Infrastructure

Originally posted as a thread on X. I’m building an agentic harness modeled on Elm’s architecture: a strict functional pipeline where untrusted agent code runs in total isolation. Containers felt like the natural security boundary. Apple’s open-source container tool seemed like the ideal foundation. Building and running containers is dead simple (container build . -t my-image, container run -it my-image), but I still spent a chunk of my weekend (re-)discovering what breaks when you try to get graphical output across a real VM boundary on macOS. ...

Request Routing in the scheduler/container world is an ongoing challenge, with a lot of different and competing solutions that tries to provide a solution. Some solutions are built on top of others, some only support specific schedulers, some operate only at the L7 layer, which doesn’t make things easy for Platform Engineers when it comes to adopting a specific solution. Building and operating Nomad/Consul clusters with the Platform Engineering Team at <<work>> has been an interesting problem to solve. We explored a few different solutions, and as we evolve in a highly-regulated world (we must implement HIPAA, SOC2 Type II, and HiTrust), solutions that weren’t providing basic security (TLS everywhere, poor auditing, etc.) haven’t been considered. ...

I build products regularly, most of them don’t survive their prototype phases. In 2018, I built: a (fast) FaaS with v8 and mruby a cryptocurrency exchange prototype a programmable cryptocurrency trading platform some more stealth projects… (As an aside, my Open Source work isn’t included in this list as I considered it as a “horizontal” supporting these projects, but I’m more and more seduced by the idea of Open Source as a lifestyle business way of living, which I will try to explore in 2019.) I often go as far as setting up Stripe integrations to get the pricing plans in there, but I felt it was too tedious to: Create an account for that new prototype Set up the prices in a spreadsheet, and reflect them there Keeping them aligned with my app’s code and Stripe So in order to automate Stripe’s setup I created a Terraform provider for Stripe. Billing as Code is great! ...

Having spent a lot of time working with the Hashicorp stack lately, I have been working a lot with the HashiCorp stack lately, mostly with Consul, Nomad, and soon Vault. Even if I was more used to operating Kubernetes, I really appreciate the simplicity and focus that HashiCorp builds into its products. I also spend a lot of time in the console (mix of tmux, vim – or Visual Studio Code when pairing with people – and other CLI tools), so I wanted to find a tool that would keep me in the shell, and I eventually released it. Today, I’d like to introduce you to Trek. ...