#Infrastructure

300 posts

AWS Intermediate #2: EC2 Operations — security group, key pair, SSM
10 min read

AWS Intermediate #2: EC2 Operations — security group, key pair, SSM

The daily tools of EC2 operations — designing Security Group rules, how NACLs sit differently, the limits of key pairs and SSM Session Manager, plus baking your AMI to harden the instance skeleton.

Docker Advanced #1: BuildKit and buildx — What the Builder Actually Is
8 min read

Docker Advanced #1: BuildKit and buildx — What the Builder Actually Is

A step deeper into the BuildKit we left turned on in Intermediate. The structure of LLB and frontends, buildx builder instances (docker-container vs. docker), the many shapes of --output, and using docker buildx bake to declaratively orchestrate multi-target builds.

K8s Basics #5: Service — ClusterIP / NodePort / LoadBalancer
16 min read

K8s Basics #5: Service — ClusterIP / NodePort / LoadBalancer

[#4](/en/posts/k8s-basics-4) got 3 Pods running, but how traffic reaches them is still empty. Pod IPs change every time, no load balancing across the 3 Pods of one Deployment, and an external browser cannot get in at all. This post fills that gap with the Service abstraction — stable IP and DNS, how selector / Endpoints work, and the trade-offs across the three types ClusterIP / NodePort / LoadBalancer.

RHEL Intermediate #4: Networking — NetworkManager (nmcli), bonding, teaming
11 min read

RHEL Intermediate #4: Networking — NetworkManager (nmcli), bonding, teaming

RHEL 9 networking is unified under NetworkManager. This post covers: setting a static IP, DNS, and gateway with nmcli; bonding that bundles two NICs for fault tolerance; bridge as the foundation of virtual machine and container networks; and why teaming was deprecated — all in one post.

AWS Intermediate #1: EC2 and VPC Basics
11 min read

AWS Intermediate #1: EC2 and VPC Basics

The oldest building blocks in the cloud — EC2 and VPC. Instance types and AMIs and EBS, plus how VPC, subnets, route tables, IGW, and NAT all weave into one picture. We lay out the first skeleton of operational infrastructure.

Docker Intermediate #6: Logging and Debugging
9 min read

Docker Intermediate #6: Logging and Debugging

Handling logs from many containers together, switching log drivers, and using exec, inspect, stats, and dive to look inside containers and images. The wrap-up of Docker Intermediate.

K8s Basics #4: Deployment and ReplicaSet — Declarative Deploys and Rolling Updates
14 min read

K8s Basics #4: Deployment and ReplicaSet — Declarative Deploys and Rolling Updates

A follow-up to the closing line of [#3](/en/posts/k8s-basics-3) — Pods are mortal, they just disappear when they die. This post writes a controller manifest for the first time. We pin down the three layers Deployment / ReplicaSet / Pod, watch auto-recovery when one Pod is deleted under replicas: 3, see how a one-character image-tag change drives a rolling update, and roll back a bad version with one command.

RHEL Intermediate #3: Advanced Storage — Stratis, NFS, Samba
11 min read

RHEL Intermediate #3: Advanced Storage — Stratis, NFS, Samba

Storage operations that reach beyond a single machine. Stratis is a storage manager built on top of LVM+XFS that lets you handle thin provisioning and snapshots with ease. NFS is the standard for sharing directories between Linux machines, and Samba is the file-sharing protocol that Windows clients can use. This post covers the setup and operation of all three tools in one place.

AWS Basics #7: CloudWatch Intro — Logs and Metrics
10 min read

AWS Basics #7: CloudWatch Intro — Logs and Metrics

CloudWatch Logs / Metrics / Alarms / Dashboards, log groups and retention, Metric Filters, and the basics of Logs Insights queries — the eyes of every production system.

Docker Intermediate #5: Environment Variables and Secrets
8 min read

Docker Intermediate #5: Environment Variables and Secrets

The shapes of env-var injection, .env files and variable interpolation, env_file vs. environment, compose secrets, BuildKit build-time secrets, and the most common mistake of baking secrets into an image.

K8s Basics #3: kubectl and Your First Pod
13 min read

K8s Basics #3: kubectl and Your First Pod

Time to put your first workload onto the cluster from [#2](/en/posts/k8s-basics-2). We pin the kubectl command pattern in one table, bring up a first Pod imperatively with kubectl run, then rewrite the same shape as a YAML manifest. We inspect the Pod with describe / logs / exec, and end on the question — why one Pod is not enough, which is exactly why the next post needs Deployment.

RHEL Intermediate #2: LVM — PV/VG/LV, Snapshots, Expansion
13 min read

RHEL Intermediate #2: LVM — PV/VG/LV, Snapshots, Expansion

LVM, the standard for RHEL 9 disk operations, covered in depth. The abstraction layer between physical disks and the filesystem, the three-layer relationship of PV/VG/LV, the full flow of adding a new disk to expand an LV, capturing a pre-backup state with snapshots and rolling back, and thin provisioning and RAID options — all in one post.