8h ago · 2 min read · Sealed Secrets patterns for storing K8s secrets safely in Git. The 3-step workflow # 1. Create secret (dry-run — don't apply): kubectl create secret generic my-app-secrets --from-literal=db-password=supersecret123 --namespace production --dry-run...
Join discussion8h ago · 1 min read · Argo Rollouts patterns for progressive delivery in Kubernetes. Canary rollout with explicit pauses strategy: canary: steps: - setWeight: 10 # 10% → new version - pause: {duration: 5m} # wait 5 min - setWeight: 30 ...
Join discussion9h ago · 1 min read · Flux v2 patterns that differ most from ArgoCD. Bootstrap in one command export GITHUB_TOKEN=ghp_xxx flux bootstrap github \ --owner=myorg \ --repository=fleet-infra \ --path=clusters/my-cluster \ --personal # Flux installs itself + creates t...
Join discussion9h ago · 1 min read · Kustomize patterns for managing K8s manifests across environments. Base + overlay structure k8s/base/ # shared manifests k8s/overlays/ production/ # kustomization.yaml extends ../../base staging/ Patches — change only what differs...
Join discussion11h ago · 2 min read · ArgoCD is the de-facto standard for GitOps on Kubernetes. Here are the patterns that come up in production. Application manifest — the key fields apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: my-app namespace: argocd spec: ...
Join discussion1d ago · 6 min read · A Git Commit Is Not Just a Change. It's a Command. Here's a scenario that plays out in a lot of platform teams. Your CI/CD pipeline runs kubectl apply as a job step. It exits zero. The pipeline goes green. Deployment successful — or so the dashboard ...
Kklement commented1d ago · 13 min read · TLDR: Infrastructure as code is useful because it makes infrastructure changes reviewable, repeatable, and testable. It becomes production-grade only when module boundaries, state locking, GitOps flow, and policy checks are treated as operational con...
Join discussion1d ago · 11 min read · TLDR: Release safety is an architecture capability, not just a CI/CD convenience. Blue-green, canary, shadow traffic, feature flags, and GitOps patterns exist to control blast radius, measure regressions early, and make rollback fast enough to matter...
Join discussion3d ago · 6 min read · Your Cluster Is Already Watching. That's the Observer Pattern. At some point, most platform teams hit the same wall. A service goes down. An secret expires. A node runs out of disk. And the first question in the postmortem is always the same: why did...
Join discussion3d ago · 7 min read · The Deployment Problem Nobody Talks About Your CI pipeline builds the image. Then what? Someone runs kubectl apply. Or a Helm command buried in a deploy step. Or a script that SSHes into a bastion host. Three months later, nobody knows what's actuall...
Join discussion