Neil Borromeo - I build dependable infrastructure, automation, and digital systems for real-world businesses

Debugging a `504 Gateway Timeout` Through Kubernetes Ingress

January 31, 2025 · 3 min · 619 words · Neil Borromeo

This draft captures a real troubleshooting pattern for 504 Gateway Timeout responses behind Kubernetes ingress by checking the ingress rule, backend service, pod health, and in-cluster connectivity from the ingress controller itself.

Debugging Kubernetes Ingress on a Bare-Metal Cluster

January 23, 2025 · 2 min · 406 words · Neil Borromeo

This draft captures a real ingress debugging flow on a bare-metal cluster: verify the service IP, inspect the ingress objects, deal with a Helm ownership conflict, reinstall the controller cleanly, and confirm that the new ingress class is actually serving the expected backend.

Installing Terraform on Ubuntu 24.04 LTS

January 23, 2025 · 1 min · 171 words · Neil Borromeo

This draft captures the exact repository and package commands I used to install a pinned Terraform version on Ubuntu 24.04 LTS.

Testing and Fixing a GitLab Container Registry Endpoint

January 22, 2025 · 2 min · 284 words · Neil Borromeo

This is a carefully sanitized first-pass draft from a sensitive note. The useful pattern is still there: test the registry with curl against /v2/, vary the host and scheme deliberately, confirm the image naming path, and validate that the backup and retention tasks around the same service are in place.

Connecting an External Ceph Cluster to Kubernetes with Rook

January 13, 2025 · 3 min · 559 words · Neil Borromeo

This draft walks through the practical flow for connecting an existing Ceph cluster to Kubernetes with Rook: collect the monitor data and FSID, generate external-cluster resources, import them into the target cluster, install the Rook operator, and verify that the external Ceph connection is healthy.

Replacing Cloudflared Kubernetes Credentials for a New Tunnel

December 10, 2024 · 2 min · 357 words · Neil Borromeo

This draft captures the practical work of creating a new cloudflared tunnel, replacing the Kubernetes secrets that hold the certificate and tunnel credentials, and updating the config map and deployment to run the new tunnel.

Certbot Renewal with a Docker Compose Nginx Reload Hook

September 24, 2024 · 2 min · 329 words · Neil Borromeo

This draft captures a small but useful operational pattern: run certbot renew from cron and reload the Nginx container afterward so the renewed certificates are actually picked up.

Exposing a TCP Service Through Cloudflare Tunnel on Kubernetes

July 7, 2024 · 3 min · 430 words · Neil Borromeo

This draft turns a noisy environment-specific note into a cleaner pattern: create the Cloudflare Tunnel credentials, store them as Kubernetes secrets, define a cloudflared config map, run the deployment, and validate that the tunnel actually maps the hostname to the intended TCP service.

FusionAuth Outage After a Forced Kubernetes Upgrade

July 1, 2024 · 4 min · 701 words · Neil Borromeo

This draft turns a real internal outage note into a cleaner incident write-up covering the forced Kubernetes upgrade, the storage failure that followed, the backup gap we ran into, and the operational changes that came out of it.

Proxying Proxmox Through Cloudflared with Valid SSL

May 27, 2024 · 3 min · 633 words · Neil Borromeo

This draft turns a sparse work log into a short operations note on taking a Proxmox interface that originally lived on a direct host-and-port URL and exposing it through a Kubernetes-based Cloudflare Tunnel with a cleaner HTTPS hostname.