Many GKE clusters are left exposed for management access from the internet. Public access to the control plane leaves the cluster exposed to various potential attacks and zero day exploits. It’s industry best practice to rely on layered security where attackers have to bypass controls on multiple levels before gaining access.

In this article you’ll learn:

  • How public clusters are exposed to attackers
  • Set-up private cluster with additional access controls
  • Create a bastion host with Identity aware proxy (IAP) for a secure access

Google Kubernetes Engine (GKE) offers three modes of operation to choose from during the set-up:

  • Public endpoint…


In this series, I’ll be sharing my take on developing multi-platform applications using SwiftUI and Google Firebase. I’ll go over the process of creating a note-taking app. The final result this series is building towards is available on Github.

Once while browsing wild waters of internet I stumbled upon an article about an innovative system of taking notes called the Zettelkasten Method. In short, Zettelkasten is a knowledge management method. Notes form a tree structure where every new note expands information from its parent, creating clusters of information with similar topic. This all seems like something that a person with…


This is the second part of writing Javascript evaluator series. I’m going to talk about my project developing Javascript evaluator in Rust. This post is going to briefly introduce Parsing that’s build on top of the results from Lexer in the first post. Then I will cover elements of evaluation of abstract syntax tree (AST).

I would like to thank Jason Williams, since my parser is inspired by Boa parser. And looking at similar project in Rust definitely helped me a lot to recognize problems that I’m going to face.

Parsing

My parser is build on top of the result from…


This is a first part of series on writing Javascript evaluator. Part 2 is already available.In this post I will describe my latest findings from writing my own Javascript lexer in Rust-lang. I will start by briefly describing what lexing is. Then, I will continue explaining how to implement state machines in Rust-lang. Next, I talk about how to use state machines for Javascript lexing. Last but not least, I cover further performance optimizations of my lexer.

I would like to thank Sean Barret for his blog post explaining lexing of C using state machines.

Lexing

Compilation of source code usually…


I decided to write this post, because I enjoyed our last lecture on Computer System Performance given by Pinar Tözün at ITU. We covered many interesting topic on how CPUs can affect performance and how to optimize applications for performance. I want to summarize what I’ve learned and describe what effects can CPU have on program execution.

I start by showing simple Subscalar CPU. Then I continue showing how we can improve performance of Subscalar CPU by using Instruction pipelining. Then I cover essentials of branch prediction which is closely connected with Instruction pipelining. Next, I describe how in some…

Peter Hrvola

IT Engineer and Cloud Architect ☁️

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store