Have you ever looked at what was once ttek scripts? They’re a spaghetti of calls to other scripts. It’s not pretty. And not intuitive to audit.

An apipa address is a sign that networking is not working as intended. This should be resolved first before assigning a class C private addr manually.

deleted by creator

I don’t use access control, I lock down with networking and filters.

I agree, NFS is eazy peazy, livin greazy.

I have an old ds211j synology for backup. I just can’t bring myself to replace it, it still works. However, it doesn’t support zfs. I wish I could get another Linux running on this thing.

However, NFS does work on it and is so simple and easy to lock down, it works in a ton of corner cases like mine.

My issue with mgmt.config is that it bills itself as an api-driven “modern” orchestrator, but as soon as you don’t have systemd on clients, it becomes insanely complicated to blast out simple changes.

Mgmt.config also claims to be “easy”, but you have to learn MCL’s weird syntax, which the issue I have with chef and its use of ruby.

Yes, ansible is relatively simple, but it runs on anything (including being supported on actual arm64) and I daresay that layering roles and modules makes ansible quite powerful.

It’s kind of like nagios… Nagios sucks. But it has such a massive library of monitoring tricks and tools that it will be around forever.

Running the k8s in their own VM will allow you to hedge against mistakes and keep some separation between infra and kube.

I personally don’t use proxmox anymore, but I deploy with ansible and roles, not k8s anymore.

What is your definition of “proper”, in this context?