Tracing the internals of a service mesh from kernel level — Istio’s Control Plane and Data Plane architecture, sidecar injection mechanism, iptables traffic interception, xDS protocol, and mTLS Zero Trust.
A deep dive into Kubernetes pod networking internals — from the flat network model and CNI spec, to same-node communication via veth pairs and bridges, to cross-node communication via VXLAN encapsulation.
From network interfaces and Ethernet frames to routing tables and Netfilter/iptables — a deep dive into how packets actually move at the OS level, with ifconfig, ip route, and iptables commands.
How to securely manage secrets in a GitOps environment. Compares Sealed Secrets, SOPS, External Secrets Operator, and CSI Driver, with practical architecture and best practices for Vault + ESO + ArgoCD.
When connecting to AWS ElastiCache through Tailscale VPN from an on-premises K3s cluster, only large packets were being dropped while small ones went through fine. This post covers the root cause and how I resolved it.
Everything you need for real-world GitOps adoption — from the four core principles (declarative definitions, version control, pull-based deployment, continuous reconciliation) to the differences from traditional CI/CD, repository strategies, Kustomize/Helm usage, and secret management.
A deep dive into how the JavaScript event loop works and how Node.js handles threading — unpacking how a single-threaded language pulls off asynchronous processing.
From Java’s ‘Write Once, Run Anywhere’ philosophy to Spring’s Tomcat thread pool, HikariCP connection pool, and Java 21 Virtual Threads. Includes a structural comparison with Node.js.