Technical notes, system design patterns, and infrastructure experiments. Learning and building in public.
Deep dive into configuring Nginx as a reverse proxy for multiple backend services. Covers SSL termination, load balancing strategies, caching mechanisms, and performance optimization techniques. Includes real-world benchmarks and configuration examples from production environments.
Explore articles organized by technical topics and technologies
14 articles
11 articles
9 articles
8 articles
7 articles
6 articles
Latest technical writeups and experiments
Practical tips for tuning PostgreSQL configuration, indexing strategies, connection pooling with PgBouncer, and monitoring query performance. Based on managing a database handling 50K+ queries per second.
Step-by-step guide to setting up a production-ready Kubernetes cluster. Covers kubeadm installation, network plugins, ingress controllers, cert-manager, and monitoring with Prometheus and Grafana.
Complete overview of DNS architecture, resolution process, caching strategies, and security considerations including DNSSEC, DNS-over-HTTPS, and protecting against DNS amplification attacks.
Effective caching patterns using Redis including cache-aside, write-through, write-behind strategies. Discusses key expiration policies, memory management, and handling cache invalidation in distributed systems.
Practical guide to orchestrating multi-container applications with Docker Compose. Covers service definitions, networking, volumes, environment variables, and development workflows for microservices architecture.
Comprehensive security guide for SSH configuration. Covers key-based authentication, disabling root login, port changing, fail2ban setup, two-factor authentication, and monitoring SSH access logs.
Setting up automated, encrypted backups using Restic. Covers backup strategies, cloud storage integration (S3, B2), retention policies, restoration procedures, and monitoring backup health.
Complete monitoring stack setup with Prometheus for metrics collection and Grafana for visualization. Includes node_exporter configuration, alert rules, and building effective dashboards for system metrics.
Deep dive into TLS 1.3 protocol improvements, certificate lifecycle management with Let's Encrypt, automated renewal, and troubleshooting common SSL/TLS issues in production environments.
This blog documents technical experiments, infrastructure projects, and lessons learned while working with backend systems at scale. The focus is on practical, production-ready solutions rather than theoretical concepts.
Topics covered include Linux system administration, containerization, orchestration, database management, networking, security hardening, and performance optimization. Most content is based on real-world scenarios and production deployments.
The goal is to share knowledge and provide detailed technical references that others might find useful when solving similar problems or building similar systems.
Deployed PostgreSQL with streaming replication and automatic failover using Patroni and etcd. Handling 50K+ queries per second with sub-10ms latency.
Migrated legacy Docker Swarm infrastructure to Kubernetes. Implemented GitOps workflows with ArgoCD and automated blue-green deployments.
Built complete monitoring solution with Prometheus, Grafana, and Loki. Integrated distributed tracing with Jaeger for microservices debugging.
Converted manual infrastructure provisioning to Terraform. Implemented automated testing and validation pipelines for infrastructure changes.