Filler

This is filler as I’ve not looked at the news nor anything else on Friday.

As I’m writing this at 1830 on Friday, my hands are almost as grease covered as the worker’s hands in the image. I’ve been up since 0700 and have been at work on the Truck since 0930.

First stop, the auto supply store for cotter pins, brake cleaner, and brake fluid.

The first wheel comes off just fine.

Then it was time to take of the calibers. That is where I got my first surprise, these are big, and they do not float.

I’m used to calibers that are attached to the knuckle with two 14 mm headed screws. Torque specs are “yep, click”.

These bolts are normally greased and the calibers just float on the pin portion.

Not mine. They are attached with bolts torqued to 91 ft/lbs, and they are stuck. It took nearly 45 minutes to break them free using a 1″ black iron pipe as a cheater. The big issue was that there was not enough room to work the breaker bar with cheater. I got it done.

Once the caliber was off the truck, it was time to attack the rotor.

The rotor refuses to leave the truck. I whaled on it with a 5 pound hand sledge, it did not budge.

Second trip out, I sent my son to get some 6mx1.0 jack bolts. He returns with exactly what I needed. It only took three text messages. “What is grade 8?”, “do you want the type with the hex top?”, and “How long do they need to be.

Guess what? They don’t fit.

It is only then that I remembered that I have a nice thread gage checker. This is a steel cable with most thread sizes you would find in normal stuff. Each “key” (my son’s term for them), has an external threaded section on one side and an internal threaded section on the other.

In other words, you can screw one side into a hole, and you can screw bolts and screws into the other side.

Testing the jack boltholes I find they are 8m1.25 Off my son goes to get them.

With those in hand, the rotor comes off,

It is now time to attack the axle dust cap. This doesn’t want to come off, but a gentle (not really) attack with a cold chisel, and it gives me a gap for a pry bar to pry it off.

This revels the first clean metal I’ve seen, the axel, axel nut, and the lock for the axel nut.

With a bit of help from my son to keep the hub from rotating, I apply 300+ foot pounds with my foot. There is a load SNAP and all the tools let go. The bar being used to stop the hub from turning, the breaker bar, the 36 mm socket all went their directions.

We recovered all the pieces. I inspected the axel for damage, trying to figure out what snapped. The axle nut now spins off with just light finger pressure. Good news.

I then get the first “win” of the day. Driving the axel out of the sandpaper, err, bearing, was easy and just worked the way it was supposed to.

Driving the other side off? Not so much. After way too much effort, some stupids along the way, my son and I were able to drive the bearings off the knuckle.

The day is good!

After all that work, it is time to start reassembling the front right side. I picked up the “hub with pressed bearings” and compared it to the old part.

Not only does it not match the old part, I can’t make it work without someway to cut a spline in the damn thing.

I messed up. I wasn’t paying enough attention when I ordered front-wheel bearing assemblies. Yes, it had the 6 lugs, but it turns out that there was another version of the Tacoma which uses the heavy-duty brakes, calibers and all the rest, but it is RWD only.

I’m almost in tears. My son takes me to the parts store. They have it in stock. $195. Rockauto.com sells a better version for $106. OUCH! This is precisely what I was hoping to avoid.

It is too late to got back, I buy the parts and we go back.

With the correct part in hand, we can install the bearing assembly. I was just a question of tightening each bolt in sequence, the same amount.

I even have the right tools to torque the bolts. I’m a happy creature.

Time to install the new rotor.

This is where I started cussing to myself.

As I was checking out, I had the rotors, pads in the cart. The website suggested that I use a kit because it came with more hardware, and it was cheaper.

I went for it.

And missed that I had returned the 6 lug version and replaced it with a 5 lug version.

After a short crying jag, my son takes me back to the parts store. Yes, they have the parts in stock. 2 rotors and a set of pads. But because they only have premium in stock, $214.

The passenger side is completed. The bearing has been replaced, the rotor has been replaced, pads have been replaced, brake caliber has been replaced.

The only thing remaining is bleeding the brakes.

Starting work on the driver’s side. The damn wheel won’t come off the rotor! This required energetic use of that five pound sledge with a long punch to knock it off the rotor.

Jack bolts and a bit of hammering and the rotor came off. The brake caliber is stuck on and the head of the bolt holding the hard line on the hub side and the flex line on the frame side rounds over. I can’t get it off.

My son bounces on the breaker bar a few times before the bolts finally come loose. We managed to get the correct two bolts out, pay no attention to the extra bolt we took out.

We then got the hub ready for the new rotor. It took 30 minutes to get the rotor and caliber installed. It was then that I noticed that the hard line doesn’t line up. I take the top bolt out of the caliber and attempt to get the hard-line to attach.

That is when I called it. I was afraid I was cross threading the hard line to the caliber.

I’m tired, I’m grumpy, I don’t want to see the crap and noise that the leftist put out today.

I hope you are having a great weekend. I’m out there working on the truck. Only about 4 hours more of work.

Tuesday I picked Ally up at The Fort at No 4. On the way home, we stopped to do some banking and pick up some groceries.

As we were walking to the bank I said, “Oh, it is closed.”

“Why?”

“Because it’s Sunday.”

“Huh?”

I then got home and posted “Tuesday Tunes” to show up on Wednesday.

I’ve been working on a major website. This includes a content management system for the site that meets the requirements for that vertical.

What I decided on was a “management bar” for those logged in as manager. When they activate the “edit page” function, all the blocks that can be edited are highlighted. Click on the block to start editing the block.

Save your changes. When you are satisfied, click “make live” on the management bar to make all the changes at once.

There are a few good tools for editing text in place.

This left all the other blocks, image editor, carousel editor, calendar editor and a few others.

Design from the top, build from the bottom

I know what I want to do, how I want it to work. Fortunately, I only have to worry about the “working” part. Not the pretty part. I have a team member who helps with that.

What this means is that I see the entire system laid out. This thing will do this, this other thing will do that, the user will see this.

Which leads to a balancing game. How much is done in the template build out? How much is done in the JavaScript module? How much is done on the backend? And how much support does the Frontend request from the Backend?

Currently, I have three different editing models built, each one a bit different from the others. Why? Piece wise progression.

In my original implementation, all logic was done on the Frontend from data provided by the Backend during page load. These led me to a working edit for the carousel. Click here, drag and drop or upload an image. Click there, and you can rotate, mirror, flip, and crop an image, maintaining a fixed aspect ratio.

The next was the text editor. That was simple because the editor works in place, sort of. But it is working. I’ll be adding more features to it, but that is mostly done.

Then the new image processing came into play. Click on the image you want to edit, a dialog pops up, the original, raw image is loaded. Recorded edits are applied, the image can now be edited.

All modals had to be preloaded. All the content of the modal was preloaded. Everything works by modifying existing elements or modifying the DOM. The only communications with the backend are fetching the raw image.

Which led to the calendar editor.

Piecewise progression.

With this, the amount of data started to exceed easy storage in the DOM. Access to needed data was looking more and more like a call back to the backend. The need to serialize objects on the backend for the frontend to manipulate was starting to get stupidly complex.

This led to a redesign. Instead of multiple modals, there is now a single modal (dialog) which is fetched, on need, from the Backend. In this modal, there is a tabbed pane. Click on the tab, a different pane shows.

By listening for a pane to be displayed, we can determine what content we require and request that from the backend, which has full access to all the data and logic required to make this work.

Bingo, everything starts to get easier.

Which means, once this edit is completed, I’ll return to the image editor, make the same design decisions, which in turn will make the carousel editor a simple modification of the image editor.

Things are getting a little easier as I become more comfortable with TypeScript and “promises”

Why the concerns?

First, when I started programming, you didn’t do redundant things because there were no spare cycles and there were no spare bytes.

As an example, I like to write a = do_it(param)->do_other(params2)->do_different(do_wildly_different(param3)).

This seems reasonable to me. No extra cycles, no extra bytes.

Today, it is better to do r1=do_it(param); r2=do_wildly_different(param3); r3=r1.do_other(param2); r4=r3.do_different(r2); This performs the same actions, but it is often clearer to read and allows for checking results at each step. All good.

The other big thing is communications. My last project was a shopping app. Our family still uses it. It creates shopping lists that you can then use from your Android Phone. It has more to it, but that’s the gist.

Because communications is sketch around here, it was designed to work in a standalone state, uploading changes when it could, downloading changes when required.

This lead to an entire mindset of “Communications is expensive”. Which I’ve had to break. The new site makes seriously different design choices.

1. All Manager level actors will have modern browsers
2. All staff working with the site will have reasonable download speeds
3. All volunteers using the site will have reasonable browsers and speeds.
4. All visitors to the site will have a relatively modern browser.

In other words, If you are working on the site, and it takes 5 seconds to get an updated pane or modal, this will be acceptable, or you will need to upgrade your device.

In looking at the current usage of browsers on the Internet, more than 95% of the people using the Internet will do just fine.

Now back to the Bootstrap 5 grind as I design pretty forms.

My oldest son is on the spectrum. He has a job but does not have a license. He still lives with his mother, my ex-wife.

When he was in middle school, I attended an IEP (individual education plan). This is where we lay out what accommodations he needs and how best to get him educated.

I’m in a conference room with his “team”. This is the principal, multiple teachers, the special-ed coordinator and a few specialists. There are two males in the room. The principal and me.

As we start the meeting, the special-ed coordinator says, “These math classes are difficult. We believe that your son will be best served by removing the math requirement. Math is hard.”

I was livid. “Have you ever talked to him? Do you have a clue as to what is capabilities are in math? That is his easiest class? I’m betting that not a one of you majored in a STEM major. Math is hard? No, it is hard for you.”

This is one of the most important concepts in mathematics. Anything times zero is zero. Dividing anything by zero is undefined.

Calculus is about pretending you can divide by zero. Not because you are dividing by zero, but you are using a very small number in place of zero. Or, as calculus puts it, “as delta x approaches zero…”

• The parent has fail math
• Unless the third grader is Sheldon or Doogie, the correct answer is, 0. And for most people, of any age, the answer is 0. Context matters.
• Sounds like the parents gotta go back to third grade LOL
• I disagree that a number divided by zero is undefined. You had a number, 1, in this case. Then you didn’t divide it. So, 1 remains untouched. It shouldn’t lose its definition based on something you didn’t do.
• Teachers right tho
• Logically he is technically right. If you have one thing then divide it by nothing then you still have that thing cause there is nothing to divide by.
• Both the parent and the kids sharing the same brain cell
• She didn’t know the answer is infinity either.
• typical USA level education
• Yes, give up this fight. This is sufficiently correct for grammar school.

There are more idiots responding. Luckily, those that can do simple math out number them.

The follow up seems to be that the teacher wrote an apologized, claiming that she was taught that 1/0=0 back in the 90s.

I admit that I have horrible organizational skills. I use different tools to account for that lack.

I love me some Kanban and it looks so pretty when I start. And then it gets left behind.

Git allows me to make cheap commits. It allows cheap branches.

The development model should be “Create Issue. Create a branch to match issue. Work the issue on the branch. Resolve issue on branch. Merge master to issue branch. Resolve conflicts. Merge the issue branch back to master and delete the issue branch.”

I have a branch which was “Add MD5 to images”. By the time I was ready to commit, I had almost 40 files that had been modified. I spent about an hour making commits. Moving to different branches to get the changes into the right branches.

Once that was done, my workflows kicked the commit because of issues. Four hours to create typing stubs and to lint the added code. Painful.

Why? Because I got the md5 done but was in the middle of using the new code, then a higher priority issue popped which got its branch but which …

About once every two weeks, I have to spend a day organizing to get things back to reasonable.

I love working at the Fort at No 4. The current director is wonderful. She is also in over her head and struggling to get everything done that needs to be done.

This leads to her moving from most important to next most important until there is no organization, no completion.

Yet, she keeps it all going. I don’t know how she does it.

Today we had a longish meeting to go over Use Cases for the new website.

For me, use cases are formalized brainstorming. Every use case is written as

“As {Actor} I {Want|Need} {something}”

The something needs to be well-defined, and it must be a single thing. You don’t write, As a web visitor, I want to be able to read the EULA and the Privacy Statement.

That is two different use cases.

As we were working our way though one section of use cases, she told me that the process of writing use cases for the website was helping her to organize her job as the director.

Which is an extra benefit.

I’m a bit tired right now. I stayed up way too late Tuesday Night, 0300 late. I’m in the making good progress, fighting my way through the tangled web of code.

Today will be an even better day.

Now all I need to do is find time to read some more court documents, without taking my blood pressure through the roof.

This Representative is talking out of both sides of her mouth.

According to her, “they” went into the Delaney Hall premises, guided by the guards.

She claims that she has oversight authority to be there.

Let me see, what happens when you enter a federal property, look around, take pictures and selfies, then walk back out, thanking the cops on duty?

If I remember correctly, you get tossed in jail without bail to wait till a judge decides to hear your case. You are given an option to confess or to be returned to your cell.

The rest of the story is that the Mayor of Newark was arrested. He does not have any “oversight” authority.

The democrat representatives were there for a camera opportunity. Not oversight. I do not know if they even sit on a committee that oversees this facility.

So the good news, is these stunts are getting these showboating politicians arrested.

Ally and I have had some long conversations about winning the hearts and minds of the middle.

The common saying is, “Where there’s smoke, there’s fire.”

This is normally true. Sometimes it is not.

In 2016, my parents expressed their disgust for Trump. They were convinced that he was doing horrible things.

Today, there are people that scream and call him a felon. The “fine people” hoax still lives on.

If you are a normal person, you can’t help but be inundated with negative coverage of Trump.

His tariffs will destroy the economy! There is a recession coming! All those empty ships sitting in China means that the US economy is failing and prices are going to go through the roof.

What I see when I see all of those empty container ships is tariffs working. Those are sales China is not making. That is their economy burning to the ground.

But I can’t talk to those in the middle about it. Yes, it is my opinion. My friends that are thinking and on the left, can’t get past the constant barrage of “Evil Trump”!

They just tune out or they get TDS. My ex-friend went that way. It was Trump’s fault that Roe v. Wade was reversed, and that meant there would be no “reproductive care” for women.

It is years since that decision, there are still abortions happening in this country. In some places, more than before the Dobbs decision.

Most of all, I’m reminded of the people telling me that because there are so many accusations of Trump, there is so much smoke coming from the Trump Administration, there must be fire there.

What I saw were arsonists and smoke bombs.

While scrolling through X, looking for something to write about, I stumbled on a posting regarding Trump’s annual physical and its results.

/Trump’s 2025 Annual Physical Results

The post and almost all the comments are of the “It’s a fake!” or “They’re lying!”

His temperature is normal. That can’t be because it is just an average. They lied.

He scored 30 out of 30 on the Montreal Cognitive Assessment. This is a lie, everybody has seen he is cognitively impaired.

We know his height and weight are BS.

His resting heart beat is too good. It must be a lie.

He was tested on the 11th of April, but they didn’t release the results until the 13th. This proves it is a lie. They wanted time to fabricate the results.

Or my favorite, they noted the scar on his right ear but not the scars from multiple failed hair transplants. Since the assassination attempt was fake, this proves the medical report is fake as well.

Trump got a clean bill of health, since he isn’t showing any issues, it must be wrong.

These people are sick in the head. They just want him, and us, dead.

P.S. My favorite bit of TDS this week was a bunch of people looking for information about the kid that attempted to assassinate Trump. Since the monster was killed and the attempt was faked, this is another indicator that Trump faked the assassination attempt.

A modern website is a complex system of inter related pieces. Each of which must work correctly and communicate correctly with the other parts of the system.

As website creators, we break the design into the Frontend and the Backend. The front end is anything the end user sees, while the back end is responsible for generating content to be displayed.

The backend is further subdivided into the Model, Controller, and View. The model is our term for the database and database access. The controller is the rules for the website. The view is the creation of content to be displayed.

Consider a website that allows you to purchase an item. The “model” would describe that item. SKU, size, weight, cost, price, images, description, name, and much more. The “controller” encodes the business rules. We can only ship to people that have paid us. And the view turns all the information into content for a browser to display.

The content is delivered as HTML. We can also supply JavaScript code and Cascading Style Sheets. The HTML can have the JavaScript and CSS embedded in the HTML or the HTML can link to other resources to be included with this page.

HyperText Markup Language

The US government wanted a standardized way of creating electronic documents for printing. This was the Standard Generalized Markup Language, ISO8879.

SGML has the advantage of being very application-specific. If you are writing a book, you use one set of tags, if you are creating the Message Of The Day, you use a different set of tags.

The power of markup is that you describe what you are marking up, rather than formatting whatever it might be.

Consider and address. Bilbo Baggins, 999 Bagshot Row, Hobbiton, The Shire. As written in this sentence, it is just a row of text. You could write it that way on a letter and it would be delivered, but the postman would be unhappy at the formatting

<b>Bilbo Baggins</b><br/>
999 Bagshot row<br/>
Hobbiton, The Shire<br/>

Is the address formatted, which looks like

Bilbo Baggins
999 Bagshot row
Hobbiton, The Shire

Using DocBook, a particular version of SGML, we would write that same address something like:

<address><surname>Baggins</surname><givenname>Bilbo</givenname>
<street>99 Bagshot row</street>
<city>Hobbiton</city><state>The Shire</state>
</address>

We do not know how to display the address, but we know that it is an address. If we are provided rules on how to display addresses, we can display this address per the rules.

Structure

HTML was designed to be simpler than SGML. There are fewer tags, and the fixed meaning of the tags made it easy to write HTML by hand.

Almost every post I create is written in raw HTML. That HTML is then styled and displayed in nearly pretty ways.

HTML defined the structure of the document. The structure was of a header section, describing the page, and a body section with the actual content.

Within the content section were the different displayable content. You had headers, levels 1 through 5, you had numbered lists, unnumbed lists, and definition lists (a word with an attached definition). There were paragraphs, links, tables, and finally, there were images.

This content was rendered however the browser wanted to.

There were formatting tags for bold, italics, blinking, and not much more.

If you wanted to “layout” your webpage, you used tables and fought to get things right.

Cascading Style Sheets

CSS allowed us to provide styling to an element. The paragraph above has margins, padding, and boarders applied to it. It has colors applied for the background and for the font. All are set via a style sheet. Your browser has a default style for each element.

The problem that arises is how to attach that styling to particular elements. The answer starts with the structure of the document.

p {
  color: red;
  background-color: green;
  margin-left: 50px;
  border: 2px;
}

This uses a CSS selector, ‘p’ to locate all paragraph elements. It then sets the background to green, the font to red, moves it to the right 50px, then draws a 2px solid border around the paragraph.

This is a basic selector. Selectors get very complex.

DOM

Every element in an HTML document is loaded into the DOM. From there, we can select elements and modify the style of the element with CSS and CSS Selectors.

The simplest method is to give important elements an ID. IDs are unique for a DOM. If there is more than one element with the same ID, this will generate an error, which most people will never see. The rules tell us which element will own that identifier.

To find a particular element with a particular ID you use the ‘#’ symbol. Thus, to find the header just above, we would write “#DOM”. While the header would look like <h3 id=”DOM”>DOM</h3>.

We can add a multiuse identifier, called a class, to multiple elements at the same time. <div class=”quote”> is the code I use to create a quote. The class “quote” has a CSS group attached. This causes all the divs of class quote to be rendered as a block quote.

We then have the tag selector. We used one above with the “p” element. This allows us to select all the elements of a particular type. The selector “li” would select all the list items in the DOM. We could use this to make every line italic.

We can combine selectors to limit which elements are selected. “ul>li” would select all line items of unordered(without numbers) list, while “ol>li” would select all line items which were part of an ordered (with numbers) list.

These selectors can even allow us to move through the DOM in a structured way. We can ask for the first paragraph after a header for special treatment.

DOM Manipulation

When we load JavaScript on a web page, that JavaScript can watch for events on elements. This is done by locating an element with a selector, then watching for a particular event to take place on that element.

The JavaScript can then modify the DOM. This can be by changing the structure of the DOM, or it can be modifying the style of elements in the DOM.

A recent example of this, I added a class to some table data items (td). I did it with a class. I then found all the elements with that class and watched for a mouse click on those elements.

When the click was detected, my JavaScript ran. The JavaScript grabbed the contents of the element, stripped out formatting, then put that content into a text input box, displayed the text input box for the user to edit.

When the user completed their edit, the value they entered was formatted, the input was removed from the DOM. The formatted value was then placed back in the element.

All with a bit of good selection to make it work.

Finally, Selenium uses different types of selectors to find elements for manipulation or testing.

Very powerful stuff.

In computer languages, there are very few that are structurally different.

FORTRAN is like COBOL, which is like Pascal, which is like BASIC, which is like ADA, which is like …

Forth is not like those above. Nor is APL or Lisp.

Assembly languages can be used in structured ways, just like FORTRAN, COBOL, Pascal, and many others. It requires the discipline to use if not condition jump skip_label; do stuff in condition; skip_label:. The actual programming logic stays the same.

The two computer languages I dislike the most are PHP and Python. Both because they are weakly typed.

In a strongly typed language, you declare a variable’s type before you use it. The type of the variable is immutable for its lifetime.

In other words, if you declare a variable of being of type integer and then attempt to assign a string to it, it will barf on you during compilation.

In PHP, all variables look the same, any variable can hold any type at any moment. The type can change from line to line. And the language will do implicit type casting. It is hateful.

Python has all the same characteristics I hate in PHP, with the added hateful feature of using indentation instead of begin-and markers for blocks.

I’m lucky that Python has an optional typing capability, which I use consistently. The optional part is a pain when I want to use a module that has no typing information. When that happens, I need to create my own typing stub.

But the worse part of all of this is that they get jumbled together in my head. How many entries in an array? In PHP, that is determined by the count() function, in Python it is the len() function.

In Python, the dot (.) is used to access methods and attributes of objects. In PHP, it is the concatenation symbol.

I am tired of writing Python in my PHP files and I dread switching back to Python because I know my fingers will mess things up.

Networking should be simple. Even when it was big, it was simple. Plug the wires in correctly, assign the IP address your system administrator gave you, and you are up and running on the internet.

We built each node on the net to be able to withstand attacks. Each node was a fortress.

But when we put Win95 machines on the net, that changed.

The mean time to having a Win95 machine compromised was less than 72 hours.

Today, an unhardened Windows box has about an hour before it is compromised. Many IoT devices have windows in the 5 minute range.

To “fix” this issue, we introduced firewalls. A firewall examines every packet that enters, deciding if the packet should be allowed forward.

Since everything was in plain text, it was easy to examine a packet and make decisions. This “fixed” the Windows Vulnerability issue.

The next complication came about because Jon Postel didn’t dream big enough. His belief was that there would never be more than a few thousand machines on the Internet.

This was an important argument as it shaped the new Internet Protocol. He wanted 2 bytes (16 bits) for host addressing. Mike wanted more. He argued that there would be 100s of thousands of machines on the Internet.

They compromised on a 4 byte, 32 bit address, or around 4 billion addresses. But since the address space was going to be sparse, the actual number would be less than that. Much less than that.

This meant that there was a limit on the number of networks available at a time when we needed more and more networks.

Add to that, we had homes that suddenly had more than one device on the Internet. There were sometimes two or even three devices in a single home.

Today, a normal home will have a dozen or more devices with an internet address within their home.

This led to the sharing of IP addresses. This required Network Address Translation.

stateDiagram-v2
  direction LR
  classDef outside fill:#f00
  classDef both fill:orange
  classDef inside fill:green
  Internet:::outside --> DataCenter
  DataCenter:::outside --> Firewall
  Firewall:::both --> Server
  class Server inside 

Here we see that we have an outside world which is dangerous red. The Firewall exists on both and creates safety for our Server in green.

stateDiagram-v2
  direction LR
  classDef outside fill:#f00
  classDef both fill:orange
  classDef inside fill:green

  Internet:::outside --> DataCenter
  DataCenter:::outside --> Firewall
  Firewall:::both --> LoadBalancer
  state LoadBalancer {
    Server1
    Server2
  }
class LoadBalancer inside

Server1 and Server2 are part of the compute cluster. The load balancer sends traffic to the servers in some balanced way.

stateDiagram-v2
  direction LR
  classDef outside fill:#f00
  classDef both fill:orange
  classDef inside fill:green

  Internet:::outside --> DataCenter
  DataCenter:::outside --> Firewall
  Firewall:::both --> LoadBalancer
  state LoadBalancer {
    Ingress1 --> Server1
    Ingress2 --> Server2
Server1 --> Compute1
Server1 --> Compute2
Server1 --> Compute3
Server2 --> Compute1
Server2 --> Compute2
Server2 --> Compute3
  }
class LoadBalancer inside

The firewall sends traffic to the load balancer. The load balancer sends traffic in a balanced fashion to Ingress 1 or Ingress 2. This configuration means that either Ingress 1 or Ingress 2 can be go offline and the cluster continues to work.

The actual structure is that the Ingress process runs on the different servers. It is normal to have 3 ingress processes running on 3 servers, with more servers hosting other processes.

So what’s so complicated? What’s complicated is that each of the devices in that path must be configured correctly. Which gets more complex than it should be.

The path packets travel is configured by routing configurations. This is done by BGP outside the Data Center and OSPF inside the Data Center. The Firewall must be configured to only pass the traffic it is supposed to.

Firewall rules grow and can be complex. My firewall rules exist as “If it ain’t broken, don’t fix it” It is always a concern when modifying firewall rules. It is not unheard of to lock yourself out of your firewall. Or to bring down a thousand sites from one bad configuration rule in a firewall.

The load balancer must also be configured correctly. In our case, our load balancers offload SSL/TLS work to allow routing decisions. It then uses internal SSL/TLS for all traffic within the cluster.

The Ingress processes live on a virtual network for intra-cluster communications and on the load balancer network for communications with the load balancers.

Each of the compute instances communicates on the intra-cluster network only.

All of this is wonderful. Until you start attempting to figure out how to get the correct packets to the correct servers.

The firewall is based on pfSense. The load balancer is based on HAProxy. The ingress services are provided by Nginx. The intra-cluster networking and containerizing is provided by docker/K8S.

The issue of the day, if I upload large files via the load balancer, it fails. Implying that HAProxy is the issue. Uploading to the ingress services directly works.

Frustration keeps growing. When will it get easy?