The archive
Writing
22 essays · ≈195 min of reading · 2021–2026
022Jun 29AI Tool Gateways: Sandboxing Agent Access in Kubernetes#Security9 min021Jun 22Observing LLM Inference: The Metrics That Actually Matter#Observability8 min020Jun 15Network Control with Cilium and Kyverno: Policies That Actually Work#Kubernetes8 min019Jun 13Keyless GCP Secrets in GitHub Actions: Workload Identity, Scoped to One Secret#GCP9 min018Jun 13Serving a Next.js Static Site on Cloudflare (Like This One)#Cloudflare10 min017Jun 08Multi-Tenant Observability: LGTM at Platform Scale#Kubernetes8 min016Jun 01Gateway API in Practice: From Ingress Migration to Envoy Debugging#Kubernetes7 min015May 25Running Local Kubernetes with kind: Ephemeral by Design, Production-Honest by Default#Kubernetes6 min014Mar 24The M5 Pro Setup: Same Mac, Different Era#Developer-Experience12 min013Mar 22Git Commit Signing with GPG on macOS#Security6 min012Mar 22SSH Git Commit Signing for Busy Engineers#Security8 min011Mar 01Authentication 101: A Complete Guide to Modern Identity Methods#Security22 min010Feb 22Google's GAIL Certification: Useful Strategy, Thin Engineering#Software-Development12 min
009Sep 10GKE to AWS Identity Federation: A Guide to Keyless Access#Kubernetes7 min008Jul 20Terraform and Terragrunt: Why We Added Terragrunt at Scale#Terraform8 min007Jul 017 Books That Shaped How I Build Platforms Developers Actually Use#Books10 min006Jun 22Boost Your Productivity: My Zshrc Configuration for Platform Engineers#Developer-Experience4 min