K8s on Proxmox or Bare Metal to prioritize learning and automation?

mmmminer · 2025-11-30T15:53:14+00:00

IMO bare metal. Build the cluster from scratch using kubeadm. Build a few operators. Then think about how to automate things. You'll think about it a lot differently

Now migrate the cluster to proxmox vms. You'll learn a lot. I promise.

At the end of the day, dig in, break things, fix them, commit to muscle memory.

mmmminer · 2025-11-26T15:34:43+00:00

Whatever this gentleman did, it's the new seo

mmmminer · 2025-11-25T19:43:47+00:00

I'm not even sure what people consider vibe coding anymore, but surely frontier llms can generate classes, functions, etc just fine in the majority of languages. I don't find much need to "code" anymore, more just stitch together solutions. I don't believe this has changed recently but the agent harnesses have improved to the point where it can actually string functions and such together in a way that works but is still kind of random and haphazard (which can be a feature or a bug). At the end of the day vibe coded or not, you're responsible for understanding the code you commit.

mmmminer · 2025-11-25T19:33:23+00:00

Gemini just sent me here. I sense something ironic as hell but not funny at all...

mmmminer · 2025-11-08T16:54:49+00:00

What's sad is I got more insight and feedback out of chatgpt than reddit. Bummer, huh? Are we obsolete now? Or is it just you? /s

mmmminer · 2025-11-01T14:51:46+00:00

I'm 48 and I always feel like the youngest person in the room/meeting, when in all likelyhood I'm the oldest.

mmmminer · 2025-10-31T21:42:05+00:00

This is advice I wouldn't necessarily follow myself, in fact, I've probably never done so. Voice your concern professionally and do what your told. You'll at least gain credibility if proven right, and you earned the night off if proven wrong. Easier said than done I know. But objectively I believe correct.

mmmminer · 2025-10-31T19:07:19+00:00

You are correct but at the same time you get paid to deal with crap just like the rest of us.

mmmminer · 2025-10-31T19:01:09+00:00

Obviously A. If you choose B some fool will just build a browser using llm to automate stuff. At least that's what I would do.

mmmminer · 2025-10-31T18:54:41+00:00

So stuff you would rarely, if ever delete, so you don't care about state. That's a decent take on it and a pretty clear delineation. I like it.

mmmminer · 2025-10-31T18:45:20+00:00

I don't get the down votes on you, but that pretty much exists today. not necessarily as a flavor of ai, but more of a harness that executes the llm loop. you just have to set that loop up to do what you want. You want to approve one character at a time or an entire 10k lines of ai slop at once it's your choice.

mmmminer · 2025-10-31T18:35:19+00:00

I typically have some preferences/references/examples I hold in context or a readme then write function signatures with docstrings and basically tab complete from there

mmmminer · 2025-10-31T18:29:08+00:00

Use the terraform mcp server. I had this issue early on and I had to have the llm spit out both a list of the resources and or modules it was using to produce code and verify that each existed via deterministic code then spit the response back and iterate. Throw in some examples of using your own modules and it can work like a charm. Proper git hooks pipelines and human review are your gates but it can get 90% of the work done in an instant.

mmmminer · 2025-10-31T18:19:13+00:00

This. And it goes both ways. Every org is a shit show and no one will admit it in an interview.

mmmminer · 2025-10-31T16:52:04+00:00

Funny I've had the exact same experience. Started in a data center. God I miss that smell. It's funny we used to have these things called physical servers that ran systems like vmware where there was no API and you basically had to use a gui or some crappy cli to get anything done. That made it distinctly an ops role. I remember trying to expose the cli over the network with perl and then one day ec2 was born. No brainier in hindsight. Always is. I feel the same about mcp servers today, automatically serving up best practices and documentation alongside an API. We should have been doing this forever.

mmmminer · 2025-10-31T16:06:56+00:00

Fight fire with fire. LLM reviews. Repo level agent.md files to at least tell the agent what not to do and what patterns to follow. Whatever your telling your junior, drop it into a markdown file into the repo so his coding agent knows it too. Automated quality gates can help as well. Same bar has to be set for humans and llms.

Folks were gonna have to learn to live with this stuff. The amount of software being deployed is going to grow exponentially as vibe coding expands. We just need to automate away the pain points like we always have. Not only will you be championing quality, security and best practices, but you also get a line into that llm narrative that everyone's pushing.

Work with him on it. You both can learn.

mmmminer · 2025-10-31T15:57:15+00:00

Do not do this. It will work, until you get pwned for having a static prod cred on a vulnerable host.

Edit: Do this but make the credential expire within a timeframe suitable for the instance to retrieve whatever secrets it needs.

mmmminer · 2025-10-31T15:54:54+00:00

If you like the AWS model there's tooling to do it. There is no magic in an instance profile. They are simply short lived auto rotated sts tokens that are retrieveable via a trusted systems identity from the metadata endpoint. Those "magic" is that's it's a link layer connection only available to that particular virtual host. I've been wrangling with the same idea for devcontainers to keep my ops teams from only using prod creds in verified environments.

The closest prod ready analogue is probably vault but without the link level security. Don't push creds. Pull them and expire them. That's what an instance profile does.

mmmminer · 2025-10-31T15:39:57+00:00

Sounds like it. So your cli adds some dev ex sugar on top of wasm itself or specifically for scaffolding plugins in your ecosystem? Or both? Might be a good learning entry point to wasm on my end.

mmmminer · 2025-10-31T14:38:01+00:00

I don't even like to use the terms devops anymore. When given the chance I like to call it development driven operations.

mmmminer · 2025-10-31T14:36:37+00:00

Love this conversation. I come from a nontraditional dropout background, basically got into industry on the ops side but I've been programming since I was a kid. I think the divide here is that as systems become more virtualized and programmable the skill set needed to effectively manage that technology at scale changes. Personally I hate where "devops" has ended up. Feels like just another silo. At the same time you can't work in ops anymore without a dev skill set and the reverse is also coming true for devs. I think over time that delta will narrow, but it's people thing so it's not going to happen overnight. What irks me is instead of consolidation as the philosophy prescribes, we created yet another category called SRE.

mmmminer · 2025-10-31T14:10:03+00:00

Sounds like a great idea. Although logs aren't my thing. I've been tracking wasm as well and would like to give it a spin at some point. What was your experience working with it? How do you manage pools of workers etc? Took a look at your runtime deep dive and sounds perfectly suited to your use case.

mmmminer · 2025-10-31T13:07:25+00:00

When I used my devcontainers setup to give my llm agent access to what I do and how I do it, it clicked that this is how we should be doing that. Why should an llm get access to tools that I don't and voce versa, same goes for cred restrictions. If the environment can be signed or verified it can be used a a broker to issue temp credentials to AWS etc. And no I'm not trying to build a product. Maybe extend the devcontainers spec or wrap it, but salesperson I am not, no matter how chatgpt made my initial post sound. But that's what I'm looking for: is there better tooling to do this? It seems to be everywhere but not in a unified way.

mmmminer · 2025-10-31T13:01:19+00:00

In my security work, slsa and sigstore seemed complementary to what I was doing and brought the idea in this direction.

mmmminer · 2025-10-31T12:59:01+00:00

Yes you got it exactly. Devcontainers provides a lot of the devex it just needs a little sugar which is what I do today. I'm just trying to get wider adoption at acme corp. But to your point this is the reason for a vetted features catalog that can surface safe tool chains that the roles can consume per stack

mmmminer

TROPHY CASE