DevOps Blog

Real-world experiences, lessons learned, and technical insights from building production infrastructure. Stories from the trenches of DevOps, Kubernetes, cloud platforms, and platform engineering.

All 1password adb ai airbyte android argocd arm astro aws cert-manager cicd cloud cloudfront docker eks etl external-dns faker gateway-api gcp github github-actions gitops gke hackathon helm home-server java jenkins kubernetes linux migration mkdocs networking oci ollama platform postgres privacy python react redis route53 ruby s3 security self-hosted shell script slackbot sql ssl sso tailscale terraform traefik turborepo vpn
Migrating From dotenv.org to 1Password in Kubernetes Deployment

Migrating From dotenv.org to 1Password in Kubernetes Deployment

dotenv.org recently increased its pricing, and at the same time our organization was already consolidating secrets into **1Password** for engineering, operations, and automation workflows. Maintaining

ocikubernetes1password
Extending Our Tailscale Setup with a Terraform-Managed Bastion

Extending Our Tailscale Setup with a Terraform-Managed Bastion

In [my previous post](./2025/06/25/swapping-vpn-for-tailscale-a-five-day-internal-infra-upgrade/), I wrote about how we replaced a traditional VPN with Tailscale to connect engineers to Kubernetes ser

tailscalevpnkubernetes
Reviving Doraemon: A Slack Bot’s Second Life in Kubernetes

Reviving Doraemon: A Slack Bot’s Second Life in Kubernetes

Some projects stick with you. For me, it was a little Slack bot I hacked together at a previous job—something that could talk to our infrastructure and give quick answers without switching tools. I ne

slackbotkubernetespython
Replatforming Airbyte: From Developer Laptop to EKS

Replatforming Airbyte: From Developer Laptop to EKS

In early-stage engineering teams, it's natural for tools to start out simple — often running on a single developer machine, just to get things moving. That’s how our Airbyte setup began: quick to spin

tailscaleairbytekubernetes
Swapping VPN for Tailscale: A Five-Day Internal Infra Upgrade

Swapping VPN for Tailscale: A Five-Day Internal Infra Upgrade

"How we started replacing our VPN with Tailscale, improved onboarding and access control, and reduced costs—all in five days."

tailscalevpnkubernetes
Goodbye Nginx, Hello Traefik! Effortless HTTPS with Let's Encrypt and Docker

Goodbye Nginx, Hello Traefik! Effortless HTTPS with Let's Encrypt and Docker

If you've struggled with Nginx reverse proxy configs, certbot timers, and `nginx -s reload`, it's time to meet Traefik — a modern reverse proxy built for dynamic containerized environments.

traefikssldocker
Building a Reusable Terraform Static Site Module with CloudFront, S3, and Route 53

Building a Reusable Terraform Static Site Module with CloudFront, S3, and Route 53

A common need in modern cloud infrastructure is hosting static websites — whether it's marketing sites, documentation portals, or Single Page Applications (SPAs) built with React, Vue, or Svelte.

terraformcloudfrontaws
Automated TLS and DNS in Kubernetes with ExternalDNS, Ingress, and Let's Encrypt

Automated TLS and DNS in Kubernetes with ExternalDNS, Ingress, and Let's Encrypt

Managing DNS and TLS certificates for Kubernetes applications can be tedious and error-prone. Thankfully, tools like **ExternalDNS**, **Ingress**, and **Cert-Manager** automate the entire process — fr

networkingsslkubernetes
Automatically Renew AWS SSO Session and Refresh Kubeconfig for EKS Access

Automatically Renew AWS SSO Session and Refresh Kubeconfig for EKS Access

Working with AWS EKS clusters via AWS SSO is secure but sometimes frustrating.

shell scriptssokubernetes
Setting Up Turborepo Remote Cache with S3 and GitHub Actions

Setting Up Turborepo Remote Cache with S3 and GitHub Actions

Setting up a production-grade remote cache for [Turborepo](https://turbo.build/) using self hosted remote cache with AWS S3 and Lambda helps improve monorepo performance, especially in CI/CD pipelines

turborepoterraformaws
Bootstrapping My Linux Desktop and MacBook for Dev Work

Bootstrapping My Linux Desktop and MacBook for Dev Work

After transitioning through two new jobs recently, I had the opportunity (and challenge) to set up fresh dev environments on both a Linux desktop and a MacBook. Here’s my comprehensive checklist and s

awskubernetes
Setting Up Docker, SSL, and DuckDNS on Oracle Server

Setting Up Docker, SSL, and DuckDNS on Oracle Server

This guide will walk you through the process of setting up Docker, configuring SSL certificates, and setting up DuckDNS on an Oracle server (Oracle Linux 9).

shell scriptssldocker
Previous Page 2 of 4 Next