Building Kubernetes the Hard Way — Then Automating It All with Ansible How I went from zero k8s knowledge to a fully IPv6-only, BGP-routed, HA Kubernetes cluster in 7 weeks — and what I learned along the way. Please note 99.69% of this blog post was generated by claude code with minimal editing by Cooper. [ View Post… ]
nftables telemetry in 2026
<p>I've been running nftables for years. But I've never sat down to get good telemetry for it. For firewalls to get good telemetry coverage I feel you need:</p> <ul> <li><strong>Rule Statistics</strong> <ul> <li>See what rules are getting hit</li> <li>Overly hot rules</li> <li>Rules no longer getting hit (cleanup)</li> </ul> </li> <li><strong>Logs + Analysis</strong> <ul> <li>Summarized traffic [ View Post… ]
systemd … targeting Requires=, Wants, Before= and happily ever After= again …
systemd progressed the Linux PID 1 situation adding many feature and capabilities. But, as always, with features and capabilities, comes complexity. One thing I and many co-workers have found difficult is getting startup order right, especially with custom targets. First lets define some systemd concepts: unit: a configuration file that describes a service, a socket, [ View Post… ]
Book REVIEW: Linux Service Management Made Easy with systemd: Advanced techniques to effectively manage, control, and monitor Linux systems and services 1st Edition
<p><a href="https://www.amazon.com/gp/product/B09D3VHLD2/" title="Amazon Link">Amazon Link</a></p> <ul> <li>Disclaimer: I get no royalites or anything here – Just had coworkers ask me about it</li> </ul> <p>So since I'm no systems guru and am now working on a Linux Distribution effectively at work I thought I'd read this book. Especially since it relies so heavily on <a href="https://systemd.io/" [ View Post… ]
CLI Templates for Python + Rust
Do you also write a lot of services that need a few CLI option (e.g. –config) and or little CLI tools from time to time? Want a base CLI + logging to stderr template to start from? I always do, so I have Python and Rust base CLI code templtes shared on GitHub that I [ View Post… ]
Stop IPv4 Point-To-Point Addressing your Networks
<p>IPv4 addressing on links is no longer required to route IPv4. What you say?? Yes, you can stop IPv4 addressing your point to point links with <em>Legacy IP</em> and route your IPv4 addressed packets via IPv6 next hops!</p> <ul> <li>With this we can save Public IPv4 addressing!</li> <li>We now only need a Public IPv4 loopback [ View Post… ]
NAT64: Using `jool` on Ubuntu 20.04
I found that jool has very good tutorials, but all the commands to get going are hidden in these large tutorials. Here are the steps I took to get it working on Ubuntu 20.04 on both a Raspberry Pi + Protectli Vault. Please pre-read and refer to to Jool’s Documentation for more information. I have [ View Post… ]
Raspberry Pi Powered Fireplace
Mr Aijay Adams and I am back making my Fireplace Internet / Smart device controllable. Now, via a very sexy Web UI, when I’m heading back to Chateau Tahoe, I can turn my fireplace on to be ready as soon as I walk in the door. Sexy warmth controlled by a sexy custom made API. [ View Post… ]
nftables
Are you using the latest Linux kernel firewall?. Here are some notes I’ve saved that I use and forget all the time. I plan to add to this as I do more. Hopefully it helps you work something out one day. Note: I am using inet tables combining my IPv4 and IPv6 rulesets. List Tables [ View Post… ]
RPM vs OPKG Cheat Sheet
<p>Recently in the <a href="https://terragraph.com/">Terragraph</a> project I work on we changed from RPM to OPKG to removes some dependencies (e.g. perl) and make our overall image size smaller. I've never driven OPKG, but know RPM, so I made this cheat sheet for my shit memory.</p> <p>I'm cheap so I don't have a Table plugin – [ View Post… ]