Recently collaborated with a friend, turns out he uses his $previousCompanyEmail for git email. Then I run `git log` on my friends' public repos, yup more $workEmail and $studentEmail.
This post is an attempt to tell people that it's possible to use different config for personal/work.
Using containers is great, but it's better if you remove shell access to prevent an attacker doing funny stuff with your system. Otherwise you'll be losing both time and money.
Slides from my talk at AgentCon Bangkok. Interop is key, and don't forget to monitor prod π
Ops is easy, if you use platforms that already abstract the hard parts for you. The real fun? A single mistake can bankrupt you. Gotta be smart about your cloud spends.
Slides for National Coding Day 2026@Bangkok, TH. Mostly about why you should refactor, and things that are hard to rectify once they went to production.
Also for those who's curious about AI impact, fret not. As long as AI can't bridge the gap between IT and Finance for FinOps we are safe.
Because you can't call it a day after releasing an agentic product. Gotta plug security holes as well, and because data exfiltration isn't fun.
You can't stop students from using AI. But you can make them think very hard about it, because wrong answers with AI help means you lose more points.
This I like!
great read regarding recent ux on mac os (which I'm not too happy about)
In case you are looking for bedtime stories. Love the illustrations!
- authzed.com/resources/di...
- www.gentlydownthe.stream
- www.cncf.io/phippy/the-c...
ONNX inference on multiple platforms, because I just had to know. These are baseline performance, no optimizations or accelerators.
karnwong.me/posts/2026/0...
Slides from Microsoft Ignite After Party 2025 is up.
TLDR: make your services portable so you don't have to spend too much time on supporting multiple infrastructures. Because some of your workloads might be on-prem, some are on cloud. This way, it's easier to maintain and you get more sleep πͺ
This month there's 2 high severity CVEs. I recommend using github.com/anchore/grype to scan your codebase to check for vulns. You can use it in CI as well.
Terraform CDKTF will sunset. There is pulumi if you still prefer programming languages interface for IaC, but you might need to change some of your workflows.
Alternative is vendor's IaC solution, such as AWS CDK, but if you have to work with stuff outside of AWS perimeter it might be challenging.
I'm also working on multi-platform onnx benchmarks, see at which point it's no longer feasible. There's web, android, iot, pc. Raw data is done, just need to crank out an article.
Recently gave a talk about in-browser ML/LLM inference, if you can get by with small models, and that you don't want to maintain a separate ML inference system (because finding ops who are familiar with python deployment is rare).
Slides here: speakerdeck.com/kahnwong/llm...
Recommend these for markdown linter/formatter
- github.com/rvben/rumdl - for markdown itself
- github.com/hougesen/mdsf - for markdown code blocks
As for pre-commit, github.com/j178/prek. It's backward compatible with pre-commit.
All are written in rust. Fast, that they are π.
Was implementing SMART reading feature for my cli utils app, and found that my server's ssd is on its last legs. Replaced the ssd and use the old one for a temp mountpoint. 2 weeks later it suddently disconnected, and `sudo blkid` hangs. I think I dodged a bullet there.
Recently gave a talk at PyCon Thailand about ONNX.
TLDR; stacking ONNX with rust can reduce latency by 20%.
See workshop repo in the slides.
karnwong.me/speaking/
I have a secrets sharing service deployed for personal use. Once the secret is accessed, it's gone.
My friend just told me that he's been using the said service I deployed for "personal use" with his "team". Because he trusts my server.
I'll take that as a compliment π
This secrets scanning tool is very fast, and it returns normal exit code when found secrets. Very impressed!
Normally I don't use mongodb (only for storing logs) but gotta say this is a gem.
github.com/mongodb/king...
I use 3 machines on a daily basis. One for desk, kitchen and bedroom. Nix makes a lot of things easier, but auxiliary tools help.
This setup allows me to switch between machines at a moment's notice. Been rocking this setup for 3-4 years, so it's been tested in prod.
karnwong.me/posts/2025/0...
Cranked out a benchmark for spatial join. Indexes do help a lot, and this means you can use frameworks without spatial support to do spatial stuff.
There's duckdb, pandas, polars, postgis, spark, datafusion.
karnwong.me/posts/2025/0...
polars is faster than pandas. But when it comes to spatial operations everyone fallbacks to geopandas, especially when it comes to reading geoparquet files.
I find this very amusing, but personally I use spark sedona π
Documented my setup for static lib linking in Go. It was really fun, and I gotta say the experience is very polished. At least it's easier than using swig with python to achieve the equivalent.
karnwong.me/posts/2025/0...
Monitoring a lot of services mean if someone magically forward critical logs to SRE room I'd die happy. Trawling through logs take time, and you have to filter out a lot of irrelevant stuff. Having critical logs directly served means less cognitive load, yay devx.
karnwong.me/posts/2023/0...
Good stuff, but doesn't seem to support ONNX converted from scikit-learn.
Seems like it only support neural networks.
github.com/google-ai-ed...
Too much cognitive load? Try adopting DevX.
I know I sleep better when I can repro prod setup via containers locally π³
karnwong.me/posts/2023/0...
I use at least 4 messaging apps because my friends have different preferences.
I use multiple machines and firing up all apps kinda got tedious, then I remember there's matrix bridges. Got it working and now I can text all my friends from one place. Yay open-source.
Oldie but goodie. Because we should be kind to other people. And juggling multiple functions isn't fun because it requires a lot of cognitive load.
Also there's a difference between using a pipeline and having to create one yourself.
And because it's a team sport :)
karnwong.me/posts/2023/1...
