infrascribbles Stuff I figured out the hard way
  1. 11. Migrating 50+ TCP Services to Envoy Gateway: The Silent Security Group Gotcha
    | envoy-gateway , kubernetes , gateway-api
  2. 10. Replacing ingress-nginx with Envoy Gateway: Rate Limiting, IP Whitelists, and OAuth2
    | envoy-gateway , kubernetes , gateway-api
  3. 9. Kubernetes CD: Push, Pull, or Progressive — Pick Your Pain
    | kubernetes , cicd , argocd
  4. 8. Serving Private S3 Files with CloudFront Signed URLs
    | aws , cloudfront , s3
  5. 7. Hoop + EKS: Fine-Grained Kubernetes Access via IAM Role Chaining
    | eks , kubernetes , aws
  6. 6. Shared Pod Storage in GKE: Why We Chose NFS Over GCS Fuse
    | gke , kubernetes , gcp
  7. 5. GitOps Self-Service: Managing 50+ Services with GitHub Actions and ArgoCD
    | eks , kubernetes , github-actions
  8. 4. Running 50+ TCP Services on EKS: Working Around NLB Limits
    | statefulset , eks , kubernetes
  9. 3. EFS on a Swarm: Taming Memory Bloat at Scale
    | kubernetes , efs , aws
  10. 2. From $2,500 to $130: Taming Runaway Database Backups
    | rds , backups , aws
  11. 1. Automating CloudFront SSL in AWS China (Where ACM Doesn't Exist)
    | cloudfront , china , aws