automation. Its main purpose is to support VM-based… Read More »

VCF 9 services like VCF Operations now use token based service accounts to connect and integrate to VCF Automation aka VCFA. The use of token based service accounts is not limited to VCF 9 services…

It is wild to think that it has been only a handful of weeks.
Claude Code has considerably changed my relationship to writing and maintaining code at scale. I still write code at the same level of quality, but I feel like I have a new freedom of expression which is hard to fully articulate.
Claude Code has decoupled myself from writing every line of code, I still consider myself fully responsible for everything I ship to Puzzmo, but the ability to instantly create a whole scene instead of going line by line, word by word is incredibly powerful.

I have been exploring some new tools here and there. When I started watching Primeagen, I took a note of several tools that he was using and advocating for. One of them was tmux.
What is tmux? tmux is a terminal multiplexer. What that means is you can have many terminals in one. According to tmux wiki:
tmux is a program which runs in a terminal and allows multiple other terminal programs to be run inside it. Each program inside tmux gets its own terminal managed by tmux, which can be accessed from the single terminal where tmux is running - this called multiplexing and tmux is a terminal multiplexer.

Tailscale and Grafana Labs partner to provide private connectivity between data sources on tailnets and Grafana Cloud instances.

The anatomy of UNC3944's vSphere-centric attacks, and a fortified, multi-pillar defense strategy required for mitigation.

Hatching...
Cursor Shenanigans

Cursor, my beloved, started rate limiting shenanigans a few days back. For a good 2 w...

I’ve started writing more Python code lately (because of… AI, you know). In this post, I share the tools, libraries, configs, and other integrations I use for building production-grade Python applications following a frontend-backend architecture.

On July 14th, 2025, Cloudflare made a change to our service topologies that caused an outage for 1.1.1.1 on the edge, resulting in downtime for 62 minutes for customers using the 1.1.1.1 public DNS Resolver as well as intermittent degradation of service for Gateway DNS.

In the DSM 9.0 Release Notes, the following item about metrics is listed in the What’s New section: You can use the VMware Data Services Manager API to publish PostgreSQL and MySQL metrics to VMware Cloud Foundation 9.0 (VCF) Operations and Prometheus [..] enabling better visibility, alerting, and performance management for all databases that VMware Data Services manages. In this post, I will show how to configure DSM 9.0 to send Postgres and MySQL database metrics to VCF 9.0 Operations. While this process is rather manual in VCF 9.0, we plan to significantly improve this overall experience for users going forward.…

Octelium is a unified zero trust architecture (ZTA) that is built to be generic enough to operate as a zero-config remote access VPN, a Zero Trust Network…

tail -f your gmail. Contribute to c4pt0r/gmailtail development by creating an account on GitHub.

Powerful SSL certificate management system with multi-DNS provider support and REST API

From the Zed Blog: A tool that predicts your next move. Powered by Zeta, our new open-source, open-data language model.

Discover 850M+ contacts with real-time verified emails, mobile numbers, and more. Trusted by 500k+ GTM professionals. Get started for free.

Fast terminal, state-of-the-art agents, and cloud orchestration for the full software development lifecycle.

A step-by-step guide to configuring a vSAN ESA over RDMA cluster and a troubleshooting methodology.

Xe Iaso's personal website.

How I built a seven-figure business with Rails

The volunteer-built media solution that puts you in control of your media. Stream to any device from your own server, with no strings attached.

Simple. Powerful. Fast. Pick three. Release 25.5.0( What’s new?) structlog is the production-ready logging solution for Python: Simple: Everything is about functions that take and return dictionari...

Whether you want to gather statistics, or you need to inspect more in depth what's going on in your network, Sniffnet will get you covered.

Should I block ICMP

Guide by Example. Contribute to DoTheEvo/selfhosted-apps-docker development by creating an account on GitHub.

The horizontal scaling layer for PostgreSQL, deployed as a simple proxy.Load balance queries and shard databases, without application changes.

The pitch of modern SaaS is "don't reinvent the wheel." But every wheel you bolt on comes with some friction.

Proxyman is a native, high-performance HTTP debugging proxy app for macOS, iOS, Windows, and Linux. Capture, inspect, and mock HTTP/HTTPS requests with ease. The best Charles Proxy and Fiddler alternative for developers.

Network-wide Ad Blocking

We finished pulling seven cloud apps, including HEY, out of AWS and onto our own hardware last summer. But it took until the end of that year for all the long-term contract commitments to end, so 2024 has been the first clean year of savings, and we've been pleasantly surprised that they've been even better than originally estimated. F...

A quick guide on how to set up OPCache and fine-tune PHP-FPM.

Real-time infrastructure monitoring with per-second metrics, ML anomaly detection, and AI troubleshooting. Open source, #1 on GitHub. Cut MTTR by 80%.

Litestream is an open-source, real-time streaming replication tool that lets you safely run SQLite applications on a single node.

A self-hosted bookmarking service that is designed to be minimal, fast and easy to set up.

A web extension that redirects YouTube, Twitter, Instagram, etc. requests to alternative privacy-friendly frontends

Visualize, analyze and improve your email authentication setup

Kubetail is a real-time logging dashboard for Kubernetes. View container logs in a terminal or a browser. Run anywhere - desktop, cluster, docker.

An experience report from using Jujutsu at work.

A satellite project of labs.iximiuz.com - an indie learning platform to master Linux, Containers, and Kubernetes the hands-on way 🚀

Learn how to build an Anycast network to optimize global traffic routing. Explore how to efficiently direct requests to the best server, regardless of location.

Secure access / PAM for your internal SSH, HTTPS, MySQL, Postgres and Kubernetes servers with SSO and RBAC.

Anthropic publish most of the system prompts for their chat models as part of their release notes. They recently shared the new prompts for both Claude Opus 4 and Claude …

GitHub issues is almost the best notebook in the world. Free and unlimited, for both public and private notes. Comprehensive Markdown support, including syntax highlighting for almost any language. Plus …

The easiest way to run WireGuard VPN + Web-based Admin UI. - wg-easy/wg-easy

A syntax highter for diffs, clarifying which parts of lines have changed - walles/riff

Interactive Streaming Telemetry lab with Nokia SR Linux nodes forming a Clos topology - srl-labs/srl-telemetry-lab

Contribute to srl-labs/clab-api-server development by creating an account on GitHub.

macOS system monitor in your menu bar. Contribute to exelban/stats development by creating an account on GitHub.

A secure WireGuard VPN management system with invitation-based registration, multi-device support, QR code setup, and admin tools. Built with Next.js 15. - arashvakil/LeiaGuard

Django Ninja - Django REST framework with high performance, easy to learn, fast to code.

Genuine News About the Data Ecosystem

Caddy is a powerful, enterprise-ready, open source web server with automatic HTTPS written in Go

AI SRE and MCP server, incident management, on-call, logs, metrics, traces, and error tracking. 7,000+ happy customers. 60-day money back guarantee.

For everything that happens after you deploy. Antimetal is the AI platform to better understand, manage, and automate your infrastructure.

I’m delighted to announce that Sniffnet v1.4 is finally available! This major release brings a bunch of improvements and fixes, making Sniffnet more powerful and reliable than ever before. One of the most exciting new features is the ability to process network data from PCAP files in addition to network...

DSM is providing is the DBaaS solution for VCF. In this post, I will attempt to highlight the overall benefits of DSM. I will do this for three different personas; the VI Admin, the DBA and the end-user/developer.

I spent a month repeatedly building my website in Docker, and now have horrors to share.

Dans cet article, j’expose 3 problèmes que j’ai rencontré dans ma carrière avec le DNS sur Kubernetes. Le 3eme est d’ailleurs un bug non corrigé à ce jour sur kube-proxy en mode iptables, et impacte n

Having the latest compatible software for one’s NVIDIA vGPU investment should be a priority. New features are added all the time, or there may be security enhancements. In this post I’ll demonstrate a new PowerShell module I’ve built that employs the NVIDIA License System (NLS) API to be able to list and download vGPU software like drivers or the NVIDIA Delegated License Service (DLS).

Securely connect to anything on the internet with Tailscale. Built on WireGuard®️, Tailscale enables you to make finely configurable connections, secured end-to-end according to zero trust principles, between any resources on any infrastructure.

How to get generated passwords via Fleet Management API, and login to Automation appliance via SSH

The power of Zig's comptime code execution

How a simple terminal trick helps me manage multiple Claude Code instances without losing my mind (or my terminal tabs)

Recently I’ve been working on a pretty big rust project and to my surprise Icouldn’t get tests to work properly.

I run Claude Code with --dangerously-skip-permissions flag, giving it full system access. Let me show you a new way of approaching computers.

Hey! I'm a student and professional bug-creator. I like to explore new stuff, and share my experiences on this blog!

J.HOMMET.NET - Humain analogue dans un monde numérique.

When you read my blog articles and stuff – you may get the idea that everything I do – just happens to be right and that I succeed at every attempt. This article is here to remind you t…

After having spent the better part of 2 weeks learning Linux’s cgroup (control group) concept, I thought I better write this down for the next brave soul. 🦸

An honest look at why Nix's complex but powerful approach to package management and reproducible environments is worth considering.

In this post, I demonstrate the optimal workflow for creating new Debian packages in 2025, preserving the upstream Git history. The motivation for this is to lower the barrier for sharing improvements to and from upstream, and to improve software provenance and supply-chain security by making it easy to inspect every change at any level using standard Git tooling.\nKey elements of this workflow include:\nUsing a Git fork/clone of the upstream repository as the starting point for creating Debian packaging repositories. Consistent use of the same git-buildpackage commands, with all package-specific options in gbp.conf. DEP-14 tag and branch names for an optimal Git packaging repository structure. Pristine-tar and upstream signatures for supply-chain security. Use of Files-Excluded in the debian/copyright file to filter out unwanted files in Debian. Patch queues to easily rebase and cherry-pick changes across Debian and upstream branches. Efficient use of Salsa, Debian’s GitLab instance, for both automated feedback from CI systems and human feedback from peer reviews. To make the instructions so concrete that anyone can repeat all the steps themselves on a real package, I demonstrate the steps by packaging the command-line tool Entr. It is written in C, has very few dependencies, and its final Debian source package structure is simple, yet exemplifies all the important parts that go into a complete Debian package:\n

IPv4 is expensive, and moving network resources around is hard. Previously, when customers wanted to use multiple Cloudflare services, they had to bring a new address range. Now, they can use their resources more efficiently, saving space and reducing operational costs.

Lately I’ve been trying to find (and understand) the limits of time syncing between Linux systems. How accurate can you get? What does it take to get that? And what things can easily add measurable amounts of time error?
After most of a month (!), I’m starting to understand things. This is kind of a follow-on to a previous post, where I walked through my setup and goals, plus another post where I discussed time syncing in general. I’m trying to get the clocks on a bunch of Linux systems on my network synced as closely as possible so I can trust the timestamps on distributed tracing records that occur on different systems. My local network round-trip times are in the 20–30 microsecond (μs) range and I’d like clocks to be less than 1 RTT apart from each other. Ideally, they’d be within 1 μs, but 10 μs is fine.
It’s easy to fire up Chrony against a local GPSTechnically, GNSS, which covers multiple satellite-backed navigation systems, not just the US GPS system, but I’m going to keep saying “GPS” for short.
-backed time source and see it claim to be within X nanoseconds of GPS, but it’s tricky to figure out if Chrony is right or not. Especially once it’s claiming to be more accurate than the network’s round-trip time20 μs or so.
, the amount of time needed for a single CPU cache miss50-ish nanoseconds.
, or even the amount of time that light would take to span the gap between the server and the time source.About 5 ns per meter.
I’ve spent way too much time over the past month digging into time, and specifically the limits of what you can accomplish with Linux, Chrony, and GPS. I’ll walk through all of that here eventually, but let me spoil the conclusion and give some limits:
GPSes don’t return perfect time. I routinely see up to 200 ns differences between the 3 GPSes on my desk when viewing their output on an oscilloscope. The time gap between the 3 sources varies every second, and it’s rare to see all three within 20 ns of each other. Even the best GPS timing modules that I’ve seen list ~5 ns of jitter on their datasheets. I’d be surprised if you could get 3-5 GPS receivers to agree within 50 ns or so without careful management of consistent antenna cable length, etc. Even small amounts of network complexity can easily add 200-300 ns of systemic error to your measurements. Different NICs and their drivers vary widely on how good they are for sub-microsecond timing. From what I’ve seen, Intel E810 NICs are great, Intel X710s are very good, Mellanox ConnectX-5 are okay, Mellanox ConnectX-3 and ConnectX-4 are borderline, and everything from Realtek is questionable. A lot of Linux systems are terrible at low-latency work. There are a lot of causes for this, but one of the biggest is random “stalls” due to the system’s SMBIOS running to handle power management or other activities, and “pausing” the observable computer for hundreds of microseconds or longer. In general, there’s no good way to know if a given system (especially cheap systems) will be good or bad for timing without testing them. I have two cheap mini PC systems that have inexplicably bad time syncing behavior,1300-2000 ns.
and two others with inexplicably good time syncing20-50 ns
. Dedicated server hardware is generally more consistent. All in all, I’m able to sync clocks to within 500 ns or so on the bulk of the systems on my network. That’s good enough for my purposes, but it’s not as good as I’d expected to see.

For the past couple years, I have transported my 'working set' of video and project data to and from work on an external Thunderbolt NVMe SSD.
But it's always been slow when I do the sync. In a typical day, I may generate a new project folder with 500-1000 individual files, and dozens of them may be 1-10 GB in size.
The Thunderbolt drive I had was capable of well over 5 GB/sec, and my 10 Gbps network connection is capable of 1 GB/sec. I even upgraded my Thunderbolt drive to Thunderbolt 5 lately... though that was not the bottleneck.

Manage your data science projects effectively with loguru. Track stages and control logging levels with ease.

Burstable VMs run on a fraction of CPU and burst to a higher level of CPU usage to support occasional usage spikes. To implement them, we leveraged Control Groups v2 (cgroups v2), a Linux kernel feature that helps manage resource usage. We thought our open-source implementation of burstable VMs might be interesting enough to write about. We also learned a lot about Linux cgroups in the process!

How to use AI coding assistants without letting your hard-earned engineering skills wither away.

Minimalist doesn't mean Talos isn't extensible. Let's dive into the topic of extensions to customize and adapt it to our needs.

Dave Peck's home on the web. Dave is an independent software developer, investor, and civic technologist.

Not sure when it happened, but I have been binging self-hosted identity providers like Netflix shows, this season features Authentik, KeyCloak, Synology SSO and Pocket ID. To add to my collection, …

Omni est un outil incroyable qui va vous permettre de gérer des machines Talos n'importe où. Laissez-moi vous présenter Omni, et comment l'interfacer avec Kubevirt pour créer des clusters Kubernetes en un claquement de doigts.

SDDC Manager oprations may not be allowed due to System Lock held by Password Manager operation in progress. A password rotation task may have failed on individual components for various reasons. S…

We all love Python’s comprehensive standard library, but let’s face it – PyPI’s wealth of packages often becomes essential. Sharing single-file, self-contained Python scripts that rely on these external tools can be a headache. Historically, we’ve relied on requirements.txt or full-fledged package managers such as Poetry or pipenv, which can be overkill for simple scripts and intimidating for newcomers. But what if there was a simpler way? That’s where uv and PEP 723 come in. This article delves into how uv harnesses PEP 723 to embed dependencies directly within scripts, making distribution and execution extremely easy.

Omnissa recently released their Ports and Protocols tool! There are listings for Horizon1, Omnissa Access and UEM at present. Customized lists can be downloaded in Excel and PDF formats. I wanted to see if I could somehow find this information JSON-formatted. The Horizon listing also includes information for App Volumes, Dynamic Environment Manager and Unified Access Gateway. ↩︎

Take an interactive journey through the history of IO devices, and learn how IO device latency affects performance.

Explore essential homelab services for 2025 including Plex, Jellyfin, the *arr stack, Immich, Home Assistant, Pi-hole, Grafana, and more.

Today we’re excited to release Railpack — the next iteration of the Railway builder, developed from the ground up based on everything we’ve learned from building over 14 million apps with Nixpacks.

vCenter Server ships out of the box a number of system and custom roles, which can be used or users can create their own custom roles containing the required privileges. If you wanted to understand…

Introduction to the deploy.sh Script The deploy.sh script is a fundamental tool in the VMware Aria Automation ecosystem (formerly vRealize Automation), responsible for deploying, configuring, and managing all components of this advanced environment. Located in the /opt/scripts/ directory on the Aria Automation virtual machine, it serves as the central orchestration point for the entire system....

I want to write a post about Pitchfork, explaining where it comes from, why it is like it is, and how I see its future. But before I can get to that, I think I need to share my mental model on a few things, in this case, HTTP/2.

Much of what I do, in multiple fields, could be reduced to one skill: troubleshooting.

post Philosophy My overarching goals with writing notes are 2 fold: To help me think clearly To serve as a personal knowledge base I can reference later One of the great things about Obsidian is how it’s infinitely customizable.

We're Rivet, a new open-source, self-hostable serverless platform. We've been in the weeds with SQLite-on-the-server recently and – boy – do we have a lot of thoughts to share. Give us a star on GitHub, we'll be sharing a lot more about SQLite soon!

GitHub Actions suggests using code like echo ... >> $GITHUB_ENV, but echo ... | tee -a $GITHUB_ENV is often better.

An opinion on the trend of content creators promoting Tmux and Zellij for desktop environments – and why these setups may miss the point.

Migrate VMware to Proxmox for free using Veeam Community Edition. The steps are easy and quick for VMware to Proxmox migration

Lors d’une nouvelle installation de NSX Intelligence (ou plutôt Security Intelligence maintenant), j’ai rencontré un petit problème inattendu !

Super quick one I want to document here! I got myself on a side quest,
again! No biggie, my ZSH shell was taking ages to load. When I say
ag...

Exploring how to break up a system architecture diagram to make it more readable and informative

The ABC analysed 29 million stolen codes to help you avoid using an insecure one.

Build reproducibility is often considered as a de facto feature provided by functional package managers like Nix. Although the functional package manager model...

My tools and how I use them.

While answering a recent question on the VMware Reddit Community, I came to learn about Authentik, an open source identity provider (IdP), which is pretty feature rich and best of all, you can self…

In light of the above tweet, and Ned Beauman'sHow ‘Factorio’ seduced Silicon Valley — and me(permalink),
I wanted to approximate the magnitude of damage you could inflict with a Mass Steam Gifti

An opinionated list of CLI/TUI applications for developer productivity.

Change your tools and change your life in 2025.

Some of the interesting and insane facts I learned about SQLite

How I connected Kubernetes clusters across 4 countries with my own ASN, BGP peering, and perhaps too many IPsec tunnels

Don't forget to uv self update before trying those

Hola,
Recently, I have made several changes to the AsBuiltReport.Veeam.VBR script, so I will summarize here all the new capabilities added.
Here is the link to the most recent report in HTML format: Report The first change I will discuss is the support for Microsoft Entra ID. In this case the Veeam Backup & Replication (VBR) Powershell module allows extracting the information of the Tenants that are configured in the VBR infrastructure.

Deploying modern web apps – with all the provisions needed to be fast and secure while easily updateable – has become so hard that many developers don’t dare do it without a PaaS (platform-as-a-service). But that’s ridiculous. Nobody should have to pay orders of magnitude more for basic computing just to make deployment friendly and usable. That’s a job for open source, and Rails 8 is ready to solve it. So it’s with great pleasure that we are now ready with the final version of Rails 8.0, after a successful beta release and several release candidates!

Let's walk through a common scenario.

Sample Dashboard Designs to review first thing in the morning while drinking your Coffee or Energy Drink.

In this new version, we’ve added the “official” support for the newvSphere and vSAN 8.3 APIsand Veeam Backup & Replication v12.

transhumanist and high functioning loser; instantiated simulation, statically stuck in superposition, calculated computationally complex, technomancer at will

Hola,
Today I am going to share the improvements I have made to the Veeam Backup & Replication infrastructure diagramming tool. This tool uses Graphviz as the engine to draw the diagram and the PSGraph module to generate the code from PowerShell. Here is the link to the project on GitHub:
https://github.com/rebelinux/Veeam.Diagrammer In version 0.6.8 information about SureBackup was added to the infrastructure diagram. In particular, the ability to diagram Application Groups and Virtual Labs has been added.

Extension du lab à l ecosystème Xen via XCP-ng et Xen Orchestrator. Installation des solutions et principes de base

While I was testing the new Release 8.0.3 from Broadcom, I ran into a few problems getting my nested lab...

Kubernetes doesn't load balance long-lived connections, and some Pods might receive more requests than others. If you're using HTTP/2, gRPC, RSockets, AMQP or any other long-lived connection such as a database connection, you might want to consider client-side load balancing.

Posted:2024-05-25

Smudge.ai is a Chrome extension that gives you ChatGPT-powered shortcuts in your right-click menu.

Adventures trying to minimise disk usage for servers

Dans cet article, je vous donne une première définition de ce qu'est le GitOps et comment le mettre en place avec ArgoCD dans un environnement Kubernetes.

In my 2022 December rumination about vCF I delved into how a union between VMware Cloud Foundation and a credential storage solution could make for a powerful combination.

After a homelab crash, the VCSA file-based backup isn't working anymore. In this post I'm describing how I was able to get the VMware Postgres Archiver service back into operating state by interfere with vCenters vPostgres instance.

Slow Rust Builds?
Here are some tips to speed up your compile times.
This list was originally released on my private blo…

Prometheus est une solution de supervision créée par Soundcloud en 2012 et open-sourcée en 2015. C'est un incontournable qui se démarque via l'intégration à de nombreux services tiers non supportés nativement.

Terraform Associate est une certification officielle de HashiCorp. Celle-ci permet de valider vos connaissances sur Terraform via un examen en ligne. Je vous partage mon expérience dans cet article !

Consul est un outil permettant de gérer des micro-services, de la haute-disponibilité, mais aussi la sécurité et la communication entre les services. Cette page est condensé de ce que j'ai pu apprendre sur le sujet.

Five years of technical blogging followed by six months of active development resulted in an online learning-by-doing platform for DevOps, SRE, and Platform Engineers.

New talk: Learning DNS in 10 years

Want to secure your Proxmox server with a trusted SSL certificate from Let's Encrypt? Check out my post! Includes Home Assistant integration too!

Exploring the balance between relying on AI assistance like ChatGPT and maintaining personal skills in a world of increasing AI capabilities.

Cert-Manager est un programme permettant de gérer les certificats (ainsi que leurs renouvellements) sur des clusters Kubernetes. Nous allons voir comment déployer Cert-Manager et générer nos premiers certificats

Ce guide vous explique comment configurer un serveur DNS et DHCP en utilisant DNSMASQ. Il couvre l'installation, la configuration du DHCP et du DNS, ainsi que la gestion des baux statiques.

Lorsque nous avons de nombreux serveurs, il convient d'automatiser chacun des déploiements que nous réalisons. Et lorsque la majorité sont sous Debian, ces déploiements peuvent prendre la forme de fichiers .deb. Nous verrons donc sur cette page comment créer notre propre dépôt Debian

This is my documentation of how I publish my notes from a private [[Obsidian]] vault to my

Whiletroubleshooting of a failed SDDC Manager deploy taskin Cloud Foundation 4.4 together with VMware support, the engineer showed a way to update the SDDC bring-up parameters. This can be very helpfu

Traefik est un reverse-proxy qui se démarque des autres par son systeme de provider et de middleware. Il ne réinvente pas la roue, mais il est particulièrement efficace lorsque l'on a un grand nombre de redirections à paramétrer ou que nous avons des règles qui changent régulièrement.

Delivering consistent performance while maintaining data resiliency is a key tenet behind enterprise storage solutions. VMware vSAN is the industry leading distributed storage system built right into VMware vSphere, and is designed to offer the highest level of resiliency and performance, with the maximum amount of agility should hardware faults occur, or demands of the … Continued

In this blog post, I will help you with the set of steps needed to enable MinIO service on a “vSphere with Tanzu” Supervisor cluster. I will not explain about MinIO, feel free to read about MinIO o…

Today at 1651 UTC, we opened an internal incident entitled "Facebook DNS lookup returning SERVFAIL" because we were worried that something was wrong with our DNS resolver 1.1.1.1. But as we were about to post on our public status page we realized something else more serious was going on.

Lorsqu'il s'agit d'initialiser une machine virtuelle dans une infrastructure VMWare vSphere, les systèmes Linux sont le parent pauvre....

Applying DevOps to networks.

Software-Defined Datacenters | NSX-T | NSX-ALB | VMware Cloud Foundation (VCF)

This tutorial details how to add social auth to a Flask application.

If you have ever tried to troubleshoot an NSX-v Management Appliance or Edge, you probably noticed that you are quite limited in the execution of your controls. That’s because in NSX-v you are standardly limited with most of the time only esxcli, even when you are logged in as admin.

To get past

Find the right requests and limits can be tricky. Instead of guessing, you could inspect the application at runtime and extrapolate the values.

A post about a community function contribution to the open source project VMware Event Broker Appliance to notify you if a ESXi host failure occured.

Docker vous permet d’empaqueter facilement vos applications et services dans des conteneurs afin de pouvoir les utiliser partout. Cependant, lorsque vous tra…

A rundown of seven common mistakes is system architecture diagrams and how to fix them

Troubleshooting in Kubernetes can be a daunting task. In this article you will learn how to diagnose issues in Pods, Services and Ingress.

If you work with computer networks sooner or later you will have to learn how to efficiently work with IP addresses and networks. As you probably guessed from the title of this post, we'll be learning how to create, modify and perform operations on IP objects using Python. Having to

Monitor CPU, GPU, and storage, clean junk files, check battery health, and keep your Mac fast with Sensei. Free download.

Guest Post: Why does half the Internet use a TTL of 1 minute or less?

How to backup and restore K8s applications on vSphere

Blog

Checkmk is a leading tool for Infrastructure and Application Monitoring. Simple configuration, scalable, flexible. Open Source and Enterprise.

Linux IPsec implementation is usually policy-based. However, route-based VPNs with a pseudo-interface are also available.

Linux uses an LPC-trie for looking up routes. It provides good performance with low memory use even with millions of routes.

Automation is an increasingly interesting topic in pretty much every technology discipline these days. There’s lots of talk about tooling, practices, skill set evolution, and more - but little conversation about fundamentals. What little is published by those actually practicing automation, usually takes the form of source code or technical whitepapers. While these are obviously valuable, they don’t usually cover some of the fundamental basics that could prove useful to the reader who wishes to perform similar things in their own organization, but may have different technical requirements.

A short while back I participated in an internal event. A number of priority customers of our internal cloud service were invited for a feedback session, to voice their thoughts, listen to roadmap sessions and just to get to know each other.
There was one comment made there by one of the participants that has been on my mind since then, and it was something along the lines of:
“I have been using AWS longer than I have been using our internal cloud service – that is more than 5 years.

In a recently published article, Paul Vixie, past author and architect of BIND, one of the most popular internet domain servers, explains why DNS...

tcpdump is the world's premier network analysis tool—combining both power and simplicity into a single command-line interface. This guide will show