All posts
AWS in Practice #1: Deploying FastAPI/Django to ECS Fargate
Push a container image to ECR, write a Task Definition, and stand it up as an ECS Fargate Service behind an ALB — the full flow of putting a small blog API into production, in a single post.
Django Advanced #7: Deployment security — settings split, ALLOWED_HOSTS, CSRF, secret management
Settings split patterns, django-environ, DEBUG/ALLOWED_HOSTS/CSRF/HSTS, SECRET_KEY management, and manage.py check --deploy — what to verify before putting Django into production.
K8s Advanced #4: CRD and the Operator Pattern — controller-runtime
One reason K8s is powerful is that you can extend its API itself. Defining new object kinds with CustomResourceDefinition and writing a reconcile loop for those objects with controller-runtime makes domain objects live as standard resources on top of K8s. Objects with names like PostgresCluster, RedisFailover, KafkaBroker are the result. This post organizes the CRD model, an Operator skeleton based on controller-runtime, and ownerReference / finalizer / status subresource — all in one cycle.
Modern Python in Practice #2: Routing, Pydantic Models, and Dependency Injection
Splitting routes with APIRouter, defining input/output schemas with Pydantic v2, and unraveling shared logic cleanly with Depends.
RHEL Advanced #7: Cockpit for GUI Management and Web Console — Series Wrap
The RHEL Advanced series so far has been all CLI, but Cockpit is the standard tool that adds a lightweight web GUI on top. The web console covers systemd, services, users, networking, storage, Podman, kdump, and SELinux on one screen, lets you manage multiple machines from a dashboard, integrates sosreport and diagnostic tools, and handles the kinds of work better done in Cockpit than by SSHing in to edit with vi — as we wrap the series.
Testing #2 — Vitest Setup and Your First Unit Test (describe / it / expect)
Wire Vitest into a project and write your first test against the simplest possible function. The Jest comparison takes one paragraph — the real focus is the meaning of describe/it/expect, watch mode, where vitest.config.ts lives, and the small wrinkles between your first failure and your first pass.
TypeScript Advanced #5: Discriminated unions and type guards in depth
Modeling for safely handling data of multiple shapes — discriminated unions, user-defined type guards, assertion functions, and branded types.
Angular Advanced #6 SSR — Angular Universal and Hydration
Angular's SSR model, Hydration, TransferState, and pre-rendering — modern Angular's server-side rendering, all in one place.
AWS Advanced #7: Step Functions
Where state machines fit, the four states (Task / Choice / Parallel / Map), Standard vs Express, Lambda / ECS / SDK integrations, error handling with retry / catch, common patterns — the AWS workflow service.
AWS Certified Cloud Practitioner (CLF-C02) #1: Exam Introduction — Structure and Study Strategy
The opening post of the AWS Certified Cloud Practitioner (CLF-C02) series. The shape of 65 questions, 90 minutes, and a 700 passing score; the weight and meaning of the four domains; registration and the testing environment; and the study strategy that turns the hands-on feel from the [AWS track](/en/posts/aws-basics-1) into exam answers. This 10-part series targets a CLF-C02 pass, wrapping up with a full-scale mock exam in #10.
Django Advanced #6: Django Channels — WebSocket
Channels setup, AsyncWebsocketConsumer, broadcast via channel_layer, push from HTTP views, daphne/uvicorn deployment, nginx WebSocket proxy.
K8s Advanced #3: Admission Controller — OPA Gatekeeper / Kyverno
The K8s API server has a stage that can inspect and mutate manifests right before they're stored in etcd. This stage, called Admission Controller, is the entry point for the operational cluster's policy engine. Policies like "reject containers without limits," "force specific labels," "restrict image origins" are blocked at the manifest level without changing a line of code. This post organizes the position of the admission stage, built-in controllers, ValidatingWebhook and MutatingWebhook, and the models of two policy engines OPA Gatekeeper and Kyverno — all in one cycle.