DevOps

Need a secure, fast, and self-hosted solution for storing container images? Setting up a private Docker registry is easier than you think. Why Run Your Own Docker Registry? Running your own registry allows you to: Avoid Docker Hub rate limits Store proprietary images securely Speed up CI/CD workflows Control image retention and access Great for air-gapped environments and enterprise deployments. 1. Prerequisites You’ll need: Docker installed Access to a server or VM Optional: domain name and TLS certs (for production) 2. Start a Local Registry (Quick Start) docker run -d -p 5000:5000 --name registry registry:2 This launches a registry on localhost:5000. ...

Deploying applications to Kubernetes? Follow these best practices to avoid downtime, improve scalability, and simplify operations. 1. Use Readiness and Liveness Probes Probes help Kubernetes know when your app is healthy and ready to serve traffic. livenessProbe: httpGet: path: /healthz port: 8080 initialDelaySeconds: 5 periodSeconds: 10 readinessProbe: httpGet: path: /ready port: 8080 initialDelaySeconds: 5 periodSeconds: 10 2. Configure Resource Requests and Limits Avoid over/under-scheduling: ...

Basic iptables Commands Every DevOps Engineer Should Know iptables is a powerful command-line utility for configuring the Linux kernel firewall. It is widely used for managing network traffic and securing Linux-based systems. Why Use iptables? Block unwanted traffic Allow specific ports Forward or redirect traffic Protect services from unauthorized access Basic iptables Syntax iptables -[A|D|I|R|L] [CHAIN] [OPTIONS] -A: Append a rule -D: Delete a rule -I: Insert a rule -R: Replace a rule -L: List rules Common Chains INPUT: Packets destined to the host OUTPUT: Packets sent from the host FORWARD: Packets routed through the host Examples List All Rules iptables -L -v -n Allow Incoming SSH (Port 22) iptables -A INPUT -p tcp --dport 22 -j ACCEPT Drop All Incoming Traffic By Default iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT Allow Loopback and Established Connections iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT Delete a Rule iptables -D INPUT -p tcp --dport 22 -j ACCEPT Saving and Restoring Rules Save Rules iptables-save > /etc/iptables/rules.v4 Restore Rules iptables-restore < /etc/iptables/rules.v4 Conclusion Understanding iptables helps you take full control over traffic flow in and out of your Linux systems. These basic commands will help you secure your infrastructure and troubleshoot network issues. ...

Introduction OpenTelemetry is an open-source observability framework for cloud-native software, providing a set of APIs, libraries, agents, and instrumentation to collect metrics, logs, and traces. It’s a powerful tool for gaining insight into distributed systems and performance bottlenecks. In this article, we’ll walk through what OpenTelemetry is, why you should use it, and how to set it up step-by-step. Why OpenTelemetry? Unified Observability: One standard for logs, metrics, and traces. Vendor-Neutral: Export data to systems like Prometheus, Jaeger, or commercial APMs. Extensible: Support for multiple languages and platforms. Step-by-Step Guide Step 1: Install the Collector Use the OpenTelemetry Collector to receive, process, and export telemetry data. ...

Introduction Jaeger is an open-source end-to-end distributed tracing tool originally developed by Uber Technologies. It is used for monitoring and troubleshooting microservices-based distributed systems. This guide provides a clear overview of how to install and use Jaeger in Kubernetes with practical examples. Why Use Jaeger? Visualize service dependencies and latencies Troubleshoot performance bottlenecks Monitor request paths across microservices Support for OpenTelemetry Prerequisites A running Kubernetes cluster (e.g., Minikube, k3s, GKE, etc.) kubectl configured Helm installed 1. Install Jaeger with Helm helm repo add jaegertracing https://jaegertracing.github.io/helm-charts helm repo update helm install jaeger jaegertracing/jaeger --set query.basePath=/jaeger --set ingress.enabled=true --set ingress.hosts="{jaeger.yourdomain.com}" To expose Jaeger locally: ...