Practical guides, war stories, and deep dives on Kubernetes, AWS, CI/CD, and cloud-native engineering.
After managing K8s clusters at DigitalOcean, here are the 10 things I always verify before shipping to production β from PodDisruptionBudgets to readiness probes and rollback strategies.
How I organise Terraform codebases so 10+ engineers can work without stepping on each other's state files.
A real-world walkthrough of tightening IAM policies without breaking your pipelines. Includes SCPs, permission boundaries, and common gotchas.
Step-by-step guide to building a pipeline that lints, tests, builds, pushes to ECR, and rolls out to Kubernetes β with secrets management included.
Encrypting secrets in Ansible the right way β vault IDs, partial encryption, and integrating with CI/CD without exposing credentials.
Reserved Instances, Savings Plans, right-sizing, S3 storage classes, and NAT Gateway optimisation. Lessons from real production environments.