platform engineer · gde · cncf ambassador · cat person

Hello, Luca
here.

I build the platform layer beneath AI — Go, Google Cloud and Kubernetes by day. The rest of this place is everything else I get up to: writing, open source, motorcycle videos, photography, a handpan, and two cats.

Read the blog →More about me

⬡ Go▤ Full Stack☁ Google Cloud⎈ Kubernetes★ Top Mentor

that's me ☺

@akegruna

co-workers

the main event

Latest from the blog

Read all posts →

AI Engineering for Developers

A tour through AI engineering for developers who already know how to ship software. Fourteen chapters, no LinkedIn voice, no slow warm-up. We will go from 'what is a foundation model' to 'how do you run agents in production on Google Cloud' without skipping the parts that matter.

Read the post →

Platform Engineering End-to-End

Platform engineering is more than DevOps with a portal. This post walks the full arc of the discipline end to end: why platforms exist, how to build and operate them, how to manage the messy stakeholder politics, and what success actually looks like. Grounded in Fournier and Nowland's book and a few years of doing this on real systems.

platform-engineeringdevops

Google Cloud Networking 101: The Comprehensive TLDR

A comprehensive but quick walkthrough of everything you need to know about GCP networking: VPCs, subnets, routing, firewalls, Shared VPC, GKE networking, load balancing, Cloud NAT, hybrid connectivity, VPC Service Controls, DNS, packet inspection, and how to operate all of it. Written for engineers who need a solid mental model in 15 minutes.

google-cloudnetworking

Containers Are Not Automatically Secure

Containers changed how we package and ship software, but they did not rewrite the basic security rules. Trust boundaries, privilege, and attack surface are all still there. That was probably the main thing I learned while digging into container security, partly from Liz Rice's Container Security and partly from spending time with the Linux pieces underneath.

linuxcontainers

A Tour of eBPF in the Linux Kernel: Observability, Security and Networking

eBPF lets you run small, verified programs inside the Linux kernel, enabling fast observability, security, and networking without changing application code. This practical tour explains why eBPF matters now, how programs are compiled, verified, JITed, and attached to events, and how maps and ring-3 buffers move data. You'll leave with simple demos and a clear mental model to start experimenting.

ebpflinux

📮 ~10,000 readers every month — thank you!

the catch-all

Everything else I get up to

🛠️

Projects

Open source & apps — including Verto, my on-ramp for first-time open-source contributors.

Browse projects →

DA MASER A MONFUMO | MOTO GUZZI V85TT | PURE SOUND POV 4K

🏍️

Motorcycle videos

Riding, wrenching and road trips on YouTube as @akegruna.

Watch on the channel →

📷

Photography

Landscapes & details, also on Unsplash. Free for anyone to use.

See the gallery →

🧭

Mentoring

Top Mentor on MentorCruise — career, cloud-native and open source.

How mentoring works →

🐈

The cats

Two senior engineers who specialise in keyboard QA & litterbox ops.

Meet the team →

open source · a project I maintain

Never sent a pull request?
Start with Verto.

Verto curates beginner-friendly “good first issues” from real open-source projects and walks you through landing your first contribution — no gatekeeping. It lives at verto.lucavallin.com.

Open Verto →How it works

good first issues · live on Verto

good first issueAdd unit tests for the config loaderGo · 12 ★docsImprove the getting-started guideMarkdown good first issueFix flaky timeout in CI workflowYAML · help wanted

through the lens