This is Part 1 of a two-part series. Part 2 (coming soon): Connecting to spoke clusters from a controller using multicluster-runtime, driven by ClusterProfile. The Cluster Inventory API (multicluster.x-k8s.io) is driven by SIG-Multicluster and centered on the ClusterProfile resource. It only delivers value when something produces those ClusterProfiles. That something is a cluster manager. Today, t
At the beginning of this series, the problem seemed simple. There were a lot of rocks in the yard. Some were small. Some were large. A few were firmly in what I’ve been calling Engine Block Class. The original idea was straightforward: catalog them, maybe sell a few, and build a small system around the process. Along the way, the project grew. What We Built Across the previous posts, the Backyard
When developers travel, we usually prepare the obvious things. Laptop charger. But there is one dependency that is easy to underestimate until it breaks: mobile internet. A trip to China makes this especially obvious. Not because China is hard to travel in, but because so many basic interactions are mobile-first: navigation, translation, ride-hailing, hotel communication, ticket confirmations, pay
A defaced website is a curious problem. It's loud — anyone visiting the page can see something is wrong. But it's also quiet from a server's perspective: HTTP returns 200, your uptime monitor is happy, your TLS cert hasn't moved, and the CMS logs show a "successful" content update from a legitimate-looking session. The signal is on the rendered page, not in the metrics. I run a site at hi3ris.blue
You just ran a dependency scan and the report shows 133 vulnerabilities. 34 are Critical. 68 are High. The dashboard is red, the backlog is exploding, and every item looks urgent. The engineering team asks the obvious question: where do we start? This is where vulnerability remediation prioritization matters. Without a clear framework, teams either panic and chase the loudest CVE, or they ignore t
We've been there. JSON Schema gets hard to write as soon as your payload is non-trivial. Conditional logic, cross-field rules, business invariants, and at some point we stop writing contracts at all. We go code-first, generate the schema from annotations, and end up with 200 lines very few understand, and error messages referencing paths like #/properties/items/allOf/0/then/Then that map to nothin
Prologue A while ago, I decided to develop a fully accessible main navigation component in React after a fruitless search through third-party component libraries, npm packages and even GitHub repositories. A complex component needs requirements around all aspects of the component, and this article begins the process of defining those requirements. Note: This article is one of a series demonstrat
I have used AI in two very different contexts. First, I used AI to build an OSS project largely by myself. Second, I applied AI to brownfield development inside an organization. In the second case, I did not use AI only for code generation. I used AI across a much wider part of the development process: source code design documents implementation plans test specifications test cases release procedu