It all started when I began hearing about this container thing outside of work. I've been a Google SRE going on 6 years, but knowing that the way we do containers internally on Borg is probably not how the rest of the world does reliable, scalable, infrastructure. I was curious, how hard could it be to spin … Continue reading Kubernetes, the slow way.
A while back, I wrote a post about setting up an L2TP/IPSec VPN on my home firewall/router. It required two daemons and a bunch of configuration that had hard coded IP addresses. While this solution used firmly-established practices (L2TP/IPSec), it felt too brittle. What happens when my dynamic IP address changes? Now I need to update config files, … Continue reading A simplified way to securely move all the bits.
I was bored last weekend, so I configured a two-port LACP bonded trunk from my FreeBSD-running NAS connected to my HP Procurve switch. Why? I could? I had all these spare Ethernet ports on my NAS, and they seemed bored. More seriously: high availability. One interface serving all my storage traffic just seemed ripe for failure. … Continue reading LACP, VLANs, always stay connected.
I recently changed Internet providers from Comcast Business to Verizon Fios connection. As part of the Fios package, are TV Set Top Boxes (STB) which use coax for Video, and Internet via MOCA for the guide data. It made me curious, what kind of traffic were these things sending on the network? What would they … Continue reading Get off my lawn, DMZ edition.
For a while I had used Smokeping to generate pretty graphs of network latency between various hosts on my network. The downside with Smokeping was always getting it working. Did I configure my webserver just right? Did I remember to save the webserver configs so that the next time I set this up, things just … Continue reading I wrote my own network latency monitoring agent in Go
A new year gave me an itch to scratch. For years I had been running a pretty standard setup when it came to blogging. Linode Apache WordPress MySQL It was as vanilla a setup as one can get, running on a $10/month Linode instance out of their datacenter in Atlanta. I never used the VM … Continue reading A brand new blog for 2016
No one likes to do repetitive OS installs. You know the kind, where you are just clicking through a bunch of prompts for username, password, and partitioning scheme as fast as you can to quickly get to the point where you can get some work done. This scenario happens to me every time OpenBSD releases a new … Continue reading From 0 to an OpenBSD install, with no hands and a custom disk layout
Problem Statement: While OpenVPN has served me well over the past few years both for site-to-site and road-warrior style VPN connections, it always bugged me that I had to hack a config file, juggle certificates, and use a custom client that isn't part of the base OS to bring up the links. My Android phone has a built-in L2TP/IPSec VPN … Continue reading All the bits, from anywhere.
This was an epic visit home, tech-wise. Just so I don't forget, and can hold it over my folks' head for a while: Upgraded two five-year-old Linksys E2000 AP's to Netgear r6250's. Those old ones were just not reaching the entire length of the house anymore. Upgraded the firewall/router from OpenBSD 5.5-stable to OpenBSD 5.6-stable. It … Continue reading Family Tech Support: Vacation Edition
I was hoping with my past posts on this topic, I would have enough examples to just copy-and-paste along to configure my Gitolite+Nagios monitoring setup. Not so true. It looked like there were semi-colon's missing in my past examples. After looking at the huge number of changes in Gitolite, I had to re-do everything. Not to … Continue reading Third time’s a charm? Gitolite, Git, Nagios, and a bunch of hooks