I've spent like 2 days on this semi-toy project, for which I would have been paid generously had I chosen to work for a client instead. This pleasure cost me hundreds of €s not earned. But it feels ssooooo good to code smth just for pleasure.

Totally worth it!

More pleasure than money could buy?

Care to share? I'm intrigued 😁

I started a flutter app yesterday. I hope it will give me pleasure too :D

@electrineer prolly yes. Money will buy me smth others have done. For me the pleasure is to play with stuff myself :)

if only I could buy time...

@ScriptCoded nothing fancy. Playing with go [learning], building a universal kernelspace loadbalancer based on iptables. My app will be its controlplane: healthchecks, api, configuration, mgmt, monitoring, etc

@netikras 🥴 you have me confused

@ScriptCoded how come?

@netikras what is the interface of the app? CLI? Web? Is it a monitoring service or does is combine data monitored by other services? And did you make a load balancer on kernel level? I made a load balancer in C: no overhead. In python: 50% slower. But that's on localhost. For internet it's just fine. A python loadbalancer is around 40 lines if you don't have too much balancing logic and just choose a random target to forward to.

@retoor currently it's still a wip. Main interface is cli, rest is tbd [maybe].

Yes, kernel-level lb. It's based on netfilter, which operates in kernel. It itself supports loadbalancing, but managing it is tedious and it does not have healthchecks.

The project is basically an iptables wrapper. Which makes it a good candidate for further development - a k8s operator managing nodes' firewall rules through a daemonset. This will enable me to have hybrid clusters [mixed nodes: multicloud, physical, etc.] with publicly exposed all ports, but protected by a common firewall config - iptables.

> cost me hundreds of €s not earned

Spoken like the CEO of a big game dev company who is complaining about piracy 🙃

@Lensflare well why make games if you aren't being paid for them

why go into work if they're not gonna pay you

@jestdotty relax, I‘m criticizing the AAA game industry, not @netikras

@Lensflare it's not emotional, it's logical. the philosophy behind it doesn't fit

@netikras Because I was too tired to try and understand 😄 What benefit do you get from having it be in kernelspace?

@ScriptCoded performance. Not crossing any kernel rings for any of the forwarded packets, not making any syscalls. Not making double accounting for sockets. And perfectly fitting all the needed 'working' state in memory, in kernel, even if the app crashes. In fact, the only way to crash such a LB is to crash the OS itself, so bugs in my code will not affect traffic directly - they will only prevent state in kernelspace from being updated [eg running h/c against targets and taking them to LB_OFFLINE chain if hc fails, which does not happen THAT often]

My client is fintech, so every millisecond counts

@netikras Oh cool! But I thought you had no client?