ZFS Performance Focused Parameters

We’ve recently gotten some significantly larger storage systems and after running some 50T pools with basically all the defaults it felt like time to dig into what common options are used to chase performance. The intended use for these systems is ultimately CIFS/NFS targets for scientists who are running simulations that generate small (1M) to large (100G) files. I’m not being rigorous and offering any benchmarks, just digging into documented performance parameters and explaining the rational.

ECC Certificates and mTLS with Nginx

If you want to be truly paranoid about authentication to services, you can implement your own Public Key Infrastructure (PKI). Many large organizations that are privacy focused have developed a digital/physical PKI strategy, for example the DoD’s Common Access Card. OpenSSL is a software that can be used to setup a “simple” PKI, however it’s command complexity is easy to get lost within. In this guide we’ll set up a “simple” PKI that we’ll use to authenticate users with, while still using the legitimately issued Let’s Encrypt Domain Validation certificates.

BTRFS Maintenance and the SSD parameter

I stumbled across a discussion about using the ssd parameter as a mount option with BTRFS and realized that I was very likely afflicted by what was being discussed in the mailing list. I'd not anticipated any maintenance operations that would be necessary when starting to use BTRFS as a daily driver, but IRC and the community was incredibly helpful.

Home Network, a novice Design

When you jump beyond the use of a monolithic router/switch to separates it can be a daunting task. Often it is easy to settle into using non-managed switching, which doesn't allow for isolation. In todays age with IoT running rampant having different domains of isolation can be an essential for limiting untrusted but useful devices from ex-filtrating data from your household. Moving to a managed switch platform allows you to do a variety of interesting things for your home network, yet getting started can be a bit daunting.

Project Fi, ArchLinux, Thinkpad T470s

It has been a personal desire to have mobile broadband connectivity with a laptop and not have a requirement for peripherals like MiFi or Tethering, for half a decade. When it became possible to get LTE modems in newer model Thinkpads it was time to see if Fi had made data-only SIMs that would work nationally/internationally.

Linux on the T470s

Trying to find a modern laptop that works well with Linux is quite difficult. I've been on a journey with difference manufactures ranging from Panasonic, Dell, HP, Lenovo... It's quite a mess. Thankfully the T4x0s line of laptops form Lenovo have proved to work well (generally) for the last couple generations. Herein is a discussion of selection criteria and some anecdotes for getting things to run smoothly.