The board policy is not a slide — it's a YAML file
The bank's board approves an AI policy. The policy exists as a slide deck nobody reads. The risk team's actual operational policy is what's in the code. Closing that gap is the FREE-AI Rec 14 win.
2026
Blog posts from 2026. ← All posts
Audit logs are the API of record
The audit log isn't a side effect of the system. It's the contract you owe to regulators, customers, and your future self. Treat it as a first-class API — schema, versioning, and SLOs included.
Twelve Go idioms I changed my mind about
Patterns I confidently recommended five years ago that I'd argue against today. The list of "things you used to do in Go that don't pay back anymore."
iter.Seq — the pull iterator pattern in Go 1.23+
Range-over-function landed in Go 1.23. `iter.Seq` lets you write iterators that compose. The patterns that pay back; the ones that don't.
errgroup patterns for parallel agent dispatch
Fan out to N agents; first error cancels the rest; collect successful results. errgroup is the right tool for this; the patterns are concise but worth getting exactly right.
Twelve months of writing in public — what worked, what didn't, what I'd cut
Reflections on a year of consistent technical writing. The post categories that compounded; the ones that didn't; what I'd tell someone starting out.
The recruiter test — what your repo says before the interview
A recruiter spends 90 seconds on your GitHub before deciding to talk to you. What they're looking for; what makes them skip; what signals matter more than the README.
Twelve months of Genie in production — what survived, what we rewrote, what we deleted
An honest retrospective on the open-source Genie project after a year. The patterns that held up; the ones we rebuilt; the code we deleted because it solved problems we didn't actually have.
SPIFFE/SPIRE basics — workload identity at deploy time
Services need identity too, not just users. SPIFFE issues SVIDs (verifiable identity documents) to workloads; SPIRE is the reference issuer. The shape and the first deploy.
mTLS at the proxy — Envoy + SPIRE-issued SVIDs
Pushing mTLS into a service mesh removes it from every individual service. Envoy + SPIRE is the canonical pattern; the implementation has fewer moving parts than the architecture diagrams suggest.
Session anomaly detection — Haversine distance + credential-stuffing density
Two signals do most of the work for detecting compromised sessions: impossible travel between consecutive logins, and credential-stuffing density across an IP range. The Go implementation.
GraphRAG — when a knowledge graph beats vector search
Vector search treats every chunk as independent. GraphRAG models the relationships between entities, communities, and concepts. For corpus-spanning questions ("what's the relationship between X and Y"), graph wins.
BigQuery Knowledge Graph for entity resolution at scale
BigQuery has had a built-in knowledge graph since 2024. For entity resolution across millions of rows — the "is this John Smith the same as that John Smith" problem — it's the cheapest tool I've found.
HyDE — generate a hypothetical answer to improve retrieval
Embedding a question and embedding an answer often produce different vectors. HyDE generates a hypothetical answer to the question, embeds *that*, and retrieves on it. Retrieval quality goes up disproportionately.
Self-RAG and CRAG — when to retrieve, when to skip, when to correct
Naive RAG retrieves on every query. Self-RAG decides whether to retrieve. CRAG decides whether the retrieved content is good enough or needs corrective retrieval. Two papers; both worth implementing.
Multilingual RAG for India — Bhashini hooks and cross-lingual retrieval
An Indian banking deployment needs to handle Hindi, Marathi, Tamil, Bengali, and English in the same retrieval pipeline. Bhashini (the government's language stack) plus cross-lingual embeddings make it tractable.
Agent-to-Agent (A2A) protocol — the spec and the Go client
Anthropic's A2A spec standardises how agents talk to other agents (not just tools). The Go client is small; the conceptual shift is what matters.
Google Cloud's 12 agent design patterns — mapped to real agent implementations
Google publishes a 12-pattern taxonomy for agent design. Most of them have direct corollaries in production code; one or two are best ignored. The mapping I've used.
Saga rollback when half the steps succeeded — the unhappy path that matters most
A saga is fine when every step succeeds. The interesting code is what runs when step 3 of 5 fails and you have to undo 1 and 2 in the right order. The patterns I use.
Cost-aware agent dispatch — when the cheap agent is enough
Not every query needs the production agent. A cost-aware dispatcher decides whether to route to the cheap-and-fast agent or the expensive-and-thorough one. Same UX, dramatically lower bill.
Latency-aware agent dispatch — picking by SLO, not by capability
Two agents can do the same job. One takes 200ms; the other takes 5 seconds. Pick by user-facing SLO, not by which agent is "better." The dispatcher pattern.
The case for boring stack choices in regulated AI
Postgres over the latest vector DB. Go stdlib over the framework du jour. Single binary over Kubernetes operator. The choices that bore reviewers and delight on-call engineers.
Default-to-Prototype as a culture, not just a flag
An agent that doesn't declare a tier defaults to Prototype, not Production. The flag is the code; the culture is what enforces "new code is not production until someone says so."
embed.FS as a deployment unit — config, prompts, UI assets
Go's embed.FS bundles files into the binary at compile time. The pattern collapses what would be a multi-artefact deploy into one binary. Three places it pays back daily.
GOMEMLIMIT and the soft GC pacing change every Go service should set
GOMEMLIMIT tells the Go runtime to keep memory below a soft cap by running GC harder when it's close. For containers with hard memory limits, this prevents OOM kills. The setting every Go service in K8s should have.
slog migration — replacing five logging libraries with stdlib
Go 1.21 added structured logging to the stdlib (slog). For a codebase with three or four logging-library generations layered on top of each other, the migration is a productive afternoon.
Running AWS Bedrock and Vertex AI in the same agent stack
An enterprise customer wants you on AWS; the next one wants you on GCP. The provider router pattern that keeps the agent code identical and swaps only the LLM endpoint.
Egress costs — the gotcha that kills cloud-arbitrage plans
Cross-cloud data movement is billed by the GB. The bill is invisible until it isn't. A multi-region or multi-cloud architecture that doesn't model egress costs in design will discover them in production.
Data residency in the Gulf — UAE ADGM/DIFC + Saudi SAMA at Bancnet
An open-banking platform serving UAE and Saudi customers had to honour three overlapping regulators: ADGM (Abu Dhabi), DIFC (Dubai), and SAMA (Saudi central bank). Notes on the architecture that satisfied all three.
GKE for stateful AI workloads — the patterns that survived production
Multi-agent stacks have state: vector indexes, chat histories, agent memory. GKE for AI workloads needs StatefulSets, PVCs, gateway controllers, and the patterns that work in 2026.
Workload Identity Federation Azure → GCP for a real migration
Moving a workload from Azure to GCP while it continues to authenticate against on-prem Azure AD (Entra ID). Federation lets the GCP workload assume a GCP service account based on its Azure identity.
UPI integration — the spec quirks no one mentions
UPI is the most popular payment rail in India. The spec is precise. The implementation guides are not. Notes on the integration details that ate weeks the first time.
KYC under the RBI Master Direction vs Aadhaar offline KYC — the practical differences
Two KYC pathways an Indian fintech has to support. The Master Direction (Video KYC, etc.) and Aadhaar Offline KYC. Different speeds, different evidence requirements, different audit shapes.
Voice AI for two-wheelers — multi-language patterns from the Kinetic India work
A rider asks the bike a question in Marathi, Hindi, or English. The voice stack has to do ASR, intent classification, dispatch to a service tool, generate a response, TTS — all under 3 seconds. Notes from the proof-of-concept.
Brownlow — Cloud KMS + Security Command Center for vote integrity
Vote integrity needed two things the platform team couldn't fake even by accident: signing keys we couldn't access, and continuous security monitoring we couldn't silence. KMS + SCC delivered both.
AIGP body of knowledge — a Go engineer's reading map
IAPP's AI Governance Professional certification covers a body of knowledge worth knowing whether you certify or not. The mapping from BOK to working Go code for the engineer who wants to understand AI governance practically.
Ardan Ultimate AI #24 — A hardened shell tool with RBAC
Giving an LLM a `run_command` tool is convenient and terrifying. The hardened version: allow-listed binaries, argument scrubbing, RBAC per user, audit per invocation.
Ardan Ultimate AI #23 — Direct and indirect prompt injection, plus defenses
The single biggest LLM security risk. The example walks through both forms (direct from user input, indirect via retrieved content) and the layered defenses: system prompt isolation, content classification, output validation, structured tool schemas.
Ardan Ultimate AI #22 — Cascading model router (cheap first, expensive on miss)
Most queries are simple. A cascading router tries a small/fast/cheap model first; if confidence is low or the task is hard, it escalates to a larger one. Costs collapse without hurting quality.
Ardan Ultimate AI #21 — Adaptive retrieval (decide whether to RAG at all)
Not every question needs retrieval. A classifier gates RAG: chat or general knowledge questions skip it; factual or document-grounded questions trigger it. Saves latency and tokens on the simple half of queries.
Ardan Ultimate AI #20 — Embedding-based semantic cache
Exact-match caching misses paraphrases. "What is the refund policy?" and "How do refunds work?" should both hit the same cached answer. Semantic cache embeds queries and matches by similarity.
Ardan Ultimate AI #19 — Speculative decoding with a draft model
Run a small draft model to predict several tokens at once; verify them in a single pass with the large model. Latency drops without quality dropping. The technique production LLM serving uses but most application engineers don't see.
Ardan Ultimate AI #18 — Incremental message caching (IMC) for chat
A long chat reprocesses the entire history on every turn. Prefix caching lets the LLM serve the cached KV-cache prefix from the previous turn and only compute the new suffix. Massive latency win on long conversations.
Ardan Ultimate AI #17 — Building an agent over an MCP server
Model Context Protocol standardises tool calling across LLMs. The example builds both sides: an MCP server exposing tools, and an agent that calls them. Works the same against any MCP-compatible LLM.
Ardan Ultimate AI #16 — Tool hardening: panic recovery and per-tool timeouts
A panicking tool kills the agent loop. A slow tool blocks the loop forever. The example shows the boring-but-essential wrappers: recover, deadlines, structured errors.
Ardan Ultimate AI #15 — A read-only NL→SQL tool
Give an LLM a SQL tool, watch it write delete statements. The read-only version: parse the generated SQL, refuse anything that isn't SELECT, validate against an allow-listed schema, run with a strict timeout.
Ardan Ultimate AI #14 — A streaming agent with a reasoning panel
Stream the agent's reasoning and tool calls to the UI as they happen. The user sees "thinking about X, calling tool Y, got result Z, now answering..." — dramatically better UX than waiting for the final answer.
Ardan Ultimate AI #13 — A minimal multi-tool agent loop
The smallest possible multi-tool agent. The loop is 30 lines of Go and shows exactly what an "agent" is — there's no magic, just a structured back-and-forth between the LLM and a set of tools until the model says stop.
Ardan Ultimate AI #12 — Two-phase tool calling explained
The tool-calling dance: the LLM emits a structured tool call → application runs the tool → application appends the result → the LLM uses it in the next turn. Two phases. Everything else is detail.
Ardan Ultimate AI #11 — RAG performance: parallel and batched embeddings, response cache
A simple RAG pipeline embeds documents one at a time. The performant version batches the embeddings, parallelises the chunks, and caches the responses. Throughput goes up 5-10×.
Ardan Ultimate AI #10 — Interactive RAG REPL end-to-end
Tie all the RAG pieces together into one interactive REPL. Type a question, see the retrieval, see the answer, ask follow-ups. The shape of every "chat with your docs" demo.
Ardan Ultimate AI #09 — Debugging retrieval in isolation (K and threshold)
When RAG gives wrong answers, the problem is usually retrieval, not the LLM. The example isolates the retrieval step so you can see exactly what chunks come back for a given query, with what scores, and tune K and the similarity threshold accordingly.
Ardan Ultimate AI #08 — End-to-end RAG pipeline over a Go notebook
Ingest → embed → store → retrieve → answer. The full pipeline applied to Bill Kennedy's Go notebook. The result: a system that answers "how do channels work?" with quotes from the source material.
Ardan Ultimate AI #07 — Ingesting a Go notebook into pgvector
The ingestion step that turns a corpus into a vector database. Chunk the source, embed each chunk, store with metadata. The pre-work without which RAG is impossible.
Ardan Ultimate AI #06 — pgvector nearest-neighbour search
pgvector adds vector similarity to Postgres. The example shows the schema, the indexes, the query, and what an ANN index buys you over a brute-force scan.
Ardan Ultimate AI #05 — The same question with and without RAG
Side-by-side comparison: ask the LLM a domain question with no context, then ask with retrieved context. The without-RAG answer is plausible nonsense. The with-RAG answer is correct. The example that motivates everything else in the course.
Ardan Ultimate AI #04 — Streaming chat completions via SSE
Token-by-token streaming over Server-Sent Events. The Go HTTP handler is short; the UX win is huge. The pattern every chat app needs.
Ardan Ultimate AI #03 — Context injection into a prompt
Before RAG and tools, the original way to give an LLM extra information was to inject it into the prompt. The example shows the right way to format injected context and what the LLM does (and doesn't) pay attention to.
Ardan Ultimate AI #02 — LLM-generated embeddings
Hand-crafting vectors stops scaling at about 10 dimensions. LLM-generated embeddings give you a 1024-dim vector that captures semantic meaning. The example shows how to generate them and what they're good for.
Ardan Ultimate AI #01 — Hand-crafted vectors and cosine similarity
The foundation. Build vectors by hand for a few words, compute cosine similarity, see why "cat" and "dog" come out closer than "cat" and "car." Demystifies everything that comes after.
JWT in 150 lines of Go — the case against the library
HS256 JWT issue + verify + audience check + expiry in pure stdlib. Why pulling a third-party JWT library is the wrong call for security-critical code.
HS256 vs RS256 — pick the wrong one and explain why
Symmetric vs asymmetric JWT signing. The choice changes what fails when a key leaks, who can verify, and how rotation works.
OAuth 2.1 + PKCE for a single-page app
PKCE is the load-bearing mitigation against authorization-code interception. The Go implementation is short; the parts every SPA gets wrong are documented here.
OAuth Device Flow (RFC 8628) — for voice assistants, kiosks, smart TVs
The flow where the device has no browser. User authenticates on their phone; the device polls until they're done. Implementation patterns in Go from the Genie reference.
WebAuthn passkeys in Go with crypto/ed25519
Passkeys are FIDO2; FIDO2 is the spec; Ed25519 is the signature algorithm. The full registration + assertion flow in 200 lines of stdlib Go.
RFC 8693 token exchange — the nurse Alice scenario
Dual-identity tokens for the agent → MCP server → upstream API chain. Subject stays the user; Actor identifies the agent acting on the user's behalf. Walked through with a worked clinical example.
SAML 2.0 verifier in Go — XML signing without losing your mind
Many banks have a SAML IdP they want you to federate against. The verify path is the boring-but-load-bearing piece. Notes on the stdlib-mostly Go implementation.
Double-entry ledger invariants — building a P2P lending platform that never loses money
5K+ loans per month. Three credit bureaus. Multiple payment gateways. The thing that has to be right is the ledger. Notes on what invariants the database enforces vs what the application enforces.
P2P lending — KYC/AML, three credit bureaus, and the maker-checker RBAC governance that kept fraud rates low
Borrower onboarding is the most fraud-prone moment in a P2P platform. The shape that worked: deterministic KYC, parallel bureau pulls with fallback, real-time fraud signals, and a maker-checker approval for every disbursement.
Brownlow — zero-trust voting on Cloud Run during live AFL broadcasts
100K+ votes, 10K+ concurrent users during a live AFL Brownlow Medal broadcast. The architecture: Go on Cloud Run, GraphQL + gRPC behind a CDN, vote integrity through Cloud KMS + Security Command Center. Notes on what makes a live-broadcast load shape unusual.
Speaking at Google Cloud Next 2022 — the monolith-to-microservices talk
30 minutes on stage. The talk title looked tactical; the talk underneath was about why most microservices migrations fail and how to set up the one that doesn't.
Google Summer of Code mentor 2019-2026 — what I learned guiding 10+ students through open-source projects
Seven cycles. Ten-plus students. Most shipped, a few didn't, all of them taught me something about engineering culture. Notes on what works for mentors and what works for students.
Gocloud — designing a unified API library for AWS, GCP, and Azure
What it actually takes to build a unified cloud API library — and why "write once, run anywhere" still doesn't quite work, even for the patterns where it almost does.
Mapping a multi-agent platform to the GCP PCSE blueprint
Every Professional Cloud Security Engineer exam bullet, mapped to a file path in an RBI FREE-AI aligned Go platform. Where the implementation matches, where the analog substitutes, and where the honest gaps are.
Defence in depth for agentic AI — the eleven-layer envelope
The mental model that says no two adjacent layers share a single point of failure for the same class of attack. From TLS to OTel, the eleven layers a customer request crosses before an answer comes back.
Consolidated security deep-dive — RBAC, RLS, token exchange, encryption, audit
The long-form security narrative for a multi-agent financial assistant — authentication, authorisation, tenant isolation, dual-identity audit, envelope encryption, hash-chained logs, governance, red team, BCP.
AI governance — from credential to codebase
Board policy as a YAML file the risk team owns. Annexure VI as a database query. Every governance recommendation rendered as a file path in a Go repository.
Agentic security in production — the operations playbook
Twelve months of running multi-agent AI in a regulated context. SLIs that matter, the incident runbook, drift detection, continuous adversarial testing, secret rotation, compliance posture as code.
Annexure VI as a query
The RBI FREE-AI incident reporting form, expressed as a Go struct and a Postgres table. Every entry is an auto-generated artefact from the runtime — not a form an operator fills in retrospectively.
RBI FREE-AI implementation notes — 26 recommendations to file paths
Every one of the 26 RBI FREE-AI recommendations, mapped to a specific file in a working multi-agent platform. What's ✅ done, what's 🟡 partial, what's ⚪ honest gap.
Why Go for production agentic AI
Stdlib over libraries, single binary over framework, fail-closed defaults over forgiveness. The boring-on-purpose case for choosing Go to ship a multi-agent system into a regulated environment.
BCP for AI — forced-failure drills
Fallback agents plus a CI step that replaces the primary agent with one that always errors. If the fallback doesn't produce a usable answer, the PR can't merge.
Sovereign AI is a policy, not a slide
Classification → provider allowlist. A pii-classified message can only reach a provider whose region is in the allowlist for pii. Sovereignty as a runtime gate, not a checkbox.
NPCI rail routing with human-in-the-loop
UPI, IMPS, NEFT, RTGS — which rail to use depends on amount, urgency, window, success-rate history. A deterministic chooser with a HITL gate above ₹2 lakh.
Policy as code, without the risk team having to ship code
A tiny CEL-style DSL plus a board-approved YAML file. The risk team adds a governance rule by editing a config file; engineering ships the rule by restarting the service.
Deterministic KYC, the LLM just talks
PAN check-digit validation, Aadhaar offline KYC, DigiLocker, PEP/sanctions — all in Go code, not in a prompt. The LLM's job is to translate the verdict into something a human can read.
Production agentic AI on Kubernetes — Ch 9 patterns vs reality
Field notes from running multi-agent AI on K8s. The patterns the book recommends, the ones that survived contact with production, and the ones that broke in interesting ways.
Agentic architecture on MARA — the seven load-bearing pieces
Microsoft's Multi-Agent Reference Architecture in Go. Protocol, registry, bus, governance, orchestration, observability, evaluation — and how the seven hold each other up.
Ardan Ultimate AI #33 — A Go-powered Jupyter notebook tutorial (GoMLX + GoNB)
The course wrap-up: a Jupyter notebook driven by Go, using GoMLX for tensor ops and GoNB as the kernel. Showed me how to do exploratory Go AI work in the same shape data scientists already use.
Ardan Ultimate AI #32 — Embedded React chat over RAG (Go backend + bundled UI)
A complete chat application: Go backend with RAG, React frontend, single binary. Showed me how to ship a full-stack AI demo without a separate frontend deployment.
Ardan Ultimate AI #31 — A coding agent with file tools
Cursor / Claude Code in 600 lines of Go. The agent has read/write/search tools over a project directory and a loop that lets it iterate on its own work.
Ardan Ultimate AI #30 — PDF extraction with Docling + LLM
PDFs are the format that breaks every RAG pipeline. Docling is the IBM-research extractor that handles layout, tables, and figures. The example wires Docling + LLM to make PDFs usable.
Ardan Ultimate AI #29 — Chat over transcribed video chunks
Transcribe a video, chunk by timestamp, embed each chunk, RAG-style chat over the result. The shape that powers "ask questions about this meeting recording."
Ardan Ultimate AI #28 — Image search via a vision model + pgvector
Generate a text description of an image with a vision LLM, embed the description, store in pgvector. Search becomes "find images that match this query" — works surprisingly well.
Ardan Ultimate AI #27 — Tool-chain escalation budgets and audit
An agent that can call tools to call tools can drift indefinitely. The escalation budget caps depth and cost; the audit trail records every step so you can replay what the agent did.
Ardan Ultimate AI #26 — HTML sanitisation and exfiltration defenses
An LLM that controls the output can embed malicious HTML, exfiltrate data via crafted links, or inject prompt-stealing payloads. Sanitisation is the defense; the example shows what to allow and what to strip.
Ardan Ultimate AI #25 — Poisoned-document attacks on RAG and defenses
A RAG pipeline that ingests user-supplied documents is a prompt-injection vector. An attacker uploads a document with hidden instructions; the LLM retrieves it and follows them. Defense: input filtering, content classification, output verification.
Four orchestration patterns in MAF — and when to pick each
Sequential, Concurrent, Handoff, and Custom WorkflowBuilder. Four shapes the Microsoft Agent Framework ships out of the box. Each one is the right answer to a different question.
The 12-chapter reference architecture, in 102 Python files
Microsoft published a 12-chapter reference architecture for multi-agent systems and a separate framework (MAF) to build them. I implemented one on top of the other and learned what each chapter actually demands in code.
OpenTelemetry and Evaluation in Multi-Agent Workflows — the full production stack — Pratik Dhanave
How to instrument multi-agent systems with OpenTelemetry, propagate trace context across an in-memory bus, and build a layered evaluation pipeline — from real-time policy gates to async LLM-as-judge to SLO-based trust scoring. Everything I learned building Genie.
Running a HIPAA-Aware Multi-Agent Medical AI on GKE: A Field Map
Google's GKE AI infrastructure docs list ~40 integrations. Here's a field map of which ones actually matter when the workload is a HIPAA-aware multi-agent medical AI, and where the gaps sit.
The Right-to-Explanation Handler: GDPR Article 22 as a Go HTTP Endpoint
How a 200-line Go handler turns an audit log and an eval store into a regulator-friendly answer to
Time-bound privileged access — building the PCSE §1.4 PAM analog in Go
Request → N-eyes approve → window-of-time → automatic expiry, with every transition written to a hash-chained audit log. The package that closes Gap #1 from the PCSE map.
HL7 v2 in 2026: Why This 50-Year-Old Protocol Still Drives Healthcare Integration
Why HL7 v2 — a 50-year-old pipe-delimited protocol — still drives most US hospital ADT integrations in 2026, and what a clean Go parser looks like in ~300 lines.
Studying for the AIGP? Here's a Reference Implementation in Go
Studying for the IAPP AI Governance Professional credential? Here's an open-source Go codebase that demonstrates ~70% of the body of knowledge in working code.
"Enough to Reconstruct, Never Enough to Leak": The HIPAA Audit Log Design Problem
Enough to reconstruct, never enough to leak. The audit event schema problem under §164.312(b), and how to solve it without conflating the audit sink with the PHI sink.
The Fallback Is the Contract: Reliability Patterns for Clinical AI
Every LLM-backed agent in this platform has a deterministic rule-based fallback. The case always finalises. The fallback isn't a workaround — it's the contract.
Multi-Agent Systems in 5 Interfaces: A MARA Implementation Field Report
Five interfaces hold the whole platform together. The 30-line orchestrator closure that makes the rest of the architecture testable, auditable, and safe to evolve.
PostgreSQL Row-Level Security Is HIPAA Defense in Depth
PostgreSQL row-level security as HIPAA defence in depth. Why fail-open application filtering isn't enough, and how 'append-only at DB GRANTs' carries more of the §164.312(b) burden than people realise.
The 21st Century Cures Act, Expressed in Go
The 21st Century Cures Act §3060 CDS carve-out criterion 4 expressed as a code-level queue, lossless on reject, with audit-recorded reviewer rationale. Build it once, satisfy GDPR Article 22 for free.
Moving Diagnostic Accuracy 42.9% → 85.7% by Changing Two Files
How a single sprint of specialty-rule work — guided by a benchmark that wasn't afraid to print embarrassing numbers — turned a 'demo respiratory differential' into a five-condition rule-based diagnostic engine.
Building a HIPAA-Aware Medical AI Platform in Go: An Architecture & Compliance Deep Dive
What HIPAA looks like when you express it as Go interfaces — governance policies, append-only audit at DB GRANTs, PHI redaction at the logger seam, and HITL as the §3060 CDS carve-out criterion 4.
The MERGE pattern that cost ten times more than INSERT-then-UPDATE — a ₹100 Cr lesson
What looked like an idiomatic BigQuery MERGE was scanning the full target table on every batch. The fix was syntactic, not architectural — and it was the single biggest contributor to a 57% data-warehouse cost reduction across the Tata Group engagement.
The 57% number — how we cut the Tata Group BigQuery bill in half
₹100 Cr / ~$12M in proven savings across a year-plus engagement. The four levers that did the heavy lifting, the lever I expected to win that didn't, and the post-engagement playbook that became a Searce managed service.
Optimus — a Gemini-powered BigQuery anti-pattern detector that paid for itself in a week
We built a small Go + Python service that parses a project's INFORMATION_SCHEMA, asks Gemini to classify each top-spending query against a catalog of anti-patterns, and recommends a rewrite. It is not a magic box; it is a pipeline that cuts the human review time per query from 20 minutes to 90 seconds.
BigQuery slot reservation transitions — when to commit, when to stay on-demand
Capacity-based slot reservation is the biggest single FinOps lever for predictable batch workloads, but the transition is harder than the math. Notes from sizing reservations across enterprise GCP customers.
BigQuery storage tiering — physical bytes, logical bytes, and the savings hiding in your old partitions
Storage was the second-biggest line item on the Tata BigQuery bill. Long-term storage, physical-vs-logical billing, and column-level retention together took a 6-figure monthly line down to a 5-figure one.
The Spanner Migration Tool — a contributor's reading map
Notes from contributing to Google's open-source Spanner Migration Tool (HarbourBridge). Where to start reading the codebase, where the load-bearing logic lives, and the parts that look simple but aren't.
Primary-key design for Cloud Spanner — preventing write hotspots, 40-60% performance gains
Spanner partitions by primary-key range. A monotonically-increasing PK like a timestamp or UUID-v1 funnels all writes to one server. The fix changes everything from your sequence strategy to your tenant model.
Spanner interleaved tables — when and when not
Interleaving a child table into its parent co-locates the rows for fast joins. It also tightens coupling in ways that bite you on the next schema migration. A practitioner's decision matrix.
CDC for minimal-downtime Spanner migration — Datastream + Pub/Sub + Dataflow
A bulk migration takes hours; the application can't be offline that long. CDC keeps the source and destination in sync while the bulk runs, and a quick cutover swaps traffic. The handoff between bulk and CDC is where most migrations go wrong.
Bloom — Terraform for regulated bank cloud provisioning, SOC 2 and ISO 27001 from day one
Notes from contributing to Bloom — SC Ventures / Standard Chartered's policy-driven secure cloud provisioning platform. Push-to-deploy self-service for bank engineering teams, with the audit controls baked in.
SOC 2 controls as Terraform modules — turning the audit from a project into a daily build
If you encode each SOC 2 control as a Terraform module, the audit becomes a check against module usage rather than a per-resource review. Notes from Bloom and adjacent projects.
airshipit + OpenTelemetry — 30% reduction in manual ops in a multi-vendor OSS project
Notes from integrating OpenTelemetry into airshipit, an open-source bare-metal Kubernetes lifecycle project with contributions from Ericsson, AT&T, Microsoft, and others. The hard part wasn't OTel; it was making distributed traces useful across foreign code.
azure-service-operator — collaborating with Ericsson, AT&T, and Microsoft on a Kubernetes-native Azure controller
The azure-service-operator project lets you declare Azure resources as Kubernetes objects. Notes from the multi-vendor collaboration shape: how decisions got made, what slowed us down, what shipped despite it.
Picnic — cutting API latency 47% by consolidating microservices behind protobuf contracts
The Picnic social platform served 1M+ users across a graph of Go microservices behind a GraphQL gateway. The latency win came from a counter-intuitive move: fewer services, tighter contracts.
Picnic — 80%+ test coverage and Prometheus observability turned days-to-detect into minutes-to-detect
Test coverage and observability are the boring infrastructure that makes the interesting changes safe. Notes on how the Picnic team built both, and the on-call experience they enabled.
Globe — running a 30K+ TPS transaction platform on Kubernetes
The transaction engine had to absorb 30K+ TPS across partner integrations, never lose a transaction, and survive partial failures. The architecture: Go, Kafka, Pub/Sub, Redis, K8s, with idempotency at every layer.
Idempotency at three layers — the pattern that kept the Globe transaction engine honest
A single layer of idempotency will eventually fail. Three independent layers gives you a margin. Here is the pattern that worked across ingest, worker, and emit boundaries.
Error-code orchestration — replacing a giant switch statement with a typed enum across partner adapters
Status-code-based dispatch made every worker grow a longer and longer switch. Normalising every partner-specific error into an enumerated set let the orchestration logic stop changing as new partners landed.
Five MAF orchestration shapes — adding Group Chat and Magentic
The first ten posts treated MAF as having four orchestration patterns. The official docs say five. Here are the two I missed — Group Chat and Magentic — with the API surface, when to pick each, and the test path that catches them at build time.
Lessons from Converting 18 Agents in 90 Days
The patterns that worked, the traps we fell into, and what we'd do differently.
What worked, what was hard, and what we'd do differently. Real numbers: 18 agents, 90 days, 5 governance policies, 4 provider swaps.
Refactor: from rolled-our-own to MAF-native
I built memory, communication, security, governance, and evals from scratch first. Then I deleted most of it and used the official MAF packages. Here
Deployment & A2A: From ADK's Web Deploy to MAF's Scalable Architecture
Running agents on Cloud Run, exposing via A2A, and wiring into production systems.
Cloud Run deployments, agent-to-agent communication, load balancing, and production observability.
Ollama as the default LLM for enterprise-shaped systems
PROVIDER=ollama, granite4.1:3b, zero API keys, no Azure account. How to make a multi-agent project that demonstrates enterprise patterns run end-to-end on a laptop in 90 seconds.
Callbacks and Middleware: Porting ADK Hooks to MAF's Decorator Pattern
How to instrument agents for observability, error handling, and audit logging.
Callbacks to middleware: composable decorators for audit, retry, token enforcement, and OpenTelemetry integration.
Multi-turn evals from first principles
Single-turn evals check one decision. Multi-turn evals check the whole trajectory. Here
Provider Abstraction: From Gemini-Only to Swappable LLMs
How to port ADK's model hard-codes to MAF's provider factory pattern.
Zero-code provider swaps: Ollama (dev), OpenAI (staging), Azure Foundry (prod). Same agents, different models.
Governance with the Agent Governance Toolkit
OWASP Agentic Top 10 coverage with YAML policy files, two API surfaces (one-line wrapper and programmatic evaluator), and a metric bridge that shows policy denials in Grafana.
Tool Wrapping: From ADK Functions to MAF Governed Tools
How to port tools, add policy enforcement, and integrate OPA.
From ADK functions to MAF governed tools. Adding policy enforcement, DLP, approval gates, and OPA integration.
Observability for multi-agent: traces and metrics
OpenTelemetry through MAF
Token Exchange Patterns: Porting Multi-Turn State from ADK to MAF
How conversation threads replace session state; how to track token usage across agent chains.
Sessions to threads: porting multi-turn state from ADK to MAF. Token budgeting, long-term memory, and conversation audit trails.
A2A: when the workflow IS the broker
The reference architecture distinguishes request-based and message-driven agent communication. For in-process orchestration, MAF
The Executor Pattern: ADK→MAF Conversion for Agentic Control Flow
How to port ADK's orchestration callbacks to MAF builders without losing control.
How to port ADK's orchestration callbacks to MAF builders without losing control. The executor pattern: you own the loop.
Memory done right with MAF
AgentSession is short-term memory. MemoryContextProvider + MemoryFileStore is long-term memory. Mem0 is long-term memory when you want it hosted. Here
Why We Migrated from Google ADK to Microsoft MARA
The philosophy, trade-offs, and what we learned converting 18+ agents in 3 months.
The philosophy, trade-offs, and what we learned converting 18+ agents in 3 months. Provider abstraction as the foundation for portable agents.
Agent registry as a project-local convention
The Microsoft Agent Framework deliberately does not ship an agent registry. Here