Insights on AI, Kubernetes, Ansible, cloud infrastructure, and automation by Luca Berton.https://lucaberton.comen-usThu, 26 Feb 2026 14:03:09 GMT[email protected] (Luca Berton)[email protected] (Luca Berton)https://lucaberton.com/opengraph.jpghttps://lucaberton.comhttps://lucaberton.com/blog/building-custom-ai-skills-with-instructlab-taxonomy/https://lucaberton.com/blog/building-custom-ai-skills-with-instructlab-taxonomy/Create domain-specific AI capabilities using InstructLab's taxonomy system—from writing skill definitions to generating synthetic training data and validating fine-tuned models.Mon, 02 Mar 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/accessing-openclaw-control-ui-dashboard/https://lucaberton.com/blog/accessing-openclaw-control-ui-dashboard/How to access the OpenClaw Control UI dashboard from an Azure VM — via SSH tunnel (secure) or public IP. Covers device pairing, dashboard authentication, and the browser-based management interface.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/building-a-persistent-ai-agent-memory-system-with-openclaw/https://lucaberton.com/blog/building-a-persistent-ai-agent-memory-system-with-openclaw/End-to-end guide to building a complete persistent memory system for your OpenClaw AI agent. Combine memory flush, hybrid search, file-backed notes, SQLite indexing, and session hooks into a cohesive knowledge architecture.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/configuring-openclaw-gateway-bind-and-control-ui/https://lucaberton.com/blog/configuring-openclaw-gateway-bind-and-control-ui/Deep dive into OpenClaw gateway bind modes (loopback, lan, tailnet, auto, custom), Control UI origin enforcement, and the allowedOrigins vs dangerouslyAllowHostHeaderOriginFallback trade-off.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/configuring-openclaw-memory-flush-for-context-compaction/https://lucaberton.com/blog/configuring-openclaw-memory-flush-for-context-compaction/Learn how to configure OpenClaw's memory flush system before context compaction. Set threshold tokens, custom system prompts, and flush prompts so your AI agent preserves critical knowledge before conversation history is trimmed.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/connecting-openclaw-to-discord-on-azure/https://lucaberton.com/blog/connecting-openclaw-to-discord-on-azure/Complete guide to creating a Discord bot, configuring intents, generating an invite link, and connecting it to your OpenClaw instance running on Azure. Includes fixing the Fatal Gateway error 4014.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/diagnosing-openclaw-gateway-crash-restart-loops/https://lucaberton.com/blog/diagnosing-openclaw-gateway-crash-restart-loops/Step-by-step guide to diagnosing OpenClaw gateway crash-restart loops in Docker. Covers empty logs, connection resets, docker inspect techniques, OOM detection, and breaking the loop.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/docker-volume-permissions-for-openclaw-on-linux/https://lucaberton.com/blog/docker-volume-permissions-for-openclaw-on-linux/Fix Docker volume permission issues when running OpenClaw on Linux. Understand UID mapping between host and container, set correct ownership for the node user, and verify write access for memory, config, and log directories.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/exploring-openclaw-browser-control-and-canvas-features/https://lucaberton.com/blog/exploring-openclaw-browser-control-and-canvas-features/Discover OpenClaw's built-in Browser Control server and Canvas host. Learn how the gateway manages a headless Chromium instance on port 18791 and serves agent-generated visual content through the Canvas endpoint.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/fixing-openclaw-gateway-token-mismatch-websocket-errors/https://lucaberton.com/blog/fixing-openclaw-gateway-token-mismatch-websocket-errors/Diagnose and fix the 'unauthorized: gateway token mismatch' WebSocket error in OpenClaw. Learn how gateway auth tokens work, why token_mismatch happens after restarts, and how to restore connectivity between CLI tools and the running gateway.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/github-copilot-authentication-for-openclaw/https://lucaberton.com/blog/github-copilot-authentication-for-openclaw/How GitHub Copilot device-flow authentication works with OpenClaw on headless Azure VMs. Covers the auth wizard, device codes, Copilot Proxy vs GitHub login, and re-authentication.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/installing-openclaw-on-azure-with-docker/https://lucaberton.com/blog/installing-openclaw-on-azure-with-docker/A hands-on guide to cloning, building, and running OpenClaw on an Azure VM using Docker Compose. Covers the docker-setup.sh wizard, the onboarding flow, and getting the gateway container running.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/openclaw-agent-tool-execution-errors-and-sandbox-permissions/https://lucaberton.com/blog/openclaw-agent-tool-execution-errors-and-sandbox-permissions/Troubleshoot 'Permission denied' errors when OpenClaw's AI agent tries to execute tools like jest, npm, or shell commands. Understand the agent sandbox, tool execution model, and how to configure safe tool access inside Docker containers.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/openclaw-cli-command-reference-and-power-tips/https://lucaberton.com/blog/openclaw-cli-command-reference-and-power-tips/A comprehensive guide to the OpenClaw CLI — from gateway management and agent control to memory search, cron jobs, and security audits. Master the command-line interface for efficient OpenClaw administration.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/openclaw-config-hot-reload-zero-downtime-configuration/https://lucaberton.com/blog/openclaw-config-hot-reload-zero-downtime-configuration/Learn how OpenClaw handles live config changes without gateway restarts. Understand dynamic vs static settings, the reload detection pipeline, and which configuration changes apply instantly versus requiring a full restart.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/openclaw-config-migration-channels-discord-schema/https://lucaberton.com/blog/openclaw-config-migration-channels-discord-schema/How OpenClaw handles config schema migrations, the move from discord to channels.discord, validation errors on old paths, and best practices for managing OpenClaw configuration changes across versions.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/openclaw-discord-error-4014-privileged-gateway-intents/https://lucaberton.com/blog/openclaw-discord-error-4014-privileged-gateway-intents/Troubleshooting the Fatal Gateway error 4014 in OpenClaw's Discord integration. Learn what Privileged Gateway Intents are, why the 4014 crash loop happens, and how to fix it in the Discord Developer Portal.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/openclaw-file-backed-memory-notes-for-durable-agent-knowledge/https://lucaberton.com/blog/openclaw-file-backed-memory-notes-for-durable-agent-knowledge/Set up file-backed memory notes so your OpenClaw agent can persist knowledge across sessions. Learn how to create seed notes, organize the notes directory, and integrate with the memory flush and search systems.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/openclaw-gateway-startup-timing-and-health-checks/https://lucaberton.com/blog/openclaw-gateway-startup-timing-and-health-checks/Master OpenClaw gateway startup timing, health checks, and readiness verification. Learn the boot sequence, hook loading, provider initialization, and how to build reliable health monitoring for production deployments.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/openclaw-gmail-watcher-and-email-channel-integration/https://lucaberton.com/blog/openclaw-gmail-watcher-and-email-channel-integration/OpenClaw's Gmail Watcher runs silently alongside your gateway. Learn how the email channel integration works, how it starts and stops with the gateway lifecycle, and how to configure email-based agent interactions on Azure.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/openclaw-memory-cli-index-search-and-reindex-commands/https://lucaberton.com/blog/openclaw-memory-cli-index-search-and-reindex-commands/Master OpenClaw's memory CLI subcommands. Fix the common 'unknown command reindex' error, learn the correct memory index command, search memory from the terminal, and build a reindexing workflow for your AI agent's knowledge base.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/openclaw-sqlite-memory-store-bootstrap-and-permissions/https://lucaberton.com/blog/openclaw-sqlite-memory-store-bootstrap-and-permissions/Troubleshoot the OpenClaw SQLite memory database — from empty files to permission errors. Learn how to bootstrap the memory store, fix Docker UID mapping, and verify the database is writable inside the container.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/openclaw-session-memory-hooks-automating-knowledge-capture/https://lucaberton.com/blog/openclaw-session-memory-hooks-automating-knowledge-capture/Deep dive into OpenClaw's session-memory hook — how it triggers on conversation events, integrates with memory flush, and automates durable knowledge capture across agent sessions.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/production-tips-for-running-openclaw-on-azure/https://lucaberton.com/blog/production-tips-for-running-openclaw-on-azure/Lessons learned from running OpenClaw in production on Azure — covering alternative LLM providers, startup timing, CLI best practices, Docker Compose optimizations, and day-to-day operations.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/running-openclaw-security-audit-and-managing-warnings/https://lucaberton.com/blog/running-openclaw-security-audit-and-managing-warnings/Address persistent security warnings in OpenClaw deployments. Run the built-in security audit, understand dangerous config flags, and implement proper alternatives to keep your AI agent gateway secure.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/security-hardening-for-openclaw-on-azure/https://lucaberton.com/blog/security-hardening-for-openclaw-on-azure/How to secure your OpenClaw deployment on Azure — from gateway auth tokens and device pairing to NSG rules, HTTPS with Tailscale, and the built-in security audit command.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/setting-up-azure-vm-for-openclaw/https://lucaberton.com/blog/setting-up-azure-vm-for-openclaw/Step-by-step guide to creating and configuring an Azure Virtual Machine optimized for running OpenClaw. Covers VM sizing, networking, SSH access, and Docker installation on Ubuntu.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/setting-up-openclaw-hybrid-memory-search-with-local-embeddings/https://lucaberton.com/blog/setting-up-openclaw-hybrid-memory-search-with-local-embeddings/Configure OpenClaw's hybrid memory search using local sentence-transformer embeddings. Set up the all-MiniLM-L6-v2 model, tune vector and text search weights, and enable the embedding cache for fast semantic retrieval.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/troubleshooting-openclaw-docker-deployments/https://lucaberton.com/blog/troubleshooting-openclaw-docker-deployments/A field-tested troubleshooting guide for OpenClaw Docker deployments. Covers crash loops, Invalid bind errors, allowedOrigins failures, Discord 4014 errors, and container restart debugging techniques.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/understanding-openclaw-dangerouslyallowhostheaderoriginfallback/https://lucaberton.com/blog/understanding-openclaw-dangerouslyallowhostheaderoriginfallback/Deep dive into OpenClaw's dangerouslyAllowHostHeaderOriginFallback config setting. Learn when you need it, what security risks it carries, and how to configure it properly for remote Control UI access on Azure VMs.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/what-is-openclaw-ai-agent-gateway/https://lucaberton.com/blog/what-is-openclaw-ai-agent-gateway/Discover OpenClaw, the open-source AI agent gateway that connects LLMs to messaging platforms like Discord, Telegram, and Slack. Learn what it does, why it matters, and how it fits into your AI workflow.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/agentic-ai-enterprise-kubernetes/https://lucaberton.com/blog/agentic-ai-enterprise-kubernetes/How enterprises are deploying agentic AI systems on Kubernetes to automate complex workflows. Architecture patterns, orchestration strategies, and lessons from production deployments.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/ai-agent-security-sandboxing/https://lucaberton.com/blog/ai-agent-security-sandboxing/How to secure AI agents in production with container sandboxing, least-privilege permissions, and audit logging. Practical patterns for Kubernetes deployments.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/ai-coding-agents-platform-engineering/https://lucaberton.com/blog/ai-coding-agents-platform-engineering/How AI coding agents like GitHub Copilot Workspace and Cursor are reshaping platform engineering. What teams need to prepare for and how to leverage these tools.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)Platform Engineeringhttps://lucaberton.com/blog/ai-model-governance-compliance/https://lucaberton.com/blog/ai-model-governance-compliance/Navigate EU AI Act compliance, model risk management, and audit requirements for enterprise ML. Practical governance frameworks for AI teams.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/ai-powered-infrastructure-monitoring/https://lucaberton.com/blog/ai-powered-infrastructure-monitoring/Replace threshold-based alerts with AI-powered anomaly detection. Practical implementation with Prometheus, ML models, and intelligent alert correlation.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/ai-powered-runbooks-auto-remediation/https://lucaberton.com/blog/ai-powered-runbooks-auto-remediation/Transform static runbooks into intelligent, AI-driven incident response workflows. Integrate LLMs with PagerDuty, Ansible, and Kubernetes for automated remediation.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)AIhttps://lucaberton.com/blog/ansible-collections-best-practices/https://lucaberton.com/blog/ansible-collections-best-practices/Design, build, and distribute Ansible Collections that your team will actually reuse. Naming conventions, testing, versioning, and Galaxy publishing.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)Automationhttps://lucaberton.com/blog/ansible-gpu-cluster-provisioning/https://lucaberton.com/blog/ansible-gpu-cluster-provisioning/Automate the provisioning of GPU compute clusters with Ansible. NVIDIA driver installation, CUDA setup, container runtime configuration, and health checks.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)Automationhttps://lucaberton.com/blog/ansible-kubernetes-operators-day2/https://lucaberton.com/blog/ansible-kubernetes-operators-day2/Build Kubernetes Operators with Ansible for Day-2 operations. Automate backup, scaling, upgrades, and disaster recovery with the Operator SDK.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)Automationhttps://lucaberton.com/blog/ansible-lightspeed-ai-automation-2026/https://lucaberton.com/blog/ansible-lightspeed-ai-automation-2026/How Ansible Lightspeed has evolved in 2026. AI-generated playbooks, natural language task definitions, and the impact on automation engineering workflows.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)Automationhttps://lucaberton.com/blog/ansible-rhel-ai-platform-deployment/https://lucaberton.com/blog/ansible-rhel-ai-platform-deployment/Deploy a complete RHEL AI platform with Ansible automation. From bare metal provisioning to InstructLab training pipelines, fully automated and repeatable.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)Automationhttps://lucaberton.com/blog/confidential-containers-kubernetes/https://lucaberton.com/blog/confidential-containers-kubernetes/Deploy confidential containers on Kubernetes using AMD SEV-SNP and Intel TDX. Protect sensitive AI workloads with hardware-level encryption in untrusted environments.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)Platform Engineeringhttps://lucaberton.com/blog/cra-ce-marking-software-products/https://lucaberton.com/blog/cra-ce-marking-software-products/The CRA requires CE marking on software products. How to perform conformity assessment, prepare technical documentation, and achieve CE compliance.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)DevOpshttps://lucaberton.com/blog/cra-cicd-compliance-automation/https://lucaberton.com/blog/cra-cicd-compliance-automation/Integrate CRA compliance checks into your CI/CD pipeline. SBOM generation, vulnerability scanning, security testing, and documentation generation — all automated.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)DevOpshttps://lucaberton.com/blog/cra-container-runtime-hypervisor-class2/https://lucaberton.com/blog/cra-container-runtime-hypervisor-class2/Container runtimes and hypervisors are classified as Important Products Class II under the CRA. What this means for Docker, Podman, containerd, and KVM deployments.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)Platform Engineeringhttps://lucaberton.com/blog/cra-etsi-standards-en304/https://lucaberton.com/blog/cra-etsi-standards-en304/ETSI TC Cyber is developing 18 vertical product standards (EN 304 617-642) for CRA compliance. Overview of each standard and which products they cover.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)DevOpshttps://lucaberton.com/blog/cra-impact-iot-manufacturers/https://lucaberton.com/blog/cra-impact-iot-manufacturers/IoT manufacturers face the broadest CRA impact. Smart home devices, wearables, and industrial IoT must all meet cybersecurity requirements by 2027.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)DevOpshttps://lucaberton.com/blog/cra-impact-saas-cloud-services/https://lucaberton.com/blog/cra-impact-saas-cloud-services/The CRA targets products with digital elements, not pure services. But the boundary between product and service is blurry. Understand where your SaaS platform stands.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)DevOpshttps://lucaberton.com/blog/cra-incident-reporting-enisa/https://lucaberton.com/blog/cra-incident-reporting-enisa/Build automated incident reporting for ENISA compliance. API integration, severity classification, and the 24/72-hour reporting workflow.Thu, 26 Feb 2026 00:00:00 GMT[email protected] (Luca Berton)DevOps