A platform engineer with a diverse background of experiences, hands-on building and operating scalable SaaS cloud-native systems for over 15 years as both an IC and leader.
I am passionate about building and operating world-class applications that delight its end users.
Connect with me on:
- Core skills: Linux, Terraform, Docker and containers (Swarm/ECS/K8s), Go (Golang), Python, CI/CD, cloud (AWS/GCP)
- I am a developer, but also very close to infrastructure
- I approach software development with an SRE's mindset -- scalability, fault-tolerance, optimizing spend, monitoring and alerting -- these things, and more, are always part of my thinking
- Sometimes good is better than perfect; I like to ship early and ship often
- Let's go!
- BS in Computer Science, Univ. of Puget Sound ('96)
- Early career — Intel factory automation, Hewlett-Packard, a startup (’96-’11)
- MS in Computer Science, Oregon State Univ. ('01)
- 12 years writing software for fixed wireless networks in US low-income and throughout East Africa, Haiti, The Philippines
- Co-founded an ISP in Kenya (’13-’18)
- 5 Years as Platform Engineer at Specialized Bicycle Components (’18-’23)
- Principal Engineer at Blueboard, a SaaS startup that failed (’23-’24)
- Experience at 4 startups
I have been using Docker containers in production for approximately 7 years. Most of that experience has been with AWS's Elastic Container Service (ECS) product, which was selected over K8s primarily for ease of use and a faster time to production. In that organization, with no/limited DevOps resources, it was the right decision; Kubernetes (or Amazon's Elastic Kubernetes Service, EKS) was simply too much tool, and it was overkill for the businesses needs. That implementation was very bespoke with a Terraform workflow around it.
In addition to ECS, I have built and run my own Docker Swarm clusters, both on bare metal servers and on EC2s in an AWS environment that was 100% Terraformed (by me).
My K8s experience has been on side/personal projects, some of which are published on my GitHub. There are far more similarities between K8s and ECS/Swarm than there are differences. Task defitinitons are basically Services + Deployments, and concepts like volumes, ingress, routes, virtual networks, load balancers, port mappings, resource allocations, replicas, failovers, and so on are all very common. K8s is more sophisticated than ECS, but at the end of the day, the two stacks are very similar. On AWS, there are services, like API Gateway and Paramater Store (for secrets, that can be combined with ECS (or lambdas) in many similar and different ways.
I have over 14 years of experience using AWS and other cloud providers (Heroku, Linode, Rack Space, etc.) and extensive experience with IaC using Terraform. And while I have only ever used GCP for side/personal projects, I am 1,001% confident in my ability to rapidly take up GCP in an enterprise setting. The vast majority of the concepts are the same or very similar.
A lot of this is elementary stuff -- sometimes I use these just to prove out a basic concept or maybe to provide myself a template for future use. Some of the Terraform is more sophisticated.
- Basic Go Things
- gRPC -- gRPC example of a "Hello World" server in Go, with clients in Go and Python
- Terraform Things
- GitHub for doing things with GitHub repos
- s3-static-hosting Very simple web hosting on S3, no https
- s3-remote-state Terraform to create the Terraform backend state on AWS, so meta
- The Docker Swarm section is a series of bespoke Terraform projects I made to create a VPC, subnets, EC2s, ELBs, bootstrap a Docker Swarm cluster, stand up Postgres and MySQL (Serverless) and Elasticache (Redis) instances, as well as SNS for alarms, and more
- aws-alarm-infrastructure
- aws-docker-swarm -- This is the base layer, the others mostly use
outputs
from this - aws-elasticache-redis
- aws-mysql-rds
- aws-postgres-rds
- AWS Guard Duty A truly minimalistic setup of Guard Duty
- Basic Python Things
- Go shared lib -- The Sieve of Sundaram in Python (native) versus it in Python, but with the heavy lifting done in Go (code compiled to a
.so
file)
- Go shared lib -- The Sieve of Sundaram in Python (native) versus it in Python, but with the heavy lifting done in Go (code compiled to a
- Kubernetes Things -- Hello world stuff (I'm finally learning K8s)
- Simple example of how you might use Docker Compose to run a small Fast API server that can reach a Maria DB database
- tickr-rpi-ws281x -- This was a small side project to control a programmable LED light strip using heart rate data from a Wahoo TICKR heart rate monitor -- I never finished this... the Bluetooth to the TICKR part works, IIRC
- Nexus 7 Deployment Script -- Something I did over 10 years ago to speed up deploying a bunch of Google tablets
- Quick Python script to delete old branches
- Sort a 1Password Note from the command line, uses the 1Password CLI
- I made this Python script to read Secure Notes from 1Password and push to GitHub Secrets -- this is very bespoke but is how I once used 1Password Notes as the "source of truth" for env vars which were stored as GitHub secrets (environment, repository or organization) -- this code was originally forked from someone else's project but heavily modified for my needs
- trails.losritchi.es is a tiny SPA (React) I made to help me name my mountain bike rides for Strava, it lives here
- This is cool -- use Python in a GHA step
- Manage Cloudflare records
- Cloudflare maintenance page worker
- Shell script to tag a container with a semvar+sha
- List, Copy, Delete S3 Bucket
- A few things that I made to make copying a Postgres db from Heroku to RDS a little easier
- Produce camelCased JSON from a Go Struct -- I was recently asked in an interview how to do this, I've always referred to this as "JSON Hints", but maybe that's incorrect? (I think that
json.Marshal
was all they were looking for!) - Trick GHA into revealing a secret -- yes, this is possible!
- Example of how you might lint in a GHA -- this example is for Terraform, but could be used to lint Python code with Ruff, etc.
- Full example of the GHA 'context' object
- If you must do a nested ternary in GHA
- Read Secure Notes from 1Password and push to GitHub Secrets (see above) but in a GHA -- this is the way
- I didn't make this, but this is amazing -- a neat search and replace shell hack for use with the Silver Searcher
- Additional other random notes and code snippets that I did not explicitly link to are here