Senior Platform Engineer

Seamless switching b/w multiple projects using gcloud configurations

Struggle of switching between multiple GCP projects is actually real. In addition to that, making mistakes like running destrucutive commands in a wrong GCP project is also fairly common. In this article, we will see how we can utilize gcloud configurations to seamlessly switch between GCP projects without going back and forth to the GCP console to fetch the project ids and other info.

[TIL] Vim macros in conjuction with the arglist

Recently I was involved in a housekeeping task where we had to update versions of some dependencies in 80+ services and I came across a pretty cool way to achieve that using Vim idioms. I already use Vim macros a lot on the daily basis but this was my first time I used them in conjuction with the :args and felt it’s worth sharing.

Why DNS primarily uses UDP if it is un-reliable?

When somebody asks what’s the primary difference between TCP and UDP, they often get the following copy-pasta as the answer: UDP is connection-less and unreliable, whereas TCP is connection-oriented and highly-reliable protocol. Services which are required to be highly available should choose TCP over UDP.

Writing a bloom filter in go

Let’s assume you’re assigned a task to implement a feature which will check whether a username is already taken or not. You: Sounds easy. Most probably your first intuitive approach will be to check for username availabilty in your database everytime a new user tries to signup.

Encrypt DNS queries with DNS-over-TLS

In May 2016, IETF proposed a new standard [RFC 7858] for resolving DNS queries. This new protocol defines how to resolve DNS queries over TLS a.k.a DNS-over-TLS. And, why not, ~60% of websites have been already migrated to HTTPS and, nowadays with all major browsers forcing webmasters to adopt to HTTPS, this trend will likely to see unexpected high.

Bastion servers as frontline security for your infrastructure

Disclaimer: This article is in regards with cloud-native infrastructure which means all machines, storage, network ACLs, firewalls, etc are virtually managed and provided by a cloud provider on a shared-responsibility model. As cloud admins we all know that, with ever growing cloud-based infrastructure, it becomes tougher and tougher to reduce administrative access points and ensure protection against unwanted and crooked visitors.