Categories

Architecture

Kubernetes 1.35 GA: an operations-side balance sheet

Kubernetes 1.35 GA consolidates three releases of work: native sidecars with full lifecycle management, generalised DRA for FPGAs and NPUs, and a scheduler that cuts resource waste by 15-25% in heterogeneous clusters. An operations-side balance sheet: what to enable now, what to watch before migrating, and what path to follow from 1.30.

Methodologies

AI-integrated DevOps tools in my daily flow

After fourteen months testing AI-integrated DevOps tools across several teams, the stack that stays is small: Claude Code, Cursor, and Aider for code; PagerDuty AIOps, Datadog Bits AI, and Grafana Assistant for alert triage; and OpenTofu with OPA for infrastructure generation bounded by policy rules.

Artificial Intelligence

AI agent incidents: recovery runbooks that work

AI agents fail in production, and what matters is how you respond in the first twenty minutes. This runbook covers severity classification, isolating before investigating, purging contaminated memory, communicating without inventing facts, and turning every incident into a regression test before closing it as done.

Methodologies

SRE with AI: dashboards that actually help

Los cuadros de mando con IA llevan un par de años prometiendo detección de anomalías mágica y causa raíz automática. La realidad es más modesta pero también más útil, si se sabe separar el ruido del valor real. Repaso honesto de qué funciona y qué no.

Methodologies

Chaos Engineering in Enterprise: Beyond Chaos for Chaos’s Sake

Chaos engineering is the practice of injecting real-world failures into production in a controlled way to verify that the system responds as expected. It requires prior hypotheses, a minimal blast radius, and mature observability. Open-source tools like Litmus and Chaos Mesh make adoption accessible without commercial spend; the ROI comes as avoided incidents and better-prepared teams.

Methodologies

Observability and SLOs: Error Budgets That Get Met

SLOs and error budgets only work when the budget drives real decisions. A feature freeze that triggers on exhaustion, deploy velocity that adjusts to consumption. With two or three well-chosen SLIs, a clear freeze policy, and simple tools like Prometheus with Sloth, a team can sustainably balance velocity and reliability in production.

Methodologies

Blameless Post-Mortems: How to Actually Improve

Blameless post-mortems are easy to proclaim but hard to execute well. Without genuine blame-free culture, a factual timeline, honest contributor analysis, and action items with a clear owner and deadline, the exercise degenerates into empty ritual that does nothing to prevent the same incidents from recurring.

Methodologies

Applying Google’s SRE Book Without Being Google

Google's SRE book (2016) is canonical reading, but it is written for thousands of engineers and in-house datacenters: applying it literally on a small team creates friction. Five principles do travel (SLOs, error budgets, blameless postmortems, toil management, humane on-call); what does not scale is Google's infrastructure and dedicated roles.

Technology

NIS2: What Europe’s New Directive Changes for Cybersecurity

The NIS2 Directive expands European cybersecurity from 7 to 18 sectors, mandates 10 minimum technical measures and 24-hour incident notification, and imposes fines of up to 10 million euros or 2% of global turnover, with personal liability for management bodies that fail to comply.

Methodologies

Prometheus: Writing Alerts That Won’t Get Ignored

To write Prometheus alerts that won't get ignored, alert on customer-observable symptoms (latency, error rate, saturation) instead of internal causes like CPU or memory, define SLOs with multi-window burn rate to scale severity, add a watchdog alert that confirms the system is still alive, and review the signal-to-noise ratio every quarter.

Architecture

Pixie: Native Kubernetes Observability Powered by eBPF

Pixie uses eBPF to automatically instrument Kubernetes clusters without modifying application code. A per-node agent captures HTTP, gRPC, SQL, and Redis traffic at the kernel level, exposing service maps, CPU profiles, and SQL traces within minutes. It complements Prometheus for reactive diagnosis with no sidecars or redeploys.