[{"content":"","date":null,"permalink":"https://itguyeric.com/blog/","section":"Blog","summary":"","title":"Blog"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/career/","section":"Tags","summary":"","title":"Career"},{"content":"","date":null,"permalink":"https://itguyeric.com/categories/","section":"Categories","summary":"","title":"Categories"},{"content":"I fight burnout and champion DevOps, open source, and enterprise Linux. I\u0026rsquo;m a product marketer, a podcaster, and a relentless homelab tinkerer — and this is where I write, record, and share what I learn along the way.\n","date":null,"permalink":"https://itguyeric.com/","section":"Eric the IT Guy","summary":"\u003cp\u003eI fight burnout and champion DevOps, open source, and enterprise Linux. I\u0026rsquo;m a product marketer, a podcaster, and a relentless homelab tinkerer — and this is where I write, record, and share what I learn along the way.\u003c/p\u003e","title":"Eric the IT Guy"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/events/","section":"Tags","summary":"","title":"Events"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/open-source/","section":"Tags","summary":"","title":"Open Source"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/rocky-linux/","section":"Tags","summary":"","title":"Rocky Linux"},{"content":"SouthEast Linux Fest has a different feel than most conferences I attend. It is less trade show, more reunion. You run into the same person twice in an hour, swap contact info, and actually mean it when you say you will follow up. For a community project like Rocky Linux, that atmosphere is exactly the right fit.\nRocky Linux sponsored as a Gold sponsor this year, June 12 through 14 in Charlotte. SELF is free to attend, in person or online, and that accessibility shapes the crowd in a good way. You get students, hobbyists, sysadmins, and curious newcomers all mixed together, with a Fallout theme running through the venue that did not hurt the vibe one bit.\nThe booth conversations were the highlight for me. A lot of time went to walking people through the Enterprise Linux pipeline, Fedora to CentOS Stream to RHEL to Rocky Linux, and watching that click for someone hearing it for the first time never gets old. We also gave away CanaKit Raspberry Pi 4 kits based on 60-second pitches, and two stuck with me. A college student wants to build open source software to help locate lost hikers in the mountain passes near his home. A Filipino woman planned to use hers to teach fellow immigrants English and basic computer skills. Both walked away with hardware, and both were exactly the kind of real, motivated use case that format is built to surface.\nI gave two talks of my own this year, and they could not have been more different. The first was an after-hours TTRPG introduction using Dungeon World as the entry point for people who had never rolled dice outside a board game. It filled up and ran long, which is the best problem a session like that can have. The second was \u0026ldquo;From Bash to Burnout: Staying Sane in a 24/7 Tech World,\u0026rdquo; a talk I have given a few times now but one that still surprises me with how engaged the room gets every time. IT burnout builds slowly and quietly, and most people do not notice it happening until they are already deep in it. Talking through the warning signs and what actually helps clearly resonates with this crowd.\nJoseph Tate rounded out the team\u0026rsquo;s session lineup with two technical talks: \u0026ldquo;Secure Secrets in Kubernetes,\u0026rdquo; covering why the built-in Secrets mechanism does not live up to its name and how HashiCorp Vault fills the gap, and \u0026ldquo;FluxCD for GitOps K8s Deployments,\u0026rdquo; a practical, honest look at using FluxCD for repeatable Kubernetes deployments, gotchas included.\nSELF is one of those events that reminds you why community matters in open source. Free admission keeps the barrier low, and the people who show up because they want to be there are the ones worth talking to. We will be back next year.\nIf you missed any of the SELF 2026 sessions, the schedule is still up at southeastlinuxfest.org.\n","date":"17 June 2026","permalink":"https://itguyeric.com/blog/southeast-linuxfest-2026-recap/","section":"Blog","summary":"SouthEast Linux Fest has a different feel than most conferences I attend. It is less trade show, more reunion. You run into the same person twice in an hour, swap contact info, and actually mean it…","title":"SouthEast LinuxFest 2026: Recap"},{"content":"","date":null,"permalink":"https://itguyeric.com/categories/speaking-engagements/","section":"Categories","summary":"","title":"Speaking Engagements"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/","section":"Tags","summary":"","title":"Tags"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/gaming/","section":"Tags","summary":"","title":"Gaming"},{"content":"I ran a hands-on introduction to tabletop role playing games at SouthEast LinuxFest for a room full of Linux nerds, most of whom had never rolled a die in their life outside of a D20 keychain.\nThe talk covered the landscape first. D\u0026amp;D as the genre\u0026rsquo;s default reference point, Savage Worlds as my personal favorite for its exploding dice and genre-agnostic core rules, and Dungeon World as the system built for exactly the kind of chaotic, large-group, low-prep session I needed for a room that could have had anywhere from 10 to 100 people. Dungeon World was the right call specifically because the GM never rolls dice and there is no initiative tracking, which meant we could move fast without getting bogged down in mechanics nobody in the room knew yet.\nThen we built a one-shot live, entirely from audience suggestions. We ended up with Ethan, a 97-year-old elf wizard going through what was politely described as a midlife crisis, hanging out at the Fiddlesticks Tiki Bar in a town that briefly did not have a name and now does. A villain named Bob had stolen the turtles that were the secret ingredient in the bar\u0026rsquo;s signature tacos. What followed was a fire, a cooling spell improvised through prestidigitation, a discern realities roll that turned up a suspiciously cardboard turtle, and a town leader with a Southern accent revealing that Bob had swapped out the real ingredients for props. None of it was planned. All of it worked, because that is the entire point of running the game this way.\nIf you have ever been curious about TTRPGs but did not know where to start, this is about as close as you can get to watching one happen in real time, mistakes, tangents, and all.\n","date":"14 June 2026","permalink":"https://itguyeric.com/blog/ttrpg-southeast-linuxfest-2026/","section":"Blog","summary":"I ran a hands-on introduction to tabletop role playing games at SouthEast LinuxFest for a room full of Linux nerds, most of whom had never rolled a die in their life outside of a D20 keychain.","title":"Learning to Play TTRPGs | SouthEast LinuxFest 2026"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/ciq/","section":"Tags","summary":"","title":"CIQ"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/compliance/","section":"Tags","summary":"","title":"Compliance"},{"content":"","date":null,"permalink":"https://itguyeric.com/categories/guest-posts/","section":"Categories","summary":"","title":"Guest Posts"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/security/","section":"Tags","summary":"","title":"Security"},{"content":"I put this together for the CIQ blog because the question I hear most is not whether community Rocky Linux is good; it clearly is. The real question is whether community support is sufficient for what an organization actually runs in production. I wanted to make the tradeoff honest rather than sell against the community.\nOriginally published on CIQ Read the full article \u0026rarr; A few things I wanted people to walk away with:\nCommunity support has genuine strengths. No licensing costs, full Enterprise Linux binary compatibility, an active community, and transparency cover development, internal tooling, and home labs well. The limits are structural, not quality. There is no SLA, minor version windows run about six months, and there are no compliance certifications, which matters most when you are running regulated workloads in production. RLC Pro adds contractual accountability. LTS on pinned minor versions, FIPS 140-3 validated packages, direct bug fixes, defined support SLAs, and IP indemnification are the things I would evaluate if any of those risks apply to you. If none of those apply, community Rocky Linux is the right choice, and CIQ keeps building it either way.\n","date":"12 June 2026","permalink":"https://itguyeric.com/blog/ciq-community-vs-vendor-support/","section":"Blog","summary":"I wrote this for the CIQ blog: an honest look at when community Rocky Linux support covers you and when a production environment needs the vendor support RLC Pro adds.","title":"What to know about community support versus vendor support"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/fedora/","section":"Tags","summary":"","title":"Fedora"},{"content":"Getting a package into Fedora is more than writing a spec file. There\u0026rsquo;s a review queue, a sponsorship process, and a contribution pipeline that can feel opaque to newcomers. Episode 055 is a deep dive into how that pipeline actually works, and what one contributor has been building to fix the parts that frustrate him most.\nMy guest is Jakub Kadlcik, known in the Fedora community as FrostyX. He is a Red Hat software engineer in Czech Republic who works on Copr, Fedora\u0026rsquo;s build system for distributing RPM packages outside the official repositories. Copr is one of those if-you-know-you-know tools: it lets developers build and host packages for any Fedora version and architecture without any formal review process, making it the natural starting point for anyone working their way toward official inclusion.\nThe most interesting part of the conversation is Jakub\u0026rsquo;s Fedora Review Service. The package review queue has sat in the hundreds for over a decade, and Jakub traced a lot of that backlog to something avoidable: the first round of every review was almost always trivial formatting issues that an automated tool would catch instantly. So he built a service that listens to Bugzilla, builds packages in Copr automatically, runs the Fedora review tool, and posts the results back to the ticket before a human reviewer ever looks at it. Simple, no AI, just automation doing exactly what automation should do.\nWe also got into the sponsorship bottleneck for first-time contributors, a website Jakub built to make packager sponsors findable, his proposal for per-commit package checks, and what the migration of src.fedoraproject.org to Forgejo might finally make possible for the packaging workflow. We spent probably three minutes trying to agree on how to pronounce Forgejo. No resolution was reached.\nJakub also talked about his FrostyX Unscripted YouTube channel, which started partly as English speaking practice and partly as a deliberate attempt to fight impostor syndrome by showing what real development work actually looks like, typos, wrong ideas, and all.\nThis is exactly the kind of episode I love hosting: a contributor who identified a real friction point, built something practical to fix it, and can explain the whole system clearly without oversimplifying it.\n","date":"9 June 2026","permalink":"https://itguyeric.com/blog/fedora-ep55-packaging-pipeline/","section":"Blog","summary":"Getting a package into Fedora is more than writing a spec file. There\u0026rsquo;s a review queue, a sponsorship process, and a contribution pipeline that can feel opaque to newcomers. Episode 055 is a deep…","title":"Fixing Fedora's Packaging Pipeline | Fedora Podcast Episode 055"},{"content":"","date":null,"permalink":"https://itguyeric.com/categories/podcasts/","section":"Categories","summary":"","title":"Podcasts"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/ai/","section":"Tags","summary":"","title":"AI"},{"content":"I wrote this one up for the CIQ blog after Open Source Summit 2026 in Minneapolis. We had four NVIDIA Jetson Orin Nanos to give away, and instead of running a raffle we asked people for a 60-second pitch on what they would actually build with one. The answers were better than any raffle would have been.\nOriginally published on CIQ Read the full article \u0026rarr; A few things I wanted people to walk away with:\nWe loaded every board with RLC Pro AI. Each Jetson left the booth with CUDA, DOCA-OFED, and PyTorch preinstalled and tuned, so the winners could get to first inference fast rather than spending a weekend on setup. The best use cases were not the obvious ones. The pitch that stuck with me most came from a parent who wants to build a patient, real-time tool to help his neurodivergent son read social contexts. That is not something you find in a product brief. Edge AI shines on unglamorous, high-stakes work. One winner plans to surface and flag safety protocols that have not been reviewed in decades, which is exactly the kind of job local inference is good for. You do not have to win a giveaway to try RLC Pro AI, so if you are running AI on edge hardware it is worth a look.\n","date":"5 June 2026","permalink":"https://itguyeric.com/blog/ciq-jetson-giveaway-oss/","section":"Blog","summary":"I put this together for the CIQ blog: what four winners at Open Source Summit 2026 said they would build with an NVIDIA Jetson Orin Nano running RLC Pro AI.","title":"We gave away four NVIDIA Jetson Orin Nanos at Open Source Summit"},{"content":"I put this together for the CIQ blog because once people decide to go the RLC route, they hit a second question: which RLC Pro variant do I actually need? Both share the same Enterprise Linux base, but RLC Pro AI and RLC Pro Hardened point in very different directions. I wanted to lay out the difference plainly so the choice is easy.\nOriginally published on CIQ Read the full article \u0026rarr; A few things I wanted people to walk away with:\nRLC Pro AI is for GPU-accelerated work. It ships with NVIDIA and AMD GPU drivers, CUDA, DOCA-OFED, and PyTorch preinstalled and tuned, with the goal of getting from install to first inference in under four minutes. RLC Pro Hardened is for regulated industries. If you are in finance, defense, or healthcare and need DISA STIG and CIS compliance out of the box, plus Linux Kernel Runtime Guard and hardened packages, that is the variant I would point you to. Both give you four years of vendor support. Each one includes CIQ support through the portal and up to four years of updates even on minor versions, so you are not stuck chasing a short community window. If you are weighing the two, start from the workload: performant AI infra points to RLC Pro AI, strict audits point to RLC Pro Hardened.\n","date":"4 June 2026","permalink":"https://itguyeric.com/blog/ciq-rlc-pro-ai-vs-hardened/","section":"Blog","summary":"I wrote this for the CIQ blog: how to choose between RLC Pro AI and RLC Pro Hardened depending on whether you are running AI infrastructure or working under strict compliance.","title":"RLC Pro AI and RLC Pro Hardened: Which variant fits your needs"},{"content":"CIQ at Open Source Summit 2026: Minneapolis Recap #I spent three days on the expo floor at Open Source Summit 2026 in Minneapolis with Howard Van Der Wal and Stephen Simpson, and it was one of the better events we have done this year.\nThe crowd was exactly what you want at a conference like this: engineers with opinions, researchers, university IT teams, homelab enthusiasts, and enterprise sysadmins who have been in the Linux world long enough to have strong feelings about everything. TechnoTim stopped by and got the full CIQ rundown from Stephen. Rocky Linux awareness was mixed, but the people who knew Enterprise Linux lit up when they heard about the support lifecycle, binary compatibility, and the stability story. And when someone mentioned Rocky Linux did not do FIPS and they had gone elsewhere for that reason, Stephen had exactly the right answer ready.\nAscender Pro got the strongest reactions on the floor. Howard had it running a live demo featuring the migrate2rlc playbook, and the response from a security engineer at a government office summed it up pretty well: \u0026ldquo;This is awesome. Where has this been my entire life?\u0026rdquo;\nThe highlight for me personally was the Jetson giveaway. We had four NVIDIA Jetson Orin Nanos to give away and instead of a raffle, we asked each person for a 60-second pitch on what they would actually build. Each board shipped preloaded with RLC Pro AI, CIQ\u0026rsquo;s Enterprise Linux distribution for AI and HPC workloads, with NVIDIA and AMD GPU drivers, CUDA, and PyTorch tuned for throughput right out of the box. The pitches drew around 20 people per session and the ideas were genuinely good: an automated lecture pipeline for university faculty, a tool to finally review decades-old industry safety protocols, targeted SLMs for specific software development tasks, and the one that stuck with me most, a parent building a real-time social context coach for his neurodivergent son. That last one is a good reminder that the most meaningful use cases for edge AI hardware are not always the ones that show up in a product brief.\nRead the trip report on CIQ: Open Source Summit 2026\nEvents like this are a good reminder that the interest in open source infrastructure is real, and the people asking the questions are the ones actually running these systems.\n","date":"3 June 2026","permalink":"https://itguyeric.com/blog/ciq-at-open-source-summit-2026-minneapolis-recap/","section":"Blog","summary":"I spent three days on the expo floor at Open Source Summit 2026 in Minneapolis with Howard Van Der Wal and Stephen Simpson, and it was one of the better events we have done this year.","title":"CIQ at Open Source Summit 2026: Minneapolis Recap"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/homelab/","section":"Tags","summary":"","title":"Homelab"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/rhel/","section":"Tags","summary":"","title":"RHEL"},{"content":"I wrote this for Rocky Linux because the Secure Boot ecosystem is going through a real transition and it is easy to get caught off guard. The Microsoft 3rd Party UEFI CA that has signed Linux shims expires in 2026, so Microsoft is issuing new CAs and updating the KEK in the chain of trust. This is not Rocky-specific, it affects any operating system relying on a signed shim.\nOriginally published on Rocky Linux Read the full article \u0026rarr; A few things I wanted people to walk away with:\nRocky is shipping dual-signed shims. The same binary carries both the old 2011 CA and the new 2023 CA signatures, so it covers the transition, though whether it boots depends on your firmware being able to validate multiple PE signatures. Check what your firmware actually has enrolled. Use mokutil --db or efi-readvar -v db and efi-readvar -v KEK before OEM firmware updates reach you, and watch for the new Windows UEFI CA 2023 and Microsoft Corporation KEK 2K CA 2023. Do not manually enroll the new KEK or CAs without a recovery plan. Modifying UEFI variables can leave a system that will not boot at all; let vendor firmware updates via fwupd handle it where possible. This rollout unfolds gradually through 2026 and beyond, so track your vendor\u0026rsquo;s firmware release notes rather than expecting a single cutover.\n","date":"2 June 2026","permalink":"https://itguyeric.com/blog/rocky-secure-boot/","section":"Blog","summary":"I wrote this for Rocky Linux: Microsoft is rolling out new Secure Boot CAs and a KEK. Here is what changes and how to check your systems.","title":"Rocky Linux and the Changing Secure Boot Landscape"},{"content":"Community Days 2026 was a different kind of conference experience for me. No booth to staff, no talk to deliver, no social media queue to manage. Just me, a badge, and a schedule full of sessions I actually wanted to attend. Turns out that is a pretty good way to spend a couple of days.\nI did some networking, did some job hunting, ate some ice cream, and came away with a few things worth writing down.\nHow to Upskill Within Your Skillet\nA panel with Angela Jones, Mark Williams, and Lindsay Shelton covering career development in a world where linear career paths are mostly a myth now. The framing I found most useful was the distinction between expansion and pivot. Expansion builds on what you already know and adds to it. A pivot is more of a reset, starting over in a new direction. Neither is wrong, but they require completely different strategies and timelines, and conflating them is where a lot of mid-career frustration comes from.\nThe conversation about what to learn next was equally practical. The panel drew a line between hope and signal. Hope is learning something because it feels exciting or everyone is talking about it. Signal is what actually shows up in job postings. Both matter, but leaning too hard on hope without checking the signal is how you end up chasing trends that evaporate before you can capitalize on them.\nThe question they closed with landed well: what would you tell your five-years-ago self? The answers were pretty consistent across the panel. Stay adaptable. Ask better questions. Build trust. Develop translation skills, meaning the ability to move between technical and non-technical conversations. And get comfortable being a beginner again, because that is going to keep happening.\nFuture of Code Reviews\nA short but pointed session on where AI is taking the code review process. The framing that stuck: we are no longer the code reviewer. We are the Editor-in-Chief. The question is not whether humans are still needed but what that human role actually looks like when the first pass is automated.\nSaying to Thinking to Doing\nThe most technically dense session of the conference, covering the evolution from LLMs to LRMs to LAMs and what that progression actually means in practice.\nLLMs (Large Language Models) are the current baseline. One token, one pass, fast and cheap, with a cost that scales roughly linearly with tokens. LRMs (Large Reasoning Models) take a question and run a reasoning trace before answering, which means they are slower and more expensive but produce better answers to complex problems. LAMs (Large Action Models) are the next step: high-level tasks come in, real workflows get automated end-to-end. The tradeoff is that errors can compound, and the cost jumps significantly.\nThe throughline was simple: there will always be another tool. The teams that do well are the ones who understand the tradeoffs well enough to reach for the right one.\nIt was a good conference to just attend for once. More of this, please.\n","date":"1 June 2026","permalink":"https://itguyeric.com/blog/community-days-kc-2026-trip-report/","section":"Blog","summary":"Community Days 2026 was a different kind of conference experience for me. No booth to staff, no talk to deliver, no social media queue to manage. Just me, a badge, and a schedule full of sessions I…","title":"Community Days 2026: Trip Report"},{"content":"","date":null,"permalink":"https://itguyeric.com/categories/product-marketing/","section":"Categories","summary":"","title":"Product Marketing"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/sysadmin/","section":"Tags","summary":"","title":"SysAdmin"},{"content":"Why RLC Pro? Enterprise Linux Built on Rocky #I wrote this piece for CIQ making the case for RLC Pro, what it is, who it serves, and why the foundation it is built on matters before you get to any of the enterprise features.\nThe post starts with Rocky Linux and why binary compatibility with Enterprise Linux is not a marketing claim but an operational one. Certified workloads run as certified. ISV support applies without exceptions. Compliance frameworks transfer directly. That is the floor RLC Pro is built on, and it is worth understanding before layering anything else on top.\nWhat RLC Pro adds is the support model, LTS coverage, and compliance posture that production environments actually require. FIPS 140-3 certifications ship with LTS versions .2, .6, and .10. GPU drivers for NVIDIA and AMD come pre-installed. Security maintenance runs through May 2032 with committed CVE response timelines.\nThe part of this post I am most proud of is the support section. In May 2026, three critical local privilege escalation vulnerabilities arrived within three weeks. Copy Fail, Dirty Frag, and Fragnesia. CIQ delivered Knowledge Base guidance to customers the same day each one was disclosed, patched kernels reached production ahead of other distributions, and federal customers with specific dependencies got configuration guidance built around their actual environments. I got to write that story because it actually happened, and that kind of outcome is worth documenting.\nRead the full post on CIQ: Why RLC Pro\nWriting a \u0026ldquo;why buy\u0026rdquo; post is only as good as the evidence behind it. This one had real evidence.\n","date":"29 May 2026","permalink":"https://itguyeric.com/blog/why-rlc-pro/","section":"Blog","summary":"I wrote this piece for CIQ making the case for RLC Pro, what it is, who it serves, and why the foundation it is built on matters before you get to any of the enterprise features.","title":"Why RLC Pro? Enterprise Linux Built on Rocky"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/guest/","section":"Tags","summary":"","title":"Guest"},{"content":"Home Lab in 2026: Is It Still Worth It? | The IT Guy Show Episode 023 #Josh from Keep It Techie joins me for a conversation about home lab ownership in 2026, what it actually costs, what it gets you, and when it stops making sense.\nThe IT Guy Show \u0026middot; Episode 23 Open the full episode page \u0026rarr; This one started as a personal question I have been sitting with for a while. I have a Dell PowerEdge R720 sitting in a colocated data center in Kansas City. It is old, loud, power-hungry, and costs me $70 a month in colo fees. I have 3 gigabit Google Fiber at the apartment. At some point the math stops working in favor of the colo, and this episode is me thinking out loud about that trade-off with someone who has been through it.\nJosh makes the case that home labs are still worth it in 2026, but the calculus has changed. Raspberry Pis and compact prosumer hardware have lowered the entry point considerably, but electricity and heat are real costs that blade server enthusiasts tend to underestimate until the AC bill arrives. We talked through his recommendation for the 45 Drives HL8 as a quiet, apartment-friendly storage solution, the Cloudflare tunnel approach for self-hosting without exposing ports, and the perpetual networking rabbit hole that neither of us has fully escaped.\nThere is also a longer thread in here about career advice, getting started in IT, and why not everyone needs to chase cybersecurity just because it is trending.\nJosh\u0026rsquo;s channel is also quietly helping me prep for my Linux+ exam, which he did not know until I mentioned it on air. Worth subscribing to if you are building out your home lab or your Linux skills.\n","date":"28 May 2026","permalink":"https://itguyeric.com/blog/home-lab-2026-it-guy-show-023/","section":"Blog","summary":"Josh from Keep It Techie joins me for a conversation about home lab ownership in 2026, what it actually costs, what it gets you, and when it stops making sense.","title":"Home Lab in 2026: Is It Still Worth It? | The IT Guy Show Episode 023"},{"content":"","date":null,"permalink":"https://itguyeric.com/series/","section":"Series","summary":"","title":"Series"},{"content":"","date":null,"permalink":"https://itguyeric.com/series/the-it-guy-show/","section":"Series","summary":"","title":"The IT Guy Show"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/the-it-guy-show/","section":"Tags","summary":"","title":"The IT Guy Show"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/almalinux/","section":"Tags","summary":"","title":"AlmaLinux"},{"content":"I wrote this for TuxCare, and it\u0026rsquo;s a personal one: CentOS was my own path into life as a Linux Systems Administrator, at home and at the office. When it reached end of life, two communities stepped up to carry the legacy forward, so I compared AlmaLinux and Rocky Linux and where TuxCare fits with both.\nOriginally published on TuxCare Read the full article \u0026rarr; A few things I wanted people to walk away with:\nThey took two different paths to the same goal. AlmaLinux maintains ABI compatibility under an independent non-profit foundation, while Rocky Linux pursues a strict 1:1 RHEL rebuild governed by the founder-led RESF. The shared strengths matter most. Both are free, open source, RHEL-compatible, and built for long-term production, so you no longer have to choose between open-source ideals and enterprise reliability. TES covers both under one contract. That means 24x7 response, up to 16-year lifecycle support, hardening automation, and a FIPS wrapper that brings Rocky closer to commercial-grade compliance. Whichever you prefer, the point is that choice is the cornerstone of open source, and it\u0026rsquo;s fully supported.\n","date":"26 May 2026","permalink":"https://itguyeric.com/blog/tuxcare-almalinux-vs-rocky/","section":"Blog","summary":"I wrote this for TuxCare comparing AlmaLinux and Rocky Linux as CentOS successors, their governance models, and how TES supports both under one contract.","title":"AlmaLinux vs. Rocky Linux: How Both Keep the Enterprise Strong"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/centos/","section":"Tags","summary":"","title":"CentOS"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/enterprise-linux/","section":"Tags","summary":"","title":"Enterprise Linux"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/migration/","section":"Tags","summary":"","title":"Migration"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/tuxcare/","section":"Tags","summary":"","title":"TuxCare"},{"content":"","date":null,"permalink":"https://itguyeric.com/categories/news--industry/","section":"Categories","summary":"","title":"News \u0026 Industry"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/systems-management/","section":"Tags","summary":"","title":"Systems Management"},{"content":"What Is RLC+? Rocky Linux with GPU Drivers Built In #I wrote this explainer for CIQ introducing RLC+, the free, GPU-ready tier that sits between community Rocky Linux and the full RLC Pro subscription.\nThe post is built around a simple observation: Rocky Linux is a great starting point, but at some point your infrastructure asks more of the OS than a baseline install can deliver. GPU workloads need drivers. AI and machine learning pipelines need more than CPU mode to run efficiently. And when something breaks at 2am, the forum is not a satisfying answer.\nThe core differentiator for RLC+ is preinstalled GPU drivers for both Nvidia and AMD hardware, including the CUDA toolkit and DOCA-OFED for Nvidia, and ROCm for AMD. Installing GPU drivers manually is a chore most people have done exactly once and never want to do again. RLC+ skips that entirely. The post includes a real-world performance benchmark worth noting: according to Andrew Lewman, co-founder of the Tor Project, Ollama runs 7 to 20 times faster in GPU mode versus CPU mode. For anyone running a local AI server on their LAN, that difference is the ballgame.\nRLC+ is free, binary-compatible with Enterprise Linux, and available as ISOs, KVM images, cloud images for AWS, Azure, and GCP, container images, and bootc images.\nRead the full post on CIQ: Why RLC+\nThis kind of tiered product explainer is a good test of whether you actually understand the product well enough to explain who it is for and why the upgrade is worth it without making it sound like a sales pitch.\n","date":"19 May 2026","permalink":"https://itguyeric.com/blog/rlc-plus-rocky-linux/","section":"Blog","summary":"I wrote this explainer for CIQ introducing RLC+, the free, GPU-ready tier that sits between community Rocky Linux and the full RLC Pro subscription.","title":"What Is RLC+? Rocky Linux with GPU Drivers Built In"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/linux-desktop/","section":"Tags","summary":"","title":"Linux Desktop"},{"content":"I wrote this for Rocky Linux to explain a real change to how we can respond in an emergency. CopyFail and Dirty Frag both landed with public proof-of-concept exploits before upstream had fixes broadly available, and that left administrators aware of the risk and simply waiting. So we built an optional, opt-in security repository to give us a path to ship urgent fixes ahead of upstream when circumstances genuinely demand it.\nOriginally published on Rocky Linux Read the full article \u0026rarr; A few things I wanted people to walk away with:\nIt is disabled by default, and that is intentional. The standard Rocky experience stays predictable, stable, and fully upstream-compatible; you opt in only when you need accelerated fixes with sudo dnf --enablerepo=security update. These packages are a bridge, not a fork. They are versioned to be superseded automatically when upstream ships its fix, so you land back on upstream-aligned packages as fast as possible, which also means no traditional errata records. It is a narrow exception, not a change in direction. The bar is high: a significant vulnerability is public, exploit code exists, and upstream has no fix yet. We are not maintaining independent kernel forks indefinitely. If your environment does not need accelerated fixes, do nothing and your system behavior does not change.\n","date":"14 May 2026","permalink":"https://itguyeric.com/blog/rocky-security-repository/","section":"Blog","summary":"I wrote this for Rocky Linux: an opt-in security repository that bridges the gap when a public exploit lands before upstream has a fix.","title":"Rocky Linux Introduces a Security Repository and Why That Matters"},{"content":"AI and the Human in the Loop: What Actually Gets Replaced | IT Guy Show Ep. 022 #Episode 22 of The IT Guy Show is a milestone for me, and not just because the number is round. Karl Abbott was my very first guest back on episode one, and he came back for what turned into one of the best conversations I have had on the show.\nThe IT Guy Show \u0026middot; Episode 22 Open the full episode page \u0026rarr; Karl is a product manager at Microsoft working on Linux vendor partnerships, a university regent, and the host of his own podcast on the human side of product management. He wrote a LinkedIn post called \u0026ldquo;AI Didn\u0026rsquo;t Replace My Work\u0026rdquo; that caught my attention and kicked off this whole episode. The short version of his argument: AI removes the mechanical friction, but it does not carry the consequence. Judgment, taste, and responsibility stay human. When the execution gets cheap, the quality of your thinking becomes the actual work.\nWe got into vibe coding, what it actually demands from engineers versus what people assume it removes, and why bad assumptions fed into an AI system come out looking clean and confident on the other side. We also talked about higher education, where Karl made a point that stuck with me: if students are not building judgment through struggle and repetition, schools need to be very intentional about where that formation is going to come from. I shared some of my own experience teaching Linux administration at JCCC and why I tell my students that using AI to fill out a lab is cheating themselves, not just the system.\nThere is also a good stretch near the end on book recommendations, including a few I had not heard of that I am now actively tracking down.\nWatch the full episode on The IT Guy Show: A Human in the Middle | Episode 022\nThis one fits squarely in the middle of what I think about most: how people who work in technical fields stay sharp and relevant as the tools keep changing underneath them.\n","date":"12 May 2026","permalink":"https://itguyeric.com/blog/itguyshow-ep22-ai-replacing-jobs/","section":"Blog","summary":"Episode 22 of The IT Guy Show is a milestone for me, and not just because the number is round. Karl Abbott was my very first guest back on episode one, and he came back for what turned into one of…","title":"AI and the Human in the Loop | IT Guy Show Ep. 022"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/community/","section":"Tags","summary":"","title":"Community"},{"content":"I put this advisory out for Rocky Linux because CopyFail (CVE-2026-31431) is one of those you do not want to sit on. It is a high-severity local privilege escalation in the Linux kernel, the exploit is public, and researchers have shown it works reliably across distributions with no race conditions. Patched kernels are available now for Rocky Linux 8.10, 9.7, and 10.1, so the short version is: update your kernel and reboot.\nOriginally published on Rocky Linux Read the full article \u0026rarr; A few things I wanted people to walk away with:\nPatch and reboot, do not wait. Run sudo dnf --refresh update 'kernel*' then sudo reboot, and confirm with uname -r that you are on a fixed build. File integrity tools will not save you here. The exploit corrupts an in-memory copy of a setuid binary in the page cache without touching anything on disk, which is why patching is the real fix. Do not bother trying to disable the module on Rocky. On Rocky Linux, algif_aead is compiled into the kernel image, not a loadable module, so the kernel update is the correct and only fix. Treat this as actively exploited and get your systems patched today.\n","date":"11 May 2026","permalink":"https://itguyeric.com/blog/rocky-copyfail-cve/","section":"Blog","summary":"I put this out for Rocky Linux: patched kernels are available for 8.10, 9.7, and 10.1 addressing CopyFail. Update and reboot now.","title":"CopyFail (CVE-2026-31431): Kernel Patches Now Available for Rocky Linux"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/product-marketing/","section":"Tags","summary":"","title":"Product Marketing"},{"content":"I wrote this one for Rocky Linux to share what came back from a short contributor survey we ran. We kept it deliberately small, thirty people responded, and the feedback was candid, useful, and in a few places a little uncomfortable. That was exactly the point.\nOriginally published on Rocky Linux Read the full article \u0026rarr; A few things I wanted people to walk away with:\nThe testing and QA team is a bright spot. Respondents kept describing Stack and the openQA crew as welcoming, and 53% of active contributors are already working in testing, which tells me the right culture can exist here. Transparency was the loudest ask. People feel decisions get made behind closed doors, so we are taking that directly to the folks who can act on it, publishing meeting notes and opening up how decisions get made. There is a waiting room of people ready to help. 31% of respondents want to contribute but have not started, and better onboarding plus a curated list of good first issues would go a long way. If any of this resonates, come find us on Mattermost and say hello.\n","date":"11 May 2026","permalink":"https://itguyeric.com/blog/rocky-community-survey-2026/","section":"Blog","summary":"I wrote this for Rocky Linux: 30 contributors told us where things stand. Here is what the survey said and what we plan to do about it.","title":"Rocky Linux Community Survey 2026 — Results and What Comes Next"},{"content":"Why Rocky Linux? Enterprise Linux Built to Last\nI wrote this piece for CIQ as a foundational explainer on Rocky Linux, covering where it came from, who is running it, and why the governance structure matters as much as the technology.\nThe origin story is worth knowing. When IBM acquired Red Hat and CentOS was effectively discontinued as a stable downstream rebuild, Gregory Kurtzer, one of CentOS\u0026rsquo;s original co-founders, announced a replacement the same day. Rocky Linux was named after his late co-founder Rocky McGaugh, who never got to see what CentOS had become. Within days it was the top-trending repository on GitHub. The community response was immediate and unmistakable.\nThe post covers what makes Rocky Linux a legitimate enterprise choice beyond just being free: binary compatibility with the Enterprise Linux standard, a governance model specifically designed to prevent what happened to CentOS, and a decade-long support lifecycle that lets infrastructure teams plan without building in forced migrations. It also gets into who is actually running it, not home lab hobbyists, but AWS, Google Cloud, Rakuten Symphony, and Equinix, organizations making serious at-scale infrastructure decisions.\nRead the full post on CIQ: Why Rocky Linux? Enterprise Linux Built to Last\nWriting foundational content like this is something I enjoy because getting the history and the governance right matters as much as the technical specs, especially for an audience evaluating a long-term infrastructure commitment.\n","date":"7 May 2026","permalink":"https://itguyeric.com/blog/why-rocky-linux-enterprise-linux/","section":"Blog","summary":"Why Rocky Linux? Enterprise Linux Built to Last","title":"Why Rocky Linux? Enterprise Linux Built to Last"},{"content":"LinuxFest Northwest 2026: Worth the Trip #I made it to Bellingham this spring for LinuxFest Northwest, and I get why this event has been earning its reputation for 27 years.\nThis is not a conference where corporations show up to scan badges and hand out tote bags. No lead capture, no forced networking. Just a few hundred people who actually care about Linux, gathered in a walkable waterfront city on a genuinely beautiful spring weekend. The crowd skews toward students, hobbyists, longtime contributors, and the kind of sysadmins who have strong opinions about their chosen terminal emulator. The conversations are real, and the community is tight.\nI was there representing CIQ and the Rocky Linux project alongside R. Leigh Hennig, one of Rocky\u0026rsquo;s cofounders, and a few others from the CIQ team. Having people who are genuinely part of the project made a difference on the floor. We talked migrations, automations, home lab setups, and what people are actually running in production. Good questions from people who know their stuff.\nThe social side matched the rest of it. Friday night at Beach Cat Brewery brought together folks from RESF, Microsoft, Fedora, CentOS, and a mix of attendees and volunteers. Saturday was dinner at Brandywine Kitchen and drinks at The Den. The kind of cross-community connection that does not happen on Slack.\nI gave a talk called \u0026ldquo;Escaping the End-of-Life Nightmare: Lessons from the Linux Graveyard,\u0026rdquo; aimed at anyone who has ever inherited a server running something two major versions past EOL. It drew around 25 people and led to some good conversations afterward. When the recording goes up I will share it here.\nIf you have never been to LFNW, put it on your list. Bellingham is a great place to spend a spring weekend, and the community there is worth showing up for.\n","date":"30 April 2026","permalink":"https://itguyeric.com/blog/linuxfest-northwest-2026-worth-the-trip/","section":"Blog","summary":"I made it to Bellingham this spring for LinuxFest Northwest, and I get why this event has been earning its reputation for 27 years.","title":"LinuxFest Northwest 2026: Worth the Trip"},{"content":"Teaching a Linux course will humble you fast, especially when your students ask about apt and you realize the last time you logged into an Ubuntu server was back in your sysadmin days. That embarrassing moment is what sent me looking for someone who lives and breathes Ubuntu, and it led me to Nathan Haines, a two-decade Ubuntu community volunteer who has run booths, moderated Reddit, and served on the Ubuntu Community Council since the early days of the distro.\nThe IT Guy Show \u0026middot; Episode 21 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nUbuntu is different at a human level. This is less a technical deep dive and more a conversation about the people and culture that make the distro what it is. The Debian relationship is real and healthy. Nathan cleared up what actually connects Debian and Ubuntu, plus the early-days story of setting up a booth with plastic tablecloths from Party City at SCaLe 6x. The distro wars are mostly theater. Nathan makes the case that the online fighting is noise compared to the genuine camaraderie between open source contributors behind the scenes. If you have ever wondered whether Ubuntu is still the right pick for someone just getting started or coming back after years away, Nathan gives the honest answer.\n","date":"28 April 2026","permalink":"https://itguyeric.com/blog/itguyshow-ep21-ubuntu-community/","section":"Blog","summary":"Nathan Haines and I talk about what makes Ubuntu different at a human level after more than twenty years of community.","title":"Ubuntu Community: Years of \"Just Works\" | The IT Guy Show Ep. 21"},{"content":"Bootc in Production: What It Actually Looks Like | Fedora Podcast Ep. 054 #Episode 54 of the Fedora Podcast is out, and this one digs into something I am genuinely curious about for my own homelab: what does bootc look like when someone is actually running it day to day, not just kicking the tires?\nJames Harmison joined me to walk through how he uses bootc across a pretty wild range of contexts, from his personal laptops and a stripped-down SteamOS-style couch gaming rig, to swapping kernels in OpenShift for AMD GPU support at work. His setup replaces the traditional dotfiles repo entirely, bakes kernel modules directly into the image so DKMS and akmod are completely gone, and runs CI on his homelab to rebuild the image on every commit. It is the kind of thing that sounds overcomplicated until he explains it, and then it sounds like the only sane way to manage a system.\nWe also spent time on Chunkah, an upstream project working on smarter container image chunking for bootc. James was one of the first people to stress test it on a large image and found some real problems with the packing algorithm. He helped kick off the conversations that are now shaping the next release. That is the kind of quiet upstream contribution that does not always get attention but genuinely moves the project forward.\nIf you are curious about bootc and want to hear from someone who has been living in it for a couple of years, this episode is a solid starting point.\nListen to the full episode on the Fedora Podcast: Bootc in the Wild | Episode 054\nThis is the kind of conversation that fits right in the middle of my broader interest in where Linux infrastructure is heading, both for homelabs and production environments.\n","date":"21 April 2026","permalink":"https://itguyeric.com/blog/fedora-ep54-bootc-production/","section":"Blog","summary":"Episode 54 of the Fedora Podcast is out, and this one digs into something I am genuinely curious about for my own homelab: what does bootc look like when someone is actually running it day to day…","title":"Bootc in the Wild | Fedora Podcast Ep. 054"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/containers/","section":"Tags","summary":"","title":"Containers"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/cloud/","section":"Tags","summary":"","title":"Cloud"},{"content":"GPU-Ready in Minutes: Running AI on Azure with RLC Pro AI #Getting from the Azure Marketplace to actual inference used to mean a day of driver archaeology. This webinar with Brian Dawson, Damon Knight, and Hugo from Microsoft Azure\u0026rsquo;s core engineering team is about what happens when that problem is mostly solved.\nWe started where most of these conversations start, which is the pain. Damon has done this setup process more times than anyone should have to, across Ubuntu, Red Hat, SUSE, and Rocky, and his description of what a typical deployment looks like before RLC Pro AI is the kind of thing that gives sysadmins flashbacks. Figuring out which drivers go with which CUDA version, whether Torch compiled for the GPU or the CPU, whether you need the CUDA toolkit on top of CUDA, and whether that first reboot is the last reboot. Brian made the point that even his conservative estimate of time saved turned out to be underselling the problem after he talked to analysts who work in this space full time.\nThe demos cut through a lot of that. Damon showed a fresh RLC Pro AI instance in Azure spinning up Jupyter Notebook on an H100, validating GPU access with Nvidia SMI, and running tensor math in Python, with most of the time going to Docker setup rather than anything AI-specific. The second demo was more involved: a full RAG chatbot using Microsoft\u0026rsquo;s Phi-4 model and the Open Platform for Enterprise AI reference implementation, running on an RTX preview host. Upload a PDF, ask it questions, get answers grounded in your document. Start to finish, about ten minutes.\nHugo brought a useful perspective from the Azure side. Because Azure VM types are homogeneous across regions, partners can optimize once and trust that the results hold everywhere. That consistency matters a lot when you are trying to build something repeatable. He also gave a preview of what is coming on the hardware side, including the RTX 6000 Pro hitting general availability soon and ongoing work on GB200 and GB300 deployments.\nIf you have been waiting for a reason to actually try running your own AI instead of just reading about it, this is a pretty good starting point. Subscribe to The IT Guy Show on YouTube and follow along at itguyeric.com for more.\n","date":"17 April 2026","permalink":"https://itguyeric.com/blog/ai-on-azure-rlc-pro-ai-gpu-ready/","section":"Blog","summary":"Getting from the Azure Marketplace to actual inference used to mean a day of driver archaeology. This webinar with Brian Dawson, Damon Knight, and Hugo from Microsoft Azure\u0026rsquo;s core engineering team is…","title":"GPU-Ready in Minutes: Running AI on Azure with RLC Pro AI"},{"content":"Deploy RLC Pro on Google Cloud Marketplace #I wrote this deployment guide for CIQ, walking through how to get RLC Pro up and running on Google Cloud Marketplace from start to a live VM.\nGoogle was one of the first hyperscalers to back the Rocky Linux project, and CIQ has partnered with them to deliver optimized Rocky Linux images built specifically for Google Compute Engine. RLC Pro is the enterprise layer on top of that: Long-Term Support for specific minor versions, FIPS 140-3 validated packages, and an actual vendor to call when something breaks.\nThe post covers what you get with a subscription, why LTS minor version pinning matters for compliance frameworks like FedRAMP and CMMC, and how to get from the Marketplace listing to a running VM in a few steps.\nRead the full post on CIQ: How to Deploy RLC Pro on Google Cloud\n","date":"10 April 2026","permalink":"https://itguyeric.com/blog/rlc-pro-google-cloud/","section":"Blog","summary":"I wrote this deployment guide for CIQ, walking through how to get RLC Pro up and running on Google Cloud Marketplace from start to a live VM.","title":"Deploy RLC Pro on Google Cloud Marketplace"},{"content":"","date":null,"permalink":"https://itguyeric.com/categories/tutorials/","section":"Categories","summary":"","title":"Tutorials"},{"content":"Deploy RLC Pro on AWS Marketplace #I wrote this guide for CIQ covering how to get RLC Pro running on AWS, from the Marketplace listing to a live EC2 instance with LTS and FIPS available.\nThe post makes the case that most teams standing up Enterprise Linux on AWS spend too much time configuring things that should have shipped with the image. RLC Pro skips that. The AMI comes pre-configured with CIQ repository access, and enabling LTS pinning or FIPS 140-3 validated packages is a single step after launch.\nI covered the full picture: what Long-Term Support actually means for compliance and QA cycles, why FIPS 140-3 matters for FedRAMP and CMMC-scoped workloads, and how Enterprise Linux binary compatibility means your existing Ansible playbooks and automation carry over without changes.\nRead the full post on CIQ: How to Deploy RLC Pro on AWS\nThis is part of a series I produced at CIQ on deploying RLC Pro across major cloud providers, making enterprise Linux accessible wherever your infrastructure lives.\n","date":"8 April 2026","permalink":"https://itguyeric.com/blog/deploy-rlc-pro-on-aws-marketplace/","section":"Blog","summary":"I wrote this guide for CIQ covering how to get RLC Pro running on AWS, from the Marketplace listing to a live EC2 instance with LTS and FIPS available.","title":"Deploy RLC Pro on AWS Marketplace"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/tutorial/","section":"Tags","summary":"","title":"Tutorial"},{"content":"","date":null,"permalink":"https://itguyeric.com/categories/uncategorized/","section":"Categories","summary":"","title":"Uncategorized"},{"content":"Flock to Fedora 2026: What to Expect in Prague #Flock to Fedora 2026 is heading back to Prague this June, and on episode 53 of the Fedora Podcast, Noah and I sat down with Justin Wheeler and Emma from the Fedora design team to talk through everything contributors and community members need to know.\nFor anyone who hasn\u0026rsquo;t been, Flock is the Fedora Project\u0026rsquo;s annual contributor conference — not a sales event, not a product launch, just the place where a global community of mostly volunteers gets together once a year to do real work, set direction, and remind themselves why they got into open source in the first place. Justin, who serves as Fedora Community Architect at Red Hat, described it well: it\u0026rsquo;s where you go to fuel up on the energy that carries you through the rest of the year. That tracks with my own experience. Some of the best conversations in open source happen at a table at midnight over bad food and good drinks.\nThe decision to return to Prague for a second consecutive year was a deliberate one. Travel anxiety into the US is real for a significant portion of the global Fedora community right now, and the Prague venue worked exceptionally well last year — accessible by train and plane, flexible space, and existing relationships with the hotel. Justin was transparent that this isn\u0026rsquo;t a new permanent model, just a practical call that let the team focus on improving the conference itself rather than rebuilding logistics from scratch in a new city.\nThe design theme for Flock 2026 is Alchemy, and Emma walked us through the research behind it. Prague\u0026rsquo;s history with alchemy traces back to Emperor Rudolph II, who brought Europe\u0026rsquo;s top alchemists to the city during his reign in the 1500s in pursuit of the philosopher\u0026rsquo;s stone. The design team ran a community vote on potential themes and alchemy won, which gave them a rich visual direction — medieval manuscripts, heraldic imagery, the Fedora four foundations rendered as elemental colors radiating from a stone. Fedora\u0026rsquo;s Flock mascot Kulora returns dressed as an alchemist this year, searching not for the philosopher\u0026rsquo;s stone but for Fedora itself. Emma is also reworking the design process to build a shared asset library so newer contributors can pick up design tickets without starting from a blank canvas.\nAs for the schedule: the conference runs June 14th through 16th, Sunday through Tuesday. Sunday is \u0026ldquo;Day Zero\u0026rdquo; — an offline workshop day with no AV and no plenary sessions, just hands-on working time for teams and SIGs to actually get things done face to face. Day One and Day Two follow a mirror structure: one opens with a single plenary track then breaks into three simultaneous recorded breakouts after lunch, the other does it in reverse. Both days will be live streamed so remote attendees can follow along. Registration is free, but you need to sign up in advance to get food, swag, and a conference t-shirt — and based on what Emma described about the alchemy branding, you\u0026rsquo;re going to want the t-shirt. Financial aid is also available for those who need it.\nYou can register now at fedoraproject.org/flock2026 and hang out in the #flock:fedoraproject.org room on Matrix if you have questions. Hope to see some of you in Prague.\n","date":"8 April 2026","permalink":"https://itguyeric.com/blog/flock-to-fedora-2026-prague-preview/","section":"Blog","summary":"Flock to Fedora 2026 is heading back to Prague this June, and on episode 53 of the Fedora Podcast, Noah and I sat down with Justin Wheeler and Emma from the Fedora design team to talk through…","title":"Flock to Fedora 2026: What to Expect in Prague"},{"content":"Deploy RLC Pro on Microsoft Azure Marketplace #I wrote this deployment guide for CIQ covering how to get RLC Pro running on Microsoft Azure, from the Marketplace listing to a production-ready Enterprise Linux environment.\nThe post opens with a question worth asking: how much time does your team spend configuring Enterprise Linux after launch? LTS repos, FIPS packages, support credentials. None of that is the work you spun up the instance to do. RLC Pro on Azure addresses that directly. The image ships pre-configured with CIQ repository access, and enabling Long-Term Support or FIPS 140-3 validated packages is one step after connecting your subscription.\nI covered what each enterprise capability actually means in practice: LTS minor version pinning for teams that cannot rebuild and revalidate every time upstream ships a new release, FIPS 140-3 for regulated workloads in government, defense, healthcare, and financial services, and full Enterprise Linux binary compatibility for teams migrating existing automation and applications.\nRead the full post on CIQ: How to Deploy RLC Pro on Microsoft Azure\nThis is the third post in a series I produced at CIQ on deploying RLC Pro across major cloud providers, with AWS and Google Cloud covered in companion guides.\n","date":"6 April 2026","permalink":"https://itguyeric.com/blog/deploy-rlc-pro-on-microsoft-azure-marketplace/","section":"Blog","summary":"I wrote this deployment guide for CIQ covering how to get RLC Pro running on Microsoft Azure, from the Marketplace listing to a production-ready Enterprise Linux environment.","title":"Deploy RLC Pro on Microsoft Azure Marketplace"},{"content":"From Fresh Install to AI Inference in Under 4 Minutes #Getting a GPU box ready for AI workloads is way harder than it should be, and we proved that live on the CIQ Webinar Series on April 2nd.\nI brought in Brian Dawson from CIQ product management, Damon Knight (CIQ\u0026rsquo;s resident AI nerd and automation engineer), and Zach from AI Insight Solutions for an honest conversation about where most organizations actually are when it comes to GPU infrastructure. The short answer: a lot of people started on cloud, found it expensive, bought hardware, and are now figuring out that running AI on prem is a whole different problem.\nThe demo said everything. We ran a fresh Ubuntu setup through the full stack, including Nvidia drivers, CUDA, the CUDA toolkit, cuDNN libraries, and PyTorch, with Damon copy-pasting commands he spent months refining. Time to first inference: around 13 and a half minutes, and roughly 10 of those were just prerequisites. Compare that to RLC Pro AI, which ships with the validated stack already baked in. Same hardware, same demo code, first tokens in about 3 minutes and 30 seconds.\nWhat makes that difference real at scale is validation. It is not just that the stack installs faster. It is that CIQ actually tested the dependency combinations, recompiled PyTorch with the right flags, and confirmed the GPU is doing the work instead of silently falling back to CPU. Damon\u0026rsquo;s point about checking Nvidia SMI and seeing 0% GPU utilization hit close to home for anyone who has been there.\nIf you are building or managing AI infrastructure, this one is worth watching.\nSubscribe to The IT Guy Show on YouTube and follow along at itguyeric.com for more Linux, open source, and infrastructure content.\n","date":"2 April 2026","permalink":"https://itguyeric.com/blog/from-fresh-install-to-ai-inference-in-under-4-minutes/","section":"Blog","summary":"Getting a GPU box ready for AI workloads is way harder than it should be, and we proved that live on the CIQ Webinar Series on April 2nd.","title":"From Fresh Install to AI Inference in Under 4 Minutes"},{"content":"I sat down with Damen Knight, CIQ Sr. Principal Automation Engineer, to talk about something every AI team knows but nobody budgets for: the hidden cost of configuring Linux for GPU workloads. We get into why general-purpose distributions were never really built for AI and what actually happens when you burn 30 to 60 minutes per node on manual CUDA setup.\nThe IT Guy Show \u0026middot; Episode 20 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\n\u0026ldquo;Pre-installed\u0026rdquo; and \u0026ldquo;validated\u0026rdquo; are not the same thing. Damen and I unpacked why a stack that is merely present is very different from one that has been tested to work together. Configuration hell is a real tax. We talked through driver conflicts, framework dependency failures, and how much time teams quietly lose fighting CUDA every time a kernel update lands. The CIQ approach. Damen walked me through the CIQ Linux Kernel and NVIDIA authorization, and how RLC Pro AI is meant to get you from first boot to first inference without the detour. Whether you are an ML engineer tired of babysitting drivers, a sysadmin managing a growing GPU fleet, or a tech leader wondering why production AI is harder than it should be, this one is for you.\n","date":"31 March 2026","permalink":"https://itguyeric.com/blog/itguyshow-ep20-first-inference/","section":"Blog","summary":"Damen Knight of CIQ and I dig into the hidden cost of configuring Linux for GPU and AI workloads.","title":"First Boot, First Inference | The IT Guy Show Ep. 20"},{"content":"CIQ Portal Is Live: Access and Deploy CIQ Products on Your Own Terms #I wrote the launch post announcing the CIQ portal going live at portal.ciq.com, covering what it is, who it\u0026rsquo;s for, and how to go from registration to your first download in under a minute.\nThe portal is the central hub for everything CIQ: product downloads, license keys, documentation, and team permission management across the full portfolio. That includes RLC Pro, RLC Pro Hardened, RLC Pro AI, RLC+, CIQ Bridge, Fuzzball, Ascender Pro, and Warewulf Pro. The post walks through the catalog structure, the Solution Stacks view for teams who aren\u0026rsquo;t sure where to start, and a step-by-step example deploying RLC Pro AI for a sovereign AI workload in a private data center.\nOne thing I wanted to get across was how genuinely fast the self-service flow is. Free tier, 30-day trial, or full enterprise deployment, you can get moving without talking to anyone first.\nRead the full post on CIQ: The CIQ Portal Is Live\nProduct accessibility is something I care about, and this post was a good opportunity to show how a well-designed portal can lower the barrier to evaluating enterprise infrastructure software.\n","date":"23 March 2026","permalink":"https://itguyeric.com/blog/ciq-portal-launch-deploy-enterprise-linux-your-way/","section":"Blog","summary":"I wrote the launch post announcing the CIQ portal going live at portal.ciq.com, covering what it is, who it\u0026rsquo;s for, and how to go from registration to your first download in under a minute.","title":"CIQ Portal Launch: Deploy Enterprise Linux Your Way"},{"content":"How to Migrate from RHEL to RLC Pro Without Re-Architecting #I wrote this guide for CIQ covering how to convert a running RHEL system to RLC Pro, without rebuilding servers or re-certifying your application stack.\nThe core of the post is Enterprise Linux binary compatibility. Because Rocky Linux builds from the same source RPMs as RHEL, the kernel ABI stays stable, shared libraries match, and your applications, Ansible playbooks, and automation carry over without modification. What actually changes is repository URLs, package signatures, and OS branding. That\u0026rsquo;s it. The migrate2rlc script handles the conversion on a live system, and the post walks through the full process: environment assessment, collecting CIQ portal credentials, running the migration, and validating the result.\nI also covered what you get on the other side. LTS version pinning, FIPS 140-3 validated packages on the .2/.6/.10 releases, commercial support tiers, and IP indemnification. The migration is the starting point, not the finish line.\nRead the full post on CIQ: How to Migrate from RHEL to RLC Pro Without Re-Architecting\nMigration content sits at the intersection of technical depth and business case, which is the kind of writing I enjoy most and where my sysadmin background actually earns its keep.\n","date":"17 March 2026","permalink":"https://itguyeric.com/blog/migrate-from-rhel-to-rlc-pro-without-re-architecting/","section":"Blog","summary":"I wrote this guide for CIQ covering how to convert a running RHEL system to RLC Pro, without rebuilding servers or re-certifying your application stack.","title":"Migrate from RHEL to RLC Pro Without Re-Architecting"},{"content":"CIQ at SCaLE 23x: Trip Report #I co-wrote this recap with Michael Young and R. Leigh Hennig covering CIQ\u0026rsquo;s presence at SCaLE 23x in Pasadena, and I was there in person as a speaker.\nThe post covers the full picture: 300+ badge scans at the CIQ booth, conversations with folks from Microsoft, Meta, Fedora, Red Hat, AlmaLinux, RESF, and more, a sponsored hardening workshop, and Community Game Night where Michael and I got absolutely dismantled at Uno No Mercy. The Asterisk community connection was an interesting thread too, with real follow-up conversations about adding Rocky Linux as a supported distribution.\nMy contribution to the program was a talk called \u0026ldquo;From Bash to Burnout: Staying Sane in a 24/7 Tech World.\u0026rdquo; It was a personal one. Behind every uptime badge is a tired sysadmin, and I wanted to have an honest conversation about protecting your time and energy without losing your love for the work. It drew about 20 to 30 attendees and sparked some good discussion afterward.\nRead the full post on CIQ: CIQ at SCaLE 23x Trip Report\nBurnout in tech is something I have thought about for a long time, and getting to talk about it in front of a room full of sysadmins and infrastructure people at SCaLE felt like exactly the right venue.\n","date":"16 March 2026","permalink":"https://itguyeric.com/blog/ciq-scale-23x-trip-report/","section":"Blog","summary":"I co-wrote this recap with Michael Young and R. Leigh Hennig covering CIQ\u0026rsquo;s presence at SCaLE 23x in Pasadena, and I was there in person as a speaker.","title":"CIQ at SCaLE 23x: Trip Report and Recap"},{"content":"What Enterprise Linux Support Actually Means (And Why It Matters) # Rocky Linux is everywhere, and for good reason. But community is not always enough, and this webinar is where Brady Dibble and I got into exactly what changes when you need a vendor behind your Linux stack.\nBrady is CIQ\u0026rsquo;s director of product management and honestly one of the clearest thinkers I have talked to on the topic of enterprise Linux. We started at the 40,000 foot view: enterprises are not planning infrastructure in years, they are planning in decades. And that long-term stability calculus gets complicated fast when AI is forcing you to chase the latest kernel features and GPU support at the same time.\nA big chunk of our conversation was about the difference between RLC Plus and RLC Pro, and when each one makes sense. RLC Plus is free, vendor-validated, and great for homelabs, startups, and anyone who needs more than community but is not running regulated production workloads. RLC Pro is where you get LTS, FIPS 140-3 compliant modules, indemnification, and actual support when things go sideways. Brady also made a point that stuck with me: you do not have to choose upfront. You can start on RLC Plus and move a node to Pro with basically a single command.\nWe also got into what indemnification actually means in practice, how FIPS compliance differs from FIPS certification, and why CIQ intentionally separated itself from the Rocky Linux project governance. That last one surprises a lot of people, and it came up at SCaLE just before we recorded this.\nIf you are running Linux in production or evaluating your options, this one is worth the watch. Subscribe to The IT Guy Show on YouTube and follow along at itguyeric.com for more.\n","date":"12 March 2026","permalink":"https://itguyeric.com/blog/enterprise-linux-support-rlc-pro-ciq/","section":"Blog","summary":"Rocky Linux is everywhere, and for good reason. But community is not always enough, and this webinar is where Brady Dibble and I got into exactly what changes when you need a vendor behind your Linux…","title":"What Enterprise Linux Should Actually Be | CIQ Webinar"},{"content":"Tech Burnout Recovery: What I Shared at SCaLE 23 #This one was personal. I gave this talk at SCaLE 23 in Pasadena as part of Open Source Career Day, and I will be honest, I almost did not write it because it meant putting some very uncomfortable things on a slide.\nIn 2025 I lost a job I had held for five and a half years in a seven-minute call. Over the next 96 days I worked overnight shifts at a gas station, interviewed on no sleep during what should have been my sleep hours, and spent a lot of time figuring out who I was when the job that had become my identity was gone. I also said yes to teaching Linux administration at Johnson County Community College, which I almost turned down, and eventually landed at CIQ. Both of those came through my network, not job boards.\nThe talk covers what burnout actually looks like before you realize you are in it, the patterns that get technical people there faster than most, and some practical steps I used to stabilize and rebuild. I talk about the hero trap, context switching, the identity trap, and what a blameless postmortem on my own situation taught me. There is also a question I started asking people in my life that has saved me more arguments than I can count, and I share it in the talk because it is genuinely that useful.\nThis is not a polished keynote. The slide deck had some technical issues live, I was processing some heavy personal news the morning of the talk, and it shows. But I think that is part of why it landed the way it did.\nWatch the full talk on YouTube: From Bash to Burnout | SCaLE 23 Open Source Career Day\nSustainability is one of the most important skills you can build in this industry. Reliability requires maintenance, and that applies to people too.\n","date":"8 March 2026","permalink":"https://itguyeric.com/blog/tech-burnout-recovery-scale-23-talk/","section":"Blog","summary":"This one was personal. I gave this talk at SCaLE 23 in Pasadena as part of Open Source Career Day, and I will be honest, I almost did not write it because it meant putting some very uncomfortable…","title":"From Bash to Burnout | My SCaLE 23 Talk"},{"content":"From Bash to Burnout: My SCaLE 23x Talk #I gave this talk at SCaLE 23x in Pasadena as part of Open Source Career Day, and it is probably the most personal thing I have ever put on a stage.\n2025 was a hard year. I lost a job I had tied my entire identity to, spent 96 days working overnight shifts at a gas station, and went through some personal upheaval I was not prepared for. I did not plan to turn any of that into a conference talk. But when I was asked to speak, it felt dishonest to stand up in front of a room full of sysadmins and IT folks and pretend I had it all figured out.\nThe talk covers what burnout actually looks like before you realize it is happening, the patterns that lead there, the signals I missed in my own life, and some practical things that genuinely helped. Not productivity hacks. Real stuff, like building a daily rhythm when everything falls apart, maintaining a few relationships with no agenda, and learning to separate your identity from your employer before a reorg does it for you.\nI also talk about what I did right after the layoff and what I would do differently. Spoiler: I should have taken time to grieve before immediately hunting for the next thing.\nIf any of this sounds familiar, the recording is worth 40 minutes of your time.\nBurnout is not a personal failing. It is a warning sign. I needed someone to say that to me in 2025, so I figured I would say it to a room full of people instead.\n","date":"8 March 2026","permalink":"https://itguyeric.com/blog/from-bash-to-burnout-scale-23x/","section":"Blog","summary":"I gave this talk at SCaLE 23x in Pasadena as part of Open Source Career Day, and it is probably the most personal thing I have ever put on a stage.","title":"From Bash to Burnout: My SCaLE 23x Talk"},{"content":"I wanted to start 2026 with a reality check: subscriptions are eating our wallets. Streaming services, password managers, cloud storage, to-do apps, the monthly drip is everywhere. In this solo episode I break down why recurring subscription models became the default and what it looks like to take some of that control back.\nThe IT Guy Show \u0026middot; Episode 19 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nThe subscription model is a default, not a law. I dig into why nearly everything shifted to recurring billing and how that lands on both consumers and creators. Self-hosting is the counter-move. I walk through my own setup and the self-hosting stack I am leaning on to replace services I used to rent by the month. This is the start of an arc. This episode kicks off a longer thread on building a personal homelab, cutting reliance on the cloud, and reclaiming your tech stack one app at a time. Consider this the planning session before the build. There is a lot more coming on this one.\n","date":"17 February 2026","permalink":"https://itguyeric.com/blog/itguyshow-ep19-subscriptions/","section":"Blog","summary":"I open 2026 with a reality check on subscription fatigue and kick off a new arc on building a personal homelab.","title":"The Problem with Subscriptions | The IT Guy Show Ep. 19"},{"content":"Proactive Linux Security: How RLC Hardened Goes Beyond Patching #Reactive security is table stakes at this point, and it is not keeping up. I sat down with Nathan Blackham, Brady Dibble, and Sultan Alof from CIQ to talk about what it actually looks like to build defense into the operating system from day one.\nThe conversation started with something that hits close to home for anyone managing Linux at scale: CVE volume has exploded. The Linux kernel became its own CVE numbering authority a few years back, which means every commit gets evaluated for security relevance. That is good in theory, but in practice it means patching has become a near full-time job, and mission usually wins when you have to choose between a reboot window and keeping production up. Brady put it plainly: compliant and secure are not the same thing, and the gap between them is where things go wrong.\nThat is the whole premise behind RLC Hardened. It ships with a set of code-level changes designed to close off entire attack vectors before a CVE even exists for them. That includes a hardened glibc build, hardened malloc, tightened OpenSSH that drops the XZ library linkage after startup, stronger password hashing via yescrypt, and a few other targeted modifications. The gold image comes out at 95% STIG compliance on day one, which is an actual measured number, not marketing copy.\nThe standout piece is LKRG, the Linux Kernel Runtime Guard. Sultan walked through how it works and it is genuinely different from anything else in this space. Rather than scanning for known exploit signatures, it watches for the end goal of an exploit, things like a process claiming root credentials it never earned through legitimate channels. The demo showed it killing an exploit attempt cold, and the performance overhead is around 2.5%, which is low enough that most workloads will not notice it. It also ships signed for secure boot, which matters a lot in regulated environments.\nIf you are running Linux in production and security compliance is part of your world, this one is worth your time. Subscribe to The IT Guy Show on YouTube and follow along at itguyeric.com for more.\n","date":"12 February 2026","permalink":"https://itguyeric.com/blog/proactive-linux-security-rlc-hardened-lkrg/","section":"Blog","summary":"Reactive security is table stakes at this point, and it is not keeping up. I sat down with Nathan Blackham, Brady Dibble, and Sultan Alof from CIQ to talk about what it actually looks like to build…","title":"Proactive Linux Security: How RLC Hardened Goes Beyond Patching"},{"content":"Sovereign AI Infrastructure: Training, Inference, and Exploration in One Workflow #This was my first CIQ webinar and I walked away genuinely excited, which is not something I say lightly. Dave Godlove and Jonathan Sparks showed off Fuzzball\u0026rsquo;s new service endpoints feature and what it unlocks for teams that want to run their own AI without handing their data to someone else.\nThe core problem Jonathan laid out is something a lot of teams are quietly dealing with. Training, fine-tuning, building a RAG index, and running inference have traditionally been treated as completely separate workflows, often on separate tools. Fuzzball has always been a batch processing engine for HPC workloads, but service endpoints change the picture. Now a single workflow can include batch jobs that ingest and vectorize your documentation alongside a persistent AI service you can actually talk to, all managed through the same interface.\nThe demo Dave walked through made this concrete. Wolfgang (a colleague who built the workflow) set up a local AI stack inside Fuzzball that pulls documentation from a private GitHub repo, builds a vector database using local recall, and serves it through a RAG-enabled model you can query directly in the browser. No data leaves your environment. No external API calls. The model knew about Fuzzball because it had been trained on Fuzzball\u0026rsquo;s own docs, running entirely on CIQ\u0026rsquo;s infrastructure. Dave also showed off a virtual desktop service and a Jupyter notebook environment running through the same setup, both accessible with a single click from the web interface.\nWhat got me was the scope controls. You can restrict a service to just yourself, share it with a team, or open it to your whole organization, and that applies to the AI model the same as anything else. The use cases kept expanding as we talked: internal documentation bots, sovereign coding assistants, VDI for remote research teams, agentic workflows connected to Slack or GitHub. All of it on hardware you control.\nIf you are curious what self-hosted AI actually looks like in practice, this one is worth your time. Subscribe to The IT Guy Show on YouTube and follow along at itguyeric.com.\n","date":"29 January 2026","permalink":"https://itguyeric.com/blog/sovereign-ai-infrastructure-fuzzball-service-endpoints/","section":"Blog","summary":"This was my first CIQ webinar and I walked away genuinely excited, which is not something I say lightly. Dave Godlove and Jonathan Sparks showed off Fuzzball\u0026rsquo;s new service endpoints feature and what…","title":"Sovereign AI Infrastructure: Training, Inference, and Exploration in One Workflow"},{"content":"I wrote this for TuxCare to sit with the tension every ops team knows: we need to fix this now, but we can\u0026rsquo;t take anything offline. Production doesn\u0026rsquo;t pause for a patch, so I wanted to walk through exactly how KernelCare resolves that conflict with live patching.\nOriginally published on TuxCare Read the full article \u0026rarr; A few things I wanted people to walk away with:\nThe patch goes into running memory. KernelCare pauses execution for a few nanoseconds, loads corrected code into protected kernel memory, and redirects to the fixed version, so services never notice. It follows a predictable rhythm. Detect, engineer, distribute, retrieve, apply, with enabled systems checking in automatically about every four hours. It holds up in high-stakes environments. Organizations like OCLC, Proofpoint, and Efinity have used it to shrink exposure windows, avoid coordinated downtime, and stay audit-ready. The best compliment I can give it is that good live patching feels almost invisible, like the updates on your phone that never stop your day.\n","date":"23 January 2026","permalink":"https://itguyeric.com/blog/tuxcare-kernelcare-no-reboots/","section":"Blog","summary":"I wrote this for TuxCare to explain, step by step, how KernelCare applies kernel patches to running memory so teams stay secure without rebooting.","title":"KernelCare: How Teams Stay Secure Without Reboots"},{"content":"I wrote this more reflective piece for TuxCare about what really happened when CentOS 7 reached end of life in June 2024. Millions of servers crossed an invisible line, and I wanted to argue that the disruption wasn\u0026rsquo;t the collapse of enterprise Linux but the start of something healthier.\nOriginally published on TuxCare Read the full article \u0026rarr; A few things I wanted people to walk away with:\nThe old vendor-centric model stopped fitting. Our 2025 landscape data showed enterprises split between running CentOS past EOL on third-party support and migrating to AlmaLinux or Rocky Linux. Community governance earned real trust. AlmaLinux, governed by an independent non-profit, adapted its rebuild transparently when RHEL source access changed, proving community leadership can deliver both rigor and stability. Trust now means predictability, not promises. Transparency and clear lifecycles have become operational requirements, and enterprise partners like TuxCare reinforce that foundation rather than replacing it. The end of CentOS Linux was a reminder that open systems endure precisely because no single organization owns the future.\n","date":"21 January 2026","permalink":"https://itguyeric.com/blog/tuxcare-future-enterprise-linux/","section":"Blog","summary":"I wrote this for TuxCare on how the end of CentOS Linux pushed enterprise Linux toward collaboration, transparency, and community-led stability.","title":"The Future of Enterprise Linux: How Collaboration is Shaping the Next Era of Stability and Trust"},{"content":"TuxCare Enterprise Support Vertical Explainer Series #These three short videos were part of a vertical marketing campaign I produced at TuxCare, each one aimed at a different regulated industry dealing with the same core problem: Linux infrastructure that has to stay secure, compliant, and online, with less budget and fewer people than the job actually requires.\nI wrote the scripts and appeared on camera for all three. The goal was to translate TuxCare\u0026rsquo;s enterprise support value into language that resonated with each audience specifically. Fintech teams thinking about PCI-DSS and SOX. Public sector teams navigating FedRAMP, FISMA, and FIPS 140-3 mandates. Healthcare IT teams carrying HIPAA obligations while managing legacy systems that simply cannot go down.\nSame product, same core message, three completely different buying contexts. Getting that right without just swapping out the compliance acronyms was the actual challenge.\nWatch: TuxCare Enterprise Support for Financial IT\nWatch: TuxCare Enterprise Support for Public Sector\nWatch: TuxCare Enterprise Support for Healthcare\nVertical messaging is a skill I enjoy. Understanding what keeps a CISO at a hospital up at night versus what keeps a compliance officer at a federal agency up at night, and then writing to that specifically, is where technical background and marketing instinct actually come together.\n","date":"7 January 2026","permalink":"https://itguyeric.com/blog/tuxcare-enterprise-support-explainer-series/","section":"Blog","summary":"These three short videos were part of a vertical marketing campaign I produced at TuxCare, each one aimed at a different regulated industry dealing with the same core problem: Linux infrastructure…","title":"TuxCare Enterprise Support Explainer Series"},{"content":"Every six months or so, I found myself in the same spot. A new release was out, the features were solid, the engineering work was impressive… and yet the same questions kept coming back from sales, customers, and even internal teams.\n“What actually changed?”\n“What should I care about?”\n“How do I explain this without reading release notes out loud?”\nThat’s the gap the “What’s New” decks were meant to close. Not as a one-off presentation, but as a repeatable way to tell the product story in a way that made sense to real humans — especially the ones who didn’t live and breathe the roadmap every day.\nThe Challenge #The problem wasn’t that the releases were bad. Quite the opposite. The problem was volume.\nEnterprise software ships on a predictable cadence. New features, enhancements, deprecations, tech previews — all of it lands on a schedule whether anyone is ready or not. By the time a release goes GA, teams are already juggling conferences, roadmap conversations, internal launches, and whatever fire happens to be burning that week.\nWhat I kept seeing was this:\nRelease notes were thorough, but overwhelming Sales teams wanted a clear story, not a changelog Customers cared about impact, not every individual bullet point And on top of that, the audience was never just one type of person. A single update had to make sense to:\nA practitioner watching live A sales engineer skimming slides before a customer call A customer catching the replay two weeks later Without a consistent way to frame what mattered most, every release risked becoming noise — even when the work underneath it was genuinely exciting.\nThe Approach #After a few of these updates, it became obvious that the problem wasn’t the content — it was the format.\nEvery product team I worked with had the same raw ingredients: feature lists, engineering notes, roadmap context, and a rough idea of who the audience was. What kept breaking down was the handoff between knowing what shipped and explaining why anyone should care.\nSo instead of treating each update as a brand-new presentation, I started thinking in terms of a system.\nThe goal was simple:\nStart with why this matters, not just what shipped Curate a small number of changes that actually moved the needle Design once, then reuse across multiple audiences and channels That meant forcing some discipline. Not every feature made the cut. Not every slide was technical. And every deck had to work in more than one context — live presentations, recorded webinars, internal enablement, and on-demand viewing.\nI leaned on Pragmatic Marketing principles here, but quietly. Personas shaped what made it into the deck. Market problems dictated framing. The framework stayed in the background while the story stayed front and center.\nOver time, this approach turned into a repeatable model I could apply regardless of product, release size, or company. The examples changed. The structure didn’t.\nKey Deliverables #Once the structure was in place, the actual outputs became much easier — and more consistent — to produce. Instead of reinventing the wheel every release, each update followed the same basic anatomy, even as the content changed.\nAt a high level, the system produced:\nA Modular “What’s New” Deck #Each deck followed a predictable flow:\nContext first: what kind of release this is and who it’s for Top themes: a small number of changes that actually matter to buyers Selective depth: enough detail to be credible without overwhelming What’s next: timelines, previews, or things to keep an eye on This made the deck usable whether someone watched live, skimmed slides before a call, or jumped to a specific section on replay.\nLive and Recorded Presentations #The same deck was designed to work on-camera. That meant:\nSlides that supported narration instead of replacing it Clear transitions for live discussion and Q\u0026amp;A Natural breakpoints for chapter markers and replays In practice, this allowed a single narrative to power live webinars, recorded updates, and shorter clips without rewriting the story each time.\nReusable Enablement Assets #Because the structure stayed consistent, pieces of the deck could be lifted and reused:\nSales teams pulled slides directly into customer conversations Partners used trimmed versions for their own briefings Marketers repurposed sections into blog posts, videos, or follow-up content One concrete example of this approach in action was a recurring “What’s New” update for Red Hat Enterprise Linux, where the same core deck supported a live YouTube presentation, internal enablement, sales presentations, and on-demand viewing — all without maintaining separate versions.\nThe deliverables mattered, but the real value was consistency. Once teams knew what to expect, the updates became easier to consume, easier to share, and easier to trust.\nImpact #The most noticeable change wasn’t a single metric — it was how people interacted with the updates.\nBefore this approach, release content tended to feel disposable. Watch it live, forget it, move on. Once the structure stabilized, the updates started behaving more like a reference point than an event.\nHere’s what shifted over time:\nClearer conversations: Sales and field teams stopped asking what they should focus on and started asking deeper follow‑up questions. Better reuse: The same deck showed up in customer calls, internal trainings, and partner briefings without needing to be rewritten. Higher engagement: Live sessions held attention longer, and recorded views stayed relevant well past the initial release window. More confidence: Stakeholders trusted the updates because they knew what they were getting — context, prioritization, and honesty about what mattered. In at least one recurring release series, this approach contributed to sustained growth in live attendance and replay views, while reducing the amount of one‑off enablement work needed each cycle.\nMore importantly, it changed expectations. Product updates stopped feeling like a fire drill and started feeling like a known rhythm — something teams could plan around instead of react to.\nConclusion \u0026amp; CTA #What started as a way to survive release cycles eventually became one of the most reliable and successful product marketing tools in my toolkit.\nThe lesson wasn’t about slides. It was about respect — for the audience’s time, for the complexity of the product, and for the reality that most people don’t live inside a roadmap. When updates are framed with context, intent, and restraint, people don’t just consume them. They trust them.\nThis same model has worked across different products, different release cadences, and different audiences because the fundamentals don’t change:\nStart with why Curate instead of catalog Design for reuse Treat enablement as a system, not a one-off If you’re building product updates, enablement content, or launch narratives and finding that they’re not landing the way you expect, this is usually where things break down.\nIf you’d like to talk about how this approach could apply to your product, your team, or your release motion, I’m always happy to compare notes.\n--\nPhoto by appshunter.io on Unsplash\n","date":"22 December 2025","permalink":"https://itguyeric.com/blog/creating-impactful-whats-new-presentations-for-product-marketing-teams/","section":"Blog","summary":"Every six months or so, I found myself in the same spot. A new release was out, the features were solid, the engineering work was impressive… and yet the same questions kept coming back from sales…","title":"Creating Impactful “What’s New” Presentations for Product Marketing Teams"},{"content":"How to Install Nvidia Drivers on AlmaLinux #I hosted this short tutorial for the official AlmaLinux YouTube channel covering how to install Nvidia drivers on AlmaLinux 10, one of those setup steps that trips people up if they have not done it before.\nThe short version of why this matters: AMD and Intel GPUs work out of the box on Linux using open source Mesa drivers. Nvidia does not. Getting full GPU performance and CUDA support requires installing proprietary drivers separately, and the process used to involve enough manual steps that it was a common pain point for anyone setting up a machine learning or rendering workload.\nThe video walks through the whole process, updating the system and rebooting to the latest kernel first, enabling the official AlmaLinux Nvidia driver repository, installing the driver and kernel module packages, and then verifying the install with a quick sanity check. CUDA tools for GPU computing get covered at the end for anyone going that route. No manual downloads, no messy installers.\nWatch on YouTube: How to Install Nvidia Drivers on AlmaLinux\nShort-form tutorial content like this is something I enjoy producing because the goal is simple: get someone unstuck and moving in under five minutes.\n","date":"12 December 2025","permalink":"https://itguyeric.com/blog/how-to-install-nvidia-drivers-on-almalinux/","section":"Blog","summary":"I hosted this short tutorial for the official AlmaLinux YouTube channel covering how to install Nvidia drivers on AlmaLinux 10, one of those setup steps that trips people up if they have not done it…","title":"How to Install Nvidia Drivers on AlmaLinux"},{"content":"","date":null,"permalink":"https://itguyeric.com/categories/podcasts-and-videos/","section":"Categories","summary":"","title":"Podcasts and Videos"},{"content":"Breqwatr Customer Story: Ending Scanner Overload with TuxCare Radar #I produced this customer story for TuxCare, including the written case study and the short video summary below. Breqwatr builds OpenStack clouds for industries where infrastructure genuinely cannot fail: freight and logistics, government deployments, financial services. Their vulnerability management problem was not a lack of scanning. It was too much of it.\nConventional scanners were returning thousands of flagged issues, many without enough context to act on. Engineers were spending hours parsing reports instead of running infrastructure. And with SOC 2 Type 2 completed and ISO 27001 in progress, audit conversations were getting harder to manage, not easier.\nTuxCare Radar changed that. Deployed in minutes via Ansible with no performance impact, Radar gave the Breqwatr team immediate fleet-wide visibility into what actually needed attention. As CTO Michael Knox put it, install the agent and away you go. No dedicated SecOps team required, no weeks of configuration, just a clean dashboard showing patch status across the entire fleet. Audit conversations shifted from defensive to confident, because the team could now show not just what vulnerabilities existed but which ones actually mattered in context.\nDownload the full case study on TuxCare: The End of Scanner Overload\nCustomer stories are some of my favorite content to produce. Getting the technical detail right while keeping the narrative accessible to a compliance officer and a CTO at the same time is a challenge worth solving.\n","date":"12 December 2025","permalink":"https://itguyeric.com/blog/tuxcare-radar-breqwatr-customer-story/","section":"Blog","summary":"I produced this customer story for TuxCare, including the written case study and the short video summary below. Breqwatr builds OpenStack clouds for industries where infrastructure genuinely cannot…","title":"Breqwatr Customer Story: TuxCare Radar"},{"content":"How to Start Contributing to AlmaLinux by Submitting a Pull Request #I hosted this short tutorial for the official AlmaLinux YouTube channel walking through how to submit your first pull request to an open source project without ever opening a terminal.\nThe barrier to contributing to open source is usually perceived as higher than it actually is. Most people assume you need a configured local environment, command line fluency, and a solid understanding of Git before you can help. For documentation fixes, typo corrections, or small additions, none of that is true. The whole process, forking the repo, creating a branch, making a change, and opening a pull request, happens right in the GitHub web interface.\nThe video walks through it step by step using an AlmaLinux repository as the example. Fork the project to get your own safe copy, add or edit a file, write a commit message, and propose the change for review. The pull request is how you hand that change back to the maintainers, who can then leave comments, request revisions, or merge it into the project. Same concept as a merge request on GitLab, different name.\nWatch on YouTube: How to Start Contributing to AlmaLinux by Submitting a Pull Request\nGetting people past their first contribution is something I genuinely care about. Open source only works if the on-ramp is accessible, and this is about as low a barrier as it gets.\n","date":"12 December 2025","permalink":"https://itguyeric.com/blog/almalinux-pull-request-github/","section":"Blog","summary":"I hosted this short tutorial for the official AlmaLinux YouTube channel walking through how to submit your first pull request to an open source project without ever opening a terminal.","title":"How to Submit a Pull Request to AlmaLinux on GitHub"},{"content":"I wrote this second KernelCare piece for TuxCare as the mid-December switchover actually landed. Where the launch post introduced Agent v3, this one is the timely nudge: signed patches are becoming the default now, and anyone still on v2 needs to move before their patch stream stops.\nOriginally published on TuxCare Read the full article \u0026rarr; A few things I wanted people to walk away with:\nSigned patches are the default going forward. Both formats coexisted for a while, but with the switch, older agents simply stop receiving patches. Waiting creates avoidable risk. Systems on v2 or earlier will have coverage gaps and end up doing the upgrade under time pressure instead of on their own schedule. The upgrade path is the same as always. One command for most systems, a single reboot on Secure Boot hosts to register the certificate, and ePortal 2.20+ for enterprise customers. If you upgraded early after the launch, you\u0026rsquo;re set; if not, this was the reminder to close the gap before it opened.\n","date":"12 December 2025","permalink":"https://itguyeric.com/blog/tuxcare-kernelcare-v3-signed/","section":"Blog","summary":"I wrote this for TuxCare as the signed-patch switchover arrived, urging teams still on older KernelCare agents to upgrade to v3 before coverage gaps appear.","title":"KernelCare Agent v3: Upgrade Now for Signed Patch Security"},{"content":"I wrote this for TuxCare to answer a question I hear the moment a compliance team joins the conversation: can we actually meet our regulatory requirements on a community OS like AlmaLinux? The honest answer is yes, but not with the community edition alone, so I broke down what compliance really requires and where the gaps are.\nOriginally published on TuxCare Read the full article \u0026rarr; A few things I wanted people to walk away with:\nFrameworks don\u0026rsquo;t certify \u0026ldquo;just the OS.\u0026rdquo; FIPS 140-3 and FedRAMP expect validated cryptography, hardened baselines, continuous scanning, and documented control mappings, all working together. The gaps in community Linux are real. There\u0026rsquo;s no vendor-backed FIPS validation, no FedRAMP alignment out of the box, and no automated CIS or STIG enforcement, which leaves teams doing slow, error-prone manual work. TES closes those gaps. It provides validated FIPS modules, FedRAMP-aligned hardening for AlmaLinux, CIS/STIG automation, and up to 16 years of security updates. You can stay compliant on AlmaLinux and Rocky Linux without abandoning open source, but you need the enterprise layer that produces the evidence auditors want.\n","date":"1 December 2025","permalink":"https://itguyeric.com/blog/tuxcare-fips-fedramp-2026/","section":"Blog","summary":"I wrote this for TuxCare on building a FIPS and FedRAMP-ready environment on community Linux, and how TES fills the gaps the base OS can\u0026rsquo;t.","title":"How to Build a FIPS + FedRAMP-Ready Environment in 2026: AlmaLinux \u0026 Rocky Linux"},{"content":"I brought Linux content creator Brodie Robertson on to tackle the display server drama of the decade: the end of X11 and the rise of Wayland. We start with the history of X11, its weird quirks, and why it stuck around as long as it did, then get into what makes Wayland genuinely different, better, and honestly sometimes frustrating.\nThe IT Guy Show \u0026middot; Episode 18 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nX11 solved real problems in its day. Brodie and I walked through what the X Window System was actually built to do, which makes it easier to understand why replacing it took so long. Wayland fixes old pain, adds new friction. We got into screen tearing, compositors, and where Wayland clearly wins versus where it still trips people up. The ecosystem around it matters. From PipeWire to gaming to remote desktops and screen sharing, I wanted to know how the whole picture holds together in daily use. Whether you lived through the xhost + days or you are a curious distro-hopper wondering why Wayland keeps breaking your screen sharing, there is something here for you.\n","date":"18 November 2025","permalink":"https://itguyeric.com/blog/itguyshow-ep18-wayland/","section":"Blog","summary":"Brodie Robertson and I dig into the end of X11 and the rise of Wayland on the Linux desktop.","title":"Wayland and My eX-11 | The IT Guy Show Ep. 18"},{"content":"If you have been applying online and hearing nothing back, this one is for you. I sat down with Jeffry Ullman, a job search coach and the creator of the LinkedIn Job Search Masterclass, to talk about what actually moves the needle when you are trying to land your next role. It is not your fault the process feels broken, and Jeffry has spent a lot of time figuring out how to work around it.\nThe IT Guy Show \u0026middot; Episode 17 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nThe resume black hole is real. Jeffry walked me through why applying blindly online so often leads nowhere, and how you get out of that loop by making LinkedIn work in your favor. Your profile is a brand, not a resume. We talked through optimizing your LinkedIn presence so recruiters and hiring managers actually find and remember you. Fake postings and job alerts. Jeffry and I got into how to spot the fake job postings cluttering the feed and how to set up alerts that surface the roles worth your time. Whether you have been laid off, are quietly looking, or just want to future-proof your online presence, Jeffry\u0026rsquo;s methodology gives you something concrete to work with.\n","date":"4 November 2025","permalink":"https://itguyeric.com/blog/itguyshow-ep17-linkedin-jobs/","section":"Blog","summary":"Job search coach Jeffry Ullman and I dig into a reality-based approach to landing your next role through LinkedIn.","title":"Reality-based Approach to LinkedIn Jobs | The IT Guy Show Ep. 17"},{"content":"Getting laid off is hard. It can shake your confidence, your routines, and your sense of direction, but it doesn\u0026rsquo;t have to define you. In this solo episode I share my own experience with being laid off: what helped, what didn\u0026rsquo;t, and what I wish I\u0026rsquo;d known earlier. I also pull together the most practical and compassionate advice I\u0026rsquo;ve found from others who have been through it.\nThe IT Guy Show \u0026middot; Episode 16 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nMy story is on the table. I walk through my own layoff honestly, because pretending it was easy wouldn\u0026rsquo;t help anyone. Growth can come out of it. I talk about the successes and unexpected growth that followed, without sugarcoating the hard middle. The practical tips matter. From job-hunting strategy to mental health tools, I round up the advice worth keeping close. If you\u0026rsquo;re navigating a layoff right now, or want to be ready in case you ever have to be, this episode is for you.\n","date":"21 October 2025","permalink":"https://itguyeric.com/blog/itguyshow-ep16-layoff/","section":"Blog","summary":"A candid solo episode about surviving a layoff, from my own story to practical job-search and mental health advice.","title":"When the Layoff Comes | The IT Guy Show Ep. 16"},{"content":"I wrote this for TuxCare to help teams answer a strategic question, not just a technical one: which support tier actually fits your environment? Running community Linux at scale is a constant balance of cost, coverage, and compliance, so I laid out the trade-offs behind Essential, Enhanced, and Custom.\nOriginally published on TuxCare Read the full article \u0026rarr; A few things I wanted people to walk away with:\nEssential is for stability without surprises. It gives smaller teams 24x7 help with packaging and installation plus vetted repositories, which suits non-regulated workloads that can live with the community update cycle. Enhanced extends coverage across your whole stack. It backs databases, containers, CI/CD, and web servers, with migration guidance and pay-as-you-go expert hours for compliance-heavy environments. Custom makes TuxCare an extension of your team. You define the Scope of Work, and it covers tailored packages, FedRAMP or STIG alignment, and full-stack engineering. There\u0026rsquo;s no one-size-fits-all answer; the right tier depends on your business risk, compliance obligations, and how much your team can carry.\n","date":"10 October 2025","permalink":"https://itguyeric.com/blog/tuxcare-support-tiers/","section":"Blog","summary":"I wrote this for TuxCare to break down the Essential, Enhanced, and Custom support tiers so teams can match coverage to their real risk profile.","title":"Choosing the Right Enterprise Support Tier with TuxCare"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/red-hat/","section":"Tags","summary":"","title":"Red Hat"},{"content":"I wrote this comparison for TuxCare because IT leaders deserve more than marketing claims when they\u0026rsquo;re choosing a Linux support partner. I put TES side by side with Red Hat, SUSE, Canonical, and Oracle on the things that actually drive the decision: cost, patching reach, and compliance.\nOriginally published on TuxCare Read the full article \u0026rarr; A few things I wanted people to walk away with:\nPricing is where the models diverge most. Competitors tie cost to sockets, CPU pairs, or mandatory subscriptions, while TES uses transparent per-system pricing with no per-socket multipliers or minimum counts. Rebootless patching goes further with TuxCare. KernelCare, LibCare, and QEMUCare cover kernels, libraries, and hypervisors across multiple distros, where most competitors offer kernel-only or premium-tier-only patching. Compliance shouldn\u0026rsquo;t require picking one vendor\u0026rsquo;s distro. TES brings FIPS-validated builds and FedRAMP-aligned workflows to community Linux like AlmaLinux and Rocky. The other vendors all have their place; the point of the piece was to show clearly where the real differences lie.\n","date":"8 October 2025","permalink":"https://itguyeric.com/blog/tuxcare-vs-competitors/","section":"Blog","summary":"I wrote this for TuxCare: a fact-based comparison of TES against Red Hat, SUSE, Canonical, and Oracle across pricing, rebootless patching, and compliance.","title":"TuxCare vs. Red Hat / SUSE / Canonical / Oracle: A Feature, Cost, and Performance Comparison"},{"content":"What happens when two nerds who love the community side of tech get together? A whole lot of stories, laughs, and insights. In this episode I sit down with my coworker Chris DeMars to talk about Developer Relations, technical advocacy, and what it really takes to support and empower developers in a fast-moving ecosystem. From browser wars to burnout and open source to on-stage nerves, it\u0026rsquo;s an honest look at what fuels a career in DevRel.\nThe IT Guy Show \u0026middot; Episode 15 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nDevRel is more than demos. Chris helps define what the work actually is and what separates a good developer advocate from a great one. Empathy is the throughline. We spend real time on empathy in tech, and why it\u0026rsquo;s the thing that keeps advocacy grounded. Burnout is the quiet risk. Chris is candid about the on-stage nerves and fatigue, and how to keep from fizzling out. Come for the DevRel talk, stay for the hot takes. This one was a genuinely good time to record.\n","date":"7 October 2025","permalink":"https://itguyeric.com/blog/itguyshow-ep15-devlife-chris-demars/","section":"Blog","summary":"A fun, story-filled chat with Chris DeMars about DevRel, developer advocacy, empathy, and avoiding burnout.","title":"DevLife with Chris DeMars | The IT Guy Show Ep. 15"},{"content":"I hosted this solo webinar for TuxCare making the case that you do not actually have to choose between community Linux and enterprise-grade support. The whole pick-a-camp framing is a false choice, and that is what the session is built around.\nThe first half covers why community distributions like AlmaLinux and Rocky Linux are increasingly showing up in production environments, and what the real concerns are when they do. Not just licensing costs, but patching velocity, compliance requirements like FIPS and FedRAMP, supply chain integrity, and what it actually costs your team to be the only ones on call at 2 a.m. Free software is not free if your people are the support contract.\nThe second half gets into how TuxCare Enterprise Support, KernelCare, Radar, and the Endless Lifecycle Support offerings layer onto a community distribution to address those concerns without locking you into a commercial vendor\u0026rsquo;s opinionated build. I also walked through rebootless patching in some detail since it comes up constantly and deserves a real explanation rather than a marketing bullet point.\nThe Q\u0026amp;A covered RHEL to AlmaLinux migration paths, FIPS compliance across version upgrades, and what to do if you are still running CentOS 7. My answer on the last one was only partially a joke.\nWatch the full webinar on YouTube: Ending the Linux Tradeoff\nThis webinar sits at the center of what I do: translating real infrastructure concerns into a conversation that makes sense to both the sysadmin in the room and the person signing the budget.\n","date":"25 September 2025","permalink":"https://itguyeric.com/blog/community-linux-enterprise-support-webinar/","section":"Blog","summary":"I hosted this solo webinar for TuxCare making the case that you do not actually have to choose between community Linux and enterprise-grade support. The whole pick-a-camp framing is a false choice…","title":"Ending the Linux Tradeoff: Enterprise Features on Community Linux"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/automation/","section":"Tags","summary":"","title":"Automation"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/devops/","section":"Tags","summary":"","title":"DevOps"},{"content":"The system administrator role has changed a lot over the last couple of decades, but some of us are still proudly flying the flag. In this episode I sit down with my longtime friend Nate Lager to talk through his career journey, the lessons he picked up in the trenches, and what still gets him excited about tech today. We cover a lot of ground, from burnout to bash scripts to his move to Red Hat.\nThe IT Guy Show \u0026middot; Episode 14 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nCareers rarely go in a straight line. Nate traces his path from starting in technology through to Red Hat, and the detours are half the story. Automation and authenticity go together. We get into how automating the boring parts frees you up to do the work that actually matters. Burnout is worth naming. Nate is candid about the tough parts of the job, which makes his advice near the end land all the more. Whether you\u0026rsquo;re a new sysadmin, a grizzled graybeard, or just love nerding out about Linux, you\u0026rsquo;ll feel right at home here.\n","date":"23 September 2025","permalink":"https://itguyeric.com/blog/itguyshow-ep14-sysadmin-nate-lager/","section":"Blog","summary":"A wide-ranging chat with Nate Lager about the sysadmin life, from burnout and bash scripts to automation and authenticity.","title":"Life as a SysAdmin with Nate Lager | The IT Guy Show Ep. 14"},{"content":"I wrote this for TuxCare to announce KernelCare Agent v3 and explain the thinking behind it: we built signed patch support to enable rebootless patching on Secure Boot servers, then decided the added trust was worth making the default for everyone. This was the launch post, so I focused on what the release is and why it matters.\nOriginally published on TuxCare Read the full article \u0026rarr; A few things I wanted people to walk away with:\nv3 adds embedded signature validation. Every rebootless patch now carries a signature, layering more trust onto the live patching process teams already rely on. Signed patches were becoming the default. Starting mid-December the signed format takes over, so agents on v2 or earlier would stop receiving patches without an upgrade. The upgrade is genuinely easy. For most systems it\u0026rsquo;s a single command; Secure Boot servers need one reboot to register the certificate, and enterprise ePortal users move to 2.20. Upgrading early gives you a comfortable runway to validate v3 across the fleet before the switchover.\n","date":"17 September 2025","permalink":"https://itguyeric.com/blog/tuxcare-kernelcare-v3-arrived/","section":"Blog","summary":"I wrote this for TuxCare to announce KernelCare Agent v3, which introduces signed patch validation while keeping live patching disruption-free.","title":"KernelCare Agent v3 Has Arrived"},{"content":"I wrote this for TuxCare to announce that Enterprise Support, formerly scoped to AlmaLinux, now covers Rocky Linux too. Most enterprises I talk to run more than one distro, so I wanted to lay out why community support alone rarely covers what 24x7, regulated workloads actually need.\nOriginally published on TuxCare Read the full article \u0026rarr; A few things I wanted people to walk away with:\nMulti-distro estates are the norm now. AlmaLinux and Rocky Linux are the leading CentOS successors, and TES now covers both under one contract and SLA instead of juggling separate vendors. Community support has real gaps for enterprises. It doesn\u0026rsquo;t provide 24x7 production response, FIPS-validated builds, FedRAMP-aligned workflows, or lifecycle coverage well beyond community end of life. It\u0026rsquo;s a foundation, not a lock-in. TES pairs with the wider portfolio, from ELS to KernelCare, so you extend your open-source stack without getting trapped in a proprietary subscription. The goal was a secure, compliant footing on the community distro you already run, without giving up the freedom that made you choose it.\n","date":"16 September 2025","permalink":"https://itguyeric.com/blog/tuxcare-enterprise-support-alma-rocky/","section":"Blog","summary":"I wrote this for TuxCare on the relaunch of Enterprise Support, which now covers AlmaLinux and Rocky Linux together with 24x7 support and compliance-ready patching.","title":"The New TuxCare Enterprise Support: Premium Coverage for AlmaLinux and Rocky Linux"},{"content":"Before DevOps, SRE, and the cloud were the whole conversation, there were sysadmins, the generalists who kept the lights on with bash scripts, cron, and plenty of caffeine. This is a solo episode where I tell my own story: how I broke into system administration, from my earliest tech gigs to becoming the go-to Linux guy.\nThe IT Guy Show \u0026middot; Episode 13 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nThe early days shape you. I go back to those first gigs and the messy, hands-on learning that got me started. You learn the ropes by doing. A lot of what stuck came from tools I loved, tools I hated, and the mistakes in between. The role keeps evolving. I reflect on how sysadmin work has shifted and share the advice I\u0026rsquo;d give anyone getting in today. If you\u0026rsquo;re new to IT or just a little nostalgic for the days of cron, this one\u0026rsquo;s for you.\n","date":"9 September 2025","permalink":"https://itguyeric.com/blog/itguyshow-ep13-became-sysadmin/","section":"Blog","summary":"A solo look back at how I broke into system administration and how the sysadmin role has changed over the years.","title":"How I Became a SysAdmin | The IT Guy Show Ep. 13"},{"content":"I wrote this for TuxCare to define a term that sits at the heart of the whole Radar story: patch-aware scanning. It starts with the audit scenario everyone in ops knows, where a scanner flags a glibc CVE you already patched live, and you spend hours justifying the discrepancy line by line.\nOriginally published on TuxCare Read the full article \u0026rarr; A few things I wanted people to walk away with:\nMost scanners only read version numbers. They match installed packages to a CVE feed and stop there, which misses rebootless patches, backports, and manual fixes your team already applied. Patch-aware means reading the live state. A patch-aware scanner checks what\u0026rsquo;s actually been resolved, whether through updates, KernelCare, or ELS, and focuses on the kernel that\u0026rsquo;s running now. It pays off most at audit time. Radar produces audit-ready reports that reflect your real patch status, so you can prove what\u0026rsquo;s fixed instead of doing detective work. Patch-aware scanning isn\u0026rsquo;t a nice-to-have; it\u0026rsquo;s how a scanner keeps up with the way Linux systems are actually maintained.\n","date":"2 September 2025","permalink":"https://itguyeric.com/blog/tuxcare-patch-aware/","section":"Blog","summary":"I wrote this for TuxCare to explain what patch-aware scanning means, why traditional scanners get Linux wrong, and how it makes audits far less painful.","title":"What Is Patch Aware, and Why Should You Care?"},{"content":"I wrote this for TuxCare after remembering the airgapped datacenters where getting an update meant sneaker-netting a USB stick across the room. If your systems can\u0026rsquo;t all talk to the cloud directly, this post shows how to route Radar scan data through ePortal instead.\nOriginally published on TuxCare Read the full article \u0026rarr; A few things I wanted people to walk away with:\nIt\u0026rsquo;s a clean n-to-1 setup. Clients talk to a single internal ePortal server, and ePortal forwards scan data securely to the Radar backend, so your hosts don\u0026rsquo;t each need internet access. The config change is small. You enable the Radar proxy in ePortal\u0026rsquo;s config, point each client\u0026rsquo;s base-url at ePortal in radar.yaml, and everything else stays as it was. It fits compliance needs without new attack surface. There are no inbound ports or extra agents, and you can route to the EU endpoint for GDPR or inspect outbound traffic before it leaves. For airgap, audit, or just peace of mind, this is a couple of config lines that extend Radar into tightly controlled environments.\n","date":"26 August 2025","permalink":"https://itguyeric.com/blog/tuxcare-radar-eportal-proxy/","section":"Blog","summary":"I wrote this for TuxCare to show how ePortal can proxy Radar scans, so locked-down fleets route data through one internal server instead of each host phoning home.","title":"Using TuxCare's ePortal as a Proxy for Radar Scans"},{"content":"From AI to compliance, modernization to mission-critical infrastructure, working in the public sector versus government tech can look similar on the surface while being worlds apart underneath. In this episode I welcome Joel Krooswyk, a former GitLab colleague and seasoned technical leader, to walk through those differences, from regulations and red tape to values, velocity, and what \u0026ldquo;transformation\u0026rdquo; really means when the stakes are national.\nThe IT Guy Show \u0026middot; Episode 12 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nPublic sector and government tech aren\u0026rsquo;t the same thing. Joel draws the distinction clearly, which changes how you think about the work. Compliance shapes everything. We talk about how regulations and red tape reframe what \u0026ldquo;moving fast\u0026rdquo; even means in this space. AI is landing here too. Joel shares how the technology landscape and AI\u0026rsquo;s role are evolving inside government work, and what that means for careers. If you\u0026rsquo;re curious about working with government or just watching those public-private lines blur, there\u0026rsquo;s a lot of clarity in this one.\n","date":"26 August 2025","permalink":"https://itguyeric.com/blog/itguyshow-ep12-govtech/","section":"Blog","summary":"Joel Krooswyk and I compare public sector and government tech work, covering compliance, modernization, AI, and career shifts.","title":"Working in GovTech: What's Different? | The IT Guy Show Ep. 12"},{"content":"I wrote this one for TuxCare, and it\u0026rsquo;s the most personal of my Radar posts. It opens with those dreaded rush-hour phone calls from my manager about the vulnerability that was going to \u0026ldquo;eat the Internet,\u0026rdquo; then walks through the daily habits that make Radar actually useful once it\u0026rsquo;s installed.\nOriginally published on TuxCare Read the full article \u0026rarr; A few things I wanted people to walk away with:\nTag your systems by risk zone. Labeling hosts as prod, pci, or web in radar.yaml turns a flat CVE list into risk you can read in context, so you know where to look first. Ask Radar instead of the forums. The built-in AI assistant is trained on the CVE landscape, so you can ask about a specific CVE or what a zero-day means without stringing together search terms. Trade spreadsheets for shareable reports. Filtered, audit-friendly PDF and Excel exports let you show progress over time instead of wrangling thousand-row spreadsheets. These are the routines I wish I\u0026rsquo;d had back when triage meant remoting into every server one at a time.\n","date":"19 August 2025","permalink":"https://itguyeric.com/blog/tuxcare-radar-best-practices/","section":"Blog","summary":"I wrote this for TuxCare on building real-world Radar routines, from tagging systems by risk zone to trading bloated spreadsheets for audit-ready reports.","title":"Best Practices for TuxCare Radar Security Scans"},{"content":"I wrote this follow-up for TuxCare because the most common reaction to a first Radar scan is surprise at how short the results are. I wanted to explain what actually happens under the hood so a quiet report reads as reassurance instead of a bug.\nOriginally published on TuxCare Read the full article \u0026rarr; A few things I wanted people to walk away with:\nA short first scan is the point. Radar profiles your installed packages and libraries, checks what\u0026rsquo;s already been resolved by updates, KernelCare, or ELS, and only reports what\u0026rsquo;s still active. You don\u0026rsquo;t have to dig through the output by hand. The built-in conversational AI lets you ask plain-language questions like which CVE is most urgent or whether an issue is already patched. MCP turns questions into actions. Connecting assistants like Claude or Cursor lets you go from \u0026ldquo;show me what\u0026rsquo;s wrong\u0026rdquo; to applying patches and generating a compliance report. If your first scan feels quiet, that\u0026rsquo;s Radar doing the first pass of triage for you.\n","date":"14 August 2025","permalink":"https://itguyeric.com/blog/tuxcare-radar-first-scan/","section":"Blog","summary":"I wrote this for TuxCare to set expectations for your first Radar scan, including why fewer results is a feature, not a bug.","title":"What to Expect From Your First Scan with TuxCare Radar"},{"content":"AlmaLinux Enterprise Support: TuxCare Webinar with Benny Vasquez\nI hosted this webinar for TuxCare with Benny Vasquez, chair of the AlmaLinux OS Foundation. We covered a lot of ground in about an hour, and honestly the pre-show conversation was just as good.\nI hosted this webinar for TuxCare with Benny Vasquez, chair of the AlmaLinux OS Foundation. We covered a lot of ground in about an hour, and honestly the pre-show conversation was just as good.\nThe core thread running through the whole thing was a question worth asking before you ever pick a Linux distribution: is this actually a strategic decision, or are you just grabbing whatever you know? Benny made a point early on that landed well: when you choose your distro, you need to understand what\u0026rsquo;s driving the organization behind it, because if that organization shifts priorities or disappears, so does your stability plan. That reframed the conversation from package managers and command sets to long-term infrastructure thinking.\nWe got into the AlmaLinux Foundation structure, how it was built specifically so the project can never be bought or sold, what the day-to-day looks like for a volunteer-driven distribution at enterprise scale, and how TuxCare\u0026rsquo;s enterprise support fits alongside a community distro like AlmaLinux. We also covered hardware support extensions in AlmaLinux 10, the CentOS 7 migration path, and what Benny called the goal: pick AlmaLinux and then not have to think about it again.\nThe tangents were good too. Benny\u0026rsquo;s WordPress story hit close to home.\nWatch the full webinar on YouTube: AlmaLinux Delivers Security, Performance, and Open-Source Freedom\nHosting technical webinars with community leaders is one of the things I genuinely enjoy. Getting someone like Benny to think out loud in front of an audience produces better content than any script would.\n","date":"12 August 2025","permalink":"https://itguyeric.com/blog/almalinux-enterprise-support-tuxcare-webinar/","section":"Blog","summary":"AlmaLinux Enterprise Support: TuxCare Webinar with Benny Vasquez","title":"AlmaLinux Enterprise Webinar: TuxCare and Benny Vasquez"},{"content":"For a lot of us, configuration means dotfiles, bash scripts, and a bit of duct tape. But what if your entire system, from packages to users to services, could be described, versioned, and rolled back like code? In this episode I\u0026rsquo;m joined by Aaron Honeycutt to demystify NixOS, the declarative and reproducible distro that\u0026rsquo;s changing how people think about system configuration.\nThe IT Guy Show \u0026middot; Episode 11 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nDeclarative is the key word. Aaron explains what \u0026ldquo;declarative infrastructure\u0026rdquo; actually looks like in practice, not just as a slogan. The learning curve is real but survivable. We talk honestly about where beginners get stuck and how to get started without the frustration. It fits more workflows than you\u0026rsquo;d expect. From home labs to DevOps to the desktop, Aaron makes the case for where NixOS shines. If you\u0026rsquo;ve heard the NixOS hype and wondered what\u0026rsquo;s underneath it, this shorter episode is a solid primer.\n","date":"12 August 2025","permalink":"https://itguyeric.com/blog/itguyshow-ep11-nixos/","section":"Blog","summary":"Aaron Honeycutt breaks down NixOS, declarative configuration, and how to get started without pulling your hair out.","title":"NixOS: The Distro That Thinks in Code | The IT Guy Show Ep. 11"},{"content":"I wrote this one for TuxCare, and it starts with a story from my SysAdmin days: a compliance report where the scanner flagged dozens of CVEs I had already patched, and I burned three hours writing \u0026ldquo;false positive\u0026rdquo; notes. Radar is the tool I wish I\u0026rsquo;d had back then, so I wanted to walk through installing it and running that first scan.\nOriginally published on TuxCare Read the full article \u0026rarr; A few things I wanted people to walk away with:\nRadar is patch-aware, so it knows what you\u0026rsquo;ve already fixed. It recognizes vulnerabilities already neutralized by rebootless patching or extended lifecycle support and leaves them out of your report entirely. Installation is deliberately low-friction. It runs as a lightweight CLI on a cron schedule, needs no root access or open ports, and can scan as the unprivileged nobody user. The prioritization does the triage for you. Instead of a wall of red, Radar uses AI-assisted risk scoring to surface what is actually exploitable in your environment. If you\u0026rsquo;ve ever spent a Saturday night justifying patches you already applied, this is the walkthrough I wanted you to have.\n","date":"6 August 2025","permalink":"https://itguyeric.com/blog/tuxcare-radar-getting-started/","section":"Blog","summary":"I wrote this for TuxCare to introduce Radar, a lightweight, patch-aware CVE scanner for Linux that installs from the command line and skips the false positives.","title":"Getting Started with Radar, TuxCare's Linux Vulnerability Scanner"},{"content":"Session 0 in The Last Parsec- Savage Worlds Solo RPG #When I decided to play a solo Savage Worlds campaign, I wasn’t just adding another bullet (pun intended) to my TTRPG résumé—I was signing up for a one-man voyage across the known (and unknown) cosmos.\nAs a player, I took on this solo experience for two main reasons:\nTo internalize the full Savage Worlds ruleset—Edges, Bennies, dramatic tasks, social conflict—without relying on another player or GM to drive the pace. To experiment with different tools, play around with tech, and put my homelab to use hosting Foundry, running AI, and exploring integrations like Savaged.us, the SWADE core rules, the Science Fiction Companion, and The Last Parsec one-sheets. Enter Savage Worlds’ The Last Parsec: a sci-fi setting defined by exploration, corporate entanglements, and frontier justice across hundreds of star systems. It’s open, it’s modular, and it fits perfectly with the vibe I wanted: Han Solo colliding with Tony Stark, wrapped in a layer of snark and high-stakes space adventure.\nWhat Is the Savage Worlds RPG? #Savage Worlds is a fast, flexible RPG system that emphasizes streamlined play without sacrificing depth. It’s built to support multiple genres—from swords-and-sorcery to high-flying space adventure—and focuses on keeping the action moving without bogging players down in overly complex rules. Instead of strict class systems, Savage Worlds uses attributes, skills, Edges, and Hindrances to shape your character, offering a lot of freedom for roleplay and customization.\nHow Savage Worlds Compares to D\u0026amp;D #Compared to Dungeons \u0026amp; Dragons, combat in Savage Worlds tends to be quicker, more dynamic, and less bogged down in lengthy turn cycles. The system’s streamlined mechanics keep the action moving, which makes every fight feel cinematic rather than procedural. Character creation is also far less constrained by predefined classes—you build your character’s abilities from the ground up using attributes, skills, Edges, and Hindrances, which means you can create exactly the kind of hero (or rogue) you want without forcing them into a rigid mold.\nThat flexibility was a big draw for me when deciding to launch this Savage Worlds solo RPG set in The Last Parsec. If I’m going to invest my time in a game, I want the freedom to experiment and the ability to pivot the story based on the decisions I make. Video games can be fun and immersive, but even the best RPGs tend to have fixed narratives and limited dialogue trees. In a tabletop RPG like Savage Worlds, especially in a solo campaign, there’s no invisible wall stopping me from trying something unexpected—the “engine” adapts to me, not the other way around. It’s a more collaborative, story‑driven experience where the rules bend to serve the adventure instead of forcing the adventure to fit the rules.\nThe Last Parsec – A Savage Worlds Sci‑Fi Setting # The Last Parsec builds directly on the foundation of Savage Worlds Adventure Edition (SWADE)—the current core ruleset—and the Science Fiction Companion, which expands SWADE with gear, starship rules, alien races, and other sci-fi-specific mechanics. SWADE delivers the core mechanics for fast, flexible play, while the Science Fiction Companionadds space travel rules, ship design, advanced gear, and alien species. Rather than offering a fixed story arc like many D\u0026amp;D modules, The Last Parsec provides locations, factions, and adventure seeds for players and GMs (or in my case, the AI) to shape collaboratively.\nSolo RPG Character Creation in Savage Worlds #Creating a character in Savage Worlds starts with five core attributes—Agility, Smarts, Spirit, Strength, and Vigor—each beginning at a baseline and improved with a limited pool of points. These attributes shape the foundation of your abilities, while your skills—linked directly to those attributes—determine what you can actually do in play, from piloting a starship to bluffing your way past a suspicious customs officer.\nOne of the most distinctive elements is the use of Hindrances. These aren’t just disadvantages—they’re roleplaying hooks that define your character’s flaws, debts, or quirks. Taking Hindrances earns you extra points to invest back into attributes, skills, or Edges, which are special advantages that set your character apart. It’s a trade‑off system that rewards leaning into your character’s weaknesses as much as their strengths.\nUnlike class‑based systems such as Dungeons \u0026amp; Dragons, Savage Worlds doesn’t box you into a predefined archetype. You can mix and match abilities freely to create a concept that fits the story you want to tell. For my solo RPG campaign in The Last Parsec, that meant building James Conway as a quick‑witted, overconfident pilot with both the skill to fly into trouble and the charm to talk his way back out. In Savage Worlds, the system flexes to match your vision instead of forcing your vision to fit the system.\nMeet James Conway # James Conway is the central character of my Savage Worlds solo RPG campaign set in The Last Parsec—a human starship captain who lives at the intersection of charm, risk‑taking, and sheer piloting talent. He’s the kind of man who can bluff his way into a high‑stakes card game, fly through an asteroid field without flinching, and then talk his way out of the docking fees when he lands.\nAttributes: His Agility (d8) gives him the reflexes needed for tight maneuvers in the cockpit or a quick draw with a sidearm. Spirit (d8) fuels his confidence, his ability to read a room, and the unshakable calm he projects even when the odds are stacked. Smarts (d6) keep him sharp enough to navigate both hyperspace lanes and tricky social situations, while Vigor (d6) lets him shrug off the occasional hard landing or bar fight. Strength (d4) is his weakest point—Conway’s never been one for brute force when a smooth word or clever trick will do.\nSkills: His bread and butter are Piloting (d8), Shooting (d8), and Persuasion (d8)—skills honed through years of scraping by on the fringe of The Last Parsec setting. Notice (d6) keeps him alert to danger, Stealth (d6) lets him slip away when needed, and Electronics (d6) makes him a passable hand with ship systems and security panels. Gambling (d4) speaks to his love of calculated risk, while Repair (d4), Athletics (d4), and Common Knowledge (d4) round him out as a jack‑of‑many‑trades, master of a few.\nEdges:\nAce – Conway is a master pilot, gaining bonuses to Piloting rolls and able to push his ship beyond normal limits without breaking it… most of the time. Charismatic – A natural people‑person (or at least, able to fake it), Conway gets a +2 to Persuasion, helping him cut deals, diffuse tension, or talk his way past the occasional checkpoint. Hindrances:\nOverconfident (Major) – If it looks possible, Conway assumes he can pull it off—often biting off more than he can chew. Obligation (Minor) – Someone out there is keeping tabs on him, and they expect their due. Quirk – Flirt (Minor) – Conway has a tendency to turn on the charm at inopportune times, whether it’s with a bartender, a customs officer, or the person trying to shoot him. In short, James Conway is a man who thrives on danger, dances around disaster, and somehow—by skill, luck, or pure stubbornness—usually comes out ahead. Picture the swagger of RDJ’s Tony Stark fused with Han Solo’s roguish instincts, and you’ve got the measure of him—a perfect fit for the high‑stakes, fast‑play universe of Savage Worlds in The Last Parsec.\nBuilding the Thunderbird #In Savage Worlds, ships are built much like characters. You start with a chassis—the base framework of your vessel—and then customize it by spending a limited number of modification slots. Each mod changes how the ship performs, adding capabilities or improving existing ones, whether that’s better defenses, faster engines, or more advanced sensors.\nFor my Savage Worlds solo RPG campaign in The Last Parsec, the Thunderbird began as a Light Freighter—a balanced choice offering decent speed, cargo capacity, and room for a small crew. From there, I outfitted it with:\nCargo Hold – For legitimate freight… and less legitimate side jobs. Living Quarters – Compact bunks, a galley, and just enough comfort for long hauls. Reinforced Hull – Boosting Toughness so she can take a hit and keep flying. Stealth System – A built‑in edge for avoiding unwanted attention, giving –2 to enemy sensor rolls. Sensor Suite – +2 to Notice rolls when scanning or using ship systems. Pulse Laser Turret – 3d6 damage, AP 2, perfect for a little persuasion in the void. And then there’s Vera, the Thunderbird’s onboard AI. More than just a navigation system, Vera manages diagnostics, assists in gunnery, and delivers sharp‑tongued commentary whenever Conway’s decision‑making gets… creative. In a universe as unpredictable as The Last Parsec, a ship like the Thunderbird isn’t just transportation—it’s survival.\nBehind the Scenes: Tools \u0026amp; Workflow #ChatGPT: My co-pilot for narrative prompts, NPC dialogue, and rules clarifications. Having a responsive AI means I can keep the game’s pace moving, improvise new scenes or encounters, and clarify rules on the fly without breaking immersion.\nSavaged.us: This site handles all the heavy lifting for character creation and advancement. It keeps track of my attributes, skills, Edges, Hindrances, gear, and credits, while also making it easy to export polished character sheets for reference during play.\nFoundry VTT: Hosted on my homelab, Foundry is my digital campaign hub. I use it for logging sessions, managing dice rolls, and, in the future, running maps and tactical encounters. Its modular nature means I can integrate Savage Worlds systems and customize it to my needs as the campaign evolves.\nSession 0 Wrap-Up #With character and ship complete, Conway is primed for his first outing in The Last Parsec. This Savage Worlds solo RPG campaign kicks off with the Thunderbird armed, stealth‑capable, and home to Vera, an AI as likely to sass him as save him. The stage is set—the next ping could start something profitable… or catastrophic.\nComing in Session 1: Dockside at Karnak’s Refuge, Conway’s comms ping with a call from Creeg—a “friend” with a job that’s supposedly easy money. Easy, of course, being a relative term. Follow along for Session 1, share your plot ideas, and join me in charting a solo course through The Last Parsec.\nIf you enjoyed this and want to explore more campaign logs, check out the Tabletop RPG archives for other adventures I’ve run and played, including more Savage Worlds content and other solo RPG experiments.\n","date":"4 August 2025","permalink":"https://itguyeric.com/blog/savage-worlds-last-parsec-session-0/","section":"Blog","summary":"When I decided to play a solo Savage Worlds campaign, I wasn’t just adding another bullet (pun intended) to my TTRPG résumé—I was signing up for a one-man voyage across the known (and unknown) cosmos.","title":"Session 0 in The Last Parsec - Savage Worlds Solo RPG"},{"content":"","date":null,"permalink":"https://itguyeric.com/categories/tabletop-rpgs/","section":"Categories","summary":"","title":"Tabletop RPGs"},{"content":"GitOps can feel like buzzword soup, especially if you\u0026rsquo;ve spent years mastering bash, cron, and config files. In this episode I\u0026rsquo;m joined by Christian Hernandez, a longtime Linux administrator who \u0026ldquo;accidentally\u0026rdquo; became a Kubernetes and GitOps expert, to cut through the noise. We compare GitOps to traditional sysadmin habits and talk about how Linux pros can embrace it without tossing out everything they already know.\nThe IT Guy Show \u0026middot; Episode 10 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nIt\u0026rsquo;s not as foreign as it sounds. Christian frames GitOps as an extension of instincts admins already have, not a replacement for them. The mindset shift is the hard part. We dig into why folks hesitate, and a lot of it comes down to changing habits rather than learning tools. You can start small. Christian points to approachable tools like Kind so you can experiment before betting production on it. Whether you\u0026rsquo;re Git-curious or deep in YAML fatigue, I think you\u0026rsquo;ll walk away with some practical footing.\n","date":"29 July 2025","permalink":"https://itguyeric.com/blog/itguyshow-ep10-gitops/","section":"Blog","summary":"Christian Hernandez explains GitOps in plain terms for Linux admins, comparing it to traditional sysadmin practice and where to start.","title":"GitOps for the Linux Administrator | The IT Guy Show Ep. 10"},{"content":"What if your desktop, tablet, and phone all spoke the same open-source language? That is the promise behind Lomiri, and in this episode I\u0026rsquo;m joined by Erik Mols from the Lomiri project to unpack it. We get into where Lomiri came from, its Ubuntu Touch roots, and how the UBports community keeps it moving forward as a genuine underdog in a GNOME- and KDE-dominated world.\nThe IT Guy Show \u0026middot; Episode 9 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nConvergence is the whole point. I love that Lomiri is built so one interface adapts across phone, tablet, and desktop instead of forcing you into three separate experiences. The underdog story matters. Erik walks through the project\u0026rsquo;s history and current state, and it\u0026rsquo;s a good reminder that alternative shells deserve more attention than they usually get. There\u0026rsquo;s room to get involved. We talk about the bug bounty and open-source education efforts, so if you\u0026rsquo;ve wanted a way in, this is a friendly on-ramp. If you\u0026rsquo;ve ever been curious about Linux on mobile or just enjoy rooting for the scrappy project, give this one a listen.\n","date":"15 July 2025","permalink":"https://itguyeric.com/blog/itguyshow-ep09-lomiri/","section":"Blog","summary":"A conversation with Erik Mols about Lomiri, the convergent open-source shell that runs the same way on your phone, tablet, and desktop.","title":"Lomiri - The Linux Shell That Goes Anywhere | The IT Guy Show Ep. 9"},{"content":"During my time as Product Marketing Manager at TuxCare, I owned the product narrative across their Linux security and lifecycle portfolio. Part of that work was a series of short product overview videos where I wrote the scripts and appeared on camera. Here is the full collection, one per product.\nKernelCare is TuxCare\u0026rsquo;s rebootless patching solution for the Linux kernel. The video makes the case that the traditional choice between delaying a patch until the next maintenance window or rushing a reboot that disrupts services is a false one. KernelCare applies fixes live in memory while systems keep running, shrinking the vulnerability window from weeks to hours.\nWatch: KernelCare Product Overview\nLibCare extends that same rebootless patching approach beyond the kernel to critical shared libraries like glibc and OpenSSL. Patching those libraries traditionally means restarting services. LibCare applies fixes in memory with only a split-second pause, across more than 60 Linux distributions.\nWatch: LibCare Product Overview\nTuxCare Radar is a Linux-native vulnerability scanner built to cut through false positives. The key differentiator is patch awareness: Radar knows what has already been fixed via rebootless patches or ELS packages, so your team stops chasing vulnerabilities that are already resolved. CLI-first, scriptable, and integrates with cron.\nWatch: TuxCare Radar Product Overview\nCustom Kernel Engineering is a project-based service for teams that need a kernel built around their specific hardware, compliance requirements, or performance targets rather than a stock kernel built for everyone. Backed by a team that maintains more than 150 kernels daily.\nWatch: Custom Kernel Engineering Product Overview\nThese videos were part of a broader content effort at TuxCare that also included vertical explainer videos, customer case studies, and webinars, all aimed at making Linux security concepts accessible to CISOs, platform teams, and sysadmins evaluating enterprise support options.\n","date":"1 July 2025","permalink":"https://itguyeric.com/blog/tuxcare-product-marketing-videos/","section":"Blog","summary":"During my time as Product Marketing Manager at TuxCare, I owned the product narrative across their Linux security and lifecycle portfolio. Part of that work was a series of short product overview…","title":"TuxCare Product Videos: What I Covered as PMM"},{"content":"After a few months away from the mic, I am back, and I am rebooting Eric the IT Guy not just as a brand but as a mission. This is a short, honest reset point.\nThe IT Guy Show \u0026middot; Episode update-20250501 Open the full episode page \u0026rarr; A couple of things worth carrying away from this one:\nA new chapter. I share what I have been up to since leaving Red Hat and why I am launching into a new season of my career. What I am hoping for next. If you have followed my journey through Linux, open source, or DevOps content creation, this is where I tell you where it is all headed. Short and to the point. Thanks for sticking around for the reboot.\n","date":"1 May 2025","permalink":"https://itguyeric.com/blog/itguyshow-reboot-2025/","section":"Blog","summary":"A quick, honest reset point on where I have been since leaving Red Hat and what is coming next.","title":"Rebooting Eric the IT Guy: Where I've Been \u0026 What's Next | The IT Guy Show"},{"content":"This one was a treat. In episode 82 of RHEL Presents, my cohost Nate Lager and I got to sit down with Noah Chelliah — founder of Altispeed, host of the Ask Noah Show, and someone who\u0026rsquo;s spent years figuring out how to get regular people through the front door of open source. We swapped Linux origin stories and worked our way through community-building, careers, and where the sysadmin role is heading in a world of cloud, containers, and automation.\nWhat stuck with me:\nThe best on-ramp into open source is a lower door, not a taller wall. Noah built the Ask Noah Show specifically for newcomers, and it\u0026rsquo;s a good reminder that community growth is about making the first step easy, not showing off how deep the deep end is. Learn to do it by hand before you automate it. Noah\u0026rsquo;s advice — configure things manually until you actually understand them, then wrap them in Ansible — is the difference between automation you can troubleshoot and automation that owns you. Red Hat\u0026rsquo;s practical certs stick because they test what you can do, not what you memorized. RHCSA and RHCE hand you a broken system and a docs copy and ask you to fix it, which is a lot closer to the actual job than a multiple-choice exam. If you\u0026rsquo;re trying to grow a community — or grow into this field — it\u0026rsquo;s a genuinely good listen.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 82 Open the full episode page \u0026rarr; ","date":"5 March 2025","permalink":"https://itguyeric.com/blog/rhelpresents-ep82-noah-chelliah/","section":"Blog","summary":"A companion to RHEL Presents episode 82, where Nate and I talk with Noah Chelliah about community, careers, and getting people on-ramped into open source.","title":"Building a Linux Community with Noah Chelliah | RHEL Presents Ep. 82"},{"content":"","date":null,"permalink":"https://itguyeric.com/series/red-hat-enterprise-linux-presents/","section":"Series","summary":"","title":"Red Hat Enterprise Linux Presents"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/rhel-presents/","section":"Tags","summary":"","title":"RHEL Presents"},{"content":"","date":null,"permalink":"https://itguyeric.com/series/fedora-podcast/","section":"Series","summary":"","title":"Fedora Podcast"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/fedora-podcast/","section":"Tags","summary":"","title":"Fedora Podcast"},{"content":"RISC-V is one of the more exciting stories in computing right now, an open instruction set architecture that anyone can build on. In episode 47, Noah and I welcomed Isaac Chute, a software engineer with a background in embedded systems, to explore what RISC-V is and where Fedora fits. We talked through the current state of Fedora on RISC-V, the challenges of porting to a new architecture, and where things go from here.\nFedora Podcast \u0026middot; Episode 47 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nAn open ISA changes what is possible. Isaac explained why an open instruction set matters compared to the licensing baggage of established architectures, and it reframed for me why so many people are invested in this. The lessons from ARM are shaping the RISC-V effort. We got into how earlier architecture ports inform the work now, so the community is not starting entirely from scratch. The RISE project is pushing enablement forward. Coordinated work on RISC-V enablement is a big part of why Fedora on this architecture is moving from experiment toward something real. If you are curious where open hardware is heading, this conversation is a great primer.\n","date":"25 February 2025","permalink":"https://itguyeric.com/blog/fedora-ep47-risc-v/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 47, where we dug into RISC-V, open hardware, and the effort to port Fedora to a new architecture. Watch or listen right here.","title":"RISC-V and Open Hardware | Fedora Podcast Ep. 47"},{"content":"The start of a new year is a good moment to step back and look at where Fedora is headed. In episode 46 I sat down with Matthew Miller, the Fedora Project Leader, to talk through what is coming with Fedora Linux 42 and 43, the project\u0026rsquo;s goals for 2025, and his decision to step down from the FPL role. It made for a thoughtful conversation about the project\u0026rsquo;s future and its community.\nFedora Podcast \u0026middot; Episode 46 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nMatthew stepping down is a planned transition, not a crisis. He talked openly about why the timing feels right and how the role has evolved, and it came across as a healthy handoff rather than a sudden exit. The 2025 technical objectives give the year some shape. We got into the goals guiding Fedora Linux 42 and 43, and it helped me see the roadmap as a set of intentions rather than a scattered list of features. Getting involved is still the throughline. Even in a forward-looking episode, the recurring message was that the community makes this happen, and there is always a way in. If you want a sense of where Fedora is going this year, start here.\n","date":"11 February 2025","permalink":"https://itguyeric.com/blog/fedora-ep46-2025/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 46, where Matthew Miller and I look ahead to Fedora\u0026rsquo;s 2025 and the leadership transition. Watch or listen right here.","title":"Looking Ahead to 2025 | Fedora Podcast Ep. 46"},{"content":"Run AI Locally on Fedora with Ollama: Live Ops 005 #I wanted to run AI locally on Fedora using an Nvidia GPU I had sitting in my Dell PowerEdge R730 — and an hour and a half later, I actually got it working. Here\u0026rsquo;s what the road looked like.\nhttps://youtube.com/live/MQB_GlRSkpo?feature=share\nThe hardware is a Tesla K80, which is basically two 12GB VRAM cards in one chassis and cost me next to nothing off Amazon. The plan was straightforward: get the Nvidia drivers working on Fedora Server 41, pull down Ollama in a Podman container, add Open WebUI on top for a ChatGPT-like interface, and wire it all up behind NGINX Proxy Manager. I had notes. I had a cheat sheet. I was ready.\nWhat I wasn\u0026rsquo;t ready for was Fedora\u0026rsquo;s relationship with Nvidia drivers. The Tesla K80 needs the 470.xx legacy driver, not the current one, and figuring that out took most of the first hour. Between installing the wrong driver version, conflicts with packages left over from previous attempts, and the driver service not loading cleanly, it took a force rebuild of akmods and dracut before nvidia-smi finally came back with output. AMD cards just work. Nvidia is a project.\nOnce the GPU was cooperating, getting Ollama running locally turned out to be easier than the container approach I\u0026rsquo;d planned, since the GCR image path for the Podman version kept returning errors. Ollama installed directly on the host, Llama 3.2 pulled down without complaint, and I had a working local model to talk to inside of a few minutes. DeepSeek R1 8B came along for the ride as a second model to compare. Open WebUI came up in a Podman container, and after a solid round of \u0026ldquo;why won\u0026rsquo;t this connect,\u0026rdquo; the fix turned out to be a single :Z flag on the volume mount — SELinux doing what SELinux does.\nBy the end of the stream, Open WebUI was running, both models were loaded, and I had a local AI setup I could actually use. The NGINX reverse proxy was still showing a bad gateway when I had to call it for the day, but that\u0026rsquo;s a problem for next session. On the to-do list: get RAG working so I can feed it my own blog posts as a local knowledge base, and eventually stop paying OpenAI for what I can run at home.\nWatch the full stream above, and if you want to follow along as the homelab build continues, subscribe to the channel or grab the audio version of the main show at podcast.itguyeric.com.\n","date":"7 February 2025","permalink":"https://itguyeric.com/blog/run-ai-locally-fedora-ollama-live-ops-005/","section":"Blog","summary":"I wanted to run AI locally on Fedora using an Nvidia GPU I had sitting in my Dell PowerEdge R730 — and an hour and a half later, I actually got it working. Here\u0026rsquo;s what the road looked like.","title":"Run AI Locally on Fedora with Ollama: Live Ops 005"},{"content":"Contributing to open source can feel intimidating from the outside, so in episode 45 we tried to demystify it. Noah and I sat down with Marc Deop to talk about what it actually means to contribute code to Fedora and other open source projects, including the tools, workflows, and the honest challenges that come with the work. Whether you are seasoned or just starting, there is a way in.\nFedora Podcast \u0026middot; Episode 45 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nEvery contribution counts, not just big code drops. Marc made the point that the project needs far more than pull requests, and that reframing takes a lot of the pressure off getting started. Defining your goals first makes the whole thing easier. We talked about figuring out why you want to write code before diving in, and having that direction keeps you from spinning your wheels. Open source development has real friction, and that is okay. Marc was candid about the challenges, and hearing them named honestly is more useful than a rosy pitch. If you have been meaning to get involved, this episode is a friendly nudge.\n","date":"5 February 2025","permalink":"https://itguyeric.com/blog/fedora-ep45-open-source/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 45, where we talked through what it really takes to contribute code to Fedora and open source. Watch or listen right here.","title":"Contributing to Open Source | Fedora Podcast Ep. 45"},{"content":"Building a Golden Image | Live Ops 003 #The goal was simple: build a reusable Fedora golden image homelab template I can clone whenever I need a new server. Nothing about it was simple.\nhttps://youtube.com/live/a06lB8w50lk?feature=share\nThe plan was to use Image Builder inside Cockpit to create a base Fedora server image, then store the resulting QCOW2 file on my unRAID box so I can spin up new VMs on demand. I had packages already lined up in the blueprint: Crony, Cockpit, NetworkManager, bash completion, VIM enhanced, TuneD, and a few others. The Ansible service account was configured, IPv6 disabled at the kernel level, and automatic partitioning set so I\u0026rsquo;m not hand-holding every deployment. It was supposed to be a quick stream before the Fedora podcast.\nWhat actually happened was a solid hour of fighting permissions issues with the welder group, a blueprint package that didn\u0026rsquo;t exist in Fedora the way it does in RHEL, and Image Builder refusing to build ISO images while happily producing QCOW2 files without complaint. Once I got the QCOW2 built and pulled down, I had to convert it to an IMG file using qemu-img convert just to get unRAID to accept it, then resize the image to 32 gigs because the VM came up with a 4.2 gig root partition and nowhere to grow. ext4 on an unRAID VM turned out to be less cooperative than I\u0026rsquo;d hoped.\nThe good news: by the end of the stream I had a booting Fedora VM with bash completion, VIM enhanced, and Cockpit already running, SSH keys in place, and the performance profile defaulted to virtual-guest automatically. The less good news: I\u0026rsquo;m probably moving VM deployment over to my Fedora-based ITG02 hypervisor from Live Ops 003, where QCOW2 management is a lot less painful. The Ansible playbook to automate the whole build-convert-deploy pipeline is the next piece, and that\u0026rsquo;s where things should start getting cleaner.\nWatch the full stream above, and if you want to follow along as the homelab build continues, subscribe to the channel or grab the audio version of the main show at podcast.itguyeric.com.\n","date":"4 February 2025","permalink":"https://itguyeric.com/blog/fedora-golden-image-homelab-live-ops-004/","section":"Blog","summary":"The goal was simple: build a reusable Fedora golden image homelab template I can clone whenever I need a new server. Nothing about it was simple.","title":"Building a Golden Image  | Live Ops 003"},{"content":"RHEL Hypervisor Homelab Setup: Live Ops 003 #A Dell PowerEdge R730 that\u0026rsquo;s been sitting in the rack collecting dust finally has a job: and this stream is the whole messy process of giving it one.\nhttps://youtube.com/live/cUiuUvigyEE?feature=share\nThe goal was straightforward: install RHEL 8 on bare metal and get the R730 running as a RHEL hypervisor homelab host. But rather than just grabbing a stock ISO, I went straight to Red Hat Image Builder on console.redhat.com, because if you spent years doing TPMM work for RHEL, you use Image Builder. The hosted build queue had other ideas though, and what should have taken a few minutes turned into a 40-minute wait that only resolved after I kicked off a second build to shame the first one into finishing.\nOnce the ISO was finally in hand, getting the Dell to actually boot from it proved to be its own adventure. Wrong boot order, a RAM upgrade the server needed a moment to accept, and the classic \u0026ldquo;it wasn\u0026rsquo;t broken, just needed more time to transfer over the network\u0026rdquo; diagnosis courtesy of guest heckler Nate, the Iron Sysadmin. The install itself went smoothly once RHEL 8.10 got its turn: custom partitioning, a dedicated Ansible service account, kdump disabled, and TuneD set to virtual-host profile so the system optimizes for running VMs rather than general workloads.\nAfter the install, I wired the box into Red Hat Insights, which is included with any RHEL subscription and immediately flagged a handful of advisories, two of which were auto-remediable via an Ansible playbook without ever leaving the Insights UI. Cockpit got enabled, the virtualization host package group went in, and I spun up a test VM to confirm everything was working. I wrapped the stream with a local Image Builder instance installed on the hypervisor itself, laying the groundwork for generating golden VM templates for Fedora, CentOS Stream, and RHEL without depending on the hosted service.\nWatch the full stream above, and if you want to follow along as the homelab build continues, subscribe to the channel or grab the audio version of the main show at podcast.itguyeric.com.\n","date":"23 January 2025","permalink":"https://itguyeric.com/blog/rhel-hypervisor-homelab-live-ops-003/","section":"Blog","summary":"A Dell PowerEdge R730 that\u0026rsquo;s been sitting in the rack collecting dust finally has a job: and this stream is the whole messy process of giving it one.","title":"RHEL Hypervisor Homelab Setup: Live Ops 003"},{"content":"Framework has built a reputation for laptops you can actually open, upgrade, and repair, which is a rare thing these days. In episode 44, Noah and I sat down with Matt Hartley from Framework to talk about their mission to rethink consumer electronics and their partnership with the Fedora community. We got into modularity, repairability, and what it takes to support Linux well on real hardware.\nFedora Podcast \u0026middot; Episode 44 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nRepairability is a design philosophy, not a marketing line. Matt walked us through how modularity shapes every Framework decision, and it made me think differently about how disposable most laptops have become. Good Linux support takes deliberate effort. We talked about what goes into making hardware work well with Fedora, and it is clear this is ongoing work rather than a checkbox. The human side of the company matters. Matt described the role of being a conduit between the community and the company, and that kind of listening is a big part of why the partnership works. If you care about hardware you can keep for the long haul, give this one a listen.\n","date":"15 January 2025","permalink":"https://itguyeric.com/blog/fedora-ep44-framework/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 44, where we sat down with Framework\u0026rsquo;s Matt Hartley on repairable laptops and Linux support. Watch or listen right here.","title":"Building a Better Fedora Laptop with Framework | Fedora Podcast Ep. 44"},{"content":"WordPress Migration to Homelab: Live Ops 002 #The WordPress migration homelab project that started as a quick detour turned into a two-hour deep dive — because nothing in the homelab ever goes exactly to plan.\nhttps://youtube.com/live/BzBaQvymlmc?feature=share\nIf you caught Live Ops 001, you know we got the Matrix server almost running — right up until an SSL certificate issue stopped us cold. The problem? itguyeric.com was hosted on Namecheap\u0026rsquo;s EasyWP platform, which doesn\u0026rsquo;t let you export your own certificates. The fix was obvious: move the site home. And with a $94 renewal coming up in about a week, there was really no reason not to.\nThe plan was to spin up a fresh Fedora server VM, deploy WordPress in a Podman container, migrate the site using the All-in-One WP Migration plugin, and wire it all up behind NGINX Proxy Manager with a Let\u0026rsquo;s Encrypt cert that covers both itguyeric.com and matrix.itguyeric.com. Clean, tidy, two birds one stone. In practice: wrong ISO architecture, a MariaDB port conflict, a file permissions hang, and a Matrix federation API that kept failing despite the federation tester saying everything was fine. Classic.\nBy the end of the stream, WordPress was running locally and the Matrix server was showing green check marks on the self-check — but federation between accounts still wasn\u0026rsquo;t cooperating. Eric called it to go take care of family, with a promise to sort out the remaining certificate and domain config issues in a follow-up.\nThe WordPress migration homelab journey continues — subscribe so you don\u0026rsquo;t miss Live Ops 003 when it drops. Audio version of the main show is always at podcast.itguyeric.com.\n","date":"2 January 2025","permalink":"https://itguyeric.com/blog/wordpress-migration-homelab-live-ops-002/","section":"Blog","summary":"The WordPress migration homelab project that started as a quick detour turned into a two-hour deep dive — because nothing in the homelab ever goes exactly to plan.","title":"WordPress Migration to Homelab: Live Ops 002"},{"content":"Bazzite has become one of the most talked-about ways to game on Linux, and it is built right on Fedora Atomic. In episode 43, Noah and I sat down with Kyle Gospodnetich, who created Bazzite, and core contributor Noel Miller to dig into what it is, how it is put together, and what it takes to run the project day to day. We also got into how the work flows back upstream into Fedora.\nFedora Podcast \u0026middot; Episode 43 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nBazzite is more than a gaming skin on Fedora. Kyle and Noel explained how the atomic, image-based approach changes the experience, and it clicked for me why so many people trust it on handhelds and desktops alike. Running the project is a real, daily commitment. Hearing what goes into keeping Bazzite healthy gave me a lot of respect for the passion behind it, well beyond the code itself. This work strengthens Fedora, not just Bazzite. The collaboration and upstream contributions show off what Fedora Atomic can do, and that ripple effect is good for the whole ecosystem. If you game on Linux or are curious about atomic desktops, this conversation is worth your time.\n","date":"18 December 2024","permalink":"https://itguyeric.com/blog/fedora-ep43-bazzite/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 43, where we dug into Bazzite, the gaming image built on Fedora Atomic, with the people who build it. Watch or listen right here.","title":"Gaming on Bazzite | Fedora Podcast Ep. 43"},{"content":"Almost every RHEL or CentOS Stream admin ends up leaning on EPEL eventually, usually without thinking too hard about what it actually is or who keeps it running. In episode 42 of the Fedora Podcast I sat down with Carl George, who leads the EPEL team, and Adam Samalik from the CentOS Stream side to fix that. We got into what EPEL is for, why it has the reputation it does, and what\u0026rsquo;s changing with the move to EPEL 10.\nFedora Podcast \u0026middot; Episode 42 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nEPEL\u0026rsquo;s whole reputation rests on one rule: it only adds packages, it never replaces what ships in the base OS. That single constraint is why so many admins who won\u0026rsquo;t touch a random third-party repo will happily enable EPEL in production. EPEL 10 rethinks the model to track each RHEL minor version instead of a single moving target, folding in the lessons from the old \u0026ldquo;EPEL Next\u0026rdquo; experiment. The payoff is that the team can get ahead of a RHEL release rather than scrambling at each beta. Getting involved is far more approachable than people assume. If you can package for Fedora, you can already help EPEL — and even leaving QA \u0026ldquo;karma\u0026rdquo; on updates in Bodhi moves packages toward stable faster. If you run anything downstream of Fedora, this one\u0026rsquo;s worth the time.\n","date":"3 December 2024","permalink":"https://itguyeric.com/blog/fedora-ep42-epel/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 42, where we dug into EPEL — how it works, why sysadmins trust it, and what\u0026rsquo;s new in EPEL 10. Watch or listen right here.","title":"EPEL, the Ultimate Answer | Fedora Podcast Ep. 42"},{"content":"Self-Hosted Matrix Server Rebuild: Live Ops 001 #I fired up a livestream to do something I\u0026rsquo;ve been putting off way too long: bringing my self-hosted Matrix server back from the dead, live, in real time, with no safety net.\nhttps://youtube.com/live/44ccLh3EGzQ?feature=share\nThe stream started simple enough — spin up a fresh VM, throw CentOS 7 on it to match the original environment (don\u0026rsquo;t @ me), and use the [Matrix Docker Ansible Deploy](https://github.com/spantaleev/matrix-docker-ansible-deploy) project to get everything running again. The goal was straightforward: restore the old setup, get the Matrix bridges reconnected to Discord and Slack, and then figure out how to modernize the whole thing on something like Fedora or even OpenShift down the road.\nWhat actually happened was a four-plus-hour deep dive into DNS records, SSL certificate headaches, and Namecheap doing Namecheap things. By the end, federation checks were almost passing — but a CNAME where an A record needed to be, and a certificate tied to a shared hosting account I couldn\u0026rsquo;t extract cleanly, kept the finish line just out of reach. Classic homelab energy.\nThe good news: the Matrix server itself was provisioned, configured, and responding. The bad news: itguyeric.com\u0026rsquo;s WordPress site is hosted via Namecheap EasyWP, which doesn\u0026rsquo;t let you pull your own certs — so the next logical step is migrating the WordPress site home and tackling the SSL setup properly.\nIf you\u0026rsquo;re running your own Matrix homeserver or thinking about it, this stream is a pretty honest look at what that process actually involves — including the parts that go sideways. No polished edits, no second takes.\nWatch the full stream above, and if you want to follow along in real time next time, join the IT Guy Show room on Matrix or hop into the Discord. You can also subscribe to the audio version of the main show at podcast.itguyeric.com.\n","date":"1 December 2024","permalink":"https://itguyeric.com/blog/self-hosted-matrix-server-rebuild-live-ops-001/","section":"Blog","summary":"I fired up a livestream to do something I\u0026rsquo;ve been putting off way too long: bringing my self-hosted Matrix server back from the dead, live, in real time, with no safety net.","title":"Rebuilding My Matrix Server From Scratch (Live Ops 001)"},{"content":"Every Fedora release brings a pile of changes, and Fedora Linux 41 is no exception. In episode 41, Noah and I walked through the release together, from GNOME 47 and the move to DNF5 to smaller touches like the new Ptyxis terminal and improved hardware support. Along the way we got into what it is actually like to run Fedora as a daily driver.\nFedora Podcast \u0026middot; Episode 41 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nDNF5 is the quiet headline of this release. The package manager rework is the kind of change you feel in day-to-day speed rather than a flashy feature, and we spent some time on why that matters. GNOME 47 and the polish around it add up. Between the desktop update, the Ptyxis terminal, and better hardware support like MIPI cameras, Fedora 41 feels like a release that sweats the details. Whether Fedora is your daily driver is a fair question to keep asking. We got honest about Linux quality and where it still trips people up, because pretending everything is perfect does not help anyone. If you are weighing the upgrade, this walkthrough should help you decide.\n","date":"20 November 2024","permalink":"https://itguyeric.com/blog/fedora-ep41-linux41/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 41, where we walked through what is new in Fedora Linux 41 and what it is like as a daily driver. Watch or listen right here.","title":"Fedora Linux 41 | Fedora Podcast Ep. 41"},{"content":"Linux gaming has come a long way, and a lot of that progress runs through Proton GE. In episode 40 of the Fedora Podcast, Noah and I sat down with Tom Crider to talk through how Steam and Proton GE let you play a huge range of Windows games on Fedora, plus his work on Nobara Linux. We covered setup, troubleshooting, hardware tweaks, and where he thinks gaming on Linux is headed.\nFedora Podcast \u0026middot; Episode 40 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nProton GE fills the gaps that stock Proton leaves open. Tom walked us through why the community build exists and how it folds in fixes and patches ahead of what ships by default, which is often the difference between a game running or not. Nobara takes Fedora and tunes it for gaming out of the box. Instead of asking every gamer to hand-configure the same tweaks, Nobara bakes them in, and hearing Tom\u0026rsquo;s reasoning made me appreciate the work that goes into that polish. A lot of gaming trouble comes down to a handful of known fixes. We got into troubleshooting and hardware tweaks, and the reassuring takeaway is that most issues have a repeatable answer rather than a dead end. If you\u0026rsquo;ve been curious about ditching a dual-boot for gaming, this one\u0026rsquo;s a good place to start.\n","date":"5 November 2024","permalink":"https://itguyeric.com/blog/fedora-ep40-protonge/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 40, where we dug into gaming on Fedora with Proton GE, Nobara, and the tweaks that make it all click. Watch or listen right here.","title":"Gaming with ProtonGE | Fedora Podcast Ep. 40"},{"content":"Neal Gompa came back on the show to convince me to switch to KDE Plasma 6.2, and he made a pretty compelling pitch. We talked about the differences between editions, spins, and labs, the KDE community, and what makes Plasma worth a look. We also got into what is coming next, including the proposal to promote Plasma to a full Fedora edition.\nFedora Podcast \u0026middot; Episode 39 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nEditions, spins, and labs are worth understanding. Neal helped me sort out how the Fedora KDE spin fits into the larger picture, which clears up a lot of confusion. Plasma 6.2 is a strong reason to reconsider KDE. Even as a longtime GNOME user, I found Neal\u0026rsquo;s case for the current Plasma release genuinely persuasive. The KDE community is a big part of the appeal. We spent real time on the people and momentum behind Plasma, and that matters as much to me as the features. Give it a listen and let me know what stuck with you.\n","date":"22 October 2024","permalink":"https://itguyeric.com/blog/fedora-ep39-kde-spin/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 39, where Neal Gompa tries to talk me into switching to Plasma 6.2 and we dig into the Fedora KDE spin. Watch or listen right here.","title":"Take Fedora KDE for a Spin | Fedora Podcast Ep. 39"},{"content":"Fedora Linux is one of the smoothest ways to run Linux as a daily driver, so Noah Chelliah and I asked Adam Williamson how new software actually gets vetted. Adam took us through what it means to be a QA Engineer, how the process keeps releases stable, and how Fedora\u0026rsquo;s QA differs from RHEL\u0026rsquo;s. It is a great look at the work that quietly makes Fedora feel so polished.\nFedora Podcast \u0026middot; Episode 38 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nQA is why Fedora feels smooth. Adam made it clear that a lot of careful testing sits behind the daily-driver experience most of us take for granted. Fedora and RHEL QA are not the same job. I found the comparison genuinely interesting, especially how the goals and constraints differ between them. You can join QA more easily than you think. We covered the busy season and concrete ways to get involved, from test days to filing blocker bugs. Give it a listen and let me know what stuck with you.\n","date":"8 October 2024","permalink":"https://itguyeric.com/blog/fedora-ep38-quality-assurance/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 38, where Adam Williamson walks Noah and me through Fedora QA, how software gets vetted, and how you can help. Watch or listen right here.","title":"Fedora Quality Assurance | Fedora Podcast Ep. 38"},{"content":"We all seem to picture arriving at some tech paradise where everything just works. After 17 years in IT, I feel safe saying that day never comes. That does not mean we stop trying, though, so I brought on Nathen Harvey to talk about how teams that embrace the chaos still make huge strides.\nThe IT Guy Show \u0026middot; Episode 8 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nThere is no finish line. The goal is not a perfect environment. It is a team that keeps getting better even when things are messy. DORA gives you a compass. Nathen walked me through what DORA is and how it helps organizations see where to improve instead of guessing. Continuous learning is the engine. We got into continuous learning at both the personal and organizational level, and how automation frees you up to keep improving. If the pursuit of perfection has ever burned you out, this is a healthier way to think about getting better.\n","date":"1 October 2024","permalink":"https://itguyeric.com/blog/itguyshow-ep08-continuous-improvement/","section":"Blog","summary":"Nathen Harvey and I talk DORA, continuous learning, and why teams that embrace the chaos keep improving their environment.","title":"The Art of Continuous Improvement | The IT Guy Show Ep. 8"},{"content":"I sat down with Matthew Miller, the Fedora Project Lead, to talk about where Fedora is headed. We covered the current state of the project, what is coming in Fedora Linux 41, and the thinking behind the Fedora Strategy 2028 plan. Matthew gave a clear, big-picture overview of the goals and initiatives shaping the next few years.\nFedora Podcast \u0026middot; Episode 37 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nFedora has a real strategy, not just a release cadence. Hearing Matthew break down Strategy 2028 helped me understand how the project sets long-term direction. Fedora Linux 41 is part of a bigger arc. We talked about the upcoming release in the context of where the project wants to be in a few years. There is room for everyone to get involved. I appreciated that Matthew kept coming back to how contributors can plug into these goals directly. Give it a listen and let me know what stuck with you.\n","date":"24 September 2024","permalink":"https://itguyeric.com/blog/fedora-ep37-road-ahead/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 37, where Matthew Miller lays out Fedora\u0026rsquo;s direction, the Strategy 2028 plan, and what\u0026rsquo;s coming with Fedora Linux 41. Watch or listen right here.","title":"The Road Ahead for Fedora | Fedora Podcast Ep. 37"},{"content":"Episode 83 was a full house. My cohost Brian Smith and I brought on three guests, Martin Jackson from the validated patterns team, Paul Armstrong from RHEL Canada, and chief architect Mike Savage, to take all the concepts we talk about in pieces, automation, identical systems, Ansible, and package them into one end-to-end picture. The goal was to actually deploy and test a RHEL workload on Azure live on the show, and this also happened to be my last episode as host as I move over to Red Hat\u0026rsquo;s cloud partner team.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 83 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nGitOps needs Ansible Automation Platform, not just Ansible on the command line. Martin laid out the four GitOps principles and made the point that plain CLI Ansible can be declarative and versioned but can\u0026rsquo;t be pulled automatically or continuously reconciled, which is exactly what the platform adds. One reusable workflow deploys and tests across any cloud by changing a variable. Paul\u0026rsquo;s workflow published Satellite content views, spun up ephemeral hosts on Azure, deployed apps, ran tests, and promoted to QA, and Mike stressed the same pipeline runs identically on EC2, VMware, KVM, or bare metal. They deliberately broke a build to show why you want to catch failures early. Paul contrived a failed JBoss deployment to demonstrate \u0026ldquo;celebrating failure\u0026rdquo; and shifting problems left into dev and QA, tied to the Azure landing zone work Mike described with Microsoft. If you\u0026rsquo;ve wanted to see automation, identity, and content management all working together to stand up RHEL in the cloud, this episode ties the whole thing together.\n","date":"19 September 2024","permalink":"https://itguyeric.com/blog/rhelpresents-ep83-ansible-deploy/","section":"Blog","summary":"In my last episode as host, Brian and I bring on three guests to demo a full GitOps pipeline deploying and testing RHEL workloads on Azure with Ansible Automation Platform.","title":"Deploying RHEL with Ansible Automation Platform | RHEL Presents Ep. 83"},{"content":"Stress and burnout come for all of us at some point, and sometimes you do not even realize that is what is happening. I sat down with Jennifer and Bryan Horton, owners of Dull Made Daring, to talk about the warning signs, how to recover, and how to slash your anxiety away with an actual sword. Yes, a literal sword.\nThe IT Guy Show \u0026middot; Episode 7 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nYou might not see it coming. We talked through the signs of burnout, because a lot of us miss them until we are already deep in it. Recovery is a practice, not a switch. Jennifer and Bryan shared real methods for coming back from stress rather than just pushing through it. Play matters more than we admit. From gaming to swinging a sword, we got into how physical, deliberate outlets help you get out of your own head. It is a fun conversation about a serious thing, and I think a lot of us in tech needed to hear it.\n","date":"17 September 2024","permalink":"https://itguyeric.com/blog/itguyshow-ep07-burnout/","section":"Blog","summary":"Jennifer and Bryan Horton of Dull Made Daring help me unpack burnout, its warning signs, and recovery, sword included.","title":"Battling Burnout...with a Sword | The IT Guy Show Ep. 7"},{"content":"This is the finale of the miniseries, and it\u0026rsquo;s the episode where Satellite stops looking like a patching tool and starts looking like a Swiss army knife. Richard Rios and I apply configuration at scale with Ansible system roles, lean on host groups to define what systems should look like, and talk through OpenSCAP compliance, provisioning, and the broader idea of standardizing your infrastructure. As always, we\u0026rsquo;re doing it live, which means a few honest stumbles along the way.\nA few things worth carrying away from this one:\nSystem roles turn a firewall change into a fleet change. I demo pushing a RHEL firewall system role to production and dev host groups at once, and it\u0026rsquo;s a small example that scales to thousands of servers and thousands of ports. Stop maintaining stale templates. Kickstart files and VM templates always drift out of date. I make the case for building a vanilla image and letting Satellite and host groups do the configuring, so your systems come out identical every time. Satellite is more than patching. OpenSCAP scans, PXE provisioning, insights integration, even air-gapped content over a USB drive on a cruise ship. Richard\u0026rsquo;s use cases are a great reminder of how much this tool actually does. Thanks for riding along through the whole series. Satellite will keep coming up on the channel, so subscribe and keep an eye out for what\u0026rsquo;s next.\n","date":"13 September 2024","permalink":"https://itguyeric.com/blog/satellite-04-scale/","section":"Blog","summary":"The finale of the Satellite miniseries, where Richard and I use Ansible system roles, host groups, and OpenSCAP to standardize and manage RHEL at scale.","title":"Standardization and Management at Scale | Up and Running with Red Hat Satellite 04"},{"content":"","date":null,"permalink":"https://itguyeric.com/series/up-and-running-with-red-hat-satellite/","section":"Series","summary":"","title":"Up and Running With Red Hat Satellite"},{"content":"","date":null,"permalink":"https://itguyeric.com/categories/videos/","section":"Categories","summary":"","title":"Videos"},{"content":"By episode three we\u0026rsquo;ve installed Satellite and loaded it up with content, so now it\u0026rsquo;s time for the job most people actually buy Satellite for: keeping systems patched and secure. Richard Rios and I start with an honest recap of the build so far, including where the demo gods weren\u0026rsquo;t kind last time, then get into scheduling patch jobs and mitigating CVEs across a fleet.\nA few things worth carrying away from this one:\nPatching at scale is about scheduling, not clicking. I show how to schedule jobs so you\u0026rsquo;re driving updates across many systems on your terms rather than logging into each box. CVEs are where Satellite pays off. Being able to see which vulnerabilities apply to your environment and push mitigation from one place changes how you handle security work. A good recap matters when you\u0026rsquo;re building live. Because we\u0026rsquo;d had some things blow up the previous week, I take time to walk back through the RHEL 8.10 install and setup so nobody\u0026rsquo;s lost. Live demos are honest demos. This is the security workhorse episode. If patching and CVE remediation are eating your week, this is the one to watch.\n","date":"6 September 2024","permalink":"https://itguyeric.com/blog/satellite-03-patching/","section":"Blog","summary":"In episode three, Richard and I recap the build so far and dig into patching, scheduled jobs, and CVE mitigation with Red Hat Satellite.","title":"Patching and Security Mitigation | Up and Running with Red Hat Satellite 03"},{"content":"In episode one we got Satellite installed. In this one, Richard Rios and I make it actually useful. We talk about adding systems and packages, setting up repositories, building content views, and using groups and activation keys so registering a host becomes quick and repeatable instead of a chore you dread.\nA few things worth carrying away from this one:\n\u0026ldquo;Installed\u0026rdquo; is not \u0026ldquo;useful.\u0026rdquo; The whole reason we named this series \u0026ldquo;Up and Running\u0026rdquo; is that logging into a console isn\u0026rsquo;t the finish line. This episode is where Satellite starts earning its keep. Content views give you control over what lands on a host. Instead of pointing systems straight at upstream, I show how content views let you decide exactly which packages your fleet sees. Activation keys save you from yourself. Pairing subscriptions and repos to a key means you\u0026rsquo;re not typing credentials into every server, and your production and dev systems get the right content by default. If you missed episode one on installation, go back and watch that first, then come here to make your Satellite server do some real work.\n","date":"23 August 2024","permalink":"https://itguyeric.com/blog/satellite-02-content-views/","section":"Blog","summary":"Richard and I make Satellite useful by adding systems and packages, setting up repositories, content views, host groups, and activation keys.","title":"Managing Content Views \u0026 Subscriptions | Up and Running with Red Hat Satellite 02"},{"content":"Atomic and immutable Linux desktops keep getting more popular, so I asked Timothee Ravier how Fedora takes that idea further. The short answer is bootc, which borrows the container and cloud-native practices that are already standard on the server side and applies them to image-based desktops. We got into how it works, how you build with it, and why it makes custom images so much easier to manage.\nFedora Podcast \u0026middot; Episode 36 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nbootc brings container thinking to the whole OS. I liked how Timothee framed it: if you can boot a container, a lot of hard problems around updates get simpler. Custom images stop being scary. We talked through how bootc lets downstream projects and individuals build their own images without maintaining a whole distribution. This is a foundation Fedora is investing in. Between Red Hat\u0026rsquo;s involvement and projects like Universal Blue, it was clear this is more than an experiment. Give it a listen and let me know what stuck with you.\n","date":"21 August 2024","permalink":"https://itguyeric.com/blog/fedora-ep36-bootc/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 36, where Timothee Ravier breaks down bootc and how image-based, container-inspired workflows are shaping the next generation of Fedora. Watch or listen right here.","title":"The Next Generation of Linux with bootc | Fedora Podcast Ep. 36"},{"content":"As a long-time SysAdmin, one of the core tasks I\u0026rsquo;ve always had to tackle is managing users and groups on Linux systems. Whether you\u0026rsquo;re running a personal server or managing an entire fleet of Linux boxes, understanding how to efficiently handle user and group permissions is essential for maintaining a secure and organized system. In this post, we\u0026rsquo;ll dive into the nuts and bolts of user and group management on Linux, walking through practical examples and providing some handy commands to keep in your toolbox!\nWhy User and Group Management Matters #Before we jump into the command line, let\u0026rsquo;s talk about why user and group management is so crucial. Linux is a multi-user operating system, meaning that it allows multiple users to work on the same machine simultaneously. Each user has their own unique environment, including their files, processes, and settings. Proper management of users and groups ensures that everyone has the right access to the resources they need while keeping sensitive data protected.\nAdding Users: The Basics #Let\u0026rsquo;s start with the basics—adding a new user. In Fedora Linux, which I am using as my distribution, the command to add a user is useradd. Here\u0026rsquo;s a simple example:\nsudo useradd eric This command adds a new user named \u0026ldquo;eric\u0026rdquo; to the system. However, this is just the beginning. By default, useradd creates a user with a locked password and no home directory. To make the user account functional, you\u0026rsquo;ll want to add a few more options.\nCreating a Home Directory and Setting a Password #To create a home directory for the user and set a password, you can use the -m option to create the home directory and passwd to set the password:\nsudo useradd -m eric sudo passwd eric The -m option ensures that a home directory (/home/eric) is created automatically. The passwd command then prompts you to set a password for the new user, which is crucial for allowing them to log in.\nAssigning a User to a Group #In Linux, groups are used to manage permissions for multiple users at once. Each user can belong to one or more groups. By default, when you create a user, they are assigned a private group with the same name as their username. However, you can also add them to additional groups as needed.\nTo add the user \u0026ldquo;eric\u0026rdquo; to a specific group, say \u0026ldquo;developers,\u0026rdquo; you can use the usermod command:\nsudo usermod -aG developers eric The -aG options append the user to the group without removing them from any other groups they might already belong to. This is important—forgetting the -a option will remove the user from all other groups, which could cause unintended access issues.\nCreating and Managing Groups #Creating a new group is straightforward with the groupadd command. Let\u0026rsquo;s say you want to create a group called \u0026ldquo;admins\u0026rdquo;:\nsudo groupadd admins Once the group is created, you can add users to it using the usermod command, as we discussed earlier. You can also assign group ownership of files and directories, which is useful for collaborative environments. For example, to change the group ownership of a directory:\nsudo chgrp admins /opt/project The chgrp command changes the group ownership to \u0026ldquo;admins\u0026rdquo; for the /opt/project directory.\nUser and Group Management Best Practices #Managing users and groups efficiently isn\u0026rsquo;t just about knowing the right commands—it\u0026rsquo;s about understanding best practices to keep your system secure and organized. Here are a few tips to keep in mind:\nUse Groups for Permissions: Instead of assigning permissions directly to individual users, assign them to groups. This makes it easier to manage access as your user base grows. Limit Root Access: Only grant administrative privileges to users who absolutely need it. For others, use the sudo command to allow them temporary access to elevated privileges when necessary. Regularly Review Group Membership: Periodically check which users belong to which groups. Over time, users might change roles, and their access needs will change too. Keeping group memberships up-to-date helps prevent unnecessary access. Use Strong Password Policies: Ensure that all users have strong, unique passwords. You can enforce password complexity and expiration policies using tools like chage and pam_pwquality. Wrapping Up #Managing users and groups on Fedora Linux—or any Linux distribution—is a foundational skill for any SysAdmin. By understanding and applying the commands and best practices we\u0026rsquo;ve covered in this post, you\u0026rsquo;ll be well on your way to maintaining a secure and efficient Linux environment.\nIf you found this guide helpful, be sure to check out more content on The IT Guy Blog and tune in to my podcast, where I dive deeper into topics just like this one. Whether you\u0026rsquo;re just getting started with Linux or you\u0026rsquo;re looking to refine your skills, there\u0026rsquo;s always something new to learn.\nHappy SysAdmin-ing!\n","date":"19 August 2024","permalink":"https://itguyeric.com/blog/mastering-user-and-group-management-on-linux/","section":"Blog","summary":"As a long-time SysAdmin, one of the core tasks I\u0026rsquo;ve always had to tackle is managing users and groups on Linux systems. Whether you\u0026rsquo;re running a personal server or managing an entire fleet of Linux…","title":"Mastering User and Group Management on Linux"},{"content":"This is where our Satellite miniseries begins. I\u0026rsquo;m joined by my friend and solutions architect Richard Rios, who has been working with this tooling since the Spacewalk days, and together we take an entire episode just to get a Red Hat Satellite server installed and running. The goal for the whole series is simple: get you past the \u0026ldquo;it\u0026rsquo;s installed, now what?\u0026rdquo; hurdle and into actually doing useful work.\nA few things worth carrying away from this one:\nInstallation deserves its own episode. I wanted to show the real thing, so we did the install live on the air. It took the full session, but seeing the disk layout, the prerequisites, and the setup end to end is far more useful than a slide that says \u0026ldquo;installed.\u0026rdquo; Satellite has come a long way. Richard\u0026rsquo;s been at this since version 5, back when it was Spacewalk, and the maturity of today\u0026rsquo;s Satellite is a different world. If your mental model is old, this is a good reset. Have a plan before you type. Getting Satellite stood up is mostly about getting the fundamentals right first, so I walk through the pieces I check before kicking off the installer. If you\u0026rsquo;ve ever logged into a fresh console and wondered what to do next, this series is built for you. Stick around for the rest.\n","date":"16 August 2024","permalink":"https://itguyeric.com/blog/satellite-01-introduction/","section":"Blog","summary":"The first episode of our Satellite miniseries, where Richard Rios and I stand up a Red Hat Satellite server from scratch, live.","title":"Introduction and Installation | Up and Running with Red Hat Satellite 01"},{"content":"Back in my days as a systems administrator, there were no non-production environments. It was all about keeping everything running, all the time, even the dev boxes. So in this episode I take a look at ephemeral environments, a concept for spinning up disposable systems to make building and testing easier for everyone.\nThe IT Guy Show \u0026middot; Episode 6 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nDisposable is the point. Ephemeral environments let you quickly build and test on systems you can throw away, instead of guarding a fixed set of servers forever. They make life easier across the enterprise. The benefit is not just for developers. Easier, safer testing helps the whole organization move. DORA gives you a way to measure it. I got into DORA metrics and minimum viable CD as a way to know whether these changes are actually improving how you ship. It is a different world from where I started, and this one covers why that shift is worth making.\n","date":"13 August 2024","permalink":"https://itguyeric.com/blog/itguyshow-ep06-ephemeral-environments/","section":"Blog","summary":"A look at ephemeral environments, disposable systems that make building and testing easier across the enterprise.","title":"A Quick Look at Ephemeral Environments | The IT Guy Show Ep. 6"},{"content":"For episode 81, my cohost Brian Smith and I revisited Podman Desktop, this time to look at its new AI Lab extension, with developer advocate Cedric Clyburn and a product manager from the Podman Desktop team. Before we get into what AI actually is on this show, we wanted to show how you can run it somewhere other than a cloud bill, on your own laptop, in containers. That is exactly what AI Lab is built for.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 81 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nAI Lab runs large language models locally in containers, so your data stays with you. The guests leaned on the privacy angle, feeding sensitive documents through a model without shipping them off to an online service, pulling models from Hugging Face right onto your machine. A recipe catalog gives you ready-to-run, Kubernetes-shaped use cases. Recipes cover chatbots, summarizers, code generation, audio-to-text, and computer vision, and Cedric demoed an object-detection recipe running as a pod that was almost certain a photo contained a person. Local model serving turns into an app-ready API. Cedric served a model on a local port with a Swagger UI and generated client code in several languages, then closed with a Quarkus and LangChain insurance-claim app doing real prompt engineering against that local model. If you want to get hands-on with AI without renting a fleet of GPUs, AI Lab on Podman Desktop is a genuinely approachable starting point.\n","date":"8 August 2024","permalink":"https://itguyeric.com/blog/rhelpresents-ep81-podman-ai-lab/","section":"Blog","summary":"Brian Smith and I talk with Cedric Clyburn and the Podman Desktop team about the AI Lab extension, which downloads, serves, and builds with LLMs on your own laptop.","title":"Podman Desktop for AI Lab | RHEL Presents Ep. 81"},{"content":"Episode 80 was a long time coming after some scheduling and health hiccups, but my cohost Nate Lager and I finally got back in the RHEL Presents chair with two guests from Yubico, Jonathan Hanlon and Dave Pham. The topic was a feature that landed with 9.4: adding FIDO-compliant passkeys, including YubiKeys, to centrally managed users in RHEL\u0026rsquo;s Identity Manager so they can log in without a password. Nate ran the demos and our Yubico friends filled in the security picture.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 80 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nPasskeys are managed right alongside your users in IdM. Nate created a user in the IdM web console, flipped on passkey authentication, then mapped a YubiKey from the command line with ipa user-add-passkey --register, PIN and a tap on the key and that user was ready to log in with no password at all. The private key never leaves the hardware, and a PIN gates its use. Dave explained there\u0026rsquo;s simply no function to extract the private key from a YubiKey, so even a lost or stolen key is very hard to abuse, especially since the PIN unlocks the credential in the first place. The same passkey works well beyond the login screen. Nate pointed out it authenticates sudo escalations, the RHEL web console over a mobile browser, and even his personal Bitwarden vault, which is a nice reminder that this isn\u0026rsquo;t a one-trick feature. If you\u0026rsquo;re tired of chasing password rotation and phishing, this episode is a practical look at what passwordless can look like on RHEL today.\n","date":"25 July 2024","permalink":"https://itguyeric.com/blog/rhelpresents-ep80-yubico/","section":"Blog","summary":"Nate Lager and I sit down with Yubico\u0026rsquo;s Jonathan Hanlon and Dave Pham to add FIDO passkeys to RHEL users and log in with a YubiKey through Identity Manager.","title":"Passwordless Authentication with Yubico | RHEL Presents Ep. 80"},{"content":"I talked with Justin W. Flory, the Fedora Community Architect, about the work of keeping a huge global community collaborating and engaged. Justin walked me through what Community Operations actually means, how he bridges different teams, and what goes into organizing events like Fedora Flock. It is a thoughtful look at the philosophy behind building healthy open-source communities.\nFedora Podcast \u0026middot; Episode 35 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nCommunity work is real work. Justin helped me see how much intentional effort goes into keeping teams connected across a project as big as Fedora. Events like Flock matter more than they look. We talked about why gathering people, virtually and in person, does so much for momentum and morale. The goal is to empower contributors, not control them. I appreciated Justin\u0026rsquo;s emphasis on enabling community-led initiatives rather than dictating from the top. Give it a listen and let me know what stuck with you.\n","date":"23 July 2024","permalink":"https://itguyeric.com/blog/fedora-ep35-community-architect/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 35, where Fedora Community Architect Justin W. Flory shares how he bridges teams, runs events like Flock, and empowers contributors. Watch or listen right here.","title":"Behind the Scenes: The Fedora Community Architect's Role | Fedora Podcast Ep. 35"},{"content":"I sat down with Laura Santamaria, a developer advocate at Dell Technologies, to talk about DevOps and how to actually implement it in a real organization. Her core message stuck with me: people come before processes and tools.\nThe IT Guy Show \u0026middot; Episode 5 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nPeople over processes over tools. Laura is firm that you cannot buy your way to DevOps. The culture has to come first, or the tooling just papers over the problem. Safe failure is a feature. We talked about why teams need room to fail safely, and how that changes the way people take on hard work. You can drive change from where you are. Laura had real, practical advice for individual contributors on affecting change without waiting for a title or permission. If DevOps has always sounded like a pile of tools to you, this reframes the whole thing.\n","date":"17 July 2024","permalink":"https://itguyeric.com/blog/itguyshow-ep05-devops-people/","section":"Blog","summary":"Laura Santamaria of Dell explains why DevOps is about people first, and how individual contributors can drive culture change.","title":"Understanding DevOps: People Over Processes | The IT Guy Show Ep. 5"},{"content":"I explored the world of APIs with Budha, a developer advocate at Tyk, an API management platform. We started at the fundamentals and worked our way up to what it takes to make an API production-ready.\nThe IT Guy Show \u0026middot; Episode 4 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nAPIs are everywhere. Budha helped me frame just how central they have become to modern applications, even the ones you do not think of as API-driven. Gateways do the heavy lifting. We talked through how an API gateway manages and secures your APIs so you are not reinventing that layer yourself. Production-ready is its own bar. Getting an API working is one thing. We got into the considerations that separate a demo from something you can actually run at scale. If APIs have always felt a little abstract, Budha does a great job making them concrete.\n","date":"3 July 2024","permalink":"https://itguyeric.com/blog/itguyshow-ep04-apis/","section":"Blog","summary":"Budha, a developer advocate at Tyk, walks me through APIs from fundamentals to production-ready with gateways.","title":"APIs Decoded: From Basics to Production-Ready | The IT Guy Show Ep. 4"},{"content":"I brought on JJ Asghar from IBM, who is deeply involved with the open-source AI project InstructLab, to talk about why open and transparent AI development matters. JJ is genuinely passionate about this, and it comes through.\nThe IT Guy Show \u0026middot; Episode 3 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nKnow what you are actually talking about. JJ drew a clear line between true AI and the large language models we are all using today, which changes how you reason about them. Open data and open models fight bias. We got into why transparency is not just a nice-to-have. It is how the community keeps these systems accountable and ethical. InstructLab lowers the barrier. JJ walked through how the project lets more people contribute to and shape open models, instead of leaving that power in a few hands. If AI feels like a black box you have no say in, this conversation offers a different path.\n","date":"19 June 2024","permalink":"https://itguyeric.com/blog/itguyshow-ep03-open-ai/","section":"Blog","summary":"JJ Asghar of IBM makes the case for open, transparent AI development and introduces the InstructLab project.","title":"Unmasking AI: Open and Transparent Development | The IT Guy Show Ep. 3"},{"content":"I dove into the world of Fedora documentation with Peter Boy, a university scientist and longtime contributor to the project. We talked about his unusual path from sociology and mathematics into IT infrastructure and open-source docs, and he gave me a behind-the-scenes look at what the Fedora Docs team actually does. It is a short but genuinely useful episode about a part of Fedora that too often goes unnoticed.\nFedora Podcast \u0026middot; Episode 34 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nDocumentation is real, valuable contribution. Peter made a strong case that good docs are just as important to Fedora as the code, and I completely agree. The Docs team faces real challenges. We got honest about the goals and the roadblocks, and it helped me understand why this work needs more hands. You can help without being a developer. One of my favorite parts was the clear call to action; if you can write and organize, the Docs team would love to have you. Give it a listen and let me know what stuck with you.\n","date":"10 June 2024","permalink":"https://itguyeric.com/blog/fedora-ep34-fedora-docs/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 34, where Peter Boy walks me through the Fedora Docs team, its mission, and how you can help. Watch or listen right here.","title":"Revisiting Fedora Docs | Fedora Podcast Ep. 34"},{"content":"If you have ever wanted to convince your boss it is time to buy a product or greenlight a new project, this one is for you. I brought on JT Perry from VMware to walk through how to structure a proposal and actually calculate the return on investment behind it.\nThe IT Guy Show \u0026middot; Episode 2 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nStart with the need, not the tool. JT and I talked about identifying the real problem first, because that is what makes the rest of the request hold together. Learn the money language. We got into ROI, plus the difference between CapEx and OpEx, so your proposal speaks to the people who actually sign off on it. Prove your assumptions. The strongest requests are the ones where you have tested your numbers instead of hoping they are right. It applies to projects, and honestly to your own career too. Whether you are pitching a purchase or making the case for yourself, the framework here travels well.\n","date":"5 June 2024","permalink":"https://itguyeric.com/blog/itguyshow-ep02-it-roi/","section":"Blog","summary":"JT Perry of VMware and I talk through building a business case and calculating ROI for the projects you want to pursue.","title":"Get a Return on Your IT Investment | The IT Guy Show Ep. 2"},{"content":"For episode 78 I brought in two of my favorite people from the RHEL business unit, product manager Ben Brouillard and TMM Matt Micene, to take our first look at image mode for RHEL. The price of admission was agreeing to Ben\u0026rsquo;s new intro bumper, star-shaped glasses and all. Image mode is the idea that you build, ship, and run the operating system itself with the same container tooling you already use for applications, and we got to see it work live.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 78 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nThe command at the heart of image mode is bootc, and yes, there\u0026rsquo;s a story behind the glasses. Ben explained that bootc was written by their coworker Colin, and the star-shaped glasses are a nod to funk bassist Bootsy Collins, a mnemonic so you remember the tool\u0026rsquo;s name. You describe the OS in a Containerfile, but the target is a real machine, not a running container. Matt walked through a short Containerfile built on a bootc base image, then kickstarted a VM where Anaconda pulls the container image straight onto disk, no packages block required, and the whole build-and-boot cycle ran in a couple of minutes. Image mode gives you image-based updates and rollbacks driven by whatever CI and registry you already have. A deployed host watches its origin registry and applies updates when the image changes, and Matt even ran a surprise GitHub Actions demo to prove the pipeline works with any CI system and registry. If you\u0026rsquo;ve been curious what it looks like to treat RHEL itself like a container image, this one is a solid place to start.\n","date":"16 May 2024","permalink":"https://itguyeric.com/blog/rhelpresents-ep78-image-mode/","section":"Blog","summary":"Ben Brouillard and Matt Micene join me for a first look at image mode for RHEL, building and shipping the operating system with container tooling and bootc.","title":"First Look at Image Mode for RHEL | RHEL Presents Ep. 78"},{"content":"","date":null,"permalink":"https://itguyeric.com/series/red-hat-webinars/","section":"Series","summary":"","title":"Red Hat Webinars"},{"content":"Fresh off Red Hat Summit in Denver, I ran this live product-update webinar, slide decks and all, on RHEL 9.4 and 8.10. Alongside the release features there was a pile of Summit announcements to unpack, so we covered technical bits, offering updates, and the timelines you need on your calendar.\nA few things worth carrying away from this one:\nImage mode could change how we build systems. I\u0026rsquo;m genuinely excited about it: you build a full RHEL install as a bootc bootable container, run system roles and configs against it like any container, push it to a registry, then deploy the exact same image to bare metal, VMs, or cloud through your CI/CD pipeline. New Ansible system roles keep landing. My top pick this release is the bootloader system role, since the boot countdown clock is the thing I fiddle with most, plus new roles for LVM snapshots and fapolicyd, all driven from a dozen lines of YAML across your whole fleet. Techmageddon 2024 is a real date to know. I walk through the life-cycle cliff: CentOS Linux 7 ends June 30, RHEL 6 ELS ends June 30, RHEL 7 moves into ELS, and RHEL 8 shifts to maintenance around June 1, while RHEL 9 stays in full support through 2027. There\u0026rsquo;s a lot packed in here, from ARM64 virtualization going GA to YubiKey passkey login and a first look at RHEL Lightspeed.\n","date":"15 May 2024","permalink":"https://itguyeric.com/blog/whats-new-rhel-9-4/","section":"Blog","summary":"A live webinar covering RHEL 9.4 and 8.10 features alongside the big Red Hat Summit 2024 announcements.","title":"What's New in Red Hat Enterprise Linux 9.4 and 8.10"},{"content":"Episode 77 dropped the same morning RHEL 9.4 hit the wild, so I was exhausted but happy, and my cohost Brian Smith and I got to dig into one of his favorite topics: Red Hat Satellite. Our guest was Pete Sackett, a senior technical account manager supporting our FSI teams, who\u0026rsquo;s been at Red Hat cumulatively about ten years and has used Satellite going all the way back to versions 4 and 5. I\u0026rsquo;ll admit I have some scars from the Satellite 5.x days, so it was a real pleasure to talk about how much better things are now.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 77 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nSatellite 6 was a complete rewrite, and it shows. Pete walked through how versions 4 and 5 were built on upstream Spacewalk, while 6 is a collection of individual upstream tools pulled together and focused for Red Hat customers. The heart of Satellite is patching, life cycle, and content management. That\u0026rsquo;s the part most customers lean on, and it\u0026rsquo;s where we spent most of the episode, but Pete was clear it\u0026rsquo;s really a broader organizational management tool. It genuinely tames chaos across a fleet. The whole premise is keeping packages, critical fixes, and environments straight instead of managing systems one at a time. If you\u0026rsquo;re running more than a handful of RHEL systems, this episode makes a strong case for letting Satellite carry the load.\n","date":"2 May 2024","permalink":"https://itguyeric.com/blog/rhelpresents-ep77-satellite/","section":"Blog","summary":"Pete Sackett joins Brian and me to break down Red Hat Satellite, from patching and life cycle to content management, and how far it has come since version 5.","title":"Controlling Chaos with Red Hat Satellite | RHEL Presents Ep. 77"},{"content":"The Apple Vision Pro stands to be one of the next innovations that changes how we use technology. Is it there yet? Not quite, but read on to see what I discovered. I\u0026rsquo;ve been in IT since before it was my chosen career path. When I first started out in my career, I was just an enthusiast. I enjoyed getting the latest gadgets, learning about them, and playing with them. I remember being a senior in high school and buying a Palm Pilot. I may have even played Hearts during our science class.\nA lot of days, it\u0026rsquo;s a slog. If you are a SysAdmin, like I was, it takes many days to work to keep the lights on. You try to learn and grow your toolbox, but most days, it\u0026rsquo;s resetting that same user\u0026rsquo;s password for the third time this month.\nNow and then, you have those days where you sit back and go, \u0026ldquo;This could be something!\u0026rdquo; I did that today. I\u0026rsquo;m in the grind of getting video and presentation content ready for the following Red Hat Enterprise Linux release ready to go out the door, as well as our upcoming Red Hat Summit conference. I needed a break.\nI\u0026rsquo;ve heard people talking about Apple\u0026rsquo;s first steps into the VR world, and I wanted to see them for myself. While I bleed Linux, I am an undying Apple Fanboy. I have most of their tech somewhere in my house. So, why not!?\nYou can reserve a slot online for an in-person, 30-minute guided demonstration of how to fit, calibrate, and use the device. Wear prescription glasses? No problem; they can scan your lenses and fit your unit with inserts to match.\nI have only played with Meta Quest 2 for a couple of days, so I had little more experience to go on for my demo. I initially thought it was a sleek-looking headset, but how heavy would this be?\nOnce you put on the device, you adjust a knob on the side of the headband. You can tighten it to wear it; it\u0026rsquo;s solid yet comfortable. My initial fear was that it would be too heavy, not so! Yes, it has some weight, but it took a little time to get used to it.\nFor my demo, I wanted the full experience. I wanted to be guided through the basics - you can customize your tour, but I wanted to avoid going in with any preconceptions. We started with hand gestures and the home screen.\nApple Watch users will be familiar with the crown that twists and clicks. However, the main interaction isn\u0026rsquo;t with hand gestures or the crown; it\u0026rsquo;s with your eyes! Tiny cameras line the inside of the visor and track your eye\u0026rsquo;s movements. You look at an icon, and it will highlight. Then, all you have to do is pinch two fingers together to select.\nWe looked at pictures from standard images to iPhone-based panoramas to something new called immersive mode (available now on iPhone 15 Pros and Max Pros). I won\u0026rsquo;t spoil anything, but it looked like I was in the room!\nWe moved to playing a pinball game, watching movie trailers, and searching the internet. Moving windows around, resizing, and scrolling was a breeze! I got tripped up a little when it came to typing.\nUltimately, it was an exciting experience. I really enjoyed the digital tour. I can see many use cases for travel and taking my books, studies, and multimedia.\nIs it a daily driver? I do online research, work on Linux servers, and interact with an office suite all day. I recommend not. Is it worth the price tag to not be a daily driver? No.\nHowever, that is today. The hardware and interactivity were far beyond my expectations. I count this as a public beta, version 1.0. The Vision Pro has come a very long way since its release. Third-party and iOS mobile apps are getting better support all the time.\nSo, when it\u0026rsquo;s released, the Apple Vision Pro 2 will be hard to say no to!\n","date":"30 April 2024","permalink":"https://itguyeric.com/blog/apple-vision-pro-it-guys-first-impressions/","section":"Blog","summary":"The Apple Vision Pro stands to be one of the next innovations that changes how we use technology. Is it there yet? Not quite, but read on to see what I discovered.","title":"Apple Vision Pro | IT Guy's first impressions"},{"content":"","date":null,"permalink":"https://itguyeric.com/series/into-the-terminal/","section":"Series","summary":"","title":"Into the Terminal"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/into-the-terminal/","section":"Tags","summary":"","title":"Into the Terminal"},{"content":"The right response to an SELinux denial is to debug it, not turn it off. This episode is the troubleshooting toolkit.\nInto the Terminal \u0026middot; Episode 103 Open the full episode page \u0026rarr; What this episode covers:\nReading denials from the audit log with ausearch and sealert. Fixing labels with restorecon and semanage fcontext. Setting booleans or writing policy instead of going permissive. Watch the full walkthrough above.\n","date":"12 April 2024","permalink":"https://itguyeric.com/blog/into-the-terminal-ep103-troubleshoot-selinux/","section":"Blog","summary":"Reading denials from the audit log with \u003ccode\u003eausearch\u003c/code\u003e and \u003ccode\u003esealert\u003c/code\u003e.","title":"Techniques to Troubleshoot SELinux | Into the Terminal 103"},{"content":"Episode 75 landed in the middle of release season and Summit prep, and my cohost Brian Smith and I were glad to step away from the slide decks to talk subscriptions. Our guest was Rich Dorito, team lead of the hybrid cloud subscription experience group, whose team is responsible for the subscription experience across all of Red Hat\u0026rsquo;s platforms. Rich has been at Red Hat close to fourteen years across solutions architecture, Satellite, and product management, and he\u0026rsquo;s spent the last several years making the way you buy and manage RHEL a lot less painful.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 75 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nA Red Hat subscription is access to software, services, and support, governed by a business model and time. Rich\u0026rsquo;s clean definition cuts through a lot of the confusion people carry into this topic. The subscription and system management experience has genuinely gotten easier. I\u0026rsquo;ve watched it change a lot over the years, and Rich\u0026rsquo;s team is the reason it\u0026rsquo;s moved toward something sane and clean rather than a maze. Trials are a real on-ramp, not a gotcha. The episode is built around helping you actually access RHEL, including trials, so you can get hands-on without guessing your way through the process. If subscriptions have ever felt like the confusing part of using RHEL, this conversation is a helpful reset.\n","date":"4 April 2024","permalink":"https://itguyeric.com/blog/rhelpresents-ep75-subscriptions/","section":"Blog","summary":"Rich Dorito joins Brian and me to explain what a Red Hat subscription actually is, how to access trials, and why the whole experience got so much cleaner.","title":"Access RHEL Subscriptions Trials \u0026 More | RHEL Presents Ep. 75"},{"content":"For the very first real episode, I sat down with Karl Abbott, a product manager at Element, to dig into the Matrix protocol and what open, decentralized communication actually looks like in practice. It was the perfect topic to kick things off with.\nThe IT Guy Show \u0026middot; Episode 1 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nMatrix is an open protocol, not just an app. Karl helped me frame why that distinction matters, and why decentralization changes who owns your conversations. Bridges are the secret weapon. We talked through how Matrix can connect to the tools your team already lives in, so you do not have to force everyone to switch overnight. Element brings it to life. From encrypted chat to location sharing and video, Karl showed how the Element client turns the protocol into something you can actually hand to real users. If you have ever wanted to own your communications instead of renting them, this is a good place to start.\n","date":"27 March 2024","permalink":"https://itguyeric.com/blog/itguyshow-ep01-element-matrix/","section":"Blog","summary":"My first guest, Karl Abbott of Element, walks through the Matrix protocol and decentralized, encrypted communication.","title":"Get Into Your Element | The IT Guy Show Ep. 1"},{"content":"Episode 74 was one Brian Smith and I had in the works for months. We finally sat down to talk about Stratis, a feature that had been in tech preview since RHEL 8.0, and the very first thing I did was debunk the myth that it\u0026rsquo;s a file system. It isn\u0026rsquo;t. To sort it all out we brought back product manager Bob Hanlon, who helped shape the plan for Stratis in its early days, and pulled in specialist solutions architect Billy Holmes, who we grabbed off the previous week\u0026rsquo;s Day in the Life episode.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 74 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nStratis is a storage management tool, not a file system. I said it up top and I\u0026rsquo;ll say it again here, because it\u0026rsquo;s the single most common misunderstanding and the whole episode hinges on getting that straight. Being a storage target raises the bar. Bob pointed out that Red Hat doesn\u0026rsquo;t always ship storage as a target, and when you do, expectations around data protection and data management go way up, which is part of why Stratis took its time. It\u0026rsquo;s been a long road out of tech preview. This feature spent close to five years maturing since RHEL 8.0, and watching it grow and change is a good lesson in how deliberately storage gets built. If you manage local storage on RHEL and want a cleaner way to do it, this episode is a solid introduction to what Stratis is really for.\n","date":"21 March 2024","permalink":"https://itguyeric.com/blog/rhelpresents-ep74-stratis/","section":"Blog","summary":"Bob Hanlon and Billy Holmes join Brian and me to unpack Stratis on RHEL, why it is a storage management tool and not a file system, and how it grew up.","title":"Stratis Unleashed | RHEL Presents Ep. 74"},{"content":"This is the one that started it all. In under two minutes, I introduce The IT Guy Show and lay out why I wanted to build it in the first place.\nThe IT Guy Show \u0026middot; Episode 0 Open the full episode page \u0026rarr; A few things worth carrying away from this one:\nWhy I am doing this. I wanted a show that celebrates the people and talks about the technology that is changing our world. The mission. It really comes down to sharing my love for open source and building a stronger community around it. What comes next. This is just the setup. Real conversations with real guests start in the very next episode. Short and sweet. Thanks for being here at the beginning.\n","date":"17 March 2024","permalink":"https://itguyeric.com/blog/itguyshow-ep00-announcement/","section":"Blog","summary":"A two-minute kickoff introducing The IT Guy Show and the mission behind it.","title":"The Big Announcement | The IT Guy Show Ep. 0"},{"content":"Even a terminal series takes a desktop break. This episode covers getting more out of GNOME Shell.\nInto the Terminal \u0026middot; Episode 99 Open the full episode page \u0026rarr; What this episode covers:\nKeyboard shortcuts and workspaces for a faster workflow. Extensions that add the missing pieces. Small tweaks that make the desktop yours. Watch the full walkthrough above.\n","date":"15 March 2024","permalink":"https://itguyeric.com/blog/into-the-terminal-ep99-gnome-shell/","section":"Blog","summary":"Keyboard shortcuts and workspaces for a faster workflow.","title":"Tips and tricks for GNOME Shell | Into the Terminal 99"},{"content":"If the idea of an in-place conversion makes you a little nervous, I hear you, and that\u0026rsquo;s exactly why Red Hat\u0026rsquo;s engineering team built a pre-conversion analysis tool. In this tech tip I register a CentOS Linux 7 system to Red Hat Insights, run the pre-conversion analysis, and let it inspect hundreds of data points before we commit to anything. When it flags an inhibitor, I fix the issue, re-run it, get a green light, and then run the conversion itself.\nA few things worth carrying away from this one:\nLook before you leap. The analysis inspects hundreds of data points and tells you about blockers, like an outdated package, before you start. In the demo an EPEL release package needed updating, which is an easy fix once you know. This scales. Whether you\u0026rsquo;re converting one system or thousands, running the analysis and the conversion through Red Hat Insights lets you work across many systems concurrently instead of one at a time. Insights does the setup for you. Behind the scenes it installs the Convert2RHEL utility as part of the pre-conversion process, so once you\u0026rsquo;re green you\u0026rsquo;re ready to convert from the same console. Even if you end up on RHEL 7, you have runway: an in-place upgrade to RHEL 8, or the low-cost migration subscription with up to four years of ELS support.\n","date":"13 March 2024","permalink":"https://itguyeric.com/blog/convert2rhel-pre-conversion-analysis/","section":"Blog","summary":"A tech tip on the Convert2RHEL pre-conversion analysis, run through Red Hat Insights to catch blockers before you convert CentOS Linux 7 to RHEL.","title":"Streamlining Migrations with Convert2RHEL's Pre-Conversion Analysis"},{"content":"Episode 73 brought back our Day in the Life series, and after a botched intro to kick things off, my cohost Brian Smith and I welcomed Chuck Marshall, an account solution architect here at Red Hat. Chuck\u0026rsquo;s focus is infrastructure across the three big pillars: Red Hat Enterprise Linux, Ansible Automation Platform, and OpenShift. He\u0026rsquo;s coming up on a decade at Red Hat, came in from a long background as a developer, and gave us a candid look at what the job actually involves day to day.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 73 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nAn account solution architect owns the technical relationship, not just a product. Chuck is the field-facing first point of contact for his customers across the whole Red Hat portfolio, teamed up with an account representative. You don\u0026rsquo;t have to start in sales to end up here. Chuck spent fourteen or fifteen years as a developer and never expected to move into a field role, which is a reminder that these career paths are rarely a straight line. The role is broad by design. RHEL, some Ansible, some Satellite, a little of everything, so the SAs get to stay generalists while still going deep where a customer needs it. If you\u0026rsquo;re curious what a solutions architect does all day, or wondering whether it\u0026rsquo;s a path for you, Chuck lays it out plainly.\n","date":"7 March 2024","permalink":"https://itguyeric.com/blog/rhelpresents-ep73-solutions-architect/","section":"Blog","summary":"Chuck Marshall joins Brian and me to walk through what an account solution architect really does day to day across RHEL, Ansible, and OpenShift.","title":"A Day in the Life of a Solutions Architect | RHEL Presents Ep. 73"},{"content":"In this brief RHEL Shorts tech tip I show how to enable access to the Extra Packages for Enterprise Linux repository, better known as EPEL. It opens up hundreds of packages that don\u0026rsquo;t ship in the standard RHEL repos.\nA few things worth carrying away from this one:\nEPEL is community, not Red Hat support. I\u0026rsquo;m upfront that these packages aren\u0026rsquo;t officially supported by Red Hat, but they usually have a strong following in the upstream ecosystem, so I get the disclaimer out of the way before we jump in. CodeReady Builder comes first. The first step is enabling the CodeReady Builder for RHEL 9 repository through subscription-manager, since EPEL packages often depend on it. The release RPM comes straight from Fedora. I point DNF at the Fedora Project website and install the EPEL release RPM directly from their mirrors, and that\u0026rsquo;s it, you can pull package info and install anything you want from EPEL. Short and sweet: two repos enabled and you\u0026rsquo;ve unlocked a much bigger software catalog.\n","date":"28 February 2024","permalink":"https://itguyeric.com/blog/rhel-shorts-enabling-epel/","section":"Blog","summary":"A brief tech tip on enabling the EPEL repository for extra packages on RHEL 9.","title":"Enabling EPEL for Enhanced Packages"},{"content":"","date":null,"permalink":"https://itguyeric.com/categories/career--open-source/","section":"Categories","summary":"","title":"Career \u0026 Open Source"},{"content":"I get asked on a regular basis how I got my start in Linux; over the last couple of days, I put together my most comprehensive list yet and I wanted to share it with all of you!\nWhere do I start!?\nOne of the best ways to get comfortable with Linux is to utilize it everywhere you are. The first place I think about is your daily computer driver. I learned so much by working in Linux on a daily basis. Linux-powered laptops are far more prevalent than they were a decade ago. I can recommend a few companies that I know are dedicated to Linux: System76, Lenovo, and Slimbook to name a few. Of course, you can buy a lot of these second hand on eBay or similar.\nWhat distribution do I pick?\n(Disclaimer, I work for Red Hat, so I maybe a bit biased.) I talk to Sysadmins regularly who are split between different distribution families. For instance, Ubuntu and Red Hat-based distributions are very different in terms of operation, commands, and\u0026hellip;we\u0026rsquo;ll call them “ idiosyncrasies”. I would recommend if your work uses Red Hat, to focus on learning Red Hat based distros. I, myself, came up in much the same way: I learned Red Hat as a Linux Systems Administrator, so, that\u0026rsquo;s what I primarily use even at home.\nThese include:\n- Red Hat Enterprise Linux (Free Developer Subscription!)\n- CentOS Stream\n- Fedora\nWhat advice can you give for someone interested in learning more about Linux distributions? Where should I start?\nLinux is one of the most studied topics online. There are countless YouTube videos, blogs, and podcasts. I started learning about Linux and Open Source through a podcasting community called Jupiter Broadcasting. They have Matrix channels, live podcasts, and an amazing community of people to help new members learn and grow. I actually got my start podcasting on Linux Unplugged, one of their shows.\nIf you want to get your hands dirty, I would also recommend a Linux laptop and get comfortable with virtual machines and cloud providers. You can get a free credit when you sign up for Digital Ocean (FYI, that\u0026rsquo;s a referral link tied to my account.) You can spin up all sorts of servers, distros, and play with different applications. Their documentation and walkthroughs are next level! I also help support a series of labs for learning on RHEL (Red Hat Enterprise Linux). There are some Admin 101 and Developer 101 labs that are great at teaching the basics of Linux and moving into more complex topics: https://lab.redhat.com. (They are free to use!)\nNumber one thing I can recommend here is to find a community of people to learn and grow with.\n**How did you discover that you wanted to focus on System Administration, and do you have any insights for someone interested in this specialization?\n**\nGreat question. Since I was 5, I had an interest in computers. I learned how to change my Dad’s desktop wallpaper on an old Mac PC and never stopped learning from there. Once I graduated high school and started college at DeVry University, I did the obvious thing: I signed up for a computer science degree. A couple of semesters in, I was taking a C# class and knew I would never survive as a developer. I got so lost with arrays, ha ha! So, I distinctly remember walking by this lab with racks of hardware, cables, and flashing lights. I knew that was where I needed to be. I went to my school advisor and switched my major to Network Communications Management. I started learning Cisco, firewalls, switching, and my favorite - operating systems.\nAround the same time, I got a job as an IT Support Intern for a local municipality. I got to do desktop support, help desk, and even some Active Directory management. I loved what I was doing. After college, I got a job doing IT support - desktop and servers. After a couple of years, I was managing all sorts of servers and working on desktop refresh programs - new hardware every few years, desktop imaging and the like. I helped manage a handful of Linux servers that no one else really wanted to touch; I had tinkered with Linux in my college days, and decided I wanted to specialize.\nI pursued a new job that would allow me to focus on Linux Systems Administration and started studying for my RHCSA (Red Hat Certified Systems Administrator). Over almost a decade, I was a Linux Systems Administrator, a Linux Systems Engineer, then a Solutions Architect (pre-sales Sysadmin basically), then finally about 2 1/2 years ago moved into Technical Marketing for RHEL where I really hit my stride!\nWhat experiences and skills would be helpful for someone entering this field?\nIn today’s computer-driven resume world, its important to check as many boxes as you can. Have a “home lab” (like Digital Ocean or a PC at home you use as a “server”). Showing that you are constantly learning is huge. A bachelors degree is a huge plus as well as a technical certification in a field related to what you are interested. You don’t have to have all this up front but every step you take makes it easier to get the next job then the next and so on.\nIn your opinion, where’s the best place for me to find out about openings within this field?\nNow, its been 6+ years since I had to job hunt… However, from what I’ve kept my eye on, LinkedIn is a HUGE place to get started. In fact, LinkedIn Premium is a good way to go. You can use their “AI” to help you write a title and about sections. LinkedIn has job postings, but you can also mark yourself as \u0026ldquo;open to work” and job recruiters will find you and match you to jobs they have available. (The link above will give you 2 months of Premium for free, after that it gets really expensive but you can cancel at any time.)\nThere are still other sites like Monster and Dice, but I haven’t had good luck there. Though if you are really eager to start your IT career you can never send out enough resumes!\nDo you know of any programs or webinars that you think could be helpful to someone looking to enter the IT Support field?\nOh do I! You can check out the Sudo Show where I am a founder and former host. The Sudo Show is part of the Tux Digital Network, home of Destination Linux among others. There’s Jupiter Broadcasting and the Ask Noah Show. There’s the Fedora Podcast, the CentOS video podcast (new), and the RHEL YouTube channel. Our show Into the Terminal is a great place to start learning.\nDo you know of other individuals in the field whom I could contact?\nI’d start with posting questions on LinkedIn or Mastodon and using hashtags, like #linux. Get invovled with podcasting communities like the Ask Noah Show or Jupiter Broadcasting. They are on Discord, Mastodon, Telegram, and others!\nI hope these questions and answers help you in your journey. I\u0026rsquo;d love to know what other topics you\u0026rsquo;d like me to cover or what other questions you may have. My virtual door is always open!\nI know a lot of these resources have my name attached to them in some way, but one of the reasons I moved from Systems Administration to Technical Marketing was to build tools and resources I could have used when I was in your place - to learn and grow into a field I was very interested in.\nImage courtesy of Max Duzij, Unsplash\n","date":"26 January 2024","permalink":"https://itguyeric.com/blog/getting-started-with-linux-and-i-t-careers/","section":"Blog","summary":"I get asked on a regular basis how I got my start in Linux; over the last couple of days, I put together my most comprehensive list yet and I wanted to share it with all of you!","title":"Getting Started with Linux and I.T. Careers"},{"content":"This episode is about the full loop of building applications with GitLab on RHEL — source, pipelines, and deployment on a supported platform.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 72 Open the full episode page \u0026rarr; What this episode covers:\nRunning GitLab and its CI/CD runners on RHEL. Wiring up pipelines that build, test, and deploy. Why a supported OS underneath your DevOps toolchain matters. Watch the full episode above.\n","date":"24 January 2024","permalink":"https://itguyeric.com/blog/rhelpresents-ep72-gitlab-on-rhel/","section":"Blog","summary":"RHEL Presents 72 on building apps with GitLab on RHEL.","title":"Building Applications with GitLab on RHEL | RHEL Presents Ep. 72"},{"content":"For episode 71 my cohost Brian Smith and I had a full house. We dug into Red Hat Services, the consulting side of Red Hat, and I said up front that I wish I\u0026rsquo;d had access to it back in my sysadmin days. We brought on three experts to cover the breadth of the portfolio: Jerome Young on the platform side (RHEL, Satellite, identity management, Ansible), David Gordon on middleware and application services (integration, APIs, app development), and Matt Witzman from the OpenShift and cloud platform practice. The idea was to talk through what happens when you\u0026rsquo;ve got a distribution, management tools, and automation in front of you and you\u0026rsquo;re not sure where to start.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 71 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nRed Hat Services is there for the \u0026ldquo;where do I even begin\u0026rdquo; moment. Whether you\u0026rsquo;re a new customer or evaluating becoming one, consulting is meant to help you get engaged and moving along a path instead of staring at a pile of tools. The portfolio is broad, and so is the help. We deliberately pulled in platforms, middleware, and OpenShift because a real environment rarely lives in just one of those buckets, and the services side spans all of them. The best lessons come from the field. I tried to coax anecdotes out of our guests about what they\u0026rsquo;ve actually seen in the wild, because that\u0026rsquo;s where the value of experienced consultants really shows up. If you\u0026rsquo;re standing up Red Hat technology and want a sense of how consulting fits in, this episode is a friendly walkthrough.\n","date":"14 December 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep71-red-hat-services/","section":"Blog","summary":"Brian and I sit down with Red Hat Services experts across platforms, middleware, and OpenShift to talk about how consulting helps you get off the ground.","title":"Optimize IT Operations with Red Hat Services | RHEL Presents Ep. 71"},{"content":"Episode 70 was a rare one for us: Nate and I were live and in person, sitting right next to each other on the show floor at AWS re:Invent. It\u0026rsquo;s only about the second time that\u0026rsquo;s happened on RHEL Presents, and we spent two months getting set up to broadcast from the booth. We talk about what Red Hat brought to the event with our AWS partners, and we pulled in Stu Miniman, a senior director on the OpenShift side and a re:Invent veteran, to give us the lay of the land from the keynotes and the floor.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 70 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nDoing the show live and in person is a whole different animal. Nate and I are usually remote, so being trapped together in a booth for the week made for a looser, more conference-flavored episode than our usual studio setup. re:Invent is the Super Bowl for our industry, and Red Hat shows up for it. Stu has been to nearly every re:Invent, and he framed just how big the partnership footprint has become, from customers to practitioners to years of executive interviews at the show. Convert2RHEL is the throughline for meeting people where they are. The reason we were on that floor was to talk about moving existing Linux workloads onto RHEL, especially on AWS, without a full rebuild. If you\u0026rsquo;ve ever wondered what it\u0026rsquo;s like to run the show from a conference floor, this one captures the chaos and the fun of it.\n","date":"30 November 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep70-convert2rhel-reinvent/","section":"Blog","summary":"Nate and I broadcast live from the AWS re:Invent show floor to talk Convert2RHEL, RHEL on AWS, and the buzz around the conference with guest Stu Miniman.","title":"Convert2RHEL Live at AWS reInvent | RHEL Presents Ep. 70"},{"content":"For episode 69 my cohost Brian Smith and I welcomed back Nuno Martins, a principal technical marketing manager on the Ansible business unit, who last joined us on episode 47 for an intro to Ansible Automation Platform. This time we picked up where automation usually stops: instead of you running a playbook, we talk about how the platform can listen for events and respond on its own. It was a fun one to record between a wall of livestreams and the recent RHEL 9.3 launch.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 69 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nEvent-Driven Ansible flips automation from something you trigger to something that triggers itself. Rather than logging in to run a playbook when something breaks, you let sources feed events in and let rules decide what runs. This builds on Ansible Automation Platform, not around it. Nuno framed event-driven work as an extension of the same automation foundation we covered back on episode 47, so the skills you already have carry forward. If you want the fundamentals first, start with the intro. We pointed folks back to Nuno\u0026rsquo;s earlier episode for the elevator pitch on what Ansible Automation Platform is and what it\u0026rsquo;s trying to solve before layering event-driven ideas on top. If you\u0026rsquo;ve been automating tasks but still babysitting the alerts, this episode is a good nudge toward closing that loop.\n","date":"16 November 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep69-event-driven-ansible/","section":"Blog","summary":"Nuno Martins joins Brian and me to explain how Event-Driven Ansible listens for events and kicks off automation without a human in the loop.","title":"Event-driven Infrastructure with Ansible | RHEL Presents Ep. 69"},{"content":"Every minor RHEL release bundles up months of incremental work into one place, and the What\u0026rsquo;s New webinars are how Red Hat walks through what actually changed. This one covers RHEL 9.3 and the parallel 8.9 release.\nThemes worth watching for in this one:\nImage building keeps getting easier. RHEL Image Builder continues to expand what you can produce and where you can push it, which is central to the \u0026ldquo;build once, deploy anywhere\u0026rdquo; story these releases lean into. Security and compliance updates. Each release refreshes security profiles, crypto policies, and hardening options — the kind of thing worth reviewing before you standardize a new base image. Management from the web console. More day-two tasks keep moving into the Cockpit web console, lowering the barrier for teams that do not want to live entirely on the command line. If you run a RHEL fleet, the What\u0026rsquo;s New webinars are a fast way to decide what a minor release means for your environment. Watch the full session above.\n","date":"15 November 2023","permalink":"https://itguyeric.com/blog/whats-new-rhel-9-3-8-9/","section":"Blog","summary":"The webinar walkthrough of RHEL 9.3 and 8.9: image builder improvements, security and compliance updates, identity management, and easier day-two management from the web console.","title":"What's New in RHEL 9.3 and 8.9"},{"content":"We just celebrated the Fedora Project\u0026rsquo;s birthday, so I brought on two people who have seen a lot of it firsthand: longtime contributor Neal Gompa and Fedora Project Lead Matthew Miller. We reminisced about where Fedora came from, looked at what shipped in Fedora Linux 39, and got plenty of laughs in along the way. It is a warm, story-filled episode about the people behind the distro.\nFedora Podcast \u0026middot; Episode 33 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nFedora\u0026rsquo;s history is really a history of its people. Hearing Neal and Matthew trace the project\u0026rsquo;s roots reminded me how much of Fedora is built on years of individual contributions. Fedora Linux 39 was a milestone worth celebrating. We spent time on what landed in the release, and it was a good reminder of how far each cycle moves the project forward. The birthday is a good excuse to look forward, too. Between the laughs, we talked about where Fedora is heading, and I came away optimistic about the road ahead. Give it a listen and let me know what stuck with you.\n","date":"8 November 2023","permalink":"https://itguyeric.com/blog/fedora-ep33-fedora-saga/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 33, a birthday celebration where Neal Gompa and Matthew Miller reminisce about Fedora\u0026rsquo;s history and look ahead to Fedora Linux 39. Watch or listen right here.","title":"The Fedora Saga: Longtime Contributors Share Their Stories | Fedora Podcast Ep. 33"},{"content":"This is a topic close to my heart: how the RHEL sausage gets made. Brian Smith and I are joined by two guests who happen to be our leadership, Mike McGrath, VP of core platforms, and Gunnar Hellekson, VP and GM for Red Hat Enterprise Linux. We get into what Red Hat Enterprise Linux actually is, how the upstream-first ethos works in practice, and why you can\u0026rsquo;t have RHEL without Fedora and CentOS Stream feeding into it.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 68 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nRHEL, CentOS Stream, and Fedora are one pipeline, not separate islands. As I like to say, you can\u0026rsquo;t have RHEL without Fedora and CentOS Stream, and this episode traces how work flows from the community upstream into the enterprise product. The Halloween release is part of Red Hat\u0026rsquo;s DNA. Gunnar reminded us that Red Hat Linux first shipped back in 1994 around Halloween, and that cadence still shapes when a new RHEL lands each fall. Upstream-first is a culture, not just a policy. Mike and Gunnar make clear this is core to who Red Hat is, and hearing it straight from the people who lead RHEL development brings that ethos to life. If you want to understand where RHEL comes from, this is the conversation to start with.\n","date":"2 November 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep68-rhel-development/","section":"Blog","summary":"Mike McGrath and Gunnar Hellekson join us to explain how RHEL is developed, the upstream-first ethos, and why you can\u0026rsquo;t have RHEL without Fedora and CentOS Stream.","title":"RHEL in Development | RHEL Presents Ep. 68"},{"content":"I sat down with Neal Gompa, someone who shows up all over the open-source world, from Fedora to openSUSE and plenty in between. We talked about his unconventional road into technology, how he thinks about contributing, and the way he ends up connecting different communities. It is a candid, funny conversation, and I had a great time recording it.\nFedora Podcast \u0026middot; Episode 32 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nContributing does not require a traditional path. Neal\u0026rsquo;s story reminded me that people come into open source from all kinds of backgrounds, and that is a strength, not a barrier. Communities are stronger when they talk to each other. I liked hearing how Neal works across projects instead of staying in one lane, and how much everyone benefits from that cross-pollination. Show up with candor and humor. Neal is honest about what works and what does not, and that kind of openness is exactly what keeps a project like Fedora healthy. Give it a listen and let me know what stuck with you.\n","date":"25 October 2023","permalink":"https://itguyeric.com/blog/fedora-ep32-neal-gompa/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 32, where I sat down with Neal Gompa to talk about his journey into open source and his work across Fedora, openSUSE, and beyond. Watch or listen right here.","title":"How Do You Fedora: Neal Gompa | Fedora Podcast Ep. 32"},{"content":"It\u0026rsquo;s release season in the RHEL BU, and we\u0026rsquo;ve got a packed house for this one. Brian Smith and I are joined by three guests: Terry Bowling from RHEL product management, who owns Image Builder; Amy Farley, who oversees identity, security, and compliance features; and Mohit Goyal from the Insights team, focused on security services. We talk about how, around the 9.2 release, you can now bake compliance configuration directly into your Image Builder images, which matters a lot if you deal with HIPAA, payment data, or other regulated workloads.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 67 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nImage Builder reimagines how you assemble RHEL. Terry described it as a tool for building customized, golden images from a blueprint, so your whole enterprise deploys from a consistent standard. Compliance can be built in, not bolted on. The headline here is combining Image Builder with compliance profiles so your images ship already configured for the baseline your industry requires. It takes several teams working together. Image Builder, security and compliance features, and Insights security services all connect, which is why Terry, Amy, and Mohit collaborate so closely to support RHEL security end to end. If regulated workloads are part of your world, this episode ties the pieces together.\n","date":"19 October 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep67-compliant-images/","section":"Blog","summary":"Terry Bowling, Amy Farley, and Mohit Goyal join us to show how Image Builder can bake compliance profiles right into your RHEL golden images.","title":"Building Compliant Images with Image Builder | RHEL Presents Ep. 67"},{"content":"A laptop built in collaboration with the Fedora Project and preloaded with Fedora Workstation is exactly the kind of hardware announcement I love covering. In this special episode I talked with Alejandro López and Vaja Benidze from Slimbook to unveil the Fedora Slimbook Edition and get into what makes it tick.\nFedora Podcast \u0026middot; Episode 31 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nThis is a real Fedora-and-Slimbook collaboration, not just a sticker. Alejandro and Vaja described how the partnership came together, and it\u0026rsquo;s clear this machine was shaped with Fedora specifically in mind. The hardware details are where it got fun. We walked through what\u0026rsquo;s actually in the laptop, which matters if you\u0026rsquo;re weighing it as your next Linux machine. There\u0026rsquo;s a roadmap beyond this first announcement. The Slimbook team talked through future plans, so this unveiling reads like a starting point rather than a one-off. If you want Fedora on a laptop that was built for it, this episode is a great intro.\n","date":"18 October 2023","permalink":"https://itguyeric.com/blog/fedora-ep31-slimbook/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 31, where Slimbook unveiled the Fedora Slimbook Edition laptop. Watch or listen right here.","title":"Unveiling the Fedora Slimbook | Fedora Podcast Ep. 31"},{"content":"\u0026ldquo;Immutable\u0026rdquo; desktops like Fedora Silverblue and Kinoite promise a sturdier, more predictable computer, but the ideas and even the terminology can trip people up. In this episode Joseph and I sat down with Jorge Castro and Timothée Ravier to dig into what these atomic desktops are really trying to solve and where they\u0026rsquo;re headed.\nFedora Podcast \u0026middot; Episode 30 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nThe goal is reliability, not restriction. We got into what immutability is actually for, and the guests pushed back on the idea that it means a locked-down system you can\u0026rsquo;t customize. A lot of the confusion is a naming problem. We spent real time on what to even call this category, and it\u0026rsquo;s clear the terminology itself is part of why people misunderstand it. Universal Blue and the Atomic Desktop SIG show where the energy is. Jorge and Timothée pointed to the community efforts building on this model, which is where a lot of the interesting work is happening. If you keep hearing \u0026ldquo;atomic\u0026rdquo; and \u0026ldquo;immutable\u0026rdquo; and want the real picture, start here.\n","date":"11 October 2023","permalink":"https://itguyeric.com/blog/fedora-ep30-immutable/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 30, where we rethought the Linux desktop with atomic and immutable systems. Watch or listen right here.","title":"Beyond Immutable | Fedora Podcast Ep. 30"},{"content":"","date":null,"permalink":"https://itguyeric.com/series/modernizing-rhel-management/","section":"Series","summary":"","title":"Modernizing RHEL Management"},{"content":"Here we are at the finale. Over ten episodes we went from \u0026ldquo;what is Insights\u0026rdquo; to building, patching, securing, and right-sizing systems, and today John showed off two features that landed just in time: inventory groups and the pre-upgrade analysis task. It felt like the right way to close things out, with fresh capabilities and a look back at everything we covered.\nA few things worth carrying away from this one:\nInventory groups finally tie access to sets of systems. John grouped hosts and scoped a user to just those, which immediately reminded me of a federal contract where only one team could touch the financial systems. This is a first release, so no nesting yet, but it is a big step. The task service runs a Leapp pre-upgrade analysis for you. Before moving our RHEL 8 image to RHEL 9, it flagged inhibitors and potential problems, including that our older Postgres would need a workload upgrade too. It runs at scale across many systems, which is exactly when you need it. Insights is included, and it moves fast. I said it every episode and I will say it once more: all of this ships with your RHEL subscription at no extra cost, and preview mode lets you kick the tires on what is coming next. That wraps the miniseries. Huge thanks to John Spinks, and if you have not tried Insights yet, this is your sign to go register a system and take a look.\n","date":"11 October 2023","permalink":"https://itguyeric.com/blog/modernizing-rhel-10-pre-upgrades-closing/","section":"Blog","summary":"The finale, covering brand-new inventory groups for RBAC, the Leapp pre-upgrade analysis task, and a look back at the whole miniseries.","title":"Pre-upgrades and Closing | Modernizing RHEL Management 10"},{"content":"This is one of our partner-focused episodes. Brian Smith and I sit down with Karl, the CTO and cofounder of Avassa, and Fredrik Jansen, a solution architect there, to talk about edge container management. A lot of people jump straight to Kubernetes and OpenShift when they hear \u0026ldquo;edge,\u0026rdquo; so we make the case that Red Hat Enterprise Linux itself has a standout story for edge deployments, and that Avassa\u0026rsquo;s engineering team works closely with Red Hat to round it out.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 66 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nEveryone defines \u0026ldquo;the edge\u0026rdquo; differently, so we started there. Karl admitted the term got burned to the ground years ago, so we spent time level-setting before diving into the technology, which is worth doing in any edge conversation. RHEL is a real edge platform, not just a host for Kubernetes. The reason we wanted this episode was to highlight that RHEL has a genuinely standout solution for edge deployments on its own. This is a true partnership, engineer to engineer. Avassa is a Red Hat partner, and their Edge Enforcer is certified on RHEL, with the two engineering teams collaborating closely rather than just co-marketing. If your workloads reach out past the data center, this partner conversation is worth an hour.\n","date":"5 October 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep66-avassa-edge/","section":"Blog","summary":"In this partner episode, Avassa\u0026rsquo;s Karl and Fredrik join us to define the edge and show how RHEL and Avassa work together to manage containers out there.","title":"Edge Container Management with Avassa | RHEL Presents Ep. 66"},{"content":"If you work in a regulated industry like healthcare, or run workloads that have to meet compliance baselines like payment processing, this tech tip is for you. I walk through building security-compliant images with Red Hat Enterprise Linux Image Builder so that regulatory requirements are baked in from the start.\nA few things worth carrying away from this one:\nA blueprint is just a recipe. I frame Image Builder in five simple steps and describe the blueprint as a recipe: list your packages, define a couple of users, enable a service, close a firewall port, and you\u0026rsquo;ve got a golden image, the standard your whole enterprise deploys from. Compliance profiles come from OpenSCAP. I show how tools like CIS benchmarks and PCI DSS map to profiles, and that Red Hat uses the upstream OpenSCAP Workbench to create tailored profiles you can audit and apply against your images. Baselines still need tailoring. My one caveat is that these are baselines, so they\u0026rsquo;ll likely need adjustment for your workload, environment, and the regulations in your area, and you should review your security requirements before you start. Meeting an audit is a lot less stressful when compliance is built into the image instead of bolted on afterward.\n","date":"4 October 2023","permalink":"https://itguyeric.com/blog/rhel-image-builder-compliant-images/","section":"Blog","summary":"I show how to build security-compliant golden images with Image Builder and OpenSCAP profiles.","title":"Building Security-Compliant Images with Red Hat Enterprise Linux Image Builder"},{"content":"You\u0026rsquo;re running business-critical workloads on CentOS Linux, and CentOS Linux 7 is going end of life. That\u0026rsquo;s a lot of hard decisions with not a lot of time, so in this piece I take a step back and walk through the options before demonstrating an in-place conversion from CentOS Linux 7 to Red Hat Enterprise Linux 7 with Convert2RHEL.\nA few things worth carrying away from this one:\nStart by taking inventory. Before you pick a path, ask what workloads you\u0026rsquo;re actually running. That answer shapes whether you rip and replace, containerize, or convert in place. The conversion is reversible until it isn\u0026rsquo;t. Convert2RHEL takes inventory, backs up configs, and disables CentOS repos before making any irreversible change. It even builds a second boot environment so the switch to RHEL 7 is clean. You can buy yourself time. With the third-party Linux migration offering you can receive RHEL 7 updates for up to four years past the CentOS Linux 7 end of life, running the same workloads on the same servers while you plan your next move. The CentOS Linux 7 end of life may feel daunting, but it\u0026rsquo;s not insurmountable. Start planning your migration today.\n","date":"28 September 2023","permalink":"https://itguyeric.com/blog/centos-to-rhel-path/","section":"Blog","summary":"A guided look at the CentOS Linux 7 end-of-life decision, then an in-place conversion to RHEL 7 with Convert2RHEL and extended life cycle support.","title":"The Path from CentOS Linux to RHEL"},{"content":"We are on the next-to-last episode, and this week John pulled back the curtain on two things we had been using all series without really examining: the inventory and identity. The inventory in the hybrid cloud console holds more than just Insights systems, and role-based access control is what determines whether your users can actually see and act on any of it.\nA few things worth carrying away from this one:\nThe inventory is bigger than Insights. Filtering by data collector, I could see systems connected only through subscription manager alongside Insights systems. If something shows up that should not, the data collector at the bottom of the system view tells you what reported it. Systems age out on a clock. Fresh, stale, stale warning, then gone at fourteen days without a check-in. That automatic purge keeps the inventory honest about what is actually still running. RBAC is additive, and access requests should be specific. John demonstrated stripping a user down and then building a group to grant just a vulnerability viewer role. His advice stuck with me: look up the exact role name in the docs and request that, because \u0026ldquo;give me malware access\u0026rdquo; is hard for an admin to action. The extra-credit bit was TAM access requests. As a former sysadmin, I wish I had known Red Hat cannot see your Insights data unless you explicitly grant a time-boxed request. That is a genuinely useful feature.\n","date":"27 September 2023","permalink":"https://itguyeric.com/blog/modernizing-rhel-09-inventory-identity/","section":"Blog","summary":"A close look at the inventory that spans more than just Insights systems, plus how role-based access control shapes what each user can see and do.","title":"Inventory and Identity | Modernizing RHEL Management 09"},{"content":"Most of this mini-series is about getting information out of your RHEL fleet. This episode is about getting that information to you — automatically, in the tools you already watch — instead of hoping someone remembers to open a dashboard. That is what the notifications and integrations side of Red Hat Insights is built for.\nWhat this episode covers:\nNotifications turn Insights events into alerts. Advisor recommendations, new CVEs, policy violations, and drift can all fire notifications, so a finding becomes something that reaches a human rather than sitting quietly in a report. Integrations route those events where your team works. Insights can push to email, Slack, Microsoft Teams, ServiceNow, Splunk, Event-Driven Ansible, and generic webhooks — so RHEL signals land in the same place as the rest of your operational noise. Behavior groups and event types keep it from becoming spam. You choose which event types matter and where each one goes, which is the difference between useful alerting and another firehose everybody mutes. If you have already set up Insights for advisories and compliance earlier in this series, this is the step that makes it proactive. Watch the full episode above for the walkthrough.\n","date":"12 September 2023","permalink":"https://itguyeric.com/blog/modernizing-rhel-08-integrations-notifications/","section":"Blog","summary":"How to route Insights events into email, Slack, ServiceNow, Splunk, and webhooks so RHEL fleet signals show up where your team already works.","title":"Integrations and Notifications | Modernizing RHEL Management 08"},{"content":"After a bit of an identity crisis of my own on the livestream software, it felt fitting to talk about identity management. Brian Smith and I are joined by Nate Lager for an introduction to Red Hat Identity Manager, or IdM, the package that ships with RHEL to handle identity, permissions, and access across your systems. Nate brought a set of demos and framed the whole thing around the zero trust conversation that\u0026rsquo;s so hot in IT right now.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 65 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nIdM is essentially Active Directory for Linux. Nate\u0026rsquo;s high-level description stuck with me: it houses identity, permissions, access rights, even SSH keys, and your Linux systems reference it for all of that, not just RHEL. It ships with RHEL, so there\u0026rsquo;s nothing extra to buy to get started. Identity management is included in the subscription you already have, which lowers the barrier to standing up a real identity layer. Zero trust is more than a buzzword here. Rather than cringe at the term, Nate connected it to real standards around identity security and showed how IdM helps you actually implement those controls. If you\u0026rsquo;re wrangling users and access across a fleet of Linux boxes, this is a solid starting point.\n","date":"7 September 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep65-idm/","section":"Blog","summary":"Nate Lager introduces Red Hat Identity Manager, the identity, permissions, and access layer that ships with RHEL, with demos and a zero trust framing.","title":"Introduction to Identity Manager | RHEL Presents Ep. 65"},{"content":"This one is a little more abstract than the hands-on episodes, but it hits something every team cares about: cost. John walked through the subscription service, which shows what you have purchased against what you are actually using, and resource optimization, which compares your real utilization to cloud instance sizes so you can right-size and save money. Both are about giving you information to make good decisions.\nA few things worth carrying away from this one:\nSystem purpose attributes make the subscription view useful. Tagging systems as production, development, or by SLA is what lets you filter usage meaningfully instead of staring at a big \u0026ldquo;unspecified\u0026rdquo; bucket. Look into simple content access now. John made the point that SCA is going to become the standard, so learning to track your consumption with the subscription service is worth doing before it is mandatory. Resource optimization caught my idle two-XL red-handed. Our miniseries system was idling over 99 percent of the time, and Insights recommended a much smaller t3 instance. Setup is basically download a playbook and run it, then wait a day for data. Neither of these services has a remediation button, and that is by design. Their job is to hand you the numbers and let you decide.\n","date":"6 September 2023","permalink":"https://itguyeric.com/blog/modernizing-rhel-07-managing-costs/","section":"Blog","summary":"The business side of Insights: subscription watch for tracking what you have bought and used, plus resource optimization to right-size your cloud spend.","title":"Managing Costs | Modernizing RHEL Management 07"},{"content":"Budgie is a lightweight, traditional desktop with a devoted following, and Fedora has a spin built around it. In this episode I sat down with Joshua Strobl, founder of the Buddies of Budgie organization, to talk about what Budgie is, who it\u0026rsquo;s for, and where the project is heading on Fedora.\nFedora Podcast \u0026middot; Episode 29 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nBudgie leans into a familiar, traditional desktop feel. Joshua described the design philosophy, and what stuck with me is how intentional the \u0026ldquo;just gets out of your way\u0026rdquo; experience is. It helps to know who the spin is aimed at. We talked through the target user, which is a useful lens if you\u0026rsquo;re deciding whether Budgie fits the way you actually work. The roadmap is where Joshua got genuinely excited. He walked through upcoming features and how people can contribute, so this doubles as an invitation to help shape what comes next. If you like a clean, no-fuss desktop, give the Fedora Budgie spin a look after this one.\n","date":"2 September 2023","permalink":"https://itguyeric.com/blog/fedora-ep29-budgie/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 29, where I talked with Joshua Strobl about the Fedora Budgie spin and the desktop\u0026rsquo;s future. Watch or listen right here.","title":"The Buddies of Budgie | Fedora Podcast Ep. 29"},{"content":"Fedora shipping preinstalled on Lenovo laptops is a big deal for anyone who wants Linux to just work out of the box. In this episode Joseph and I talked with Mark Pearson, technical lead for Lenovo\u0026rsquo;s Linux PC team, about how the partnership came together, what it takes to bring a preloaded machine to market, and Lenovo\u0026rsquo;s sustainability efforts.\nFedora Podcast \u0026middot; Episode 28 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nPreloading Fedora is a long, deliberate collaboration. Mark walked me through the hardware development workflow, and it made clear how much back-and-forth stands between \u0026ldquo;supported\u0026rdquo; and \u0026ldquo;shipped preinstalled.\u0026rdquo; Sustainability is genuinely part of the story here. We spent real time on Lenovo\u0026rsquo;s sustainability initiatives, which is not where I expected a laptop conversation to go, and it stuck with me. This ties directly into Fedora\u0026rsquo;s strategy of reaching more users. Getting Fedora onto vendor hardware is part of a bigger goal, and Mark connected the Lenovo work to that wider push. If you\u0026rsquo;ve ever wanted Fedora to come already installed on a machine, this one\u0026rsquo;s for you.\n","date":"30 August 2023","permalink":"https://itguyeric.com/blog/fedora-ep28-lenovo/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 28, where we got the lowdown on Lenovo shipping Fedora preloaded laptops. Watch or listen right here.","title":"The Lenovo Linux Lowdown | Fedora Podcast Ep. 28"},{"content":"A hands-on revisit of RHEL System Roles focused on managing real systems at scale.\nInto the Terminal \u0026middot; Episode 79 Open the full episode page \u0026rarr; What this episode covers:\nApplying supported roles across many hosts. Standardizing configuration without bespoke playbooks. Where System Roles hand off to Ansible Automation Platform. Watch the full walkthrough above.\n","date":"25 August 2023","permalink":"https://itguyeric.com/blog/into-the-terminal-ep79-system-roles-management/","section":"Blog","summary":"Applying supported roles across many hosts.","title":"Management with System Roles | Into the Terminal 79"},{"content":"This one grew out of an after-stream conversation that just kept going, so we hit record for real this time. Brian Smith and I welcome back Randy Russell, Red Hat\u0026rsquo;s director of certification, for a wide-ranging talk about the value of Linux, how it fits into the open source ecosystem, and how Red Hat is part of that community. I also share a bit of my own path from the support desk to Linux sysadmin to product marketer for the operating system I built my career around.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 64 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nLinux is the foundation careers get built on. I told the story of a college student named Mike I met at an event, and how walking him through my own journey reinforced that a grounding in Linux opens doors across development, operations, and beyond. Open source is a community worth showing up for. Even with recent changes and plenty of FUD floating around, I\u0026rsquo;ve never seen a group more dedicated to a cause than the folks talking about Linux and open source, and that dedication is a big part of the value. The best topics come from the unscripted moments. This whole episode exists because a post-show chat between people in marketing, product, and certification turned into something we all wanted to record and share. If you ever wonder why any of this matters, this conversation is a good reminder.\n","date":"24 August 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep64-value-of-linux/","section":"Blog","summary":"Randy Russell comes back for a bigger-picture conversation about why Linux matters, how open source shapes careers, and where Red Hat fits in the community.","title":"The Value of Linux | RHEL Presents Ep. 64"},{"content":"We are halfway through, and this week is all about security. John walked through the two services that tend to drive Insights adoption: vulnerability management and malware detection. Patching a system does not mean it is protected, so we dug into how Insights helps you cut a wall of CVEs down to the handful that truly demand attention, then set up a live malware scan with EICAR test files.\nA few things worth carrying away from this one:\nSecurity rules and known exploits are how you prioritize. John took 1,200 vulnerabilities down to 34 with security rules, then to three by adding known exploits. That deep threat analysis from Red Hat\u0026rsquo;s product security team is the value add over a raw CVE list. \u0026ldquo;Affected but not vulnerable\u0026rdquo; is a real status. A system can be affected by a CVE but not actually vulnerable because of your configuration, like SELinux in enforcing mode. Insights flags those so you can deprioritize them honestly. Malware detection tells you, it does not fix. There is no remediation playbook here on purpose. When Insights finds malware, you follow your own IT incident procedures, and you can get notified over Slack, email, or Google Chat the moment it triggers. Insights is not a replacement for a Qualys or a Rapid7. It is a RHEL-specific view that helps you clear false positives and back up what your other tools are telling you.\n","date":"23 August 2023","permalink":"https://itguyeric.com/blog/modernizing-rhel-05-protecting-systems/","section":"Blog","summary":"The two services that drive a lot of Insights adoption: vulnerability management with security rules and known exploits, plus Yara-based malware detection.","title":"Protecting your systems | Modernizing RHEL Management 05"},{"content":"Fedora Cloud Edition is the lean, cloud-focused face of Fedora, and it doesn\u0026rsquo;t always get the attention the desktop editions do. In this episode Joseph and I sat down with Major Hayden to dig into what Fedora Cloud is really for, how it differs from the editions most people know, and where the project is heading.\nFedora Podcast \u0026middot; Episode 27 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nFedora Cloud is a deliberately trimmed-down variant. Major explained how it\u0026rsquo;s built to be light and quick to spin up across cloud providers, which is a very different design goal than a full workstation image. The edition\u0026rsquo;s purpose becomes clearer once you hear who it\u0026rsquo;s for. We talked through the target use cases, and it reframed Fedora Cloud as a purpose-built tool rather than just \u0026ldquo;Fedora, but smaller.\u0026rdquo; There\u0026rsquo;s an active community keeping it moving. Major pointed to where the work happens and how to join in, so if cloud images are your thing, there\u0026rsquo;s a clear door in. If you deploy Linux to the cloud, this is a good look at Fedora\u0026rsquo;s option in that space.\n","date":"16 August 2023","permalink":"https://itguyeric.com/blog/fedora-ep27-cloud/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 27, where we unpacked Fedora Cloud Edition with Major Hayden. Watch or listen right here.","title":"Unpacking Fedora Cloud | Fedora Podcast Ep. 27"},{"content":"We got ambitious this week and crammed three services into one episode: Advisor, Policy, and Drift. John started a Postgres workload on our miniseries system, reran the Insights client, and watched Advisor immediately recommend the tuned best practices, then we built a custom policy and compared systems with Drift. It was a lot, but it shows how these services turn raw system facts into things you can actually act on.\nA few things worth carrying away from this one:\nAdvisor is the OG service, and it is still the workhorse. It gave us step-by-step fixes tailored to our exact RHEL version, plus a playbook to apply them. The pathways view especially caught my eye, since it batches several fixes behind one action like a kernel update. Policy lets you self-identify what matters to you. Since you cannot write your own Advisor rules, Policy is how you flag your own conditions, like a missing owner tag on a cloud instance, and get notified over email, Slack, ServiceNow, and more. Drift answers the \u0026ldquo;it worked Friday\u0026rdquo; question. Comparing a system to a baseline or to its own historical profile, you can see exactly what changed, down to package versions, and export it to hand off. Everything here runs off the same system facts Insights already collects, and one reminder from John: this is analytics, not real-time monitoring.\n","date":"16 August 2023","permalink":"https://itguyeric.com/blog/modernizing-rhel-04-operationalize/","section":"Blog","summary":"Three operational Insights services in one episode: Advisor recommendations, custom Policy checks, and Drift comparisons between systems and baselines.","title":"Three Services to Operationalize RHEL | Modernizing RHEL Management 04"},{"content":"This episode is all about getting certified. I\u0026rsquo;m joined by cohost Brian Smith plus two guests from the certification team, Randy Russell, Red Hat\u0026rsquo;s director of certification, and Henry Main, who manages the team that builds many of the exams. We cover why certification matters for both individuals and employers, the progression from RHCSA to RHCE to RHCA, and a solid pile of exam tips drawn from watching where people actually go wrong.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 63 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nRed Hat exams are performance-based on purpose. As Henry put it, would you rather ride with a driver who passed a road test or one who just answered multiple-choice questions? The exams are agnostic about how you solve a task, as long as the result works. Certification gives you confidence, not just a credential. I shared how earning my first RHCSA helped me set aside imposter syndrome, and Randy backed that up with the confidence theme they hear again and again in surveys. Prep smart and check your work. Do the labs without peeking at solutions, knock out the tasks you know cold first, remember configurations must persist after a reboot, and memorize where to find a command rather than every flag. If a Red Hat cert is on your horizon, come back to this one when you start studying.\n","date":"10 August 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep63-certification/","section":"Blog","summary":"Randy Russell and Henry Main walk us through Red Hat\u0026rsquo;s certification path, why the exams are hands-on, and practical tips for passing the RHCSA and RHCE.","title":"Getting Certified with RHEL | RHEL Presents Ep. 63"},{"content":"This week we tackled the thing every sysadmin does constantly: patching. John showed how Insights helps you manage advisories across a whole RHEL fleet, control what content is installable with patch templates, and turn a fix into a signed Ansible playbook you can run without ever leaving the console. We even watched new patches land live mid-demo, which is exactly how patching feels in the real world.\nA few things worth carrying away from this one:\nPatch templates give you content control. By setting a template to a specific date, I could see advisories flagged as applicable but not installable, which mirrors how I used to hold back untested patches until a QA cycle cleared them. You can work backward from an advisory. When something drops, you can open the advisory, see every affected system, and export the list to CSV or JSON. That beats the RPM-and-cut-and-paste reporting I used to do host by host. Remediation playbooks are signed on purpose. John stressed that you cannot inject your own code into these playbooks. That signature is there so Insights never becomes a man-in-the-middle vector, and running them requires an explicitly granted remediations role. If you want to schedule these or add pre and post steps, that is where Ansible Automation Platform or Satellite come in. Insights keeps the generated playbooks locked down for a reason.\n","date":"9 August 2023","permalink":"https://itguyeric.com/blog/modernizing-rhel-03-patch-management/","section":"Blog","summary":"How Insights handles patching at fleet scale, from date-based patch templates to signed remediation playbooks you can run right from the UI.","title":"Simplifying Patch Management | Modernizing RHEL Management 03"},{"content":"Flatpak is how a lot of modern desktop apps get delivered. This episode covers using it on RHEL.\nInto the Terminal \u0026middot; Episode 77 Open the full episode page \u0026rarr; What this episode covers:\nInstalling and updating apps from Flathub and other remotes. How Flatpak sandboxing isolates applications. Where Flatpak fits alongside RPM on the desktop. Watch the full walkthrough above.\n","date":"4 August 2023","permalink":"https://itguyeric.com/blog/into-the-terminal-ep77-flatpak/","section":"Blog","summary":"Installing and updating apps from Flathub and other remotes.","title":"Packaging: Managing Flatpak Applications | Into the Terminal 77"},{"content":"Episode two is nothing but demo, and I love that. John used the image builder service to define a custom RHEL image, connected it to an AWS source, and launched two systems that registered themselves the moment they came up. The image we build here shows up in a lot of later episodes, so the packages and choices we make today matter down the road.\nA few things worth carrying away from this one:\nA source plus an activation key unlocks the good stuff. Once John connected the AWS source, we got gold images, high-precision subscription usage, and auto-registration through both subscription manager and Insights without any manual steps. Preview mode is worth turning on in dev. I encouraged folks to flip it on in test environments, use the newer features, and tap the feedback button. That feedback actually creates a Jira the product team scrubs, so it genuinely shapes the roadmap. Think about everything this replaces. Watching two systems spin up in a couple of clicks, I could not help remembering jump drives, Kickstart files, and running the same graphical installer over and over. And it is all backed by APIs, so you can automate the whole thing. It looked simple, and that was the goal. We did something fairly involved in about twenty minutes.\n","date":"2 August 2023","permalink":"https://itguyeric.com/blog/modernizing-rhel-02-build-and-launch/","section":"Blog","summary":"An all-demo episode where John builds a custom RHEL image and launches two systems straight into AWS with auto-registration turned on.","title":"Build and Launch | Modernizing RHEL Management 02"},{"content":"CentOS Linux 7 is riding off into the sunset, and if you\u0026rsquo;re a sysadmin you\u0026rsquo;re probably wondering how that changes your day to day. I spent years as a CentOS and RHEL administrator, so in this comparison I answer the question I get most often: what new commands and muscle memory do I have to retrain? The honest answer is, not much, but there\u0026rsquo;s a lot you gain.\nA few things worth carrying away from this one:\nThe subscription is easier than you think. Simple Content Access and activation keys mean you register systems with an org ID and a key instead of typing portal credentials into every server. Same muscle memory, less friction. With free Linux, you are the support line. I spent years scouring Stack Exchange threads at 2 AM. The hidden cost of free Linux is your time, energy, and patience. Real support gives that back. The ecosystem is the real difference. Image Builder for golden images, Red Hat Insights included in your subscription, Satellite for life cycle management, and Ansible Automation Platform for the mundane, error-prone tasks. That\u0026rsquo;s what changes the job for the better. Sometimes I wish I could send a few RHEL subscriptions back in time to past Eric. This comparison is my attempt to do that for you.\n","date":"2 August 2023","permalink":"https://itguyeric.com/blog/centos-vs-rhel-management/","section":"Blog","summary":"A former CentOS admin\u0026rsquo;s honest comparison of daily life on CentOS versus RHEL, covering subscriptions, support, Image Builder, Insights, Satellite, and Ansible.","title":"CentOS Linux Management Compared to Red Hat Enterprise Linux"},{"content":"For this episode I\u0026rsquo;m joined by my regular cohost Brian Smith and a very special guest, Fedora Project Leader Matthew Miller. We dig into what Fedora actually is as an entity, how it flows downstream through CentOS Stream into Red Hat Enterprise Linux, and the community\u0026rsquo;s open change process, including the telemetry proposal that had everyone talking. Then we look ahead to Flock, Fedora\u0026rsquo;s first in-person contributor event in four years, this time in Cork, Ireland.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 62 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nFedora isn\u0026rsquo;t legally owned by Red Hat, even though Red Hat pays a lot of us to work on it. Matthew described Fedora as an unincorporated association of individuals, a real community that\u0026rsquo;s much bigger than any one company, and one you have to earn your way into. Doing everything in the open changes how people read the process. The telemetry proposal got heated, but Matthew reminded us that a proposal is a starting point for discussion, not a decision already made, and that Fedora will never track people or monetize user data. The best way to join Fedora is to show up and hang out first. Rather than hunting for a code problem to solve, introduce yourself in the discussion forum or on chat, follow the friends-first foundation, and let where you fit reveal itself. If you\u0026rsquo;re curious how RHEL gets its start upstream, this one is a great place to begin.\n","date":"27 July 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep62-flock/","section":"Blog","summary":"Fedora Project Leader Matthew Miller joins us to unpack the Fedora and RHEL relationship, the community\u0026rsquo;s change process, and the return of Flock in person.","title":"Flock with the Fedora Community | RHEL Presents Ep. 62"},{"content":"This is where our whole Modernizing RHEL Management miniseries begins. John Spinks and I sat down to answer the question a lot of folks keep hearing from a colleague or their Red Hat account team: what actually is this Red Hat Insights thing, and should I use it? Today is deliberately a groundwork episode, so we set the context before the demos really kick off next week.\nA few things worth carrying away from this one:\nInsights lives inside the hybrid cloud console, and the two are not the same thing. I found it helps to think of console.redhat.com as the platform and Insights as a tenant that borrows shared features like role-based access control and notifications. You are not handing Red Hat all your data. John walked through a --no-upload collection and it was about 4.5 MB uncompressed. I compared that to the multi-gigabyte SOS reports from my sysadmin days and my mind was at ease. You can also obfuscate host names and IPs or build a redaction list. Insights is included with your RHEL subscription. I keep coming back to this because it surprises people. Even the free developer subscription gets you Insights, so all of my home lab systems are already registered. If today felt a little dry, that was on purpose. We had to level-set so everyone is on the same page before we start building.\n","date":"26 July 2023","permalink":"https://itguyeric.com/blog/modernizing-rhel-01-getting-started/","section":"Blog","summary":"The kickoff episode where John Spinks and I set the baseline on what Red Hat Insights is and how to get your systems connected.","title":"Management Techniques 101 | Modernizing RHEL Management 01"},{"content":"With the retirement of CentOS Linux upon us, migrating from one distribution to another doesn\u0026rsquo;t need to be complicated or intimidating. In this tech tip I introduce the Convert2RHEL utility and demonstrate converting a CentOS Linux 7 system to Red Hat Enterprise Linux 7 in place. Download the GPG keys, enable the repo, install the utility, answer a couple of prompts, and the tool swaps your CentOS packages for Red Hat-signed ones.\nA few things worth carrying away from this one:\nThe conversion and the result are both fully supported. Once you convert, you can open a support ticket or talk to consulting. You\u0026rsquo;re not out on your own. A rip-and-replace costs you twice. Reinstalling the OS, re-adding users, reinstalling tools, and migrating workloads burns cycles, and in the cloud you pay for double the infrastructure during the migration. Converting avoids all of that. There\u0026rsquo;s a budget-friendly on-ramp. The RHEL 7 for third-party Linux migrations subscription is a low-cost way for CentOS 7 users to move over, with extra years of support and access to the Leap in-place upgrade to RHEL 8 when you\u0026rsquo;re ready. Our consultants have done tens of thousands of these conversions, so whether you have a handful of systems or tens of thousands, you have options.\n","date":"25 July 2023","permalink":"https://itguyeric.com/blog/convert2rhel-centos7-rhel7/","section":"Blog","summary":"A tech tip on converting CentOS Linux 7 to RHEL 7 with Convert2RHEL, including the discounted third-party migration subscription and ELS support.","title":"Convert from CentOS Linux 7 to Red Hat Enterprise Linux 7 with Convert2RHEL"},{"content":"Letting systems fall off supported releases is how you end up with a security problem. This episode makes the case for staying current with in-place upgrades.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 61 Open the full episode page \u0026rarr; What this episode covers:\nLeapp for moving between RHEL major versions without a reinstall. Reading the pre-upgrade report before you commit. Why staying on a supported release beats a risky big-bang rebuild later. Watch the full episode above.\n","date":"12 July 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep61-in-place-upgrades/","section":"Blog","summary":"RHEL Presents 61 on in-place upgrades with Leapp.","title":"Avoid Obsolescence with In-Place Upgrades | RHEL Presents Ep. 61"},{"content":"Back in 2023 I wrote this one for the Red Hat blog to talk through what the CentOS Linux 7 end of life actually means for the people running it. June 30th, 2024 is the date the repositories shut down, no new updates arrive, and a lot of servers need a new home. Because CentOS Linux 7 is a derivative of RHEL 7, I wanted to look at the migration less as a technical exercise and more as a programmatic one.\nOriginally published on Red Hat Read the full article \u0026rarr; A few things I wanted people to walk away with:\nThe most direct path is converting to RHEL. The convert2rhel command replaces CentOS packages with their RHEL equivalents, and it is a supported process, so you keep running the way you already are without a rip-and-replace. Free is not the same as no cost. CentOS is community supported, so you pay in time and DIY effort or by hiring a third party, and that adds up against your team\u0026rsquo;s work-life balance. RHEL buys you predictability and a partner. You get a full 10-year lifecycle, a minor release every six months, certifications a community effort cannot pursue, and tools like Red Hat Insights. If June 2024 is closer than your migration plan is comfortable with, it is worth starting the conversation with your sales or consulting team now.\n","date":"11 July 2023","permalink":"https://itguyeric.com/blog/redhat-centos-eol/","section":"Blog","summary":"I wrote this for the Red Hat blog: CentOS Linux 7 goes EOL on June 30, 2024, and here is why converting to RHEL is the most direct path off it.","title":"CentOS Linux Is Going End of Life, What Does That Mean for Me?"},{"content":"Building and deploying consistent RHEL images used to be fiddly. This episode covers the tooling that makes it close to a one-click affair.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 60 Open the full episode page \u0026rarr; What this episode covers:\nImage Builder for producing consistent, ready-to-deploy images. Pushing images straight to cloud and other targets. Standardizing on a golden image instead of hand-built installs. Watch the full episode above.\n","date":"28 June 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep60-image-deployment-easy-button/","section":"Blog","summary":"RHEL Presents 60 on easy RHEL image deployment.","title":"RHEL Image Deployment Easy Button | RHEL Presents Ep. 60"},{"content":"EPEL is one of those projects that quietly makes enterprise Linux better without getting much of the spotlight. In this episode I sat down with Carl George, an EPEL maintainer and Red Hat engineer, to go behind the scenes on what EPEL actually is, how the work gets done, and what the future holds with the EPEL 10 proposal.\nFedora Podcast \u0026middot; Episode 26 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nEPEL exists to extend enterprise Linux with community packages. Carl framed it as filling the gaps around RHEL, and hearing it from a maintainer made clear how much careful work sits behind that \u0026ldquo;just enable the repo\u0026rdquo; convenience. The EPEL 10 proposal was the meat of our conversation. We spent real time on what\u0026rsquo;s changing and why, which is worth understanding before it lands if you run anything downstream of Fedora. Contributing is more accessible than people think. Carl laid out how to get involved, and the on-ramp is friendlier than the \u0026ldquo;enterprise\u0026rdquo; label might suggest. If you run RHEL or any of its rebuilds, this is the origin story of a repo you probably already rely on.\n","date":"21 June 2023","permalink":"https://itguyeric.com/blog/fedora-ep26-epel/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 26, where Carl George took us behind the scenes of EPEL and where it\u0026rsquo;s headed with EPEL 10. Watch or listen right here.","title":"EPEL Uncovered | Fedora Podcast Ep. 26"},{"content":"Standardizing on a golden image is one of the highest-leverage things you can do. This episode covers managing them.\nInto the Terminal \u0026middot; Episode 71 Open the full episode page \u0026rarr; What this episode covers:\nBuilding consistent images with Image Builder. Versioning and updating the golden image over time. Why \u0026lsquo;build once, deploy many\u0026rsquo; beats hand-configured hosts. Watch the full walkthrough above.\n","date":"16 June 2023","permalink":"https://itguyeric.com/blog/into-the-terminal-ep71-golden-images/","section":"Blog","summary":"Building consistent images with Image Builder.","title":"Managing Golden Images | Into the Terminal 71"},{"content":"A practical, real-world take on RHEL for Edge with the folks at OnLogic, who build the rugged hardware these edge deployments actually run on.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 59 Open the full episode page \u0026rarr; Watch the full episode above.\n","date":"14 June 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep59-rhel-edge-onlogic/","section":"Blog","summary":"RHEL Presents 59 with OnLogic on RHEL for Edge in the field.","title":"RHEL for Edge with OnLogic | RHEL Presents Ep. 59"},{"content":"As a seasoned Linux admin, I can tell you that managing different environments across disparate systems and major versions just leads to a mess. Add cloud providers into the picture, where anyone with a corporate card can spin up whatever they want, and it becomes a nightmare. In this short piece I make the case for standardizing on Red Hat Enterprise Linux to bring order to that chaos.\nA few things worth carrying away from this one:\nSprawl is a tax you\u0026rsquo;re already paying. When your public cloud, private cloud, bare metal, and VMs are all a little different, every task gets harder. Standardizing on one platform gets that time back. Resources aren\u0026rsquo;t infinite. We\u0026rsquo;re all asked to do more with less. Consistency across the fleet is what makes automation, collaboration, and a lower total cost of operations actually possible. RHEL doesn\u0026rsquo;t stand alone. Tools like Red Hat Insights, Satellite, and Ansible Automation Platform sit on top of that standard platform to monitor, manage, and automate the whole thing. If you want to conquer distribution sprawl and take control of your infrastructure, standardizing is where it starts.\n","date":"14 June 2023","permalink":"https://itguyeric.com/blog/rhel-why-standardize/","section":"Blog","summary":"A short take on why standardizing on Red Hat Enterprise Linux tames the sprawl of mismatched systems across clouds, VMs, and bare metal.","title":"Why Should I Standardize on RHEL?"},{"content":"Fedora\u0026rsquo;s website got a big, sleek overhaul with Websites 3.0, and the story of how it came together is a great example of open source design in practice. In this episode I talked with Ashlyn Knox and Máirín Duffy about the redesign, the challenges they hit along the way, and how a distributed community of designers and developers actually shipped it.\nFedora Podcast \u0026middot; Episode 25 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nA community redesign is a coordination problem as much as a design one. Ashlyn and Máirín were candid about the messy parts of pulling many volunteers toward one cohesive look, which is the real work behind that polished result. Doing design in the open changes how decisions get made. We talked through how transparency and community input shaped the choices, rather than a redesign handed down from a closed room. There\u0026rsquo;s still road ahead, and room to help. The team walked through what was still to come and how to get involved, so this isn\u0026rsquo;t a finished monument so much as an ongoing project you can join. If you care about how open source projects present themselves to the world, give this a listen.\n","date":"7 June 2023","permalink":"https://itguyeric.com/blog/fedora-ep25-website/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 25, where we dug into the Fedora website redesign and how the community collaborated to ship it. Watch or listen right here.","title":"The Fedora Website Redesign | Fedora Podcast Ep. 25"},{"content":"Mike McGrath, who leads RHEL, joins for a wide-ranging conversation about Linux engineering, the platform\u0026rsquo;s direction, and the thinking behind recent decisions.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 58 Open the full episode page \u0026rarr; Watch the full episode above.\n","date":"17 May 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep58-mike-mcgrath-linux-engineering/","section":"Blog","summary":"RHEL Presents 58 with Red Hat\u0026rsquo;s Mike McGrath on Linux engineering.","title":"Mike McGrath and Linux Engineering | RHEL Presents Ep. 58"},{"content":"This one is a little different. Instead of our usual RHEL Presents livestream, I took a more webinar-style approach to cover what\u0026rsquo;s new in RHEL 9.2 and 8.8, and to spend a few minutes on where Red Hat Enterprise Linux is headed as a platform. Fair warning: it was a rough morning for my voice.\nA few things worth carrying away from this one:\nWe actually have a mission now. I talk about how a 21-year-old product finally wrote down its mission last year: RHEL is your source for safe and reliable Linux innovation that makes your workload successful. That last phrase is the point for me, we aren\u0026rsquo;t successful unless the things you run on top of RHEL are. This isn\u0026rsquo;t your grandfather\u0026rsquo;s enterprise Linux. I push back on the reputation RHEL has for being slow and crusty, and talk about being able to choose your own speed, taking that throttle and setting it where you need it. Innovation starts with how you build. I lean on tools like Image Builder and Ansible system roles as the way you stand up infrastructure from scratch, and treat RHEL as a genuine development platform rather than just something you install and forget. If you want the hands-on goodness, it\u0026rsquo;s in the back half of the video. The top is me making the case for why any of this matters.\n","date":"16 May 2023","permalink":"https://itguyeric.com/blog/whats-new-rhel-9/","section":"Blog","summary":"A webinar walkthrough of what\u0026rsquo;s new in RHEL 9.2 and 8.8, and the direction of the platform.","title":"What's New in Red Hat Enterprise Linux 9.2 and 8.8"},{"content":"A new Fedora Linux release is always worth celebrating, and Fedora 38 shipped with GNOME 44, security improvements, and more. In this episode I sat down with Matthew Miller, the Fedora Project Leader, to unwrap what\u0026rsquo;s new in 38 and get into how the whole thing actually comes together. It\u0026rsquo;s also my proper introduction as one of the new hosts of the show.\nFedora Podcast \u0026middot; Episode 24 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nFedora 38 is more than a GNOME 44 bump. Matthew walked me through the under-the-hood changes alongside the desktop refresh, so the release feels like real progress rather than a version-number tick. The release cadence is a feature, not an accident. We got into why Fedora\u0026rsquo;s twice-a-year rhythm exists and how it keeps the distro fresh without turning every upgrade into a gamble. New spins keep widening who Fedora is for. Matthew and I talked through the expanding lineup of spins, which is a reminder that \u0026ldquo;Fedora\u0026rdquo; is really a family of experiences, not one fixed desktop. If you upgraded to 38 or you\u0026rsquo;re just Fedora-curious, this one\u0026rsquo;s a good listen.\n","date":"9 May 2023","permalink":"https://itguyeric.com/blog/fedora-ep24-fedora-38/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 24, where I sat down with Matthew Miller to unwrap Fedora Linux 38. Watch or listen right here.","title":"Fedora Linux 38 Unwrapped | Fedora Podcast Ep. 24"},{"content":"It had been a while since the Fedora Podcast crew last got together, so this episode is very much a fresh start. In episode 23 I sat down with Joseph Gayoso to reboot the show, kick off the new video edition, introduce the hosts, and talk through the events and topics we had lined up. Think of it as the \u0026ldquo;here\u0026rsquo;s where we\u0026rsquo;re headed\u0026rdquo; episode.\nFedora Podcast \u0026middot; Episode 23 Open the full episode page \u0026rarr; A few things worth carrying away from the conversation:\nThis is the podcast reborn as a video show, not just an audio feed. I wanted to bring the community more into the room with us, so the relaunch leans into a format where you can watch the conversations, not only listen to them. Getting involved with Fedora is the through-line for what\u0026rsquo;s coming. We spent real time on how newcomers can plug in, from the F38 elections to just introducing yourself in the community channels, because the show works best when it points people toward participating. We laid out the vision for where the podcast goes from here. I shared what kinds of guests and deep dives I want to chase, so this episode doubles as a roadmap for the season ahead. If you want to know what this rebooted show is about, start here.\n","date":"26 April 2023","permalink":"https://itguyeric.com/blog/fedora-ep23-rebooted/","section":"Blog","summary":"A quick companion to Fedora Podcast episode 23, where we relaunched the show, introduced the new hosts, and talked about what\u0026rsquo;s coming next. Watch or listen right here.","title":"The Fedora Podcast Rebooted | Fedora Podcast Ep. 23"},{"content":"Podman Desktop brings a friendly graphical UI to container work, without giving up the daemonless, rootless Podman approach underneath.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 56 Open the full episode page \u0026rarr; What this episode covers:\nA GUI for building, running, and inspecting containers and pods. A drop-in path for people coming from other container desktops. Keeping the rootless, daemonless Podman model under the hood. Watch the full episode above.\n","date":"19 April 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep56-podman-desktop/","section":"Blog","summary":"RHEL Presents 56 on Podman Desktop.","title":"Podman Desktop | RHEL Presents Ep. 56"},{"content":"Insights is best known for advisories, but it also has a malware detection service. This episode covers scanning your fleet for known threats.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 55 Open the full episode page \u0026rarr; What this episode covers:\nRunning YARA-based malware scans across registered RHEL systems. Surfacing findings centrally in the Insights dashboard. Where this fits alongside advisories, compliance, and drift. Watch the full episode above.\n","date":"5 April 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep55-malware-detection-insights/","section":"Blog","summary":"RHEL Presents 55 on Insights malware detection.","title":"Malware Detection with Red Hat Insights | RHEL Presents Ep. 55"},{"content":"Back in 2023 I wrote this one for the Red Hat blog, with the CentOS Linux 7 and RHEL 7 end-of-life date — June 30, 2024 — bearing down on a lot of people. The whole point was to talk anyone staring at that deadline off the ledge: you don\u0026rsquo;t need a full infrastructure overhaul to get to a supported place.\nOriginally published on Red Hat Read the full article \u0026rarr; A few things I wanted people to walk away with:\nIt\u0026rsquo;s a supported, two-phase move, not a rebuild. Convert2RHEL gets you from CentOS Linux onto RHEL in place, and then Leapp handles the in-place upgrade to RHEL 8 — no new hardware, no re-installing everything from scratch. In-place beats rip-and-replace for most shops. All the configuration, home directories, and packages you\u0026rsquo;ve accumulated come along for the ride, and both the conversion and the resulting system are Red Hat-supported — so if something breaks, you can actually open a ticket. The real message was \u0026ldquo;start now.\u0026rdquo; June 2024 felt far off in 2023, but the sysadmin in me knew it wouldn\u0026rsquo;t be. Give yourself runway instead of scrambling at the deadline. If you\u0026rsquo;re still sitting on CentOS 7 somewhere, the playbook in the full post still maps cleanly onto later EOL migrations.\n","date":"4 April 2023","permalink":"https://itguyeric.com/blog/redhat-fastest-road-centos-rhel/","section":"Blog","summary":"I wrote this for the Red Hat blog: the fastest supported way off CentOS Linux 7 before its June 2024 end of life, without a rip-and-replace.","title":"Fastest Road From CentOS Linux to RHEL"},{"content":"For security and compliance you need a trustworthy record of events. This episode covers Linux auditing.\nInto the Terminal \u0026middot; Episode 64 Open the full episode page \u0026rarr; What this episode covers:\nConfiguring auditd and writing audit rules. Searching events with ausearch and aureport. Meeting compliance requirements with a real audit trail. Watch the full walkthrough above.\n","date":"31 March 2023","permalink":"https://itguyeric.com/blog/into-the-terminal-ep64-system-auditing/","section":"Blog","summary":"Configuring \u003ccode\u003eauditd\u003c/code\u003e and writing audit rules.","title":"Security: System Auditing | Into the Terminal 64"},{"content":"This one is about community — specifically Enable Sysadmin, and the surprising career value of writing up what you have learned for other admins.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 54 Open the full episode page \u0026rarr; Watch the full episode above.\n","date":"22 March 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep54-enable-sysadmin-community/","section":"Blog","summary":"RHEL Presents 54 on the Enable Sysadmin community.","title":"Enable SysAdmin Community | RHEL Presents Ep. 54"},{"content":"In [How I built a homelab with Red Hat Enterprise Linux (RHEL)](https://www.redhat.com/sysadmin/linux-homelab-rhel), I laid out my plans for revamping my home lab using as many Red Hat Enterprise Linux (RHEL) and Red Hat-adjacent tools as I could get my hands on.\nMy goals are:\nLearn the processes. Teach others some systems administration good practices. Automate my homelab as much as possible. The first article covered my goals and the process for building a new \u0026ldquo;non-production\u0026rdquo; RHEL 9 virtual machine to act as a jump server and collection point for different configuration files, scripts, and the like.\nI built a basic server and added only a few tools, such as the web console and Image Builder. In this article, I will focus on building a customized template that:\nI can deploy repeatedly. I can automate its upkeep. What is Image Builder? #The short version is that Image Builder is the intended future installation experience for RHEL. Image Builder is not a product but a feature within the distribution.\nWith Image Builder, administrators can deploy different RHEL versions on different platforms (hardware, virtual, cloud) with different configurations. There are three ways to interact with Image Builder:\nA web service through the Red Hat Console A web-UI-based tool A command line-based tool Build the first image #A vanilla image should be enough to get started. This image undoubtedly will be one of many I create throughout this project. I\u0026rsquo;m starting with the web console (Cockpit) Image Builder application to get the ball rolling. The URL to connect to it is: https://{hostname}:9090/composer.\nIf you don\u0026rsquo;t have Image Builder installed yet, you can install it with DNF:\n## dnf install -y cockpit-composer.noarch Then enable the socket to start automatically:\n## systemctl enable --now osbuild-composer.socket Now you can access Image Builder using the web console:\nUse the Create blueprint wizard to define what the initial image should look like. Start by giving the image a helpful name and description:\nThe next step is to decide what output format the image should be. Since my bare-metal server will be a hypervisor for my rebuilt lab, a QEMU-based qcow2 image makes the most sense; your environment may dictate differently.\nThe first step in the wizard also asks what the Image Size should be. The default and minimum are 2GB. For now, this should be fine.\nI\u0026rsquo;ll move on to customizations. The next screen shows the option to pick a hostname. I will leave this blank and assign a hostname later when I deploy these images.\nNext, define a user. I will create a service account named ansible so that I can easily deploy system roles across a small test environment (as I\u0026rsquo;ll do in the next article in this series).\nDon\u0026rsquo;t forget to assign a password and create an SSH key. Adding a key here provides everything needed to use the ansible account across the fleet. Also, check the Server administrator box to add the ansible account to the wheel group.\nNext, I\u0026rsquo;ll add a few packages I want across my fleet. Again, your choices here may vary. I\u0026rsquo;ve only added a couple for now, such as tmux and vim-enhanced.\nFinally, review the configuration and save the blueprint.\nCreate an image #You just created a blueprint for a RHEL 9 virtual machine (VM). Think of this as a recipe for a meal you will prepare. It\u0026rsquo;s time to try it.\nEither from the wizard you just walked through or from the main page of the Image Builder app, select Create image to begin the build process.\nIn the background, Image Builder pulls all the relevant packages from the Red Hat Content Delivery Network (CDN), defines the filesystem layout, and builds the boot image.\nDepending on your hardware and internet connection, this process takes a few minutes. But when the image is complete, you won\u0026rsquo;t immediately have to go in and update all your packages.\nOnce the image finishes, you can use the qcow2 artifact to build the first test client machine. The easiest way is to use your browser\u0026rsquo;s Download functionality to grab the qcow2 file and upload it to your test environment.\nHowever, I want to make additional changes to my image before deploying it.\nAdd features to the vanilla image #I want to ensure I have a well-defined image before deploying it repeatedly. To do this, I will switch tools.\nThe local, web-based Image Builder tends to be the slowest to get new features due to its ties to the RHEL release development process. It currently lacks a built-in mechanism for updating templates regularly. Remember, the goal for this lab is to operate as hands-off as possible.\nI\u0026rsquo;ll use SSH to connect to the jump server for this step. I don\u0026rsquo;t plan on this jump server living a long life, so I don\u0026rsquo;t have to worry about creating a user account or importing any of the preferences. This approach is not advisable for production or long-lived servers, but I\u0026rsquo;ll fix this later with the golden image.\nI pulled some knowledge from a couple of different tools for this next part:\nA self-paced lab The Composer documentation (In this industry, it is often not what you know, but whether you know how and where to find the knowledge you need.)\nNext, install the tools:\n## composer-cli blueprints list rhel-base ## composer-cli blueprints save rhel-base ## vim rhel-base.toml name = \u0026#34;rhel-base\u0026#34; description = \u0026#34;Vanilla RHEL 9.x\u0026#34; version = \u0026#34;0.0.2\u0026#34; modules = [] groups = [] distro = \u0026#34;\u0026#34; [[packages]] name = \u0026#34;tmux\u0026#34; version = \u0026#34;*\u0026#34; [[packages]] name = \u0026#34;vim-enhanced\u0026#34; version = \u0026#34;*\u0026#34; [customizations] [[customizations.user]] name = \u0026#34;ansible\u0026#34; description = \u0026#34;Ansible Service Account\u0026#34; password = \u0026#34; \u0026lt;redacted\u0026gt; \u0026#34; key = \u0026#34; \u0026lt;redacted\u0026gt; \u0026#34; groups = [\u0026#34;wheel\u0026#34;] Make a few additions:\nname = \u0026#34;rhel-base\u0026#34; description = \u0026#34;Vanilla RHEL 9.x\u0026#34; version = \u0026#34;0.0.2\u0026#34; modules = [] groups = [] distro = \u0026#34;\u0026#34; [[packages]] name = \u0026#34;tmux\u0026#34; version = \u0026#34;*\u0026#34; [[packages]] name = \u0026#34;vim-enhanced\u0026#34; version = \u0026#34;*\u0026#34; [[packages]] name = \u0026#34;cockpit\u0026#34; version = \u0026#34;*\u0026#34; [customizations] [[customizations.filesystem]] mountpoint = \u0026#34;/var/log\u0026#34; size = \u0026#34;4 GiB\u0026#34; [customizations.services] enabled = [\u0026#34;cockpit\u0026#34;] [[customizations.user]] name = \u0026#34;ansible\u0026#34; description = \u0026#34;Ansible Service Account\u0026#34; password = \u0026lt;redacted\u0026gt; \u0026#34; key = \u0026#34; \u0026lt;redacted\u0026gt; \u0026#34; groups = [\u0026#34;wheel\u0026#34;] I added stanzas for Cockpit (the web console) and an enabled services section to ensure the web console starts on boot.\nYou can add a 4GB filesystem for /var/log. (You can always add more later.)\nFinally, add a user description for the Ansible service account. You can also check the documentation for additional customization ideas.\nFor now, though, import the modified blueprint and execute a build:\n## composer-cli blueprints push rhel-base.toml ## composer-cli compose start rhel-base qcow2 Compose bb259a2e-cbd6-4fe9-99bf-3a9b28e2cbcf added to the queue You can keep an eye on the build by running the status command:\n## composer-cli compose status bb259a2e-cbd6-4fe9-99bf-3a9b28e2cbcf RUNNING Mon Feb 20 15:50:14 2023 rhel-base 0.0.3 qcow2 209cfd00-a57b-4458-8de0-df0942e2cc65 FINISHED Mon Feb 20 15:05:26 2023 rhel-base 0.0.1 qcow2 2147483648 Once done, the build will show a FINISHED status like when the job kicked off from the web console earlier. I\u0026rsquo;ll hold onto the finished qcow2 image for the next article.\nAutomate future builds #Now I have a good image I can duplicate to build and test what will eventually become my golden image. This planned image will have as many of the latest updates as possible, the preferred packages, user data, and filesystems.\nFrom there, I\u0026rsquo;ll be able to add more layers of packages and configurations to the base image to build out the different services I\u0026rsquo;ll be hosting in the lab.\nHowever, I don\u0026rsquo;t want to worry about creating a new image manually. As the tool evolves, there will be better options for this, but for today, I plan on using systemd timer to build an updated image on a scheduled basis.\nI\u0026rsquo;m adding a systemd timer to trigger a rebuild every Sunday night. (Did you know about creating your own systemd timers? I didn\u0026rsquo;t! I found the article Use systemd timers instead of cronjobs during my research!)\nFirst, you need to create a systemd service to call the composer command:\n## vim /etc/systemd/system/composerBuild.service [Unit] Description=Rebuilds a vanilla RHEL template through image builder Wants=composerBuild.timer [Service] Type=oneshot ExecStart=/bin/composer-cli compose start rhel-base qcow2 [Install] WantedBy=multi-user.target Second, create a systemd timer to call the service:\n## vim /etc/systemd/system/composerBuild.timer [Unit] Description=Timer to rebuild vanilla RHEL template using image builder Requires=composerBuild.service [Timer] Unit=composerBuild.service OnCalendar=Sun [Install] WantedBy=timers.target ## systemctl enable composerBuild.timer As a paranoid sysadmin, I want to verify that the timer is working:\n## systemctl status *timer … output truncated … ● composerBuild.timer - Timer to rebuild vanilla RHEL template using image builder Loaded: loaded (/etc/systemd/system/composerBuild.timer; enabled; vendor preset: disabled) Active: active (waiting) since Thu 2023-02-23 12:04:13 CST; 2min 14s ago Until: Thu 2023-02-23 12:04:13 CST; 2min 14s ago Trigger: Sun 2023-02-26 00:00:00 CST; 2 days left Triggers: ● composerBuild.service Keep in mind this is a \u0026ldquo;quick-and-dirty\u0026rdquo; approach. As I add tools like Ansible Automation Platform and Red Hat Satellite, I\u0026rsquo;ll have better options for automating the process of providing up-to-date templates to deploy.\nWrap up #I covered a lot of ground in this article. I am enjoying the process and looking forward to seeing what the lab looks like on the other side of this series!\nHere, I talked about the ideas of a golden image and took steps toward building the first couple of client systems that I\u0026rsquo;ll use in the next article.\nNext time, I will take the test systems and add RHEL system roles to the golden image. System roles are a codified method of configuring Linux subsystems such as firewalls and SSH using ansible-core and deploying these configurations at scale.\nIf you follow this series, I would love to connect with you. You can easily find me online.\nThis article originally appeared on the Enable SysAdmin blog.\n","date":"20 March 2023","permalink":"https://itguyeric.com/blog/build-a-golden-image-for-your-rhel-homelab-with-image-builder/","section":"Blog","summary":"In How I built a homelab with Red Hat Enterprise Linux (RHEL), I laid out my plans for revamping my home lab using as many Red Hat Enterprise Linux (RHEL) and Red Hat-adjacent tools as I could get my…","title":"Build a golden image for your RHEL homelab with Image Builder"},{"content":"Good sudo config is the difference between least privilege and everyone-is-root. This episode gets it right.\nInto the Terminal \u0026middot; Episode 62 Open the full episode page \u0026rarr; What this episode covers:\nWriting safe rules with visudo and sudoers.d. Scoping access by user, group, and command. Auditing who can do what, and logging when they do. Watch the full walkthrough above.\n","date":"17 March 2023","permalink":"https://itguyeric.com/blog/into-the-terminal-ep62-sudo-access/","section":"Blog","summary":"Writing safe rules with \u003ccode\u003evisudo\u003c/code\u003e and \u003ccode\u003esudoers.d\u003c/code\u003e.","title":"Security: Configuring Sudo Access | Into the Terminal 62"},{"content":"In 5 changes to help grow your IT career, I discussed establishing a learning mindset and forming daily habits to build your mental muscles. Learning will help you grow as a person (and hopefully as an employee), but work is not the extent of our existence.\nPeople need people—in technology as much as anywhere else. So, how do you take your daily learning habits and use them to help others? I have a few thoughts on the topic. (I know. That likely won\u0026rsquo;t surprise anyone who knows me.)\n1. Share your knowledge in the workplace #You can probably relate to this: When I was only a few years into my Linux career, I took a contract working for a company that had seen many turnovers in the preceding years.\nThe infrastructure was understandably behind in terms of refreshes and security patches. In and of itself, that would be a difficult task to overcome. However, that wasn\u0026rsquo;t the worst of it.\nSeveral generations of systems administrators came and went after the original architecture was developed and implemented. I\u0026rsquo;m sure you can guess what comes next: Their documentation was… lacking. The original sysadmin was also a huge fan of scripting, custom compiling applications, and finding ways to over-engineer solutions.\nHoarding knowledge doesn\u0026rsquo;t make you a better operations person, nor does it keep your job more secure. Sharing information and ideas is essential to a healthy organization.\nEven if you are a one-person IT shop, do you think you can remember every facet of every decision you make? For that matter, do you remember what you ate for breakfast yesterday?\nHow do you overcome this problem? Start an internal wiki, a Git repo, or at the very least, a text document on a shared drive.\nYes, that\u0026rsquo;s a lot of work, but take it from a recovering sysadmin; it\u0026rsquo;s worth it. Start with one process or one application at a time. Set a goal each week to add a little more. You\u0026rsquo;ll be amazed at how much knowledge you accumulate over a month.\n2. Contribute to a publication #Guess what? Enable Sysadmin articles aren\u0026rsquo;t written by a highly trained team of bloggers who sit around a table at an undisclosed location and make this fantastic content. A small core team manages the site, reviews the content, and makes suggestions. The real heart of Enable Sysadmin is the community of dozens of volunteers who have a passion for a topic and write about it. (Yeah, I am not getting paid to write this blog. I am just passionate about growing and seeing others grow as well.)\n3. Join a community #Some of my best ideas come in the wake of a conference or a meetup where I sit around a dinner table for hours chatting with fellow nerds and techies.\nInevitably, we talk about a problem one of us is facing, and someone else has a solution. I am just a person who loves writing and telling stories. However, I couldn\u0026rsquo;t grow without the help of those more competent individuals around me. (Yes, it\u0026rsquo;s usually me trying to do something dumb in my home lab and someone else bailing me out.)\nLook online. Look in your city. There are meetups and communities for just about every conceivable interest. Some of my favorites are DevOps Days or Linux user groups (LUGs).\nCan\u0026rsquo;t find one? Start a community! It\u0026rsquo;s not as complicated as it seems. Find a place to meet, pick a time, find something to talk about for 15 minutes, and invite your friends and or coworkers.\n4. Volunteer #Many charitable organizations need help. Find an organization that focuses on an issue you care about and email them or call their office. Tell them what you have to offer and see what happens.\nNot only can you make a real difference in your community, but you can also sharpen your skills in the process. (Yeah, that also looks good on a resume.)\n5. Be a mentor #If you\u0026rsquo;ve been in IT for a few years, find someone new to the field and take them under your wing. If you are new to IT, find someone doing something you find interesting and introduce yourself.\nTalk to your mentee. Form a relationship. Get to know their interests and their drives. You have more to say than you think you do. I owe much of my career to having trusted relationships around me, guiding me.\nMany companies (Red Hat is one of them) have mentorship programs where you are matched with someone you can lead—or who can lead you—in a particular career path or technology.\nWrapping up #I am writing this on an international flight home from Tech Exchange, an internal Red Hat conference where technologists meet to learn about our product portfolio, grow their skills, and get to know one another. I got the chance to speak about many of the resources that the Red Hat Enterprise Linux (RHEL) technical team produces.\nDuring one of the team dinners, a solutions architect came up to thank me for the work I was doing. Content I produced made an impact on his career. He felt more confident as a technologist and as a Red Hatter.\nThat moment was humbling to me. It wasn\u0026rsquo;t but a few years ago that I was on the other end of that conversation, where I was guided into my current career path by friends and co-workers. Busy and intelligent people saw more for me than I saw for myself.\nStep out of your comfort zone. Make some human connections with people. The impact you have on them will also impact you.\nThis article was originally published on the Enable SysAdmin blog.\n","date":"3 March 2023","permalink":"https://itguyeric.com/blog/5-ways-to-make-an-impact-on-your-it-community/","section":"Blog","summary":"In 5 changes to help grow your IT career, I discussed establishing a learning mindset and forming daily habits to build your mental muscles. Learning will help you grow as a person (and hopefully as…","title":"5 ways to make an impact on your IT community"},{"content":"When a big CVE drops, speed and accuracy matter. This episode covers responding on RHEL.\nInto the Terminal \u0026middot; Episode 60 Open the full episode page \u0026rarr; What this episode covers:\nAssessing whether a CVE actually affects your systems. Remediating with patches or documented mitigations. Using Insights vulnerability data to prioritize. Watch the full walkthrough above.\n","date":"3 March 2023","permalink":"https://itguyeric.com/blog/into-the-terminal-ep60-cve-mitigation/","section":"Blog","summary":"Assessing whether a CVE actually affects your systems.","title":"Security: CVE Mitigation | Into the Terminal 60"},{"content":"Change is an intentional, methodical process. You don\u0026rsquo;t need to wait for a specific date, like New Year\u0026rsquo;s Day, to resolve to change something—you just need to make a list, and start making small changes today.\nTo do so, make a minor change, stick to it, then make another change. This builds momentum, and you can make even more changes. If you start making slow, intentional changes to your career now, when you look at 2023 in the rear view mirror, you\u0026rsquo;ll be amazed at how far you\u0026rsquo;ve come.\nDisclaimer: I have been a Red Hat Enterprise Linux (RHEL)-focused sysadmin for most of my career, and I currently work for Red Hat. So there will undoubtedly be some bias on my list; even so, I am confident that the information below will be applicable no matter where you find yourself.\n1. Broaden your horizons #As I mentioned above, start small. Make a simple change and stick with it.\nDownload an RSS reader (something like Inoreader or Newsify) Find some blogs that cover topics you find interesting One part of my daily routine is skimming the headlines of several news sites. This keeps me in the loop of what is happening in the technology industry. A few examples are Ars Technica, Opensource.com, and the New Stack.\nI also review product and technical blogs. As a Red Hat-focused Linux sysadmin, I follow the Red Hat blog, especially the RHEL channel, and Enable Sysadmin.\nWhile news sites help me keep up with the tech industry, these more technical sources help me learn about new releases or new skills.\nTry to read a little bit each day. Do that for a week or so and try not to miss a day. This will help you build up your learning muscles and form a daily learning habit.\n2. Learn a new task or feature #You are learning a little bit each day. Bite off a little more! Tech folks usually learn by doing, and luckily, there are tons of tools to help you learn how to do new things. The better news is a lot of them don\u0026rsquo;t cost a thing!\nOne of the best examples is the new Red Hat self-paced lab experience. This site provides dozens of labs you can spin up on demand for RHEL, Red Hat OpenShift, and Ansible.\nFor each technology, you\u0026rsquo;ll find everything from beginner labs to more complex labs. New to Linux? Learn how to create a new user. Want to install Red Hat Ansible Automation Platform? There\u0026rsquo;s a lab for that too.\nThese labs include instructions, links to additional resources, and a live terminal to try tasks out without needing a cloud subscription or homelab. They typically are self-contained and last 10 to 15 minutes. If you have a 60- or even a 30-minute lunch break, take 15 minutes and learn something new while you eat!\n3. Take a class #Once you\u0026rsquo;ve made the first two skills part of your regular routine, I suggest it\u0026rsquo;s time to try something even crazier: Take a class.\nIt doesn\u0026rsquo;t have to be at a college or technical school. Plenty of online academies provide courses in topics across all platforms and disciplines.\nNot sure where to start? Red Hat provides its Red Hat Enterprise Linux Technical Overview class at no charge. (See the disclaimer above regarding my admitted bias towards Red Hat.) Learn the basics of Linux and find out what learning is like within the Red Hat ecosystem.\n4. Teach others #One of the best ways to really learn a concept is to teach it to someone else.\nTake it from my experience; I didn\u0026rsquo;t realize how limited my knowledge and expertise were until I started podcasting about technology. Even now, years into my life as \u0026ldquo;The IT Guy,\u0026rdquo; I still learn something new almost every episode.\nThis is one of the more complex methods to implement. You could teach your kids about Linux and open source. Minecraft has a fantastic community around it to introduce coding concepts.\nJoin a Linux user group (LUG) or meetup; they often take turns sharing different topics and concepts with the group. (In fact, LUGs should probably be a point of their own.) Today, user groups exist in both physical and virtual formats.\n5. Get certified #Many people find careers in technology because it keeps them close to the interests and hobbies we formed earlier in life. Others come to IT as a means of earning an income. Regardless of what brought you to technology, it helps to have a way to show others how much you\u0026rsquo;ve learned.\nThat is where certification comes into play. Now, I have to admit another bias here (although this one predates my time at Red Hat by at least a decade). Many certifications are multiple choice exams. When it comes to practical knowledge, they aren\u0026rsquo;t always a fair assessment of your skills. For hands-on tasks, a hands-on exam is the best way to go.\nThe Red Hat exams provide a lab system, a set of instructions, and a timer. You get so many hours to complete a series of tasks. They come in various difficulties and disciplines, such as Red Hat Certified Systems Administrator (RHCSA), Red Hat Certified Engineer (RHCE), and Red Hat Certified Architect (RHCA).\nWrapping up #You\u0026rsquo;re probably thinking, \u0026ldquo;Eric, what about?\u0026rdquo; or \u0026ldquo;Did you forget?\u0026rdquo; These are just a few ideas to get you started. I also wanted to focus on an aspect of these steps without overloading you with ideas while trying to establish a habit of learning.\nFocus on one of these items at a time. Make them a habit. Add the next item to the list. See how that goes. When you look back on this process a year from now, I am confident you will be shocked at how far you\u0026rsquo;ve come.\nI believe in you. If you are reading this article, you\u0026rsquo;ve already taken the most challenging step: You\u0026rsquo;ve admitted something needs to change. Keep at it; if you ever need any encouragement, my virtual door is always open.\nIn my next article, I\u0026rsquo;ll cover a related subject: making an impact. One of the most significant ways we learn is by teaching others, but we grow as human beings in community. This article focused inward, my next will focus outward and discuss how to impact, connect, and help others in their journey.\nThis article was orginally published on the Enable SysAdmin blog.\n","date":"24 February 2023","permalink":"https://itguyeric.com/blog/5-changes-to-help-grow-your-it-career/","section":"Blog","summary":"Change is an intentional, methodical process. You don\u0026rsquo;t need to wait for a specific date, like New Year\u0026rsquo;s Day, to resolve to change something—you just need to make a list, and start making small…","title":"5 changes to help grow your IT career"},{"content":"The edge is unforgiving: no admin on site, flaky networks, and no room for a broken update. This episode covers RHEL for Edge.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 52 Open the full episode page \u0026rarr; What this episode covers:\nImage-based (rpm-ostree) deployments with transactional updates. Automatic rollback when an update goes wrong. Managing many remote sites you cannot physically touch. Watch the full episode above.\n","date":"22 February 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep52-rhel-at-the-edge/","section":"Blog","summary":"RHEL Presents 52 on RHEL for Edge.","title":"RHEL at the Edge | RHEL Presents Ep. 52"},{"content":"There is a gap between making it work and making it enterprise-ready. This episode is about closing it.\nInto the Terminal \u0026middot; Episode 59 Open the full episode page \u0026rarr; What this episode covers:\nConsistency, documentation, and repeatability as habits. Automation and standardization over one-off fixes. Thinking about support, lifecycle, and the next admin. Watch the full walkthrough above.\n","date":"17 February 2023","permalink":"https://itguyeric.com/blog/into-the-terminal-ep59-enterprise-up/","section":"Blog","summary":"Consistency, documentation, and repeatability as habits.","title":"Enterprise Up | Into the Terminal 59"},{"content":"As a recovering sysadmin, the last thing I want is to end up being technical support at home. I often tell people that I wish I had the tools available in Red Hat Enterprise Linux (RHEL) now when I was a fresh Linux sysadmin.\nSo I\u0026rsquo;ve set a challenge for myself: to implement some of the best practices in our industry using only Red Hat or Red Hat \u0026ldquo;adjacent\u0026rdquo; tools, whether upstream or partner software.\nMy goals here are simple: I want to build out a homelab that:\nAllows me to spin up virtual machines (VMs) in an unattended fashion Provides demo-ready RHEL systems for topics I cover regularly (for example, in-place upgrades, Image Builder, and more) Is capable of self-healing my home \u0026ldquo;production\u0026rdquo; services (including Plex, Valheim, and Home Assistant) I hope this series will help you either with your homelabs or think differently about how you administer your employer\u0026rsquo;s infrastructure.\nMy old homelab setup #Currently, I have a single-node server running RHEL 9.1. Eventually, I need to rebuild this server from scratch. It\u0026rsquo;s packed with several TB of storage, 24 cores, and 128GB of RAM.\nI have several RHEL virtual machines that I set up for demos I do at conferences, webinars, and live streams. These include a Convert2RHEL demo, in-place upgrades, and a sandbox system. I also have several Podman pods running that constitute my \u0026ldquo;production\u0026rdquo; services: Home Assistant, WordPress, Minecraft, and others.\nI make copies of the qcow2 files for my VMs. My container pods are running as root. I have no offsite backups. The ol\u0026rsquo; sysadmin inside me screams when I think about how inefficient this is.\nBuilding my new homelab #Now, I\u0026rsquo;ve got some objectives; I have a plan (sort of). It is time to get started.\nMy existing server host needs to remain in place until I\u0026rsquo;m confident I can rebuild the services (and their applicable data) in an automated fashion. This bodes well for the project because I can build out the \u0026ldquo;next generation\u0026rdquo; of servers in isolation before introducing it into production.\nIn all the environments I worked in, I tended to build a jump or utility server to store all my tools and act as a single point to administer the rest of my environment. That is where I am going to start.\nSince this utility server will be temporary, I want the quickest route to the live system. For me, that\u0026rsquo;s using the web console (the downstream of Cockpit) with the VM tool and a RHEL 9.1 ISO.\nI\u0026rsquo;ll select Create VM. Luckily, the web console makes it incredibly easy to spin up a new VM: Fill out a few fields and wait.\nWhat\u0026rsquo;s with the hostname, itg-stg-jump? Well, old habits die hard. Back in the day, I worked for a company that had servers in multiple datacenters. So the first stanza (itg) is the location. In this case, my homelab: the IT Guy. The second stanza (stg) is the environment, in this case Stage. Finally, the last stanza (jump) is the application it is running.\nIf you are wondering, yes, I took all the defaults and the simplest configuration possible. There is no fancy filesystem layout or security profile. I will add all that to later iterations of my golden image.\nWhile the system is booting up, I am going to go ahead and mark this VM to start on boot.\nBingo, I have a jump server ready for use. I am going to go ahead and install any available updates, install Git and Vim, and enable the web console.\n## sudo dnf clean all \u0026amp;\u0026amp; sudo dnf update -y ## sudo dnf autoremove -y ## sudo dnf install -y cockpit cockpit-composer Then enable the web console and reboot.\n## sudo systemctl enable --now cockpit.socket ## sudo reboot Wrap up #I hope this article becomes a series of posts (and maybe some live coding events). In the next edition, I will revisit our utility server and build the first Image Builder blueprint. That will be the basis of all the other images and servers I will use in future posts.\nThis article was originally published on the Enable SysAdmin blog.\n","date":"15 February 2023","permalink":"https://itguyeric.com/blog/how-i-built-a-homelab-with-red-hat-enterprise-linux-rhel/","section":"Blog","summary":"As a recovering sysadmin, the last thing I want is to end up being technical support at home. I often tell people that I wish I had the tools available in Red Hat Enterprise Linux (RHEL) now when I…","title":"How I built a homelab with Red Hat Enterprise Linux (RHEL)"},{"content":"There is a set of commands you should be able to reach for without thinking. This episode runs through them.\nInto the Terminal \u0026middot; Episode 58 Open the full episode page \u0026rarr; What this episode covers:\nNavigating, searching, and manipulating files fluently. Text processing with grep, sed, awk, and friends. Building fluency that makes everything else faster. Watch the full walkthrough above.\n","date":"10 February 2023","permalink":"https://itguyeric.com/blog/into-the-terminal-ep58-essential-commands/","section":"Blog","summary":"Navigating, searching, and manipulating files fluently.","title":"Essential Linux Commands | Into the Terminal 58"},{"content":"RHEL can run and manage VMs without any extra platform. This episode covers doing it natively.\nInto the Terminal \u0026middot; Episode 56 Open the full episode page \u0026rarr; What this episode covers:\nCreating and controlling VMs with virsh. Storage pools and virtual networks for your guests. Using RHEL as a lean, capable hypervisor. Watch the full walkthrough above.\n","date":"27 January 2023","permalink":"https://itguyeric.com/blog/into-the-terminal-ep56-native-vm-management/","section":"Blog","summary":"Creating and controlling VMs with \u003ccode\u003evirsh\u003c/code\u003e.","title":"Native Virtual Machine Management | Into the Terminal 56"},{"content":"RHEL ships with sane defaults, but real workloads want tuning. This episode covers getting more out of the platform.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 51 Open the full episode page \u0026rarr; What this episode covers:\nTuneD profiles for matching the OS to your workload. Where CPU, memory, and I/O tuning actually pay off. Measuring before and after so you tune on data, not vibes. Watch the full episode above.\n","date":"25 January 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep51-performance-tuning/","section":"Blog","summary":"RHEL Presents 51 on performance tuning RHEL.","title":"Performance-enhancing RHEL | RHEL Presents Ep. 51"},{"content":"This page showcases selected professional work across content creation, go-to-market strategy, live media, and technical presentations. Each project includes context, my role, and measurable outcomes.\nDownload my Resume (PDF) View full resume \u0026rarr; The IT Guy Show — Host \u0026amp; Creator #Context:\nA multimedia show exploring practical IT, infrastructure, and open source topics — blending stories, demos, and real-world lessons for technical audiences.\nWhat I Did:\nConceived show structure, branding, and production workflows. Produced episodic content with interviews, demos, and analysis of infrastructure challenges. Built and grew cross-platform engagement including YouTube, blog reference, and social channels. Impact:\nEpisodes adopted as educational touchpoints for practitioners exploring infrastructure topics. Established a recognizable personal brand that resonates with both technical and marketing audiences. The IT Guy ShowListen to the podcast\u0026rarr; Fedora Project Podcast — Host #Context:\nAn ongoing technical podcast dedicated to deep conversations about open source infrastructure, community dynamics, and technology trends in Fedora and beyond.\nWhat I Did:\nDefined the editorial direction and content calendar tied to release cadences and community focus areas. Researched, scripted, and facilitated conversations with contributors, maintainers, and ecosystem leaders. Managed production end-to-end: recording, editing, publishing, RSS distribution, and promotional strategy. Amplified episodes across social and community channels to increase visibility. Impact:\nEpisodes frequently shared and referenced in community discussions and technical threads.\n64,000+ downloads to date.\n196% quarter-over-quarter subscriber growth during peak periods.\nFedora Project PodcastListen to the podcast\u0026rarr; Messaging \u0026amp; Go-to-Market Strategy — Manager #Context:\nTemplates and frameworks to standardize product messaging, buyer journeys, and launch narratives across releases and product lines.\nWhat I Did:\nBuilt reusable Messaging Guides tailored for technical products. Drafted GTM Guides to map buyers, outcomes, and competitive positioning. Created “What’s New” and Roadmap decks for internal alignment and external enablement. Impact:\nImproved cross-team clarity on narrative and buyer language. Reduced friction in launch cycles with scalable messaging models. Link(s): (Blog Post Coming Soon)\nLive \u0026amp; Video Content — Content Creator #Context:\nProduced live and recorded video content to support technical narratives, education, and audience engagement strategies.\nWhat I Did:\nHosted and produced livestream sessions on product and technical topics. Created recorded content for YouTube, webinars, and short format channels. Collaborated with SMEs to script and run demos that appeal to developer and technical audiences. Impact:\n19.6% subscriber growth on RHEL video channels. 30% increase in live viewership on core livestream sessions. Assets reused for enablement and social amplification. RHEL Presents Into the Terminal Technical Presentations — Public Speaker #Context:\nDelivered technical talks and presentations at conferences, meetups, and community events — distilling complex technical topics into accessible, actionable insights.\nWhat I Did:\nDesigned narrative frameworks and slide decks that clarify infrastructure challenges and solutions. Presented live demos, lead Q\u0026amp;A sessions, and engaged with diverse audiences. Partnered with content and event teams to promote sessions. Impact:\nStrengthened brand presence in open source and cloud communities. Converted event audiences into repeat followers and engaged participants. RHEL Product Updates Strategic Content \u0026amp; SEO — Content \u0026amp; GTM Strategist #Context:\nOwned editorial planning and content strategy to drive consistent awareness, education, and demand marketing across multiple audiences.\nWhat I Did:\nBuilt strategic editorial calendars aligned to product priorities and ICPs. Conducted keyword research and integrated SEO best practices into content planning. Partnered with demand gen teams to tailor content for campaigns, nurture flows, and ABM. Impact:\nImproved organic visibility for strategic content themes. Increased engagement on top-of-funnel educational content. Link(s): \u0026lt;Blog coming soon!\u0026gt;\nSudo Show — Podcast Founder #Context:\nEarly career passion project to launch a podcast from scratch around technology conversations and community stories.\nWhat I Did:\nBuilt show concept and launch workflow. Hosted 40 episodes with diverse technical guests. Managed production and publishing cycles. Impact:\n40,000+ views across episodes. Recognized as a meaningful contributor to technical content in the ecosystem. Sudo ShowVisit the show\u0026rarr; Eric has the hands on technical chops from a past life in production to be able to speak authoritatively on the ways our clients can make use of our Platform solutions to improve their business outcomes. He adds to this an outgoing yet approachable style and stage presence that make his presentations and demonstrations believable and consumable.\nChuck Mattern, SA Practice Lead, Red Hat\nEric has demonstrated the knowledge and willingness to promote RHEL, and it\u0026rsquo;s related technologies. Eric has built some great video content around Convert2RHEL\u0026hellip;In-Place Upgrades\u0026hellip;Eric has a passion for open source and operations that is unparalleled. His passion really shows, and he is great in front of customers.\nBrandon Johnson, Solutions Architect Manager, Red Hat\n","date":null,"permalink":"https://itguyeric.com/portfolio/","section":"Portfolio","summary":"\u003cp\u003eThis page showcases selected professional work across content creation, go-to-market strategy, live media, and technical presentations. Each project includes context, my role, and measurable outcomes.\u003c/p\u003e\n\u003cdiv class=\"portfolio-resume-cta\"\u003e\n\u003ca class=\"btn btn-primary\" href=\"https://drive.google.com/file/d/1S0G8ad7xoIgwndTLOfGOkphYihVHKbOl/view?usp=sharing\" target=\"_blank\" rel=\"noopener\" data-umami-event=\"resume:download\"\u003eDownload my Resume (PDF)\u003c/a\u003e\n\u003ca class=\"btn\" href=\"/portfolio/resume/\" data-umami-event=\"resume:view\"\u003eView full resume \u0026rarr;\u003c/a\u003e\n\u003c/div\u003e\n\u003chr\u003e\n\u003ch3 id=\"the-it-guy-show--host--creator\" class=\"relative group\"\u003e\u003cspan class=\"sec-ico\"\u003e\u003csvg viewBox=\"0 0 24 24\" width=\"20\" height=\"20\" fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\"\u003e\u003crect x=\"9\" y=\"2\" width=\"6\" height=\"12\" rx=\"3\"/\u003e\u003cpath d=\"M5 10a7 7 0 0 0 14 0M12 19v3\"/\u003e\u003c/svg\u003e\u003c/span\u003eThe IT Guy Show — Host \u0026amp; Creator \u003cspan class=\"absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100\"\u003e\u003ca class=\"group-hover:text-primary-300 dark:group-hover:text-neutral-700\" style=\"text-decoration-line: none !important;\" href=\"#the-it-guy-show--host--creator\" aria-label=\"Anchor\"\u003e#\u003c/a\u003e\u003c/span\u003e\u003c/h3\u003e\u003cp\u003e\u003cstrong\u003eContext:\u003c/strong\u003e\u003cbr\u003e\nA multimedia show exploring practical IT, infrastructure, and open source topics — blending stories, demos, and real-world lessons for technical audiences.\u003c/p\u003e","title":"Portfolio"},{"content":"Technical Product Marketing Manager | Open Source Advocate | DevOps \u0026amp; Infrastructure Enablement #Resume: [Downloadable PDF]\nExperienced in owning positioning, messaging, and go-to-market for security and infrastructure products. Known for breaking down complex security posture, risk, and operational concepts into clear narratives and enablement that resonate with under-resourced IT and security teams.\nCore Competencies\nProduct Marketing Strategy Go-to-Market Planning Cross-Functional Team Leadership Content Development \u0026amp; Thought Leadership Market Research \u0026amp; Competitive Analysis Customer Journey Mapping Sales Enablement Open Source Advocacy \u0026amp; Community Engagement Pragmatic Institute framework Professional Experience #CIQ – Reno, NV (Remote)\nProduct Marketing Manager | January 2026 - Present\nOwn product marketing and go-to-market for RLC Pro, CIQ\u0026rsquo;s hardened, long-term-support Rocky Linux platform, including its AI/GPU and FIPS-hardened variants. Position enterprise Linux value across cloud marketplaces (AWS, Azure, Google Cloud) and regulated industries, translating LTS, FIPS 140-3, and rapid CVE response into clear buyer narratives. Drive thought leadership and field marketing at conferences including SCaLE, LinuxFest Northwest, and Open Source Summit — including my \u0026ldquo;From Bash to Burnout\u0026rdquo; talk. Produce full-funnel content (blogs, deployment guides, and event trip reports) supporting awareness and adoption of Rocky Linux and RLC Pro. TuxCare – Palo Alto, CA (Remote)\nProduct Marketing Manager | Jun 2025 - Dec 2025\nOwned product marketing strategy and go-to-market execution for Linux security and posture-adjacent lifecycle solutions, including positioning for regulated industries. Built GTM playbooks and messaging frameworks that aligned product, marketing, and sales around clear buyer personas, value narratives, and competitive positioning. Led content-driven launches, translating complex kernel and security concepts into practical stories for CISOs, platform teams, and Linux administrators. Created strategic messaging guides and competitive battlecards using Pragmatic Institute-style frameworks to support enterprise sales and enablement. Developed full-funnel content ecosystems (blogs, webinars, video walkthroughs, email, social) to support awareness, education, and adoption. Accelerated campaign execution by 3x through GenAI-assisted workflows while maintaining technical accuracy and narrative consistency. Johnson County Community College - Overland Park, KS\nAdjunct Professor | August 2025 - Present\nTeaching Introduction to Linux Systems Administration with a focus on real-world operations, security fundamentals, and production best practices. Translate complex technical concepts into clear, practical instruction for students entering IT, DevOps, and infrastructure roles. Design lectures and coursework emphasizing hands-on learning, troubleshooting, and operations thinking. Red Hat – Raleigh, NC (Remote)\nTechnical Product Marketing Manager | July 2021 - March 2025\nSolutions Architect | December 2019 - June 2021\nLed technical product marketing and content strategy for Red Hat Enterprise Linux (RHEL), supporting developer, operator, and enterprise IT audiences across global markets. Owned and scaled RHEL’s media and social presence, including YouTube, livestreams, webinars, and social platforms, driving 30% growth in live viewership and 19.6% YoY subscriber growth in 2023. Hosted and produced “RHEL Presents,” a recurring livestream and video series combining product demos and expert interviews; delivered 2 product webinars in 2023 reaching 2.6K+ viewers. Served as Technical Release Captain for RHEL 9, coordinating cross-functional teams to deliver a cohesive launch and contributing to a 25% increase in B2B lead engagement around release activities. Represented Red Hat at industry conferences and community events, delivering technical talks and demos that reinforced trust and open source credibility. GitLab – Remote\nSolutions Architect | January 2019 - December 2019\nPartnered with sales and customer success teams to introduce and position GitLab for commercial accounts, supporting adoption across DevOps and CI/CD workflows. Delivered technical demos and partnered with Sales and Technical Account Managers to support onboarding and early customer success. Designed and launched a monthly release-aligned webinar series, driving user education and product adoption. Ascend Learning – Kansas City, MO\nLinux Systems Engineer | September 2017 - December 2018\nManaged and maintained ~500 Linux servers, supporting availability, security, and performance across production environments. Automated patching and systems management using Spacewalk and SaltStack, improving operational efficiency and consistency. Led a Docker proof of concept, demonstrating the value of containerization for enterprise workloads. Projects #Fedora Project Podcast\nPodcast Host | March 2021 - March 2025; January 2026 - Present\nHosted the official Fedora Podcast, spotlighting open source innovation and Fedora community leaders.\nGrew total downloads to 64,575+ across 41 episodes with over 25 hours of content Boosted subscriber growth by 196% QoQ and improved average view duration to 7:49 in Q3 2024 Collaborated with Fedora Marketing and open source contributors to align messaging and boost community reach The IT Guy – Tech Media \u0026amp; Community Engagement, Social Media Manager, Conference Speaker\nTechnology Proficiencies #Linux Systems Administration (Red Hat Enterprise Linux, CentOS, AlmaLinux), Docker/Podman, Container orchestration concepts, Homelab, Proxmox, Git, GitLab, CI/CD workflows, Webinar Platforms (BrightTalk, YouTube)\nEducation #Keller Graduate School – Remote, 2014\nMasters of Science (M.S.) Information Systems Management\nDeVry University – Kansas City, MO, 2009\nBachelor of Science (B.S.) in Network Communications Management\nRed Hat Certified Systems Administrator - RHEL 8 (credentialed, not current)\n","date":"23 January 2023","permalink":"https://itguyeric.com/portfolio/resume/","section":"Portfolio","summary":"\u003ch2 id=\"technical-product-marketing-manager--open-source-advocate--devops--infrastructure-enablement\" class=\"relative group\"\u003e\u003cem\u003e\u003cstrong\u003eTechnical Product Marketing Manager | Open Source Advocate | DevOps \u0026amp; Infrastructure Enablement\u003c/strong\u003e\u003c/em\u003e \u003cspan class=\"absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100\"\u003e\u003ca class=\"group-hover:text-primary-300 dark:group-hover:text-neutral-700\" style=\"text-decoration-line: none !important;\" href=\"#technical-product-marketing-manager--open-source-advocate--devops--infrastructure-enablement\" aria-label=\"Anchor\"\u003e#\u003c/a\u003e\u003c/span\u003e\u003c/h2\u003e\u003cp\u003eResume: [\u003ca href=\"https://drive.google.com/file/d/1S0G8ad7xoIgwndTLOfGOkphYihVHKbOl/view?usp=sharing\" target=\"_blank\" rel=\"noreferrer\"\u003eDownloadable PDF\u003c/a\u003e]\u003c/p\u003e\n\u003cp\u003eExperienced in owning positioning, messaging, and go-to-market for security and infrastructure products. Known for breaking down complex security posture, risk, and operational concepts into clear narratives and enablement that resonate with under-resourced IT and security teams.\u003c/p\u003e","title":"Resume - Product Marketing Manager"},{"content":"With RHEL 9 out, this episode does a fresh install walkthrough on the new base.\nInto the Terminal \u0026middot; Episode 55 Open the full episode page \u0026rarr; What this episode covers:\nWorking through the RHEL 9 installer. Storage and security choices on the new release. Registering and getting to a usable system quickly. Watch the full walkthrough above.\n","date":"20 January 2023","permalink":"https://itguyeric.com/blog/into-the-terminal-ep55-installing-rhel-9/","section":"Blog","summary":"Working through the RHEL 9 installer.","title":"Installing RHEL 9 | Into the Terminal 55"},{"content":"What if you need a high-end GPU for your workloads but don\u0026rsquo;t want to buy the hardware, or you need that compute power to travel with you? In this video I walk through deploying Red Hat Enterprise Linux as a GPU-enabled cloud workstation on AWS.\nA few things worth carrying away from this one:\nRHEL is the VFX platform of choice. I point out that RHEL 9 was named part of the VFX Reference Platform in 2022, so this isn\u0026rsquo;t a novelty, it\u0026rsquo;s the foundation for animation, scientific calculations, and CAD-style demanding work. The AMI catalog is the easy path. I use the AWS AMI catalog and search the marketplace AMIs for the RHEL grid image, launch an EC2 instance with mostly defaults, and pick between the grid or Tesla NVIDIA driver sets that Red Hat supports on AWS. NICE DCV handles the remote connection. RHEL for Workstation on AWS uses NICE DCV for remote connectivity to those high-end NVIDIA GPUs, and I\u0026rsquo;m honest about a bit of production trickery: a few command-line steps live in the companion blog post rather than on screen. Take a world-class distro, a ten-year life cycle, and a cloud GPU, and you\u0026rsquo;ve got a workstation you can reach from anywhere.\n","date":"17 January 2023","permalink":"https://itguyeric.com/blog/rhel-workstation-gpu-aws/","section":"Blog","summary":"I walk through deploying Red Hat Enterprise Linux as a GPU-enabled cloud workstation on AWS.","title":"Deploying GPU-Enabled Workloads on Red Hat Enterprise Linux for Workstation on AWS"},{"content":"Beyond first setup, filesystems need ongoing care. This episode covers the common operations.\nInto the Terminal \u0026middot; Episode 54 Open the full episode page \u0026rarr; What this episode covers:\nCreating, mounting, and growing filesystems. Working with LVM to resize without downtime. Keeping /etc/fstab correct so reboots are boring. Watch the full walkthrough above.\n","date":"13 January 2023","permalink":"https://itguyeric.com/blog/into-the-terminal-ep54-filesystem-operations/","section":"Blog","summary":"Creating, mounting, and growing filesystems.","title":"Filesystem Operations | Into the Terminal 54"},{"content":"OpenShift Virtualization lets you run traditional VMs right next to your containers on the same platform. This episode covers running RHEL that way.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 50 Open the full episode page \u0026rarr; What this episode covers:\nManaging VMs and containers through one OpenShift control plane. Why teams migrating off legacy hypervisors are taking a look. Where KubeVirt-based virtualization fits a mixed workload. Watch the full episode above.\n","date":"11 January 2023","permalink":"https://itguyeric.com/blog/rhelpresents-ep50-rhel-on-openshift-virt/","section":"Blog","summary":"RHEL Presents 50 on OpenShift Virtualization.","title":"Running RHEL on OpenShift Virtualization | RHEL Presents Ep. 50"},{"content":"There, I said it! Containers won\u0026rsquo;t fix every application, they won\u0026rsquo;t replace your server farm, and sadly they won\u0026rsquo;t do your laundry.\nSomeone needed to say something in this world of marketing buzzwords and hype machines. \u0026ldquo;I volunteer as tribute.\u0026rdquo;\nI work with a lot of container tools and platforms, and I have to say the technologies are fantastic! However, I was a SysAdmin for about a decade and worked in the MidWest to boot. (I say that because technology in the United States seems to start on the coasts and works its way to the middle of the country.)\nContainers DO serve a great purpose: they isolate a running application into isolation and only give access to host resources that are absolutely necessary.\nContainers DO make it easy to try out new technologies and applications. My home lab runs several web hosting tools (like WordPress and Hugo), gaming platforms, and home automation tools. To figure out which ones I liked best, I could spin up a basic image with a couple of commands.\nContainers DO allow you to create applications that are self-healing, that can be deployed through automated pipelines, and provide for a dense application population.\nHowever\u0026hellip;\nContainers DON\u0026rsquo;T replace the operating system. Guess what? The code running in containers is still Linux (and some are a few Windows images too). The orchestrator or operating system running underneath your container\u0026hellip; an OS! The only question is how deeply that OS is obfuscated away.\nContainers DON\u0026rsquo;T have a migration path like P2V (physical-to-virtual) did in the dawn of virtualization.\nContainers AREN\u0026rsquo;T designed to absorb your 100GB legacy application that runs on an antiquated code base.\nHowever\u0026hellip;again\u0026hellip;\nI will say container technologies have come a long way in the last few years. The routes to production have become much more straightforward and more opinionated.\nContainer technologies are no longer the Wild West. So, while containers may not be a one-size-fits-all solution like the hype machine would have you believe, I do think there are a growing number of use cases.\nI picture a long highway that stretches past the horizon. Each exit is a different stopping-off point for an individual workload. For instance:\nExit 1) Maybe you are a small business with a web server, a sales portal, and a backend database. Do you really need a 6-node Kubernetes cluster hosted on a cloud provider? I\u0026rsquo;d say not.\nIn this scenario, running a single server (with automated backups, of course) and running your workloads in a series of Podman pods would make sense.\nExit 2) At some point, you decide you want to start adding features to your sales application. Now, you may add 2 or 3 more servers to serve as Dev and QA environments. This exit is a little more crowded, but you can still get by with managing your container infrastructure by hand. **Exit 8A) **Let\u0026rsquo;s say your small sales company expands at a rapid and unanticipated rate. Your 3-4 pods with a couple of containers each are now at over a hundred pods with multiple containers each. You have measurable ebbs and flows of traffic throughout the day.\nDo you really want to run each pod by hand? Do you really want your applications to run at peak capacity at 3 AM when you get no traffic to your web properties?\nNow we start talking about container orchestration. Now we start discussing bringing in Kubernetes. Now you can build each of dozens of components by yourself, or you can look at the next exit:\n**Exit 8B) **Each cloud provider has their own managed (read opinionated) implementation of Kubernetes, where all the hard decisions are made for you. All your operations teams have to do is spin them up, instantiate some users, and start deploying (grossly over-simplified, but you get the idea).\nIn fact, my company, Red Hat, has one of the coolest (in this dude\u0026rsquo;s opinion) container platforms out there: OpenShift! While I am just a Linux SysAdmin at heart, I can genuinely appreciate what containers and platforms like Kubernetes and OpenShift are trying to accomplish.\nI host a live stream on Twitch and YouTube to talk about Red Hat Enterprise Linux. This next week, January 11th, we\u0026rsquo;re having some of the OpenShift team on to talk about running virtual machines on their platform! (See the comments for the link.)\nI am in love with containers; my home lab lives by them. I believe it is necessary to take a realistic approach to move into the container space. One size does not fit all.\n——\nDisclaimer: This is an opinion piece of my own making. It is neither sponsored nor commissioned by Red Hat.\n","date":"6 January 2023","permalink":"https://itguyeric.com/blog/containers-one-size-does-not-fit-all/","section":"Blog","summary":"There, I said it! Containers won\u0026rsquo;t fix every application, they won\u0026rsquo;t replace your server farm, and sadly they won\u0026rsquo;t do your laundry.","title":"Containers: One Size Does Not Fit All"},{"content":"A huge share of tickets are not broken systems, they are human mistakes. This episode covers debugging those.\nInto the Terminal \u0026middot; Episode 52 Open the full episode page \u0026rarr; What this episode covers:\nPermissions, PATH, and environment issues that look like bugs. Reproducing the problem to see what really happened. Fixing the cause and the confusion, kindly. Watch the full walkthrough above.\n","date":"16 December 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep52-user-error/","section":"Blog","summary":"Permissions, PATH, and environment issues that look like bugs.","title":"Troubleshooting User Error | Into the Terminal 52"},{"content":"The first minor release on the RHEL 9 line. This episode walks through what 9.1 brought.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 49 Open the full episode page \u0026rarr; What this episode covers:\nImage Builder and management refinements. Security and compliance updates layered onto the 9.0 base. The steady cadence of the RHEL minor-release train. Watch the full episode above.\n","date":"14 December 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep49-whats-new-rhel-91/","section":"Blog","summary":"RHEL Presents 49 on the RHEL 9.1 release.","title":"What's New in RHEL 9.1 | RHEL Presents Ep. 49"},{"content":"\u0026lsquo;It\u0026rsquo;s slow\u0026rsquo; is a symptom, not a diagnosis. This episode covers finding the actual bottleneck.\nInto the Terminal \u0026middot; Episode 51 Open the full episode page \u0026rarr; What this episode covers:\nChecking CPU, memory, disk, and network with the standard tools. Reading top, vmstat, iostat, and friends. Working from symptom to root cause methodically. Watch the full walkthrough above.\n","date":"9 December 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep51-troubleshoot-performance/","section":"Blog","summary":"Checking CPU, memory, disk, and network with the standard tools.","title":"Troubleshoot Performance | Into the Terminal 51"},{"content":"When RHEL boots in a cloud, cloud-init is what configures it on first run. This episode explains it.\nInto the Terminal \u0026middot; Episode 49 Open the full episode page \u0026rarr; What this episode covers:\nHow cloud-init personalizes an instance at first boot. User data for injecting keys, users, and scripts. Why it is the backbone of golden-image deployment in the cloud. Watch the full walkthrough above.\n","date":"18 November 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep49-cloud-init/","section":"Blog","summary":"How cloud-init personalizes an instance at first boot.","title":"cloud-init | Into the Terminal 49"},{"content":"Sometimes the workstation you need lives in the cloud. This episode covers running RHEL workstations there, including GPU-backed ones.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 48 Open the full episode page \u0026rarr; What this episode covers:\nSpinning up RHEL workstation instances on a cloud provider. GPU-enabled instances for graphics and compute workloads. When a cloud workstation beats hauling a heavy laptop around. Watch the full episode above.\n","date":"16 November 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep48-workstations-in-cloud/","section":"Blog","summary":"RHEL Presents 48 on cloud-hosted RHEL workstations.","title":"Workstations in the Cloud | RHEL Presents Ep. 48"},{"content":"Disks fail, and the warning signs are usually there first. This episode covers spotting and handling them.\nInto the Terminal \u0026middot; Episode 48 Open the full episode page \u0026rarr; What this episode covers:\nReading SMART data and system logs for early warnings. Checking and repairing filesystems safely. Knowing when to replace hardware versus repair. Watch the full walkthrough above.\n","date":"11 November 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep48-disk-errors/","section":"Blog","summary":"Reading SMART data and system logs for early warnings.","title":"Troubleshooting Disk Errors | Into the Terminal 48"},{"content":"Playbooks on your laptop are a start; Ansible Automation Platform is how teams run automation as shared, governed infrastructure. This episode covers the jump.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 47 Open the full episode page \u0026rarr; What this episode covers:\nAutomation controller for running and scheduling jobs with RBAC. Managing RHEL fleets with supported, reusable content. Where AAP fits above ad-hoc ansible-playbook runs. Watch the full episode above.\n","date":"2 November 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep47-automating-rhel-aap/","section":"Blog","summary":"RHEL Presents 47 on automating RHEL with Ansible Automation Platform.","title":"Automating RHEL with Ansible Automation Platform | RHEL Presents Ep. 47"},{"content":"Installing RHEL by hand once is fine; doing it fifty times is not. This episode covers Kickstart automation.\nInto the Terminal \u0026middot; Episode 46 Open the full episode page \u0026rarr; What this episode covers:\nWriting a Kickstart file to script the whole install. Partitioning, packages, and post-install steps automatically. Serving Kickstart for repeatable, unattended provisioning. Watch the full walkthrough above.\n","date":"28 October 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep46-kickstart/","section":"Blog","summary":"Writing a Kickstart file to script the whole install.","title":"Deploying with Kickstart | Into the Terminal 46"},{"content":"Podman borrows the pod concept from Kubernetes, which makes multi-container apps easier. This episode covers it.\nInto the Terminal \u0026middot; Episode 45 Open the full episode page \u0026rarr; What this episode covers:\nGrouping related containers into a shared pod. Why pods map cleanly onto how apps really run. Generating Kubernetes YAML from Podman as a bridge. Watch the full walkthrough above.\n","date":"21 October 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep45-podman-pods/","section":"Blog","summary":"Grouping related containers into a shared pod.","title":"Managing Podman Containers as Pods | Into the Terminal 45"},{"content":"A live-from-the-conference episode at AnsibleFest 2022, capturing the energy and announcements from the automation crowd. (Fair warning: the on-site audio is rough.)\nRed Hat Enterprise Linux Presents \u0026middot; Episode 46 Open the full episode page \u0026rarr; Watch the full episode above.\n","date":"19 October 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep46-ansiblefest-2022/","section":"Blog","summary":"RHEL Presents 46, live from AnsibleFest 2022.","title":"Live from AnsibleFest 2022 | RHEL Presents Ep. 46"},{"content":"One network cable is a single point of failure. This episode covers bonding interfaces together.\nInto the Terminal \u0026middot; Episode 44 Open the full episode page \u0026rarr; What this episode covers:\nCreating bonds with NetworkManager for redundancy or throughput. Choosing the right bonding mode for your goal. Verifying failover actually works before you rely on it. Watch the full walkthrough above.\n","date":"14 October 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep44-network-bonding/","section":"Blog","summary":"Creating bonds with NetworkManager for redundancy or throughput.","title":"Bonding and Network Configuration | Into the Terminal 44"},{"content":"RHEL\u0026rsquo;s defaults are general-purpose; real workloads want tuning. This episode covers doing it sanely.\nInto the Terminal \u0026middot; Episode 43 Open the full episode page \u0026rarr; What this episode covers:\nApplying TuneD profiles for common workload types. Kernel parameters worth understanding via sysctl. Measuring so you tune based on data. Watch the full walkthrough above.\n","date":"7 October 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep43-kernel-tuning-tuned/","section":"Blog","summary":"Applying TuneD profiles for common workload types.","title":"Linux Kernel Tuning \u0026 TuneD | Into the Terminal 43"},{"content":"When you go from a handful of RHEL boxes to a fleet, Satellite becomes the control plane. This episode covers what it does.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 45 Open the full episode page \u0026rarr; What this episode covers:\nContent views and lifecycle environments for controlled patching. Provisioning and configuration management at scale. Why Satellite is the answer when Insights and manual patching stop scaling. Watch the full episode above.\n","date":"5 October 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep45-satellite-smart-management/","section":"Blog","summary":"RHEL Presents 45 on Red Hat Satellite.","title":"Red Hat Satellite and Smarter Smart Management | RHEL Presents Ep. 45"},{"content":"Mixed Linux/Windows shops need shared storage that both understand. This episode covers Samba.\nInto the Terminal \u0026middot; Episode 42 Open the full episode page \u0026rarr; What this episode covers:\nConfiguring Samba shares and access. Interoperating with Windows clients over SMB. Firewall and SELinux settings that trip people up. Watch the full walkthrough above.\n","date":"30 September 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep42-samba/","section":"Blog","summary":"Configuring Samba shares and access.","title":"File Shares with Samba | Into the Terminal 42"},{"content":"RHEL 9 arrived in 2022 as the delivery on a promise made back with RHEL 8: a new major version roughly every three years. With that faster cadence, easy in-place upgrades matter more, so in this video I use Leapp to take a RHEL 8.6 machine from my home lab straight to RHEL 9.\nA few things worth carrying away from this one:\nOne DNF command installs the whole suite. I install the Leapp tool, the pre-upgrade assessment, and the supporting packages in a single step, and honestly that\u0026rsquo;s really all you need to start. You have to name your target version now. Because RHEL 9 introduced support for multiple version targets, I show that you specify the target when you run the assessment, which then produces a JSON or text report you can review. This path is noticeably quicker than 7-to-8. I point out that the RHEL 8-to-9 upgrade takes fewer steps and fewer reboots than the previous version, and that many known issues are already documented in knowledge base articles linked right in the assessment logs. If you have been putting off a major-version jump, this is about as painless as it gets.\n","date":"21 September 2022","permalink":"https://itguyeric.com/blog/rhel-leapp-8-to-9/","section":"Blog","summary":"A demonstration of Leapp upgrading a RHEL 8.6 home-lab VM in place to RHEL 9.","title":"Use Leapp to Upgrade from Red Hat Enterprise Linux 8 to RHEL 9 In-Place"},{"content":"Most apps need a database behind them. This episode covers standing one up on RHEL properly.\nInto the Terminal \u0026middot; Episode 40 Open the full episode page \u0026rarr; What this episode covers:\nInstalling a database from AppStreams and initializing it. Basic security: users, access, and network exposure. Where storage and backups fit from day one. Watch the full walkthrough above.\n","date":"9 September 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep40-deploying-a-database/","section":"Blog","summary":"Installing a database from AppStreams and initializing it.","title":"Deploying a Database | Into the Terminal 40"},{"content":"Serving a web page is a great way to see the whole stack cooperate. This episode builds one on RHEL.\nInto the Terminal \u0026middot; Episode 39 Open the full episode page \u0026rarr; What this episode covers:\nInstalling and configuring the web server service. Opening the right ports in firewalld. Getting the SELinux contexts right so it actually serves. Watch the full walkthrough above.\n","date":"2 September 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep39-building-a-webserver/","section":"Blog","summary":"Installing and configuring the web server service.","title":"Building a Webserver | Into the Terminal 39"},{"content":"RHEL for Workstation pairs everything you know from RHEL for Server with a world-class Linux desktop, backed by a ten-year life cycle. In this video I take you on a tour of the refreshed GNOME 40 desktop that ships with Red Hat Enterprise Linux 9 for Workstation.\nA few things worth carrying away from this one:\nWayland is the default now. Starting with RHEL 9.0, Workstation ships with the Wayland compositor enabled by default, pulling functions like audio and video into the desktop as first-class citizens, though I show you can still pick X11 at the login screen if an app needs it. Workspaces spread horizontally and drag-and-drop. In GNOME 40 you log straight into the activities overview, and I demonstrate dragging windows between horizontally arranged workspaces, one for email and chat, another for the blog you\u0026rsquo;re writing, and navigating them with Super+Alt+arrow keys. There are features aimed at regulated shops. I call out the classification banners in GNOME 40 that let you display access or usage warnings, along with the accessibility and memory-utilization improvements that come with this release. If you\u0026rsquo;re standing up a fleet of Linux workstations, this is the desktop your users will actually live in.\n","date":"1 September 2022","permalink":"https://itguyeric.com/blog/rhel-9-workstation-gnome-40/","section":"Blog","summary":"I tour the updated GNOME 40 desktop experience in Red Hat Enterprise Linux 9 for Workstation.","title":"What's New in the GNOME 40 Desktop: Red Hat Enterprise Linux 9 for Workstation"},{"content":"For a systems administrator, it seems like every project brings new complexity, more servers, and more sprawl to manage. I will assume that your messes are a lot like mine: On one server, you\u0026rsquo;re running CentOS Linux 7 from a project several years ago. Over here, you have a handful of Red Hat Enterprise Linux (RHEL) 9 servers from a recent project. Over there, you have an Oracle RAC database running on Oracle Linux 8.\nNo matter where you look, you have a mix of different distributions on different major and minor versions. What is a hard-working sysadmin to do? Never fear; the IT Guy is here, and as Terry Bowling and I did in our 2022 Red Hat Summit talk, I will walk you through a couple of tools to help you bring some order to the chaos in your infrastructure.\nWhy I standardized on Red Hat Enterprise Linux #In all my years as a sysadmin, I\u0026rsquo;ve never had a better experience managing a Linux operating system than with RHEL. I know what you are thinking: \u0026ldquo;This guy works for Red Hat; of course, he would say that operating system is the best.\u0026rdquo; Rest assured, my love for RHEL long predates ever receiving a paycheck with a red fedora.\nOne reason is that RHEL is open source, which is critical to the development and sustainability of the entire Linux ecosystem and, to a real extent, the world of technology we enjoy. For another reason, Red Hat has always been a vendor I love talking to, in contrast to the ones I wanted to get out of the door as quickly as possible because all they cared about was the upsell.\nIf I were to start a business, manage a large bank, or control a space station, I would put RHEL at the heart of it. The main reasons are security certifications, an unmatched partner ecosystem, and a suite of management tools built right into the subscription in the form of Red Hat Insights.\nI could talk about how much I love RHEL all day, but I\u0026rsquo;ll move along. Assume I have convinced you that RHEL is the way to go, so how do you standardize on it without rebuilding hundreds or even thousands of servers?\nThat is where the Convert2RHEL tool comes into play. Convert2RHEL is a supported utility that replaces existing packages with Red Hat-signed versions. So you can replace your CentOS Linux kernel with the RHEL kernel and a third-party MariaDB version with the Red Hat version. You get the idea. Modern systems can have anywhere from 500 to 1,000 or more packages, and the Convert2RHEL tool handles the conversion process. It also ties the converted system into your Red Hat Access account, allowing you to install packages, get support, and connect to tools like Insights and Red Hat Satellite.\nI mentioned a crucial term in the paragraph above: supported. Convert2RHEL is a supported operation. If you run into issues, you can open a support ticket or even talk to Red Hat Consulting to get advice and build a plan for a standardized platform. Need to carry out a bulk conversion? You can automate the process with Satellite.\nGet started with Convert2RHEL #To get started with Convert2RHEL, you can follow the commands and screenshots in this article or watch the complete process in this video:\nhttps://www.youtube.com/embed/xX7P4BzOcNg\nI will walk through this process with a vanilla CentOS Linux 7 virtual machine (VM). To make life easier, before you do anything, ensure all your packages are up to date:\n$ sudo dnf update -y With that done, run three curl commands to pull down the GNU Privacy Guard (GPG) key, SSL certificate, and repository confirmation necessary to pull the convert2rhel packages from the Red Hat content delivery network (CDN):\n$ curl -o /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release https://www.redhat.com/security/data/fd431d51.txt % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 1855 100 1855 0 0 11393 0 --:--:-- --:--:-- --:--:-- 11380 $ curl --create-dirs -o /etc/rhsm/ca/redhat-uep.pem https://ftp.redhat.com/redhat/convert2rhel/redhat-uep.pem % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 7411 100 7411 0 0 28684 0 --:--:-- --:--:-- --:--:-- 28724 $ curl -o /etc/yum.repos.d/convert2rhel.repo https://ftp.redhat.com/redhat/convert2rhel/7/convert2rhel.repo % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 247 100 247 0 0 1080 0 --:--:-- --:--:-- --:--:-- 1083 Now it\u0026rsquo;s time for the main event: The conversion. Be forewarned; depending on your underlying hardware and the complexity of your client install, this process could take some time.\n$ sudo convert2rhel --org 12345678 --activationkey SuperSecret I\u0026rsquo;ll break this command down. First, convert2rhel calls your newly installed tool. The --org flag allows you to specify your Red Hat Access organization ID, and --activationkey allows you to select a key. These two arguments let you register your converted RHEL server to your active Red Hat subscription.\nFor more information on using org ID and activation keys, check out the documentation.\nOnce you start the conversion process, you are presented with the RHEL end-user license agreement (EULA) and asked if you are sure you are ready to proceed. Once all the preconversion checks are complete and the Red Hat packages staged, you can reboot the system.\nUp to this point, no changes have been made to the system. However, once you tell the instance to reboot, everything starts happening.\nAfter you hit Enter, your system boots into a temporary environment. Convert2RHEL will replace all the CentOS-signed packages with their Red Hat-signed equivalents.\nStandardize on major versions #That wasn\u0026rsquo;t so hard, right? Now that you\u0026rsquo;ve trimmed the number of distributions you have to manage to one, you need to do something about the environment\u0026rsquo;s version sprawl. You may have 7.9, 8.4, 8.5, 8.6… you get the idea. To give the newly standardized environment the most runway, consider upgrading all of your servers to the latest major version.\nFor one thing, RHEL 8 and 9 have a predictable lifecycle: five years of full support (such as new features and hardware enablement) followed by five years of maintenance support (for example, bug fixes and security patches). That gives you 10 years total. You can also expect a new minor version every six months and a new major version every three years. Since RHEL 9 was released in May 2022, you can expect RHEL 10 in summer 2025.\nHowever, if the \u0026ldquo;latest and greatest\u0026rdquo; gives you pause, Red Hat has an Extended Update Support (EUS) release. This allows you to upgrade to a minor version with two years of support.\nA predictable release cadence makes life easier for operations teams. Remember having to make the switch from init to systemd? Yeah, frustrating. What was that command again? Oh, wait, no, that was that other server. Is this server running Podman? Nope, no containers. I feel your pain.\nHow can you relieve those annoying issues and provide your infrastructure with a steady state of major release cycles?\nDo in-place upgrades with Leapp #There is also a supported utility to help sysadmins navigate from one major version to the next. That tool is Leapp, a solution for in-place upgrades.\nWhy do an in-place upgrade versus a clean install? It\u0026rsquo;s cheaper, and I don\u0026rsquo;t mean dollars. I mean your time. Your time and energy have great value. With a new build, you must install all your packages from scratch, create all your users (with passwords), and reapply all the little tweaks and configuration changes. It takes time and effort that you could spend doing so many other things.\nThe Leapp utility is available from the Base OS repository on RHEL 8 systems and in an add-on repository for RHEL 7 systems with a dnf install command. Leapp is also a supported operation, so if you run into trouble, you can always reach out to Red Hat\u0026rsquo;s support teams to get a fresh set of eyes.\nOne other aside: Leapp for RHEL 7 and 8 means you can take a RHEL 7 box, upgrade it to a RHEL 8 box, and then rerun Leapp to get to a RHEL 9 server. Granted, that depends on the workloads, library versions, and other factors you may be running.\nNote: If you want to see the upgrade process for RHEL 7 servers, check out this video:\nhttps://www.youtube.com/embed/VVVwg9IyqwQ\nIf you already have a RHEL system registered and up to date, it is an easy process to install the Leapp utility:\n$ sudo dnf install -y leapp-upgrade To evaluate that an in-place upgrade will be successful, the tool\u0026rsquo;s preupgrade assistant audits all your packages, repositories, and configurations to identify potential pitfalls or blockers that may interfere with a successful upgrade. The tool helps you identify issues that could cause failures.\nThe Leapp utility is available from the Base OS repository on RHEL 8 systems and in an add-on repository for RHEL 7 systems with a dnf install command. Leapp is also a supported operation, so if you run into trouble, you can always reach out to Red Hat\u0026rsquo;s support teams to get a fresh set of eyes.\nOne other aside: Leapp for RHEL 7 and 8 means you can take a RHEL 7 box, upgrade it to a RHEL 8 box, and then rerun Leapp to get to a RHEL 9 server. Granted, that depends on the workloads, library versions, and other factors you may be running.\nNote: If you want to see the upgrade process for RHEL 7 servers, check out this video:\nhttps://www.youtube.com/embed/VVVwg9IyqwQ\nIf you already have a RHEL system registered and up to date, it is an easy process to install the Leapp utility:\n$ sudo dnf install -y leapp-upgrade To evaluate that an in-place upgrade will be successful, the tool\u0026rsquo;s preupgrade assistant audits all your packages, repositories, and configurations to identify potential pitfalls or blockers that may interfere with a successful upgrade. The tool helps you identify issues that could cause failures.\nWhen the preupgrade assistant shows no inhibitors, you can proceed with the upgrade. If it identifies an inhibitor, you can get the details in the /var/log/leapp/leapp-preupgrade.log file. You can also add workarounds or skip certain operations by adding those options to the /var/log/leapp/answerfile. This option makes the upgrade process less manually intensive. Not only will this tool help you identify potential issues, but you can also take those notes and feed them into an answer file to further automate this process.\nWith the upgrade assessment in the green, start the upgrade. I like to add the --reboot option so that I don\u0026rsquo;t have to manually reboot the system after the upgrade process begins:\n$ sudo leapp upgrade –-reboot At this point, Leapp gets to work. This process may take some time, depending on the size and complexity of your installation. It downloads all new packages, from the kernel to OpenSSL to Vim and more. It also builds a new boot image to support the new environment.\nOnce the packages are all in place and the new boot image created, all that\u0026rsquo;s left is for the system to reboot itself. When you return to a login prompt, you are ready to go!\nWrap up #Sitting on the floor next to my desk is a workstation that has been running since Fedora 29. I\u0026rsquo;ve done in-place upgrades up to Fedora 36, and the process has gotten better, faster, and more accessible. This is the foundation of the Leapp tool for RHEL. Red Hat depends heavily on upstream communities to help shape the future of RHEL.\nConvert2RHEL and Leapp have seen a lot of adoption in the community and received a steady amount of engineering attention, making the process faster and easier. These two tools aim to help make your job easier by managing that infrastructure sprawl, cutting down technical debt, and providing a firmer foundation for any workloads thrown your way.\nWhat will you do with all that newfound free time? Will you take that vacation? Learn a new technology? Knock out other projects? Or just take a nap? There is no wrong answer. As sysadmins, it is our job to enable our businesses to be successful, but that doesn\u0026rsquo;t mean we should have to toil!\nHead to the migrations page and start planning your standardization project today!\nThis article is based on What\u0026rsquo;s new with Red Hat Enterprise Linux migrations: Convert2RHEL and Leapp upgrades, presented at Red Hat Summit in May 2022 and was originally published on the Enable SysAdmin blog.\n","date":"30 August 2022","permalink":"https://itguyeric.com/blog/2-tools-to-manage-infrastructure-sprawl-with-red-hat-enterprise-linux-rhel/","section":"Blog","summary":"For a systems administrator, it seems like every project brings new complexity, more servers, and more sprawl to manage. I will assume that your messes are a lot like mine: On one server, you\u0026rsquo;re…","title":"2 tools to manage infrastructure sprawl with Red Hat Enterprise Linux (RHEL)"},{"content":"GPG is the trust layer under a lot of Linux, including package signing. This episode demystifies it.\nInto the Terminal \u0026middot; Episode 38 Open the full episode page \u0026rarr; What this episode covers:\nGenerating keys and signing or verifying data. How package signatures let dnf trust what it installs. Basic encryption for files and messages. Watch the full walkthrough above.\n","date":"26 August 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep38-gpg-keys/","section":"Blog","summary":"Generating keys and signing or verifying data.","title":"Working with GPG Keys | Into the Terminal 38"},{"content":"Registration and subscriptions used to be a friction point. This episode covers the modernized experience.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 43 Open the full episode page \u0026rarr; What this episode covers:\nA smoother registration flow tied into the Hybrid Cloud Console. Simple content access reducing entitlement headaches. Why cleaner registration matters for tracking and automation. Watch the full episode above.\n","date":"24 August 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep43-registration-experience/","section":"Blog","summary":"RHEL Presents 43 on the modernized registration and subscription flow.","title":"Modernizing the Registration Experience | RHEL Presents Ep. 43"},{"content":"Knowing where you sit in the RHEL lifecycle is how you avoid nasty surprises. This episode maps it out.\nInto the Terminal \u0026middot; Episode 37 Open the full episode page \u0026rarr; What this episode covers:\nFull support, maintenance, and extended support phases. Planning upgrades around end-of-support dates. Why lifecycle awareness is a security concern, not just paperwork. Watch the full walkthrough above.\n","date":"19 August 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep37-lifecycle-management/","section":"Blog","summary":"Full support, maintenance, and extended support phases.","title":"Lifecycle Management | Into the Terminal 37"},{"content":"IT operations folks strive to not only maximize uptime but also keep systems patched. These might seem like competing goals, but we\u0026rsquo;re here to help with Live kernel patching in Red Hat Enterprise Linux (RHEL) and enjoy some improvements with live kernel patching in RHEL 8.5.\nYou can use a built-in tool to get update the kernel on RHEL systems with no downtime. That tool is live kernel patching (kpatch). Kpatch has been a part of our operating system for some time now (since RHEL 8.1, 7.7). However, with RHEL 8.5 (and the 9.0 Beta), there are some significant enhancements.\nTo catch the rest of my article, head over to the Red Hat blog here!\n","date":"18 August 2022","permalink":"https://itguyeric.com/blog/overcoming-vulnerabilities-with-live-kernel-patching-in-red-hat-enterprise-linux-8-5/","section":"Blog","summary":"IT operations folks strive to not only maximize uptime but also keep systems patched. These might seem like competing goals, but we\u0026rsquo;re here to help with Live kernel patching in Red Hat Enterprise…","title":"Overcoming vulnerabilities with live kernel patching in Red Hat Enterprise Linux 8.5"},{"content":"Way back in the day, humanity created computers to help make our lives easier. In a lot of ways, they have; in others, it\u0026rsquo;s made life much more tedious, especially for the SysAdmin. What used to be a mainframe has turned into hundreds of servers, containers, and virtual machines spread across data centers, clouds, and even laptops!\nNever fear, Infrastructure as Code (IaC) is here. Tools like Ansible have been around for over a decade or more but in the past few years they have really picked up speed. Ansible is a simple, efficient approach to automating and standardizing our environments while cutting down on the time, increasing reliability, and removing the human error factor from operations and deployments!\nMy Story #Probably around 2012 or so, I was a rookie Linux Systems Administrator just making the move away from managing Windows servers and desktops. I remember how much fun patch days were…at first. We got to take the morning off, spend an evening at our off-site data center, order in some Jimmy John’s, and once the corporate office closed, start patching systems. We ran CentOS, RHEL, Oracle Enterprise, and maybe even an Ubuntu system or two.\nLooking back, it was actually an unnecessary time suck! Why!? Patch a couple of hundred servers, by hand, rebooting systems manually, and hoping that nothing broke because the application and database administrators were already at home enjoying the end of their workday. The one saving grace at that point was Tmux (an amazing tool to manage multiple terminal sessions at once). At least then I didn’t have to type yum update 200 times!\nI guess Charles Dickens might have said of my career: “It was the best of times, it was the worst of times…” I finally got to focus on Linux Servers, bye-bye Windows, but who wants to spend their Thursday nights patching a couple of hundred servers by hand?\nThat’s not why you’re here, though. You all know I have my SysAdmin scars and I wear them with pride because now, I get to share amazing lessons I learned (or in today’s case should have learned back then). Today, I want to introduce a tool that could have taken our patching times from 6-7 hours down to what could have been less than an hour. Even more, that process could have been completely automated!\nWhat is Ansible? # Ansible is a project bred from the idea that all infrastructure (even security, networking, and cloud) should be code. In other words, if you think of your lab, network, enterprise, whatever as a restaurant, Ansible would be the recipes the cooks used to make every dish. Ansible is written predominantly in Python and utilizes YAML or “YAML Ain’t Markup Language” (who doesn’t love a good recursive acronym?) for its playbooks.\nAnsible, not to be confused with the Red Hat product Ansible Automation Platform, is an open-source project that runs across most Linux and Unix systems as well as Mac and Windows and even networking gear, clouds, and security appliances! The list of modules and supported platforms grows with every release.\n[ansible@fedora-server-34 ~]$ ansible --version ansible 2.9.21 config file = /etc/ansible/ansible.cfg configured module search path = [\u0026#39;/home/ansible/.ansible/plugins/modules\u0026#39;, \u0026#39;/usr/share/ansible/plugins/modules\u0026#39;] ansible python module location = /usr/lib/python3.9/site-packages/ansible executable location = /usr/bin/ansible python version = 3.9.5 (default, May 14 2021, 00:00:00) [GCC 11.1.1 20210428 (Red Hat 11.1.1-1)] [ansible@fedora-server-34 ~]$ The name was inspired by Rocannon’s World, a novel by Ursula K. Le Guin. In the 1966 novel, ansible was a fictional, instantaneous communication system. Ansible would later become the name of the open-source tool. Michael DeHann, the original developer decided to build a company around his new tool and with the help of Said Ziouani and Timothy Gerald founded AnsibleWorks Inc. Later, the company was renamed Ansible Inc and eventually was acquired by Red Hat in 2015.\nWhy Ansible? #Ansible burst onto the field in an age where Infrastructure As Code (IaC) tools seemed to be everywhere. However, Ansible had a few attributes that set it apart from its competition.\nFor one, Ansible is agent-less. In other words, there is no software to deploy across your enterprise. You could install the Ansible package on your laptop and manage thousands of servers across bare metal, virtual machines, and even the cloud!\nBeing agentless also opened the door for another advantage: Ansible utilizes OpenSSH to execute remote commands instead of proprietary or platform-specific tools.\nThirdly, Ansible set itself apart by choosing simple, YAML-based text files to define its environments and code. Want to have a pre-defined list of servers to manage? Add it to an inventory file! Want to use Ansible to create a user, set its password, and add an SSH key? Write a playbook. Want to have support for different environments (dev, prod, etc.)? Easy, just create a variable file!\nGetting Started #Did I sell you on how easy and awesome Ansible is? Good, because here is the entrée for today’s meal: Let’s install Ansible and use Ansible to add a package on our local system. For the sake of this demonstration, I\u0026rsquo;ll be using one of my favorite server distros, Fedora Server, specifically Fedora 34. Ansible is available for most major distros, so, consult your package manager to find the correct package.\nThe first step is to install the required Ansible package and its dependencies:\n[ansible@fedora-server-34 ~]$ sudo dnf install -y ansible Last metadata expiration check: 0:05:30 ago on Tue 22 Jun 2021 04:13:57 PM CDT. Dependencies resolved. =============================================================================================================================================================================================================== Package Architecture Version Repository Size =============================================================================================================================================================================================================== Installing: ansible noarch 2.9.21-1.fc34 updates 15 M Installing dependencies: libsodium x86_64 1.0.18-7.fc34 fedora 165 k python3-babel noarch 2.9.1-1.fc34 updates 5.8 M python3-bcrypt x86_64 3.1.7-7.fc34 fedora 44 k python3-cffi x86_64 1.14.5-1.fc34 fedora 244 k python3-chardet noarch 4.0.0-1.fc34 fedora 214 k python3-cryptography x86_64 3.4.6-1.fc34 fedora 1.4 M python3-idna noarch 2.10-3.fc34 fedora 99 k python3-jinja2 noarch 2.11.3-1.fc34 fedora 493 k python3-jmespath noarch 0.10.0-1.fc34 updates 46 k python3-markupsafe x86_64 1.1.1-10.fc34 fedora 32 k python3-ntlm-auth noarch 1.5.0-2.fc34 fedora 53 k python3-ply noarch 3.11-11.fc34 fedora 103 k python3-pycparser noarch 2.20-3.fc34 fedora 126 k python3-pynacl x86_64 1.4.0-2.fc34 fedora 110 k python3-pysocks noarch 1.7.1-8.fc34 fedora 35 k python3-pytz noarch 2021.1-2.fc34 fedora 49 k python3-pyyaml x86_64 5.4.1-2.fc34 fedora 194 k python3-requests noarch 2.25.1-1.fc34 fedora 114 k python3-requests_ntlm noarch 1.1.0-14.fc34 fedora 18 k python3-urllib3 noarch 1.25.10-4.fc34 fedora 175 k python3-xmltodict noarch 0.12.0-11.fc34 fedora 23 k sshpass x86_64 1.09-1.fc34 fedora 27 k Installing weak dependencies: python3-paramiko noarch 2.7.2-4.fc34 fedora 287 k python3-pyasn1 noarch 0.4.8-4.fc34 fedora 133 k python3-winrm noarch 0.4.1-2.fc34 fedora 79 k Transaction Summary =============================================================================================================================================================================================================== Install 26 Packages Total download size: 25 M Installed size: 143 M Downloading Packages: \u0026lt;\u0026lt;\u0026lt; Output Truncated \u0026gt;\u0026gt;\u0026gt; Complete! [ansible@fedora-server-34 ~]$ Excellent, feel the power yet? Let\u0026rsquo;s get a little crazy. Let\u0026rsquo;s write a playbook. Let\u0026rsquo;s install a package!\nI really like htop. It is a \u0026ldquo;graphical\u0026rdquo; tool that, in this author\u0026rsquo;s opinion, makes it much easier to read and understand the output of the top command.\nLuckily, it\u0026rsquo;s available from the default Fedora repos. So, using your favorite text editor, create htop.yml:\n--- - name: installing packages hosts: localhost become: yes tasks: - name: install htop package: name: htop state: latest What\u0026rsquo;s all this mean? Let\u0026rsquo;s break it down line by line. Make sure to start your playbook with three hyphens (-), then name tags are just that, it lets you know what task is being run to make it easier to understand the output (and especially troubleshoot any problems). Next, we have the hosts. For this super-simple example, we are only calling localhost. This could also call any number of hostnames or groups listed in an inventory file. Become is basically your sudo command. If you set Become to yes, Ansible will run with administrative privileges. Otherwise, the playbook will run as whatever user calls the playbook.\nUnder tasks, we have another name tag. We are calling the package module. This is what is so cool about Ansible; you can actually build playbooks that will run over differing distributions! The package module is intuitive enough to know what your system\u0026rsquo;s package manager is: apt for Ubuntu, yum for CentOS, dnf for Fedora, and so on. Next, we call the package, in our case, htop. The final line is the state of the package. We can set this to a specific version, to absent (if we don\u0026rsquo;t want the called package installed), or latest, which (you guessed it!) means the package will be on the latest version.\nNow, save your config file, and let\u0026rsquo;s run our playbook:\n[ansible@fedora-server-34 ~]$ rpm -qa|grep htop [ansible@fedora-server-34 ~]$ ansible-playbook htop.yml [WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match \u0026#39;all\u0026#39; PLAY [installing packages] ************************************************************************************************************************************************************************************ TASK [Gathering Facts] **************************************************************************************************************************************************************************************** ok: [localhost] TASK [install htop] ******************************************************************************************************************************************************************************************* changed: [localhost] PLAY RECAP **************************************************************************************************************************************************************************************************** localhost : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 [ansible@fedora-server-34 ~]$ rpm -qa|grep htop htop-3.0.5-4.fc34.x86_64 [ansible@fedora-server-34 ~]$ You can see htop is not installed before we run our playbook, then after we run it, htop is indeed present!\nWrap Up #So, there you have it. You now have the power to go out and install a package on any SSH-enabled host system. Go forth and blow people’s minds! When you take this simple example and zoom out, you start to see the sheer power that Ansible can bring to a Systems Administrator. Step aside, Luke Skywalker, we don’t need the Force anymore to move your X-Wing. We’ll do it with Ansible!\nOkay…That may be over the top. However, I can’t overstate the truth: Build out your playbooks. Grow your Ansible skills. The rule is, if you have to do a task more than once: AUTOMATE IT! Stop installing packages by hand. Quit wasting your time bootstrapping servers by copy-pasting commands out of a shared document. Take those commands, add in some Jinja-variable goodness, and let computers do what they were meant to do: make the lives of humans easier.\nNeed some more ideas to get you going? No problem! Ansible has AH-MAZE-ZING documentation and an awesome Getting Started landing page.\nLike a terrible TV infomercial, just wait, there’s more! Have a favorite open source project you like or a system service that you tend to modify? You may not even have to start from scratch! Ansible has galaxies (pun intended) of pre-built roles and playbooks available. Ansible Galaxy is a community-driven effort to provide pre-built code to get your systems up and running fast. They have playbooks for Nextcloud Server, LAMP, and even desktop applications!\nI use Ansible every time I build out a new VM. I use Ansible to ensure my user account is configured exactly the same way across all my systems: laptop, desktop, server, VMs, and cloud! Admittedly, my list of Ansible To-Dos is still fairly large, however, I try to spend a little time each month adding to it. Slowly but surely, I am automating and standardizing my home lab and home production systems. You can too!\nLet me know below how you are or are planning to use Ansible.\nDid you like this post? Let me know in the comments if there is more you’d like to read on this topic. There is SO much more we could talk about from products like Red Hat’s Ansible Tower (or the upstream AWX project) to large-scale use cases, bootstrapping, and more. So, by all means, let me know what you are interested in.\nThank you so much for spending your valuable time to hear my “war stories” and letting me share a tool with you I am quite passionate about.\n(This post originally appeared here and is used with permission.)\n","date":"11 August 2022","permalink":"https://itguyeric.com/blog/ansible-beginners-guide-automate-the-pain-away/","section":"Blog","summary":"Way back in the day, humanity created computers to help make our lives easier. In a lot of ways, they have; in others, it\u0026rsquo;s made life much more tedious, especially for the SysAdmin. What used to be a…","title":"Ansible Beginner's Guide: Automate the Pain Away"},{"content":"Password auth over SSH should be your last resort. This episode covers doing it with keys.\nInto the Terminal \u0026middot; Episode 36 Open the full episode page \u0026rarr; What this episode covers:\nGenerating key pairs and choosing a good algorithm. Distributing public keys with ssh-copy-id. Using ssh-agent and protecting private keys. Watch the full walkthrough above.\n","date":"5 August 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep36-ssh-key-management/","section":"Blog","summary":"Generating key pairs and choosing a good algorithm.","title":"SSH Key Management | Into the Terminal 36"},{"content":"The approach to work has changed several times over the past three or so years. We all keep hoping to find that \u0026ldquo;new normal,\u0026rdquo; and I think we are in it already. At least for now, our new normal will be abnormal.\nIt\u0026rsquo;s funny now; it wasn\u0026rsquo;t then: In early March 2020, I had just gotten back from a team meeting in New York. I was going to be home for a week before embarking on some amazing trips: I was going to finish my sales training in Raleigh; I was going to a telecommunications conference in Chicago; I was going to attend a sales meeting in Texas. Three weeks, three trips\u0026hellip;except I didn\u0026rsquo;t go anywhere!\nDuring that week between trips, the organizers canceled all three. In a matter of four hours or so, The world shut down. I didn\u0026rsquo;t even leave my state until Summit 2022 in Boston! That was an experience to share in a different blog post. The trip that struck me was a couple of weeks after Summit when the Red Hat Enterprise Linux team met at one of our offices for a week-long strategy session.\nAt that time, I had been at Red Hat for 2 1/2 years and was a marketing team member for a week shy of a year. I hadn\u0026rsquo;t met any of my coworkers in person during that time! Let\u0026rsquo;s be honest, we were there for the strategy sessions, but most of us made the trip for the human connection!\nImportance of In-Person #Before the pandemic, I\u0026rsquo;d had work-from-home days and had been part of remote workforces before I came to Red Hat. I was an all-remote employee before the pandemic. It\u0026rsquo;s one thing if everyone is remote; it is a mess if you have a hybrid audience. Before Red Hat, I worked for GitLab, a company that prides itself on being globally distributed. I felt my team of Solutions Architects had a winning pattern: asynchronous communication, regular 1-on-1s, and weekly team meetings. My favorite part then was that we met in person once a quarter. This balance allowed us to maximize working from home while maintaining regular communication with our team. The in-person meetings allowed us to strategize, whiteboard, or grab a drink with the coworkers we spend hours with weekly.\nI missed that balance during the pandemic. I think, though, we are moving back in that direction. Hybrid Meetings #Anyway, back to Boston and the in-person strategy session. We spent the first morning meeting everyone and discussing our plans for the future of RHEL. The difficulty was we had well over 25 people in the room and almost as many on a Google Meet!\nHere\u0026rsquo;s where this blog gets informative: It took us the better part of a day to get most of the bugs worked out. We realized that there were some crucial factors to take into consideration:\n1) Keep the room quiet. Anytime a bag would open or someone would fidget through their notebook, it would be annoying to those in the room. But to those hearing everything through earbuds, it was downright awful! 2) Ensure remote attendees can participate. It is effortless to be ignored or for your attention to drift when you are one of the few not on site. We were using Meet for our meeting. It had some beneficial features:\nThe \u0026ldquo;raise hand\u0026rdquo; function allowed people to signal their interest in contributing to the discussion. The raise hand tool even included a queue so people could address their comments in the order they were received. We found something new: Google Meet had a \u0026ldquo;companion mode\u0026rdquo;. For people in the room, we could join the meeting, use the raise hand tool, and be put into a chat room. Side conversations (or, in our case, humorous tangents) are an unavoidable part of meetings, so, at least in the chat room, these conversations were quiet (see point 1 above) and recorded right along with the meeting video!\nSomething else we ended up doing was ensuring that someone on the remote call got to present or lead group discussions. The giant floating head effect was a little much, but hey, what can you do. Though, we also realized that it\u0026rsquo;s still easy to do group breakouts with hybrid meetings. When we would assign people to functional breakouts or ice breakers, the virtual room became one of the groups. 3) Utilize virtual whiteboards or flow charts! Yeah, I know, it\u0026rsquo;s not as good as everyone circled a physical whiteboard. Still, I was pleasantly surprised by several of the tools we used! There was Miro for virtual whiteboarding and collaboration. We also used Jamboard to do more free-form thinking and capture ideas. Wrap up #Hybrid isn\u0026rsquo;t ideal. Nothing beats being in person for strategy sessions, whiteboarding, and building team spirit! Giving a hug (I\u0026rsquo;m a huge hugger) or a handshake is the best. However, it\u0026rsquo;s not always possible with family, health concerns, and logistics.\nI am very thankful that we live in a society that accepts and acknowledges that fact. We have the right and the support of others to exercise our decisions. While I still have some anxiety around travel, I enjoy it more, knowing it is my choice.\nNowadays, I\u0026rsquo;m even safer traveling than I was before. I got bronchitis and a sinus infection on a flight right before a cruise! Now, I have a mask with me at all times. If I feel like some folks around me are less than healthy, I can put it on and rest easier.\nThese are just some thoughts I had after traveling for the first time in several years. These are just a few lessons our team picked up from our first hybrid meeting. I\u0026rsquo;d love to hear what has worked for you!\n","date":"4 August 2022","permalink":"https://itguyeric.com/blog/lessons-i-learned-while-attending-a-hybrid-meeting/","section":"Blog","summary":"The approach to work has changed several times over the past three or so years. We all keep hoping to find that \u0026rsquo;new normal,\u0026rsquo; and I think we are in it already. At least for now, our new normal will…","title":"Lessons I Learned While Attending a Hybrid Meeting"},{"content":"Ever needed a newer Python or an older database on the same OS? Application Streams are how RHEL handles that.\nInto the Terminal \u0026middot; Episode 35 Open the full episode page \u0026rarr; What this episode covers:\nListing and enabling module streams with dnf module. Getting multiple versions of a language or database. Why AppStreams decouple app versions from the OS lifecycle. Watch the full walkthrough above.\n","date":"29 July 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep35-application-streams/","section":"Blog","summary":"Listing and enabling module streams with \u003ccode\u003ednf module\u003c/code\u003e.","title":"Application Streams | Into the Terminal 35"},{"content":"RHEL System Roles are one of the easiest on-ramps to automation, because Red Hat ships and supports the Ansible content for you.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 41 Open the full episode page \u0026rarr; What this episode covers:\nSupported Ansible roles for common subsystems (networking, storage, timesync, and more). Configuring fleets consistently without writing playbooks from scratch. Where System Roles fit alongside Ansible Automation Platform. Watch the full episode above.\n","date":"27 July 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep41-system-roles/","section":"Blog","summary":"RHEL Presents 41 on RHEL System Roles.","title":"Rolling with System Roles | RHEL Presents Ep. 41"},{"content":"Standard permissions do not cover every case. This episode gets into special bits and ACLs.\nInto the Terminal \u0026middot; Episode 34 Open the full episode page \u0026rarr; What this episode covers:\nsetuid, setgid, and the sticky bit, and why they matter. Fine-grained access with setfacl and getfacl. When ACLs are the right answer over reworking groups. Watch the full walkthrough above.\n","date":"22 July 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep34-special-permissions-acls/","section":"Blog","summary":"setuid, setgid, and the sticky bit, and why they matter.","title":"Special Permissions and Access Control Lists | Into the Terminal 34"},{"content":"Before coming to Red Hat, I spent nearly a decade as a Systems Administrator. After all that time, I’m still continually discovering tools that would make life as a SysAdmin much easier. One of these utilities is the redhat-support-tool. In this post, we\u0026rsquo;ll walk you through using the tool in some real-world scenarios.\nWhat is the Red Hat support tool? #The support tool allows you to interact with the Red Hat knowledge base, support tickets, analyze log files, and even set site-wide configuration options, all from the command line! At first glance, that may not seem like a big deal but consider these real-world scenarios.\nWant to catch the rest of this post? Head over to the Red Hat blog!\n","date":"21 July 2022","permalink":"https://itguyeric.com/blog/using-red-hats-support-tool-at-the-command-line-to-solve-real-world-problems/","section":"Blog","summary":"Before coming to Red Hat, I spent nearly a decade as a Systems Administrator. After all that time, I’m still continually discovering tools that would make life as a SysAdmin much easier. One of these…","title":"Using Red Hat's support tool at the command line to solve real-world problems"},{"content":"dnf sits on top of RPM, and knowing the layer underneath makes you better at troubleshooting. This episode covers rpm.\nInto the Terminal \u0026middot; Episode 33 Open the full episode page \u0026rarr; What this episode covers:\nQuerying installed packages and what owns a file with rpm -q. Verifying package integrity to catch tampering or corruption. When to reach for rpm directly instead of dnf. Watch the full walkthrough above.\n","date":"15 July 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep33-rpm/","section":"Blog","summary":"Querying installed packages and what owns a file with \u003ccode\u003erpm -q\u003c/code\u003e.","title":"Managing Packages with RPM | Into the Terminal 33"},{"content":"A homelab favorite: running the services you self-host as rootless Podman containers instead of a pile of hand-installed packages.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 40 Open the full episode page \u0026rarr; What this episode covers:\nRootless Podman for safer, self-contained home services. Using systemd to keep containers running and starting at boot. Why this approach makes your homelab reproducible. Watch the full episode above.\n","date":"13 July 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep40-podman-home-services/","section":"Blog","summary":"RHEL Presents 40 on running home services with Podman.","title":"Podman-based Home Services | RHEL Presents Ep. 40"},{"content":"I am sure many sysadmins can relate to this scenario:\nYou get into work on Monday morning, attend your staff meeting, and log into your ticketing system, expecting a quiet week. NOPE! Right there in all caps (why do people use all caps in a ticket?) and marked Urgent is a request for a new application environment. Of course, the requester needs the new server up and running by the end of the week.\nYou are a savvy sysadmin. No problem, right? How hard could it be to deploy a new server with a database and web server? You thought ahead. You have templates for these things!\nThen that database server you spent all weekend trying to fix crashed again. That took all day. Tuesday was that company all-hands meeting. Wednesday, more meetings and fires. Now it\u0026rsquo;s nearly Friday. That urgent ticket with its all caps glares at you every time you log in to update a ticket.\nTime to be a hero! You close your email, mark your calendar as busy, and put on your headphones. You deploy your production template, but uh oh, that one is three minor versions behind.\nSo you check the one on your laptop. That one is running the latest version, woot, but nope, that one is running the \u0026ldquo;old\u0026rdquo; security tool. In desperation, you log in to your private cloud (say OpenStack). You know that template is up to date, but something corrupted the boot image, so now you can\u0026rsquo;t get a terminal.\nIn frustration, you return to your production image and just run the patches. You throw your hands up and add three new tickets to your queue to fix these out-of-date images.\nA new way to RHEL #If that feels familiar, you should connect with me on social media: @itguyeric. I think it\u0026rsquo;s about time we start a club, support group, or something. While that may be an amusing anecdote, it was true of my experience for a good chunk of my operations career. And not just for me, but for many of you who work in the trenches daily keeping companies, universities, and governments up and running.\nDeploying an operating system is expensive. It costs resources (hardware or compute time) and something far more precious: the time and attention of a sysadmin.\nDo not despair; those days of managing images across platforms, versions, and configurations are swiftly closing. The issue of template management is where image builder comes into play.\nRed Hat Enterprise Linux\u0026rsquo;s (RHEL) image builder saves time and reduces complexity when deploying optimized systems across datacenters and cloud footprints.\nImage builder comes in three flavors: command line, local install (on a RHEL host), or Red Hat\u0026rsquo;s hosted service. No matter which flavor you choose, you\u0026rsquo;ll be able to design optimized images for your targeted platforms: hardware, qcow2 or vmdk, or cloud image.\nImage builder workflow #You can break down the image builder process into five steps:\nSelect your platform. Choose one of the three big cloud providers, a virtual image, or a hardware installer for servers or edge devices. Select your image builder tool. Choose between an on-premises build or the hosted solution. Create a blueprint. Define filesystems, select packages, and configure users. Build the image. Pick virtual, AWS, GCP, Azure, VMware, or ISO types. Deploy your instance. Not just one, either. Image builder helps create images to deploy anywhere, anytime. How does it work? #I sense some disbelief, so I\u0026rsquo;ll walk through an example. And if you prefer to learn by watching, check out my video at the bottom of this article.\nFirst, log in to the tool at console.redhat.com. Once you\u0026rsquo;ve logged in with your Red Hat Customer Portal account, navigate to Red Hat Enterprise Linux and select Red Hat Insights.\nThe link for image builder is toward the bottom of the Insights panel (or just navigate straight to the tool).\nNow you can begin to create a new image.\nFrom the Create image wizard, you define how your image will look. First, choose between RHEL major releases. Versions 8 and 9 are currently available on the hosted service. Next, decide what kind of image to build.\nFor this example, imagine you want to deploy a production instance on Google Cloud Platform (GCP) but also have a qcow2 file to do testing and development work from your local laptop.\nNotice that when you select certain options, your breadcrumb trail adjusts to reflect the additional steps. For GCP, you can choose to share the template with a user account, a service account, a group account, or a domain.\nFor this example, I will just share it with my Red Hat account on GCP.\nNow, this is one of my favorite features: You can bake your registration into the image. All you need is a valid activation key setup in your customer portal. But that\u0026rsquo;s not all; you can also preconfigure your image to register with Red Hat Insights right from the template.\nOne of the newest additions to the image builder tool is manually configured filesystems. You can now define sizes and locations for multiple partitions. For this example, I\u0026rsquo;ll add a home partition, and also add a webapp directory under opt. I will set both of those to 5GB but leave the root at the default 10GB.\nNext stop, packages. There are literally thousands of packages available in the Red Hat repositories. You can add any combination of these packages to your image. For instance, I am a huge fan of tmux, a terminal multiplexer.\nI mentioned this would be a web application, so I\u0026rsquo;ll grab Nginx, too.\nWhat you cannot see from this menu is that image builder automatically added all the dependencies for tmux and Nginx to the image. That\u0026rsquo;s over 100 packages that it added to the list without any intervention.\nAll that is left is to give your image a descriptive name and review the choices. Image builder does the rest.\nBuilding an image varies greatly between how complex the image is, how large the actual image will be, and, like all shared services, how heavy of a load there is on the platform. In this demonstration, I saw between 10 and 18 minutes.\nOnce the images are done building, you can start deploying them. For the qcow2 image, I received a link to download the file directly from my browser. You can then upload it to a file share or hypervisor, or import it into your laptop for local use. Your options will vary depending on your choices above.\nYou receive an image name for the GCP image that you can use to copy the template into your GCP account. You can use it just as you would any other cloud image.\nWrap up #This article may sound like an infomercial for image builder, but the process is that easy. I have used many different tools over the years: Documenting the process in text files, complicated Kickstart scripts, or VM templates. Image builder has been the easiest to incorporate into the workflow for my home lab and for the content I help develop for Red Hat Enterprise Linux.\nWith different platforms, formats, and combinations of settings, image builder quickly meets the needs of any number of operations projects.\nPlease don\u0026rsquo;t take my word for it, though. Try it for yourself. Either visit the hosted service or try out our two Image Builder labs. The first is web console-based and the second relies on the command line interface.\nHere\u0026rsquo;s a demo video we made of the full process.\nhttps://www.youtube.com/embed/F3h9tPzrJvg\nThis article is based on \u0026ldquo;The new way to Install Red Hat Enterprise Linux: image builder service\u0026rdquo; from Red Hat Summit 2022 and was originally published on the EnableSysAdmin blog.\n","date":"11 July 2022","permalink":"https://itguyeric.com/blog/how-to-install-rhel-a-new-way-with-image-builder/","section":"Blog","summary":"I am sure many sysadmins can relate to this scenario:","title":"How to install RHEL a new way with image builder"},{"content":"If a dropped SSH session has ever killed a long job, tmux is the fix. This episode covers it.\nInto the Terminal \u0026middot; Episode 32 Open the full episode page \u0026rarr; What this episode covers:\nSessions, windows, and panes to organize your work. Detaching and reattaching so remote work survives disconnects. A few key bindings that make it click. Watch the full walkthrough above.\n","date":"8 July 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep32-using-tmux/","section":"Blog","summary":"Sessions, windows, and panes to organize your work.","title":"Using Tmux | Into the Terminal 32"},{"content":"Containers are core to modern Linux, and RHEL uses Podman. This episode covers deploying them.\nInto the Terminal \u0026middot; Episode 31 Open the full episode page \u0026rarr; What this episode covers:\nRunning, listing, and managing containers with podman. Why rootless, daemonless Podman is a safer default. Pulling images and mapping ports and volumes. Watch the full walkthrough above.\n","date":"30 June 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep31-deploying-containers/","section":"Blog","summary":"Running, listing, and managing containers with \u003ccode\u003epodman\u003c/code\u003e.","title":"Deploying Containers | Into the Terminal 31"},{"content":"RHEL is a capable hypervisor in its own right. This episode covers running VMs on it.\nInto the Terminal \u0026middot; Episode 30 Open the full episode page \u0026rarr; What this episode covers:\nCreating and managing VMs with virsh and virt-manager. How KVM and libvirt fit together under the hood. Using a RHEL host as a homelab hypervisor. Watch the full walkthrough above.\n","date":"23 June 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep30-virtual-machines/","section":"Blog","summary":"Creating and managing VMs with \u003ccode\u003evirsh\u003c/code\u003e and virt-manager.","title":"Working with Virtual Machines | Into the Terminal 30"},{"content":"You live in this thing all day, so make it comfortable. This episode covers customizing your shell.\nInto the Terminal \u0026middot; Episode 29 Open the full episode page \u0026rarr; What this episode covers:\nAliases and functions for the commands you run constantly. Tuning your prompt and .bashrc for signal, not clutter. Small quality-of-life tweaks that add up over a career. Watch the full walkthrough above.\n","date":"16 June 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep29-customizing-your-terminal/","section":"Blog","summary":"Aliases and functions for the commands you run constantly.","title":"Customizing Your Terminal | Into the Terminal 29"},{"content":"Right after the RHEL 9 launch, this episode looks forward — where the platform is heading next.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 39 Open the full episode page \u0026rarr; What this episode covers:\nImage-based and immutable directions for the OS. Edge and scale as first-class design targets. Automation and management woven deeper into the platform. Watch the full episode above.\n","date":"15 June 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep39-future-of-rhel/","section":"Blog","summary":"RHEL Presents 39 on the future direction of RHEL.","title":"The Future of RHEL | RHEL Presents Ep. 39"},{"content":"RHEL System Roles are the easy on-ramp to automation because Red Hat writes and supports the Ansible content. This episode introduces them.\nInto the Terminal \u0026middot; Episode 28 Open the full episode page \u0026rarr; What this episode covers:\nSupported roles for networking, storage, timesync, and more. Applying consistent config across many systems. Where System Roles sit relative to full Ansible playbooks. Watch the full walkthrough above.\n","date":"9 June 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep28-system-roles/","section":"Blog","summary":"Supported roles for networking, storage, timesync, and more.","title":"System Roles | Into the Terminal 28"},{"content":"When something breaks, the logs already told you why. This episode covers reading them on RHEL.\nInto the Terminal \u0026middot; Episode 27 Open the full episode page \u0026rarr; What this episode covers:\nQuerying the systemd journal with journalctl. Filtering by unit, time, and priority to cut noise. Where traditional /var/log files still matter. Watch the full walkthrough above.\n","date":"2 June 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep27-logs-troubleshooting/","section":"Blog","summary":"Querying the systemd journal with \u003ccode\u003ejournalctl\u003c/code\u003e.","title":"Using Logs for Troubleshooting | Into the Terminal 27"},{"content":"From creating technical labs, blogs, and videos to pairing customers\u0026rsquo; problems with product features, technical marketers never see a dull moment.\nSlide-deck builder, swag folks, booth dwellers, buzzword people\u0026hellip; technical marketing gets a bad rap sometimes. Today, I want to set the record straight. Marketing can be a chaotic, challenging, yet rewarding space to work in\u0026hellip; and there\u0026rsquo;s also some swag involved.\nI\u0026rsquo;ve held several different roles before finding my home as a technical marketing manager (TMM), including support engineer, systems administrator, and solutions architect (technical sales), to name a few. None of those roles quite brought me the thrill and fulfillment that my current position does. What does a TMM do day-to-day? What skills and tools do you use? What traits do you need to succeed?\nWant to catch the rest of this article? Head on over to the Enable Sysadmin blog!\n","date":"2 June 2022","permalink":"https://itguyeric.com/blog/what-is-a-technical-marketing-manager/","section":"Blog","summary":"From creating technical labs, blogs, and videos to pairing customers\u0026rsquo; problems with product features, technical marketers never see a dull moment.","title":"What is a technical marketing manager?"},{"content":"RHEL 9 is here. This is the launch episode covering the headline changes in the new major version.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 38 Open the full episode page \u0026rarr; What this episode covers:\nThe CentOS Stream 9 lineage and a fresh, modern package base. Tightened security defaults and updated crypto policies. Management and automation improvements aimed at day-two operations. Watch the full episode above.\n","date":"1 June 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep38-whats-new-rhel-9/","section":"Blog","summary":"RHEL Presents 38 on the RHEL 9 release.","title":"What's New in RHEL 9 | RHEL Presents Ep. 38"},{"content":"By this point I had moved on from co-hosting, so this was a guest return to the show I helped start. Episode 52 is all about RHEL 9 — what shipped, what it meant for enterprise Linux, and where things were heading.\nSudo Show \u0026middot; Episode 52 Open the full episode page \u0026rarr; ","date":"26 May 2022","permalink":"https://itguyeric.com/blog/sudo-show-52-keeping-it-rhel-9/","section":"Blog","summary":"A guest return to Sudo Show 52 to talk RHEL 9 and enterprise Linux.","title":"Keeping It RHEL 9 | Sudo Show 52"},{"content":"Insights turns your RHEL fleet from a black box into something that tells you what needs attention. This episode is the intro.\nInto the Terminal \u0026middot; Episode 26 Open the full episode page \u0026rarr; What this episode covers:\nRegistering systems and reading advisor recommendations. Vulnerability, compliance, and drift services in one place. Why Insights is included and worth turning on. Watch the full walkthrough above.\n","date":"26 May 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep26-red-hat-insights/","section":"Blog","summary":"Registering systems and reading advisor recommendations.","title":"Red Hat Insights | Into the Terminal 26"},{"content":"","date":null,"permalink":"https://itguyeric.com/series/sudo-show/","section":"Series","summary":"","title":"Sudo Show"},{"content":"","date":null,"permalink":"https://itguyeric.com/tags/sudo-show/","section":"Tags","summary":"","title":"Sudo Show"},{"content":"These days it can be overwhelming to select the best software to use because now more than ever, choices are abundant when it comes to software. Messaging and Communications apps are a great example of that because there are so many options out there. What if you’re looking for a messaging app that is scaleable and privacy-focused? It can be even harder.\nThanks to the Element team, I’ve got a great option to show you. Element, previously known as Riot.im, is a cross-platform client that works on the Matrix protocol. What does that mean? Is Neo the One? Well, let’s talk about the protocol and why you should consider using this great messaging platform.\nWhat Is Matrix? # The Matrix team describes it as an “open standard for secure, de-centralized, real-time communication”. First, it\u0026rsquo;s open-source, more eyes equals better code. We all know how much I love open source…but for the uninitiated, that means more people can read and study the code, security vulnerabilities can be found and fixed faster, and other projects and contributors can build effective integrations into the source project.\nSecond, it\u0026rsquo;s decentralized. This is a little more complicated, but think of it this way, when you stand up an instance of a decentralized application, that is your space. This could be for a family, a meetup, or a company. Everything would be self-contained until you make your instance discoverable. At that point, you@yourhomeserver.com can reach out into the world and find say friend@anotherserver.com.\nThirdly, Matrix supports real-time communications. This includes collaboration, messaging, voice, and even video! Matrix provides a series of encryption algorithms and bridges to facilitate end-user applications to communicate with one another. You may use Etherpad for real-time collaborative document editing, Jitsi for video conferencing, and in today’s blog post, Element for messaging.\nSome of the most popular bridges for Matrix are IRC and Gitter. The Open Source Community jumps in with some of their own too, including Telegram and Google Hangouts.\nMatrix enables the communications between these platforms within an instance or throughout the interconnected network of Matrix instances across the Internet.\nWhat is Element? # If Matrix is the network, then the Element client is the vehicle that allows you to traverse that network; Element is the interface for text, voice, and video conversations. Just like the Matrix protocol, the Element client is completely open-source!\nWith the ability to bridge between different apps like Slack right into the Element interface, you no longer need to install and maintain a dozen different apps just to keep in touch with friends, family, work, your volunteer group, your work’s other chat client…you get the idea.\nCreate an account, activate the needed integrations, and chat with anyone, anywhere on any number of different platforms. Enjoy a 1:1 conversation or hundreds of participants in public rooms.\nBonus: One of my favorite features? Notifications management. I can have every notification from every room, set it to only being notified if I am tagged, or never get any notifications…ever. But Element didn’t stop there, nope, they have one of my favorite notification settings I have ever seen: keyword notifications.\nLet’s say I want to know any time someone is talking about dogs. I can add keywords to my configuration and get notified anytime someone says dog, dogs, cats drool, you get the idea!\nElement has the option to join the central server at Matrix.org, host your own instance on your own server, or pay a monthly fee for a secure, hosted option. In fact, from their website, you can get up to 5 active users a month for as little as $2/month (USD).\nCreating Your Account #It’s now time for you to enter the Matrix and get into your Element. See what I did there? Alright, to get started you will need to create an account. One of the best things about Element is that you can use it on all sorts of devices like your laptop, tablet, phone, or whatever.\nFor this guide, I’m going to show you how to do it on the Web client in your browser. So open up your favorite browser, such as Mozilla Firefox, and navigate to https://app.element.io.\nYour browser will likely ask you to allow access to persistent storage. Accept it that way Element can store your keys, messages, etc. Next, we are going to create an account.\nWe could create our account on Matrix.Org, but here is a little pro tip: The central server in a federation usually is over-taxed and prone to lag. So, if you know of another public-facing instance, that would be a good bet.\nLucky for us, the community has some awesome members that manage LinuxDelta.com, a community-driven hub for information on Linux distributions, tutorials, and a Matrix server! Instead of using the Matrix.Org option, we are going to go to Advanced/Other:\nIn the ‘Homeserver URL’ field, type in: https://matrix.linuxdelta.com and click on the green next button. Next, it’s time to create a username. The username will be your display name as well so keep this in mind as you decide. This is what people will see you responding as and how they can tag or search for you! Then create a password, make sure it\u0026rsquo;s complex. No sense in skimping on security especially if you are utilizing a password manager, like Bitwarden for instance.\nMe personally, I am a content creator and a community advocate. I want to be found in the open-source community, so, I would add an email so people can look me up via email. If you do, you’ll of course be sent the customary email confirmation link. For now, though, let’s go ahead and sign in.\nOnce you have filled in your username, password, and email go ahead and click the green Register button!\nThis next step is tricky but stay with me. One of the advantages of Element we discussed was end-to-end encryption. We need to generate a Security Key (that is different from our password!). I typically recommend using a system-generated key. Then you can use a secure note somewhere to store the key.\nDisclaimer – I changed the security key after writing this blog post, so, don’t think you can get into my account that easily. :D\nOnce you’ve saved your key somewhere safe, go ahead and enable notifications and read through some of Element\u0026rsquo;s recent announcements.\nGetting Connected #You are sitting with a brand new, secured account. Now what? Well, Element is a communication platform, let’s find some people to communicate with!\nIn the middle of the window, there is the option to “Explore Public Rooms”. Let’s click there. Element will default to your home instance, in this case, LinuxDelta.com.\nGet connected to The Geek Lab, for instance, by clicking join. That will put you in touch with hundreds of other technology enthusiasts like yourself who hang out, chat, and help each other fix technical problems.\nWant to get connected to the broader world? Go back to the Explore button, next to the search bar. In the window we saw before, we have the option to create a new room or select a different server. Let’s hop over to Matrix.org.\nThere are literally thousands of public rooms covering a crazy number of different topics. Many open-source projects have communities on Matrix. There are HAM radio enthusiasts, D\u0026amp;D (Dungeon and Dragon) hangouts, and even region-focused rooms.\nThe join process is exactly the same though for a different server, just find a room you want, click join, and start chatting.\nThere is plenty more to do and discover. From 1 on 1 conversation, adding bridges, and initiating video calls. However, for now, that is all the deeper we will go!\nClosing Thoughts #You may be surprised to hear that this is not paid content. I wrote this because I believe in Element. I believe that Matrix is going to have a HUGE part to play in the years to come. There are SO many (read too many) apps to keep track of. Many of them have ads or tracking built-in, or are limited to voice or text. Element, powered by Matrix, has it all. The integrations keep getting better. More and more bridges keep getting built (no pun intended, okay, maybe a little pun).\nOpen Source is the key. E2E (End to End Encryption) will ensure that your private conversations stay private… You know, I haven’t even mentioned the beautiful interface or that the Element Team releases new features on a frequent basis.\nSo go sign up and give Element \u0026amp; the Matrix protocol a try! When you get your account registered, be sure to look me up: itguyeric@one.ems.host\n(This article was originally posted here and is used and updated with permission.)\n","date":"25 May 2022","permalink":"https://itguyeric.com/blog/beginners-guide-how-to-get-started-with-element-matrix/","section":"Blog","summary":"These days it can be overwhelming to select the best software to use because now more than ever, choices are abundant when it comes to software. Messaging and Communications apps are a great example…","title":"Beginner’s Guide: How To Get Started With Element \u0026 Matrix"},{"content":"Not everything you need ships in the base repos. This episode covers adding third-party sources without wrecking your system.\nInto the Terminal \u0026middot; Episode 25 Open the full episode page \u0026rarr; What this episode covers:\nEnabling EPEL and other trusted repositories. Repo priorities so extras do not override base packages. Weighing supportability before you add a source. Watch the full walkthrough above.\n","date":"19 May 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep25-third-party-repositories/","section":"Blog","summary":"Enabling EPEL and other trusted repositories.","title":"Third-Party Repositories | Into the Terminal 25"},{"content":"Few topics generated more confusion than the CentOS Stream shift. This episode tries to set the record straight.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 37 Open the full episode page \u0026rarr; What this episode covers:\nCentOS Stream as the continuously-delivered upstream of the next RHEL minor release. How Stream differs from the old rebuild-of-RHEL model. Where Stream fits for testing and contribution versus production. Watch the full episode above.\n","date":"18 May 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep37-centos-in-the-stream/","section":"Blog","summary":"RHEL Presents 37 explaining CentOS Stream.","title":"CentOS in the Stream | RHEL Presents Ep. 37"},{"content":"A RHEL subscription is more than packages. This episode covers the resources that come with it.\nInto the Terminal \u0026middot; Episode 24 Open the full episode page \u0026rarr; What this episode covers:\nNavigating the Customer Portal and knowledge base. Opening and working support cases effectively. Tools like sos reports that speed up support. Watch the full walkthrough above.\n","date":"5 May 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep24-connecting-with-red-hat/","section":"Blog","summary":"Navigating the Customer Portal and knowledge base.","title":"Connecting with Red Hat | Into the Terminal 24"},{"content":"Encrypting disks is easy; unlocking hundreds of them at boot without typing a passphrase is the hard part. This episode covers LUKS and NBDE.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 36 Open the full episode page \u0026rarr; What this episode covers:\nLUKS for full-disk encryption of data at rest on RHEL. Network-Bound Disk Encryption (NBDE) with Tang and Clevis for automatic unlock. Why this combo lets you encrypt fleets without a human at every reboot. Watch the full episode above.\n","date":"4 May 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep36-luks-nbde/","section":"Blog","summary":"RHEL Presents 36 on LUKS disk encryption and NBDE.","title":"Securing Data at Rest with LUKS and NBDE | RHEL Presents Ep. 36"},{"content":"For compliance or training, sometimes you need a record of what happened in a session. This episode covers session recording.\nInto the Terminal \u0026middot; Episode 23 Open the full episode page \u0026rarr; What this episode covers:\nCapturing terminal sessions with tlog and SSSD. Replaying recorded sessions for audit or teaching. Where this fits regulated and shared-access environments. Watch the full walkthrough above.\n","date":"28 April 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep23-session-recording/","section":"Blog","summary":"Capturing terminal sessions with \u003ccode\u003etlog\u003c/code\u003e and SSSD.","title":"Session Recording | Into the Terminal 23"},{"content":"Subscriptions get more interesting once you have more than one system. This episode goes deeper on managing them.\nInto the Terminal \u0026middot; Episode 22 Open the full episode page \u0026rarr; What this episode covers:\nTracking what you have purchased versus what you use. Activation keys for registering systems consistently. Keeping entitlements tidy across a growing fleet. Watch the full walkthrough above.\n","date":"21 April 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep22-subscription-management/","section":"Blog","summary":"Tracking what you have purchased versus what you use.","title":"Subscription Management | Into the Terminal 22"},{"content":"This one is about the Technical Account Manager role — what a TAM actually does and how the best customers get real value from that relationship.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 35 Open the full episode page \u0026rarr; Watch the full episode above.\n","date":"20 April 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep35-tams/","section":"Blog","summary":"RHEL Presents 35 on the Technical Account Manager role at Red Hat.","title":"TAMs: Getting the Most with Red Hat | RHEL Presents Ep. 35"},{"content":"A follow-on to the SELinux basics, this episode gets into networking contexts and booleans.\nInto the Terminal \u0026middot; Episode 21 Open the full episode page \u0026rarr; What this episode covers:\nHow SELinux handles ports and network access. Using booleans like httpd_can_network_connect to allow specific behavior. Toggling booleans persistently with setsebool -P. Watch the full walkthrough above.\n","date":"14 April 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep21-selinux-booleans/","section":"Blog","summary":"How SELinux handles ports and network access.","title":"SELinux Networking and Booleans | Into the Terminal 21"},{"content":"Once a script has to make decisions, you need control flow. This episode adds ifs and loops to your toolkit.\nInto the Terminal \u0026middot; Episode 20 Open the full episode page \u0026rarr; What this episode covers:\nConditionals with if/test and comparison operators. Looping over files and lists with for and while. Building scripts that react instead of just running top to bottom. Watch the full walkthrough above.\n","date":"7 April 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep20-scripting-loops/","section":"Blog","summary":"Conditionals with \u003ccode\u003eif\u003c/code\u003e/\u003ccode\u003etest\u003c/code\u003e and comparison operators.","title":"Ifs, Loops, and Scripting | Into the Terminal 20"},{"content":"A topic close to my heart: building a home lab on RHEL, and using the free Developer Subscription to do it legitimately.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 34 Open the full episode page \u0026rarr; What this episode covers:\nThe no-cost RHEL Developer Subscription for individual use. Why practicing on the real thing beats practicing on a clone. Home lab projects that map directly to skills you use at work. Watch the full episode above.\n","date":"6 April 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep34-rhel-home-labs/","section":"Blog","summary":"RHEL Presents 34 on building a RHEL-based home lab.","title":"RHEL-based Home Labs | RHEL Presents Ep. 34"},{"content":"Patching is the least glamorous and most important thing you do. This episode covers doing it deliberately.\nInto the Terminal \u0026middot; Episode 19 Open the full episode page \u0026rarr; What this episode covers:\nApplying updates with dnf and understanding what changed. Staging and testing before you patch production. Why a patching cadence beats patching in a panic. Watch the full walkthrough above.\n","date":"31 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep19-patching-practices/","section":"Blog","summary":"Applying updates with \u003ccode\u003ednf\u003c/code\u003e and understanding what changed.","title":"Patching Practices | Into the Terminal 19"},{"content":"If you have typed the same commands twice, you should have scripted it. This episode covers the basics of Bash scripting.\nInto the Terminal \u0026middot; Episode 18 Open the full episode page \u0026rarr; What this episode covers:\nStructure of a script: shebang, variables, and arguments. Making scripts executable and putting them on your PATH. Where a shell script is the right tool and where it is not. Watch the full walkthrough above.\n","date":"30 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep18-writing-shell-scripts/","section":"Blog","summary":"Structure of a script: shebang, variables, and arguments.","title":"Writing Shell Scripts | Into the Terminal 18"},{"content":"Speed at the command line is mostly muscle memory. This episode covers the shell tricks that add up.\nInto the Terminal \u0026middot; Episode 17 Open the full episode page \u0026rarr; What this episode covers:\nCommand history, tab completion, and keyboard shortcuts. Redirection and pipes to chain small tools together. Why the shell itself is a productivity tool. Watch the full walkthrough above.\n","date":"29 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep17-manipulating-the-cli/","section":"Blog","summary":"Command history, tab completion, and keyboard shortcuts.","title":"Manipulating the CLI | Into the Terminal 17"},{"content":"The best sysadmins are great at finding answers fast. This episode covers the help that ships with RHEL.\nInto the Terminal \u0026middot; Episode 15 Open the full episode page \u0026rarr; What this episode covers:\nReading man pages and navigating them efficiently. Using --help and tldr-style quick references. Where the on-system docs beat a web search. Watch the full walkthrough above.\n","date":"25 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep15-built-in-help/","section":"Blog","summary":"Reading \u003ccode\u003eman\u003c/code\u003e pages and navigating them efficiently.","title":"Built-in Help | Into the Terminal 15"},{"content":"SELinux has a reputation as the first thing people disable when something breaks. This episode of Into the Terminal makes the case for leaving it on and actually understanding it, because on RHEL it is one of the strongest layers of defense you already have.\nInto the Terminal \u0026middot; Episode 14 Open the full episode page \u0026rarr; What this episode covers:\nThe three modes. Enforcing blocks and logs, permissive only logs (great for troubleshooting without breaking things), and disabled turns it off entirely — and why setenforce 0 for a test is very different from disabling it in config. Contexts are the whole game. Every file, process, and port carries an SELinux context, and most \u0026ldquo;SELinux problems\u0026rdquo; are really just a label that does not match — which is why ls -Z, ps -Z, and restorecon matter more than the off switch. Booleans let you say yes without weakening everything. Toggles like httpd_can_network_connect open up specific, intended behavior instead of forcing an all-or-nothing choice. Reading a denial. How to use the audit log and tools like sealert/ausearch to see exactly what was blocked and why, so you can fix the label or set a boolean rather than reaching for permissive. If SELinux has ever cost you an afternoon, this episode is the one that turns it from an enemy into a tool. Watch the full walkthrough above.\n","date":"24 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep14-selinux/","section":"Blog","summary":"SELinux on RHEL without the fear: enforcing vs permissive vs disabled, how contexts and booleans work, and how to read a denial and fix it the right way.","title":"SELinux | Into the Terminal 14"},{"content":"A host firewall is your last line when something else gets exposed. This episode covers firewalld on RHEL.\nInto the Terminal \u0026middot; Episode 13 Open the full episode page \u0026rarr; What this episode covers:\nZones, services, and ports in firewall-cmd. Making rule changes permanent instead of runtime-only. Why a default-deny posture is worth the small effort. Watch the full walkthrough above.\n","date":"23 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep13-firewall/","section":"Blog","summary":"Zones, services, and ports in \u003ccode\u003efirewall-cmd\u003c/code\u003e.","title":"Firewall | Into the Terminal 13"},{"content":"You cannot really understand RHEL without understanding Fedora. This episode gets into what Fedora is and how it feeds the pipeline.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 33 Open the full episode page \u0026rarr; What this episode covers:\nFedora as the fast-moving upstream where new tech lands first. The Fedora to CentOS Stream to RHEL flow of ideas and code. Why running Fedora makes you a better RHEL admin. Watch the full episode above.\n","date":"23 March 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep33-get-to-know-fedora/","section":"Blog","summary":"RHEL Presents 33 on Fedora and its relationship to RHEL.","title":"Get to Know Fedora | RHEL Presents Ep. 33"},{"content":"Running as root all the time is a mistake. This episode covers getting privilege only when you need it.\nInto the Terminal \u0026middot; Episode 12 Open the full episode page \u0026rarr; What this episode covers:\nThe difference between su and sudo. Granting scoped access through /etc/sudoers and sudoers.d. Why sudo\u0026rsquo;s logging makes it the better default. Watch the full walkthrough above.\n","date":"22 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep12-sudo-and-su/","section":"Blog","summary":"The difference between \u003ccode\u003esu\u003c/code\u003e and \u003ccode\u003esudo\u003c/code\u003e.","title":"sudo and su | Into the Terminal 12"},{"content":"Networking is where a lot of admins get stuck. This episode covers the modern RHEL way with NetworkManager.\nInto the Terminal \u0026middot; Episode 11 Open the full episode page \u0026rarr; What this episode covers:\nManaging connections and devices with nmcli and nmtui. Setting static IPs, DNS, and routes the supported way. Why hand-editing ifcfg files is the old approach. Watch the full walkthrough above.\n","date":"21 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep11-networking/","section":"Blog","summary":"Managing connections and devices with \u003ccode\u003enmcli\u003c/code\u003e and \u003ccode\u003enmtui\u003c/code\u003e.","title":"Networking | Into the Terminal 11"},{"content":"Not everything has to happen at the prompt. This episode tours the RHEL web console.\nInto the Terminal \u0026middot; Episode 10 Open the full episode page \u0026rarr; What this episode covers:\nManaging services, storage, and networking from Cockpit. Reading logs and metrics in the browser. Where the web console complements the CLI for newer admins. Watch the full walkthrough above.\n","date":"18 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep10-web-console/","section":"Blog","summary":"Managing services, storage, and networking from Cockpit.","title":"Web Console | Into the Terminal 10"},{"content":"Sooner or later you add a disk, and Linux storage has a few layers. This episode walks up the stack.\nInto the Terminal \u0026middot; Episode 9 Open the full episode page \u0026rarr; What this episode covers:\nPartitioning devices and creating filesystems. Mounting storage and making it persistent in /etc/fstab. Where LVM fits when you need flexibility. Watch the full walkthrough above.\n","date":"17 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep09-disk-management/","section":"Blog","summary":"Partitioning devices and creating filesystems.","title":"Disk Management | Into the Terminal 09"},{"content":"A RHEL box without a subscription cannot get updates. This episode covers registration and subscription management.\nInto the Terminal \u0026middot; Episode 8 Open the full episode page \u0026rarr; What this episode covers:\nRegistering with subscription-manager. Attaching subscriptions and enabling the right repos. How simple content access streamlines the whole thing. Watch the full walkthrough above.\n","date":"16 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep08-managing-subscriptions/","section":"Blog","summary":"Registering with \u003ccode\u003esubscription-manager\u003c/code\u003e.","title":"Managing Subscriptions | Into the Terminal 08"},{"content":"A clean install sets the tone for everything after. This episode walks through the RHEL installer end to end.\nInto the Terminal \u0026middot; Episode 7 Open the full episode page \u0026rarr; What this episode covers:\nWorking through the Anaconda installer screens. Partitioning and storage choices that matter later. Registering the system during or after install. Watch the full walkthrough above.\n","date":"15 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep07-installation/","section":"Blog","summary":"Working through the Anaconda installer screens.","title":"Installation | Into the Terminal 07"},{"content":"Before you install RHEL you have to get it, and that is less obvious than it sounds. This episode covers your options.\nInto the Terminal \u0026middot; Episode 6 Open the full episode page \u0026rarr; What this episode covers:\nThe no-cost Developer Subscription for individual use. Downloading ISOs and images from the customer portal. Why you do not need to pirate or clone to learn RHEL. Watch the full walkthrough above.\n","date":"14 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep06-getting-rhel/","section":"Blog","summary":"The no-cost Developer Subscription for individual use.","title":"Getting RHEL | Into the Terminal 06"},{"content":"SSH is how you actually reach your servers, so getting it right matters. This episode covers configuring and hardening it.\nInto the Terminal \u0026middot; Episode 5 Open the full episode page \u0026rarr; What this episode covers:\nConnecting and configuring the client and server sides. Key sshd_config settings worth changing from the defaults. Basic hardening before a box faces the network. Watch the full walkthrough above.\n","date":"11 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep05-managing-ssh/","section":"Blog","summary":"Connecting and configuring the client and server sides.","title":"Managing SSH | Into the Terminal 05"},{"content":"Everything that runs in the background is a service, and on RHEL that means systemd. This episode covers driving it.\nInto the Terminal \u0026middot; Episode 4 Open the full episode page \u0026rarr; What this episode covers:\nStarting, stopping, enabling, and checking services with systemctl. Reading unit status to see why something failed. The difference between a running service and an enabled one. Watch the full walkthrough above.\n","date":"10 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep04-service-administration/","section":"Blog","summary":"Starting, stopping, enabling, and checking services with \u003ccode\u003esystemctl\u003c/code\u003e.","title":"Service Administration | Into the Terminal 04"},{"content":"SAP is one of the heaviest enterprise workloads there is, and RHEL for SAP is a whole specialized flavor. This episode covers deploying it.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 32 Open the full episode page \u0026rarr; What this episode covers:\nWhy SAP HANA needs a tuned, certified OS underneath it. What RHEL for SAP Solutions bundles that base RHEL does not. The lifecycle and support expectations around SAP deployments. Watch the full episode above.\n","date":"9 March 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep32-deploying-sap/","section":"Blog","summary":"RHEL Presents 32 on deploying SAP on RHEL.","title":"Deploying SAP | RHEL Presents Ep. 32"},{"content":"On RHEL you do not download installers, you use the package manager. This episode covers dnf and the repo model.\nInto the Terminal \u0026middot; Episode 3 Open the full episode page \u0026rarr; What this episode covers:\nInstalling, updating, and removing packages with dnf. Searching for packages and finding what provides a file. How repositories feed the whole system. Watch the full walkthrough above.\n","date":"9 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep03-installing-software/","section":"Blog","summary":"Installing, updating, and removing packages with \u003ccode\u003ednf\u003c/code\u003e.","title":"Installing Software | Into the Terminal 03"},{"content":"Once you have users and groups, permissions are how you control who can touch what. This episode demystifies the rwx model.\nInto the Terminal \u0026middot; Episode 2 Open the full episode page \u0026rarr; What this episode covers:\nReading ls -l output without guessing. Setting permissions with chmod (symbolic and octal) and ownership with chown. The difference permissions mean for files versus directories. Watch the full walkthrough above.\n","date":"8 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep02-file-permissions/","section":"Blog","summary":"Reading \u003ccode\u003els -l\u003c/code\u003e output without guessing.","title":"File Permissions | Into the Terminal 02"},{"content":"Everything on Linux is owned by someone, which makes users and groups the foundation of the whole permissions model. This episode covers the basics.\nInto the Terminal \u0026middot; Episode 1 Open the full episode page \u0026rarr; What this episode covers:\nCreating and modifying accounts with useradd, usermod, and passwd. How primary and supplementary groups actually work. Why good group design saves you pain later. Watch the full walkthrough above.\n","date":"7 March 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep01-users-and-groups/","section":"Blog","summary":"Creating and modifying accounts with \u003ccode\u003euseradd\u003c/code\u003e, \u003ccode\u003eusermod\u003c/code\u003e, and \u003ccode\u003epasswd\u003c/code\u003e.","title":"Users and Groups | Into the Terminal 01"},{"content":"Every series needs an episode zero. This one lays out what Into the Terminal is about: hands-on, no-fluff RHEL command-line skills.\nInto the Terminal \u0026middot; Episode 0 Open the full episode page \u0026rarr; What this episode covers:\nThe format: short, practical, command-line-focused episodes. Who it is for: new and growing RHEL admins. Why building CLI muscle memory beats memorizing GUIs. Watch the full walkthrough above.\n","date":"23 February 2022","permalink":"https://itguyeric.com/blog/into-the-terminal-ep00-announcement/","section":"Blog","summary":"The format: short, practical, command-line-focused episodes.","title":"Show Announcement! | Into the Terminal 00"},{"content":"With RHEL 9 on the horizon, this episode lays out what to expect from the new major version.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 31 Open the full episode page \u0026rarr; What this episode covers:\nThe CentOS Stream-based development model behind RHEL 9. Updated security defaults and crypto policies to plan for. What a major-version bump means for your upgrade planning. Watch the full episode above.\n","date":"23 February 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep31-what-to-know-rhel-9/","section":"Blog","summary":"RHEL Presents 31 previewing RHEL 9.","title":"What to Know about RHEL 9 | RHEL Presents Ep. 31"},{"content":"The RHEL web console keeps quietly absorbing more of the admin job. This episode tours what Cockpit can do now.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 30 Open the full episode page \u0026rarr; What this episode covers:\nManaging services, storage, networking, and updates from the browser. Why the web console lowers the barrier for newer admins. Where it complements the command line rather than replacing it. Watch the full episode above.\n","date":"9 February 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep30-web-console/","section":"Blog","summary":"RHEL Presents 30 on the RHEL web console (Cockpit).","title":"What's Up with Web Console | RHEL Presents Ep. 30"},{"content":"","date":null,"permalink":"https://itguyeric.com/series/guest-appearances/","section":"Series","summary":"","title":"Guest Appearances"},{"content":"The Iron SysAdmin crew had me on for episode 115 to talk about how the job has changed. We got into the shift from racking hardware and hand-editing configs toward automation, cloud, and infrastructure as code — and the parts of the craft that never really change no matter how the tooling evolves.\nA fun, wide-ranging conversation about the trade. Watch the full episode above.\n","date":"27 January 2022","permalink":"https://itguyeric.com/blog/iron-sysadmin-115-sysadmin-changed/","section":"Blog","summary":"A guest spot on Iron SysAdmin 115 about how the sysadmin role has evolved: automation, cloud, IaC, and what stays the same underneath it all.","title":"How Has Systems Administration Changed | Iron SysAdmin 115"},{"content":"EPEL is one of those things everybody enables and few people fully understand. This episode demystifies it.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 29 Open the full episode page \u0026rarr; What this episode covers:\nWhat Extra Packages for Enterprise Linux is and who maintains it. Why EPEL packages are community-supported, not Red Hat-supported. Enabling it cleanly without letting it stomp on base RHEL packages. Watch the full episode above.\n","date":"26 January 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep29-demystifying-epel/","section":"Blog","summary":"RHEL Presents 29 demystifying EPEL.","title":"Demystifying EPEL | RHEL Presents Ep. 29"},{"content":"A decade ago the idea of SQL Server on Linux was a punchline. This episode covers actually deploying and running it on RHEL.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 28 Open the full episode page \u0026rarr; What this episode covers:\nInstalling and configuring SQL Server on RHEL from the Microsoft repos. Why a Windows-first database on Linux stopped being strange. Where a supported RHEL base matters for a production database. Watch the full episode above.\n","date":"12 January 2022","permalink":"https://itguyeric.com/blog/rhelpresents-ep28-sql-server-on-linux/","section":"Blog","summary":"RHEL Presents 28 on running Microsoft SQL Server on RHEL.","title":"Microsoft SQL Server on Linux | RHEL Presents Ep. 28"},{"content":"I was recently asked, \u0026ldquo;Why call yourself the IT Guy? Why not just use your name?\u0026rdquo; Great question! In the professional world, we are encouraged to \u0026ldquo;build a professional brand,\u0026rdquo; I just took it to an entirely different level.\nThere were a few minor reasons. One of which is privacy. I initially didn\u0026rsquo;t want my full name publicized all over the Internet. However, I eventually realized that anyone that wanted to figure out who I was badly enough could follow the breadcrumbs to LinkedIn. Another more humorous reason was that I used to hang out regularly on Linux Unplugged, a live podcast that features a Mumble room for guests to jump on and be a part of the hosts\u0026rsquo; discussion. When I first joined, I was \u0026ldquo;erich1527\u0026rdquo;. Little did I know that there was an Erich who worked with an open-source project and frequently came to hang out on the show as well. Having two Eric\u0026rsquo;s made it confusing for the host!\nWhen the IT Guy was born, I worked full-time as a Systems Administrator and part-time trying to start my own IT Consulting company in the Kansas City area. Granted, the consulting business withered away as life changed, kids came into the picture, and priorities shifted. However, it gave me the branding I wanted to create!\nI had a client at the time who had me handling an office move. When I walked in the day of the move, the lady behind the front desk leaned into the main conference room and, to her boss, said, \u0026ldquo;Hey the IT Guy is here.\u0026rdquo; I was hooked!\nI loved how simple the name was: \u0026ldquo;Eric the IT Guy\u0026rdquo;. It was generic but appropriate. The IT Guy could be any of us who deal a lot with technology and trying to get it to work. (Obviously, some of you might have to be the IT Gal\u0026hellip;but I digress.)\nI had colleagues in the technology space who helped me find a voice. I borrowed equipment from them, recorded sample episodes, started appearing on podcasts as The IT Guy. It stuck. It felt right!\nWhen I realized that the brand was working, I was at a DevOps conference here in Kansas City. I introduced myself as Eric, sporting my GitLab work t-shirt at the time. The dude I was chatting with said, \u0026ldquo;Wait. Eric\u0026hellip;Eric\u0026hellip;The IT Guy?\u0026rdquo; My response was a huge smile and \u0026ldquo;The one and only!\u0026rdquo;\nSome of you may laugh at the name Eric the IT Guy, but hey, it works. As the IT Guy, I try to help educate my fellow technologists. I try to bring exciting technologies to the forefront. I try to teach methodologies and techniques that can save you time and trouble that I dealt with as a Systems Administrator.\nDo you need to give yourself some cool nickname or create a personal logo? Probably not. Do you need to network, build connections, and share your knowledge? Most definitely!\nIf you aren\u0026rsquo;t sure how to grow your network, you can start by adding me! I am just about everywhere as @itguyeric. Find me, let\u0026rsquo;s chat; that\u0026rsquo;s all it takes to get started! One person, one conversation.\n","date":"6 January 2022","permalink":"https://itguyeric.com/blog/the-origin-of-eric-the-it-guy/","section":"Blog","summary":"I was recently asked, \u0026lsquo;Why call yourself the IT Guy? Why not just use your name?\u0026rsquo; Great question! In the professional world, we are encouraged to \u0026lsquo;build a professional brand,\u0026rsquo; I just took it to an…","title":"The Origin of Eric the IT Guy"},{"content":"With RHEL 6 at the end of its life cycle, staying on a supported release matters more than ever. In this short tech tip I walk through the Red Hat Upgrade Tool and show how it can carry a system from RHEL 6.10 to 7.9 without the cost and disruption of a full redeployment.\nA few things worth carrying away from this one:\nThis is not Leapp. I make the point in the video that the Red Hat Upgrade Tool is a separate, older path built on the pre-upgrade assistant and the Red Hat upgrade tool packages. For 7 to 8 and beyond, we moved to the Leapp tooling we cover in other videos. The pre-upgrade assistant does the homework first. I run it before touching anything so it can review the system, its configuration, and running services, then drops a full report under /root/preupgrade so I know what to expect. In place saves real time and money. Rather than rebuilding hardware, resubscribing, and reinstalling applications, I let the tool reboot into a temporary upgrade environment, lay down the RHEL 7 packages, and come back up on a new kernel already running 7.9. If RHEL 6 is still lurking in your fleet, this is the least painful way I know to get it current.\n","date":"17 December 2021","permalink":"https://itguyeric.com/blog/rhel-upgrade-6-to-7/","section":"Blog","summary":"I introduce the Red Hat Upgrade Tool and demonstrate an in-place upgrade from RHEL 6.10 to 7.9.","title":"Upgrade In Place from Red Hat Enterprise Linux 6 to 7"},{"content":"A change of pace — a relaxed fireside chat rather than a product deep-dive, looking back on the year in RHEL and the community around it.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 27 Open the full episode page \u0026rarr; Watch the full episode above.\n","date":"15 December 2021","permalink":"https://itguyeric.com/blog/rhelpresents-ep27-rhel-by-the-fireside/","section":"Blog","summary":"RHEL Presents 27, a fireside-chat episode on RHEL and community.","title":"RHEL By the Fireside | RHEL Presents Ep. 27"},{"content":"Keeping your operating system current no longer needs to be a chaos-inducing process. In this video I introduce Leapp and demonstrate an in-place upgrade from a vanilla RHEL 7.9 virtual machine to RHEL 8, so you can skip the rebuild-from-scratch treadmill.\nA few things worth carrying away from this one:\nEnable the extras repo, then install Leapp. Before anything else I turn on the server-extras RPM repository through subscription-manager and install the Leapp package. That is genuinely most of the setup. The answer file handles known incompatibilities. I walk through the Leapp answer file under /var/log/leapp, where a stanza tells Leapp to skip an incompatible PAM PKCS#11 module check so the pre-upgrade doesn\u0026rsquo;t fail on an issue that gets resolved during the upgrade itself. Leapp does the heavy lifting in passes. It inventories the host, swaps in the RHEL 8 repos, replaces base packages like glibc and the kernel, then the next layer like firewalld and NetworkManager, builds a new boot image, and relabels SELinux contexts on the final reboot. Give me one leaping pun and I\u0026rsquo;ll show you a much calmer upgrade window.\n","date":"10 December 2021","permalink":"https://itguyeric.com/blog/rhel-leapp-7-to-8/","section":"Blog","summary":"A walkthrough of using Leapp to upgrade a RHEL 7.9 system in place to RHEL 8.","title":"Upgrade from Red Hat Enterprise Linux 7 to 8 with Leapp"},{"content":"The year-in-review episode. Brandon and I look back on 2021 across open source and enterprise IT — the big stories, what surprised us, and a bit of reflection on the show\u0026rsquo;s own year.\nSudo Show \u0026middot; Episode 40 Open the full episode page \u0026rarr; ","date":"9 December 2021","permalink":"https://itguyeric.com/blog/sudo-show-40-2021-year-in-review/","section":"Blog","summary":"Sudo Show 40 — a look back at 2021 in open source and enterprise IT.","title":"2021, Year in Review | Sudo Show 40"},{"content":"One of the more fun episodes — using Podman to stand up game servers at home, and proving containers are not just an enterprise thing.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 26 Open the full episode page \u0026rarr; What this episode covers:\nRunning game servers as rootless Podman containers instead of bare installs. Why containerizing home services makes them easy to rebuild and move. Homelab as the best place to practice the container skills you use at work. Watch the full episode above.\n","date":"1 December 2021","permalink":"https://itguyeric.com/blog/rhelpresents-ep26-home-gaming-server-podman/","section":"Blog","summary":"RHEL Presents 26 building a home gaming server with Podman.","title":"Building a Home Gaming Server with Podman | RHEL Presents Ep. 26"},{"content":"Brandon and I get into edge computing on this one — pushing compute out to where the data actually lives, and the very real operational challenges of managing infrastructure that is scattered instead of centralized.\nSudo Show \u0026middot; Episode 38 Open the full episode page \u0026rarr; ","date":"11 November 2021","permalink":"https://itguyeric.com/blog/sudo-show-38-edge-of-it/","section":"Blog","summary":"Sudo Show 38 on edge computing.","title":"On the Edge of IT | Sudo Show 38"},{"content":"Every RHEL point release rolls up months of work, and this episode walks through what landed in 8.5.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 24 Open the full episode page \u0026rarr; What this episode covers:\nWeb console and management improvements that reduce day-two toil. Security and container updates worth reviewing before you rebuild a base image. The general theme of 8.x maturing into a steady, predictable platform. Watch the full episode above.\n","date":"3 November 2021","permalink":"https://itguyeric.com/blog/rhelpresents-ep24-whats-new-rhel-85/","section":"Blog","summary":"RHEL Presents 24 on the RHEL 8.5 release highlights.","title":"What's New in RHEL 8.5 | RHEL Presents Ep. 24"},{"content":"This is the Oracle Linux companion to my CentOS conversion walkthrough. I introduce Convert2RHEL and demo an in-place conversion of a vanilla Oracle Linux system to fully supported Red Hat Enterprise Linux. The process mirrors the CentOS one, with one important twist specific to Oracle.\nA few things worth carrying away from this one:\nGet off the Unbreakable kernel first. An Oracle Linux conversion requires you to be running the Red Hat-compiled kernel rather than Oracle\u0026rsquo;s Unbreakable kernel before you start. Update your packages and switch kernels, then convert. It\u0026rsquo;s the same light-touch process. Convert2RHEL inventories your packages, subscribes the system, and swaps Oracle-signed RPMs for Red Hat-signed ones. One reboot and you\u0026rsquo;re on RHEL with the Red Hat kernel. You keep your work. No redeploying apps, recreating users, or rebuilding configs, plus snapshotting gives you a safe recovery path if anything goes wrong. If you\u0026rsquo;re on Oracle Linux and eyeing a move, this shows just how manageable that path really is.\n","date":"29 October 2021","permalink":"https://itguyeric.com/blog/convert2rhel-from-oracle/","section":"Blog","summary":"I demo converting an Oracle Linux system to Red Hat Enterprise Linux with Convert2RHEL, including swapping the Unbreakable kernel for the Red Hat kernel.","title":"Convert from Oracle Linux with Convert2RHEL"},{"content":"Brandon and I look at data integration on this one, with Airbyte — the open-source take on the endless job of moving data between the dozens of systems that all need their own copy of it.\nSudo Show \u0026middot; Episode 37 Open the full episode page \u0026rarr; ","date":"28 October 2021","permalink":"https://itguyeric.com/blog/sudo-show-37-airbyte/","section":"Blog","summary":"Sudo Show 37 on data integration with Airbyte.","title":"Data Integration, Airbyte | Sudo Show 37"},{"content":"This is one of the more fun ones. Brandon and I talk about managing hardware in space — the extreme end of remote management, where you cannot exactly send someone to reboot the box, and the resilience lessons that come with it.\nSudo Show \u0026middot; Episode 36 Open the full episode page \u0026rarr; ","date":"14 October 2021","permalink":"https://itguyeric.com/blog/sudo-show-36-kudos-hardware-in-space/","section":"Blog","summary":"Sudo Show 36 on managing hardware in space, with Kudos.","title":"Kudos, Managing Your Hardware in Space | Sudo Show 36"},{"content":"One more early RHEL Presents guest appearance. Episode 22 is a storage primer — walking up the stack from physical disks through partitions, LVM, and filesystems so the whole vocabulary of Linux storage makes sense as a system rather than a pile of unrelated commands.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 22 Open the full episode page \u0026rarr; A good foundation episode if storage has always felt like the fuzziest part of administering RHEL. Watch above.\n","date":"7 October 2021","permalink":"https://itguyeric.com/blog/rhelpresents-ep22-storage-primer/","section":"Blog","summary":"RHEL Presents 22 as a guest: a storage primer covering the stack from disks through partitions, LVM, and filesystems on RHEL.","title":"Storage Primer | RHEL Presents Ep. 22"},{"content":"Before I hosted RHEL Presents I joined as a guest for episode 21, a look at what a day in the life of a solutions architect really looks like — the mix of deep technical work, customer conversations, and translating between the two that defines the role.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 21 Open the full episode page \u0026rarr; If you are curious about the SA path or what the job is like from the inside, this one is worth a watch. Full episode above.\n","date":"23 September 2021","permalink":"https://itguyeric.com/blog/rhelpresents-ep21-day-in-the-life/","section":"Blog","summary":"RHEL Presents 21 as a guest: what the solutions architect role really involves day to day, and how it blends deep tech with customer conversations.","title":"Day in the Life | RHEL Presents Ep. 21"},{"content":"Migrating operating systems can be an intimidating task, which is exactly why Red Hat built an officially supported tool for it. In this walkthrough I introduce Convert2RHEL and demonstrate converting a vanilla CentOS Linux system to fully supported Red Hat Enterprise Linux. It\u0026rsquo;s a light-touch process: it inventories your packages, subscribes the system, swaps CentOS-signed RPMs for Red Hat-signed ones, and one reboot later you\u0026rsquo;re running RHEL.\nA few things worth carrying away from this one:\nConvert, don\u0026rsquo;t rip and replace. With a conversion you don\u0026rsquo;t redeploy apps, recreate users and home directories, or rebuild config files. That means a much shorter maintenance window than a clean install. There\u0026rsquo;s a safety net. Convert2RHEL uses snapshotting as a recovery mechanism, so if something goes sideways you have a way back. You don\u0026rsquo;t have to go it alone. Red Hat services can help you set goals, write the automation and health checks, and get through the conversion with minimal downtime, but the demo shows how straightforward the solo path is too. Converting to Red Hat Enterprise Linux really is that easy, and it sets you up for an easier path to the latest RHEL later on.\n","date":"21 September 2021","permalink":"https://itguyeric.com/blog/convert2rhel-from-centos/","section":"Blog","summary":"I introduce Convert2RHEL and demo an in-place conversion of a CentOS Linux system to fully supported Red Hat Enterprise Linux.","title":"Convert from CentOS Linux with Convert2RHEL"},{"content":"Brandon and I get into remote work on this one, with Mux — the practical side of building and growing a distributed team, from hiring to culture to keeping people connected when the office is everywhere.\nSudo Show \u0026middot; Episode 34 Open the full episode page \u0026rarr; ","date":"16 September 2021","permalink":"https://itguyeric.com/blog/sudo-show-34-remote-team-mux/","section":"Blog","summary":"Sudo Show 34 on growing a remote team, with Mux.","title":"Growing Your Remote Team, Mux | Sudo Show 34"},{"content":"Where do you get your tasks from?\nFor me, it\u0026rsquo;s meetings, household chores, ongoing projects, random lists, IMs, Emails, forum posts, social media (yeah, believe it!), whew. For years, I tried different tools and methods for tracking my to-dos. I was pretty good at it… Most of the time. It seemed like now and then, though, I would hit a breaking point and all the plates I had been juggling would fall to the floor, and I’d have to start over again.\nEnter Todoist, a product which boasts you can “regain clarity and calmness by getting all those tasks out of your head and onto your to-do list (no matter where you are or what device you use).” To say that Todoist is a to-do list or even a project management application would be a gross understatement. Over the past few years, I have managed to shift from an anxious task tracker to a productivity power user.\nI work a demanding job in a challenging field, host a podcast, a live stream, have a wife, four wonderful kids, and a few hobbies. Add on top of that the need to sleep, work out, and get things done around our house. I don’t say that to impress you. We are all busy. It\u0026rsquo;s a challenge. What I plan to unleash into your minds is a series of tools and methods I use every day to get everything done. We’ll cover Todoist, email management, ways to focus on tasks (like me trying to write this blog post), and much, much more.\nGrab your caffeine and hold on tight. Here we go!\nWhy use a to-do list? #“I don’t need a to-do list. I have that list in my head.”\nPleeeaaase. No you don’t! We live in a world of CRAZY connectivity! Everything is always on all the time. Tweets, news, sports, YouTube, podcasts…and that\u0026rsquo;s just a short list only from the digital world! Many of us have multiple devices within a few feet of our favorite chair that spend their time lighting up, dinging, buzzing, and ringing. Attention spans and deep work are at an all-time low.\n“So what, I can multitask.”\nSorry, Charlie! That’s a common misconception. What you are really doing is context switching. The more alike tasks are, the easier it is to switch between the two in a short space of time and with little productivity penalty. However, if you go from following a lively instant messaging thread about plastic versus metal dice for tabletop games to working on a 3-year business plan, you aren’t giving either your full attention.\n(Besides, we all know metal dice are better!)\nNot only are you not giving either task your full attention, but you are also draining your limited energies for the day. You’re shifting gears between two very different tasks. That comes with a tax and lowers the quality of the finished product. We try to compensate for this by starting several tasks at once, then getting nothing done. Then, as inevitably happens to me, your youngest daughter bursts into your room and grabs your iPad off your desk! By the time you get her setup with her afternoon activity and get back to work, those 3 or 4 or 5 tasks have all fallen and shattered all over the floor. Now, you have to spend wasted time trying to pick up where you left off with each task!\n“Eric, tell me there is a better way!”\nFear not, my young apprentices. There is a better way! To-do lists. Ta-da! That’s it. You’re welcome.\nOh, wait… You want to know which one? Okay, I got you. Sorry, I dropped the mic too soon.\nHow I found Todoist # I used to be stuck on Microsoft Outlook 2003. It had a decent task tracker… You could schedule tasks, set reminders, and eventually could even set tasks to repeat. It was okay. Eventually, I moved to Apple Tasks. It wasn’t as feature rich as it is today, but it got the job done and as a bonus synced to my mobile device. I’d also tried out Trello, but at the time couldn’t quite get a handle on how to use a task board (stay tuned, wink wink!). I also tried organizing projects into MS Project in college (yeah, I was that nerd), eventually projects moved into Evernote, and later Joplin.\nTasks and projects though are two different beasts entirely, but they are also connected! What I found I needed was a way to do both, preferably in the same tool. I needed to be able to do scheduling, track progress, and and and… My list of needs seemed to keep getting longer, how could any tool stand up to that!?\nA friend of mine told me about this tool with a weird sounding name: Todoist. To-Do List without the L, clever, huh?\nI had my doubts and, if I am being honest, was just looking for excuses not to use it. Strike 1 it\u0026rsquo;s not open source, strike 2 it\u0026rsquo;s a paid, cloud service. I told my friend this wasn’t looking good.\nHowever, I begrudgingly created an account, and what I found surprised me. It had a simple-yet-beautiful user interface (UI), incredibly intuitive layout, and many of the features I felt I needed out of a task management tool. I can remember setting aside my work for the rest of the afternoon; I needed to give this tool a proper test drive. A few hours later, I was sold, literally, I signed up for the Pro subscription right then and there.\nI could set reminders, recurring tasks, could set labels or organize by project. I had a Today view, that really helped, so I didn’t see EVERYTHING I needed to do, just wanted I wanted to get through that day. Not only that, but I had multiple levels of tasks (projects, sections, tasks, sub-tasks, and priorities).\nIt didn’t stop there, though! Since becoming a Todoist customer, they have introduced Kanban boards. Now, instead of sections just being a “subproject”, I could use Agile practices to track my work across their typical life cycle, say from idea to outline, draft, edit, and ready to publish. I could set up email aliases for each of my projects, that way, when someone emailed me a task to complete, I could hit forward, add in some metadata, and hit send. Within a couple of minutes, that task was also captured by my Todoist.\nTodoist released Calendar integration. This made it much easier to judge how much work I had to get done. The average work day for me ranges from 30 minutes of meetings, up to 6 hours some days. (Yeah, tell me about it! That\u0026rsquo;s a lot of meetings.) The problem was, those meeting heavy days I may try to schedule my usual 8-10 tasks and get only a couple of them done. Well, I don’t want meetings to break my streak!! No way! So, I started creating tasks for meetings. Attend a meeting, mark off a task. It kept the streak alive, but also helped me plan better - more meetings, fewer tasks scheduled that day.\nGetting Tasks Organized #Like many, many human beings, I sat there that first afternoon, staring at this blank canvas. Now what? I can create anything, schedule it any time, what do I do!?\nAfter a brief battle with the void, I started out by creating projects for each major area of my life and color-coding them similar to my different calendar accounts I was already using: Personal (Blue), Work (Red), and General Tech (Green). For the most part, several years later, I still use roughly that same layout, though I have added a couple more top-level projects. For instance, I eventually added my content creation efforts like the Sudo Show and this blog to their own project.\nThe next easiest thing to do was to go into Apple Tasks and grab all the tasks I had stashed away in there. Take out the trash, submit a time sheet, etc. Short, recurring tasks were the first to come over. Put them in the right project, give them a due date, and move on to the next task.\nThe harder migration (at first) was how do I break up the projects on my plate and put them into Todoist? Fortunately, Todoist had me covered. Each project has sections. So, underneath my work project, I have a section for general tasks, for each of the engineering teams I support, meetings, and one for the live stream I host every other week.\nI could then add my old projects as tasks inside each of these sections. From there, I learned how to break up a large task (like a podcast episode) into sub-tasks from researching the topic, writing the outline, following up with the guest, and eventually releasing the episode. This made it easy to break off bite-sized chunks of a task and get a little progress done each day! (Incredibly beneficial when you release a new episode every two weeks!)\nWhile I was able to migrate a LOT of my ideas, tasks, and projects in the first couple of days, my approach to project planning, task execution, and idea tracking have evolved over the years. I’ll share more on that in a later post. Nowadays, I get between 10-15 tasks done a day. I have my paper notebook open every meeting to jot down thoughts or ideas, but I also have Todoist open somewhere (phone, tablet, web, or app) to make sure I grab any action items that I need to address. I constantly filter through my emails, ensuring nothing gets asked of me there. Anytime I get an IM with a request, into Todoist it goes!\nWant to get started? #I would highly encourage you to get started with Todoist. It\u0026rsquo;s an amazing tool fueled by a company of folks who are passionate about helping you get more done. They have frequent releases that improve performance, squash bugs, and are still adding new features! They’re used by Apple, NASA, and folks from all different walks of life.\nGo sign up for free today:\nhttps://itguyeric.com/todoist\nDisclaimer: This link is an affiliate link. If you purchase a Todoist subscription, I get a small percentage. That being said, I would be greatly appreciative of you using my link as anything I make from it is set aside to be reinvested into my content creation efforts (gear, hosting, etc.).\nMy Reading List #Before you go, I wanted to drop one more idea into your lap: From the screenshots, you’ll notice an orange project called Reading List. Todoist is a great place to drop books, blogs, and white papers!\nI have a recurring task to check my RSS feed for any articles that have been published from my list of sources. I probably get about 40+ articles delivered to my RSS reader every day and read probably 25% of them from top to bottom. That can stack up if I don’t keep up with it.\nI also do a TON of research between work, the podcast, and my own curiosity. White papers, data sheets, etc. are a hugely popular way to share content these days. Fortunately, Todoist has me covered there too. Todoist supports attachments! If I have a market research report to review, I’ll download it out of my email and drop it in a task and assign a date, that way I am certain I get to it.\nFinally, there is my backlog of 60-some-odd books that has been accumulating over the years, from fiction to marketing to parenting. Todoist has even helped me knock that list down from 90 to 60 in the past year or so. When someone recommends me a book, I grab the link from the Kindle website and create a task for it. When I start a new book, I create a sub-task for every chapter. Then, I schedule one chapter a day each workday until that book is complete. The last chapter marks the book task complete, and I move on to the next book!\nTo keep things interesting, I usually pull a book from each category in my list, then start back at the top. I hope one day to only have a handful of books in this project, but considering my appetite for learning, I doubt it!\nWrap Up #Over the past couple of years, my productivity has skyrocketed! I feel confident I can manage a wide array of tasks on a wide range of projects and still keep my sanity.\nTodoist now has a hand in: meeting tracking, household chores, my reading list, podcast and content planning, social media scheduling, and learning. I track tasks from keeping my daily food log to changing the water filter every 2 months, to reminding me to renew that one subscription each year that requires manually requesting a renewal. I haven’t even begun working with a lot of the integrations available in Todoist!\nOne thing I hope to implement soon is ensuring that recreation and disconnect time become scheduled, recurring tasks in my Todoist so that I can keep the momentum going. Whether that is a day to turn off all my notifications and rest or take the kids to the park. It\u0026rsquo;s easy to get caught up in all the demands of this world and forget what is truly important: love, joy, fun, family.\nTake this journey with me. If you are struggling, learn from my mistakes and my victories. I highly recommend Todoist, but it\u0026rsquo;s not the only tool out there. Find one that works for you, and let it help you make a difference in your life and in the lives of those around you!\n","date":"10 September 2021","permalink":"https://itguyeric.com/blog/laying-a-productive-foundation-with-todoist/","section":"Blog","summary":"Where do you get your tasks from?","title":"Laying a Productive Foundation with Todoist"},{"content":"This was one of my early appearances on RHEL Presents, before I took over hosting. Episode 20 is all about Convert2RHEL — the tooling and supported process for converting an existing CentOS Linux (or other RHEL-compatible) system to Red Hat Enterprise Linux in place, without rebuilding the box from scratch.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 20 Open the full episode page \u0026rarr; It is a good primer if CentOS Linux going end of life left you weighing your options: the episode walks through what an in-place conversion looks like and why it beats a full reinstall for most fleets. Watch the full episode above.\n","date":"8 September 2021","permalink":"https://itguyeric.com/blog/rhelpresents-ep20-convert2rhel/","section":"Blog","summary":"A guest appearance on RHEL Presents 20 about Convert2RHEL: how to move an existing CentOS or derivative system to RHEL in place, without a reinstall.","title":"Convert2RHEL | RHEL Presents Ep. 20"},{"content":"Patrick McFadin joins Brandon and me to talk Apache Cassandra — the distributed database built for scale and availability, and what it takes to run data across many nodes and many regions without everything falling over.\nSudo Show \u0026middot; Episode 33 Open the full episode page \u0026rarr; ","date":"2 September 2021","permalink":"https://itguyeric.com/blog/sudo-show-33-cassandra-patrick-mcfadin/","section":"Blog","summary":"Sudo Show 33 with Patrick McFadin on Apache Cassandra.","title":"Cassandra Database with Patrick McFadin | Sudo Show 33"},{"content":"Another early guest appearance on RHEL Presents. Episode 19 covers Leapp, the supported path for moving a RHEL system from one major version to the next — in place, without rebuilding the box. We get into the pre-upgrade analysis report and why reading it first saves you a lot of pain.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 19 Open the full episode page \u0026rarr; If you have RHEL 7 or 8 machines you have been putting off upgrading, this is a solid primer. Watch the full episode above.\n","date":"25 August 2021","permalink":"https://itguyeric.com/blog/rhelpresents-ep19-leapp-upgrades/","section":"Blog","summary":"RHEL Presents 19 as a guest: how Leapp handles in-place major-version upgrades on RHEL, the pre-upgrade report, and what to check before you commit.","title":"In-Place Upgrades with Leapp | RHEL Presents Ep. 19"},{"content":"This was one of my early appearances on RHEL Presents, before I took over hosting. Episode 18 is a hands-on look at NetworkManager — the service that owns networking on modern RHEL — and how to drive it from nmcli, nmtui, and the web console instead of hand-editing config files.\nRed Hat Enterprise Linux Presents \u0026middot; Episode 18 Open the full episode page \u0026rarr; If you still reach for the old ifcfg files out of habit, this one is a good nudge toward the current way of doing things. Watch the full episode above.\n","date":"11 August 2021","permalink":"https://itguyeric.com/blog/rhelpresents-ep18-networkmanager/","section":"Blog","summary":"A guest appearance on RHEL Presents 18 covering NetworkManager: connections, devices, and managing RHEL networking from nmcli and the console.","title":"Network Manager | RHEL Presents Ep. 18"},{"content":"Brandon and I talk data analytics and startups on this one — what it takes to build data products, and the particular challenges of doing it inside a young company still figuring out its footing.\nSudo Show \u0026middot; Episode 31 Open the full episode page \u0026rarr; ","date":"5 August 2021","permalink":"https://itguyeric.com/blog/sudo-show-31-data-analytics-startups/","section":"Blog","summary":"Sudo Show 31 on data analytics and startups.","title":"Data Analytics and Startups | Sudo Show 31"},{"content":"Dashaun Carter joins Brandon and me for a genuinely uplifting one — a conversation about loving your work, keeping your passion alive in tech, and how attitude shapes a career as much as skills do.\nSudo Show \u0026middot; Episode 30 Open the full episode page \u0026rarr; ","date":"22 July 2021","permalink":"https://itguyeric.com/blog/sudo-show-30-dashaun-carter/","section":"Blog","summary":"Sudo Show 30 with Dashaun Carter on loving your work.","title":"Loving Your Work with Dashaun Carter | Sudo Show 30"},{"content":" I have really enjoyed being a member and contributor to the Open Source Community. Not only has it bolstered my love of IT and technology, but it has allowed me a space to give back. The contributions I am making come right out of my core strengths. I am an activator. I love showing people new technology or better ways of doing work.\n- Eric The IT Guy\nDonations # Head on over to Patreon to help support The IT Guy! Your contributions go towards improving the equipment and paying for hosting for audio and video production.\nAffiliates #Amazon # From time to time, I will recommend a book or piece of gear. With hardly any additional work, you can actually contribute a small percentage of your purchase back to The IT Guy! Just browse Amazon via my affiliate link, and you\u0026rsquo;ll be helping increase the influence of everything I do here.\nTodoist # Being a full-time marketer, open-source contributor, father, husband, and nerd is a lot of work! To get it all done, I need to know what I have going on at all times, be able to plan, and get reminders. For that, I look to Todoist.\n","date":"25 June 2021","permalink":"https://itguyeric.com/support/","section":"Eric the IT Guy","summary":"\u003cblockquote\u003e\n\u003cp\u003eI have really enjoyed being a member and contributor to the Open Source Community. Not only has it bolstered my love of IT and technology, but it has allowed me a space to give back. The contributions I am making come right out of my core strengths. I am an \u003ca href=\"https://www.gallup.com/cliftonstrengths/en/252140/activator-theme.aspx\" target=\"_blank\" rel=\"noreferrer\"\u003eactivator\u003c/a\u003e. I love showing people new technology or better ways of doing work.\u003c/p\u003e","title":"Support"},{"content":"Brandon and I get into security intelligence on this one, with RiskIQ — the idea that you cannot defend what you cannot see, and how mapping your real internet-facing attack surface changes the conversation.\nSudo Show \u0026middot; Episode 28 Open the full episode page \u0026rarr; ","date":"24 June 2021","permalink":"https://itguyeric.com/blog/sudo-show-28-riskiq/","section":"Blog","summary":"Sudo Show 28 on security intelligence and attack-surface management.","title":"Security Intelligence, RiskIQ | Sudo Show 28"},{"content":"Brandon and I look at PatternFly on this one — Red Hat\u0026rsquo;s open-source design system — and the broader question of how you build enterprise interfaces that are consistent and usable instead of a different experience in every console.\nSudo Show \u0026middot; Episode 26 Open the full episode page \u0026rarr; ","date":"27 May 2021","permalink":"https://itguyeric.com/blog/sudo-show-26-patternfly/","section":"Blog","summary":"Sudo Show 26 on PatternFly and building effective open-source UIs.","title":"Effective UIs with Patternfly | Sudo Show 26"},{"content":"Brandon and I trade war stories on this one — the common pitfalls teams hit adopting open source and running infrastructure, and the patterns that help you avoid learning every lesson the hard way.\nSudo Show \u0026middot; Episode 25 Open the full episode page \u0026rarr; ","date":"13 May 2021","permalink":"https://itguyeric.com/blog/sudo-show-25-avoiding-common-pitfalls/","section":"Blog","summary":"Sudo Show 25 on common pitfalls in ops and open-source adoption.","title":"Avoiding Common Pitfalls | Sudo Show 25"},{"content":"I have loved video games my entire life. I got started on a Super Nintendo playing Super Mario Brothers and Super Mario Kart. That was the start of my #nerdlife. Haha!\nIt was great to sit down with Matt and talk D\u0026amp;D and play Terminator as part of my prep for a podcast. Not very often can you say leveling up is part of your show prep.\nOn this episode of Game Sphere I get the chance to talk with Eric from the Sudo Show. We talk a bit of DND and then we get into talking about Terminator Salvation and our first impressions of it after playing for a few hours.\n","date":"12 May 2021","permalink":"https://itguyeric.com/blog/game-sphere-13-terminator-resistance/","section":"Blog","summary":"I have loved video games my entire life. I got started on a Super Nintendo playing Super Mario Brothers and Super Mario Kart. That was the start of my #nerdlife. Haha!","title":"Game Sphere 13: Terminator Resistance"},{"content":"Brandon and I get into data quality on this one, with a look at Soda — the idea that you can test and monitor your data the way you test your code, so bad data gets caught before it wrecks a dashboard or a model.\nSudo Show \u0026middot; Episode 24 Open the full episode page \u0026rarr; ","date":"29 April 2021","permalink":"https://itguyeric.com/blog/sudo-show-24-data-quality-soda/","section":"Blog","summary":"Sudo Show 24 on data quality and the Soda project.","title":"Data Quality with Soda | Sudo Show 24"},{"content":"Emily Omer joins Brandon and me to talk positioning — the discipline of making people instantly understand what your product is for and why it matters. It is a marketing topic that engineers ignore at their peril.\nSudo Show \u0026middot; Episode 23 Open the full episode page \u0026rarr; ","date":"15 April 2021","permalink":"https://itguyeric.com/blog/sudo-show-23-positioning-emily-omer/","section":"Blog","summary":"Sudo Show 23 with Emily Omer on product positioning.","title":"Positioning with Emily Omer | Sudo Show 23"},{"content":"Brandon and I look at Tidelift on this one — the model of actually paying the maintainers behind the open-source packages everyone depends on, and why sustainability is one of the hardest problems in the ecosystem.\nSudo Show \u0026middot; Episode 22 Open the full episode page \u0026rarr; ","date":"1 April 2021","permalink":"https://itguyeric.com/blog/sudo-show-22-tidelift/","section":"Blog","summary":"Sudo Show 22 on Tidelift and sustainable open-source maintenance.","title":"Meet Tidelift | Sudo Show 22"},{"content":"Peter Zaitsev, founder of Percona, joins Brandon and me for this one. We get into open-source databases, the economics of building a company around open source, and the realities of supporting MySQL and friends at scale.\nSudo Show \u0026middot; Episode 21 Open the full episode page \u0026rarr; ","date":"18 March 2021","permalink":"https://itguyeric.com/blog/sudo-show-21-peter-zaitsev-percona/","section":"Blog","summary":"Sudo Show 21 with Percona\u0026rsquo;s Peter Zaitsev on open-source databases.","title":"Peter Zaitsev, Percona | Sudo Show 21"},{"content":"Brandon and I talk through what going \u0026lsquo;into the cloud\u0026rsquo; actually means for a team — the mindset shift, the trade-offs, and the parts the marketing slides tend to skip.\nSudo Show \u0026middot; Episode 20 Open the full episode page \u0026rarr; ","date":"4 March 2021","permalink":"https://itguyeric.com/blog/sudo-show-20-into-the-cloud/","section":"Blog","summary":"Sudo Show 20 on making the move into the cloud.","title":"Into the Cloud | Sudo Show 20"},{"content":"Fresh off the SolarWinds Sunburst breach, Brandon and I get into software supply-chain security — how a trusted update became an attack vector, and why the whole industry suddenly cared about provenance and signing.\nSudo Show \u0026middot; Episode 19 Open the full episode page \u0026rarr; ","date":"18 February 2021","permalink":"https://itguyeric.com/blog/sudo-show-19-securing-supply-chain/","section":"Blog","summary":"Sudo Show 19 on the Sunburst attack and software supply-chain security.","title":"Sunburst and Securing Your Supply Chain | Sudo Show 19"},{"content":"A natural follow-on from the previous episode: if multi-cloud is the reality, how do you actually manage it? Brandon and I talk through the tooling and the operational discipline it takes to run across more than one provider.\nSudo Show \u0026middot; Episode 18 Open the full episode page \u0026rarr; ","date":"4 February 2021","permalink":"https://itguyeric.com/blog/sudo-show-18-managing-multi-cloud/","section":"Blog","summary":"Sudo Show 18 on the realities of managing multi-cloud.","title":"Managing Multi-Cloud | Sudo Show 18"},{"content":"We tend to associate free with good. That\u0026rsquo;s not the case though when what is free is unauthorized root-level access to your Linux systems! On January 26, 2021, a vulnerability, CVE-2021-3156, was disclosed that affects just about every Linux or Unix distribution that utilizes the sudo functionality.\nTLDR: You need to update your operating system as soon as possible to ensure you have the patch.\nNow that you have scheduled emergency patching windows for all your impacted systems . . . you did right? Let\u0026rsquo;s get into how this vulnerability works and what the potential impact is.\nOn a healthy system, you have to run a su command and provide the root password or have your account authorized in the /etc/sudoers file to gain administrative level access to a Linux system. The Baron Samedit bug, however, utilizes a buffer overflow in the Sudo logic to allow a non-privileged account to bypass this security mechanism and run commands with root-level privileges.\nWhile running a sudo command in shell mode (either with the -s or -i argument), special characters must be escaped with a backslash / character. With this vulnerability, however, you can add an extra backslash to any command. This will cause sudo to skip the policy review step where it reads /etc/sudoers to ensure the executing account has sudo privileges. Now with ill-gotten access to root-level privileges, a bad actor could do anything to a compromised system.\nYou can test this for yourself by logging into a Linux system with a non-privileged account and running:\n$ sudoedit -s / If the prompt returns sudoedit: your system is vulnerable and needs to be patched. However, if your system returns a usage description, your system has been patched and is no longer susceptible to this attack.\nThis vulnerability was discovered by independent testing by Qualys Inc. an information security and compliance company. Their research found that Baron Samedit was actually introduced in version 1.8.2 released, get this, 10 years ago! This bug has been in the wild for almost a decade! It impacts legacy versions 1.8\nRarely do we see a bug with such a wide pool of targets. Sudo is utilized in Unix and Linux systems everywhere. This impacts popular distributions like Red Hat Enterprise Linux, Ubuntu, Debian, SUSE, Fedora, and so on. Even BSD and other Unix derivatives are not immune to CVE-2021-3145. The risk of any bad actor gaining root-level rights to your systems cannot be overstated. Once running as root, your system can become a slave to botnets, used for crypto-mining, or exploited to retrieve sensitive data.\nDistribution Fixed Version More Details Red Hat Enterprise Linux 8 1.8.29-6.el8_3.1 Advisory Ubuntu 20.04 1.8.31-1ubuntu1.2 Advisory SUSE Enterprise Linux 15 1.8.22-4.15.1 Advisory openSUSE Leap 15.2 1.8.22-lp152.8.6.1 Advisory Fedora 33 1.9.5p2-1.fc33 Advisory Debian 10 1.8.27-1+deb10u3 Advisory Arch Linux 1.9.5.p2-1 Advisory Gentoo 1.9.5.p2 Advisory the above table lists the packages containing the patch in the most popular distributions\nIf you would like to read more about Baron Samedit and the deeper, technical explanation of how this vulnerability was found and how it works, Qualys published an in-depth blog on their findings: CVE-2021-3156: Heap-Based Buffer Overflow in Sudo\nYou maybe wondering the same thing I was . . . Where in the world did Qualys get the name Baron Samedit? Turns out, it\u0026rsquo;s a play on sudoedit and Baron Samedi. According to Voodoo mythology, Baron Samedi is the Loa (god) of the Dead. He is a chaotic spirit who spends his time smoking, drinking, and well possessing others. This \u0026lsquo;spirit\u0026rsquo; even attempts to ensnare everyone\u0026rsquo;s favorite secret agent, James Bond.\nJust like 007, we need to overcome this new foe, Baron Samedit. Patch your systems\u0026hellip;\n--\nAdditional Reading:\nCVE.Mitre.Org: 2021-3156\nSudo.ws: Buffer overflow in command line unescaping\nZDNet: 10-year-old Sudo Bug lets Linux users gain root-level access\nThis post originally appeared here and is used with permission.\n","date":"28 January 2021","permalink":"https://itguyeric.com/blog/sudo-vulnerability-discovered-how-to-protect-your-system/","section":"Blog","summary":"We tend to associate free with good. That\u0026rsquo;s not the case though when what is free is unauthorized root-level access to your Linux systems! On January 26, 2021, a vulnerability, CVE-2021-3156, was…","title":"Sudo Vulnerability Discovered: How to Protect Your System From Baron Samedi"},{"content":"Multi-cloud, hybrid cloud, the terms get thrown around until they mean nothing. Brandon and I try to cut through the buzzwords on this one and pin down what these strategies actually are and when they earn their complexity.\nSudo Show \u0026middot; Episode 17 Open the full episode page \u0026rarr; ","date":"21 January 2021","permalink":"https://itguyeric.com/blog/sudo-show-17-multi-hybrid-cloud/","section":"Blog","summary":"Sudo Show 17 untangling multi-cloud and hybrid cloud.","title":"Multi-Hybrid Cloud What | Sudo Show 17"},{"content":"Brandon and I step back on this one to talk about where operations is going — automation, platform thinking, and how the day-to-day of running infrastructure keeps shifting under everyone\u0026rsquo;s feet.\nSudo Show \u0026middot; Episode 15 Open the full episode page \u0026rarr; ","date":"17 December 2020","permalink":"https://itguyeric.com/blog/sudo-show-15-future-of-operations/","section":"Blog","summary":"Sudo Show 15 on the future of IT operations.","title":"Future of Operations | Sudo Show 15"},{"content":"Brandon and I dig into CrowdSec on this one — the open-source, community-driven take on intrusion detection and IP reputation, where the whole point is that defenders share signal instead of fighting alone.\nSudo Show \u0026middot; Episode 14 Open the full episode page \u0026rarr; ","date":"14 December 2020","permalink":"https://itguyeric.com/blog/sudo-show-14-crowdsec/","section":"Blog","summary":"Sudo Show 14 on CrowdSec and collaborative, open-source security.","title":"Looking at CrowdSec | Sudo Show 14"},{"content":"Episode 12 of the Sudo Show is the one where Brandon and I dig into GitOps, and I think it\u0026rsquo;s one of our better technical episodes because we ground it in stuff that\u0026rsquo;s actually happened to us instead of just walking through a whitepaper.\nSudo Show \u0026middot; Episode 12 Open the full episode page \u0026rarr; The core argument we make is that GitOps isn\u0026rsquo;t really about Git and it isn\u0026rsquo;t really about operations. It\u0026rsquo;s about giving developers the ability to provision and deploy infrastructure using templates that operations built and tested, so nobody\u0026rsquo;s waiting three weeks for a VM and nobody\u0026rsquo;s throwing tickets over a wall. We walk through the four tenets: collaboration, declarative configuration, observability, and auditability. That last one is where the \u0026ldquo;git blame\u0026rdquo; joke lands, though the real point is that accountability and blame are very different things. A bad config that breaks Apache should get rolled back and fixed, not turned into a performance review.\nThe war stories are what make this one worth listening to. I share the time I joined a company with four generations of undocumented sysadmin work piled up, discovered Oracle UIDs mismatched across three servers, and had to schedule a weekend outage for a system that wasn\u0026rsquo;t even in production yet. Brandon talks about inheriting a startup environment where no one documented anything and MySQL passwords were basically a treasure hunt. The point we keep coming back to is that self-documenting automation solves both of those problems at once.\nIf the 2AM page has ever ruined a vacation for you, this one\u0026rsquo;s for you. Give it a listen.\n","date":"12 November 2020","permalink":"https://itguyeric.com/blog/sudoshow-ep12-gitops-for-sysadmins/","section":"Blog","summary":"Episode 12 of the Sudo Show is the one where Brandon and I dig into GitOps, and I think it\u0026rsquo;s one of our better technical episodes because we ground it in stuff that\u0026rsquo;s actually happened to us instead…","title":"Sudo Show 12: GitOps for Sysadmins"},{"content":"This episode means a lot to me. We brought on Noah Chelliah from the Ask Noah Show and Destination Linux, and honestly, Noah is part of the reason I got into podcasting in the first place, and how I met Brandon. So getting him on to talk about managing Linux desktops at scale felt like a bit of a full circle moment.\nSudo Show \u0026middot; Episode 11 Open the full episode page \u0026rarr; Noah runs Altaspeed Technologies and has spent over a decade helping businesses move to Linux and open source, so we picked his brain on what actually works. He gets into why virtualization is almost always the biggest dollar for dollar win for a business, how reliability and snapshots change the calculus on desktop support, and why most people care a lot less about KDE versus GNOME than we do as self proclaimed geeks. There\u0026rsquo;s a great bit where he breaks down the real math on virtualizing a small office instead of buying individual workstations, and why letting Linux handle the horsepower frees up budget for things people actually notice, like good monitors and comfortable chairs.\nWe also got into the productivity corner again, and this one stuck with me. Noah talked about using a time budget, basically ranking your priorities top to bottom (for him it\u0026rsquo;s religion, wife, kids, family, work, then everything else) and using that list to make decisions instead of just reacting to whoever\u0026rsquo;s loudest. It\u0026rsquo;s a simple idea but it changed how I think about structuring my own week.\nIf you\u0026rsquo;ve ever wondered what it actually takes to run Linux infrastructure for real businesses instead of just a home lab, give this one a listen.\n","date":"29 October 2020","permalink":"https://itguyeric.com/blog/sudoshow-ep11-managing-linux-desktops/","section":"Blog","summary":"This episode means a lot to me. We brought on Noah Chelliah from the Ask Noah Show and Destination Linux, and honestly, Noah is part of the reason I got into podcasting in the first place, and how I…","title":"Sudo Show 11: Managing Linux Desktops at Scale with Noah Chelliah"},{"content":"We finally pulled off our first live event for the show. Episode 8 of the Sudo Show is the recap of our first ever AMA, where folks hopped on a video call and threw questions at Brandon and me for two hours straight.\nSudo Show \u0026middot; Episode 8 Open the full episode page \u0026rarr; This one bounces around a lot, which is honestly what made it fun. We get into the eternal entry level career question, how to break out of help desk into sysadmin work, and Brandon shares his story of landing a job partly by admitting he didn\u0026rsquo;t know MySQL instead of bluffing his way through it. We also talk Linux certifications, home lab hardware, and whether CentOS is good enough for RHCSA prep. Somewhere in there Brandon walks through his bus factor plan for his home lab and passwords, which is a more important conversation than most people realize until it\u0026rsquo;s too late.\nMy favorite moment is admitting on air that I got hired at Red Hat only to discover my own RHCSA had expired. Brandon and I also dig into the GitHub portfolio question that comes up constantly, whether contributions actually move the needle for hiring managers, and how to migrate a business off proprietary software without starting a riot among your end users.\nIf you\u0026rsquo;ve got career questions rattling around, this episode is basically us thinking out loud about most of them. Give it a listen.\n","date":"26 October 2020","permalink":"https://itguyeric.com/blog/sudoshow-ep08-ask-me-anything/","section":"Blog","summary":"We finally pulled off our first live event for the show. Episode 8 of the Sudo Show is the recap of our first ever AMA, where folks hopped on a video call and threw questions at Brandon and me for…","title":"Sudo Show 8: Our First Live Ask Me Anything"},{"content":"Episode 10 of the Sudo Show is a retrospective, and it\u0026rsquo;s a good one. Brandon had a hand in one of the largest corporate Windows to Linux desktop migrations around fifteen years ago, and we used this episode to look back at how that actually worked.\nSudo Show \u0026middot; Episode 10 Open the full episode page \u0026rarr; We get into the real mess of it, things like running Internet Explorer 6 through Crossover Office because half the internal web apps wouldn\u0026rsquo;t run any other way, syncing files between a Linux desktop and a Windows laptop with an old Novell tool called iFolder, and Brandon\u0026rsquo;s genuinely wild reverse SSH setup for remote support before anything like Remotely existed. We compare that to what\u0026rsquo;s available now, things like Fleet Commander, c file, and how much easier application delivery has become with tools like Foreman and Katello. The Office compatibility conversation alone is worth the listen, since it\u0026rsquo;s a problem that\u0026rsquo;s been slowly improving for over a decade and still isn\u0026rsquo;t fully solved.\nWe also got into the productivity corner again, comparing how Brandon and I structure our days. He\u0026rsquo;s a Pomodoro and time tracking guy through GTG and Hamster, and I talk through how I\u0026rsquo;ve used the Pomodoro technique myself with mixed success depending on how stacked my meeting schedule is that week.\nIf you\u0026rsquo;ve ever wondered what it actually takes to move a company off Windows, or just want to steal a productivity trick or two, this one\u0026rsquo;s worth your time.\n","date":"15 October 2020","permalink":"https://itguyeric.com/blog/sudoshow-ep10-open-source-desktop/","section":"Blog","summary":"Episode 10 of the Sudo Show is a retrospective, and it\u0026rsquo;s a good one. Brandon had a hand in one of the largest corporate Windows to Linux desktop migrations around fifteen years ago, and we used this…","title":"Sudo Show 10: Open Source Desktop Migrations"},{"content":"Episode 9 of the Sudo Show is a bonus episode that exists because one question during our AMA turned into way more than we expected. ComputerKid asked about SAN storage in the chat, and what followed was basically a free seminar.\nSudo Show \u0026middot; Episode 9 Open the full episode page \u0026rarr; We pulled that segment out and gave it its own episode because it was too good to let sit buried in a three hour AMA. The conversation covers the difference between SAN and NAS, how fiber channel and iSCSI actually present storage to a system, and then goes deep on scalable storage with Gluster and Ceph. I learned a lot just listening back to this one, especially the bit about why you want JBOD instead of hardware RAID underneath something like Gluster, since the software is already handling replication on its own.\nWhat I liked most is how practical it gets. We\u0026rsquo;re not just talking theory, we\u0026rsquo;re talking about running Gluster on Pine64 boards in a home lab, the difference between petabyte scale Ceph and a smaller Gluster setup, and why KVM matters even if you\u0026rsquo;ve never touched it because it\u0026rsquo;s quietly running most of the public cloud.\nIf storage has ever felt like a black box to you, this episode does a good job cracking it open. Worth a listen.\n","date":"8 October 2020","permalink":"https://itguyeric.com/blog/sudoshow-ep09-storage-technologies/","section":"Blog","summary":"Episode 9 of the Sudo Show is a bonus episode that exists because one question during our AMA turned into way more than we expected. ComputerKid asked about SAN storage in the chat, and what followed…","title":"Sudo Show 9: Storage Technologies Deep Dive"},{"content":"This one\u0026rsquo;s special to me. Episode 7 of the Sudo Show was our first ever on air interview, and we brought on Greg Myers, a support engineer at GitLab, to talk about what it\u0026rsquo;s actually like working there.\nSudo Show \u0026middot; Episode 7 Open the full episode page \u0026rarr; I\u0026rsquo;m a little biased here because GitLab gave me my start moving from systems administration into solutions architecture, so getting to sit down with someone still in the trenches there was a treat. Greg and I talk about the GitLab handbook, which is this massive publicly available document that basically runs the company, and how he used it to prep for his own interview process. We also get into GitLab\u0026rsquo;s wild release cadence, something like ninety consecutive monthly releases without a miss, and what that actually takes behind the scenes from a support and engineering perspective.\nBrandon jumps in with some great questions about how GitLab handles third party integrations without forcing teams to rip out tools they already love, and we close out the episode with our second productivity corner segment, this time built around remote work tips since GitLab is fully remote. Greg\u0026rsquo;s bit about separating his \u0026ldquo;work brain\u0026rdquo; from his \u0026ldquo;relaxation brain\u0026rdquo; with a dedicated workspace stuck with me.\nGive episode 7 a listen if you want to hear what it\u0026rsquo;s like inside a company that puts almost everything out in the open, handbook included.\n","date":"17 September 2020","permalink":"https://itguyeric.com/blog/sudoshow-ep07-gitlab-interview/","section":"Blog","summary":"This one\u0026rsquo;s special to me. Episode 7 of the Sudo Show was our first ever on air interview, and we brought on Greg Myers, a support engineer at GitLab, to talk about what it\u0026rsquo;s actually like working…","title":"Sudo Show 7: Our First Interview, GitLab's Greg Myers"},{"content":" Sudo Show episode 6 continues our cloud arc by digging into how applications actually got to cloud native architecture, starting with the monolith and working forward from there.\nBrandon and I walk through the evolution step by step. We start with the old monolithic deployments where updating one component meant taking the whole application offline, usually at 11pm on a Tuesday after everyone on both coasts logged off. From there we cover three tier architecture and how clusters and load balancers made maintenance windows survivable, then into microservices and the hyperscale era where front end and back end services finally scale independently. We get into container architecture, scale to zero, serverless versus function as a service naming debates, and why persistence has to live outside the container if you want any of this to actually work.\nWe also touch on open source sustainability, including a Linux Foundation contribution report that\u0026rsquo;s worth a read if you\u0026rsquo;ve ever wondered who\u0026rsquo;s actually putting resources back into the projects everyone depends on. And we closed out with a new segment we\u0026rsquo;re calling the productivity corner, where Brandon and I compare morning routines and talk about why a little structure goes a long way when you\u0026rsquo;re working from home.\nSudo Show \u0026middot; Episode 6 Open the full episode page \u0026rarr; This one connects pretty directly to how I frame infrastructure evolution when I\u0026rsquo;m teaching Linux administration at JCCC.\n","date":"3 September 2020","permalink":"https://itguyeric.com/blog/sudoshow-ep06-elements-of-cloud/","section":"Blog","summary":"Sudo Show episode 6 continues our cloud arc by digging into how applications actually got to cloud native architecture, starting with the monolith and working forward from there.","title":"Sudo Show 6: Elements of Cloud Native Architecture"},{"content":" Sudo Show episode 5 kicked off a new arc on cloud architecture, and we used it to dig into open source cloud management tools with Brandon doing most of the heavy lifting since this is squarely his world.\nWe start with the mess that is multi cloud reality. Most companies aren\u0026rsquo;t running one cloud or one virtualization platform, they\u0026rsquo;re juggling three different hypervisors, a couple versions of OpenStack, and workloads scattered across AWS, GCP, and Azure, sometimes without IT even knowing about all of it. Brandon walks through why platform agnostic tools like Ansible and Terraform matter so much here, and then gets into the actual cloud management platforms he tested for the episode: Mist, Cloudify, and ManageIQ. He breaks down what separates a true CMP from a glorified inventory tool, and shares hands on results from spinning up and tearing down cloud resources with each one.\nManageIQ gets the spotlight toward the end since Brandon\u0026rsquo;s been working with it for years going back to its days as the upstream for Red Hat CloudForms, and he makes a solid case for when you\u0026rsquo;d reach for something with that much depth versus something like Mist if you\u0026rsquo;re just getting started.\nSudo Show \u0026middot; Episode 5 Open the full episode page \u0026rarr; This one ties directly into how I think about infrastructure automation and the kind of hands on tooling I try to bring into my Linux teaching at JCCC.\n","date":"20 August 2020","permalink":"https://itguyeric.com/blog/sudoshow-ep05-open-source-cloud/","section":"Blog","summary":"Sudo Show episode 5 kicked off a new arc on cloud architecture, and we used it to dig into open source cloud management tools with Brandon doing most of the heavy lifting since this is squarely his…","title":"Sudo Show 5: Open Source Cloud Management Tools"},{"content":"Back in 2020, Brandon and I sat down for Sudo Show episode 4, where we wrapped up our \u0026ldquo;getting started\u0026rdquo; arc with a conversation about education, certifications, and how to actually grow a career in IT.\nThis one holds up better than I expected. We get into the eternal self taught versus formal education debate, home labs as the most underrated learning tool either of us ever used, and why contributing to an open source project builds your resume in a way a textbook never will. Brandon makes a case against traditional university programs that I still agree with today, and I talk about why my master\u0026rsquo;s degree turned out to be the world\u0026rsquo;s most expensive checkbox compared to what my RHCSA actually did for my career.\nWe also threw out a pile of resources, from Katacoda to the Odin Project to conference recordings, because at the time it felt like the hardest part of growing in this field wasn\u0026rsquo;t motivation, it was just knowing where to look.\nSudo Show \u0026middot; Episode 4 Open the full episode page \u0026rarr; This one\u0026rsquo;s a good companion piece if you\u0026rsquo;re following my ongoing thoughts on Linux career paths and how I think about teaching the next generation of sysadmins.\n","date":"6 August 2020","permalink":"https://itguyeric.com/blog/sudoshow-ep04-education-career/","section":"Blog","summary":"Back in 2020, Brandon and I sat down for Sudo Show episode 4, where we wrapped up our \u0026lsquo;getting started\u0026rsquo; arc with a conversation about education, certifications, and how to actually grow a career in…","title":"Sudo Show 4: How to Build Your Education and Career"},{"content":"Episode three, aired July 23, 2020, tackles one of the most misunderstood terms in IT. Brandon and I both came at DevOps from different timelines, and that contrast made for a good episode. He had been running what was essentially a DevOps shop at a startup years before the term existed or the Phoenix Project was even published. I was the one who needed convincing, and the book that converted me gets a real shoutout in this episode. Reading it was one of the actual turning points in my career.\nSudo Show \u0026middot; Episode 3 Open the full episode page \u0026rarr; We focused the conversation on automation specifically, since DevOps as a whole is too big to cover in thirty minutes. Brandon broke down continuous integration and continuous delivery from the developer side, the discipline of merging code frequently and keeping it always in a deployable state. I covered infrastructure as code from the operations side, including a genuinely embarrassing story about a \u0026ldquo;version control\u0026rdquo; system that consisted of appending an underscore and a number to the end of config filenames. It worked great until someone forgot to copy the file before editing it, and then you lost both your working copy and your rollback at the same time.\nThe part of this episode I think holds up best is the myth-busting around job security. A lot of people assume infrastructure as code and automation exist to replace systems administrators. We argued the opposite: automation does not eliminate the on-call phone, but it filters out the noise so the calls that do come through actually matter. Sysadmins become automation and infrastructure experts, which makes them more valuable, not less.\n[Listen to Sudo Show Episode 3: DevOps and Automation](https://sudo.show/3)\nWe also use this episode to outline what is coming next: a look at advancing your career in tech, followed by a new arc on cloud architecture and building infrastructure with the future in mind. DevOps became one of the structural pillars of the whole show from here forward.\n","date":"23 July 2020","permalink":"https://itguyeric.com/blog/sudoshow-ep03-devops-and-automation/","section":"Blog","summary":"Episode three, aired July 23, 2020, tackles one of the most misunderstood terms in IT. Brandon and I both came at DevOps from different timelines, and that contrast made for a good episode. He had…","title":"Sudo Show 03: DevOps and Automation"},{"content":"Episode two of the Sudo Show, and we threw out most of our original outline because the community conversation after episode one made it clear what people actually wanted to hear: how do you get started contributing to open source.\nBrandon and I both came at this from different angles. He has been involved since he was about 12 years old, installing Red Hat Linux 5 on the family computer and getting told by a Solaris admin that Linux was a poor man\u0026rsquo;s Unix. I came at it from the systems administrator side, googling how to be a better Linux sysadmin during a rough day and discovering that most of the results were about people and community, not technical skills. That distinction became the spine of the episode.\nThe biggest myth we wanted to take apart is that open source contribution means code. It does not. We talked through real examples: a high school English teacher who contributes to GitLab\u0026rsquo;s documentation specifically because he is not technically biased and can spot confusing language a developer would never notice. Brandon\u0026rsquo;s own two-line pull request adding hardware support to a presentation remote tool he actually used. Funding models like Patreon, LibrePay, and Tidelift that let you redirect money you were already spending on proprietary cloud tools toward the open source maintainers building what you actually use.\nWe also got into something that still bugs me: the idea that telling someone to \u0026ldquo;RTFM\u0026rdquo; is acceptable community behavior. It is not. Everyone was new once, and a community that treats curiosity as an annoyance is a community that stops growing.\nSudo Show \u0026middot; Episode 2 Open the full episode page \u0026rarr; If episode one set the stage, this is the episode where the show found its actual voice: less industry analysis, more practical guidance for anyone wondering where they fit in a community this large.\n","date":"9 July 2020","permalink":"https://itguyeric.com/blog/sudoshow-ep02-getting-started-open/","section":"Blog","summary":"Episode two of the Sudo Show, and we threw out most of our original outline because the community conversation after episode one made it clear what people actually wanted to hear: how do you get…","title":"Sudo Show Episode 2: Getting Started With Open Source"},{"content":"The Destination Linux crew had me on for episode 181 to dig into a topic that reliably starts arguments: Btrfs versus ZFS. Both are modern copy-on-write filesystems with snapshots and integrity checking, but they come from very different places and fit different situations.\nIt is a fun one if you care about storage — the licensing story, the snapshot and checksum features, and the practical question of which one to reach for on a given box. Watch the full episode above, and you can find the whole back catalog over at Destination Linux.\n","date":"8 July 2020","permalink":"https://itguyeric.com/blog/destination-linux-181-btrfs-vs-zfs/","section":"Blog","summary":"A guest spot on Destination Linux 181 talking through Btrfs and ZFS — snapshots, checksums, licensing, and where each filesystem actually fits.","title":"BTRFS vs ZFS | Destination Linux 181"},{"content":"Rocco was one of the people I instantly connected with in the open source community. His values and his love of the people in open source really resonated with me. Rocco really helped encourage me while finding my own voice.\nWe talked a LOT on this episode! We covered things from gaming to conferences to announcing the launch of the Sudo Show podcast!\nIn today’s episode of Linux Spotlight, I get to sit down with my friend Eric The IT Guy. Eric has been in the IT field for awhile and currently works for RedHat. We talk about his history in Linux, his job, Linux conferences and his new podcast called the “Sudo Show”.\n","date":"8 July 2020","permalink":"https://itguyeric.com/blog/interview-on-linux-spotlight-55/","section":"Blog","summary":"Rocco was one of the people I instantly connected with in the open source community. His values and his love of the people in open source really resonated with me. Rocco really helped encourage me…","title":"Interview on Linux Spotlight 55"},{"content":"This is where the Sudo Show actually started. Episode one of a podcast that had been two years in the making, finally out on the Destination Linux Network with my co-host Brandon Johnson.\nBrandon and I had been talking for years, late nights over Telegram, comparing notes on what the enterprise and open source worlds looked like from the inside. He was seven years into Red Hat, focused on virtualization, OpenStack, and Kubernetes. I had come up through Linux sysadmin work, made a move to GitLab, and was starting to figure out that my real skill was getting people excited about things rather than managing servers at 2am. We decided to start recording those conversations and call it a podcast. That is the whole origin story.\nEpisode one was a level set: what does enterprise open source actually mean, and why is calling it a contradiction a mistake? We walked through the spectrum from proprietary to open core to fully open development models, using GitLab, Red Hat, SUSE, and Cloudera as examples. Brandon made the distinction between products and projects that I still think is one of the clearest framings I have heard on the topic. A project has no lifecycle or support. A product wraps those things around it. Both have their place, and knowing which one you are depending on matters.\nWe also got into the newer funding models emerging at the time, GitHub Sponsors, Tidelift, and the growing trend of companies like Netflix and Google open sourcing internal tools that became foundational infrastructure for the rest of the industry.\nSudo Show \u0026middot; Episode 1 Open the full episode page \u0026rarr; The Sudo Show was one of the most rewarding things I have built, and this episode laid the foundation for everything that followed.\n","date":"25 June 2020","permalink":"https://itguyeric.com/blog/sudoshow-ep01-enterprise-open-source/","section":"Blog","summary":"This is where the Sudo Show actually started. Episode one of a podcast that had been two years in the making, finally out on the Destination Linux Network with my co-host Brandon Johnson.","title":"Sudo Show Episode 1: What Is Enterprise Open Source?"},{"content":"This is the trailer that started it all. In June 2020, Brandon Johnson and I launched the Sudo Show on the Destination Linux Network, a podcast covering enterprise open source, cloud management, DevOps culture, and working from home.\nGetting here took longer than I care to admit. The idea had been rattling around for years, and it took the infrastructure of the Destination Linux Network, Michael Tunnell\u0026rsquo;s marketing instincts, and a steady stream of encouragement from Noah Chelliah to finally make it real. Brandon, a Red Hatter at the time, brought the enterprise Linux credibility and I brought the sysadmin-turned-marketer perspective. The combination worked.\nThe pitch was simple: we were not just going to talk about the technology. We wanted to cover how teams actually adopt it, how you change culture around it, and how you get more done without burning out in the process. Topics that do not always get enough airtime in the Linux and open source space.\nThe show launched on June 25, 2020, releasing every other Thursday on YouTube and all the usual podcast platforms.\nWatch the launch trailer on YouTube: Sudo Show Coming June 25th\nThe Sudo Show was one of the most rewarding projects I have been part of, and this trailer is where it started.\n","date":"17 June 2020","permalink":"https://itguyeric.com/blog/sudo-show-podcast-launch/","section":"Blog","summary":"This is the trailer that started it all. In June 2020, Brandon Johnson and I launched the Sudo Show on the Destination Linux Network, a podcast covering enterprise open source, cloud management…","title":"The Sudo Show: A New DLN Podcast Launches June 2020"},{"content":"Every show starts somewhere. This is the launch announcement for Sudo Show, the enterprise-open-source podcast Brandon Johnson and I started under the Destination Linux Network. Short and sweet, but it is where it all began.\nSudo Show \u0026middot; Episode 00 Open the full episode page \u0026rarr; ","date":"17 June 2020","permalink":"https://itguyeric.com/blog/sudo-show-00-launch-announcement/","section":"Blog","summary":"The teaser that kicked off Sudo Show on the DLN — what Brandon and I set out to build.","title":"New DLN Podcast Coming | Sudo Show 00"},{"content":"I have some very exciting news to share with you all!\nMy name is Eric The IT Guy and I am a recovering Systems Administrator! I have over 11 years of IT experience ranging from Systems Administration and Engineering to technical sales and community advocacy, most recently, as a Sales Solutions Architect at Red Hat.\nMy mission as the IT Guy is to fight against burnout and poor work life balance. My goal is to promote methodologies and communities around DevOps and Open Source as well asn an endless supply of fun gibberish along the way.\nI have worked under all the cliche\u0026rsquo;d IT cultures - from nightmare on-calls to constant firefighting to teams that are as closed minded as the software they use. I\u0026rsquo;ve learned a lot from my more-than-a-decade of experience. I hope to share those stories and the lessons I learned with all of you to help make your lives and your organizations better.\nNow with that said, here\u0026rsquo;s the news:\nI am very excited to announce that I have joined the Destination Linux Network! If you\u0026rsquo;ve not heard of DLN . . . where have you been? It\u0026rsquo;s okay, I\u0026rsquo;ll just tell you. The Destination Linux Network is a media network powered by Linux and Open Source with a focus on bringing quality content to our audience to help you learn and enjoy the awesome technologies that we all have available.\nOn DLN, I\u0026rsquo;ll be one of the hosts of the Sudo Show podcast which will be your place for all things enterprise open source. As I said, I\u0026rsquo;ll be ONE of the hosts and joining me is Brandon Johnson, a fellow Red Hatter . . . oh did I mention I work at Red Hat?\nThe Sudo Show is going to be an awesome podcast covering careers in IT, productivity, and enterprise technology. If you are just getting started or a seasoned veteran looking to \u0026ldquo;keep up\u0026rdquo; then you will certainly want to subscribe to the show! You can get our content on the DLN YouTube Channel or subscribe to the audio version wherever you get your podcasts.\nIn addition to the Sudo Show, I\u0026rsquo;m joining the team at Front Page Linux. I will be writing articles at Front Page Linux Dot Com; these will cover topics like avoiding burnout, ways to boost productivity, and how to impact your companies\u0026rsquo; culture for the better.\nLast but not least, we get to my Youtube Channel. I will be releasing periodic Vlogs there for more random content like an inside look at my experiences as a Solutions Architect.\nI am excited to be joining such an awesome community. If you\u0026rsquo;d like to get in touch, just shoot an email over to Contact@Sudo.Show. You can follow me @ITGuyEric on Facebook, Twitter, LinkedIn, and Mastodon\u0026hellip;just to name a few.\nI can\u0026rsquo;t wait to get started, our first release is June 25th. I look forward to sharing my experiences with you and especially getting your feedback!\n","date":"16 June 2020","permalink":"https://itguyeric.com/blog/launching-the-it-guy/","section":"Blog","summary":"I have some very exciting news to share with you all!","title":"Launching the IT Guy"},{"content":"I spent over seven years in IT before I really started to understand the breadth of the industry. Technology gets a bad rap for being such a deep field but not necessarily a broad one. In fact, when I was attending college in 2009\u0026hellip; Hold the phone\u0026hellip; I graduated from DeVry University A DECADE ago! When did that happen!? Ugh, nothing like a personal revelation in the middle of a blog post. Any-who\u0026hellip;the career advice I was given was there were two paths in front of me, eventually they would lead to: 1) becoming an architect, the system-designing ninja guru of a major enterprise or 2) becoming CIO of a major enterprise. Said another way, either you go the technical track or the manager track. It wasn’t ever really explained to me there were forks in those roads. Quite a few of them really! (In fact, a funny aside was that my the advisor for the first college I attended told me I wouldn’t ever be successful in IT because my higher math grades like Calculus, Trigonometry, etc. weren’t good enough. Jokes on them!)\nWhile I am making light of a couple situations, these illustrate some very big issues in our culture, the corporate world, and our education system. (Disclaimer, I am not calling out DeVry in any sense. I loved my education and it set me up for great success. In fact, I was even crazy enough to go back and get a Masters from their graduate program.) In fact, any one person should only be limited by their own imagination or to quote the great philosopher, (Captain) Jack Sparrow: “The only rules that matter are these: what a man can do and what he can’t do.” Our rum-loving friend had a great insight. The more I learn about my career the more I realize I didn’t have a clue when I started out.\nSo, here’s the deal, I have been around the industry long enough to watch the shift from hardware to virtual machines to now cloud hosted workloads. I have worked within IT operations long enough to go from carrying a pager to two phones to an app-based on call rotation. I have seen the Internet go from a dial-up access to email and AIM to an essential element for virtually every industry. I have learned a thing or two along that journey and I really feel like I would be doing the industry a disservice to keep those lessons to myself. Heck, even writing that out made me think, “Hhmm, maybe I do know a couple of things!”\nSo, here is what I plan to bring your way. I want to address some issues that weigh on my mind: work/life balance, operational priorities, marketing buzzwords, career pathing, just to name a few. I want to share my experiences, make a few jokes, and deliver relevant news, content, and maybe a few tutorials along the way. I want to make my content available via blogs, vlogs, podcasts, conferences, whatever medium I need to use to help my fellow technologists find out where their passion and skills could best take them.\nSo\u0026hellip;How about it? You ready?\n","date":"9 October 2019","permalink":"https://itguyeric.com/blog/vision-for-the-it-guy/","section":"Blog","summary":"I spent over seven years in IT before I really started to understand the breadth of the industry. Technology gets a bad rap for being such a deep field but not necessarily a broad one. In fact, when…","title":"Vision for the IT Guy"},{"content":"I had the pleasure of speaking at the Kansas City DevOps Meetup in downtown Kansas City! It was kind of like a coming home party. KC DevOps Days is where I got my start at GitLab and set me on a path towards a career I never imagined possible. This event, in the vault of the downtown library was my chance to share GitLab\u0026rsquo;s story to my local meetup. It was well received and even led to an impromptu demo of the GitLab product!\nIn the IT Industry, many incidents have been misunderstood or blown out of proportion due to poor handling of communications during and right after a crisis arises. The how, when, and how much communication can be the difference between a media frenzy and an outage that people work through and forget about. Ever since a database outage in January of 2017, companies and contributors have received timely and effective communication from Gitlab.\n","date":"19 June 2019","permalink":"https://itguyeric.com/blog/devops-kc-communication-in-an-open-company/","section":"Blog","summary":"I had the pleasure of speaking at the Kansas City DevOps Meetup in downtown Kansas City! It was kind of like a coming home party. KC DevOps Days is where I got my start at GitLab and set me on a path…","title":"DevOps KC: Communication in an Open Company"},{"content":"I gave my Busting Open Source Security Myths talk at DevSecOps Days Denver to a packed out auditorium. If was so well received, I decided to bring it back for Day 2 of SELF 2019!\nDevelopers are constantly being asked to make more and more powerful applications. The more feature-rich the application, though, the more prone to risk it becomes. Many have thought the solution is to keep the code base locked up tight, that open source is undesirable. The truth, however, is quite the opposite! More eyes on code has proven to increase the quality and security of the modern application.\n","date":"18 June 2019","permalink":"https://itguyeric.com/blog/self2019-busting-open-source-security-myths/","section":"Blog","summary":"I gave my Busting Open Source Security Myths talk at DevSecOps Days Denver to a packed out auditorium. If was so well received, I decided to bring it back for Day 2 of SELF 2019!","title":"SELF2019: Busting Open Source Security Myths"},{"content":"This talk defined the voice of the IT Guy for me. This was the moment when the Sudo Show got its wings, when I realized that I was on the right track towards re-inventing my career. I had people in the room I respected a great deal nodding along in agreement. This was where it REALLY started for me.\nSo, you are interested in technology, you want to contribute to something bigger than yourself, you can\u0026rsquo;t wait to join a global community…but where do you start? Is coding the only way in? Let\u0026rsquo;s take a practical look at how to go from consumer to contributor!\n","date":"17 June 2019","permalink":"https://itguyeric.com/blog/self2019-getting-started-with-open-source/","section":"Blog","summary":"This talk defined the voice of the IT Guy for me. This was the moment when the Sudo Show got its wings, when I realized that I was on the right track towards re-inventing my career. I had people in…","title":"SELF2019: Getting Started with Open Source"},{"content":"South East Linux Fest 2019 was an amazing test of the IT Guy\u0026hellip;not as a brand but as the person I wanted to be in my career. I gave 3 talks in 3 days and spent a lot of time chatting with different folks, sharing stories, answering questions. It challenged my introverted nature and my public speaking skills.\nThe entire conference was an amazing experience that I will always cherish!\nNow more than ever, developers have more tools to pick from than hours in the day. It is so easy to spend more time maintaining the development pipeline than it is actually developing. What if the planning, coding, building, testing, and deployment could all be handled from one tool in one interface? Well it can! Gitlab can cut down on tool chain bloat and decrease cycle times!\n","date":"17 June 2019","permalink":"https://itguyeric.com/blog/self2019-gitlab-takes-you-from-idea-to-production/","section":"Blog","summary":"South East Linux Fest 2019 was an amazing test of the IT Guy\u0026hellip;not as a brand but as the person I wanted to be in my career. I gave 3 talks in 3 days and spent a lot of time chatting with different…","title":"SELF2019: GitLab Takes you from Idea to Production"},{"content":"Getting started in my career, I never imagined I would work in sales or go speak at conferences! I was very nervous and I think that showed. What was worse is I had the first breakout after lunch and the next room was a dive into chaos engineering! I learned a LOT from this event and later revamped my talk to present to the DevOps meetup in Kansas City.\nIn the IT Industry, many incidents have been misunderstood or blown out of proportion due to poor handling of communications during and right after a crisis arises. The how, when, and how much communication can be the difference between a media frenzy and an outage that people work through and forget about. Ever since a database outage in January of 2017, companies and contributors have received timely and effective communication from Gitlab.\n","date":"6 May 2019","permalink":"https://itguyeric.com/blog/devops-days-des-moines-communication-in-an-open-company/","section":"Blog","summary":"Getting started in my career, I never imagined I would work in sales or go speak at conferences! I was very nervous and I think that showed. What was worse is I had the first breakout after lunch and…","title":"DevOps Days Des Moines: Communication in an Open Company"},{"content":"I joined Ask Noah Show 110 to talk about the journey into a FOSS career — how community involvement, curiosity, and a lot of homelab hours turn into an actual path in this industry.\nListen to the full episode at Ask Noah Show 110.\n","date":"15 January 2019","permalink":"https://itguyeric.com/blog/ask-noah-110-journey-to-a-foss-career/","section":"Blog","summary":"A guest appearance on Ask Noah Show 110 about carving out a career in free and open source software.","title":"Journey to a FOSS Career | Ask Noah 110"},{"content":"Hey all! I am starting a new open source \u0026ldquo;project\u0026rdquo;: my next home! Please help me by making recommendations and helping me build the IT Guy\u0026rsquo;s dream house!\nhttps://gitlab.com/itguyeric/smarthouse\n","date":"13 November 2018","permalink":"https://itguyeric.com/blog/the-it-guys-house/","section":"Blog","summary":"Hey all! I am starting a new open source \u0026lsquo;project\u0026rsquo;: my next home! Please help me by making recommendations and helping me build the IT Guy\u0026rsquo;s dream house!","title":"The IT Guy's House"},{"content":"We got a single test episode before going back to the drawing board. After months of networking, planning, seeing what else is out there, we settled on a great approach that we feel will be unique and can make a difference in IT and how technologists do work.\n","date":"1 November 2018","permalink":"https://itguyeric.com/blog/return-of-the-first-attempt/","section":"Blog","summary":"We got a single test episode before going back to the drawing board. After months of networking, planning, seeing what else is out there, we settled on a great approach that we feel will be unique…","title":"Return of the First Attempt"},{"content":"Some time ago, our favorite IT Guy published a couple of test episodes. Its funny to look back at these episodes in light of the upcoming release of The IT Guy podcast!\n","date":"31 October 2018","permalink":"https://itguyeric.com/blog/the-first-attempt/","section":"Blog","summary":"Some time ago, our favorite IT Guy published a couple of test episodes. Its funny to look back at these episodes in light of the upcoming release of The IT Guy podcast!","title":"The First Attempt"},{"content":"Waaaaay back on Episode 26 of the Ask Noah Show, The IT Guy was being formed an molded. Now, a little over a year later, we are getting ready to launch our brand, our podcast, and our efforts to help shape how the open source community does work!\n","date":"30 October 2018","permalink":"https://itguyeric.com/blog/ask-noah-show-debut/","section":"Blog","summary":"Waaaaay back on Episode 26 of the Ask Noah Show, The IT Guy was being formed an molded. Now, a little over a year later, we are getting ready to launch our brand, our podcast, and our efforts to help…","title":"Ask Noah Show Debut"},{"content":"I got to join Noah Chelliah on the Ask Noah Show to continue my coverage of Peertube. It was a great chat, took a couple of calls, and found a toy I really want from Paravel Systems: The Rivendell Audio Appliance!\n","date":"29 October 2018","permalink":"https://itguyeric.com/blog/chillin-on-the-ask-noah-show/","section":"Blog","summary":"I got to join Noah Chelliah on the Ask Noah Show to continue my coverage of Peertube. It was a great chat, took a couple of calls, and found a toy I really want from Paravel Systems: The Rivendell…","title":"Chillin' on the Ask Noah Show"},{"content":"I had the pleasure to head out to Lawrence, KS to talk at the local LUG (Linux Users Group)! Today\u0026rsquo;s topic? Peertube and the problems it can solve!\n","date":"23 October 2018","permalink":"https://itguyeric.com/blog/the-case-for-peertube/","section":"Blog","summary":"I had the pleasure to head out to Lawrence, KS to talk at the local LUG (Linux Users Group)! Today\u0026rsquo;s topic? Peertube and the problems it can solve!","title":"The Case for Peertube"},{"content":"Sometimes, a dream just comes together. Sometimes its a dream that you didn\u0026rsquo;t even know you had!\nI have spent 10 years in the IT industry and I have struggled off and on to really find fulfillment in what I have accomplished thus far, at least until the past 4 months. If you know me at all, you know that I hit the ground running when I entered the open source community. When I started listening to podcasts over 2 years ago, I was an Apple die-hard: Macbook, iPad, iPhone, AppleTV, Apple Watch, iTunes\u0026hellip;Yeah, it was bad! What I found through listening to Jupiter Broadcasting though was a passionate community of people willing to work hard to create something of their own.\nOver the past two years, I have listened intently, idled in Telegram, and even provided a small donation every month as a Patron. It wasn\u0026rsquo;t until earlier this year that I really started to find my stride on how I fit into this mess. Enter the \u0026ldquo;IT Guy\u0026rdquo;. The online identity came about because when joining the Mumble room for Linux Unplugged, there were two Eric\u0026rsquo;s: myself and Erich, a respected member of the Ubuntu Studio project. That can be confusing during a live show or even just during chat. As the occasional IT consultant, I tended to hear, \u0026ldquo;Hey, the IT guy is here\u0026hellip;\u0026rdquo; and the name just stuck! Moving forward, I hope the IT Guy will be able to be a platform for open source projects who need a hand getting some attention. I am working with an open-source graphic design company, FreeHive, to create some branding around the identity and start producing more blog entries, a podcast, and to even speak at conferences one day.\nOver the past 4 months, that vision has really started to take shape! Along came Peertube, an open-source project working to create a federated video platform powered by torrent technology (think a self-hosted YouTube). I volunteered and started helping Jupiter Broadcasting to setup GetJupiter.com, a peertube instance focused on official Jupiter Broadcasting content and Linux Rocks Online (a community driven instance). I have been hanging out on Linux Unplugged more often and even been a guest on the Ask Noah show a couple of times\u0026hellip;\nBut NONE of that compares to what I experienced today. Today, I was flown out to Dallas, TX to complete the interview process with Red Hat! Yeah\u0026hellip;that $2.4 billion company that sells free software. Talk about an inspiration. This company is filled to the brim with talent, passion, and creativity. While I can\u0026rsquo;t say much about the process itself, it has been unlike any interview process I have ever been apart of. You talk about a group of people focused on their mission!\nIt\u0026rsquo;ll be a few days before I hear for sure, but I am very hopeful! My new role would be as a Senior Cloud Infrastructure Consultant. My new best friend would be Open Shift, Red Hat\u0026rsquo;s offering built around Kubernetes! For me, it would be more than setting up Open Shift for customers, it would be a chance to provide customers, specifically other Systems Engineers like myself, a new way to do work: focus on automation and orchestration instead of fighting through the same fires over and over again. Get to the point where deployments during business hours are common place and reclaim a work-life balance, recover their nights and weekends. That is a role I could make a difference in.\nI hope my next entry will be to announce a shift in my employment, but regardless of what happens with Red Hat, I will continue to work to build a platform where open source projects can come be heard and provide great information and insight into the IT world!\nThank you for reading!\n","date":"28 September 2018","permalink":"https://itguyeric.com/blog/the-big-interview/","section":"Blog","summary":"Sometimes, a dream just comes together. Sometimes its a dream that you didn\u0026rsquo;t even know you had!","title":"The Big Interview"},{"content":"The conference now seems like SO long ago! It was 4 crazy-packed days (plus 2 on the road) but it would not be overstating anything to say it has forever changed the course of my career.\nThe morning was meetings surrounding GNOME Engagement and getting thoughts and lessons learned ready for LAS2019! Being someone who has Linux, IT support, LED lighting design, live audio, photography and videography basics all crammed into my head, I could be a huge asset to conferences all over the country! It would seem to be time to get myself onto committees for more conferences.\nThe other realization I had was this conference is going to cost me a lot more money than just the travel expenses! I fell in love with talks about Purism\u0026rsquo;s Librem 5 phone and the whole of System76 and their efforts to manufacture the laptops and desktops in house to better support their products. I am sure in the next couple of years, as budget allows, both companies have already earned my business.\nAfter a tour of System 76 and another cook-out, it was time to pack up and get ready for the 9 hour drive home to Kansas City the next day. I am looking forward to the upcoming changes I hope to make to my career: develop more in depth content on this blog, start a podcast/YouTube channel, become involved with projects too small to really promote themselves, attend conferences, and help others discover the passion and community behind open source!\n","date":"20 September 2018","permalink":"https://itguyeric.com/blog/las2018-day-4/","section":"Blog","summary":"The conference now seems like SO long ago! It was 4 crazy-packed days (plus 2 on the road) but it would not be overstating anything to say it has forever changed the course of my career.","title":"LAS2018: Day 4"},{"content":"I dropped into the Linux Unplugged 267 virtual lug for this one, in on the conversation about the human side of open source contribution. Linux Unplugged is a live Jupiter Broadcasting show, and these community episodes are always a good hang.\nListen to the full episode at Linux Unplugged 267.\n","date":"19 September 2018","permalink":"https://itguyeric.com/blog/linux-unplugged-267-people-patches/","section":"Blog","summary":"A guest spot in the Linux Unplugged 267 virtual lug, talking through the human side of open source contribution.","title":"People Patches | Linux Unplugged 267"},{"content":"Oops! The downside to staying up pretty much all night talking about FOSS, life, and everything else under the sun is that the next morning comes WAY to quickly!\nSo, after going to one of the local malls to buy a long sleeve shirt and picking up some food, I finally managed to get to the venue. As I alluded to in my previous post, I spent more time thinking about people and community than the technology that drew me to the conference in the first place. Probably the biggest example of this was a talk by Britt Yazel surrounding Scientists and open source.\nWhat could be better than a Linux-powered science computer? Its more secure, more stable, faster than the other platforms\u0026hellip;but the problem? Lack of packages and supporting libraries to carry out complex scientific analysis! What\u0026rsquo;s worse is that universities, research facilities, and science labs and stuck running Windows and a few proprietary applications that charge thousands of dollars per license per year!!! That is literally millions of US Dollars\u0026hellip;tax payer money\u0026hellip; being paid to a couple of businesses that have a corner on the scientific market! Now that bugs me on a number of levels!\nWe as an open source community need to branch out. We need to shake this nerd in their parent\u0026rsquo;s basement stigma we have carried for so many years, get out there, find needs, and build solutions to fix those needs! Instead of idling in IRC rooms waiting for some project we can bash, we should be out there fixing problems in our world!\nAfter a though-provoking afternoon, we all met up for pizza and celebrated the release of GNOME 3.30 and followed that up with some vintage arcade games :)\n","date":"18 September 2018","permalink":"https://itguyeric.com/blog/las2018-day-3/","section":"Blog","summary":"Oops! The downside to staying up pretty much all night talking about FOSS, life, and everything else under the sun is that the next morning comes WAY to quickly!","title":"LAS2018: Day 3"},{"content":"I know, I know this is a lot later than I promised.\nThat is what happens when you go to a conference then come back to the real world\u0026hellip;It seems to take a week of preparation before you leave and a week of preparation after you get back from any break to really get back in the swing of everything. Anyway, I digress\u0026hellip;\nSo, its Day 2 of the conference. After an overwhelmingly awesome first day, everything sort of settled into a rhythm. We got the technical bugs worked out and started adding in lightning talks! (I think next conference I will have to sign up for one.)\nThe talks were amazing. We heard from KDE about their application deployment strategy and their application ecosystem. However, the not-as-technical talks is what really grabbed my attention. I was really surprised to be honest, I expected I would dive deep into technology on this trip\u0026hellip; Not so much! Instead, I found myself drawn towards a few talks in particular:\nThe first was a pair of talks from Ryan Gorley, owner of FreeHive an open source graphics design agency. He talked about the need for innovation beyond Adobe Cloud and the needs of creatives from Desktop Linux and the accompanying application ecosystem. There were a pair of talks from Elementary as well discussing their attempts to monetize open source to allow developers to actually make money off their work!\nHowever, I think the talk that I engaged with more than any of Day 2 was a talk about making open source attractive to students. Heidi Ellis and Gregory Hislop are working to integrate open source into the college curriculum at large but more than that help students fall in love with the FOSS community. Having dealt with the dumpster fire that is /r/Linux (Reddit) and seeing some of the venom of a small minority of the FOSS community, it played back into my thinking about how to introduce students, creatives, and non-technical folks into what the true intent of the open source community really is\u0026hellip;\nThe night continued with Game Night, trivia led by System76\u0026rsquo;s own Emma Marshal and dinner with different people from the conference. Talks went late into the night\u0026hellip;but it was all worth it!\n","date":"17 September 2018","permalink":"https://itguyeric.com/blog/las2018-day-2/","section":"Blog","summary":"I know, I know this is a lot later than I promised.","title":"LAS2018: Day 2"},{"content":"Hey ya\u0026rsquo;ll! This has been a long time coming!\nThis IT Guy has a lot on his plate and figured it would be beneficial to chronicle some of my journey! Stay tuned because with a big conference this week and some big decisions upcoming for myself, there could be some great stuff here!\n","date":"9 September 2018","permalink":"https://itguyeric.com/blog/hello-world/","section":"Blog","summary":"Hey ya\u0026rsquo;ll! This has been a long time coming!","title":"Hello World"},{"content":"IT IS HERE! Libre Application Summit 2018. This is the first IT conference I have attended since a VMware Summit in 2012.\nNot only do I get to listen to some really cool talks\u0026hellip;okay, let\u0026rsquo;s be real. A lot of this is at the edge of my understanding. After all, I am in a room filled with some of the brightest developers from all across the globe. I am just a dumb Sysadmin, haha. It is amazing material non-the-less. I even doubled-down on my usage of Flatpaks.\nThe venue, Parkside Mansion, is beautiful and the staff have been nothing but accommodating. I fully expected to use my skills and an outgoing personality and as a IT Guy at this conference, however, the one set of skills I didn\u0026rsquo;t give much thought to was my knowledge of live production. I have been helping get lighting levels right, troubleshooting audio feedback, and helping plan for the future of GNOME conference technological offerings.\nWhile the talks have been interesting, the real call of events like this is to be able to meet and interact with people from all over the world. Within the first 30 minutes of the doors opening, I was able to guide a developer to guys from Elementary OS; the developer was looking to put a mechanism into Flatpak that would allow for end users to donate money back to the developer. Who better for him to talk to than the project that is already trying to do that with their app store?!\nI have interacted with people from Red Hat, Endless, KDE, and others. We have discussed American history, Steam gaming on Linux, and solved all of the worlds problems\u0026hellip;maybe we\u0026rsquo;ll tell the world, maybe we won\u0026rsquo;t.\nThis conference is starting to sway my opinions on the future of my career. Maybe my time in the deep weeds of code and terminals is coming to a close in the near future to give way towards a focus on people - organizing events, making connections between people, providing a spotlight on growing projects making a difference or in need of help\u0026hellip; now that\u0026hellip;that sounds like a career to be proud of!\nThe ladies headed off to a nice dinner up on a rooftop, meanwhile, the guys headed over to the Code Think Air BnB for some grilling, card games, and some amazing conversations: The need for funding the foundations, some history of KDE, and bug tracking horror stories!\nDay 2 looks like it\u0026rsquo;ll be EVEN better!\n","date":"6 September 2018","permalink":"https://itguyeric.com/blog/las2018-day-1/","section":"Blog","summary":"IT IS HERE! Libre Application Summit 2018. This is the first IT conference I have attended since a VMware Summit in 2012.","title":"LAS2018: Day 1"},{"content":"I dropped into the Linux Unplugged 265 virtual lug for this one, in on the conversation about privacy, and how much of it we are willing to trade. Linux Unplugged is a live Jupiter Broadcasting show, and these community episodes are always a good hang.\nListen to the full episode at Linux Unplugged 265.\n","date":"4 September 2018","permalink":"https://itguyeric.com/blog/linux-unplugged-265-privacy-priorities/","section":"Blog","summary":"A guest spot in the Linux Unplugged 265 virtual lug, talking through privacy, and how much of it we are willing to trade.","title":"Privacy Priorities | Linux Unplugged 265"},{"content":"Kansas City, Missouri to Denver Colorado, 1 Interstate, 609 miles, 8 hours of podcasts\u0026hellip; Nothing but rain! However, the nice thing about this road trip was it gave me time to consider a few things about my home lab, my career, you know big things.\nI have spent the majority of my career deep in the weeds as a Linux Systems Engineer. I have worked with Red Hat, CentOS, and Ubuntu. The operating system has been my domain for a long time. The problem is, in the past couple of years, the area I have been deriving the most energy from has been the community. This summer, I have been working social media for the GNOME Foundation, made appearances on the Linux Unplugged podcast, helped manage Peer Tube and Gitlab instances. Now here I am on the eve of my first FOSS conference.\nAnother big decision I made while dodging visibility-killing downpours was how to rebuild my home computer lab. I have been using Digital Ocean to manage services like Quassel and Nextcloud. Part of my responsibilities as a Systems Engineer is to stay on top of trends. Well, for projects to survive the velocity of development these days containers and automation need to be at the heart of all their efforts. To be a responsible Sysadmin, I need to be prepared for that shift. So, I plan on setting up a Kubernetes cluster and running all my home services out of a Gitlab instances into containers!\nThe last big thought I spent time on was the next step in my education. I am a huge fan of Linux Academy. Learning from their courses is great, but it doesn\u0026rsquo;t necessarily translate into something industry recognized: IE a certification. The only cert I hold at this point is a RHCSA (Red Hat Certified Systems Administrator) in RHEL6. After this road trip, I hope within the next 3 years to hold my RHCA (Red Hat Certified Architect)!\nAfter a drink and some tacos, its time to hit the sack and get ready for LAS2018 tomorrow!\n","date":"4 September 2018","permalink":"https://itguyeric.com/blog/las2018-travel-day/","section":"Blog","summary":"Kansas City, Missouri to Denver Colorado, 1 Interstate, 609 miles, 8 hours of podcasts\u0026hellip; Nothing but rain! However, the nice thing about this road trip was it gave me time to consider a few things…","title":"LAS2018: Travel Day"},{"content":"I dropped into the Linux Unplugged 262 virtual lug for this one, in on the conversation about init systems and the community debates around them. Linux Unplugged is a live Jupiter Broadcasting show, and these community episodes are always a good hang.\nListen to the full episode at Linux Unplugged 262.\n","date":"14 August 2018","permalink":"https://itguyeric.com/blog/linux-unplugged-262-tribes-of-init/","section":"Blog","summary":"A guest spot in the Linux Unplugged 262 virtual lug, talking through init systems and the community debates around them.","title":"Tribes of Init | Linux Unplugged 262"},{"content":"I dropped into the Linux Unplugged 260 virtual lug for this one, in on the conversation about ThinkPads, hardware, and running Linux on them. Linux Unplugged is a live Jupiter Broadcasting show, and these community episodes are always a good hang.\nListen to the full episode at Linux Unplugged 260.\n","date":"31 July 2018","permalink":"https://itguyeric.com/blog/linux-unplugged-260-thinkpad-as-a-service/","section":"Blog","summary":"A guest spot in the Linux Unplugged 260 virtual lug, talking through ThinkPads, hardware, and running Linux on them.","title":"Thinkpad as a Service | Linux Unplugged 260"},{"content":"I dropped into the Linux Unplugged 256 virtual lug for this one, in on the conversation about where Linux and open source were heading. Linux Unplugged is a live Jupiter Broadcasting show, and these community episodes are always a good hang.\nListen to the full episode at Linux Unplugged 256.\n","date":"4 July 2018","permalink":"https://itguyeric.com/blog/linux-unplugged-256-peering-into-the-future/","section":"Blog","summary":"A guest spot in the Linux Unplugged 256 virtual lug, talking through where Linux and open source were heading.","title":"Peering into the Future | Linux Unplugged 256"},{"content":"I dropped into the Linux Unplugged 255 virtual lug for this one, in on the conversation about Fedora and what makes it tick. Linux Unplugged is a live Jupiter Broadcasting show, and these community episodes are always a good hang.\nListen to the full episode at Linux Unplugged 255.\n","date":"27 June 2018","permalink":"https://itguyeric.com/blog/linux-unplugged-255-fedora-to-the-core/","section":"Blog","summary":"A guest spot in the Linux Unplugged 255 virtual lug, talking through Fedora and what makes it tick.","title":"Fedora to the Core | Linux Unplugged 255"},{"content":"This is one of my earliest podcast appearances, back on Ask Noah Show 28. It is a fun time capsule — Linux, open source, and the kind of homelab tinkering that started me down this whole path.\nWatch the segment above.\n","date":"2 October 2017","permalink":"https://itguyeric.com/blog/ask-noah-28-linux-powered-party/","section":"Blog","summary":"A guest spot on Ask Noah Show 28, an early appearance talking Linux, open source, and homelabs.","title":"Linux Powered Party | Ask Noah 28"},{"content":"One of my first times on a podcast: Ask Noah Show 26, on the idea of building a business with Linux and open source doing the heavy lifting rather than being an afterthought.\nListen to the full episode at Ask Noah Show 26.\n","date":"18 September 2017","permalink":"https://itguyeric.com/blog/ask-noah-26-starting-a-business-with-linux/","section":"Blog","summary":"A guest appearance on Ask Noah Show 26 talking about starting a business with Linux at the core.","title":"Starting a Business with Linux | Ask Noah 26"},{"content":"I\u0026rsquo;m always up for a good conversation. Whether you want me to speak at your event, come on your show, collaborate, or you just have a question — I\u0026rsquo;d love to hear from you.\n","date":"1 January 0001","permalink":"https://itguyeric.com/contact/","section":"Eric the IT Guy","summary":"\u003cp\u003eI\u0026rsquo;m always up for a good conversation. Whether you want me to speak at your event, come on your show, collaborate, or you just have a question — I\u0026rsquo;d love to hear from you.\u003c/p\u003e","title":"Let's Work Together"}]