Blog

I write about DevOps, WordPress hosting, cloud infrastructure, and web development. Here you'll find technical deep-dives, practical guides, and lessons learned from building and scaling production systems.

Scroll

  1. copy.fail (CVE-2026-31431): a small Linux kernel bug with an unusually big blast radius

    copy.fail is a Linux kernel local privilege escalation disclosed on 29 April 2026. It works on nearly every modern distribution, leaves no on-disk trace, and slips past Kubernetes' default seccomp. Why it matters and what to do.

    1631 words
  2. HashiCorp Vault vs OpenBao: a thorough comparison for platform teams

    Two secrets managers, one shared codebase, two very different licenses. A deep, practical comparison of HashiCorp Vault and OpenBao for platform engineers picking between them.

    4605 words
  3. Symfony at 20: what the quiet framework got right

    Symfony turned twenty in October 2025. While Laravel captured developer mindshare, Symfony quietly won the architecture layer: the components that half the PHP ecosystem depends on without realizing it.

    1685 words
  4. WordPress Playground + MCP: AI coding agents meet a disposable WordPress environment

    The @wp-playground/mcp package connects Claude Code and Gemini CLI to browser-based WordPress instances via the Model Context Protocol. You describe a plugin, the agent builds it. No Docker, no local PHP. Here is what works, what doesn't, and why it matters.

    1611 words
  5. WordPress 7.0's real-time collaboration: what managed hosts need to prepare

    WordPress 7.0's real-time collaboration changes the load profile of every multi-user editing session. HTTP polling at one-second intervals, a new database table, and disabled post caches during active edits. Here's what hosting operators need to prepare before RTC ships.

    1797 words
  6. Self-hosted email in 2026: harder than ever, more important than ever

    Gmail rejects non-compliant email at the protocol level. Microsoft does the same. Running your own mail server in 2026 means maintaining SPF, DKIM, DMARC, MTA-STS, TLS, DNSSEC, correct PTR records, and a pristine sender reputation. Here's how to decide whether it's worth it.

    1836 words
  7. FinOps for Kubernetes: when "it works" isn't enough

    Most Kubernetes clusters that 'just work' are quietly burning money. Average CPU utilization sits at 10%. This article covers where the waste hides, why EU cloud providers change the math, and which tools give you cost visibility without a six-month FinOps program.

    1710 words
  8. OpenTofu vs Terraform in 2026: the fork finally diverged

    Three years after the fork, OpenTofu and Terraform have diverged in licensing, governance, and technical features. For EU teams evaluating infrastructure-as-code strategy, the choice is no longer theoretical.

    1950 words
  9. GitHub Actions agentic workflows: natural-language CI/CD meets reality

    GitHub's February 2026 technical preview lets you describe CI/CD tasks in Markdown and have AI agents execute them in sandboxed containers. The security model is thoughtful, the use cases are specific, and the limitations are real.

    1187 words
  10. Kyverno graduated: what CNCF top-level status means for Kubernetes policy

    Kyverno graduated to CNCF top-level at KubeCon EU Amsterdam. With 9,000+ GitHub stars and adopters like LinkedIn, Bloomberg, and Deutsche Telekom, the project has earned its place alongside Kubernetes and Prometheus. Here is what graduation signals for teams evaluating policy-as-code.

    714 words
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. 6
  8. Next page

Start typing to search, or browse the knowledge base and blog.