All posts

Docker Advanced #4: SBOM and Signing — The Entry to Supply Chain Security
7 min read

Docker Advanced #4: SBOM and Signing — The Entry to Supply Chain Security

Make a machine-readable bill of materials (SBOM) of what is in this image, and verify who built it with a cosign signature. The supply chain security toolkit that became standard after the xz incident.

K8s Intermediate #1: StatefulSet / DaemonSet / Job / CronJob — Controllers Beyond Deployment
16 min read

K8s Intermediate #1: StatefulSet / DaemonSet / Job / CronJob — Controllers Beyond Deployment

The [Deployment](/en/posts/k8s-basics-4) from K8s Basics #4 sits on a stateless model — multiple identical Pods that come back the same way when they die. But databases that need identity and disks, agents that need exactly one per node, migrations that should run once, daily backups — none of these fit Deployment. This post covers the four controllers that fill those gaps in one pass: StatefulSet, DaemonSet, Job, CronJob.

Modern Python Intermediate #6: Pattern matching in depth
4 min read

Modern Python Intermediate #6: Pattern matching in depth

The next step from basics match-case — class patterns and __match_args__, sequence/mapping patterns, captures and guards, plus anti-patterns.

RHEL Intermediate #6: Job Scheduling — cron, systemd timer, at
12 min read

RHEL Intermediate #6: Job Scheduling — cron, systemd timer, at

Four tools for running time-based tasks in RHEL 9, from an operational perspective. Traditional cron and user crontab, anacron that catches up missed jobs when the machine was off, at for one-shot scheduling, and systemd timer as the modern replacement for cron — with a guide on which tool to use in which situation.

TypeScript + React in Practice #1: Getting Started and Setup
4 min read

TypeScript + React in Practice #1: Getting Started and Setup

Why use TypeScript with React, plus building a React + TS project with Vite and adding types to your first component — all in one go.

Angular Intermediate #3: RxJS Basics — Observable and Operators
8 min read

Angular Intermediate #3: RxJS Basics — Observable and Operators

The core concepts of RxJS, Angular's standard async toolkit. The shape of Observable, the operators you'll reach for most often, Subject and BehaviorSubject, and how it all relates to signals.

AWS Intermediate #4: RDS — managed DB, backups, parameter groups
9 min read

AWS Intermediate #4: RDS — managed DB, backups, parameter groups

AWS's managed relational database, RDS. Comparison vs DB-on-EC2, automated backups and snapshots and PITR, Multi-AZ, parameter / option groups, and how to handle minor vs major upgrades operationally.

Django Intermediate #3: Signals and Middleware
7 min read

Django Intermediate #3: Signals and Middleware

Events outside the model flow — Signals — and Middleware that crosses the request/response pipeline. Where to use these two powerful but trap-laden tools, and how to use them sparingly.

Docker Advanced #3: Image Security — non-root, distroless, Trivy Scans
8 min read

Docker Advanced #3: Image Security — non-root, distroless, Trivy Scans

A practical toolkit for container security. Dropping to a non-root USER, read-only root with tmpfs, dropping capabilities, narrowing the attack surface with distroless, scanning known CVEs with Trivy/Grype, and linting Dockerfiles with hadolint.

IT Literacy for Non-Developers #5: Git and Version Control — How Many People Edit One Codebase
5 min read

IT Literacy for Non-Developers #5: Git and Version Control — How Many People Edit One Codebase

This post explains, without any code, what developers mean by commit, push, merge, and PR. It closes the series by unpacking Git and version control - the way many people edit the same code without losing track of versions - at a non-developer's level.

K8s Basics #7: Namespaces and Labels — Organizing the Cluster
13 min read

K8s Basics #7: Namespaces and Labels — Organizing the Cluster

One thing slipped past quietly through this series — every Pod, Deployment, Service, ConfigMap, and Secret we created landed in the default namespace. And labels have been with us since [#4](/en/posts/k8s-basics-4)'s selector but never got their own pass. This post wraps the series with the two tools — Namespace and labels — that turn a cluster into something a human can read, and previews the next track (K8s Intermediate).

Modern Python Intermediate #5: Decorator patterns
4 min read

Modern Python Intermediate #5: Decorator patterns

Every form of decorators that wrap functions — basic form, parameterized decorators, functools.wraps, class decorators, and ParamSpec.