Observability in Cloud-Native Systems: Metrics, Logs, and Traces
How the three pillars of observability complement each other, and why having all three matters more than maximizing any single one.
Containers, orchestration, cloud infrastructure, and the practices that keep production reliable.
How the three pillars of observability complement each other, and why having all three matters more than maximizing any single one.
Why Terraform's state file is the actual source of truth behind every plan and apply, and how drift, locking, and idempotency all follow from that design.
How the OCI runtime and image specs standardized what a 'container' actually is, and how containerd/CRI-O/runc fit together beneath Docker and Kubernetes.
How admission controllers intercept API requests before they're persisted, and how OPA/Gatekeeper turn that hook into cluster-wide policy enforcement.
How Service Level Indicators, Objectives, and error budgets turn 'be reliable' into a concrete, measurable number that actually drives engineering decisions.
How multi-stage builds, distroless base images, and layer discipline combine to produce smaller, more secure container images without sacrificing developer ergonomics.
How pod-to-pod networking, Services, and kube-proxy's packet rewriting fit together to make Kubernetes' flat network model actually work.
How vulnerability scanners actually inspect container image layers, how to read a scan report, and the practices that reduce real supply-chain risk.
The two-phase filter-and-score process the Kubernetes scheduler uses to decide which node a pod lands on, and how to influence it.
How Podman's daemon-less, fork-exec architecture differs from Docker's client-daemon model, and what that means for rootless containers in production.