-
making kubernetes do what it was always meant to do - order pizza
-
exploring kubernetes secrets from the kubelet's perspective
-
into the details of resource reservation and oom killing
-
an overview of containerd (internal Concourse chat)
-
enabling stackDebug to see debug prints from golang runtime
-
an introductory talk on BPF
-
replicating the go way of cancelling a read over the network
-
installing containerd and getting a sole kubelet to create pods via CRI
-
kernel tracing to figure out a little mistake
-
how to use overlayfs and some analysis of its performance impact in certain situations
-
/usr/bin/time is great, but, what if you could have a system-wide "time" program that captures process execution time with neglebible overhead?
-
a dive into the mechanics of writing to /proc/pid/uid_gid when setting up user namespaces
-
exploring how tar deals with uid and gids when archiving and extracting under different types of users
-
a deep dive into the mechanism that allows sudo to work
-
a look into the translations performed under the hood
-
what if we cut the intermediaries?
-
what if we could use distributed tracing tools to better understand our builds?
-
some explorations on how sending signals work, and why a SIGKILL fails for frozen processes
-
exploring what glibc is, what ISO C and POSIX covers, and why golang might use glibc for some standard libraries.
-
going from source code to a working linux on qemu
-
a lightning talk on Prometheus
-
some thoughts on serving container images from a tarball as if you had a container images registry
-
Lessons learned building Concourse workers for ARM - a visit to CGO cross compilation, and necessary modifications to the workers' runtime
-
A deep dive into what goes under the hood in the Linux kernel when you can the socket system call
-
Check out how you can use the proc filesystem to retrieve the kernel stack trace of a given process
-
Go through the internals of implementing ulimit, how prlimit works, as well as inspecting how the kernel limits the number of open files
-
Go through the reason why free and top show the host's memory instead of container memory.
-
Go through how we can use syscalls to list directory entries and at which point procfs responds to that.
-
Get to know what is under the hood of procfs - what Linux does when you interact with /proc
-
The challenge has been set - a month of blog posts around procfs!
-
Check out how to fetch and install bpftrace using Ansible
-
How to generate a list of recommended articles using Hugo
-
Getting from Golang's net package down to the Linux kernel methods invoked when UDP messages are sent.
-
Getting the absolute path of process on a MacOS machine might not be as simple as in Linux.
-
Dmesg allows us to grasp what's going on under the hood when the kernel gets bad. Check out how dmesg is able to read kernel logs and show to the user.
-
Check out how to pipe a live packet capture from tcpdump into a Wireshark instance in MacOS
-
Bash process substitution can make you not depend on processes expecting input from the standard input. Learn how to supply the result of a script as a temporary filename for another command.
-
Without getting out of your current shell and installing other utilities, give cURL a try to measure response times - it can do it.
-
Hugo Pipes arrived - asset post-processing is now built directly into Hugo. Check out how I made use of CSS minification and bundling to render AMP pages better
-
How to create a poor man's templating engine using AWK
-
There's no need to lose the great features of a well set up Vim configuration when coding eBPF code.
-
Once a Docker Swarm Mode cluster is formed, all nodes participate in the routing mesh and accept ingress traffic. Check out how to block that feature.
-
Go through the process of creating a Terraform configuration for deploying a Docker registry to an instance making use of IAM roles.
-
Docker registry used not to have a Prometheus exporter by default. Check out how to make use of it in the development branch.
-
Check out how to configure YouCompleteMe to have auto completion and source code navigation capabilities for the Linux source code.
-
Go through the steps and syscalls involved in creating a TCP client using C.
-
Yet another blog post on how to create a virtual network that connects network namespaces using a brdige, veth pairs and iptables.
-
Privileged services are not something you can have with a regular Docker Swarm cluster. Check out how to have privileged containers using Docker Swarm Mode
-
Installing docker has never been easier - add the apt repository and install it. What about running your own fork of it?
-
Executing multiple shell commands in continuous integration might become hard to read. Check out how to prefix command executions using bash.
-
HAProxy frontends can have their logic simplified by using maps. Check out how to tie maps with ACLs to improve routing.
-
Sometimes you need HAProxy to have a special frontend to return 200 OK when a request is made for health-checking purposes. Check out three ways of doing it.
-
Check out how to make sure Docker containers running in AWS are unnable to access the EC2 metadata service.
-
Check oout how the docker daemon interacts with containerd and how we can leverage that to modify runc and set some defaults
-
Writing a TCP server in C can teach many things. Check out how to implement a TCP server and understand some of the syscalls involved in the process.
-
A deep dive into how to make use of ptrace to inspect syscalls made by a tracee while they occur.
-
Having an AWS EFS file system over multiple availability zones using Terraform is not complicated. Check out one way of doing it.
-
A conventional AWS Networking Tutorial out there using Terraform doesn't go around the concepts of AWS Networking. Check out how to provision an AWS VPC with multiple subnets and configure security groups using Terraform.
-
Docker ships with native Prometheus integration - the docker daemon can generate metrics about it and let you scrape that. Check out how to gather Docker daemon metrics in Linux and MacOS.
-
NGINX just added server push to mainline. Checkout a NGINX HTTP2 server push example using the latest code from source integrating with an HTTP1 Golang web server.
-
Having jump straight to gRPC, I got surprised by how easy is to set up Go RPC using net/rpc package. Check out a simple example exploring this package.
-
AWS imposes various quotas on the usage of its distributed filesystem. Check out how to go over them by running MYSQL on EFS and then developing a stress test.
-
Grafana v5 is coming with two great features: dashboard and data source provisioning. Checkout how to initialize a dashboard without touching the UI using this new release
-
Going through Prometheus relabelling to emulate an AWS environment locally with Vagrant
-
A dive into how the fly command set-pipelines triggers a pipeline registration in concourse ATC
-
Get Concourse CI built from source - the first step to contributing to the project.
-
Seeing yourself procrastinating in HackerNews? Create an extension that blocks it. All in less than 20 lines of code.
-
HAProxy maps can reduce the complexity of haproxy configurations by allowing you to define map lookup logic. Check out how to remove ACLs in favor of maps.
-
AWS can guarantee amazing speeds for serving a blog - it supports HTTP2, IPv6, caching and has free TLS certificates. Check out how I do it for this blog.
-
HTTP2 support recently landed in HAProxy 1.8. Check out how to configure HTTP/2 support for HAProxy.
-
gRPC shines when it comes to sending a bunch of messages here and there. What about file uploads? Is gRPC a good fit for file transfer? Check out how to send files with gRPC and see if that makes sense.
-
It's common practice to have a buffer between the network and your application. Today I tried to measure how different buffer sizes changes the total time to transfer 1GB of data.
-
How to write a DNS message from zero and send it via UDP to a server.
-
Wondering how a project manager might look at GitHub triggered some questioning. How could someone extract more meaningful data from it?
-
Swagger allows us to separate api definition from implementation. This guide goes through the process of creating a minimal API using go-swagger and Golang.
-
How to create a minimal Ansible role that provisions a Linux machine to have Docker installed - from role conception to testing it using Vagrant.
-
How to take snapshots of a directory and send to them as backups to S3 using Linux tools
-
Docker is not always up to date in Travis' builds. Check out how to update the version of Docker in Travis-CI.
-
Using exec to redirect force redirection from within a bash script.
-
How to inspect a docker image from dockerhub without pulling it
-
A guide on building and configuring HAProxy from scratch to achieve HTTPS with Letsencrypt certificates
-
How to automate the process of building an image and pushing it to DockerHub using Travis-CI
-
Elasticsearch indices can be renamed with two different approaches - Reindex API and Aliases. Checkout out how to rename an Elasticsearch Index using these approaches.
-
It might happen that you need to execute multiple commands against a set of machines via SSH. Check out how to do it programmatically.
-
Running container and virtual machines side by side in Travis is possible. Check out how to do it
-
Making use of the login flag to make sure bash executes profile.d scripts.
-
Leveraging multi-stage builds to create tiny Golang Docker images
-
An actionable guide on how to use LVM without formatting physical disks and just using loopback devices
-
Having build many Golang projects I came with a minimalist makefile that might work for you. If you're looking for a starter Makefile for Go, here you go.
-
Setting up HAProxy on Mac is not complicated. Check out how to build it from source and run it locally.
-
HAProxy doesn't naturally log to standard out - you need to pick rsyslog and make it do so. Check out how to have HAProxy logs going to stdout using Docker containers.
-
How to extend Swap space on Linux after you already set it