Blog Archive
All posts organized by year and month
← Back to Blog2026
February
- 24 Feb AWS Control Tower Account Factory - The Gotchas Nobody Tells You
- 14 Feb Building an Automated Multi-Account AWS Architecture with Control Tower and Terraform
- 14 Feb Spacelift from Scratch: Automating Terraform at Scale with Spaces, Stacks, OPA Policies, and a Private Module Registry
- 9 Feb Migrating ClickHouse From EC2 to ClickHouse Cloud - Every Approach We Tried and Why Most Failed
- 6 Feb Identity Aware Proxy: Zero Trust Access for Internal Applications
- 4 Feb 10 Rules for Negotiating Your Job Offer (From 7 Years of Engineering)
- 3 Feb ELK Stack Migration: From 6.x to 8.x - The Complete Guide
- 3 Feb Platform Engineering in 2026 - It's About the Discipline, Not the Tools
- 2 Feb Implementing Vertical Autoscaling for Aurora Databases Using Lambda Functions
- 1 Feb Terraform State Surgery - Splitting, Moving, and Refactoring Without Downtime
January
- 30 Jan Terraform 0.11 to 1.11 Migration - The Full Journey
- 28 Jan Running Clawdbot 24/7 on a Hetzner VPS – Terraform, Security Hardening, and the Bits the Docs Miss
- 28 Jan Elastic Cloud Setup Guide - From Zero to Production
- 27 Jan Clawdbot Manual Setup – Step-by-Step VPS Configuration with WhatsApp Integration
- 25 Jan Self-Hosted GitLab on Kubernetes - A Startup's Journey
- 20 Jan Cloud Unit Economics for Multi-Tenant SaaS - Cost Per Customer, Not Per Service
- 15 Jan DORA Metrics Implementation - Measuring What Matters
- 15 Jan 7 Years of Infrastructure Decisions: What I'd Do Again and What I Regret
- 10 Jan MLOps for DevOps Engineers - What You Actually Need to Know
- 10 Jan Debugging JVM Thread Exhaustion on EC2: A Contractor War Story
- 5 Jan That Time I Gave Away £50k Worth of Consulting for Free (And What It Taught Me About the Industry)
2025
December
- 31 Dec Dragonfly vs Redis: Modern In-Memory Store Comparison
- 28 Dec Vitess for MySQL: Horizontal Sharding Done Right
- 24 Dec NATS JetStream: Lightweight Alternative to Kafka
- 20 Dec VPA + HPA Together: The Right Way to Autoscale Both
- 18 Dec Pod Topology Spread Constraints - Distributing Workloads Intelligently
- 16 Dec FinOps Automation: Kubecost, OpenCost, and Automated Rightsizing
- 15 Dec Migrating a Java Application from EC2 to ECS Fargate: A Step-by-Step Guide
- 12 Dec Spot Instance Patterns: Graceful Handling and Cost Savings
- 10 Dec The Real Difference Between Senior, Staff, and Principal Engineer
- 8 Dec Karpenter Deep Dive: Node Provisioning That Actually Works
- 5 Dec The Principal Engineer Trap
- 5 Dec The Fast Feedback Loop - Local Development with Kind, LocalStack, and Act
- 4 Dec Progressive Delivery with Flagger: Automated Canary Deployments
- 2 Dec Startup vs Scale-Up vs Enterprise: Where You'll Actually Learn the Most
November
- 30 Nov SLO-Based Alerting: Burn Rate Alerts vs Threshold Alerts
- 26 Nov OpenTelemetry Collector Pipelines: Transform, Filter, Route Telemetry
- 22 Nov Blameless Culture is Harder Than You Think
- 22 Nov Chaos Engineering with Litmus: Controlled Failure Injection
- 20 Nov LocalStack Deep Dive - AWS on Your Laptop
- 19 Nov GitHub Actions OIDC – Ditch the AWS Access Keys Forever
- 18 Nov Contract vs Perm: 4 Years of Both and What I'd Choose Now
- 18 Nov Port and Kratix: Internal Developer Platforms Beyond Backstage
- 15 Nov AWS Account Provisioning at Scale with Control Tower, Service Catalog, and Terraform
- 14 Nov Backstage Plugins: Building Custom Developer Portal Features
- 10 Nov Kyverno vs OPA: Policy Engines Compared
- 8 Nov Test GitHub Actions Locally with Act
- 6 Nov Crossplane Compositions: Build Your Own Cloud API
- 2 Nov AWS PrivateLink Deep Dive: Private Connectivity Patterns
October
- 29 Oct Gateway API Advanced Patterns: Beyond Basic Ingress
- 25 Oct Cloud Tagging Strategies That Actually Work
- 25 Oct Tailscale in Production: WireGuard Mesh for Hybrid Cloud
- 21 Oct Cilium Service Mesh: Sidecar-Free with eBPF
- 17 Oct Secretless Broker: Zero-Secret Applications
- 15 Oct Migrating 30 Repos from Jenkins to GitHub Actions – The Complete Runbook
- 12 Oct Container Image Signing with Cosign - A Practical Guide
- 12 Oct OPA Gatekeeper: Policy as Code for Kubernetes
- 8 Oct Database on Kubernetes - When It Makes Sense
- 7 Oct eBPF for Security: Kernel-Level Observability Without Agents
- 3 Oct SPIFFE and SPIRE: Zero Trust Workload Identity
- 1 Oct Backstage on AWS ECS - Production-Ready Deployment with RDS and Cognito
September
- 28 Sept Terraform Best Practices (Part 2) - Testing, CI/CD, Security, and Team Workflows
- 28 Sept Database Backup to S3 with Kubernetes CronJobs
- 25 Sept Build an ETL Pipeline with Python, PostgreSQL, and Airflow
- 20 Sept Terraform Best Practices (Part 1) - Project Structure, State, and Modules
- 20 Sept Build a SOC Homelab with Docker - Elasticsearch, Cribl, and Log Simulation
- 18 Sept Remote Work Won
- 15 Sept Migrating Event Store Data from SQL Server and Oracle to DynamoDB with AWS DMS
- 15 Sept K3s Homelab Setup Guide - Running Kubernetes on Raspberry Pi 5
- 8 Sept NetworkPolicy Default Deny – The One Rule We Add to Every Namespace
- 5 Sept Software Supply Chain Security - Sigstore, SLSA, and Beyond
August
July
June
- 22 Jun The Kubernetes ndots:5 Problem – Why DNS Lookups Take 15 Seconds
- 22 Jun NAT Gateway Alternatives - Cutting Your AWS Bill Without Losing Sleep
- 19 Jun Kubernetes Sidecar Startup Order - Making Your Main App Wait
- 15 Jun The 10x Engineer is a Myth
- 15 Jun EKS IP Exhaustion: Running out of IPs, one way to fix it
- 5 Jun AWS VPC Endpoints - Keep Your Traffic Off the Internet