Rust

When building out Agentgateway, we had a desire to introduce an embedded expression language to allow users to write custom logic to be evaluated at runtime. This is tremendously useful for a variety of use cases, such as: Extracting fields to log (request.headers["user-agent"]). Evaluating authorization conditions (jwt.sub == "admin" || request.path == "/public"). Manipulating fields in requests/responses (x-llm-model: 'json(request.body).model'). and so on. This provides a powerful way to allow users to customize behavior without needing custom compile-time extensions, external callouts, or complex YAML-based configuration. ...

As I ramp up coding agent usage, I found myself wanting to share the Rust build cache across multiple copies of the same project (via git worktrees) to avoid multiple-minute cold builds. This was harder than expected, but I was able to get something working. First, the failed attempts Attempt 1: just copy the target directory This seemed like a good idea, but took about 2 minutes which was almost as bad as doing a cold build in the first place. That won't fly. ...

An often overlooked part of the Rust license is that within a year of usage, users are required to make a comparison to their (previously) favorite language. While I am a bit late, I am ready to pay my dues. Given the overabundance of Rust vs X content, I'll try to cover only areas that haven't been discussed to death. Lifetimes and Borrows Did I say I wouldn't cover areas everyone has already talked about? I lied! ...

Over 2 years ago, I started working on some ideas to build better Kubernetes controllers. In this post, I wanted to give a bit of a retrospective on how things have gone since then. Over the years working on Istio and other projects, I observed a number of major issues with controllers: Most code was about error-prone event handling and state reconciliation, rather than business logic. Most tests, in turn, were about the same. This, in turn, made the code extremely complex, brittle, and often incorrect. This complexity lead to user facing compromise: incorrectness and performance issues. You might argue I should just write a better controller that is faster and without bugs. Maybe, but probably not. ...

How Istio tests its networking proxy without Kubernetes, Docker, or root.