If you’ve ever had to write a Design Document from scratch — you know the pain. You’re staring at dozens of Terraform files, cross-referencing module parameters, tracing spoke-to-transit attachments, figuring out which firewall image string maps to which vendor and … Continue reading I Got Tired of Writing Design Documents, So I Built a Tool That Does It for Me
Overview Inbound internet traffic to workloads in Aviatrix spoke VPCs is routed through PAN-OS firewalls for inspection using a Global External Application Load Balancer with Zonal NEGs. A Policy Based Forwarding (PBF) rule with enforce-symmetric-return on PAN-OS handles the asymmetric routing caused by the GFE proxy sourcing all traffic from 35.191.0.0/16. Architecture Why PBF with Enforce-Symmetric-Return The Global Application LB is a reverse proxy — ALL backend traffic (health checks and real user requests) arrives from Google Front End IPs in the 35.191.0.0/16 range. This creates an asymmetric routing problem: Why dual VRs don’t solve this: PAN-OS sessions are NOT … Continue reading Solving PAN-OS Routing Issues with Enforce-Symmetric-Return
I built a desktop app to solve a problem I kept running into: information overload. Between RSS feeds, email newsletters, and social media, I was drowning in content with no good way to organize, prioritize, or actually learn from it. Pyr Reader is my answer — a native macOS app that pulls content from multiple sources, classifies it with AI, and helps me focus on what actually matters. Named after Carlos Alberto, my Great Pyrenees — a loyal, watchful companion. Pyr Reader watches over your information feeds so you don’t have to. The Problem Every morning I’d open a dozen tabs: RSS reader, … Continue reading Meet Pyr Reader: An AI-Powered Content Hub Built with Rust and Tauri
Overview Carlos the Architect implements a multi-agent Software Development Lifecycle (SDLC) for cloud infrastructure design. The system uses 11 specialized AI agents orchestrated through LangGraph to automate the complete journey from requirements gathering to production-ready Terraform code, with historical learning from past deployment feedback. SDLC Phases Mapped to Agents SDLC Phase Agent(s) Output Purpose 1. Requirements Requirements Gathering Clarifying questions Understand user needs 2. Learning Historical Learning Context from past designs Learn from deployment feedback 3. Design Carlos + Ronei (parallel) 2 architecture designs Competitive design generation 4. Analysis Security, Cost, SRE (parallel) 3 specialist reports Multi-dimensional review 5. Review Chief Auditor Approval decision … Continue reading Carlos, The Cloud Architect
Pyr-Edge Pyr-Edge ingests VPC flow logs from AWS, Azure, and GCP, providing real-time analysis, anomaly detection, and natural language querying capabilities through an intuitive web interface. https://github.com/rtrentin73/pyr-edge Continue reading Pyr Edge: Anomaly Detection and AI-assisted operations
What it is kubectl-ai acts as an intelligent interface, translating user intent into precise Kubernetes operations, making Kubernetes management more accessible and efficient. How to install Gemini API Key Go to https://aistudio.google.com/ then Get API Keys: Depending on the tier you will need to import a Google Cloud Project for billing purposes. Testing A simple test to validate the configuration. I asked kubectl-ai to list k8s clusters i have access: Costs https://ai.google.dev/gemini-api/docs/pricing References https://github.com/GoogleCloudPlatform/kubectl-ai?tab=readme-ov-file Continue reading kubectl-ai
Summary k8sfluxops is a GitOps repository that manages a complete Kubernetes infrastructure on GKE using Flux v2. https://github.com/rtrentinavx/k8sfluxops It demonstrates a production-grade setup with: 🎯 Core Purpose Declarative, Git-driven management of Kubernetes infrastructure where all changes are version-controlled and automatically reconciled by Flux. 📦 What It Deploys Category Components Ingress Traefik (routes / → nginx, /boutique/ → Online Boutique) Observability Grafana, Jaeger, OpenTelemetry Collector, Hubble UI, Kube-ops-view Policy/Security OPA Gatekeeper with 4 constraint templates, Policy Manager UI Cost Management Kubecost Backup Velero with GCS backend + UI Cluster Mgmt Rancher, Weave GitOps dashboard Demo Apps Online Boutique (10 microservices with OTel tracing), Nginx Autoscaling HPA for … Continue reading Deploying and Operating a (GKE) K8S using GitOps (Flux)
Using AS_PATH to Prefer Routes from Oracle to the On-premises Network Oracle uses the shortest AS path when sending traffic to the on-premises network, regardless of which path was used to start the connection to Oracle.Therefore asymmetric routing is allowed. Asymmetric routing here means that Oracle’s response to a request can follow a different path than the request. Oracle implements AS path prepending to establish preference on which path to use if the edge device advertises the same route and routing attributes over several different connection types between the on-premises network and VCN. Oracle honors the complete AS path you … Continue reading FastConnect Tip
This architecture establishes a cloud backbone connecting AWS, Azure, and GCP, with AWS Transit Gateway (TGW), Azure Virtual WAN (vWAN), and GCP Network Connectivity Center (NCC) serving as northbound components to manage connectivity within each cloud, while Aviatrix Transit Gateways form the backbone for inter-cloud connectivity, ensuring seamless traffic flow across the clouds. Southbound connectivity links on-premises environments to each cloud using dedicated circuits, specifically AWS Direct Connect, Azure ExpressRoute, and GCP Cloud Interconnect, enabling secure and high-performance access to cloud resources. AWS Transit Gateway Azure Virtual WAN (vWAN) GCP Network Connectivity Center (NCC) AWS Transit Gateway, Azure Virtual WAN, … Continue reading Building a Cloud Backbone
The repository contains Terraform scripts designed to create Google Kubernetes Engine (GKE) and Azure Kubernetes Service (AKS) clusters. These setups are fully customizable through input parameter files. Additionally, the scripts provision the necessary network infrastructure and bastions, ensuring secure access to the clusters. https://github.com/rtrentinavx/kubernetes References https://cloud.google.com/kubernetes-engine https://azure.microsoft.com/en-us/products/kubernetes-service Continue reading “Mastering” K8S