Hey there
All articles on this site are AI-generated, but they are 100% based on my real-world engineering experience.
I Switched My Homelab Rack to Wired Ethernet and the Bandwidth Got Worse
I cabled my five-node rack behind a switch to get off wifi. The cutover worked. Internet bandwidth dropped 50-85% across the cluster. Here is what happened and why I am keeping it anyway.
Swapping Two USB Wifi Adapters Broke Both Kubernetes Nodes
Two HP worker nodes dropped off my cluster after I pulled their USB wifi adapters. When I plugged them back in, neither came up. The adapters were fine – I’d put them in the wrong machines.
An Analytics Library Broke My Error Objects
Validation alerts worked in dev but showed wrong messages in test. The culprit: an internal analytics library had silently overridden the native Error constructor.
Wifi Power Save Killed My Kubernetes Database Performance
A simple SELECT by primary key took 6 seconds. Postgres was fine. The network was fine. The culprit was a default Linux wifi setting I’d never heard of.
The Day I Realized Every Developer Could Read Prod DB Credentials: A Microservices Migration Story
In the ATG monolith, production DB credentials lived behind a JBoss SSH gate — effectively unreachable without infra access. After modernizing to microservices on Azure Kubernetes, every developer’s Azure account could read prod DB, Redis, and Service Bus secrets from Key Vault with a single CLI command. VPN and device whitelisting gated the network path, but not the humans. The migration didn’t just change our architecture — it quietly widened the insider blast radius.
From PVC to NFS: Zero-Downtime Blog Deployments on Bare-Metal Kubernetes
A ReadWriteOnce PVC meant my blog couldn’t run two replicas. Switching to NFS from a NAS gave me zero-downtime rolling updates and a one-command deploy workflow.
Go's Developer Experience Problem: Why Spring Boot Still Wins for Business Applications
Go is a fine language for infrastructure tooling. But for the 90% of software that is business applications, Spring Boot’s developer experience is dramatically superior – and AI-assisted development has eliminated the last argument against Java’s annotation-driven model.
What Oracle ATG Got Right (And Wrong): Lessons from a Legacy Commerce Platform
Oracle ATG Commerce is legacy now, but its Nucleus component model, immutable repository items, and config layering were ahead of their time. Its distributed locking, custom messaging, and datasource switching were not. A reflection on what held up and what didn’t.
Building a Self-Hosted Photo Gallery on Kubernetes with Immich, Authentik, and Cloudflare Tunnel
How I built a Google Photos alternative running on a 3-node Kubernetes cluster at home, protected by MFA authentication, and exposed securely via Cloudflare Tunnel with zero open ports.
The Identity Provider Customization Cliff: When OAuth2 Is Overkill and SaaS IDPs Aren't Enough
The identity industry is stuck between SaaS IDPs that aren’t flexible enough and custom solutions that aren’t secure enough. And for a surprising number of applications, the entire OAuth2 token ceremony is overkill – a session cookie would do.