Posts

Things I’ve written that are long enough to deserve an introduction. Mostly backend engineering, occasional detour into photography and espresso machines.

Mar 2, 2025 The bitmap heap scan that ate our p99
A query that should have been a boring index scan turned into a full-table shuffle because the planner guessed wrong.
Feb 28, 2025 Switching to TCP BBR on the edge
We flipped our edge servers from CUBIC to BBR and measured the actual win for our traffic, which was smaller than the marketing suggests
Feb 22, 2025 GitOps with Flux vs Argo on a small team
After a year on Flux and a quarter on Argo, here is a practical comparison from a four-person platform team
Feb 14, 2025 Running a Proxmox cluster of two (don't)
I ran a two-node Proxmox cluster for nine months and fought quorum constantly, and here is the specific set of workarounds and why I eventually added a third
Feb 5, 2025 Capabilities bounded the wrong way
A service that could no longer bind to low ports after an innocent systemd change, and what I learned about capability sets
Jan 27, 2025 Shaving 40W off my homelab rack
A weekend of measuring, swapping, and tuning reduced my rack's idle draw from 220W to 180W, with surprises
Jan 17, 2025 DNS-01 challenges with a split-horizon DNS
Getting Let's Encrypt DNS-01 working when the authoritative internal view is different from the public view, without pulling my hair out
Jan 7, 2025 Testing routers with Linux network namespaces
A pattern I now use for testing every firewall and routing change before it touches the edge: cheap, repeatable, and on a laptop
Dec 28, 2024 CRD design mistakes I made early on
A collection of the mistakes I made designing custom resource definitions, and the patterns that emerged after a few painful migrations
Dec 18, 2024 Four kubectl plugins I keep coming back to
Small kubectl plugins I wrote over the past year that punch above their weight in daily workflows
Dec 8, 2024 io_uring surprised me in a benchmark
Replacing an epoll loop with io_uring gave a 1.8x throughput boost in a naive benchmark, and a 0.9x loss in a realistic one
Nov 28, 2024 BGP in a small network: worth it?
I set up BGP between two homelab routers to learn, and reached some unromantic conclusions about when it earns its keep
Nov 17, 2024 Sizing a UPS for a quiet homelab rack
How I sized (and then re-sized) a UPS for a homelab that started small and grew, and the surprising role of runtime vs capacity
Nov 7, 2024 Baking Hetzner images with Packer and cloud-init
Our Hetzner fleet went from 'cloud-init runs for four minutes per boot' to 'image is ready in seconds' with a reasonable Packer pipeline
Oct 28, 2024 Ansible at scale: where it breaks for us
Ansible got us from 10 to 200 managed hosts, but somewhere between 500 and 1000 it started to grind, and here are the specific pain points