All posts
Python Without the GIL Is Here: Where Free-Threading Stands and When to Use It
The current state of free-threading, from the experimental build in Python 3.13 to official support in 3.14. Installation and verification, single-thread overhead, C extension compatibility, and the criteria for deciding whether it belongs in production today.
Red Hat Certified Engineer (RHCE) #10 Ansible Vault: Managing Secrets
The tenth post in the Red Hat Certified Engineer (RHCE) series. We encrypt variable files with ansible-vault (create/edit/view/encrypt/decrypt/rekey), put secrets in group_vars/secret.yml and use them from a playbook, supply the password at runtime with --ask-vault-pass and --vault-password-file, and inline-encrypt a single variable with encrypt_string — all laid out command by command.
Red Hat Certified System Administrator (RHCSA) #7 File systems: XFS, ext4, mount/fstab, NFS, AutoFS
The seventh post in the Red Hat Certified System Administrator (RHCSA) series. We create file systems with mkfs.xfs and mkfs.ext4, handle mounts with mount/umount/findmnt, lock down persistent mounts that survive a reboot via UUID/LABEL and fstab, and finally type out NFS client mounts and AutoFS on-demand mounts by hand.
AWS Certified CloudOps Engineer - Associate (SOA-C03) #2 Domain 1-1 Monitoring — CloudWatch Metrics, Alarms, and Dashboards
The second post of the SOA-C03 series covers CloudWatch, the first topic of the largest domain, Monitoring (22%). It covers how metrics are collected along with namespaces and dimensions, the difference between standard and custom metrics, alarm state transitions and evaluation-period design, composite alarms, and dashboard composition.
AWS Certified Developer - Associate (DVA-C02) #8 Domain 2-2 Security — Encryption and Secrets
The second post of the DVA-C02 security domain. It covers KMS key types and envelope encryption, at-rest and in-transit encryption, S3 server-side encryption options (SSE-S3, SSE-KMS, SSE-C) and Lambda environment variable encryption, and the difference between Secrets Manager and Parameter Store (automatic rotation, cost, hierarchy), all at the exam level. Keeping secrets out of code is the core.
Build an Online Shop with Next.js #3: Shopping Cart
Manage shopping cart state with a client Context and localStorage. We cover a persistent cart that survives refresh, quantity changes, total calculation, and a hydration-safe pattern.
Certified Kubernetes Administrator (CKA) #17 Storage 2: StorageClass, Dynamic Provisioning, Reclaim Policy, Expansion
The 17th post in the Certified Kubernetes Administrator (CKA) series. We configure dynamic provisioning with a StorageClass so that creating just a PVC makes a PV appear automatically, and sort out the difference between the default StorageClass and volumeBindingMode. We also confirm with YAML how reclaimPolicy (Delete/Retain) treats data when a PV is removed, and how allowVolumeExpansion grows a volume.
Certified Kubernetes Application Developer (CKAD) #12 Observability: logging, kubectl debug, port-forward, ephemeral container
The twelfth post in the Certified Kubernetes Application Developer (CKAD) series. A hands-on tour of the observability tools you reach for when an app misbehaves. Follow logs with kubectl logs, read state with describe and events, get inside with exec and port-forward, and debug even shell-less containers with the ephemeral container of kubectl debug — building the muscle memory for the whole flow.
Certified Kubernetes Security Specialist (CKS) #10 Secrets Management: etcd Encryption, External Secrets
The tenth post in the Certified Kubernetes Security Specialist (CKS) series. Starting from the fact that a Kubernetes Secret is stored in etcd as base64 only — which is not encryption — we walk through encrypting secrets at rest with an EncryptionConfiguration, wiring it to the apiserver flags, re-encrypting existing Secrets, and checking for plaintext with etcdctl. We then tie in the big picture of integrating an external secret store via the External Secrets Operator and KMS, plus minimizing Secret-access RBAC, so you get hands-on with the exam staple of enabling etcd encryption.
How Does Video Streaming Play Without Buffering? The Basics of Streaming and Codecs
This post explains, without any code, how video plays without buffering. It covers streaming that receives video in chunks, codecs that shrink heavy video, adaptive streaming that changes quality to match the network, and CDNs, at a non-developer's level.
Kubernetes and Cloud Native Associate (KCNA) #1: Exam Introduction — Structure and Study Strategy
The opening post of the Kubernetes and Cloud Native Associate (KCNA) series. The shape of 60 questions, 90 minutes, and a 75% passing line; the weight and meaning of the five domains; registration and the online-proctored testing environment; and the study strategy that turns the intuition built in the [K8s hands-on track](/en/posts/k8s-basics-1) into multiple-choice answers. This series targets a KCNA pass in nine posts, wrapping up with a mock multiple-choice exam in #9.
Python Data Analysis #7 A Taste of Polars: Your Next Move When pandas Slows Down
When pandas struggles against millions of rows, Polars is the alternative. We compare reading, filtering, and groupby side by side in pandas and Polars code, explain the idea behind lazy mode, lay out criteria for choosing between the two tools, and close out the series.