https://jecklgamis.com/Recent content on jecklgamis.comHugoen-ushttps://jecklgamis.com/guides/rust-fundamentals-guide/Tue, 19 May 2026 00:00:00 +0000https://jecklgamis.com/guides/rust-fundamentals-guide/<p>A practical reference for Rust covering the language fundamentals and systems programming topics: the ownership model, the type system, I/O, concurrency primitives, and async.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/rust-fundamentals-guide.html">Rust Fundamentals</a></p> <p><strong>Topics covered:</strong></p> <ul> <li><strong>Ownership &amp; Borrowing</strong> — move semantics, shared/exclusive references, slices, borrow rules</li> <li><strong>Types &amp; Traits</strong> — primitives, structs, generics, trait bounds, static vs dynamic dispatch</li> <li><strong>Enums &amp; Pattern Matching</strong> — algebraic data types, <code>match</code>, <code>if let</code>, guards, destructuring</li> <li><strong>Error Handling</strong> — <code>Result</code>, <code>Option</code>, the <code>?</code> operator, custom error types, <code>From</code>/<code>Into</code></li> <li><strong>Collections &amp; Iterators</strong> — <code>Vec</code>, <code>HashMap</code>, <code>HashSet</code>, <code>VecDeque</code>, lazy iterator pipelines</li> <li><strong>Closures &amp; Lifetimes</strong> — <code>Fn</code>/<code>FnMut</code>/<code>FnOnce</code>, move closures, lifetime annotations, elision</li> <li><strong>Smart Pointers</strong> — <code>Box</code>, <code>Rc</code>, <code>Arc</code>, <code>RefCell</code>, <code>Cell</code>, when to use each</li> <li><strong>File I/O</strong> — <code>fs::read_to_string</code>, <code>BufReader</code>/<code>BufWriter</code>, <code>OpenOptions</code>, directory traversal</li> <li><strong>Network / Socket I/O</strong> — sync TCP/UDP with <code>std::net</code>, socket options, buffered streams</li> <li><strong>Threading</strong> — <code>thread::spawn</code>, scoped threads, <code>move</code> closures, thread-local storage</li> <li><strong>Locking &amp; Sync</strong> — <code>Mutex</code>, <code>RwLock</code>, <code>Condvar</code>, atomics, <code>Arc</code>-wrapped locks</li> <li><strong>Channels</strong> — <code>mpsc</code> unbounded/bounded, worker pool pattern, <code>try_recv</code></li> <li><strong>Async / Tokio</strong> — <code>async</code>/<code>await</code>, <code>tokio::spawn</code>, <code>join!</code>, <code>select!</code>, async TCP, <code>tokio::sync</code></li> <li><strong>Cheat Sheet</strong> — type conversions, iterator adaptors, concurrency patterns, Cargo commands</li> </ul>https://jecklgamis.com/guides/aws-eks-guide/Wed, 13 May 2026 00:00:00 +0000https://jecklgamis.com/guides/aws-eks-guide/<p>A reference guide for Amazon Elastic Kubernetes Service covering the control plane, node groups, networking with VPC CNI, pod identity, autoscaling with Karpenter, cluster add-ons, and observability.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/aws-eks-guide.html">AWS EKS Guide</a></p> <p><strong>Topics covered:</strong></p> <ul> <li><strong>EKS Architecture</strong> — Managed control plane, API server endpoint, etcd, auth</li> <li><strong>Node Groups</strong> — Managed node groups, self-managed, Fargate profiles</li> <li><strong>VPC CNI</strong> — IP address management, ENI allocation, prefix delegation, custom networking</li> <li><strong>Pod Identity</strong> — EKS Pod Identity vs IRSA, service account token projection</li> <li><strong>Karpenter</strong> — NodePool, NodeClaim, provisioning loop, disruption, spot handling</li> <li><strong>Cluster Add-ons</strong> — CoreDNS, kube-proxy, VPC CNI, EBS/EFS CSI drivers</li> <li><strong>Networking</strong> — Service types, AWS Load Balancer Controller, ingress, security groups for pods</li> <li><strong>Observability</strong> — Container Insights, Fluent Bit, ADOT, Prometheus on EKS</li> <li><strong>Security</strong> — RBAC, aws-auth ConfigMap, EKS access entries, pod security, image scanning</li> <li><strong>Reference</strong> — eksctl cheat sheet, common debugging patterns</li> </ul>https://jecklgamis.com/guides/aws-networking-guide/Wed, 13 May 2026 00:00:00 +0000https://jecklgamis.com/guides/aws-networking-guide/<p>A deep-dive reference for AWS networking covering hybrid connectivity, DNS, CDN, and global traffic management.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/aws-networking-guide.html">AWS Networking Deep Dive</a></p> <p><strong>Topics covered:</strong></p> <ul> <li><strong>Direct Connect</strong> — Dedicated connections, virtual interfaces (public/private/transit), hosted vs dedicated, resiliency models</li> <li><strong>Site-to-Site VPN</strong> — IPSec tunnels, BGP, static routing, accelerated VPN</li> <li><strong>Route 53</strong> — Record types, routing policies, health checks, private hosted zones, DNSSEC</li> <li><strong>CloudFront</strong> — Distributions, origins, behaviours, cache policies, OAC, Lambda@Edge</li> <li><strong>Global Accelerator</strong> — Anycast IPs, endpoint groups, health checks vs CloudFront</li> <li><strong>Elastic Load Balancing</strong> — ALB, NLB, GWLB internals and use cases</li> <li><strong>PrivateLink</strong> — Service provider/consumer model, interface endpoints, NLB-backed services</li> <li><strong>Reference</strong> — Hybrid connectivity decision tree, cheat sheet</li> </ul>https://jecklgamis.com/guides/aws-vpc-guide/Wed, 13 May 2026 00:00:00 +0000https://jecklgamis.com/guides/aws-vpc-guide/<p>A reference guide for AWS Virtual Private Cloud covering network design, routing, security controls, connectivity options, and observability.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/aws-vpc-guide.html">AWS VPC Guide</a></p> <p><strong>Topics covered:</strong></p> <ul> <li><strong>VPC Fundamentals</strong> — CIDR blocks, default VPC, DNS settings, tenancy</li> <li><strong>Subnets</strong> — Public vs private, AZ placement, auto-assign IP, reserved addresses</li> <li><strong>Route Tables</strong> — Local route, internet gateway, NAT gateway, propagation</li> <li><strong>Internet Gateway</strong> — Attach, detach, inbound/outbound internet access</li> <li><strong>NAT Gateway / NAT Instance</strong> — Outbound-only internet for private subnets</li> <li><strong>Security Groups</strong> — Stateful rules, inbound/outbound, reference by SG ID</li> <li><strong>Network ACLs</strong> — Stateless rules, rule numbering, default behaviour</li> <li><strong>VPC Peering</strong> — Cross-account, cross-region, transitive peering limits</li> <li><strong>Transit Gateway</strong> — Hub-and-spoke, route tables, inter-region peering, RAM sharing</li> <li><strong>VPC Endpoints</strong> — Gateway endpoints (S3, DynamoDB), Interface endpoints (PrivateLink)</li> <li><strong>Flow Logs</strong> — VPC/subnet/ENI level, CloudWatch and S3 destinations, log fields</li> <li><strong>DNS</strong> — Route 53 Resolver, inbound/outbound endpoints, DHCP option sets</li> <li><strong>Reference</strong> — CIDR cheat sheet, common patterns, troubleshooting</li> </ul>https://jecklgamis.com/guides/kubernetes-internals-guide/Wed, 13 May 2026 00:00:00 +0000https://jecklgamis.com/guides/kubernetes-internals-guide/<p>A deep-dive into Kubernetes internals covering the control plane, node components, scheduling, networking model, storage abstractions, and the reconciliation loop.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/kubernetes-internals-guide.html">Kubernetes Internals Guide</a></p> <p><strong>Topics covered:</strong></p> <ul> <li><strong>Architecture</strong> — Control plane, data plane, component interactions</li> <li><strong>API Server</strong> — Request lifecycle, admission, RBAC, watch mechanism</li> <li><strong>etcd</strong> — Raft consensus, watch, compaction, backup</li> <li><strong>Scheduler</strong> — Filtering, scoring, preemption, custom schedulers</li> <li><strong>Controller Manager</strong> — Reconciliation loop, informers, work queues</li> <li><strong>kubelet</strong> — Pod lifecycle, CRI, CNI, CSI, node conditions</li> <li><strong>kube-proxy</strong> — iptables vs. ipvs, service VIPs, conntrack</li> <li><strong>Networking</strong> — Pod networking, CNI, services, DNS, NetworkPolicy</li> <li><strong>Storage</strong> — PV/PVC lifecycle, StorageClass, CSI drivers, volume plugins</li> <li><strong>Workloads</strong> — Deployment rollouts, StatefulSet guarantees, DaemonSet scheduling</li> <li><strong>Security</strong> — RBAC, ServiceAccounts, PodSecurity, Secrets encryption</li> <li><strong>Reference</strong> — Internals cheat sheet, useful debugging commands</li> </ul>https://jecklgamis.com/guides/linux-kernel-tuning-guide/Wed, 13 May 2026 00:00:00 +0000https://jecklgamis.com/guides/linux-kernel-tuning-guide/<p>A reference guide for Linux kernel tuning covering virtual memory management, the OOM killer, transparent and explicit hugepages, NUMA topology, CPU scheduling, and network stack sysctl parameters for high-throughput and low-latency workloads.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/linux-kernel-tuning-guide.html">Linux Kernel Tuning Guide</a></p> <p><strong>Topics covered:</strong></p> <ul> <li><strong>Virtual Memory</strong> — vm.swappiness, vm.dirty_ratio, overcommit, page reclaim, kswapd</li> <li><strong>OOM Killer</strong> — OOM score, oom_score_adj, cgroup OOM, disabling OOM, debugging</li> <li><strong>Hugepages</strong> — Transparent hugepages (THP), explicit hugepages, 1GB pages, NUMA interaction</li> <li><strong>NUMA</strong> — Topology, numactl, numastat, NUMA-aware allocation, interleaving</li> <li><strong>CPU Scheduler</strong> — CFS, nice/renice, cgroups cpu.weight, real-time scheduling, taskset/cpuset</li> <li><strong>Network Stack</strong> — Socket buffers, tcp_rmem/wmem, backlog, TIME_WAIT, BBR, offloads</li> <li><strong>I/O Scheduler</strong> — mq-deadline, kyber, bfq, none (NVMe), blktrace</li> <li><strong>Persistent Tuning</strong> — sysctl.d, tuned profiles, systemd-tuned, kernel cmdline</li> <li><strong>Reference</strong> — Tuning cheat sheet, workload-specific profiles</li> </ul>https://jecklgamis.com/guides/linux-process-signals-guide/Wed, 13 May 2026 00:00:00 +0000https://jecklgamis.com/guides/linux-process-signals-guide/<p>A reference guide for Linux process management covering the process lifecycle, fork/exec, signals, process groups, sessions, job control, /proc filesystem, resource limits, and cgroups.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/linux-process-signals-guide.html">Linux Process &amp; Signals Guide</a></p> <p><strong>Topics covered:</strong></p> <ul> <li><strong>Process Lifecycle</strong> — fork, exec, clone, wait, zombie, orphan</li> <li><strong>Process Identity</strong> — PID, PPID, PGID, SID, UID, GID, capabilities</li> <li><strong>/proc Filesystem</strong> — /proc/PID layout, maps, fd, status, cmdline, environ</li> <li><strong>Signals</strong> — Standard signals, real-time signals, signal disposition, sigaction</li> <li><strong>Sending Signals</strong> — kill, pkill, killall, raise, tgkill</li> <li><strong>Job Control</strong> — fg, bg, disown, nohup, setsid, process groups, sessions</li> <li><strong>Resource Limits</strong> — ulimit, /etc/security/limits.conf, prlimit</li> <li><strong>cgroups v2</strong> — Hierarchy, controllers, cpu/memory/io limits, systemd slices</li> <li><strong>Reference</strong> — Signal table, /proc cheat sheet, debugging patterns</li> </ul>https://jecklgamis.com/guides/linux-security-guide/Wed, 13 May 2026 00:00:00 +0000https://jecklgamis.com/guides/linux-security-guide/<p>A reference guide for Linux security covering the Linux capabilities model, seccomp syscall filtering, AppArmor and SELinux MAC systems, Linux namespaces, file permissions and ACLs, the audit subsystem, and PAM.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/linux-security-guide.html">Linux Security Guide</a></p> <p><strong>Topics covered:</strong></p> <ul> <li><strong>Capabilities</strong> — Breaking down root privileges, capability sets, capsh, getcap/setcap</li> <li><strong>seccomp</strong> — Syscall filtering, BPF filters, seccomp-bpf, Docker/container defaults</li> <li><strong>AppArmor</strong> — Profiles, modes (enforce/complain), aa-genprof, common patterns</li> <li><strong>SELinux</strong> — Type enforcement, contexts, booleans, audit2allow, troubleshooting</li> <li><strong>Namespaces</strong> — PID, mount, net, user, UTS, IPC — isolation primitives</li> <li><strong>File Permissions</strong> — chmod, chown, sticky bit, setuid/setgid, umask</li> <li><strong>ACLs</strong> — getfacl, setfacl, default ACLs, mask</li> <li><strong>Linux Audit</strong> — auditd, auditctl, ausearch, aureport, rules</li> <li><strong>PAM</strong> — pam.d configuration, common modules, MFA patterns</li> <li><strong>Reference</strong> — Hardening checklist, capability table, seccomp cheat sheet</li> </ul>https://jecklgamis.com/guides/linux-systemd-guide/Wed, 13 May 2026 00:00:00 +0000https://jecklgamis.com/guides/linux-systemd-guide/<p>A reference guide for systemd covering unit files, service management, targets, timers, socket activation, journald log querying, and cgroups v2 integration.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/linux-systemd-guide.html">Linux Systemd Guide</a></p> <p><strong>Topics covered:</strong></p> <ul> <li><strong>systemctl</strong> — start, stop, enable, mask, list-units, status, daemon-reload</li> <li><strong>Service Units</strong> — ExecStart, Type, Restart, dependencies, sandboxing options</li> <li><strong>Targets</strong> — Boot targets, changing default, emergency/rescue mode</li> <li><strong>Timers</strong> — Monotonic and realtime timers, replacing cron</li> <li><strong>Socket Activation</strong> — On-demand service startup via socket units</li> <li><strong>journald</strong> — journalctl filtering, structured logs, persistent storage, forwarding</li> <li><strong>cgroups Integration</strong> — Slices, scopes, resource controllers via systemd</li> <li><strong>Boot Analysis</strong> — systemd-analyze, blame, critical-chain</li> <li><strong>Reference</strong> — Unit file cheat sheet, common patterns, troubleshooting</li> </ul>https://jecklgamis.com/guides/docker-internals-guide/Thu, 07 May 2026 00:00:00 +0000https://jecklgamis.com/guides/docker-internals-guide/<p>Docker is a layered system built on top of Linux kernel primitives. Understanding its internals helps with debugging, performance tuning, and security hardening.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/docker-internals-guide.html">Docker Internals</a></p> <p><strong>Topics covered:</strong></p> <ul> <li><strong>Component Map</strong> — how dockerd, containerd, the shim, and runc relate to each other</li> <li><strong>dockerd</strong> — REST API, daemon.json, live-restore, and key file paths</li> <li><strong>containerd</strong> — snapshotter, content store, metadata store, and the <code>ctr</code> tool</li> <li><strong>runc &amp; shim</strong> — OCI bundle structure, clone(2), pivot_root, and the startup sequence</li> <li><strong>docker run Flow</strong> — end-to-end walkthrough from CLI to a running container process</li> <li><strong>Namespaces</strong> — pid, net, mnt, uts, ipc, user, cgroup — what each isolates and how to inspect them</li> <li><strong>cgroups v1 &amp; v2</strong> — memory, cpu, io, pids limits and how docker run flags map to cgroup files</li> <li><strong>Capabilities</strong> — Docker&rsquo;s default capability set, cap-drop/cap-add, and inspection</li> <li><strong>Seccomp</strong> — default filter, custom profiles, debugging blocked syscalls</li> <li><strong>OverlayFS</strong> — lowerdir/upperdir/workdir, copy-on-write mechanics, whiteout files</li> <li><strong>Image Layers</strong> — OCI image layout, content-addressed blobs, layer caching in builds</li> <li><strong>Volumes &amp; Mounts</strong> — volume, bind, and tmpfs mount types and their implementation</li> <li><strong>Network Drivers</strong> — bridge, host, overlay, macvlan, ipvlan, none</li> <li><strong>Bridge Network</strong> — docker0, user-defined bridges, veth pairs, and inter-container DNS</li> <li><strong>veth &amp; iptables</strong> — veth pair lifecycle, MASQUERADE/DNAT rules, port mapping internals</li> <li><strong>DNS &amp; Service Discovery</strong> — embedded resolver at 127.0.0.11, name resolution flow</li> <li><strong>Reference</strong> — inspection commands, cgroup limits table, storage driver comparison</li> </ul>https://jecklgamis.com/guides/linux-networking-tools-guide/Sat, 02 May 2026 00:00:00 +0000https://jecklgamis.com/guides/linux-networking-tools-guide/<p>A reference guide for Linux networking tools covering interface management, firewalling, socket inspection, packet analysis, DNS, and connectivity testing.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/linux-networking-tools-guide.html">Linux Networking Tools Guide</a></p> <p><strong>Tools covered:</strong></p> <ul> <li><strong>Interfaces &amp; Routes</strong> — <code>ip link</code>, <code>ip addr</code>, <code>ip route</code>, <code>ip neigh</code>, <code>ip rule</code></li> <li><strong>Firewalling</strong> — <code>iptables</code>, <code>nft</code></li> <li><strong>Sockets</strong> — <code>ss</code>, <code>netstat</code></li> <li><strong>Packet Analysis</strong> — <code>tcpdump</code>, <code>tshark</code></li> <li><strong>DNS</strong> — <code>dig</code>, <code>resolvectl</code>, <code>host</code>, <code>nslookup</code></li> <li><strong>Connectivity</strong> — <code>ping</code>, <code>traceroute</code>, <code>mtr</code>, <code>nc</code>, <code>curl</code>, <code>nmap</code></li> <li><strong>Hardware / Wireless</strong> — <code>ethtool</code>, <code>iw</code></li> <li><strong>Namespaces</strong> — <code>ip netns</code></li> <li><strong>Reference</strong> — Cheat sheet, troubleshooting patterns</li> </ul>https://jecklgamis.com/guides/linux-storage-guide/Sat, 02 May 2026 00:00:00 +0000https://jecklgamis.com/guides/linux-storage-guide/<p>A reference guide for Linux storage and filesystem management covering block device enumeration, partition management, LVM, software RAID, filesystem creation, mounting, disk usage analysis, filesystem repair, and S.M.A.R.T. health monitoring.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/linux-storage-guide.html">Linux Storage &amp; Filesystems Guide</a></p> <p><strong>Tools covered:</strong></p> <ul> <li><strong>Enumerate</strong> — <code>lsblk</code>, <code>blkid</code></li> <li><strong>Partitions</strong> — <code>fdisk</code>, <code>gdisk</code>, <code>parted</code></li> <li><strong>Logical Volume Manager</strong> — <code>pvcreate</code>, <code>vgcreate</code>, <code>lvcreate</code>, <code>lvextend</code>, snapshots, thin provisioning</li> <li><strong>Software RAID</strong> — <code>mdadm</code> (RAID 0, 1, 5, 6, 10), hot spares, drive replacement</li> <li><strong>Format</strong> — <code>mkfs.ext4</code>, <code>mkfs.xfs</code>, <code>mkfs.btrfs</code>, <code>mkswap</code></li> <li><strong>Mount</strong> — <code>mount</code>, <code>umount</code>, <code>/etc/fstab</code>, <code>findmnt</code></li> <li><strong>Disk usage</strong> — <code>df</code>, <code>du</code>, inode exhaustion</li> <li><strong>Repair</strong> — <code>fsck</code>, <code>e2fsck</code>, <code>xfs_repair</code></li> <li><strong>Metadata</strong> — <code>tune2fs</code>, <code>xfs_info</code>, <code>xfs_admin</code></li> <li><strong>Health</strong> — <code>smartctl</code>, <code>smartd</code></li> <li><strong>Recipes</strong> — Add a new disk end-to-end, extend LVM online, replace a failed RAID drive, diagnose inode exhaustion</li> </ul>https://jecklgamis.com/guides/linux-traffic-control-guide/Sat, 02 May 2026 00:00:00 +0000https://jecklgamis.com/guides/linux-traffic-control-guide/<p>A reference guide for Linux traffic control covering egress and ingress shaping, WAN emulation for testing, hierarchical bandwidth allocation, and modern AQM qdiscs.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/linux-traffic-control-guide.html">Linux Traffic Control (tc) Guide</a></p> <p><strong>Tools and topics covered:</strong></p> <ul> <li><strong>tc basics</strong> — <code>tc qdisc show</code>, <code>tc class show</code>, <code>tc filter show</code>, <code>tc -s</code> statistics, add/change/del/replace syntax</li> <li><strong>netem</strong> — Network emulator: delay, jitter, packet loss, corruption, duplication, and reordering</li> <li><strong>tbf</strong> — Token Bucket Filter: smooth single-rate egress shaping</li> <li><strong>htb</strong> — Hierarchical Token Bucket: class-based bandwidth allocation with guaranteed rates, ceilings, and borrowing</li> <li><strong>fq_codel</strong> — Fair queuing + CoDel AQM; default qdisc on many modern distros</li> <li><strong>cake</strong> — Modern all-in-one qdisc with bandwidth shaping, NAT-aware fairness, and DSCP prioritisation</li> <li><strong>Ingress shaping (ifb)</strong> — How to shape incoming traffic using the ifb virtual device redirect trick</li> <li><strong>tc filters</strong> — <code>u32</code>, <code>flower</code>, and <code>bpf</code> filter types for classifying traffic by IP, port, DSCP, and MAC</li> <li><strong>Practical recipes</strong> — Bad WAN simulation, per-IP rate limiting, 3-tier HTB priority setup, and full reset</li> <li><strong>Reference cheat sheet</strong> — Show commands, netem/tbf/cake one-liners, HTB skeleton, and interface reset</li> </ul>https://jecklgamis.com/guides/linux-async-io/Tue, 28 Apr 2026 00:00:00 +0000https://jecklgamis.com/guides/linux-async-io/<p>A guide to the evolution of async I/O in Linux — from blocking syscalls and <code>select</code>/<code>poll</code> to <code>epoll</code> event loops and the modern <code>io_uring</code> interface.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/linux-async-io.html">Async I/O in Linux</a></p> <p><strong>Topics covered:</strong></p> <ul> <li><strong>Blocking I/O</strong> — the default model, why it limits concurrency</li> <li><strong>Non-blocking I/O</strong> — <code>O_NONBLOCK</code>, busy-polling, and its limits</li> <li><strong>select / poll</strong> — the first generation of I/O multiplexing</li> <li><strong>epoll</strong> — scalable event notification, level vs edge triggering, used by nginx, Node.js, Redis</li> <li><strong>POSIX AIO</strong> — the kernel&rsquo;s older async interface and why it fell short</li> <li><strong>io_uring</strong> — submission and completion queues, zero-copy, fixed buffers, probing, liburing</li> <li><strong>Comparison</strong> — all five approaches side by side</li> <li><strong>When to use what</strong> — decision guide by workload</li> </ul>https://jecklgamis.com/guides/linux-fault-injection-guide/Tue, 28 Apr 2026 00:00:00 +0000https://jecklgamis.com/guides/linux-fault-injection-guide/<p>A reference guide for Linux fault injection and stress tools covering CPU, memory, disk I/O, network, kernel, and process-level fault injection.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/linux-fault-injection-guide.html">Linux Fault Injection &amp; Stress Tools Guide</a></p> <p><strong>Tools covered:</strong></p> <ul> <li><strong>Load / CPU</strong> — <code>stress-ng</code>, <code>stress</code>, <code>cpuburn</code></li> <li><strong>Memory</strong> — <code>stress-ng --vm</code>, <code>memtester</code></li> <li><strong>Disk / IO</strong> — <code>fio</code>, <code>dm-flakey</code></li> <li><strong>Network</strong> — <code>tc netem</code>, <code>toxiproxy</code></li> <li><strong>Kernel</strong> — <code>sysrq</code>, <code>fail debugfs</code>, <code>libfiu</code></li> <li><strong>Process</strong> — <code>kill / signals</code>, <code>cgroups limits</code></li> <li><strong>Reference</strong> — Chaos engineering principles, tool selection guide, signal table</li> </ul>https://jecklgamis.com/guides/linux-packet-journey/Tue, 28 Apr 2026 00:00:00 +0000https://jecklgamis.com/guides/linux-packet-journey/<p>A packet entering or leaving a Linux host passes through a well-defined sequence of kernel subsystems. Understanding this journey helps when debugging connectivity, writing eBPF programs, or tuning firewall rules.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/linux-packet-journey.html">Linux Network Stack — Packet Journey</a></p> <p><strong>Topics covered:</strong></p> <ul> <li><strong>Paths</strong> — Inbound, Outbound, and Packet Forwarding paths with step-by-step diagrams</li> <li><strong>NIC &amp; NAPI</strong> — DMA, ring buffers, interrupt coalescing, and tunables</li> <li><strong>XDP</strong> — eXpress Data Path: modes (native/generic/offloaded/AF_XDP), actions, C example</li> <li><strong>sk_buff</strong> — kernel socket buffer structure, key fields, zero-copy operations</li> <li><strong>Traffic Control (TC)</strong> — qdiscs, classes, filters, eBPF attachment via clsact</li> <li><strong>Netfilter</strong> — five hook points, table evaluation order, iptables/nftables commands</li> <li><strong>conntrack</strong> — connection states, TCP state machine, table exhaustion</li> <li><strong>IP Layer</strong> — FIB routing lookup, fragmentation, MTU</li> <li><strong>Transport (TCP/UDP)</strong> — reassembly, socket demux, congestion control, key sysctls</li> <li><strong>Sockets</strong> — send/receive buffers, socket types including AF_XDP</li> <li><strong>eBPF Hooks</strong> — XDP, TC, socket ops, sk_skb, cgroup/skb programs with examples</li> <li><strong>Reference</strong> — Netfilter chain lookup table, Ethernet/IP/TCP packet structure</li> <li><strong>Tuning</strong> — sysctl parameters for throughput, latency, and connection capacity</li> </ul>https://jecklgamis.com/guides/linux-sysctl-guide/Tue, 28 Apr 2026 00:00:00 +0000https://jecklgamis.com/guides/linux-sysctl-guide/<p>A reference guide for Linux <code>sysctl</code> — reading, writing, and persisting kernel parameters.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/linux-sysctl-guide.html">Linux sysctl Guide</a></p> <p><strong>Topics covered:</strong></p> <ul> <li><strong>sysctl basics</strong> — reading, writing, persisting, and the <code>/proc/sys</code> filesystem</li> <li><strong>Networking</strong> — TCP buffers, connection queues, TIME_WAIT, BBR, ip_forward, conntrack</li> <li><strong>Memory &amp; VM</strong> — swappiness, dirty ratios, OOM killer, hugepages, overcommit</li> <li><strong>Kernel</strong> — pid_max, core dumps, dmesg, panic behaviour, scheduler</li> <li><strong>Security</strong> — ASLR, dmesg_restrict, unprivileged BPF, SYN cookies</li> <li><strong>Reference</strong> — parameter lookup table, sysctl.d config, runtime vs persistent changes</li> </ul>https://jecklgamis.com/guides/load-shedding-guide/Tue, 28 Apr 2026 00:00:00 +0000https://jecklgamis.com/guides/load-shedding-guide/<p>A summary of load shedding patterns for keeping services stable under overload. Based on the AWS Builders&rsquo; Library article <a href="https://aws.amazon.com/builders-library/using-load-shedding-to-avoid-overload/">Using load shedding to avoid overload</a>.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/load-shedding-guide.html">Load Shedding to Avoid Overload</a></p> <p><strong>Topics covered:</strong></p> <ul> <li><strong>Goodput vs throughput</strong> — why raw throughput is a misleading metric under overload</li> <li><strong>Positive feedback loops</strong> — how retries and cascading timeouts amplify load</li> <li><strong>Prioritization</strong> — health checks, critical operations, request types</li> <li><strong>Timeout propagation</strong> — deadline hints across multi-hop services</li> <li><strong>Queue management</strong> — age limits, LIFO ordering, bounded queues</li> <li><strong>Layered protection</strong> — load balancers, OS, service framework, cloud services</li> <li><strong>Visibility gotchas</strong> — latency metric pollution, false positives, instrumentation</li> <li><strong>Auto-scaling interactions</strong> — why load shedding and reactive scaling can conflict</li> </ul>https://jecklgamis.com/guides/linux-perf-tools-guide/Mon, 27 Apr 2026 00:00:00 +0000https://jecklgamis.com/guides/linux-perf-tools-guide/<p>A reference guide for Linux performance tools covering CPU, memory, disk I/O, network, process inspection, and eBPF tracing.</p> <p>View the full interactive guide: <a href="https://jecklgamis.com/guides/linux-perf-tools-guide.html">Linux Performance Tools Guide</a></p> <p><strong>Tools covered:</strong></p> <ul> <li><strong>CPU</strong> — <code>top</code>, <code>htop</code>, <code>mpstat</code>, <code>vmstat</code>, <code>pidstat</code>, <code>perf</code></li> <li><strong>Memory</strong> — <code>free</code>, <code>smem</code>, <code>pmap</code></li> <li><strong>Disk / I/O</strong> — <code>iostat</code>, <code>iotop</code>, <code>df</code>, <code>du</code>, <code>lsof</code></li> <li><strong>Network</strong> — <code>ss</code>, <code>netstat</code>, <code>iftop</code>, <code>nethogs</code>, <code>tcpdump</code>, <code>ping</code>, <code>mtr</code></li> <li><strong>Process</strong> — <code>ps</code>, <code>strace</code>, <code>ltrace</code></li> <li><strong>Tracing / eBPF</strong> — <code>bpftrace</code>, BCC tools, <code>ftrace</code></li> <li><strong>All-in-one</strong> — <code>sar</code>, <code>dstat</code>, <code>glances</code>, <code>atop</code></li> <li><strong>Reference</strong> — USE Method, load average, signals</li> </ul>https://jecklgamis.com/guides/go-grpc-example/Sat, 25 Apr 2026 00:00:00 +0000https://jecklgamis.com/guides/go-grpc-example/<p>A Go gRPC example implementing a simple in-memory key-value store with three components: a gRPC server, a REST-to-gRPC gateway, and a CLI client.</p> <p>Source: <a href="https://github.com/jecklgamis/go-grpc-example">github.com/jecklgamis/go-grpc-example</a></p> <h2 id="features">Features</h2> <ul> <li>gRPC server with <code>Put</code> and <code>Get</code> operations backed by an in-memory store</li> <li>REST gateway via <code>grpc-gateway</code> that proxies HTTP to gRPC</li> <li>CLI client supporting both plain and TLS connections</li> <li>Protobuf-defined API with auto-generated Go stubs</li> <li>Docker image bundling all three binaries under <code>supervisord</code></li> </ul> <h2 id="architecture">Architecture</h2> <pre tabindex="0"><code>cmd/ server/ → gRPC server entry point (port 4000) gateway/ → REST-to-gRPC proxy entry point (port 8080) client/ → CLI client entry point pkg/ kvstore/ → kvstore.proto + generated stubs (*.pb.go, *.pb.gw.go) server/ → in-memory map store implementation gateway/ → grpc-gateway reverse proxy client/ → gRPC client wrapper version/ → build version injected via ldflags </code></pre><p><strong>Data flow:</strong> REST clients → gateway (<code>:8080</code>) → gRPC server (<code>:4000</code>). gRPC clients connect to the server directly.</p>https://jecklgamis.com/guides/lanecove-tunnel/Thu, 23 Apr 2026 00:00:00 +0000https://jecklgamis.com/guides/lanecove-tunnel/<p>Lane Cove Tunnel is a learning-focused VPN implementation in C that builds a layer 3 overlay network over UDP. It covers the same conceptual ground as WireGuard — X25519 key exchange, AES-256-GCM encryption, identity hiding, replay protection — but written from scratch to make the internals visible and understandable.</p> <blockquote> <p><strong>Not for production use.</strong> The cryptography has not been audited or hardened.</p> </blockquote> <p>Source: <a href="https://github.com/jecklgamis/lanecove-tunnel">github.com/jecklgamis/lanecove-tunnel</a></p> <h2 id="how-it-works">How It Works</h2> <p>Every node runs the same <code>peer</code> binary. Two topologies are supported.</p>https://jecklgamis.com/guides/gatling-scala-example/Thu, 16 Apr 2026 00:00:00 +0000https://jecklgamis.com/guides/gatling-scala-example/<p>A Gatling load testing example in Scala with multiple ways to run simulations against an HTTP target.</p> <h2 id="features">Features</h2> <ul> <li>Simulation written in Scala using the Gatling DSL</li> <li>Configurable via system properties (URL, duration, rate, thresholds)</li> <li>Four execution modes: Maven plugin, executable jar, Docker, Kubernetes Job</li> <li>Bundled Node.js HTTP test server as a minimal system under test</li> <li>Helm chart for Kubernetes deployment</li> <li>GitHub template — clone from a clean slate with one click</li> </ul> <h2 id="getting-started">Getting Started</h2> <h3 id="requirements">Requirements</h3> <ul> <li>JDK 21</li> <li>Node.js (for the bundled test server)</li> <li>Maven</li> <li>Docker (optional)</li> </ul> <h3 id="start-the-test-app">Start the Test App</h3> <p>The included test server is a minimal Node.js HTTP server that echoes requests back.</p>https://jecklgamis.com/guides/langgraph-agent-with-tools-guardrails-and-memory/Wed, 15 Apr 2026 00:00:00 +0000https://jecklgamis.com/guides/langgraph-agent-with-tools-guardrails-and-memory/<p>A LangGraph agent with local function tools, guardrails, memory, human-in-the-loop, and optional MCP server connections.</p> <h2 id="features">Features</h2> <ul> <li>Local tools: filesystem, network, web search, math, bash</li> <li>Optional MCP server connections (math, perf)</li> <li>Configurable LLM providers: Ollama (default), OpenAI, Google Gemini, Anthropic, Microsoft Azure, Meta, DeepSeek, Mistral, xAI, OpenRouter</li> <li>Conversation memory via LangGraph checkpointing (SQLite)</li> <li>Guardrails: input validation, LLM-as-judge, output PII redaction, bash command denylist</li> <li>Human-in-the-loop tool call confirmation</li> <li>Graceful error handling for LLM connection failures</li> <li>HTTP API via FastAPI with streaming support</li> <li>Playground UI at <code>/playground</code></li> <li>React frontend under <code>frontend/</code></li> <li>LangSmith tracing support</li> </ul> <h2 id="getting-started">Getting Started</h2> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>uv sync </span></span><span style="display:flex;"><span>./run-cli-agent.sh </span></span></code></pre></div><p>For a different LLM provider:</p>https://jecklgamis.com/guides/websocket-client-server-skeleton-using-fastapi/Wed, 15 Apr 2026 00:00:00 +0000https://jecklgamis.com/guides/websocket-client-server-skeleton-using-fastapi/<p>A production-ready WebSocket client/server app using FastAPI.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>docker run --rm --name websocket-python-example -p 8080:8080 -it jecklgamis/websocket-python-example:main </span></span></code></pre></div><h2 id="tech-stack">Tech Stack</h2> <ul> <li><strong>FastAPI</strong> - async web framework with WebSocket support</li> <li><strong>websockets</strong> - WebSocket client library</li> <li><strong>Pydantic v2</strong> - validation and settings management</li> <li><strong>Docker</strong> - containerized deployment (Python 3.12-slim)</li> <li><strong>Helm</strong> - Kubernetes deployment chart</li> <li><strong>Ruff</strong> - linting and formatting</li> <li><strong>pytest</strong> - testing with async support</li> </ul> <h2 id="project-structure">Project Structure</h2> <pre tabindex="0"><code>├── app/ │ ├── __init__.py # Global logging init (INFO level) │ ├── main.py # FastAPI application entry point │ ├── config.py # Environment-specific settings (dev/test/prod) │ └── routers/ # API route handlers │ └── websocket.py # WebSocket /ws endpoint ├── tests/ # Test suite ├── deployment/ │ └── k8s/helm/ # Helm chart and deploy Makefile ├── websocket_client.py # WebSocket client ├── run-server.sh # Start the server ├── run-client.sh # Start the client ├── Dockerfile ├── Makefile └── pyproject.toml </code></pre><h2 id="getting-started">Getting Started</h2> <h3 id="prerequisites">Prerequisites</h3> <ul> <li>Python 3.12+</li> <li><a href="https://github.com/astral-sh/uv">uv</a> (recommended)</li> <li><a href="https://www.docker.com/">Docker</a> (for containerized deployment)</li> </ul> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span><span style="color:#75715e"># Clone the repository</span> </span></span><span style="display:flex;"><span>git clone git@github.com:jecklgamis/websocket-python-example.git <span style="color:#f92672">&amp;&amp;</span> cd websocket-python-example </span></span></code></pre></div><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span><span style="color:#75715e"># Install dependencies</span> </span></span><span style="display:flex;"><span>make install-deps </span></span></code></pre></div><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span><span style="color:#75715e"># Start the dev server (uses .env.dev by default)</span> </span></span><span style="display:flex;"><span>make run-dev </span></span></code></pre></div><p>The server will be available at <code>http://localhost:8080</code>. This will reload on file changes.</p>https://jecklgamis.com/contact/Mon, 01 Jan 0001 00:00:00 +0000https://jecklgamis.com/contact/<p>The best way to reach me is by email: <strong><a href="mailto:jecklgamis@gmail.com">jecklgamis@gmail.com</a></strong></p> <p>You can also find me on:</p> <ul> <li><a href="https://www.github.com/jecklgamis">GitHub</a></li> <li><a href="https://twitter.com/jecklgamis">Twitter</a></li> </ul>https://jecklgamis.com/privacy-policy/Mon, 01 Jan 0001 00:00:00 +0000https://jecklgamis.com/privacy-policy/<p>Last updated: April 30, 2026</p> <h2 id="overview">Overview</h2> <p>jecklgamis.com is a personal website for software engineering guides, projects, and notes. This page explains what data is collected when you visit and how it is used.</p> <h2 id="analytics">Analytics</h2> <p>This site uses <strong>Google Analytics 4</strong> to collect anonymous usage data, including pages visited, time on page, and general location (country/region). This data helps understand which content is useful and how the site is being used.</p>