Skip to main content

Posts

Fractional CTO / Chief Architect

I help organisations design, build, stabilize, and scale mission critical distributed data systems, including data platforms, Data Lake and Lakehouse architectures, streaming systems, IoT ingestion, and AI infrastructure.

I work with engineering and platform teams to drive clear architecture decisions, reduce systemic risk, and restore delivery momentum without adding full time leadership overhead.

See consulting services

Recent articles:

Why Cloudera Manager Is Not Just An Install Step

Summary Cloudera clusters can look finished after installation and still fail operationally under real workload shape. This article argues that Cloudera management is a production control surface, not an admin checklist. It covers monitoring gaps, topology assumptions, API-driven metrics, alert design, database dependencies, and runbook discipline for senior engineers responsible for Hadoop-era platforms that still carry business workloads. Bottom Line Cloudera Manager fails when teams treat it as the part that happens after installation instead of the control surface for production. The cluster can pass a setup guide and still be hard to operate under load if alerts, metrics, role placement, storage, service ownership, and rollback paths were never proven. The practical takeaway is simple: start with the incident you cannot afford, then design Cloudera Manager, external observability, and runbooks around the signals that would shorten that incident. Why this matters now T...

Bitsight Security Ratings in Production Decision Fabrics

Summary Bitsight delivers daily updated security ratings and detailed findings from external scanning across many risk vectors. This article shows how to turn that data into events in a streaming Decision Fabric. It defines the Decision Fabric as the Kafka-native substrate where events drive agent decisions with shared graph memory and explains the role of KafSIEM for provenance-linked analysis. Concrete implementation examples use event schemas and brain tool calls. The piece covers honest trade-offs on API limits, query latency and observability cost plus the operational shifts that result in faster risk reduction for engineering teams. Bottom Line Bitsight security ratings provide an objective outside-in measurement of cyber risk  that updates every day. The practical way to get value from them is to treat rating changes, risk vector details, and associated findings as immutable events on a Kafka stream. Those events feed both human analysts and autonomous agents that c...

Production CDC Architecture: Debezium Scaling Lessons

Production CDC architecture breaks under load long before most teams expect it. With Debezium, Kafka Connect, and Postgres, the failure patterns are consistent: WAL pressure builds up, connector lag drifts unnoticed, and snapshot phases exhaust memory under bursty traffic. This is based on running these pipelines across high throughput systems, including workloads above 10k TPS. The difference between a system that works and one that holds under pressure comes down to observability, WAL discipline, and how connector scaling is handled. Production Debezium CDC Architecture Operational reality vs. tutorial defaults under real load (10k+ TPS) The Default "Tutorial" Setup Assumes low throughput and stable networks. Fails under pressure. Source: Postgres Single WAL Slot Shared slot coupling multiple connectors Default WAL retention settin...

BacNet => MQTT in Production: The Real Cost of Bridging BACnet to MQTT at Scale

bacnet2mqtt looks simple in a README and expensive in production. Once BACnet polling, reconnection behavior, stale state, and MQTT publishing collide, teams discover they are not deploying a lightweight adapter but operating infrastructure. This article breaks down where bacnet2mqtt works, where it becomes a bottleneck, and which production patterns reduce the operational damage before incidents, backlogs, and silent data loss turn a building integration into a long-running engineering problem. I inherited a building controls integration problem 18 months ago. Three office floors. 217 BACnet sensors covering temperature, occupancy, and HVAC actuators. The data was trapped inside the building automation network while the business wanted analytics, reporting, and compliance visibility in the data platform. The obvious answer looked easy enough: deploy bacnet2mqtt, bridge BACnet into MQTT, and push the stream into the lakehouse stack. The repository made it sound like a w...

Agent Observability for Multi-Agent Systems: How to Trace Agent Workflows in Production

Agent observability breaks down when teams try to force long-lived, stateful workflows into dashboards built for stateless microservices. In production, the real challenge is not collecting more logs. It is reconstructing what the agent saw, what state changed, which tool response altered the workflow, and why the system kept going. This article explains why replayable event streams are a better foundation for multi-agent tracing, how a Kafka-first design makes session replay practical, and where conventional tracing still helps but falls short on its own. The production failure that changed how we instrument agents I still remember the first time one of our production agent systems failed without actually crashing. An invoice-processing agent entered a recursive reasoning loop and burned through hundreds of dollars in API credits over a weekend because it kept insisting a validation error existed when it did not. We had logs. We had metrics. We had distributed traces. None of...