| Age | Commit message (Collapse) | Author |
|---|
|
Added new 'Managing Roaming Client Tunnels' section before the conclusion
covering how to start and stop WireGuard on both roaming clients:
earth (Fedora laptop):
- systemctl start/stop/status commands
- Example wg show output showing active peers
- Notes about disabled service preventing auto-start
pixel7pro (Android phone):
- Step-by-step toggle instructions in WireGuard app
- Quick toggle from notification shade
- Optional automatic activation based on network conditions
- Instructions for configuring auto-activation settings
Also includes:
- Verifying connectivity section with ping and curl examples
- How to check which gateway is actively routing traffic
- Transfer statistics monitoring
This provides practical guidance for day-to-day VPN usage on roaming clients.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
Updated rake generate output and keys listing to include:
- dist/earth/etc/wireguard/wg0.conf generation
- dist/pixel7pro/etc/wireguard/wg0.conf generation
- PSK keys for earth and pixel7pro with blowfish and fishfinger
- Private/public keys for earth and pixel7pro
This completes the integration of roaming clients into all output examples
throughout the blog post.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
Rewrote Part 5 blog post to seamlessly integrate roaming client (earth, pixel7pro)
content throughout instead of having it as a separate update section. The post now
reads as one cohesive article.
Changes:
- Simplified header note about roaming clients (removed large update section)
- Updated introduction to include roaming clients in topology description
- Added roaming traffic patterns to "Expected traffic flow" section
- Updated YAML config example to show earth and pixel7pro entries with exclude_peers
- Added roaming client wg0.conf example after infrastructure example
- Added OpenBSD NAT/PF configuration section with detailed firewall rules
- Added roaming client /etc/hosts entries for earth and pixel7pro
- Added "Setting up roaming clients" subsection covering Android QR code and Fedora setup
- Removed separate "Adding Roaming Clients (Update)" section at end
- Deleted old wireguard-full-mesh.svg (without roaming clients)
- Updated wireguard-full-mesh-with-roaming.svg with improved positioning
The blog post now flows naturally as if roaming clients were part of the original
design, making it easier to read and understand the complete mesh network setup.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
- Moved legend from 'upper right' to 'upper center' with 2-column layout
- Repositioned pixel7pro to bottom center (360, 570)
- Repositioned earth slightly (120, 540)
- Eliminates overlap between legend and pixel7pro node
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
- Generated new visualization showing earth and pixel7pro roaming clients
- Both clients shown connecting exclusively to blowfish and fishfinger gateways
- Original full mesh connections preserved for infrastructure hosts
- Color-coded nodes: FreeBSD (red), Rocky Linux (teal), OpenBSD (yellow), Roaming (purple)
- Added graph reference to blog post update section
Graph generated using matplotlib with proper positioning:
- Mesh hosts maintain original layout
- Roaming clients positioned at bottom (laptop left, phone right)
- Client connections shown as blue dashed lines to gateways only
- Includes legend explaining host types and connection types
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
Added comprehensive documentation for two new roaming clients added to the
WireGuard mesh network in January 2026:
- earth: Fedora laptop (192.168.2.200)
- pixel7pro: Android phone (192.168.2.201)
Changes:
- Updated blog post header with "last updated" timestamp
- Added "Update: Roaming Client Support Added" section after TOC
- Added detailed "Adding Roaming Clients" section before conclusion
- Updated introduction to mention roaming clients
Key topics covered:
- Client-only architecture (connect to gateways, not LAN hosts)
- All-traffic routing (0.0.0.0/0) for internet access via VPN
- WireGuard mesh generator modifications for roaming client detection
- OpenBSD gateway PF NAT configuration
- Client setup for Android (QR code) and Fedora (manual)
- WireGuard automatic failover limitation explained
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Add comprehensive section explaining how OpenBSD relayd and httpd
provide automatic failover when the f3s Kubernetes cluster is down.
New content covers:
- Relay-level vs protocol-level routing and why protocol rules don't support failover
- Health check mechanism and automatic table failover
- Correct relayd configuration with f3s first, localhost as backup
- httpd configuration with request rewrite for all paths
- Explanation of why request rewrite is needed to handle deep links
- Benefits of the automatic failover approach
This ensures visitors see a helpful status page instead of connection
errors when the home lab cluster is offline.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
|
|
Added screenshot reference for ZFS monitoring dashboard visualization:
- Path: ./f3s-kubernetes-with-freebsd-part-8b/grafana-zfs-dashboard.png
- Shows ZFS pool statistics and ARC cache metrics
- Placed after dashboard description, before deployment section
Screenshot will demonstrate:
- Pool capacity gauges and health status
- Dataset statistics table
- ARC cache hit rate and memory usage
- Cluster-wide ZFS statistics
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
Renamed blog post file:
- From: DRAFT-f3s-kubernetes-with-freebsd-part-X-OBSERVABILITY2.gmi.tpl
- To: DRAFT-f3s-kubernetes-with-freebsd-part-8b.gmi.tpl
Updated screenshot path:
- From: ./f3s-observability-tempo/grafana-tempo-trace.png
- To: ./f3s-kubernetes-with-freebsd-part-8b/grafana-tempo-trace.png
This makes the post part 8b in the f3s-kubernetes-with-freebsd series.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
Added link to grafana-tempo-trace.png showing the distributed trace waterfall
view in Grafana Tempo. The screenshot will demonstrate the Frontend → Middleware
→ Backend span chain with timing information.
Screenshot path: ./f3s-observability-tempo/grafana-tempo-trace.png
Also kept reference to X-RAG blog post for additional examples.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
Instead of including screenshot placeholders, reference the X-RAG Observability
Hackathon blog post which already has Grafana Tempo screenshots showing:
- Trace waterfall visualization
- Service graph visualization
This provides readers with visual examples of how distributed traces appear in
Grafana UI without duplicating screenshots.
Link: https://foo.zone/gemfeed/2025-12-24-x-rag-observability-hackathon.html
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
Replaced old trace example with verified working trace that shows complete
distributed tracing across all three services.
Changes:
- Updated curl command and response with actual working output
- New trace ID: 4be1151c0bdcd5625ac7e02b98d95bd5 (old: 4e8d5a25ae6f8f8d737b46625920fbb9)
- Added kubectl commands to search and fetch traces from Tempo API
- Documented complete trace structure with 8 spans across 3 services:
* Frontend: 3 spans (GET /api/process, frontend-process, POST) - 221ms
* Middleware: 3 spans (POST /api/transform, middleware-transform, GET) - 186ms
* Backend: 2 spans (GET /api/data, backend-get-data) - 104ms
- Added detailed span annotations explaining each span's role
- Included timing information showing distributed request flow
- Documented W3C Trace Context header propagation
This trace was generated after fixing health check noise by excluding /health
endpoints from instrumentation, which allows API traces to be properly exported
and visible in Tempo.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
Updated the blog post to reflect the working datasource provisioning method
that was implemented after extensive debugging.
Changes:
- Replaced old sidecar-based approach (grafana_datasource label) with direct ConfigMap mounting
- Documented unified grafana-datasources-all.yaml containing all four datasources
- Explained direct mount to /etc/grafana/provisioning/datasources/ in persistence-values.yaml
- Noted this approach is simpler and more reliable than sidecar discovery
The old approach with ConfigMap labels did not work due to provisioning module issues.
The new approach follows the pattern from x-rag project and successfully provisions
all datasources (Prometheus, Alertmanager, Loki, Tempo) on Grafana startup.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
Added detailed example showing:
- Curl command to generate a distributed trace
- Full JSON response from the demo application
- Trace ID (4e8d5a25ae6f8f8d737b46625920fbb9) for viewing in Grafana
- Instructions for searching traces using TraceQL
- Placeholders for two screenshots (trace waterfall and service graph)
- Explanation of what the trace reveals about request flow
|
|
This blog post draft documents the integration of Grafana Tempo into the
f3s Kubernetes cluster's observability stack. It covers:
- Deploying Grafana Tempo in monolithic mode with OTLP receivers
- Configuring Grafana Alloy to collect and forward traces to Tempo
- Creating a three-tier Python demo application (Frontend → Middleware → Backend)
with OpenTelemetry instrumentation
- Correlating traces with logs (Loki) and metrics (Prometheus) in Grafana
- Using TraceQL to query and explore distributed traces
- Service graph visualization for understanding microservice dependencies
Part of the f3s FreeBSD + Kubernetes observability series.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
