Short, focused articles on cloud architecture, DevOps, and observability—no fluff, no theory without code.
GitOps promises a single source of truth for deployments. After running ArgoCD in production across multiple clusters, here's what worked, what broke, and what we'd do differently.
Running Kubernetes can save money at scale—or silently drain your budget. This post walks through the top cost leaks we find in EKS and AKS clusters and how to close them.
Security tooling is cheap; building a culture where engineers care about security outputs is not. Here's the checklist we use when embedding security into a new CI/CD pipeline.
The OTel ecosystem has matured rapidly. We walk through an opinionated setup for traces, metrics, and logs using the OTel Collector, Tempo, Loki, and Grafana.
Remote state, workspaces, and module versioning each solve a different problem. We share the patterns we've settled on after managing Terraform at scale across dozens of AWS and Azure accounts.
Zero-downtime deployments are non-negotiable, but the right strategy depends on your traffic profile, rollback requirements, and team maturity. Here's how we decide.
Platform engineering is having a moment. We look at what actually distinguishes a platform team from a mature DevOps practice, and whether the distinction matters for your organisation.
IAM least privilege is a well-understood principle but a poorly-executed one. We cover the common pitfalls—wildcard actions, resource-level drift, and cross-account trust—and how to fix them systematically.
Get practical infrastructure and DevOps insights delivered to your inbox. No fluff.