• dns
• dnssec
• powerdns
• pdns
• networking
• privacy

How to configure PowerDNS Recursor 5.4 to resolve directly against TLD name servers without depending on the root name servers at runtime, using a local root.zone file loaded via zonetocaches — including DNSSEC validation, trust anchor setup, and the race condition that prevents it from working without a hint file.

• rust
• dns
• dnssec
• hickory-dns
• networking
• privacy
• tls
• prometheus

How to run Hickory DNS as a full recursive resolver starting from the root zone, with DNSSEC validation, TLS-encrypted upstream connections, Happy Eyeballs, and Prometheus metrics — including all configuration options added in the recurser-from-root-zone branch.

• rust
• kubernetes
• logging
• containers
• devops
• filebeat
• openshift

vigil-log-relay streams logs from Kubernetes pods, HTTP endpoints, or Unix sockets and forwards them as ndjson to any TCP-capable log collector. No DaemonSet, no node-level access, no filesystem mounts — just a single binary with a namespace-scoped ServiceAccount.

• rust
• containers
• devops
• init
• supervisor

vigil-rs is a PID 1 / container init daemon written in Rust. It supervises multiple processes, runs health checks, fires HTTP(S) alerts on state transitions, and exposes a REST API over a Unix socket with native zombie-reaping and per-service stop signals.

• haproxy
• TLS
• SSL
• SNI
• openshift
• podman
• kubernetes

Learn how HAProxy container uses TLS Server Name Indication (SNI) to route encrypted TCP connections without decrypting them — enabling multiple services like Nextcloud and XMPP to share port 443.

• rust
• c
• performance
• log-analysis
• apache
• nginx
• profiling
• mimalloc
• parsing
• memchr
• zstd

A Rust rewrite of mergelog 4.5, a C tool from 2000 that merges Apache log files chronologically. Six optimizations — a k-way heap merge, a hand-rolled CLF parser, String buffer reuse, mimalloc, 4 MiB read buffers with SIMD newline search, and zstd support — took the Rust binary from slower than the original to 2.26× faster.

• c
• webalizer
• log-analysis
• geoip
• nginx
• apache
• pcre2
• hyperscan
• mimalloc
• xxhash
• container
• gitlab-ci
• autotools

AWFFull 4.0.0 brings a long-overdue overhaul to a C-based web server log analyser forked from Webalizer: PCRE2 replaces EOL libpcre, libmaxminddb replaces the deprecated GeoIP .dat format, new ASN statistics show traffic by network operator, and optional Intel Hyperscan, mimalloc, and XXH3 deliver measurable performance gains on large logs. The release also adds a full GitLab CI/CD pipeline, .deb/.rpm packages, a multi-stage container image, updated browser and bot detection lists, and 100%-complete translations for 6 languages.

• fluent-bit
• vector
• filebeat
• logstash
• s3
• azure-blob
• nginx
• log-shipping
• container
• kubernetes
• awffull

A practical guide to shipping web server access logs to AWS S3 or Azure Blob Storage using Fluent Bit, Vector, or Filebeat/Logstash — including persistent buffering, retry configuration, concurrent write safety, and log loss prevention. Covers running AWFFull as a stateless container against object storage logs and serving the generated reports as a static website.

• openshift
• haproxy
• sticky
• kubernetes

How OpenShift and Kubernetes handle session stickiness via HAProxy cookie-based routing.

• rust
• http
• benchmark
• http2
• http3
• distributed
• quickstart
• deno

A short version of the loadgen-rs article: what it does, benchmark highlights vs h2load, when to choose which tool, and how to start quickly in single-node and distributed mode.