Talks
A curated list of my talks, presentations, and workshops in open-source topics.
If you are interested in having me speak at your event, please feel free to contact me.
Sylve - A Proxmox alike Virtualization Platform for FreeBSD with bhyve
Sylve is an emerging virtualization and system management platform built specifically for FreeBSD, inspired by the approach of Proxmox. It combines Bhyve for running virtual machines, Jails for containerization, and tight ZFS integration, all accessible through a unified web interface. The backend is developed in Go, while the frontend relies on SvelteKit, Tailwind CSS, and ShadCN UI components to deliver a modern and responsive user experience. With a minimal system footprint, Sylve seeks to make managing virtualization, storage, networking, and firewalling on FreeBSD both straightforward and efficient. Supported by the FreeBSD Foundation and Alchemilla, the project is still under active development but already fills a major gap in the FreeBSD ecosystem by offering a cohesive, user-friendly administration platform. Its roadmap includes advanced features such as firewall rule configuration, DHCP support, and WireGuard VPN integration. By continuing to expand its capabilities, Sylve aims to become the go-to management solution for FreeBSD-based servers and clusters. And here, you can find my howto compile, install and first-looks at Sylve on FreeBSD.
Resources
ProxLB: Intelligent Workload Balancing for Proxmox Clusters
ProxLB is an open-source load balancing solution developed to fill the gap left by the lack of a Dynamic Resource Scheduler in Proxmox clusters. It automatically distributes workloads across nodes by considering metrics such as memory, CPU, and disk usage, helping to prevent overprovisioning and ensuring efficient use of resources. Administrators have flexibility through configuration options and API calls that allow them to filter or exclude specific nodes and guests, tailoring the balancing process to their own requirements. A particularly valuable feature is its maintenance mode, which automatically moves all workloads from a node so it can be safely updated, rebooted, or serviced without disrupting cluster operations. ProxLB also supports affinity and anti-affinity rules, giving operators control over whether certain guests run together or separately, depending on performance and availability needs. It integrates seamlessly with automation tools like Ansible or Terraform, offering optimal node placement for CI/CD pipelines and enhancing deployment workflows. By relying entirely on the Proxmox API with full ACL integration and no need for SSH, ProxLB delivers both security and simplicity while significantly improving Proxmox cluster management. You can find more details about my ProxLB project here.
Resources
Proxmox Cluster Fully Automated: Cluster Creation, NetApp Storage & SDN Networking with Ansible
A fully automated Proxmox Cluster takes the idea of infrastructure as code to the next level by removing nearly all manual work from the setup and management process. Instead of installing each node by hand, configuring networks, forming clusters, and adding storage one step at a time, everything is defined in automation workflows that can be deployed, repeated, and audited. This approach ensures consistency across environments, whether you’re running a small three-node setup or multiple large clusters across different sites. In my own work at credativ GmbH, I’ve not only relied on this way of building Proxmox infrastructures but also contributed to it by developing dedicated Ansible modules such as proxmox_cluster, proxmox_node and proxmox_storage, which I upstreamed so the community can benefit as well. These modules allow clusters to be initialized, nodes to be joined, and storage systems like NFS, Ceph, or Proxmox Backup Server to be integrated without ever touching the UI. The result is a platform where changes are versioned, reproducible, and scalable, ensuring that operations run smoothly and securely. Projects like ProxLB add even more value by introducing VM load balancing capabilities, making the ecosystem richer and showing what’s possible when automation and open source meet.
Resources
BoxyBSD introduction and insights
BoxyBSD is a non-profit project and hosting provider that focuses on supporting the BSD and open-source communities. Its main goal is to make technology services free and accessible so that more people can learn, explore, and innovate with BSD-based systems, such like FreeBSD, OpenBSD and NetBSD. The initiative offers free virtual machine hosting (VMs/VPS), email hosting, and web hosting to give users practical experience in areas like system administration, networking, and security. By removing financial barriers, it allows students, hobbyists, and professionals alike to gain valuable knowledge and skills. BoxyBSD relies on modern technology and open-source principles to build a trustworthy and collaborative platform. It creates an environment where experimentation and growth are encouraged, making it easier for users to advance their expertise. In doing so, it helps strengthen both the BSD ecosystem and the wider open-source world. You can find more about my BoxyBSD project here.
Resources
CMake – Cross-platform packaging with Pack
Pack is an important part of CMake that makes it possible to create ready-to-use software packages directly from a project. It allows developers to build packages for multiple platforms such as Debian, RedHat, or FreeBSD without leaving the CMake environment. With only a few additional lines in the CMakeLists.txt file, CPack can produce .deb and .rpm packages automatically. This approach is especially useful for CI/CD pipelines, since all configuration for different distributions can be kept in a single place. It supports both packaging compiled binaries and distributing static files, giving flexibility depending on the project needs. The actual package creation process is very simple, as it only requires running the cpack command with the desired generator. While CPack takes care of most of the heavy lifting, developers still need to be mindful of distribution-specific details such as changelog formats, dependency names, and package naming conventions.
Resources
QualvoSec – A Security Patch Management Tool for Linux & BSD
QualvoSec is a lightweight and self-developed security patch management system for Linux and BSD environments, introduced in 2024. It is designed with security in mind, running its client daemon without root privileges and only allowing a restricted set of sudo commands. The system follows a pull-based approach where clients periodically fetch patch manifests in YAML format from a server over HTTP or HTTPS. By integrating directly with CMake, it supports package building for both .deb and .rpm, ensuring smooth deployment across different distributions. The server provides static patch schedules and rules, while the client daemon enforces patching windows, reboots, and health monitoring. An administrative tool enables operators to gain an overview of system status, manage patch windows, and identify orphaned or inactive hosts. Since it avoids agent-based remote code execution, QualvoSec reduces complexity and security risks in patching workflows. Its minimalistic architecture makes it suitable for secure, transparent, and automated patch management across diverse infrastructures.
Resources
Gemini - What is the Geminispace and the Gemini protocol?
Gemini is a lightweight and privacy-friendly internet protocol that was introduced in 2019 as an alternative to the modern, bloated web. It aims to provide a middle ground between the simplicity of Gopher and the flexibility of HTTP, but without inheriting their downsides. The protocol enforces TLS encryption by default, runs on port 1965, and uses the gemini:// URI scheme, which makes it secure and distinct from traditional web protocols. Content on Gemini is written in Gemtext, a minimal markup language that resembles Markdown and focuses on readability rather than flashy design. The Geminispace, as the ecosystem is called, emphasizes delivering pure content without advertising, tracking, or excessive JavaScript. While the protocol itself is simple and intentionally limited in scope, it still allows for both static and dynamic content through CGI scripts. Today, Gemini has a growing community, a variety of clients and servers across all major operating systems, and even its own search engines and tools, making it a small but meaningful corner of the internet.
Resources
External Blog Posts
- bhyve as a Hypervisor on FreeBSD – Creating a Virtualization Environment
- Migrating VMs from VMware ESXi to Proxmox
- Integrating Proxmox Backup Server into Proxmox Clusters
- NetApp Storage and NVMe-oF for Breakthrough Performance in Proxmox Virtualization Environments
- How and when to use Software-Defined Networks in Proxmox VE
- Efficient Proxmox Cluster Deployment through Automation with Ansible
- Veeam & Proxmox VE: Opportunities for Open-Source Virtualization
- Automated Proxmox Subscription Handling with Ansible
- Effiziente Storage-Automatisierung in Proxmox mit dem proxmox_storage Modul