Platform Engineering

11 posts tagged

Published on: 9 min read

AI Tool Gateways: Sandboxing Agent Access in Kubernetes

Security AI Kubernetes Platform-Engineering Zero-Trust Architecture-Patterns

AI agents have unlimited ambition and undefined access boundaries. You have sandboxed everything else. Here is how to sandbox your agents too.

Published on: 8 min read

Observing LLM Inference: The Metrics That Actually Matter

Observability AI Platform-Engineering Kubernetes Architecture-Patterns

TTFT is your SLO, not throughput. Here is what to measure for LLM inference, and what Google ADK, LangChain, and LangGraph give you out of the box.

Published on: 8 min read

Network Control with Cilium and Kyverno: Policies That Actually Work

Kubernetes Security Platform-Engineering Multi-Tenancy Zero-Trust Architecture-Patterns

Network policies in most Kubernetes clusters are cargo cult. Teams write them, Kubernetes accepts them, and nothing changes. Cilium actually enforces them — and shows you the traffic.

Published on: 8 min read

Multi-Tenant Observability: LGTM at Platform Scale

Kubernetes Observability Platform-Engineering Multi-Tenancy Architecture-Patterns

Your tenants want dashboards. Your security team wants isolation. Your SREs want a single pane of glass. Here is how to build all three with the LGTM stack.

Published on: 7 min read

Gateway API in Practice: From Ingress Migration to Envoy Debugging

Kubernetes Platform-Engineering Architecture-Patterns Developer-Experience

The Kubernetes community deprecated Ingress in spirit years ago. Gateway API replaces it with a model that actually separates platform concerns from application concerns.

Published on: 6 min read

Running Local Kubernetes with kind: Ephemeral by Design, Production-Honest by Default

Kubernetes Developer-Experience Platform-Engineering Setup Tools

kind runs real kubeadm in Docker containers — the same setup Kubernetes CI, Cilium docs, and Envoy Gateway quickstarts use. Here is why that matters for local platform work.

Published on: 12 min read

Google's GAIL Certification: Useful Strategy, Thin Engineering

AI GCP Certification Platform-Engineering Developer-Experience

Notes on Google's GAIL certification from a platform engineer: useful for strategy conversations, thin on the messy reality of shipping AI.

Published on: 7 min read

GKE to AWS Identity Federation: A Guide to Keyless Access

Kubernetes AWS GCP Security OIDC Platform-Engineering

Run workloads on GKE and access AWS without static keys. This guide shows how to federate a Kubernetes service account into an AWS IAM role.

Published on: 8 min read

Terraform and Terragrunt: Why We Added Terragrunt at Scale

Terraform Terragrunt IaC Platform-Engineering DevEx

Why we added Terragrunt to Terraform to manage 100 plus services without copy paste, backend sprawl, or one giant state layout.

Published on: 10 min read

7 Books That Shaped How I Build Platforms Developers Actually Use

Books Software-Development Platform-Engineering Developer-Experience Architecture-Patterns Multi-Tenancy

Seven books that shaped how I build platform products people trust, adopt quickly, and keep using.

Published on: 14 min read

SUSE Cloud Native Foundations: My Study Notes

Kubernetes Cloud-Native Docker CI-CD Platform-Engineering Software-Development

Structured study notes from the SUSE Cloud Native Foundations scholarship. Covers cloud native design, Docker, Kubernetes basics, and open source PaaS.