Categories

Jacar categories — explore the topics A rocket whose eyes follow your cursor.
Architecture

Docker Swarm in 2023: When It Still Makes Sense

Kubernetes won the orchestration battle, but Docker Swarm stays maintained inside Docker Engine and makes real sense for small teams without dedicated SRE, self-hosted stacks on 1-5 VPS, and edge mini-clusters. In those contexts, Swarm's minimal learning curve and low operational cost outweigh Kubernetes's advanced features.

Industry 4.0

Humanoid robotics: beyond the viral videos

Humanoid robotics left the trade-show floor for factory floors and warehouses during 2025 and 2026. Which companies have really deployed units, which tasks fit, what real costs look like, and where humans remain unbeatable.

Technology

Quantum computing: real progress without hype

After a decade of grandiose headlines, quantum computing enters this cycle with more honest metrics, thousand-physical-qubit machines, and the first serious signs of error correction at scale. It pays to separate what already works from what remains research.

Technology

Fly.io: deploying globally without complicating your life

Fly.io has spent years selling the idea that deploying an application across several regions should be almost as simple as pushing an image and writing one config line. After several real projects on the platform, here is an honest read on what it delivers, what is missing, and who it is worth choosing over more classic options.

Architecture

Citus: scaling Postgres horizontally without leaving it

Tras la adquisición por Microsoft en 2019, Citus vivió un limbo comercial que terminó con Microsoft abriendo el código completo en 2022. Tres años después, la extensión de particionado para Postgres ha madurado y ofrece una ruta práctica para escalar sin abandonar el motor que ya conoces. Un repaso honesto.

Architecture

containerd 2.0 in production: real migrations

Six months after containerd 2.0 reached general availability there is enough real-world mileage to judge the migration from the 1.x branch in production. We cover what changes in the config file, what breaks on Kubernetes and Docker Swarm, and when planning the jump actually pays off.

Technology

Deno 2.0: Node compatibility without losing identity

Deno 2.0 salió en octubre de 2024 con una apuesta clara: compatibilidad seria con npm, pnpm, package.json y node_modules, manteniendo la identidad del runtime. Medio año después, miramos qué ha supuesto para proyectos reales y dónde sigue cojeando.

Technology

Final NIST PQC standards: what to do with them now

NIST published the final post-quantum cryptography standards in August 2024. Six months on, it is time to move from headline to plan: crypto inventory, crypto-agility, a realistic timeline, and the typical mistakes of teams jumping in now.

Software Development

WASI preview 3: threads and async in WebAssembly

WASI 0.3, also known as preview 3, was ratified on June 11, 2026, adding native asynchronous concurrency to the WebAssembly component model through streams, futures, and async functions. It fixes old fragmentation across languages and runtimes, enables real composition between Wasm services, and paves the way for cooperative threads planned in upcoming 0.3.x releases.

Mac

Apple Silicon M3 and M4: The Silent Advance in Portable Computing

M3 and M4 solidified the Apple Silicon advantage: unified memory up to 128 GB shared across CPU, GPU, and Neural Engine; 12 to 16 hours of real battery life; and a 38-TOPS Neural Engine that runs large language models directly on the laptop. The practical difference for developers is measurable.

Technology

Vector: A Log Agent Worth Trying

Vector is the Datadog observability agent, written in Rust with its own transformation language VRL. Typically 30-100 MB memory, handling logs, metrics, and traces from dozens of sources. The right choice when pipelines are too complex for Fluent Bit and a modern alternative to Logstash.

Technology

eBPF for Continuous Profiling: Parca and Beyla

eBPF-based continuous profiling captures CPU flame graphs for every process on a Linux node around the clock, without instrumenting code or restarting services, at under 1% overhead. Parca covers the whole cluster, Beyla adds automatic HTTP/gRPC metrics and traces, and Pyroscope brings native per-language detail to the most critical services.

Technology

NIST PQC: The Post-Quantum Cryptography Standards

In August 2024, NIST published its first finalized post-quantum cryptography standards: FIPS 203 (ML-KEM) for key exchange, FIPS 204 (ML-DSA) for digital signatures, and FIPS 205 (SLH-DSA) as a hash-based alternative. They replace RSA and ECDSA before a quantum computer can break them, and hybrid implementations are already live in Chrome and Cloudflare.

Architecture

Kubernetes 1.30: The Improvements Operators Actually Appreciate

Kubernetes 1.30, released in April 2024, brings ValidatingAdmissionPolicy to general availability, eliminating the need for external webhooks for CEL-based admission policies. It adds pod scheduling readiness to control when a pod enters the scheduling cycle, and job success policy to define which index combination counts as success in distributed indexed Jobs.

Technology

Docker Scout: Vulnerabilities from Build to Registry

Docker Scout continuously scans container images against CVE databases including NVD and ecosystem-specific advisories, and recommends base-image changes to remove vulnerabilities. Built into Docker Desktop and Hub, it competes with Trivy, Grype and Snyk. Best fit for teams already running end-to-end on the Docker ecosystem.

Technology

Grafana Beyla: Auto-Instrumentation Without Touching Code

Grafana Beyla is an eBPF agent that automatically instruments existing applications without touching their code: it observes kernel syscalls and generates OpenTelemetry traces and RED metrics for services written in Go, Java, Python, Node, and Rust. It gives broad, immediate coverage, but it does not replace the manual SDK for business metrics and internal logic.

Architecture

Cloudflare Workers in 2024: KV, D1, and the New Edge Stack

Cloudflare Workers is no longer an isolated edge function. In 2024, together with KV, D1, R2, and Durable Objects, it forms a complete platform that matches AWS on latency and drops egress fees, though it still falls short on long-running compute and the mature managed databases AWS offers.

Software Development

Rust in Linux: Experimental Drivers Opening the Way

Rust joined Linux mainline in version 6.1 (2022), and by 6.9 (2024) it already ships experimental drivers, including Asahi's GPU driver for Apple Silicon. In C/C++ projects like Chromium, around 70 percent of serious security bugs are memory-safety bugs, the real reason kernel maintainers are debating whether to adopt it.

Software Development

WASI 0.2 GA: Truly Composable WebAssembly

WASI 0.2 reached GA in January 2024, bringing WebAssembly's Component Model into production: typed WIT interfaces that let Rust, Go, and JavaScript code compose without manual glue code. That shift makes edge functions with sub-1 ms cold start, secure plugins, and untrusted-code sandboxing viable today, though it does not replace containers for traditional apps.

Architecture

Valkey: The Open Fork After Redis’s License Change

Redis moved to dual SSPL/RSAL licensing in March 2024, no longer meeting the OSI open-source definition. Valkey emerged as a BSD 3-Clause fork backed by AWS, Google Cloud, Oracle, and the Linux Foundation, fully protocol-compatible with Redis 7.2. Migrating is almost always trivial: swap the binary or the Docker image.

Artificial Intelligence

Llama 3: Meta’s New Open Standard

Llama 3 is the open-model family Meta released on April 18, 2024, in 8-billion and 70-billion-parameter sizes, trained on 15 trillion tokens. The 70B beat Claude Sonnet, Mistral Medium, and GPT-3.5 in Meta's own human evaluation, and its licence allows free commercial use up to 700 million monthly active users.

Technology

Chainguard Images: Minimal and Signed Images

Chainguard Images are minimal Docker containers from the company behind Sigstore, with zero known CVEs, Cosign-signed SBOMs and daily rebuilds on top of Wolfi, its own glibc-based distribution. They pay off over official images when strict compliance, supply chain audits or sensitive production workloads are at stake.

Technology

Falco: Runtime Threat Detection with eBPF

Falco is a graduated CNCF project that hooks the Linux kernel via eBPF and detects syscall anomalies in real time without instrumenting applications. Deployed as a DaemonSet on Kubernetes, it emits JSON events and requires a triage process to deliver value. In production, alert fatigue is the most common operational pitfall.

Methodologies

Practical DevSecOps with Sigstore and cosign

Signing images and artifacts with Sigstore has stopped being a rare experiment: projects like Kubernetes already use it. The keyless model in cosign, Fulcio, and Rekor removes private-key management, but it only protects you if deployment verifies who signed, not just whether a signature exists.

Architecture

eBPF: Kernel Observability Without Recompiling

eBPF is a Linux kernel technology that lets you load and run verified, high-performance programs without recompiling the kernel or rebooting the system. It runs safely inside a virtual machine in the kernel and underpins tools such as Cilium, Pixie, Falco, and Tetragon for real-time tracing, networking, and security.

Architecture

PostgreSQL 16: Changes That Affect Day-to-Day Work

PostgreSQL 16, released in September 2023, adds logical replication from a standby, the pg_stat_io view for breaking down I/O by operation type and context, and parallel FULL OUTER JOIN support. Upgrading from 15 is straightforward; 13 loses support in November 2025, so plan the update soon.

Technology

Trivy and Grype: Container Image Scanning in CI

Trivy and Grype are the two leading open-source tools for container image scanning in CI/CD pipelines. Both detect CVEs in OS packages and language dependencies with less than 5% coverage difference. Trivy stands out for IaC scanning; Grype natively integrates the SBOM workflow with Syft.

Technology

Supply-Chain Attacks: Lessons from 2023

In 2023, software supply chains became attackers' favourite target: MOVEit exposed data from hundreds of organisations through a zero-day flaw, 3CX shipped a trojanised installer to millions of users, and npm and PyPI kept receiving malicious typosquatted packages. The practical defence combines SBOM, artefact signing with Sigstore, SLSA maturity levels, and continuous dependency scanning.

Technology

The Grafana Stack: Loki, Tempo, and Mimir for Open Observability

The Grafana stack combines three open source projects: Loki for logs, Tempo for traces, and Mimir for metrics. All three keep data in object storage (S3/GCS) with a minimal index instead of indexing everything like Elasticsearch, which cuts cost sharply at high volume and lets you correlate metric, log, and trace from a single Grafana panel.

Software Development

WebAssembly: The Component Model as the Next Frontier

WebAssembly is moving beyond the browser through WASI, the standard system interface, and the component model, which defines declarative WIT interfaces so modules written in different languages can compose with each other. Cold start lands around 1 ms versus roughly 500 ms for a container, a key difference for serverless and edge computing teams.

Technology

nerdctl: A Lightweight Docker Alternative Over containerd

nerdctl is a Docker-compatible CLI that talks directly to containerd, the standard Kubernetes runtime since dockershim was removed in 2022. It adds rootless support by default, encrypted images with ocicrypt, lazy-pulling, and native CNI. It fits best where containerd already runs, though Docker Engine still wins on advanced Compose and Swarm.

Technology

NIS2: What Europe’s New Directive Changes for Cybersecurity

The NIS2 Directive expands European cybersecurity from 7 to 18 sectors, mandates 10 minimum technical measures and 24-hour incident notification, and imposes fines of up to 10 million euros or 2% of global turnover, with personal liability for management bodies that fail to comply.

Methodologies

Prometheus: Writing Alerts That Won’t Get Ignored

To write Prometheus alerts that won't get ignored, alert on customer-observable symptoms (latency, error rate, saturation) instead of internal causes like CPU or memory, define SLOs with multi-window burn rate to scale severity, add a watchdog alert that confirms the system is still alive, and review the signal-to-noise ratio every quarter.

Technology

eBPF: High-Performance Monitoring in Linux

eBPF (Extended Berkeley Packet Filter) is a Linux kernel technology that runs verified programs directly inside the kernel, with no modules and no source-code changes. The kernel verifier rejects any unsafe program before it runs, letting teams monitor system calls, network traffic, and I/O at a much lower CPU cost than traditional external probes.

Architecture

From Monolith to Microservices: Transforming the Architecture

Migrating from monolith to microservices means splitting a single system into independent services that deploy and scale on their own. It gains granular scalability and team autonomy, but adds real operational complexity: stable interfaces, Kubernetes orchestration, and a mature DevOps culture are conditions, not optional extras, for the migration to pay off.

Technology

The 3D Printing Revolution: Transformative Technology

3D printing, or additive manufacturing, has moved beyond the lab to become a real production technology: it builds medical prostheses, aircraft parts and entire houses layer by layer from a digital file. This guide explains FDM, SLA and SLS technologies, which industries already use them, and today's limits on speed and material certification.

Technology

Exploring Augmented Reality: Innovative Technology

Augmented reality (AR) overlays digital information onto the physical world in real time, anchors virtual objects in space using computer vision and position sensors, and is already used in industrial maintenance, guided surgery, educational labs and e-commerce product try-on, with battery life and glasses field of view as the main open challenges.

Technology

IoT: The Intelligent Connection of the World

The Internet of Things (IoT) is a network of sensors, actuators, and internet-connected devices that collect data from the physical world, transmit it through protocols like MQTT or Zigbee, and trigger automatic actions. It already transforms industrial maintenance, precision irrigation, and the smart home.

Technology

Cybersecurity: Protection Against Digital Threats

Cybersecurity combines technical controls (encryption, MFA, network segmentation), team training and an incident response plan to reduce the risk of ransomware, phishing, malware and identity theft. No single measure is enough: effectiveness depends on applying every layer at once and auditing the system regularly.

Technology

Development and Advances in Artificial Intelligence

Modern artificial intelligence rests on three pillars: machine learning, deep neural networks, and natural language processing. These techniques have pushed image recognition and machine translation past human-level precision on specific tasks, though the overall system still depends on quality data and constant human oversight.

Technology

Cryptocurrencies: Technical and Professional Analysis

Technical analysis uses Japanese candlestick charts, indicators such as RSI and MACD, and support and resistance levels to read the historical behaviour of price. It does not eliminate risk, but it helps separate impulsive decisions from informed ones in a market as volatile as cryptocurrency.

Technology

Programming with GitHub Codespaces

GitHub Codespaces brings the complete development environment to the cloud: editor, dependencies, extensions, and project configuration live in a remote container. It eliminates environment divergence between developers, reduces onboarding from days to minutes, and lets you work from any device without installing anything locally.