Blog

Thoughts on backend architecture, cloud infrastructure, and engineering leadership.

All Golang (9) Architecture (7) Getting started (4) Security (4) DevOps (3) homelab (3) Kubernetes (3) Microservices (3) server (3) TypeScript (3) AI (2) Backend (2) cisco (2) Data Engineering (2) Development (2) networking (2) Performance (2) rack (2) Cloud (1) Cloud Native (1) Enterprise (1) Frontend (1) hardware (1) Infrastructure (1) Productivity (1)
Architecting AI Applications for Production
Architecture Backend Security

Architecting AI Applications for Production

A threat-model-first walkthrough of shipping LLM-backed features — prompt injection defenses, multi-provider failover, structured output, cost control, and the concurrency traps that melt AI services in production.
Zero Trust Security for Microservices
Security Architecture DevOps

Zero Trust Security for Microservices

Service-mesh zero trust, in practice: SPIFFE identities, mTLS by default, Istio and Linkerd policy at the sidecar, network policies underneath, and the places where you still need app-level authorization.
Real-Time Data Pipelines with TypeScript and Kafka
TypeScript Data Engineering Architecture

Real-Time Data Pipelines with TypeScript and Kafka

How I build type-safe, event-driven data pipelines using TypeScript and KafkaJS -- from schema validation to dead letter queues to exactly-once processing.
Optimizing Go for High-Throughput Systems
Golang Performance Backend

Optimizing Go for High-Throughput Systems

Memory management, concurrency patterns, and profiling techniques that took my Go services from adequate to high-performance. Practical optimization, not premature optimization.
Resilient Microservices in Go
Microservices Golang Architecture

Resilient Microservices in Go

Circuit breakers, bulkheads, retries, timeouts, and degradation — the fault-tolerance patterns that keep distributed Go systems alive when dependencies fail.
Authentication Patterns for Distributed Systems
Security Golang TypeScript

Authentication Patterns for Distributed Systems

A threat-model-first walkthrough of JWT, OAuth2/OIDC, refresh rotation, and zero trust auth for Go services — with the mistakes that actually burn people in production.
Custom Kubernetes Controllers in Go
Kubernetes Golang Cloud Native

Custom Kubernetes Controllers in Go

Building Go controllers with controller-runtime to automate cluster operations — reconcile semantics, CRDs, watches, and the failure modes that actually burn production clusters.
High-Performance ETL Pipelines in Go
Data Engineering Golang Performance

High-Performance ETL Pipelines in Go

A failure-model-first walkthrough of streaming ETL in Go — bounded concurrency, backpressure, context cancellation, poison records, and the mistakes that blow up memory under real load.
Authorization Patterns for Go Microservices
Security Golang Microservices

Authorization Patterns for Go Microservices

Authorization in a service mesh — RBAC, ABAC, policy engines, SPIFFE service identity, and deny-by-default patterns for Go microservices without the panics and silent bypasses.
Migrating Monoliths to Microservices with Go
Cloud Golang Architecture

Migrating Monoliths to Microservices with Go

An opinionated migration framework for strangling a Go monolith — threat model, dependency analysis, strangler-fig routing, database-per-service, and when not to migrate at all.
AI-Assisted Backend Development with Go and TypeScript
AI Development Productivity

AI-Assisted Backend Development with Go and TypeScript

An honest assessment of AI coding assistants for Go and TypeScript backend work — where they save real time, where they fall short, and how to integrate them without losing your edge.
TypeScript at Scale
TypeScript Frontend Architecture

TypeScript at Scale

Managing large TypeScript codebases without drowning in complexity — modular architecture, state management, and type system patterns that actually work.