Michael Levan π¨π»βπ»βοΈ
@mikelevan.bsky.social
Building High-Performing Agentic and Kubernetes Environments | AI Architect @Solo.io | CNCF Ambassador | Microsoft MVP (Azure) | AWS Community Builder | Published Author & International Public Speaker
Pinned
Three trends I saw at KubeCon:
β WASM
β Platform Engineering
β Security
A thread π§΅
#kubernetes #devops #platformengineering
β WASM
β Platform Engineering
β Security
A thread π§΅
#kubernetes #devops #platformengineering
π€¨ All AI traffic is context-aware.
It's stateful.
Context-aware networking is the new norm in AI workloads, which means we need to implement workflows for long-term and short-term memory.
It's stateful.
Context-aware networking is the new norm in AI workloads, which means we need to implement workflows for long-term and short-term memory.
December 20, 2025 at 2:50 PM
π€¨ All AI traffic is context-aware.
It's stateful.
Context-aware networking is the new norm in AI workloads, which means we need to implement workflows for long-term and short-term memory.
It's stateful.
Context-aware networking is the new norm in AI workloads, which means we need to implement workflows for long-term and short-term memory.
Fine-tuning a Model could take A LOT of resources
Example: Llama has 7 billion parameters and 2-7B weight matrices.
That's where LoRA/PEFT come into play.
Instead of having to update/train every part of the Model, it adds the new training layer on top of what already exists.
Example: Llama has 7 billion parameters and 2-7B weight matrices.
That's where LoRA/PEFT come into play.
Instead of having to update/train every part of the Model, it adds the new training layer on top of what already exists.
November 22, 2025 at 3:50 PM
Fine-tuning a Model could take A LOT of resources
Example: Llama has 7 billion parameters and 2-7B weight matrices.
That's where LoRA/PEFT come into play.
Instead of having to update/train every part of the Model, it adds the new training layer on top of what already exists.
Example: Llama has 7 billion parameters and 2-7B weight matrices.
That's where LoRA/PEFT come into play.
Instead of having to update/train every part of the Model, it adds the new training layer on top of what already exists.
Inference in AI breakdown (and a need-to-know) π
β Inference == Make a prediction on unseen/new data.
β Inference Routing == the infrastructure layer.
#kubernetes #agenticai #LLMs
β Inference == Make a prediction on unseen/new data.
β Inference Routing == the infrastructure layer.
#kubernetes #agenticai #LLMs
November 16, 2025 at 3:20 PM
Inference in AI breakdown (and a need-to-know) π
β Inference == Make a prediction on unseen/new data.
β Inference Routing == the infrastructure layer.
#kubernetes #agenticai #LLMs
β Inference == Make a prediction on unseen/new data.
β Inference Routing == the infrastructure layer.
#kubernetes #agenticai #LLMs
Consolidating 15 years of software engineering, cyber security, DevOps, and cloud into bite-sized bits π
Posting daily as I'm working.
Sharing tips and tricks as I go
michaellevan.substack.com
Posting daily as I'm working.
Sharing tips and tricks as I go
michaellevan.substack.com
Michael Levan | Substack
Consolidating 15 years of software engineering, cyber security, DevOps, and cloud into bitesized bits. Click to read Michael Levan, a Substack publication. Launched a day ago.
michaellevan.substack.com
May 11, 2025 at 5:51 PM
Consolidating 15 years of software engineering, cyber security, DevOps, and cloud into bite-sized bits π
Posting daily as I'm working.
Sharing tips and tricks as I go
michaellevan.substack.com
Posting daily as I'm working.
Sharing tips and tricks as I go
michaellevan.substack.com
Security is actually pretty simple:
1. Ensure that the data is secure
2. Ensure that any third-party libraries/packages you're using in your code are secure
Well... since that's 100% of security, I guess security isn't all that simple lol
1. Ensure that the data is secure
2. Ensure that any third-party libraries/packages you're using in your code are secure
Well... since that's 100% of security, I guess security isn't all that simple lol
May 6, 2025 at 5:03 PM
Security is actually pretty simple:
1. Ensure that the data is secure
2. Ensure that any third-party libraries/packages you're using in your code are secure
Well... since that's 100% of security, I guess security isn't all that simple lol
1. Ensure that the data is secure
2. Ensure that any third-party libraries/packages you're using in your code are secure
Well... since that's 100% of security, I guess security isn't all that simple lol
Ohhh, I have to hear more. I have a finished basement that I haven't done anything with since I bought my house and I've been thinking of doing this exact same thing.
May 6, 2025 at 1:39 PM
Ohhh, I have to hear more. I have a finished basement that I haven't done anything with since I bought my house and I've been thinking of doing this exact same thing.
1. Continuous monitoring of networks.
2. Tie specific malicious behavior to an IP address to see where it originated.
Both of these really fall under the vulnerability assessment category.
2. Tie specific malicious behavior to an IP address to see where it originated.
Both of these really fall under the vulnerability assessment category.
May 6, 2025 at 1:03 PM
1. Continuous monitoring of networks.
2. Tie specific malicious behavior to an IP address to see where it originated.
Both of these really fall under the vulnerability assessment category.
2. Tie specific malicious behavior to an IP address to see where it originated.
Both of these really fall under the vulnerability assessment category.
One of the biggest pieces to remember with CDR is how data is being traversed and who has access to what.
Network Detection and Response (NDR) provides two primary capabilities:
Network Detection and Response (NDR) provides two primary capabilities:
May 6, 2025 at 1:03 PM
One of the biggest pieces to remember with CDR is how data is being traversed and who has access to what.
Network Detection and Response (NDR) provides two primary capabilities:
Network Detection and Response (NDR) provides two primary capabilities:
This could be larger cloud-based environments like Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS), or smaller clouds like Vultr and Digital Ocean (DO).
The primary goal of a CDR is to have a deep understanding of the environment.
(cont)
The primary goal of a CDR is to have a deep understanding of the environment.
(cont)
May 6, 2025 at 1:02 PM
This could be larger cloud-based environments like Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS), or smaller clouds like Vultr and Digital Ocean (DO).
The primary goal of a CDR is to have a deep understanding of the environment.
(cont)
The primary goal of a CDR is to have a deep understanding of the environment.
(cont)
Cloud Detection Response (CDR) and Network Detection Response (NDR) π
Cloud Detection and Response (CDR) focuses purely on cloud environments.
(cont)
#kubernetes #devops #platformengineering
Cloud Detection and Response (CDR) focuses purely on cloud environments.
(cont)
#kubernetes #devops #platformengineering
May 6, 2025 at 1:02 PM
Cloud Detection Response (CDR) and Network Detection Response (NDR) π
Cloud Detection and Response (CDR) focuses purely on cloud environments.
(cont)
#kubernetes #devops #platformengineering
Cloud Detection and Response (CDR) focuses purely on cloud environments.
(cont)
#kubernetes #devops #platformengineering
That means the apps/tools you're running locally to reach the k8s Service won't be able to reach it either.
May 1, 2025 at 1:39 PM
That means the apps/tools you're running locally to reach the k8s Service won't be able to reach it either.
That means if you're trying to access the resource locally (for example, connecting to the DB running in k8s), you have to do it from your local terminal.
If you try it from a cloud shell or something that isn't local, you won't be able to hit it via localhost.
(cont)
If you try it from a cloud shell or something that isn't local, you won't be able to hit it via localhost.
(cont)
May 1, 2025 at 1:39 PM
That means if you're trying to access the resource locally (for example, connecting to the DB running in k8s), you have to do it from your local terminal.
If you try it from a cloud shell or something that isn't local, you won't be able to hit it via localhost.
(cont)
If you try it from a cloud shell or something that isn't local, you won't be able to hit it via localhost.
(cont)
An important reminder when using `port-forward` with Kubernetes.
If you run something like `kubectl port-forward svc/service_name portnumber:port:number`
You're bringing the traffic from the Kubernetes to your local computer.
(cont)
#kubernetes #devops #platformengineering
If you run something like `kubectl port-forward svc/service_name portnumber:port:number`
You're bringing the traffic from the Kubernetes to your local computer.
(cont)
#kubernetes #devops #platformengineering
May 1, 2025 at 1:38 PM
An important reminder when using `port-forward` with Kubernetes.
If you run something like `kubectl port-forward svc/service_name portnumber:port:number`
You're bringing the traffic from the Kubernetes to your local computer.
(cont)
#kubernetes #devops #platformengineering
If you run something like `kubectl port-forward svc/service_name portnumber:port:number`
You're bringing the traffic from the Kubernetes to your local computer.
(cont)
#kubernetes #devops #platformengineering
I updated KoaPerf to include:
1. AWS Support! You can get recommendations for containerized apps running in AWS now.
2. A better UI (more visually appealing)
Check it out at the link below π
koaperf-apeseqd2cehnhjgh.z03.azurefd.net
#kubernetes #devops #platformengineering
1. AWS Support! You can get recommendations for containerized apps running in AWS now.
2. A better UI (more visually appealing)
Check it out at the link below π
koaperf-apeseqd2cehnhjgh.z03.azurefd.net
#kubernetes #devops #platformengineering
April 27, 2025 at 5:46 PM
I updated KoaPerf to include:
1. AWS Support! You can get recommendations for containerized apps running in AWS now.
2. A better UI (more visually appealing)
Check it out at the link below π
koaperf-apeseqd2cehnhjgh.z03.azurefd.net
#kubernetes #devops #platformengineering
1. AWS Support! You can get recommendations for containerized apps running in AWS now.
2. A better UI (more visually appealing)
Check it out at the link below π
koaperf-apeseqd2cehnhjgh.z03.azurefd.net
#kubernetes #devops #platformengineering
Here are a few tips when thinking about what platforms to use, how to use them, and what to think about when managing them.
April 21, 2025 at 7:42 PM
Here are a few tips when thinking about what platforms to use, how to use them, and what to think about when managing them.
For any organization, big or small.
Enterprise or startup.
Figuring out the workflow of how environments should be deployed, managed, and most importantly, what should be deployed and managed is the make or break.
(cont)
#kubernetes #devops #platformengineering
Enterprise or startup.
Figuring out the workflow of how environments should be deployed, managed, and most importantly, what should be deployed and managed is the make or break.
(cont)
#kubernetes #devops #platformengineering
April 21, 2025 at 7:42 PM
For any organization, big or small.
Enterprise or startup.
Figuring out the workflow of how environments should be deployed, managed, and most importantly, what should be deployed and managed is the make or break.
(cont)
#kubernetes #devops #platformengineering
Enterprise or startup.
Figuring out the workflow of how environments should be deployed, managed, and most importantly, what should be deployed and managed is the make or break.
(cont)
#kubernetes #devops #platformengineering
And the goal is to add AWS EKS and AWS ECS.
KoaPerf is a scanner that tells you based on performance, cost, and resource needs where you should deploy a containerized workload.
KoaPerf is a scanner that tells you based on performance, cost, and resource needs where you should deploy a containerized workload.
April 20, 2025 at 7:23 PM
And the goal is to add AWS EKS and AWS ECS.
KoaPerf is a scanner that tells you based on performance, cost, and resource needs where you should deploy a containerized workload.
KoaPerf is a scanner that tells you based on performance, cost, and resource needs where you should deploy a containerized workload.
The current recommendations it gives you are between:
β Azure Kubernetes Service (AKS)
β Azure Container Apps (ACA)
β Azure Container Instance (ACI)
β Azure Kubernetes Service (AKS)
β Azure Container Apps (ACA)
β Azure Container Instance (ACI)
April 20, 2025 at 7:23 PM
The current recommendations it gives you are between:
β Azure Kubernetes Service (AKS)
β Azure Container Apps (ACA)
β Azure Container Instance (ACI)
β Azure Kubernetes Service (AKS)
β Azure Container Apps (ACA)
β Azure Container Instance (ACI)
Instead of scanning a Kubernetes Manifest to tell you the best place to deploy, it'll read a description that you add in or an architecture doc you upload.
April 20, 2025 at 7:23 PM
Instead of scanning a Kubernetes Manifest to tell you the best place to deploy, it'll read a description that you add in or an architecture doc you upload.
I built a free tool to tell you the best place to deploy containerized workloads.
koaperf-apeseqd2cehnhjgh.z03.azurefd.net
(cont)
#kubernetes #devops #platformengineering
koaperf-apeseqd2cehnhjgh.z03.azurefd.net
(cont)
#kubernetes #devops #platformengineering
April 20, 2025 at 7:22 PM
I built a free tool to tell you the best place to deploy containerized workloads.
koaperf-apeseqd2cehnhjgh.z03.azurefd.net
(cont)
#kubernetes #devops #platformengineering
koaperf-apeseqd2cehnhjgh.z03.azurefd.net
(cont)
#kubernetes #devops #platformengineering
After planning and deploying a Kubernetes environment, you're left with:
β Performance optimization
β Monitoring and observability
β Upgrades
and a few other specifics that are necessary to ensure k8s is running as expected.
#kubernetes #devops #platformengineering
β Performance optimization
β Monitoring and observability
β Upgrades
and a few other specifics that are necessary to ensure k8s is running as expected.
#kubernetes #devops #platformengineering
April 17, 2025 at 5:03 PM
After planning and deploying a Kubernetes environment, you're left with:
β Performance optimization
β Monitoring and observability
β Upgrades
and a few other specifics that are necessary to ensure k8s is running as expected.
#kubernetes #devops #platformengineering
β Performance optimization
β Monitoring and observability
β Upgrades
and a few other specifics that are necessary to ensure k8s is running as expected.
#kubernetes #devops #platformengineering
However, before using ArgoCD, it has to be deployed to the cluster.
CICD pipelines are still the best way to get workloads and infrastructure initially deployed in an automated fashion.
I break down my thoughts about it in the link below.
buff.ly/3GWl2wy
CICD pipelines are still the best way to get workloads and infrastructure initially deployed in an automated fashion.
I break down my thoughts about it in the link below.
buff.ly/3GWl2wy
Keeping The Lights On: Pipeline Differentiations for CICD
buff.ly
April 16, 2025 at 3:18 PM
However, before using ArgoCD, it has to be deployed to the cluster.
CICD pipelines are still the best way to get workloads and infrastructure initially deployed in an automated fashion.
I break down my thoughts about it in the link below.
buff.ly/3GWl2wy
CICD pipelines are still the best way to get workloads and infrastructure initially deployed in an automated fashion.
I break down my thoughts about it in the link below.
buff.ly/3GWl2wy
The tool needs to be deployed before it can be used.
ArgoCD is a great example of this.
Argo is implemented for workloads in k8s to be deployed automatically based on an interval instead of having to run a bunch of `kubectl apply -f` commands locally or in a pipeline.
(cont)
ArgoCD is a great example of this.
Argo is implemented for workloads in k8s to be deployed automatically based on an interval instead of having to run a bunch of `kubectl apply -f` commands locally or in a pipeline.
(cont)
Keeping The Lights On: Pipeline Differentiations for CICD
buff.ly
April 16, 2025 at 3:18 PM
The tool needs to be deployed before it can be used.
ArgoCD is a great example of this.
Argo is implemented for workloads in k8s to be deployed automatically based on an interval instead of having to run a bunch of `kubectl apply -f` commands locally or in a pipeline.
(cont)
ArgoCD is a great example of this.
Argo is implemented for workloads in k8s to be deployed automatically based on an interval instead of having to run a bunch of `kubectl apply -f` commands locally or in a pipeline.
(cont)
and a few other aspects that are super crucial to implementing EKS (and Kubernetes in general) within any environment.
In this blog post, I break it all down.
buff.ly/WYBXgqU
In this blog post, I break it all down.
buff.ly/WYBXgqU
Optimizing AWS Elastic Kubernetes Service (EKS)
As you develop environments, infrastructure, and orchestration platforms (like k8s), you'll begin to notice that there are several directions to go in. There's a joke that goes something like "line up...
buff.ly
April 15, 2025 at 2:33 PM
and a few other aspects that are super crucial to implementing EKS (and Kubernetes in general) within any environment.
In this blog post, I break it all down.
buff.ly/WYBXgqU
In this blog post, I break it all down.
buff.ly/WYBXgqU
I was recently on a consulting project and the goal was to optimize AWS EKS.
It came down to a few key aspects including:
1. Workload isolation
2. Multi-az
3. Cluster security around multi-tenancy
4. Performance optimization
(cont)
It came down to a few key aspects including:
1. Workload isolation
2. Multi-az
3. Cluster security around multi-tenancy
4. Performance optimization
(cont)
Optimizing AWS Elastic Kubernetes Service (EKS)
As you develop environments, infrastructure, and orchestration platforms (like k8s), you'll begin to notice that there are several directions to go in. There's a joke that goes something like "line up...
buff.ly
April 15, 2025 at 2:33 PM
I was recently on a consulting project and the goal was to optimize AWS EKS.
It came down to a few key aspects including:
1. Workload isolation
2. Multi-az
3. Cluster security around multi-tenancy
4. Performance optimization
(cont)
It came down to a few key aspects including:
1. Workload isolation
2. Multi-az
3. Cluster security around multi-tenancy
4. Performance optimization
(cont)