Practical articles on AI, DevOps, Cloud, Linux, and infrastructure engineering.
How a small team moved from single-region risk to a simple active/passive multi-region setup without doubling complexity.
K8s Secrets are barely encrypted. We moved every secret to Vault with the Vault Agent injector and never went back. The setup checklist.
A real story of removing console-only changes, adding drift detection, and getting Terraform back in charge.
A container is a process with extra kernel features applied. Walking through namespaces, cgroups, and the actual mechanics — the level of detail that makes "container weirdness" debuggable.
We have a few hundred shell scripts in production. The patterns that make them survive contact with reality, and the ones we've stopped writing.
Filesystem choice, mount options, IO schedulers — the per-host tweaks that actually moved disk performance for our database and storage workloads.
How processes actually live and die on Linux, the tools that show what's happening, and the patterns we use for monitoring service health.
A practical Linux hardening checklist for production hosts. The settings that earn their place via real production reasons, not the cargo-cult version.
