SumGuy's Ramblings
The art of wasting time.
Docker, self-hosting, AI/LLM, Linux, and DevOps — explained by someone who learned the hard way. No fluff, no enterprise jargon, just practical stuff that actually works on real hardware.
Recent Posts
-
Garden vs Tilt vs Skaffold
Three inner-loop dev tools for Kubernetes — Garden, Tilt, and Skaffold. Which one actually makes K8s development bearable? Honest comparison, no fluff.
9 min read -
Lima vs Multipass
VM-backed Linux dev environments on macOS/Linux — Lima vs Multipass compared on speed, container support, and resource use.
10 min read -
Riemann: The Forgotten Event-Stream Monitor for Home Labs
Riemann processes events as streams, not time-series. Here is why that distinction matters and when Clojure-based stream alerting still beats Prometheus rules.
10 min read -
Compose Watch: Faster Dev Loops
Docker Compose Watch syncs your code into running containers without rebuilds. Here's how to set it up and why your dev loop is about to get a lot less painful.
11 min read -
Glances vs Netdata: Two Free-Tier Monitors Compared
Glances vs Netdata: which free monitor wins for your home lab? We compare install effort, UI quality, alerting, and when to ditch both for Prometheus.
10 min read -
tini vs dumb-init vs --init
PID 1 zombie reaping in containers — tini, dumb-init, and docker --init compared; when each one fixes your signal handling and stops your 10s shutdown tax.
11 min read -
Container Escape: How to Stop It
Containers are not VMs. Here are the real escape vectors — privileged mode, mounted sockets, kernel CVEs — and the runtime hardening that actually helps.
10 min read -
ko vs Jib vs Buildpacks
Build container images without writing a single Dockerfile — ko for Go, Jib for Java, Paketo Buildpacks for everything else. Real benchmarks, real tradeoffs.
10 min read -
Sentry Self-Hosted for Application Errors
Run Sentry on your own hardware to catch real application errors — stack traces, source maps, release tracking, alerts, and when you should just pay for SaaS.
11 min read -
Cosign Keyless: Sign Without Keys
Cosign keyless signing uses GitHub OIDC + Fulcio + Rekor to sign container images without managing private keys. Here's how it actually works and why you want it.
12 min read -
Docker Bake vs Compose Build
Orchestrating multi-image Docker builds: docker buildx bake vs compose build, matrix targets, multi-arch, caching, and when each one actually wins.
10 min read -
Heimdall vs Homepage vs Homer: Status Dashboards
Heimdall, Homepage, or Homer? Pick the right self-hosted dashboard for your homelab — real configs, Docker auto-discovery, and live API status widgets included.
10 min read
