Current Focus
Today's Activities
November 3, 2025
📋 Summary: Deployed production-grade K3s cluster with Docker integration, persistent storage, and multi-website isolation on single server. Transitioned from traditional VPS hosting to enterprise-level container orchestration with zero-downtime deployment capability and horizontal scalability framework.
Kubernetes Implementation Success - Successfully deployed and configured K3s cluster for production hosting
• Container Orchestration Platform: Kubernetes automates deployment, scaling, and management of containerized applications across multiple servers
• K3s Implementation: Using lightweight Kubernetes distribution optimized for resource-constrained environments (typical: <512MB RAM per node)
• Multi-Website Hosting: Successfully configured cluster to host multiple websites on single server with complete isolation and independent scaling
• Persistent Storage: Implemented persistent volume claims ensuring website data remains intact across pod restarts and updates
• Docker Integration: Containerized all web applications with nginx serving static content and dynamic backends
• Zero-Downtime Deployments: Leveraging Kubernetes rolling updates for seamless application updates without service interruption
• Future Scalability: Planning to add home computer as additional cluster node for horizontal scaling and high availability setup
✅ Major Achievement: Enterprise Infrastructure
Successfully transitioned from traditional web hosting to production-grade Kubernetes cluster. This enterprise-level infrastructure enables zero-downtime deployments, automatic failover, and seamless horizontal scaling. Managing multiple websites with persistent data on single server while maintaining flexibility to scale across multiple machines demonstrates practical DevOps and cloud-native architecture mastery.
Recent Achievements
Technical Accomplishments
This WeekSuccessfully deployed portfolio website using Next.js and Cloudflare tunnels
Reorganized technical skills section for better visual hierarchy and user experience
Enhanced professional summary with comprehensive skill coverage
Implemented responsive design improvements across all portfolio sections
Academic & Professional
OngoingAdvanced progress in MS Computer Engineering coursework at Mapua University
Continued legal studies in Juris Doctor program at University of Cagayan Valley
Successfully coordinated ICT infrastructure upgrades across multiple institutions
Learning & Development
Technical Skills
Advanced Next.js Optimization
Performance improvements and best practices
AI Integration Strategies
Educational platform enhancement with AI tools
Cloud Infrastructure Scaling
Enterprise-level deployment strategies
Governance & Management
COBIT Framework Implementation
IT governance best practices
ITIL 4 Service Management
Modern IT service delivery approaches
Educational Technology Integration
Curriculum enhancement through technology
Daily Reflections
Today's Insights
November 3, 2025Today focused on documenting and validating infrastructure learning experiences. After successfully implementing Kubernetes earlier, shifted attention to hypervisor technologies and their practical tradeoffs. The day reinforced an important principle: the most powerful tool isn't always the right tool for the job.
Studied KVM/QEMU as a free alternative to Proxmox, understanding kernel-based virtualization at a deeper level. However, ultimately chose VirtualBox for most development work due to simplicity and lower management overhead - GPU utilization matters far less than I initially thought in real-world use cases. This decision reflects pragmatic infrastructure thinking.
Key takeaway: Infrastructure decisions should optimize for actual workload requirements, not theoretical capabilities. Today's journal updates document five major learning experiences (Kubernetes, Serverless, Tailscale, RustDesk, KVM/QEMU), each representing both technical depth and practical decision-making. The pattern shows growth from implementation challenges to strategic technology selection.
Looking Ahead
Next FocusDeploy additional websites to Kubernetes cluster using lessons learned from junevergelquerol.com
Explore practical VirtualBox setup for development environments
Document network infrastructure patterns (Tailscale, Cloudflare Tunnel, DNS)
Continue MS Computer Engineering and JD coursework while applying infrastructure knowledge
DevOps Learning Journey Timeline
October 1, 2025
KVM/QEMU Virtualization
Learned hypervisor fundamentals, chose VirtualBox for pragmatism
October 3, 2025
Tailscale & Zero-Trust Networking
Explored mesh networks, identity-based access control, 5 implementation patterns
October 10, 2025
RustDesk Remote Access
Evaluated latency optimization, server proximity impact, infrastructure constraints
October 15, 2025
Serverless with Cloudflare Pages
Deployed GitHub-centric CI/CD, learned architectural tradeoffs, 40s build time
November 3, 2025
Kubernetes Production Cluster
Deployed K3s, multi-website hosting, persistent storage, zero-downtime deployments
📈 Learning Arc: From hypervisor fundamentals → distributed networking → remote access optimization → serverless architecture → container orchestration. Each milestone builds on previous knowledge, reflecting progression from infrastructure concepts to production deployment patterns.
Past Journal Entries
Serverless Deployment Exploration
October 15, 2025
📋 Summary: Deployed static websites using Cloudflare Pages serverless architecture with GitHub-centric CI/CD. Achieved 40s build time (vs 2min traditional VPS), global CDN distribution, and zero infrastructure costs on free tier. Identified key architectural constraints for dynamic data operations.
Cloudflare Pages Deployment Success - Successfully deployed static websites using serverless architecture on Cloudflare's free tier
• GitHub Integration: Cloudflare Pages connects directly to GitHub repository as the source of truth - automatic deployments triggered on git push
• Performance Benefits: Significantly faster and more stable compared to traditional server-based hosting, leveraging Cloudflare's global CDN network
• Zero Infrastructure Cost: Free tier provides generous limits for static site hosting with automatic SSL and global distribution
• Continuous Deployment: Every git commit triggers automatic build and deployment pipeline without manual intervention
Architectural Limitations Discovered
Static-First Architecture: Most open-source applications are designed for traditional server environments with persistent processes, databases, and file systems - not compatible with serverless constraints
Data Writing Performance: Manual data updates are significantly slower even when using REST APIs - serverless functions have cold start latency and stateless architecture makes real-time data operations challenging
Build-Time vs Runtime: Serverless platforms excel at build-time generation but struggle with runtime dynamic content - requires rethinking application architecture around static generation patterns
Architecture Insights
Serverless platforms like Cloudflare Pages represent a paradigm shift from traditional hosting - trading runtime flexibility for unprecedented speed, stability, and cost efficiency. The GitHub-centric workflow creates an elegant developer experience, but the architectural constraints require careful consideration of application requirements. Best suited for content-heavy, read-optimized sites rather than dynamic, data-intensive applications.
🧠 Lesson Learned
Choose hosting architecture based on content access patterns, not raw capability. Serverless excels at read-heavy, static content due to edge caching and global distribution. For dynamic, frequently-updated content, traditional server infrastructure (or edge functions with state) is required. Build time vs runtime performance optimization is a key architectural decision.
Tailscale & Virtual IP Networks
October 3, 2025
📋 Summary: Explored Tailscale mesh networking and WireGuard-based virtual IP infrastructure. Understood zero-trust architecture principles and identity-based access control. Brainstormed 5 implementation patterns: remote computer integration, distributed dev environments, multi-site K8s federation, IoT device management, and secure access control.
Tailscale Virtual IP Implementation - Discovered and learned how to create virtual IP addresses using Tailscale for seamless network connectivity
• Virtual IP Networks: Tailscale creates a virtual layer 3 network that bridges physical networks through encrypted tunnels
• WireGuard Protocol: Built on modern WireGuard technology for fast, secure peer-to-peer connections
• Mesh Networking: All devices connect directly to each other without central server relay, reducing latency
• Zero Trust Architecture: Identity-based access control using public key cryptography instead of traditional firewalls
Implementation Brainstorm
Remote Computer Integration: Connect home computer, office devices, and cloud servers as if they're on the same local network - no port forwarding or complex firewall rules needed
Distributed Development Environment: Team members across different locations access shared development resources using simple IP addresses instead of managing VPN credentials
Multi-Site Infrastructure: Connect Kubernetes clusters across physical locations into a single virtual network for transparent service discovery and load balancing
Secure Device Access: Grant granular access to specific devices or services based on user identity, device posture, and context rather than IP addresses
IoT Device Management: Integrate IoT devices, sensors, and edge computing nodes into a unified network without exposing them to the public internet
Key Insight
Tailscale represents a paradigm shift from traditional network infrastructure. By treating the internet as a single network fabric and adding security through identity and encryption, it enables organizations to move away from complex VPN setups and firewall management. This approach is particularly powerful for distributed teams and hybrid infrastructure where traditional network security perimeter no longer applies.
🧠 Lesson Learned
Network security evolved from perimeter defense (firewalls) to zero-trust identity-based models. Overlay networks like Tailscale fundamentally change infrastructure design - you don't need port forwarding, complex firewall rules, or VPN credentials when every connection is cryptographically verified and identity-bound. This enables simpler, more secure distributed systems.
RustDesk - Free Remote Access Alternative
October 10, 2025
📋 Summary: Evaluated RustDesk as free, open-source alternative to AnyDesk/TeamViewer. Identified critical latency dependency: server proximity impacts performance (5-15ms @ 500km vs 50-100ms @ 5000km). Noted Cloudflare free tier limitation (TCP-only, no UDP) for production deployment.
RustDesk Implementation Discovery - Evaluated RustDesk as a free, open-source alternative to AnyDesk and TeamViewer for remote desktop access
• Open Source & Trusted: RustDesk is fully open-source, community-audited code you can self-host or use the official servers - no hidden proprietary behavior like commercial alternatives
• Self-Hosted Server Option: Can deploy your own RustDesk server instead of relying on cloud infrastructure, giving you complete control over data and compliance
• Cross-Platform Support: Works on Windows, macOS, Linux, iOS, and Android with consistent experience across all platforms
• End-to-End Encryption: Uses TLS encryption for control channel and AES-256 for video stream - connections are private and secure by default
Latency Optimization Strategy
Server Proximity is Critical: RustDesk performance directly depends on server distance from users - server location should be geographically close to minimize latency (ms response time). A server 500km away might have 5-15ms latency, while 5000km away could be 50-100ms
Regional Deployment: For distributed teams, deploy RustDesk servers in multiple regions (Asia, Europe, Americas) to ensure users always connect to nearby servers for optimal performance
Cloudflare Tunnel Limitation: Cloudflare's free tier does NOT support UDP forwarding - only TCP. Since RustDesk uses UDP for optimal real-time video streaming, the free Cloudflare Tunnel cannot be used for production RustDesk deployment. Would need either paid Cloudflare tunnel or direct IP exposure
Key Insight
RustDesk fills the gap between free open-source solutions and expensive proprietary software. While TeamViewer and AnyDesk lock you into their ecosystem with licensing fees, RustDesk's open-source nature means you're not dependent on a company's decisions or pricing changes. However, infrastructure matters - the quality of remote access depends more on your server placement than the software itself. For serious deployments, factor in server costs and geographic distribution alongside the free software.
🧠 Lesson Learned
Open-source software cost advantage disappears if infrastructure costs are mismanaged. RustDesk's free license matters less than server placement and operational overhead. Real-time interactive applications require low-latency infrastructure design - software licenses are secondary. Geography matters more than technology when optimizing for user experience in distributed systems.
KVM/QEMU Virtualization - Hypervisor Evaluation
October 1, 2025
📋 Summary: Studied KVM/QEMU hypervisor technology as free alternative to Proxmox. Evaluated kernel-based virtualization, QEMU CLI management, and guest OS deployment. Ultimately chose VirtualBox for development work due to simplicity, validating that tool selection should optimize for actual workload, not raw capability.
KVM/QEMU Hypervisor Study - Evaluated kernel-based virtual machine (KVM) using QEMU emulator for virtual machine creation and management
• Why QEMU over Proxmox: Proxmox is a commercial solution with licensing costs, making it less viable for learning environments. QEMU provides the same KVM functionality at no cost, allowing full control and understanding of the hypervisor layer
• KVM Architecture: Learned that KVM turns Linux kernel into a hypervisor, enabling hardware-assisted virtualization - significantly more efficient than pure emulation
• QEMU CLI Management: Explored command-line tools for creating VMs, configuring CPU, memory, storage volumes, and managing virtual network interfaces
• Guest OS Deployment: Tested VM creation with different guest operating systems and evaluated boot performance and resource allocation
VirtualBox vs QEMU/KVM Decision
VirtualBox Chosen for Simplicity: After exploring QEMU/KVM, decided to use VirtualBox for most use cases despite its limited GPU utilization - the simplified user interface and easier VM management outweigh GPU constraints for my workflow
Logic Validation: This decision makes sense because GPU-accelerated VM usage is a niche requirement. For typical VM workloads (development environments, testing, running services), GPU utilization is rarely needed. When ease of use and management overhead are factored in, VirtualBox becomes the pragmatic choice
Use Case Matters: QEMU/KVM still valuable for production servers and high-performance computing where kernel integration and native CPU support are critical. But for learning and development labs, VirtualBox's simplicity wins
Key Insight
The right virtualization tool isn't always the most powerful - it's the one that fits your actual needs. QEMU/KVM taught me how hypervisors work at a deep level, but sometimes simpler abstractions like VirtualBox let you focus on the real goal (building and testing software) rather than hypervisor administration. This represents an important principle in infrastructure: optimize for your actual workload, not theoretical capabilities.
🧠 Lesson Learned
Learning deep technical concepts (KVM, kernel integration, hardware virtualization) is valuable for understanding system design, but shouldn't dictate tool selection for daily work. Pragmatism matters: choose tools that maximize productivity and minimize cognitive overhead for your actual use case. QEMU/KVM remain valuable for production deployments, but development environments benefit from simpler abstractions.
WiFi Hotspot Portal & Layer 7 Control
January 2025
📋 Summary: Collaborated with network team to design and deploy WiFi user-based hotspot system for institutional deployment. Redesigned hotspot portal interface for improved UX and determined optimal speed configurations. Identified critical infrastructure limitation: MikroTik routers, while enterprise-grade, lack Layer 7 (application-layer) control; advanced filtering requires more powerful dedicated server.
WiFi Hotspot Deployment Project - Deployed centralized user-based WiFi hotspot system for institutional network access and bandwidth management
• Portal Redesign: Created intuitive hotspot login portal with improved user experience, reducing support tickets and improving adoption rates
• Speed Optimization: Analyzed bandwidth requirements and user patterns to determine optimal QoS configurations for institutional user base - balancing speed with fair resource allocation
• MikroTik Implementation: Configured enterprise-grade MikroTik router for hotspot management, user authentication, and basic traffic shaping
• Network Segmentation: Implemented VLAN separation between hotspot traffic and institutional network for security isolation
Critical Infrastructure Discovery: Layer 7 Control Limitation
MikroTik Layer 7 Limitation: While MikroTik is enterprise-grade hardware, achieving Layer 7 (application-layer) control—such as blocking specific websites or services—requires CPU-intensive Deep Packet Inspection (DPI) that causes performance degradation and stability issues
Solution: Dedicated Server Needed: To achieve advanced Layer 7 filtering while maintaining network stability, a more powerful dedicated server (running Linux with Squid, pfSense, or similar) is required to handle DPI processing without impacting throughput
Architecture Trade-off: Layer 3-4 control (IP/port-based) on MikroTik is lightweight and fast; Layer 7 control requires offloading DPI to separate powerful server, adding infrastructure cost but ensuring stability
🧠 Lesson Learned
Router hardware capabilities don't directly translate to feature capabilities. MikroTik's enterprise hardware excels at high-throughput routing and basic traffic management (Layers 3-4), but attempting Layer 7 application-level filtering on the same device creates bottlenecks. Modern network architecture separates concerns: use routers for what they're optimized for (throughput, routing, basic QoS), and dedicated filtering servers for complex application-layer control. This applies broadly—trying to force every feature onto a single box reduces overall system stability.
Key Insight
Network appliances have architectural specializations. MikroTik routing performance and reliability at Layers 3-4 is exceptional, but pushing Layer 7 processing through the router CPU creates diminishing returns. The institutional hotspot solution achieved its goals with MikroTik's core strengths (authentication, QoS, traffic shaping), while identifying that future content filtering requirements would need a separate DPI appliance or proxy server architecture.
Leadership Training & Technical Challenges
September 5, 2025
Middle Manager Leadership Training - Attended comprehensive leadership development program
• Responsibility: Understanding accountability frameworks and leadership responsibilities
• Accountability: Building systems for transparent and effective management
• Mindfulness: Developing awareness and intentional decision-making practices
• Spirituality: Integrating values-based leadership approaches
• Bridges through Dialog: Enhanced communication and conflict resolution skills
• Internal Auditor ISO 9001:2015 Reorientation: Quality management systems audit refresher
Technical Challenge Addressed
Investigated FontAwesome loading issues in institutional Moodle LMS - identified theme compatibility problems affecting icon rendering across multiple educational platforms
Daily Reflection
The leadership training provided valuable insights into balancing technical expertise with management responsibilities. The combination of soft skills development and technical problem-solving reinforced the importance of holistic professional development. Key learning: effective leaders must bridge technical solutions with human-centered approaches.
Portfolio Development & Deployment
August 28-30, 2025
Portfolio Website Launch - Complete development and deployment of professional portfolio
• Technology Stack: Next.js 15.2.4, TypeScript, Tailwind CSS
• Infrastructure: Cloudflare tunnels for secure access
• Features: 16 utility tools, responsive design, dark mode support
• Content: Comprehensive professional experience and skills showcase
• Performance: Optimized for speed and SEO best practices
Technical Achievement
Successfully integrated 16 utility tools including QR Generator, JSON Formatter, Password Generator, and educational calculators - creating a comprehensive developer and productivity toolkit
Project Reflection
This portfolio project demonstrated the power of modern web development workflows. The integration of utility tools with professional showcase content creates value for both personal branding and community service. Key insight: combining technical demonstration with practical utility enhances portfolio impact and user engagement.