K3s on Proxmox: Production-Ready Cluster from Scratch
Spin up a K3s v1.36.1 cluster on Proxmox VE 9 using dedicated VMs. Control plane, worker nodes, and the baseline configuration that actually holds up in production.
Networking
8 articles tagged #networking
Articles tagged Networking
NGINX Poolslip: Rewrite Bug Still Open
CVE-2026-9256 (Poolslip) is a heap buffer overflow in NGINX's rewrite module affecting versions 0.1.17 through 1.31.0. Patching for Rift in May left you exposed. You need 1.30.2 or 1.31.1.
Linux 7.0.11: Three Security Fixes and a Dirty Frag Update
Seven kernel branches shipped June 1. Three security fixes land in 7.0.11 — TCP ISN leak, tap stack leak, and a keyring race. Dirty Frag is now half-patched: CVE-2026-43500 fixed, CVE-2026-43284 still open upstream.
BGP Full Table in Your Homelab: Deep Dive
Connect your homelab router to a free live BGP full-table feed and learn RPKI, path selection, communities, and filtering with BIRD2 or FRRouting — using the actual Default-Free Zone table that real ISP routers carry.
Migrating from ingress-nginx: a practical guide
ingress-nginx was archived on March 24, 2026. About half of cloud-native environments still run it. Here is what a real migration looks like: the options, the trade-offs, and the parts nobody tells you about upfront.
OpenBSD 7.9: heterogeneous CPU scheduling and socket splicing
OpenBSD 7.9 adds P/E-core-aware scheduling and unlocked socket splicing for multi-core throughput. The 60th release of the most security-focused BSD.
ingress-nginx is EOL: half your clusters are unpatched
ingress-nginx went EOL in March 2026. No security patches, no CVE fixes. 50% of Kubernetes clusters still run it. Time to move to Gateway API.
K3s on Proxmox: what actually breaks in production
Running K3s inside Proxmox VMs exposed problems the quick-start skips. MTU mismatches, storage driver conflicts, node-pressure evictions — here is what broke.