Practical articles on AI, DevOps, Cloud, Linux, and infrastructure engineering.
A real story of removing console-only changes, adding drift detection, and getting Terraform back in charge.
How a small team moved from single-region risk to a simple active/passive multi-region setup without doubling complexity.
We cut our AWS bill by 38% in a quarter. The specific changes that moved the bill, ranked by impact, with what we'd do first.
Defining monitoring as code: dashboards, alerts, and SLOs in Git. The patterns that survived the migration from clicked-together monitoring.
Embed cost ownership in engineering: tags, budgets, and showback.
K8s Secrets are barely encrypted. We moved every secret to Vault with the Vault Agent injector and never went back. The setup checklist.
A container is a process with extra kernel features applied. Walking through namespaces, cgroups, and the actual mechanics — the level of detail that makes "container weirdness" debuggable.