lucavallinThe blog
Long-form notes on platform engineering, cloud-native infrastructure, the Linux kernel and the messy reality of running AI workloads. Written in the open, occasionally opinionated.
More writing
Kubernetes Networking from Packets to Pods
Kubernetes networking doesn't have to be a black box. This guide breaks it down, starting from the fundamentals of Linux networking and container isolation. We then dive into the complete Kubernetes model, explaining everything from Pod IPs and CNI plugins to Services, NetworkPolicy, and Ingress, providing a clear end-to-end map of how connectivity works in your cluster.
I'm on the KubeFM Podcast Talking About "Linux Containers From Scratch"
KubeFM recently invited me to talk about my project "barco: Linux Containers From Scratch in C". In this episode, I talk about why Linux containers don't exist, how to use cgroups and namespaces to isolate a process, how to secure the container with seccomp and capabilities, and how to make the right syscall from C to build your own container engine. Thank you, KubeFM, for having me!
What is Google Cloud Deploy?
Simplifying container-based app development on Google Kubernetes Engine (GKE) with Cloud Deploy.
How to Deploy a Multi-cluster Service Mesh on GKE with Anthos
A detailed guide on deploying a multi-cluster, multi-region service mesh with Anthos Service Mesh on GKE.
How to Deploy ElasticSearch on GKE using Terraform and Helm
Find out how to set up ElasticSearch on Kubernetes utilizing Terraform and Helm charts.