What I write about
Insights and experiences from software development: Linux kernel patching, AI integration at everfind.ai, and more. Practical insights into technical challenges and solutions.
Kubernetes Rightsizing Is a Trust Problem, Not Just a Metrics Problem
Kubernetes rightsizing works when platform teams combine resource data with rollout discipline, clear failure signals, and a path application teams can trust.
GitOps During Incidents: When Argo CD Helps, and When It Gets in the Way
GitOps is excellent for normal platform operations, but production incidents need a deliberate break-glass model, clear Argo CD access, drift rules, and post-incident reconciliation.
Lockfiles Are Not a Supply Chain Security Strategy
Recent npm compromises show why JavaScript supply chain security has to cover CI isolation, maintainer tokens, install scripts, provenance, dependency policy, and incident response.
Kubernetes Security Features That Actually Matter to Application Teams
Kubernetes 1.33 and 1.34 include security and operations changes that matter beyond platform teams: user namespaces, supplemental group policy, image pull credentials, and safer defaults.
Behind the Scenes: Decoupling Integrations at everfind.ai
Dive into the integration architecture behind everfind.ai, where the backend is decoupled from external integrations using a dedicated integration translation API with .well-known endpoints and JWKS request signing.
Patching my kernel to avoid KVM detection
This journey taught me how to compile my own linux kernel. I learned a lot about the intrinsics of the KVM. It's been very informative and fun to attempt beating an anti cheat company.