Skip to content

Blog

Welcome to my personal blog.

See below the latest content, and navigate in the Categories menu.

Enjoy! o/


Tech News - Week 2025.05.26

Welcome to this week's tech overview. This post summarizes interesting topics I've come across and would like to share.

Topics may include:

Weekly topics by group:

AI

AI Projects

1/ More about the llm-d project

The llm-d project was launched last week at Red Hat Summit 2025, and there has already been significant discussion and a variety of use cases shared across the community.

References:

AI MCP

2/ AI - Model Context Protocol (MCP):

3/ AI Courses and Learning:

Highlighted courses and learning materials:

AI Agents

Enhancing the MCP, there are couple of interesting projects and protocols to leverage the Agentic workflow ecosystem.

The A2A protocl is one example which allow creating a system with many agent talking with each other communicating and discoverying the tool (MCP) each one supports.

The framework kagent is one interesting to quickly ramp agent deployments/oprations.

Here are some knobs I got from the project voice-mcp-agent (credits to it):

A2A Agent Integration

The agent supports connecting to A2A (Agent-to-Agent) servers, allowing you to use skills from other AI agents as tools. This is useful for integrating with external AI services or custom agents that expose their own skills.

To add an A2A agent, use the type: a2a field in your mcp_servers.yaml:

servers:
  - name: my-a2a-agent
    type: a2a
    url: https://my-a2a-agent.example.com
    allowed_tools: [*]  # (optional) restrict which skills are available
    headers:
      Authorization: Bearer <token>  # (optional) custom headers for auth
type: a2a tells the agent to treat this server as an A2A agent, not a standard MCP server.

The agent will automatically discover available skills from the A2A agent's /.well-known/agent.json endpoint. Each skill is exposed as a callable tool. You can invoke these skills by natural language or by specifying the tool name. You can use allowed_tools to restrict which skills are available to the agent.

Here is a quick start guide for kagent project.

AI Robotics

4/ NVidia Robotics

The article "Wandercraft Begins Clinical Trials for Physical AI-Powered Personal Exoskeleton" caught my attention. I have a personal interest in this area, as my mom was injured by a stroke, and this company is making a reality for millions of people needing assistance in their daily tasks. Here’s what they are doing:

"Wandercraft builds mobility solutions for individuals with spinal cord injuries, stroke, and other neuromuscular disorders."

"The company’s Personal Exoskeleton, currently in clinical trials, enables users to stand and walk with the support of AI-powered mechanisms for stability and movement. Users can control the robotic system with a joystick."

Red Hat

OpenShift

Experimenting MCP

I was also experimenting MCP (Model Context Protocol) to get more familiar with the tooling and how LLM iteracts with that.

I I've developed a MCP server which fetchs AWS news, with optional fielter by category, and return some content. That content can be analysed by the MCP client to answer the user's question.

Furthermore, I was thinking whynot runnint that MCP server in a free serverless application, such as Vercel, and deploy a browser-based chat application to call it?

So I created the MCP server, it's working when calling http://mtulio.dev/api/news/aws

And now I am trying to use the web-llm project to build a chat application to host it in the Github pages, so I will have a completely serverless chatbot app to fetch relevant information from news of cloud providers.

Well, yeah, we can use RSS feeds, no? yeah! But I am playing with the hype tools, specially running inference in the browser.

Web-llm reference: - https://github.com/mlc-ai/web-llm - https://github.com/mlc-ai/web-llm/tree/main/examples - https://chat.webllm.ai/ - https://mlc.ai/models

AI News - Week 2025.05.19

This is my first publication of this topic, considering the amount of cool stuffs related to AI, specialy opensource, I felt that I could consolidate it somewhere here:

1/ llm-d project

https://github.com/llm-d https://www.redhat.com/en/about/press-releases/red-hat-launches-llm-d-community-powering-distributed-gen-ai-inference-scale

2/ Strands Agents - Open Source AI Agents SDK

https://aws.amazon.com/blogs/opensource/introducing-strands-agents-an-open-source-ai-agents-sdk/ https://strandsagents.com/0.1.x/user-guide/deploy/operating-agents-in-production/ https://github.com/strands-agents/agent-builder

3/ OpenShift AI

https://www.businesswire.com/news/home/20250518898316/en/Red-Hat-Empowers-Agentic-AI-with-Support-for-NVIDIA-Enterprise-AI-Factory

4/ RHEL 10

X/ Other topics:

X1/ Krebs Cycle:

https://en.wikipedia.org/wiki/Citric_acid_cycle https://pt.wikipedia.org/wiki/Ciclo_de_Krebs

Deploy OpenShift on AWS using custom IPv4 address

Exciting news for admins who wants more control of Public IP address in the Public Cloud! =]

Starting on 4.16, OpenShift/OKD has the capability to use custom Public IPv4 address (Elastic IP (EIP)) when deploying a cluster on AWS. This can help you in different ways:

  • Allowing to trust in which address range the nodes will egress traffic from the VPC to Internet, allowing to refine the firewall rules in the target services, such as on-premisses, or services published in the internet with restricted access.
  • Allowing to control which address the API server will be used
  • Alloing to decrease the IPv4 charges applied to Elastic IP when using the CIDR IPv4 that you brought to your AWS Account

To begging with, take a look at the following guides: - Install OCP/OKD on AWS using Public IPv4 Pool - Install OCP/OKD on AWS using existing Elastic IPs

Deploy a Cost-Effective OpenShift/OKD Cluster on Azure

Are you looking to deploy a cheaper OpenShift/OKD cluster on Azure without sacrificing performance? Keep reading this post!

Starting with version 4.17, OpenShift/OKD has transitioned to using the Cluster API as its provisioning engine by installer. This change allows for greater flexibility in customizing control plane resources.

Key Steps in the Deployment Process

This guide walks you through the following steps to optimize your Azure deployment:

  • Patch the AzureMachine Manifests:Inject an additional data disk to mount etcd, reduce the size of the OS disk, and upgrade the VM generation. These adjustments can decrease the disk size by half compared to current values.
  • Add MachineConfig Manifests: Additional manifests will be included to mount the etcd path to the data disk. This setup isolates the database from OS disk operations, improving overall performance.
  • Utilize Premium Storage: The guide recommends using the new PremiumV2_LRS storage account type, which offers performance characteristics similar to AWS's gp3. This configuration provides higher IOPS and throughput without the need for high capacity, ensuring efficient resource utilization.

To explore more about these steps and how to implement them, take a look at the guide titled Installing on Azure with etcd in Data Disks (CAPI).

If you have any questions or need further assistance, feel free to reach out!

Hands on steps to install restricted OpenShift clusters on AWS | Solutions

This post makes references tutorials/solutions with handful steps to install OpenShift clusters on restricted/private networks on AWS.

Solutions 1 - Restricted with proxy

Options:

  • Installing OCP on AWS with proxy
  • Installing OCP on AWS with proxy and STS
  • Installing OCP on AWS in disconnected clusters (no internet access)
  • Installing OCP on AWS in disconnected clusters with STS

Solution 1A) Hands on steps to install restricted OpenShift cluster in existing VPC on AWS

The steps described in this section shows step-by-step (copy/paste approach) how to deploy a private cluster on AWS without exposing any service to internet.

The approach is based in the product documentation "Installing a cluster on AWS in a restricted network".

This guide introduce Nested CloudFormation Stacks allowing to reduce coupling and increase cohesion when developing and infrastructure as a code (IaC) code with CloudFormation Templates.

This guide also introduce a bastion host in private subnet used to jump into the private VPC using AWS Systems Manager Session Manager, without needing create VPN, expose/ingress internet traffic to nodes, etc. Alternatively, you can forward the traffic from the internal API Load Balancer from the client (outside the VPC) using AWS SSM Session Port forwarding, allowing to quickly access the OpenShift clusters without leaving your "home". =]

Lastly but not least, this guide also shows how to deploy Highly Available and scalable Proxy service using Autoscaling Group to spread the nodes across zones, Network Load Balancer to distributed the traffic equally between nodes, and reduce costs by using Spot EC2 Instances (capacity managed and balanced natively using ASG/Fleet).

Pros:

  • Cheaper cluster:
    • No NAT Gateway charges
    • No public IPv4 address
    • No public Load Balancer for API
  • Restricted web access with Proxy
  • Private access to clusters using native AWS services (AWS SSM tunneling), reducing the needed of VPN or extra connectivity
  • More controlled environment
  • HA and scalable Proxy service
  • (Optional) Shared HA proxy service using AWS PrivateLink [TODO]

Cons:

  • increase manual steps to setup the entire environment (including proxy service) when comparing with regular IPI

Steps:

Solutions/Architectures/Deployments:

S1) Deploy OpenShift in single stack IPv4 VPC with dedicated proxy in public subnets

Solution 1B) Hands on steps to install restricted OpenShift cluster in existing VPC on AWS with STS

TODO

Requires a fix for ccoctl to use HTTP_PROXY

1C) Deploy OpenShift in single stack IPv4 VPC with shared proxy server IPv4

Step 1) Deploy shared proxy service

  • Create Service VPC
  • Deploy Proxy Server
  • Deploy Custom VPC Service

Step 2) Create VPC with private subnets

  • Create VPC
  • Create

Step 2A) Deploy OpenShift cluster in private mode

  • Deploy jump server using IPv6
  • Deploy OpenShift using shared proxy service

Step 2B) Deploy OpenShift cluster in private mode

  • Deploy jump server using private ipv4 and SSM access
  • Deploy OpenShift using shared proxy service

1D) Deploy OpenShift in single stack IPv4 VPC with shared proxy server IPv6

Steps to deploy dual-stack VPC, with proxy runnnin in dual-stack VPC with IPv6 egress traffic to the internet, and OpenShift cluster running in single stack IPv4 on private subnets.

Read the IPv6 deployment guide.

Solutions 2 - Private clusters with shared services

2A) Shared Proxy services

TODO: steps to deploy service VPC sharing Proxy and Image registry through AWS VPC PrivateLink

2B) Deploy hub/spoke service using Transit Gateway

TODO describe how to deploy hub/spoke topology using Transit Gateway to centralize egress OpenShift traffic in management VPC.

Option 1) Public clusters ingressing traffic in the VPC, egressing through Transit Gateway Option 2) Private clusters using ingress and egress traffic through internal network

See reference guide