All posts
AWS Certified Solutions Architect - Associate (SAA-C03) #15 Exam Tips and Frequently Missed Patterns
After finishing SAA-C03 domain study, here is the practical strategy for protecting your score in the exam room. It lays out time management across 130 minutes and Mark for Review, how to filter options by constraint keywords, the elimination strategy, and the concept pairs most often confused on the exam (Multi-AZ vs. read replica, SG vs. NACL, Gateway vs. Interface Endpoint, and more) in a single table.
Certified Kubernetes Administrator (CKA) #13 Scheduling 1: nodeSelector, nodeAffinity, podAffinity/antiAffinity
The thirteenth post in the Certified Kubernetes Administrator (CKA) series. We lay out the four tools that control which node the scheduler places a Pod on. nodeSelector does simple label matching, nodeAffinity expresses node conditions with required and preferred, and podAffinity/podAntiAffinity use topologyKey to place a Pod on the same node as — or a different node from — other Pods. We also look at manual placement that bypasses the scheduler with nodeName.
Certified Kubernetes Application Developer (CKAD) #8 Deployment Strategies: Blue-green, Canary
The eighth post in the Certified Kubernetes Application Developer (CKAD) series. Implement zero-downtime deployment strategies by hand with nothing but Deployment, Service, and labels — no managed deployment tooling. We review rolling update and recreate, build instant cutover and rollback with blue-green, and implement traffic splitting through replicas ratios with canary.
Certified Kubernetes Security Specialist (CKS) #6: AppArmor profiles (System Hardening)
The sixth post in the Certified Kubernetes Security Specialist (CKS) series. We cover how to restrict a container's file and capability access at the kernel level with AppArmor, the Linux MAC. We work through the difference between enforce and complain modes, writing a profile with deny rules, loading it onto a node with apparmor_parser and confirming with aa-status, the two ways of attaching it to a Pod (1.30+ securityContext.appArmorProfile and the older annotation), and verifying with exec that the profile actually blocks.
How Do Maps and Your Location Show Up? GPS, Geocoding, and Map APIs
This post explains, without any code, how a map app finds your location and how addresses and maps connect. It covers GPS and supporting signals, the geocoding that links addresses and coordinates, map APIs, and location as sensitive personal data, at a non-developer's level.
Python Data Analysis #3: Selecting and Filtering — loc, iloc, and Boolean Indexing
How to pick out just the rows and columns you want in pandas: single vs. double brackets for column selection, the loc/iloc distinction, boolean indexing where a condition becomes a mask, the query method, and the danger that SettingWithCopyWarning is warning you about.
Red Hat Certified Engineer (RHCE) #5: Playbook Basics — task, handler, idempotency
The fifth post in the Red Hat Certified Engineer (RHCE) series. We work through the YAML structure of a playbook and the play/task relationship, writing module tasks and the recommendation to name them, the handler-and-notify pattern that runs once at the end only when something changed, the idempotency that surfaces through changed and ok, the idempotency stopgaps for command/shell (creates/removes), and ansible-playbook versus ansible-navigator run plus --check/--diff/--syntax-check — all from a hands-on exam point of view.
Red Hat Certified System Administrator (RHCSA) #2 Essential Tools: bash, vi, redirection, find/grep, archive, ssh
The second post in the Red Hat Certified System Administrator (RHCSA) series. We cover the shell fundamentals that everything else is built on — input/output redirection and pipes, finding and processing matching files with find and grep, text processing with less,sort,sed,awk, the modes and search-and-replace of the vi editor, tar,gzip archiving, remote work with ssh and scp, and how to wield man pages as a weapon in an exam room with no internet — all with command examples.
AWS Certified Developer - Associate (DVA-C02) #3 Domain 1-2 Development with AWS Services — API Gateway
The second post of the DVA-C02 development domain. It covers the difference between API Gateway's REST API and HTTP API, Lambda proxy integration, the three authentication methods (IAM, Cognito authorizer, Lambda authorizer), throttling and usage plans/API keys, caching, stages and stage variables, and CORS, all at the exam level. API Gateway is the gateway to serverless APIs and appears in the development domain second only to Lambda.
AWS Certified Solutions Architect - Associate (SAA-C03) #14 Domain 4-2 Cost Optimization — Cost Monitoring
The final post of the SAA-C03 cost optimization domain. It covers Cost Explorer for analyzing and forecasting cost, AWS Budgets for alerting on budget overruns, CUR as the most detailed billing data, Trusted Advisor for checking cost , security , performance, Compute Optimizer for right-sizing recommendations, and how to manage multi-account cost with consolidated billing and cost allocation tags.
Certified Kubernetes Administrator (CKA) #12 ConfigMap and Secret in Depth
The twelfth post in the Certified Kubernetes Administrator (CKA) series. We dig into ConfigMap and Secret from an operator's point of view: the three sources of kubectl create (--from-literal, --from-file, --from-env-file), Secret types (generic/docker-registry/tls) and the fact that base64 is not encryption, the injection methods of env valueFrom, envFrom, volume mount, and subPath, the difference in auto-refresh between env and volume, and how immutable buys you both performance and safety — all laid out with YAML and kubectl.
Certified Kubernetes Application Developer (CKAD) #7 Workloads 3: Job, CronJob (Backoff, Concurrency)
The seventh post in the Certified Kubernetes Application Developer (CKAD) series. It covers Job, which handles run-once batch work, and CronJob, which runs that work on a schedule, from a hands-on exam perspective. We will build completions, parallelism, backoffLimit, activeDeadlineSeconds, restartPolicy, and ttlSecondsAfterFinished, along with CronJob's schedule, concurrencyPolicy, startingDeadlineSeconds, and suspend, directly with YAML and kubectl.