~10,000 readers a month · the main event

The blog

Long-form notes on platform engineering, cloud-native infrastructure, the Linux kernel and the messy reality of running AI workloads. Written in the open, occasionally opinionated.

More writing

6 February 2025 · 17 min read

OpenTelemetry: A Guide to Observability with Go

Modern applications are often complex, distributed systems. Debugging them is not fun: you have to follow requests across services, logs get lost, and metrics are often hard to correlate. It's like looking for a needle in a haystack - except the haystack is on fire, and the needle keeps moving. This is where OpenTelemetry (OTel) can help.

goobservabilitycncf

3 December 2024 · 1 min read

My post about Istio is now on the Istio blog too!

A few months ago I published a post titled "The Istio Service Mesh for People Who Have Stuff to Do". The post was well-received and it's now available on the Istio.io blog too.

service-meshopen-sourcecncf

21 September 2024 · 9 min read

The Istio Service Mesh for People Who Have Stuff to Do

I recently made a contribution to Istio, an open-source service mesh that simplifies managing microservices. In this post, I explain how Istio handles traffic routing, security with mTLS, and observability, making complex systems more resilient and efficient.

service-meshopen-sourcecncf

10 July 2024 · 6 min read

Things I've Learned About Terraform That I Keep Telling People About

I've been working with Terraform for a while now, and I've noticed that there are a few things that I keep telling people about. I thought it would be helpful to write a blog post about some of the most common questions I get asked and share some of the things I've learned along the way.

terraformcloud-nativecncf

17 May 2024 · 3 min read

CI/CD Observability on GitHub Actions and the Role of OpenTelemetry

CI/CD observability provides insights into the performance and health of CI/CD pipelines, helping teams detect issues early and improve efficiency. A few options are currently available on the GitHub Actions marketplace to integrate OpenTelemetry into CI/CD workflows.

cicdgithubgithub-actionscncfobservability

30 April 2024 · 1 min read

I am a CNCF (Cloud Native Computing Foundation) Ambassador!

I am very happy to announce that I have been selected as a CNCF (Cloud Native Computing Foundation) Ambassador - a long-standing goal of mine!

announcementcncf

24 January 2024 · 1 min read

I'm on the KubeFM Podcast Talking About "Linux Containers From Scratch"

KubeFM recently invited me to talk about my project "barco: Linux Containers From Scratch in C". In this episode, I talk about why Linux containers don't exist, how to use cgroups and namespaces to isolate a process, how to secure the container with seccomp and capabilities, and how to make the right syscall from C to build your own container engine. Thank you, KubeFM, for having me!

podcastcontainerslinuxcloud-nativecncfkubernetes

31 December 2023 · 9 min read

How to Configure OIDC with Terraform for GitHub Enterprise Server

OpenID Connect (OIDC) is an authentication protocol that extends OAuth 2.0, providing a solid and standardized method for authentication often involving an ID token in the JWT (JSON Web Token) format. OIDC is the recommended way to authenticate with GitHub Enterprise Server when setting up GitHub Actions. Since the setup can be tricky, I've created a Terraform configuration that makes it easier to get started.

githubgithub-actionsterraformsecuritycloud-nativecncf

17 September 2023 · 10 min read

barco: Linux Containers From Scratch in C.

A straightforward C implementation of a container runtime, built from the ground up to explore containers and the Linux Kernel.

clinuxcontainerscncf

25 August 2023 · 4 min read

How to Create a Release With Multiple Artifacts From a GitHub Actions Workflow Using the Matrix Strategy

Find out how I managed to create a release with executables suitable for different operating systems all within a single workflow run.

gitdevopsrustgithub-actionscncf

9 December 2021 · 3 min read

What is Google Cloud Deploy?

Simplifying container-based app development on Google Kubernetes Engine (GKE) with Cloud Deploy.

kubernetesgoogle-cloudcicdcloudcncf

2 December 2021 · 3 min read

What is GitOps?

GitOps is an operational approach combining DevOps best practices like CI/CD, version control, and teamwork.

deploymentgitdevopscicdcncf

27 July 2021 · 5 min read

How to Read Firestore Events with Cloud Functions and Golang

Learn how I used Golang and Cloud Functions to Read Firestore events published to the Cloud by my Raspberry Pi.

gogoogle-cloudserverlessterraformfirestorecncf

26 July 2021 · 9 min read

Google Cloud Pub/Sub vs NATS: An Easy-to-Understand Comparison

Examining messaging options for scalable, event-based systems: features, advantages, disadvantages, and costs.

message-queuearchitecturegoogle-cloudcncf

23 July 2021 · 6 min read

How to Deploy a Multi-cluster Service Mesh on GKE with Anthos

A detailed guide on deploying a multi-cluster, multi-region service mesh with Anthos Service Mesh on GKE.

google-cloudkubernetesservice-meshcncf

4 July 2021 · 3 min read

How to Safely Store Secrets in Terraform Using Cloud KMS

Protecting Terraform secrets using Cloud KMS for seamless git commit experience.

securitygitgoogle-cloudterraformcncf

11 June 2021 · 3 min read

How to Use Terraform Workspaces to Manage Environment-based Configuration

Find out how to make managing infrastructure in multiple environments easier with Terraform Workspaces, without using regular modules.

clouddevopsinfrastructureterraformcncf