6 files changed, 236 insertions, 107 deletions

diff --git a/about/resources.gmi b/about/resources.gmi
index 43472407..bd5fed9d 100644
--- a/about/resources.gmi
+++ b/about/resources.gmi
@@ -35,110 +35,110 @@ You won't find any links on this site because, over time, the links will break.
 
 In random order:
 
-* Raku Recipes; J.J. Merelo; Apress
-* DNS and BIND; Cricket Liu; O'Reilly
-* The Pragmatic Programmer; David Thomas; Addison-Wesley
-* 100 Go Mistakes and How to Avoid Them; Teiva Harsanyi; Manning Publications
-* Perl New Features; Joshua McAdams, brian d foy; Perl School
-* Higher Order Perl; Mark Dominus; Morgan Kaufmann
+* The DevOps Handbook; Gene Kim, Jez Humble, Patrick Debois, John Willis; Audible
+* 97 things every SRE should know; Emil Stolarsky, Jaime Woo; O'Reilly
+* Pro Puppet; James Turnbull, Jeffrey McCune; Apress
+* Raku Fundamentals; Moritz Lenz; Apress
+* Systems Performance Tuning; Gian-Paolo D. Musumeci and others...; O'Reilly
+* Tmux 2: Productive Mouse-free Development; Brain P. Hogan; The Pragmatic Programmers 
+* Chaos Engineering - System Resiliency in Practice; Casey Rosenthal and Nora Jones; eBook
+* Data Science at the Command Line; Jeroen Janssens; O'Reilly
 * Funktionale Programmierung; Peter Pepper; Springer
-* Leanring eBPF; Liz Rice; O'Reilly
-* Clusterbau mit Linux-HA; Michael Schwartzkopff; O'Reilly
-* Systemprogrammierung in Go; Frank Müller; dpunkt
-* C++ Programming Language; Bjarne Stroustrup;
-* Modern Perl; Chromatic ; Onyx Neon Press
-* Hands-on Infrastructure Monitoring with Prometheus; Joel Bastos, Pedro Araujo; Packt 
 * The KCNA (Kubernetes and Cloud Native Associate) Book; Nigel Poulton
 * The Kubernetes Book; Nigel Poulton; Unabridged Audiobook
+* 100 Go Mistakes and How to Avoid Them; Teiva Harsanyi; Manning Publications
+* Polished Ruby Programming; Jeremy Evans; Packt Publishing
+* Distributed Systems: Principles and Paradigms; Andrew S. Tanenbaum; Pearson
+* Leanring eBPF; Liz Rice; O'Reilly
 * The Docker Book; James Turnbull; Kindle
-* Concurrency in Go; Katherine Cox-Buday; O'Reilly
-* Effective awk programming; Arnold Robbins; O'Reilly
-* The Practise of System and Network Administration; Thomas A. Limoncelli, Christina J. Hogan, Strata R. Chalup; Addison-Wesley Professional Pro Git; Scott Chacon, Ben Straub; Apress
-* Kubernetes Cookbook; Sameer Naik, Sébastien Goasguen, Jonathan Michaux; O'Reilly
-* Chaos Engineering - System Resiliency in Practice; Casey Rosenthal and Nora Jones; eBook
-* Systems Performance Tuning; Gian-Paolo D. Musumeci and others...; O'Reilly
-* 21st Century C: C Tips from the New School; Ben Klemens; O'Reilly
+* Hands-on Infrastructure Monitoring with Prometheus; Joel Bastos, Pedro Araujo; Packt 
 * Seeking SRE: Conversations About Running Production Systems at Scale; David N. Blank-Edelman; eBook
-* DevOps And Site Reliability Engineering Handbook; Stephen Fleming; Audible
-* Think Raku (aka Think Perl 6); Laurent Rosenfeld, Allen B. Downey; O'Reilly
-* The Go Programming Language; Alan A. A. Donovan; Addison-Wesley Professional
-* Effective Java; Joshua Bloch; Addison-Wesley Professional
+* Java ist auch eine Insel; Christian Ullenboom; 
+* Clusterbau mit Linux-HA; Michael Schwartzkopff; O'Reilly
+* DNS and BIND; Cricket Liu; O'Reilly
+* Kubernetes Cookbook; Sameer Naik, Sébastien Goasguen, Jonathan Michaux; O'Reilly
 * Ultimate Go Notebook; Bill Kennedy
-* Site Reliability Engineering; How Google runs production systems; O'Reilly
-* Tmux 2: Productive Mouse-free Development; Brain P. Hogan; The Pragmatic Programmers 
-* Pro Puppet; James Turnbull, Jeffrey McCune; Apress
+* Learn You a Haskell for Great Good!; Miran Lipovaca; No Starch Press
+* The Practise of System and Network Administration; Thomas A. Limoncelli, Christina J. Hogan, Strata R. Chalup; Addison-Wesley Professional Pro Git; Scott Chacon, Ben Straub; Apress
 * Terraform Cookbook; Mikael Krief; Packt Publishing
-* Amazon Web Services in Action; Michael Wittig and Andreas Wittig; Manning Publications
+* Perl New Features; Joshua McAdams, brian d foy; Perl School
+* C++ Programming Language; Bjarne Stroustrup;
+* The Pragmatic Programmer; David Thomas; Addison-Wesley
 * Developing Games in Java; David Brackeen and others...; New Riders
-* Polished Ruby Programming; Jeremy Evans; Packt Publishing
-* Programming Perl aka "The Camel Book"; Tom Christiansen, brian d foy, Larry Wall & Jon Orwant; O'Reilly
-* Object-Oriented Programming with ANSI-C; Axel-Tobias Schreiner
+* Amazon Web Services in Action; Michael Wittig and Andreas Wittig; Manning Publications
+* DevOps And Site Reliability Engineering Handbook; Stephen Fleming; Audible
+* Modern Perl; Chromatic ; Onyx Neon Press
+* 21st Century C: C Tips from the New School; Ben Klemens; O'Reilly
+* Systemprogrammierung in Go; Frank Müller; dpunkt
+* Effective Java; Joshua Bloch; Addison-Wesley Professional
+* Effective awk programming; Arnold Robbins; O'Reilly
 * Learn You Some Erlang for Great Good; Fred Herbert; No Starch Press
-* 97 things every SRE should know; Emil Stolarsky, Jaime Woo; O'Reilly
-* Raku Fundamentals; Moritz Lenz; Apress
+* Concurrency in Go; Katherine Cox-Buday; O'Reilly
+* Higher Order Perl; Mark Dominus; Morgan Kaufmann
+* Site Reliability Engineering; How Google runs production systems; O'Reilly
+* The Go Programming Language; Alan A. A. Donovan; Addison-Wesley Professional
 * Go Brain Teasers - Exercise Your Mind; Miki Tebeka; The Pragmatic Programmers
-* Java ist auch eine Insel; Christian Ullenboom; 
+* Raku Recipes; J.J. Merelo; Apress
 * Programming Ruby 3.3 (5th Edition); Noel Rappin, with Dave Thomas; The Pragmatic Bookshelf
-* Distributed Systems: Principles and Paradigms; Andrew S. Tanenbaum; Pearson
-* Data Science at the Command Line; Jeroen Janssens; O'Reilly
-* Learn You a Haskell for Great Good!; Miran Lipovaca; No Starch Press
-* The DevOps Handbook; Gene Kim, Jez Humble, Patrick Debois, John Willis; Audible
+* Programming Perl aka "The Camel Book"; Tom Christiansen, brian d foy, Larry Wall & Jon Orwant; O'Reilly
+* Think Raku (aka Think Perl 6); Laurent Rosenfeld, Allen B. Downey; O'Reilly
+* Object-Oriented Programming with ANSI-C; Axel-Tobias Schreiner
 
 ## Technical references
 
 I didn't read them from the beginning to the end, but I am using them to look up things. The books are in random order:
 
-* Understanding the Linux Kernel; Daniel P. Bovet, Marco Cesati; O'Reilly
-* Go: Design Patterns for Real-World Projects; Mat Ryer; Packt
-* Algorithms; Robert Sedgewick, Kevin Wayne; Addison Wesley
-* The Linux Programming Interface; Michael Kerrisk; No Starch Press 
 * Groovy Kurz & Gut; Joerg Staudemeier; O'Reilly
-* BPF Performance Tools - Linux System and Application Observability, Brendan Gregg; Addison Wesley
-* Relayd and Httpd Mastery; Michael W Lucas
+* Go: Design Patterns for Real-World Projects; Mat Ryer; Packt
 * Implementing Service Level Objectives; Alex Hidalgo; O'Reilly
+* Understanding the Linux Kernel; Daniel P. Bovet, Marco Cesati; O'Reilly
+* Relayd and Httpd Mastery; Michael W Lucas
+* BPF Performance Tools - Linux System and Application Observability, Brendan Gregg; Addison Wesley
+* The Linux Programming Interface; Michael Kerrisk; No Starch Press 
+* Algorithms; Robert Sedgewick, Kevin Wayne; Addison Wesley
 
 ## Self-development and soft-skills books
 
 In random order:
 
-* The Good Enough Job; Simone Stolzoff; Ebury Edge
+* Stop starting, start finishing; Arne Roock; Lean-Kanban University  
+* Atomic Habits; James Clear; Random House Business
+* The Joy of Missing Out; Christina Crook; New Society Publishers
+* Getting Things Done; David Allen
+* Ultralearning; Anna Laurent; Self-published via Amazon
 * Who Moved My Cheese?; Dr. Spencer Johnson; Vermilion
-* The Complete Software Developer's Career Guide; John Sonmez; Unabridged Audiobook
-* 101 Essays that change the way you think; Brianna Wiest; Audiobook
+* Digital Minimalism; Cal Newport; Portofolio Penguin
+* The Software Engineer's Guidebook: Navigating senior, tech lead, and staff engineer positions at tech companies and startups; Gergely Orosz; Audiobook 
+* Slow Productivity; Cal Newport; Penguin Random House
+* Coders at Work - Reflections on the craft of programming, Peter Seibel and Mitchell Dorian et al., Audiobook
+* Buddah and Einstein walk into a Bar; Guy Joseph Ale, Claire Bloom; Blackstone Publishing
 * 97 Things Every Engineering Manager Should Know; Camille Fournier; Audiobook
-* So Good They Can't Ignore You; Cal Newport; Business Plus
+* Eat That Frog; Brian Tracy
+* Consciousness: A Very Short Introduction; Susan Blackmore; Oxford Uiversity Press
+* The 7 Habits Of Highly Effective People; Stephen R. Covey; Simon & Schuster UK
+* Psycho-Cybernetics; Maxwell Maltz; Perigee Books
 * Never Split the Difference; Chris Voss, Tahl Raz; Random House Business
+* The Complete Software Developer's Career Guide; John Sonmez; Unabridged Audiobook
 * Staff Engineer: Leadership beyond the management track; Will Larson; Audiobook
-* Consciousness: A Very Short Introduction; Susan Blackmore; Oxford Uiversity Press
-* Meditation for Mortals, Oliver Burkeman, Audiobook
+* Ultralearning; Scott Young; Thorsons
+* Influence without Authority; A. Cohen, D. Bradford; Wiley
 * Time Management for System Administrators; Thomas A. Limoncelli; O'Reilly
-* Getting Things Done; David Allen
+* Search Inside Yourself - The Unexpected path to Achieving Success, Happiness (and World Peace); Chade-Meng Tan, Daniel Goleman, Jon Kabat-Zinn; HarperOne
+* The Daily Stoic; Ryan Holiday, Stephen Hanselman; Profile Books
 * The Bullet Journal Method; Ryder Carroll; Fourth Estate
+* The Obstacle Is The Way; Ryan Holiday; Profile Books Ltd
 * The Power of Now; Eckhard Tolle; Yellow Kite
-* Slow Productivity; Cal Newport; Penguin Random House
-* The Phoenix Project - A Novel About IT, DevOps, and Helping your Business Win; Gene Kim and Kevin Behr; Trade Select
-* Atomic Habits; James Clear; Random House Business
-* Psycho-Cybernetics; Maxwell Maltz; Perigee Books
-* Digital Minimalism; Cal Newport; Portofolio Penguin
-* Ultralearning; Anna Laurent; Self-published via Amazon
-* Stop starting, start finishing; Arne Roock; Lean-Kanban University  
-* Eat That Frog; Brian Tracy
-* Search Inside Yourself - The Unexpected path to Achieving Success, Happiness (and World Peace); Chade-Meng Tan, Daniel Goleman, Jon Kabat-Zinn; HarperOne
 * Deep Work; Cal Newport; Piatkus
-* Eat That Frog!; Brian Tracy; Hodder Paperbacks
-* The 7 Habits Of Highly Effective People; Stephen R. Covey; Simon & Schuster UK
-* The Obstacle Is The Way; Ryan Holiday; Profile Books Ltd
 * The Off Switch; Mark Cropley; Virgin Books (RE-READ 1ST TIME)
-* Ultralearning; Scott Young; Thorsons
-* The Joy of Missing Out; Christina Crook; New Society Publishers
-* Solve for Happy; Mo Gawdat (RE-READ 1ST TIME)
-* The Software Engineer's Guidebook: Navigating senior, tech lead, and staff engineer positions at tech companies and startups; Gergely Orosz; Audiobook 
-* Buddah and Einstein walk into a Bar; Guy Joseph Ale, Claire Bloom; Blackstone Publishing
+* So Good They Can't Ignore You; Cal Newport; Business Plus
 * The Courage to Be Disliked; Ichiro Kishimi and Fumitake Koga; Audiobook
-* Coders at Work - Reflections on the craft of programming, Peter Seibel and Mitchell Dorian et al., Audiobook
-* The Daily Stoic; Ryan Holiday, Stephen Hanselman; Profile Books
 * Soft Skills; John Sommez; Manning Publications
-* Influence without Authority; A. Cohen, D. Bradford; Wiley
+* Eat That Frog!; Brian Tracy; Hodder Paperbacks
+* Meditation for Mortals, Oliver Burkeman, Audiobook
+* 101 Essays that change the way you think; Brianna Wiest; Audiobook
+* The Good Enough Job; Simone Stolzoff; Ebury Edge
+* The Phoenix Project - A Novel About IT, DevOps, and Helping your Business Win; Gene Kim and Kevin Behr; Trade Select
+* Solve for Happy; Mo Gawdat (RE-READ 1ST TIME)
 
 => ../notes/index.gmi Here are notes of mine for some of the books
 
@@ -146,30 +146,30 @@ In random order:
 
 Some of these were in-person with exams; others were online learning lectures only. In random order:
 
-* Red Hat Certified System Administrator; Course + certification (Although I had the option, I decided not to take the next course as it is more effective to self learn what I need)
-* Functional programming lecture; Remote University of Hagen
-* Scripting Vim; Damian Conway; O'Reilly Online
-* The Well-Grounded Rubyist Video Edition; David. A. Black; O'Reilly Online
-* Protocol buffers; O'Reilly Online
-* Linux Security and Isolation APIs Training; Michael Kerrisk; 3-day on-site training
 * Algorithms Video Lectures; Robert Sedgewick; O'Reilly Online
-* Developing IaC with Terraform (with Live Lessons); O'Reilly Online
-* F5 Loadbalancers Training; 2-day on-site training; F5, Inc. 
 * MySQL Deep Dive Workshop; 2-day on-site training
-* Ultimate Go Programming; Bill Kennedy; O'Reilly Online
+* The Well-Grounded Rubyist Video Edition; David. A. Black; O'Reilly Online
+* Developing IaC with Terraform (with Live Lessons); O'Reilly Online
+* Cloud Operations on AWS - Learn how to configure, deploy, maintain, and troubleshoot your AWS environments; 3-day online live training with labs; Amazon
 * AWS Immersion Day; Amazon; 1-day interactive online training 
+* Protocol buffers; O'Reilly Online
+* Functional programming lecture; Remote University of Hagen
+* F5 Loadbalancers Training; 2-day on-site training; F5, Inc. 
+* Scripting Vim; Damian Conway; O'Reilly Online
+* Red Hat Certified System Administrator; Course + certification (Although I had the option, I decided not to take the next course as it is more effective to self learn what I need)
 * Structure and Interpretation of Computer Programs; Harold Abelson and more...; 
 * Apache Tomcat Best Practises; 3-day on-site training
-* Cloud Operations on AWS - Learn how to configure, deploy, maintain, and troubleshoot your AWS environments; 3-day online live training with labs; Amazon
+* Linux Security and Isolation APIs Training; Michael Kerrisk; 3-day on-site training
 * The Ultimate Kubernetes Bootcamp; School of Devops; O'Reilly Online
+* Ultimate Go Programming; Bill Kennedy; O'Reilly Online
 
 ## Technical guides
 
 These are not whole books, but guides (smaller or larger) which I found very useful. in random order:
 
-* Raku Guide at https://raku.guide  
 * How CPUs work at https://cpu.land
 * Advanced Bash-Scripting Guide 
+* Raku Guide at https://raku.guide  
 
 ## Podcasts
 
@@ -177,31 +177,31 @@ These are not whole books, but guides (smaller or larger) which I found very use
 
 In random order:
 
-* Fork Around And Find Out
-* Dev Interrupted
-* BSD Now [BSD]
-* The ProdCast (Google SRE Podcast)
 * Deep Questions with Cal Newport
-* The Changelog Podcast(s)
+* Dev Interrupted
 * The Pragmatic Engineer Podcast
-* Cup o' Go [Golang]
-* Backend Banter
-* Fallthrough [Golang]
-* Modern Mentor
-* Pratical AI
-* Maintainable
 * Hidden Brain
+* The Changelog Podcast(s)
+* The ProdCast (Google SRE Podcast)
 * Wednesday Wisdom
+* Fork Around And Find Out
+* Modern Mentor
+* Maintainable
+* Pratical AI
+* Cup o' Go [Golang]
+* Fallthrough [Golang]
+* BSD Now [BSD]
+* Backend Banter
 
 ### Podcasts I liked
 
 I liked them but am not listening to them anymore. The podcasts have either "finished" (no more episodes) or I stopped listening to them due to time constraints or a shift in my interests.
 
-* CRE: Chaosradio Express [german]
-* Modern Mentor
-* Go Time (predecessor of fallthrough)
 * Java Pub House
+* CRE: Chaosradio Express [german]
 * FLOSS weekly
+* Go Time (predecessor of fallthrough)
+* Modern Mentor
 * Ship It (predecessor of Fork Around And Find Out)
 
 ## Newsletters I like
@@ -210,25 +210,25 @@ This is a mix of tech and non-tech newsletters I am subscribed to. In random ord
 
 * The Imperfectionist
 * Register Spill
+* Applied Go Weekly Newsletter
 * The Valuable Dev
+* byteSizeGo
 * Ruby Weekly
 * Golang Weekly
 * The Pragmatic Engineer
-* Andreas Brandhorst Newsletter (Sci-Fi author)
-* byteSizeGo
 * VK Newsletter
-* Applied Go Weekly Newsletter
-* Monospace Mentor
 * Changelog News
+* Andreas Brandhorst Newsletter (Sci-Fi author)
+* Monospace Mentor
 
 ## Magazines I like(d)
 
 This is a mix of tech I like(d). I may not be a current subscriber, but now and then, I buy an issue. In random order:
 
+* freeX (not published anymore)
 * Linux Magazine
-* LWN (online only)
 * Linux User
-* freeX (not published anymore)
+* LWN (online only)
 
 # Formal education
 
diff --git a/gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi b/gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi
index 5385428d..493fbc3f 100644
--- a/gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi
+++ b/gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi
@@ -130,7 +130,49 @@ NAMESPACE: monitoring
 STATUS: deployed
 ```
 
-The `persistence-values.yaml` configures Prometheus and Grafana to use the NFS-backed persistent volumes I mentioned earlier, ensuring data survives pod restarts. The persistent volume definitions bind to specific paths on the NFS share using `hostPath` volumes—the same pattern used for other services in Part 7:
+The `persistence-values.yaml` configures Prometheus and Grafana to use the NFS-backed persistent volumes I mentioned earlier, ensuring data survives pod restarts. It also enables scraping of etcd and kube-controller-manager metrics:
+
+```yaml
+kubeEtcd:
+  enabled: true
+  endpoints:
+    - 192.168.2.120
+    - 192.168.2.121
+    - 192.168.2.122
+  service:
+    enabled: true
+    port: 2381
+    targetPort: 2381
+
+kubeControllerManager:
+  enabled: true
+  endpoints:
+    - 192.168.2.120
+    - 192.168.2.121
+    - 192.168.2.122
+  service:
+    enabled: true
+    port: 10257
+    targetPort: 10257
+  serviceMonitor:
+    enabled: true
+    https: true
+    insecureSkipVerify: true
+```
+
+By default, k3s binds the controller-manager to localhost only, so the "Kubernetes / Controller Manager" dashboard in Grafana will show no data. To expose the metrics endpoint, add the following to `/etc/rancher/k3s/config.yaml` on each k3s server node:
+
+```sh
+[root@r0 ~]# cat >> /etc/rancher/k3s/config.yaml << 'EOF'
+kube-controller-manager-arg:
+  - bind-address=0.0.0.0
+EOF
+[root@r0 ~]# systemctl restart k3s
+```
+
+Repeat for `r1` and `r2`. After restarting all nodes, the controller-manager metrics endpoint will be accessible and Prometheus can scrape it.
+
+The persistent volume definitions bind to specific paths on the NFS share using `hostPath` volumes—the same pattern used for other services in Part 7:
 
 => ./2025-10-02-f3s-kubernetes-with-freebsd-part-7.gmi f3s: Kubernetes with FreeBSD - Part 7: k3s and first pod deployments
 
diff --git a/gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi.tpl b/gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi.tpl
index 2c8b99c2..e5cd9850 100644
--- a/gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi.tpl
+++ b/gemfeed/2025-12-07-f3s-kubernetes-with-freebsd-part-8.gmi.tpl
@@ -94,7 +94,49 @@ NAMESPACE: monitoring
 STATUS: deployed
 ```
 
-The `persistence-values.yaml` configures Prometheus and Grafana to use the NFS-backed persistent volumes I mentioned earlier, ensuring data survives pod restarts. The persistent volume definitions bind to specific paths on the NFS share using `hostPath` volumes—the same pattern used for other services in Part 7:
+The `persistence-values.yaml` configures Prometheus and Grafana to use the NFS-backed persistent volumes I mentioned earlier, ensuring data survives pod restarts. It also enables scraping of etcd and kube-controller-manager metrics:
+
+```yaml
+kubeEtcd:
+  enabled: true
+  endpoints:
+    - 192.168.2.120
+    - 192.168.2.121
+    - 192.168.2.122
+  service:
+    enabled: true
+    port: 2381
+    targetPort: 2381
+
+kubeControllerManager:
+  enabled: true
+  endpoints:
+    - 192.168.2.120
+    - 192.168.2.121
+    - 192.168.2.122
+  service:
+    enabled: true
+    port: 10257
+    targetPort: 10257
+  serviceMonitor:
+    enabled: true
+    https: true
+    insecureSkipVerify: true
+```
+
+By default, k3s binds the controller-manager to localhost only, so the "Kubernetes / Controller Manager" dashboard in Grafana will show no data. To expose the metrics endpoint, add the following to `/etc/rancher/k3s/config.yaml` on each k3s server node:
+
+```sh
+[root@r0 ~]# cat >> /etc/rancher/k3s/config.yaml << 'EOF'
+kube-controller-manager-arg:
+  - bind-address=0.0.0.0
+EOF
+[root@r0 ~]# systemctl restart k3s
+```
+
+Repeat for `r1` and `r2`. After restarting all nodes, the controller-manager metrics endpoint will be accessible and Prometheus can scrape it.
+
+The persistent volume definitions bind to specific paths on the NFS share using `hostPath` volumes—the same pattern used for other services in Part 7:
 
 => ./2025-10-02-f3s-kubernetes-with-freebsd-part-7.gmi f3s: Kubernetes with FreeBSD - Part 7: k3s and first pod deployments
 
diff --git a/gemfeed/atom.xml b/gemfeed/atom.xml
index d79025a2..d225500a 100644
--- a/gemfeed/atom.xml
+++ b/gemfeed/atom.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <feed xmlns="http://www.w3.org/2005/Atom">
-    <updated>2025-12-26T00:46:52+02:00</updated>
+    <updated>2025-12-26T01:27:25+02:00</updated>
     <title>foo.zone feed</title>
     <subtitle>To be in the .zone!</subtitle>
     <link href="gemini://foo.zone/gemfeed/atom.xml" rel="self" />
@@ -1083,7 +1083,52 @@ NAMESPACE: monitoring
 STATUS: deployed
 </pre>
 <br />
-<span>The <span class='inlinecode'>persistence-values.yaml</span> configures Prometheus and Grafana to use the NFS-backed persistent volumes I mentioned earlier, ensuring data survives pod restarts. The persistent volume definitions bind to specific paths on the NFS share using <span class='inlinecode'>hostPath</span> volumes—the same pattern used for other services in Part 7:</span><br />
+<span>The <span class='inlinecode'>persistence-values.yaml</span> configures Prometheus and Grafana to use the NFS-backed persistent volumes I mentioned earlier, ensuring data survives pod restarts. It also enables scraping of etcd and kube-controller-manager metrics:</span><br />
+<br />
+<pre>
+kubeEtcd:
+  enabled: true
+  endpoints:
+    - 192.168.2.120
+    - 192.168.2.121
+    - 192.168.2.122
+  service:
+    enabled: true
+    port: 2381
+    targetPort: 2381
+
+kubeControllerManager:
+  enabled: true
+  endpoints:
+    - 192.168.2.120
+    - 192.168.2.121
+    - 192.168.2.122
+  service:
+    enabled: true
+    port: 10257
+    targetPort: 10257
+  serviceMonitor:
+    enabled: true
+    https: true
+    insecureSkipVerify: true
+</pre>
+<br />
+<span>By default, k3s binds the controller-manager to localhost only, so the "Kubernetes / Controller Manager" dashboard in Grafana will show no data. To expose the metrics endpoint, add the following to <span class='inlinecode'>/etc/rancher/k3s/config.yaml</span> on each k3s server node:</span><br />
+<br />
+<!-- Generator: GNU source-highlight 3.1.9
+by Lorenzo Bettini
+http://www.lorenzobettini.it
+http://www.gnu.org/software/src-highlite -->
+<pre>[root@r0 ~]<i><font color="silver"># cat &gt;&gt; /etc/rancher/k3s/config.yaml &lt;&lt; 'EOF'</font></i>
+kube-controller-manager-arg:
+  - bind-address=<font color="#000000">0.0</font>.<font color="#000000">0.0</font>
+EOF
+[root@r0 ~]<i><font color="silver"># systemctl restart k3s</font></i>
+</pre>
+<br />
+<span>Repeat for <span class='inlinecode'>r1</span> and <span class='inlinecode'>r2</span>. After restarting all nodes, the controller-manager metrics endpoint will be accessible and Prometheus can scrape it.</span><br />
+<br />
+<span>The persistent volume definitions bind to specific paths on the NFS share using <span class='inlinecode'>hostPath</span> volumes—the same pattern used for other services in Part 7:</span><br />
 <br />
 <a class='textlink' href='./2025-10-02-f3s-kubernetes-with-freebsd-part-7.html'>f3s: Kubernetes with FreeBSD - Part 7: k3s and first pod deployments</a><br />
 <br />
diff --git a/index.gmi b/index.gmi
index a8cdc24e..cca11f1e 100644
--- a/index.gmi
+++ b/index.gmi
@@ -1,6 +1,6 @@
 # Hello!
 
-> This site was generated at 2025-12-26T00:46:52+02:00 by `Gemtexter`
+> This site was generated at 2025-12-26T01:27:25+02:00 by `Gemtexter`
 
 Welcome to the foo.zone!
 
diff --git a/uptime-stats.gmi b/uptime-stats.gmi
index 2fa1ff4f..b9efb0e7 100644
--- a/uptime-stats.gmi
+++ b/uptime-stats.gmi
@@ -1,6 +1,6 @@
 # My machine uptime stats
 
-> This site was last updated at 2025-12-26T00:46:52+02:00
+> This site was last updated at 2025-12-26T01:27:25+02:00
 
 The following stats were collected via `uptimed` on all of my personal computers over many years and the output was generated by `guprecords`, the global uptime records stats analyser of mine.