-
Notifications
You must be signed in to change notification settings - Fork 0
/
categories.html
2 lines (2 loc) · 81.5 KB
/
categories.html
1
2
<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <link rel="icon" href="/assets/images/logo.png"> <title>Categories | Charles Xu</title> <title>Categories | Charles Xu</title> <meta name="generator" content="Jekyll v4.3.2"/> <meta property="og:title" content="Categories"/> <meta property="og:locale" content="en_US"/> <meta name="description" content="Essays, books, wiki on technologies, career, markets, and more."/> <meta property="og:description" content="Essays, books, wiki on technologies, career, markets, and more."/> <meta property="og:site_name" content="Charles Xu"/> <meta property="og:type" content="website"/> <meta name="twitter:card" content="summary"/> <meta property="twitter:title" content="Categories"/> <script type="application/ld+json">
{"@context":"https://schema.org","@type":"WebPage","description":"Essays, books, wiki on technologies, career, markets, and more.","headline":"Categories","publisher":{"@type":"Organization","logo":{"@type":"ImageObject","url":"/assets/images/logo.png"}},"url":"/categories"}</script> <link href="/assets/css/bootstrap.min.css" rel="stylesheet"> <script src="/assets/js/jquery.min.js"></script> <script async src="https://www.googletagmanager.com/gtag/js?id=G-8CYZ0N0EWJ"></script> <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-8CYZ0N0EWJ");</script> <script>!function(e,t,a,n,c,o,s){e.GoogleAnalyticsObject=c,e[c]=e[c]||function(){(e[c].q=e[c].q||[]).push(arguments)},e[c].l=1*new Date,o=t.createElement(a),s=t.getElementsByTagName(a)[0],o.async=1,o.src=n,s.parentNode.insertBefore(o,s)}(window,document,"script","https://www.google-analytics.com/analytics.js","ga"),ga("create","UA-151349369-1","auto"),ga("send","pageview");</script> <script defer src='https://static.cloudflareinsights.com/beacon.min.js' data-cf-beacon='{"token": "5b6e3d4ee3274005a2d3321f9bb0516c"}'></script> </head> <body class="layout-categories"> <noscript id="deferred-styles"> <link href="/assets/css/fontawesome.css" rel="stylesheet"> <link href="/assets/css/google-fonts.css" rel="stylesheet"> </noscript> <nav class="navbar navbar-expand-lg navbar-light bg-white fixed-top mediumnavigation nav-down"> <div class="container pr-0"> <a class="navbar-brand" href="/"> <img src="/assets/images/logo.png" alt="Charles Xu" height="32" width="32"> </a> <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarMediumish" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation"> <span class="navbar-toggler-icon"></span> </button> <div class="collapse navbar-collapse" id="navbarMediumish"> <ul class="navbar-nav ml-auto"> <li class="nav-item"> <a class="nav-link" href="/about">About</a> </li> <li class="nav-item"> <a class="nav-link" href="/bookshelf">Bookshelf</a> </li> <li class="nav-item"> <a class="nav-link" href="/inspirations">Inspirations</a> </li> <li class="nav-item"> <a class="nav-link" href="/wiki">Wiki</a> </li> <li class="nav-item"> <a class="nav-link" href="/">Blog</a> </li> <script src="/assets/js/lunr.js"></script> <style>.lunrsearchresult .title{color:#d9230f}.lunrsearchresult .url{color:silver}.lunrsearchresult a{display:block;color:#777}.lunrsearchresult a:hover,.lunrsearchresult a:focus{text-decoration:none}.lunrsearchresult a:hover .title{text-decoration:underline}</style> <div style="width: 14px; height: 10px;"></div> <form class="bd-search" onSubmit="return lunr_search(document.getElementById('lunrsearch').value);"> <input type="text" class="form-control text-small launch-modal-search" id="lunrsearch" name="q" maxlength="255" value="" placeholder="Type and enter..."/> </form> <div id="lunrsearchresults"> <ul></ul> </div> <script src="/assets/js/lunrsearchengine.js"></script> </ul> </div> </div> </nav> <div class="site-content"> <div class="container"> <div class="mainheading"> <h1 class="sitetitle">Charles Xu</h1> <p class="lead"> Essays, books, wiki on technologies, career, markets, and more. </p> </div> <div id="loading"> <div id="loading-image" class="lds-ellipsis"><div></div><div></div><div></div><div></div></div> </div> <script>$(window).on("load",function(){$("#loading").hide()});</script> <div class="main-content"> <div class="row listrecent"> <div class="section-title col-md-12 mt-4"> <h2 id="git">Category <span class="text-capitalize">git</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/multi-repo/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/multi-repo/cover.png" alt="Dependency Update and Artifacts Promotion in Multi-repo Project"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/multi-repo/">Dependency Update and Artifacts Promotion in Multi-repo Project</a> </h2> <h4 class="card-text">We all know Google employs a version tracking system that uses a single repository/depot. Every close-source google product that you love is tracked by this single repo, which is so...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">13 Aug 2017</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/git/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/git/cover.jpg" alt="Git as Version Vector"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/git/">Git as Version Vector</a> </h2> <h4 class="card-text">Git is one of the most widely used version control systems. Traditionally, a repository on git is considered as a complete history of the entire project in the form of...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">22 Dec 2016</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/git2/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/git2/cover.jpg" alt="Git: Branch off An Unmerged Branch While Committing Often - Disasters and Salvage"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/git2/">Git: Branch off An Unmerged Branch While Committing Often - Disasters and Salvage</a> </h2> <h4 class="card-text">Committing often and pushing often has been advocated as good practice when using Git, which saves your latest work on remote even if your hard drive dies right after and...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">14 Aug 2016</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="section-title col-md-12 mt-4"> <h2 id="web">Category <span class="text-capitalize">web</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/k8s-ha/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/k8s-ha/cover.jpg" alt="How to Configure Applications for High Availability in Kubernetes"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/k8s-ha/">How to Configure Applications for High Availability in Kubernetes</a> </h2> <h4 class="card-text">Pods in Kubernetes are the smallest orchestration unit and are ephemeral by definition: Deployment/StatefulSet/DaemonSet/ReplicaSet updates or patches Nodepool downscaling (compaction) or upgrades (cordoned and drained) </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">29 Dec 2019</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/blue-green/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/blue-green/cover.jpg" alt="Service API Changes: Prefer Blue-green Update to Rolling Update"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/blue-green/">Service API Changes: Prefer Blue-green Update to Rolling Update</a> </h2> <h4 class="card-text">Summary To achieve zero-downtime service update, Kubernetes rolling update implies the API must be both forward and backward compatible. Forward compatibility is hard if at all makes sense. Blue-green update...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">24 Mar 2019</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/jwt/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/jwt/cover.jpg" alt="JWT + Third-party Oauth in Single Page App"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/jwt/">JWT + Third-party Oauth in Single Page App</a> </h2> <h4 class="card-text">Imagine you run a single page app at example.com that communicates with backends over restful API and is authenticated with JWT tokens managed by you, but identities are managed by...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">13 Feb 2019</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/sys-design/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/sys-design/cover.jpg" alt="System Design Interview: Scaling Single Server"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/sys-design/">System Design Interview: Scaling Single Server</a> </h2> <h4 class="card-text">Imagine your app is doing tremendously well with growing traffics. If there is a single server for your app, and the server is approaching its capacity, how would you scale...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">14 Dec 2018</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/mq/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/mq/cover.jpg" alt="Killer Apps of Message Queues"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/mq/">Killer Apps of Message Queues</a> </h2> <h4 class="card-text">Message queues are an asynchronous inter-process communication protocol that gains much of its glory with the recent hypes in microservices. Senders and receivers do not interact with the middleware at...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">16 Jan 2018</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/session/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/session/cover.jpg" alt="Session Consistency in Replicated Frontend Servers"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/session/">Session Consistency in Replicated Frontend Servers</a> </h2> <h4 class="card-text">HTTP provides an abstraction of short connections. Unlike the continuous byte streams in TCP, exchanges between client and server over HTTP starts with a client request and ends with server...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">02 Jul 2017</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/pagination/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/pagination/cover.png" alt="Pagination Ordered by Secondary Keys on Sharded Stores"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/pagination/">Pagination Ordered by Secondary Keys on Sharded Stores</a> </h2> <h4 class="card-text">A common design for content display, pagination partitions information into multiple pages and serves one at a time. We have seen it in search results, message history, and cascading news...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">23 Apr 2017</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/kip/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/kip/cover.jpg" alt="Kip’s Warehouse: Building Scalable, Reliable, Consistent Web Application from the Ground Up"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/kip/">Kip’s Warehouse: Building Scalable, Reliable, Consistent Web Application from the Ground Up</a> </h2> <h4 class="card-text">I have been working with another three wonderful people on the senior design project, which is a web application of an inventory management system, and the production is up at...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">25 Feb 2017</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/microservices/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/microservices/cover.jpg" alt="Service-Oriented Architecture: Why did Microservices Catch On"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/microservices/">Service-Oriented Architecture: Why did Microservices Catch On</a> </h2> <h4 class="card-text">All teams will henceforth expose their data and functionality through service interfaces. There will be no other form of inter-process communication (IPC) allowed: no direct linking, no direct reads of...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">04 Sep 2016</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="section-title col-md-12 mt-4"> <h2 id="microservices">Category <span class="text-capitalize">microservices</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/kube-proxy-bug/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/kube-proxy-bug/cover2.jpg" alt="Kube-proxy and mysterious DNS timeout"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/kube-proxy-bug/">Kube-proxy and mysterious DNS timeout</a> </h2> <h4 class="card-text">This post reviews how iptables-mode kube-proxy works, why some DNS requests to kube-dns were blackholed, and how to mitigate the issue. </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">12 May 2024</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/scaling-istio/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/scaling-istio/cover.jpg" alt="Scaling Istio"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/scaling-istio/">Scaling Istio</a> </h2> <h4 class="card-text">In a large, busy cluster, how do you scale Istio to address Istio-proxy Container being OOM-Killed and Istiod crashes if too many connected istio-proxies? </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">22 Oct 2023</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/jwt/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/jwt/cover.jpg" alt="JWT + Third-party Oauth in Single Page App"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/jwt/">JWT + Third-party Oauth in Single Page App</a> </h2> <h4 class="card-text">Imagine you run a single page app at example.com that communicates with backends over restful API and is authenticated with JWT tokens managed by you, but identities are managed by...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">13 Feb 2019</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/istio/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/istio/cover.jpg" alt="Istio: Noninvasive Governance of Microservices on Hybrid Cloud"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/istio/">Istio: Noninvasive Governance of Microservices on Hybrid Cloud</a> </h2> <h4 class="card-text">As presented in my previous post, microservices are the state-of-the-art architecture for building scalable, highly-available, manageable backend. No more 30-minute build time, single point of failure, and constant regression from...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">02 Feb 2018</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/mq/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/mq/cover.jpg" alt="Killer Apps of Message Queues"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/mq/">Killer Apps of Message Queues</a> </h2> <h4 class="card-text">Message queues are an asynchronous inter-process communication protocol that gains much of its glory with the recent hypes in microservices. Senders and receivers do not interact with the middleware at...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">16 Jan 2018</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/session/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/session/cover.jpg" alt="Session Consistency in Replicated Frontend Servers"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/session/">Session Consistency in Replicated Frontend Servers</a> </h2> <h4 class="card-text">HTTP provides an abstraction of short connections. Unlike the continuous byte streams in TCP, exchanges between client and server over HTTP starts with a client request and ends with server...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">02 Jul 2017</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/pagination/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/pagination/cover.png" alt="Pagination Ordered by Secondary Keys on Sharded Stores"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/pagination/">Pagination Ordered by Secondary Keys on Sharded Stores</a> </h2> <h4 class="card-text">A common design for content display, pagination partitions information into multiple pages and serves one at a time. We have seen it in search results, message history, and cascading news...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">23 Apr 2017</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/kip/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/kip/cover.jpg" alt="Kip’s Warehouse: Building Scalable, Reliable, Consistent Web Application from the Ground Up"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/kip/">Kip’s Warehouse: Building Scalable, Reliable, Consistent Web Application from the Ground Up</a> </h2> <h4 class="card-text">I have been working with another three wonderful people on the senior design project, which is a web application of an inventory management system, and the production is up at...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">25 Feb 2017</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/microservices/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/microservices/cover.jpg" alt="Service-Oriented Architecture: Why did Microservices Catch On"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/microservices/">Service-Oriented Architecture: Why did Microservices Catch On</a> </h2> <h4 class="card-text">All teams will henceforth expose their data and functionality through service interfaces. There will be no other form of inter-process communication (IPC) allowed: no direct linking, no direct reads of...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">04 Sep 2016</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="section-title col-md-12 mt-4"> <h2 id="distributed-systems">Category <span class="text-capitalize">distributed systems</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/2s-comp/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/2s-comp/cover.jpg" alt="A Brilliant Hack: Why does Layer 2/3 Checksum use 1’s Complement, Not 2’s"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/2s-comp/">A Brilliant Hack: Why does Layer 2/3 Checksum use 1’s Complement, Not 2’s</a> </h2> <h4 class="card-text">A super quick recap, one’s complement represents negative x by reverting every bit of x, while two’s complement negative x as one’s complement of x plus 1. Symbolically, </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">07 Apr 2019</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/sys-design/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/sys-design/cover.jpg" alt="System Design Interview: Scaling Single Server"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/sys-design/">System Design Interview: Scaling Single Server</a> </h2> <h4 class="card-text">Imagine your app is doing tremendously well with growing traffics. If there is a single server for your app, and the server is approaching its capacity, how would you scale...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">14 Dec 2018</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/sec/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/sec/cover.png" alt="A Primer on Secure Communication Channels"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/sec/">A Primer on Secure Communication Channels</a> </h2> <h4 class="card-text">In the world of internet, sending messages in clear text is like swimming naked. We would love some secure communication channels free from eavesdropping or tampering. Security as such is...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">10 Sep 2017</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/git/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/git/cover.jpg" alt="Git as Version Vector"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/git/">Git as Version Vector</a> </h2> <h4 class="card-text">Git is one of the most widely used version control systems. Traditionally, a repository on git is considered as a complete history of the entire project in the form of...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">22 Dec 2016</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/quorum/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/quorum/cover.jpg" alt="Sloppy Quorum And Eventual Consistency"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/quorum/">Sloppy Quorum And Eventual Consistency</a> </h2> <h4 class="card-text">Here is where we stand. Fisher-Lynch-Patterson has shown that consensus is not guaranteed in bounded time in a purely asynchronous network. The CAP theorem shows that from consistency, availability, and...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">18 Nov 2016</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/rsm/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/rsm/cover.png" alt="Reliable & Consistent Service: Linearizable RPC and Replicated State Machine"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/rsm/">Reliable & Consistent Service: Linearizable RPC and Replicated State Machine</a> </h2> <h4 class="card-text">Remote Procedure Call (RPC) is a canonical structuring paradigm for client-server/request-response services. </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">13 Sep 2016</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="section-title col-md-12 mt-4"> <h2 id="signal-processing">Category <span class="text-capitalize">signal processing</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/fourier/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/fourier/cover.png" alt="Fourier, Phasors, LTI and All That"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/fourier/">Fourier, Phasors, LTI and All That</a> </h2> <h4 class="card-text">We all share the sorrow and misery from that signal processing class. You were thrown at some crazy formula, kind of know how to use them but probably never understand why...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">08 Oct 2016</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="section-title col-md-12 mt-4"> <h2 id="networking">Category <span class="text-capitalize">networking</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/kube-proxy-bug/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/kube-proxy-bug/cover2.jpg" alt="Kube-proxy and mysterious DNS timeout"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/kube-proxy-bug/">Kube-proxy and mysterious DNS timeout</a> </h2> <h4 class="card-text">This post reviews how iptables-mode kube-proxy works, why some DNS requests to kube-dns were blackholed, and how to mitigate the issue. </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">12 May 2024</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/scaling-istio/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/scaling-istio/cover.jpg" alt="Scaling Istio"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/scaling-istio/">Scaling Istio</a> </h2> <h4 class="card-text">In a large, busy cluster, how do you scale Istio to address Istio-proxy Container being OOM-Killed and Istiod crashes if too many connected istio-proxies? </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">22 Oct 2023</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/eks-sg/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/eks-sg/cover3.jpeg" alt="Work Around Max Count of Security Group Rules on EKS"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/eks-sg/">Work Around Max Count of Security Group Rules on EKS</a> </h2> <h4 class="card-text">AWS EKS on VPC networks need AWS Security Group Rules (SG) to receipt ingress traffic. But what if you reach the max rules count in your SG? </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">26 Sep 2023</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/source-ip-autoscale/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/source-ip-autoscale/cover2.jpeg" alt="Layer-4 Load Balancer & Zero-downtime Autoscaling and Upgrade"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/source-ip-autoscale/">Layer-4 Load Balancer & Zero-downtime Autoscaling and Upgrade</a> </h2> <h4 class="card-text">Your Kubernetes cluster probably has a shared ingress for north-south traffic, coming from a cloud load balancer and lands on your favorite proxies like Envoy, or Istio gateways, or Nginx....</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">06 Aug 2023</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/k8s-net/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/k8s-net/cover.jpeg" alt="Kubernetes Networking From the First Principles"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/k8s-net/">Kubernetes Networking From the First Principles</a> </h2> <h4 class="card-text">We go from containers and network namespace to Pod-to-Pod, Pod-to-Service, and external-client-to-Service networking. </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">01 Mar 2022</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/istio-short/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/istio-short/cover2.jpg" alt="The Good, Bad, and Ugly: Istio for Short-lived Pods"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/istio-short/">The Good, Bad, and Ugly: Istio for Short-lived Pods</a> </h2> <h4 class="card-text">Kubernetes does not differentiate sidecars and application containers in a Pod. Hence, enabling Istio for short-running workloads imposes additional challenges to the conventional approach of injecting an Envoy sidecar to...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">26 Apr 2020</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/dns-udp/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/dns-udp/cover.jpg" alt="DNS, UDP, IP Anycast, and All That"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/dns-udp/">DNS, UDP, IP Anycast, and All That</a> </h2> <h4 class="card-text">DNS prefers UDP. There are times when DNS must run on TCP (request or response size exceeds a single packet, perhaps due to too many response records), but UDP is...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">05 Apr 2020</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/gke-scaling/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/gke-scaling/cover.jpg" alt="Lessons from Scaling GKE: L4 ILB Tops at 250 Nodes"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/gke-scaling/">Lessons from Scaling GKE: L4 ILB Tops at 250 Nodes</a> </h2> <h4 class="card-text">My team at Cruise operates tens of Kubernetes clusters with 10,000s cores and 100s of TB of RAM. Since migration to GCP, we have hit several interesting scaling issues. One...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">20 Mar 2020</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/2s-comp/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/2s-comp/cover.jpg" alt="A Brilliant Hack: Why does Layer 2/3 Checksum use 1’s Complement, Not 2’s"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/2s-comp/">A Brilliant Hack: Why does Layer 2/3 Checksum use 1’s Complement, Not 2’s</a> </h2> <h4 class="card-text">A super quick recap, one’s complement represents negative x by reverting every bit of x, while two’s complement negative x as one’s complement of x plus 1. Symbolically, </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">07 Apr 2019</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/jwt/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/jwt/cover.jpg" alt="JWT + Third-party Oauth in Single Page App"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/jwt/">JWT + Third-party Oauth in Single Page App</a> </h2> <h4 class="card-text">Imagine you run a single page app at example.com that communicates with backends over restful API and is authenticated with JWT tokens managed by you, but identities are managed by...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">13 Feb 2019</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/sec/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/sec/cover.png" alt="A Primer on Secure Communication Channels"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/sec/">A Primer on Secure Communication Channels</a> </h2> <h4 class="card-text">In the world of internet, sending messages in clear text is like swimming naked. We would love some secure communication channels free from eavesdropping or tampering. Security as such is...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">10 Sep 2017</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/quorum/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/quorum/cover.jpg" alt="Sloppy Quorum And Eventual Consistency"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/quorum/">Sloppy Quorum And Eventual Consistency</a> </h2> <h4 class="card-text">Here is where we stand. Fisher-Lynch-Patterson has shown that consensus is not guaranteed in bounded time in a purely asynchronous network. The CAP theorem shows that from consistency, availability, and...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">18 Nov 2016</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="section-title col-md-12 mt-4"> <h2 id="istio">Category <span class="text-capitalize">istio</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/scaling-istio/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/scaling-istio/cover.jpg" alt="Scaling Istio"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/scaling-istio/">Scaling Istio</a> </h2> <h4 class="card-text">In a large, busy cluster, how do you scale Istio to address Istio-proxy Container being OOM-Killed and Istiod crashes if too many connected istio-proxies? </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">22 Oct 2023</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/istio-short/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/istio-short/cover2.jpg" alt="The Good, Bad, and Ugly: Istio for Short-lived Pods"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/istio-short/">The Good, Bad, and Ugly: Istio for Short-lived Pods</a> </h2> <h4 class="card-text">Kubernetes does not differentiate sidecars and application containers in a Pod. Hence, enabling Istio for short-running workloads imposes additional challenges to the conventional approach of injecting an Envoy sidecar to...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">26 Apr 2020</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/istio/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/istio/cover.jpg" alt="Istio: Noninvasive Governance of Microservices on Hybrid Cloud"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/istio/">Istio: Noninvasive Governance of Microservices on Hybrid Cloud</a> </h2> <h4 class="card-text">As presented in my previous post, microservices are the state-of-the-art architecture for building scalable, highly-available, manageable backend. No more 30-minute build time, single point of failure, and constant regression from...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">02 Feb 2018</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/multi-repo/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/multi-repo/cover.png" alt="Dependency Update and Artifacts Promotion in Multi-repo Project"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/multi-repo/">Dependency Update and Artifacts Promotion in Multi-repo Project</a> </h2> <h4 class="card-text">We all know Google employs a version tracking system that uses a single repository/depot. Every close-source google product that you love is tracked by this single repo, which is so...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">13 Aug 2017</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="section-title col-md-12 mt-4"> <h2 id="security">Category <span class="text-capitalize">security</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/sec/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/sec/cover.png" alt="A Primer on Secure Communication Channels"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/sec/">A Primer on Secure Communication Channels</a> </h2> <h4 class="card-text">In the world of internet, sending messages in clear text is like swimming naked. We would love some secure communication channels free from eavesdropping or tampering. Security as such is...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">10 Sep 2017</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="section-title col-md-12 mt-4"> <h2 id="docker">Category <span class="text-capitalize">docker</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/docker_multi_stage/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/docker_multi_stage/cover.png" alt="Docker Multi-stage Build: Fast, Minimal and Secure Images"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/docker_multi_stage/">Docker Multi-stage Build: Fast, Minimal and Secure Images</a> </h2> <h4 class="card-text">Introduced in version v17.05, multi-stage builds feature in Dockerfiles enables you to create smaller container images with better caching and smaller security footprint. Fundamentally, the new syntax allows one to...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">21 Jan 2019</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/docker-intro/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/docker-intro/cover.jpg" alt="Docker: The Container Metaphor with Profound Revolution"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/docker-intro/">Docker: The Container Metaphor with Profound Revolution</a> </h2> <h4 class="card-text">Many regard containers as a virtualization technology. They are missing out. Docker has much more to offer. It is a graceful solution to some of the most painful experience in...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">24 Feb 2018</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="section-title col-md-12 mt-4"> <h2 id="kubernetes">Category <span class="text-capitalize">kubernetes</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/kube-proxy-bug/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/kube-proxy-bug/cover2.jpg" alt="Kube-proxy and mysterious DNS timeout"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/kube-proxy-bug/">Kube-proxy and mysterious DNS timeout</a> </h2> <h4 class="card-text">This post reviews how iptables-mode kube-proxy works, why some DNS requests to kube-dns were blackholed, and how to mitigate the issue. </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">12 May 2024</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/scaling-istio/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/scaling-istio/cover.jpg" alt="Scaling Istio"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/scaling-istio/">Scaling Istio</a> </h2> <h4 class="card-text">In a large, busy cluster, how do you scale Istio to address Istio-proxy Container being OOM-Killed and Istiod crashes if too many connected istio-proxies? </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">22 Oct 2023</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/eks-sg/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/eks-sg/cover3.jpeg" alt="Work Around Max Count of Security Group Rules on EKS"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/eks-sg/">Work Around Max Count of Security Group Rules on EKS</a> </h2> <h4 class="card-text">AWS EKS on VPC networks need AWS Security Group Rules (SG) to receipt ingress traffic. But what if you reach the max rules count in your SG? </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">26 Sep 2023</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/source-ip-autoscale/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/source-ip-autoscale/cover2.jpeg" alt="Layer-4 Load Balancer & Zero-downtime Autoscaling and Upgrade"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/source-ip-autoscale/">Layer-4 Load Balancer & Zero-downtime Autoscaling and Upgrade</a> </h2> <h4 class="card-text">Your Kubernetes cluster probably has a shared ingress for north-south traffic, coming from a cloud load balancer and lands on your favorite proxies like Envoy, or Istio gateways, or Nginx....</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">06 Aug 2023</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/k8s-net/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/k8s-net/cover.jpeg" alt="Kubernetes Networking From the First Principles"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/k8s-net/">Kubernetes Networking From the First Principles</a> </h2> <h4 class="card-text">We go from containers and network namespace to Pod-to-Pod, Pod-to-Service, and external-client-to-Service networking. </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">01 Mar 2022</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/gke-scaling/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/gke-scaling/cover.jpg" alt="Lessons from Scaling GKE: L4 ILB Tops at 250 Nodes"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/gke-scaling/">Lessons from Scaling GKE: L4 ILB Tops at 250 Nodes</a> </h2> <h4 class="card-text">My team at Cruise operates tens of Kubernetes clusters with 10,000s cores and 100s of TB of RAM. Since migration to GCP, we have hit several interesting scaling issues. One...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">20 Mar 2020</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/k8s-ha/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/k8s-ha/cover.jpg" alt="How to Configure Applications for High Availability in Kubernetes"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/k8s-ha/">How to Configure Applications for High Availability in Kubernetes</a> </h2> <h4 class="card-text">Pods in Kubernetes are the smallest orchestration unit and are ephemeral by definition: Deployment/StatefulSet/DaemonSet/ReplicaSet updates or patches Nodepool downscaling (compaction) or upgrades (cordoned and drained) </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">29 Dec 2019</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/blue-green/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/blue-green/cover.jpg" alt="Service API Changes: Prefer Blue-green Update to Rolling Update"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/blue-green/">Service API Changes: Prefer Blue-green Update to Rolling Update</a> </h2> <h4 class="card-text">Summary To achieve zero-downtime service update, Kubernetes rolling update implies the API must be both forward and backward compatible. Forward compatibility is hard if at all makes sense. Blue-green update...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">24 Mar 2019</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/configmap/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/configmap/cover.jpg" alt="CD Tricks for Kubernetes Deployment + ConfigMap"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/configmap/">CD Tricks for Kubernetes Deployment + ConfigMap</a> </h2> <h4 class="card-text">It is common to extract the application configuration to a separate file as a runtime dependency of the container image that includes the application binary. As a result, the same...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">10 Mar 2019</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/docker_multi_stage/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/docker_multi_stage/cover.png" alt="Docker Multi-stage Build: Fast, Minimal and Secure Images"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/docker_multi_stage/">Docker Multi-stage Build: Fast, Minimal and Secure Images</a> </h2> <h4 class="card-text">Introduced in version v17.05, multi-stage builds feature in Dockerfiles enables you to create smaller container images with better caching and smaller security footprint. Fundamentally, the new syntax allows one to...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">21 Jan 2019</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="section-title col-md-12 mt-4"> <h2 id="operation">Category <span class="text-capitalize">operation</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/shell/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/shell/cover.jpeg" alt="Navigating Shell for Productivity and Profit"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/shell/">Navigating Shell for Productivity and Profit</a> </h2> <h4 class="card-text">I hope you find inspirations from these pretty neat shell tricks and my shell setup. </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">20 Nov 2020</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/k8s-ha/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/k8s-ha/cover.jpg" alt="How to Configure Applications for High Availability in Kubernetes"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/k8s-ha/">How to Configure Applications for High Availability in Kubernetes</a> </h2> <h4 class="card-text">Pods in Kubernetes are the smallest orchestration unit and are ephemeral by definition: Deployment/StatefulSet/DaemonSet/ReplicaSet updates or patches Nodepool downscaling (compaction) or upgrades (cordoned and drained) </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">29 Dec 2019</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/blue-green/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/blue-green/cover.jpg" alt="Service API Changes: Prefer Blue-green Update to Rolling Update"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/blue-green/">Service API Changes: Prefer Blue-green Update to Rolling Update</a> </h2> <h4 class="card-text">Summary To achieve zero-downtime service update, Kubernetes rolling update implies the API must be both forward and backward compatible. Forward compatibility is hard if at all makes sense. Blue-green update...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">24 Mar 2019</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/configmap/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/configmap/cover.jpg" alt="CD Tricks for Kubernetes Deployment + ConfigMap"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/configmap/">CD Tricks for Kubernetes Deployment + ConfigMap</a> </h2> <h4 class="card-text">It is common to extract the application configuration to a separate file as a runtime dependency of the container image that includes the application binary. As a result, the same...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">10 Mar 2019</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="section-title col-md-12 mt-4"> <h2 id="career">Category <span class="text-capitalize">career</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/more-advices/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/more-advices/cover.png" alt="More Career Advices"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/more-advices/">More Career Advices</a> </h2> <h4 class="card-text">Make sure to check out the previous post: Advices I wish I got at the start of my career. </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">06 Dec 2022</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/uncertain/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/uncertain/cover.jpg" alt="Life and Investment Through the Lens of Uncertainty"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/uncertain/">Life and Investment Through the Lens of Uncertainty</a> </h2> <h4 class="card-text">Disclaimer: Opinions are my own. Not investment advice. </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">03 Jan 2021</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/promo/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/promo/cover.jpg" alt="Software Engineering Levels and Promotion"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/promo/">Software Engineering Levels and Promotion</a> </h2> <h4 class="card-text">This post explains the expectation of each engineering level in the most concise and company-agnostic way and reveals the steps towards promotion. </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">31 Aug 2020</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/one-on-one/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/one-on-one/cover-border.jpg" alt="What to Talk about in Effective 1-on-1s"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/one-on-one/">What to Talk about in Effective 1-on-1s</a> </h2> <h4 class="card-text">Unlike in school when we get grades on every assignment and in every course, we get less frequent feedback in professional life, usually once or twice per year, which is...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">21 Jun 2020</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/advices/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/advices/cover.jpeg" alt="Advices I wish I got at the start of my career"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/advices/">Advices I wish I got at the start of my career</a> </h2> <h4 class="card-text">When I was a kid playing chess with my dad, he sometimes would offer me hints on some good moves. I would never make those moves. I would rather make...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">03 Nov 2019</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="section-title col-md-12 mt-4"> <h2 id="go">Category <span class="text-capitalize">go</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/go-opts/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/go-opts/cover.jpg" alt="Parameters with Defaults in Go: Functional Options"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/go-opts/">Parameters with Defaults in Go: Functional Options</a> </h2> <h4 class="card-text">Unlike C++ or Python, Go does not support function parameters with default values if unspecified. Specifically, we want that </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">01 Mar 2020</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="section-title col-md-12 mt-4"> <h2 id="cloud">Category <span class="text-capitalize">cloud</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/kube-proxy-bug/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/kube-proxy-bug/cover2.jpg" alt="Kube-proxy and mysterious DNS timeout"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/kube-proxy-bug/">Kube-proxy and mysterious DNS timeout</a> </h2> <h4 class="card-text">This post reviews how iptables-mode kube-proxy works, why some DNS requests to kube-dns were blackholed, and how to mitigate the issue. </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">12 May 2024</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/scaling-istio/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/scaling-istio/cover.jpg" alt="Scaling Istio"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/scaling-istio/">Scaling Istio</a> </h2> <h4 class="card-text">In a large, busy cluster, how do you scale Istio to address Istio-proxy Container being OOM-Killed and Istiod crashes if too many connected istio-proxies? </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">22 Oct 2023</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/eks-sg/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/eks-sg/cover3.jpeg" alt="Work Around Max Count of Security Group Rules on EKS"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/eks-sg/">Work Around Max Count of Security Group Rules on EKS</a> </h2> <h4 class="card-text">AWS EKS on VPC networks need AWS Security Group Rules (SG) to receipt ingress traffic. But what if you reach the max rules count in your SG? </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">26 Sep 2023</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/source-ip-autoscale/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/source-ip-autoscale/cover2.jpeg" alt="Layer-4 Load Balancer & Zero-downtime Autoscaling and Upgrade"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/source-ip-autoscale/">Layer-4 Load Balancer & Zero-downtime Autoscaling and Upgrade</a> </h2> <h4 class="card-text">Your Kubernetes cluster probably has a shared ingress for north-south traffic, coming from a cloud load balancer and lands on your favorite proxies like Envoy, or Istio gateways, or Nginx....</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">06 Aug 2023</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/gke-scaling/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/gke-scaling/cover.jpg" alt="Lessons from Scaling GKE: L4 ILB Tops at 250 Nodes"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/gke-scaling/">Lessons from Scaling GKE: L4 ILB Tops at 250 Nodes</a> </h2> <h4 class="card-text">My team at Cruise operates tens of Kubernetes clusters with 10,000s cores and 100s of TB of RAM. Since migration to GCP, we have hit several interesting scaling issues. One...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">20 Mar 2020</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="section-title col-md-12 mt-4"> <h2 id="investment">Category <span class="text-capitalize">investment</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/venture-deals/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/venture-deals/cover.jpg" alt="Notes: Venture Deals"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/venture-deals/">Notes: Venture Deals</a> </h2> <h4 class="card-text">Before Fundraise: Allow minimum three to six months to raise money. Have a clean cut from last job to avoid IP disputes. Prepare data site (Certificate of Incorporation, Bylaws, board...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">19 Jan 2024</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/uncertain/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/uncertain/cover.jpg" alt="Life and Investment Through the Lens of Uncertainty"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/uncertain/">Life and Investment Through the Lens of Uncertainty</a> </h2> <h4 class="card-text">Disclaimer: Opinions are my own. Not investment advice. </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">03 Jan 2021</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="section-title col-md-12 mt-4"> <h2 id="startup">Category <span class="text-capitalize">startup</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/lean-startup/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/lean-startup/cover.jpeg" alt="Notes: The Lean Startup"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/lean-startup/">Notes: The Lean Startup</a> </h2> <h4 class="card-text">Careful planning and execution work for general management but not for startups. Perfect execution is futile if you end up building something nobody wants (waste). The real progress for startups...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">21 Jan 2024</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/venture-deals/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/venture-deals/cover.jpg" alt="Notes: Venture Deals"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/venture-deals/">Notes: Venture Deals</a> </h2> <h4 class="card-text">Before Fundraise: Allow minimum three to six months to raise money. Have a clean cut from last job to avoid IP disputes. Prepare data site (Certificate of Incorporation, Bylaws, board...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">19 Jan 2024</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/sales-lessons/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/sales-lessons/cover.png" alt="Enterprise Sales"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/sales-lessons/">Enterprise Sales</a> </h2> <h4 class="card-text">How to do product-led growth and hands-on outbound sales at the same time? </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">01 Jan 2023</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/streamlit-interview/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/streamlit-interview/cover.jpeg" alt="Interviewing Adrien Treuille, Founder CEO of Streamlit"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/streamlit-interview/">Interviewing Adrien Treuille, Founder CEO of Streamlit</a> </h2> <h4 class="card-text">Streamlit, about to raise its Series-C, was acquired by Snowflake for $800M in March 2022. In this conversation with Adrien, we chatted about OSS metrics, licenses, open-core vs freemium vs...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">21 Nov 2022</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/accounting/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/accounting/cover.jpeg" alt="Accounting Advice for Founders"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/accounting/">Accounting Advice for Founders</a> </h2> <h4 class="card-text">Notes derived from a guest lecture by Danny Wallace, Partner at PwC’s Silicon Valley practice. For informational purposes only. Errors and omissions are my own. </h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">05 Aug 2021</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/ip-law/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/ip-law/cover.jpeg" alt="Intellectual Property and Entrepreneurship"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/ip-law/">Intellectual Property and Entrepreneurship</a> </h2> <h4 class="card-text">Notes on Intellectual Property (IP) law for founders and busy professionals. Not legal advice. For informational purposes only. Laws can change, so this article may contain dated information. Always consult...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">06 May 2021</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> <div class="section-title col-md-12 mt-4"> <h2 id="oss">Category <span class="text-capitalize">oss</span></h2> </div> <div class="col-lg-4 col-md-6 mb-30px card-group"> <div class="card h-100"> <div class="maxthumb"> <a href="/streamlit-interview/"> <img class="img-fluid lazyimg" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAMAAAACCAQAAAA3fa6RAAAADklEQVR42mNkAANGCAUAACMAA2w/AMgAAAAASUVORK5CYII=" data-src="/assets/images/streamlit-interview/cover.jpeg" alt="Interviewing Adrien Treuille, Founder CEO of Streamlit"> </a> </div> <div class="card-body"> <h2 class="card-title"> <a class="text-dark" href="/streamlit-interview/">Interviewing Adrien Treuille, Founder CEO of Streamlit</a> </h2> <h4 class="card-text">Streamlit, about to raise its Series-C, was acquired by Snowflake for $800M in March 2022. In this conversation with Adrien, we chatted about OSS metrics, licenses, open-core vs freemium vs...</h4> </div> <div class="card-footer bg-white"> <div class="wrapfooter"> <span class="post-date">21 Nov 2022</span> </span> <div class="clearfix"></div> </div> </div> </div> </div> </div> </div> <div class="alertbar"> <div class="container text-center"> <span><img src="/assets/images/logo.png" alt="Charles Xu" height="32" width="32"> Never miss a <b>story</b> from me, subscribe to my newsletter</span> <form action="https://gmail.us5.list-manage.com/subscribe/post?u=b3d456844a3860642cd584c1b&id=3f0c5c8bcd" method="post" name="mc-embedded-subscribe-form" class="wj-contact-form validate" target="_blank" novalidate> <div class="mc-field-group"> <input type="email" placeholder="Email" name="EMAIL" class="required email" id="mce-EMAIL" autocomplete="on" required> <input type="submit" value="Subscribe" name="subscribe" class="heart"> </div> </form> </div> </div> </div> <div class="jumbotron fortags"> <div class="d-md-flex h-100"> <div class="col-md-4 transpdark align-self-center text-center h-100"> <div class="d-md-flex align-items-center justify-content-center h-100"> <h2 class="d-md-block align-self-center py-1 font-weight-light">Explore <span class="d-none d-md-inline">→</span></h2> </div> </div> <div class="col-md-8 p-5 align-self-center text-center"> <a class="mt-1 mb-1" href="/categories#git">git (3)</a> <a class="mt-1 mb-1" href="/categories#web">web (9)</a> <a class="mt-1 mb-1" href="/categories#microservices">microservices (9)</a> <a class="mt-1 mb-1" href="/categories#distributed-systems">distributed systems (6)</a> <a class="mt-1 mb-1" href="/categories#signal-processing">signal processing (1)</a> <a class="mt-1 mb-1" href="/categories#networking">networking (12)</a> <a class="mt-1 mb-1" href="/categories#istio">istio (4)</a> <a class="mt-1 mb-1" href="/categories#security">security (1)</a> <a class="mt-1 mb-1" href="/categories#docker">docker (2)</a> <a class="mt-1 mb-1" href="/categories#kubernetes">kubernetes (10)</a> <a class="mt-1 mb-1" href="/categories#operation">operation (4)</a> <a class="mt-1 mb-1" href="/categories#career">career (5)</a> <a class="mt-1 mb-1" href="/categories#go">go (1)</a> <a class="mt-1 mb-1" href="/categories#cloud">cloud (5)</a> <a class="mt-1 mb-1" href="/categories#investment">investment (2)</a> <a class="mt-1 mb-1" href="/categories#startup">startup (6)</a> <a class="mt-1 mb-1" href="/categories#oss">oss (1)</a> </div> </div> </div> <footer class="footer"> <div class="container"> <div class="row"> <div class="col-md-6 col-sm-6 text-center text-lg-left" style="margin-bottom: 10px;"> Copyright © 2016-2024 Charles Xu </div> </div> </div> </footer> </div> <script src="/assets/js/popper.min.js"></script> <script src="/assets/js/bootstrap.min.js"></script> <script src="/assets/js/mediumish.js"></script> <script src="/assets/js/lazyload.js"></script> <script src="/assets/js/ie10-viewport-bug-workaround.js"></script> <link href="/assets/css/screen.css" rel="stylesheet"> <link href="/assets/css/main.css" rel="stylesheet"> </body> </html>