Skip to main content
Back to Tags

DevOps

266 items tagged with "devops"

Filter by type:

Best Practices19

Best Practice

CNCF Cloud-Native Definition & Principles

The CNCF’s formal definition of cloud-native computing and core principles for micro-services, containers, and dynamic orchestration.

Best Practice

Twelve-Factor App Methodology

Twelve practical guidelines for building modern, portable, cloud-ready web applications.

Best Practice

DORA Four Key Metrics

Research-backed metrics (deployment frequency, lead time, MTTR, change failure rate) for high-performing software teams.

Best Practice

CALMS DevOps Principles

Framework emphasising Culture, Automation, Lean, Measurement, and Sharing as pillars of DevOps success.

Best Practice

GitOps Principles v1

Declarative, verifiable and automated operations — using Git as the single source of truth for infra and apps.

Best Practice

Trunk-Based Development Guidelines

Branching strategy promoting short-lived branches, frequent commits to trunk, and feature flags.

Best Practice

Shift-Left Testing Manifesto

Encourages earlier testing (unit, security, performance) in the SDLC to catch defects sooner.

Best Practice

IBM Garage Methodology

End-to-end practices merging agile, DevOps, and design thinking for cloud transformation.

Best Practice

Terraform Module Design Patterns

Guidelines for writing reusable, versioned, and documented Terraform modules.

Best Practice

Immutable Infrastructure

An operations model where servers and components are never modified after deployment; changes ship as freshly built, versioned replacements rather than in-place edits.

Best Practice

Artifact Repository Management

The practice of storing, versioning, and governing build artifacts and dependencies in a dedicated repository so the same trusted binary is promoted from build to production.

Best Practice

Configuration as Code

Managing application and system configuration in version-controlled, machine-readable files instead of manual settings, making configuration reviewable, auditable, and reproducible.

Best Practice

Incident Management Best Practices

A structured process for detecting, coordinating, and resolving outages with clear roles, communication, and severity levels to restore service quickly.

Best Practice

On-Call Best Practices

Sustainable on-call practices covering rotation design, escalation, actionable alerts, runbooks, and workload limits to keep services reliable without burning out engineers.

Best Practice

Runbook Automation

Codifying operational procedures as automated, repeatable workflows so common incident responses and maintenance tasks run reliably with less manual toil.

Best Practice

Toil Reduction

Systematically identifying and eliminating repetitive, manual, automatable operational work so engineers can spend time on durable engineering instead.

Best Practice

InnerSource

InnerSource applies open source development practices inside an organization, letting teams share, contribute to, and reuse internal code through transparent, contribution-friendly repositories.

Best Practice

Platform Engineering

Platform engineering builds and runs internal self-service platforms and paved roads that let product teams ship software faster with lower cognitive load and consistent guardrails.

Best Practice

Internal Developer Platform

An Internal Developer Platform (IDP) is the self-service product built by platform teams that gives developers golden paths to provision, build, deploy, and operate software with built-in guardrails.

Anti-Patterns21

Anti-Pattern

Hardcoding

Embedding values that should be configurable, such as URLs, paths, credentials, and limits, directly in source, forcing code changes to adapt.

Anti-Pattern

Snowflake Server

A server hand-configured over time into a unique, irreproducible state that no one can recreate, document, or safely replace.

Anti-Pattern

Configuration Drift

Environments that should be identical gradually diverge as undocumented manual changes accumulate, breaking reproducibility and causing inconsistent behavior.

Anti-Pattern

Manual Deployment

Releasing software through hand-run steps and checklists instead of automation, producing slow, error-prone, irreproducible deploys that depend on individuals.

Anti-Pattern

Works on My Machine

Code that runs only in a developer's local setup because of undeclared dependencies and environment assumptions, then fails everywhere else.

Anti-Pattern

Environment Parity Gap

Development, staging, and production environments differ enough that testing in one gives little confidence about behavior in another.

Anti-Pattern

ClickOps

Provisioning and changing cloud infrastructure by hand through web consoles, producing undocumented, irreproducible, and unauditable configuration.

Anti-Pattern

No Infrastructure as Code

Running infrastructure without any code-based definition, so it cannot be versioned, reviewed, reproduced, or recovered systematically.

Anti-Pattern

Pets vs Cattle (Pet Servers)

Treating individual servers as irreplaceable pets that are named, nurtured, and manually healed, instead of disposable cattle that are replaced on failure.

Anti-Pattern

Monolithic Pipeline

A single, all-or-nothing CI/CD pipeline that builds, tests, and deploys everything together, making it slow, fragile, and hard to change safely.

Anti-Pattern

Flaky Pipeline

A CI/CD pipeline that fails intermittently for reasons unrelated to the code change, eroding trust and training teams to ignore red builds.

Anti-Pattern

No Rollback Plan

Deploying with no tested, fast way to revert, so a bad release means scrambling under pressure while the outage drags on.

Anti-Pattern

Deploy and Pray

Pushing releases to production with no automated verification, monitoring, or rollback, then hoping nothing breaks instead of knowing it works.

Anti-Pattern

No Monitoring (Flying Blind)

Running production systems with no metrics, logs, or alerts, so problems are invisible until users complain and incidents cannot be diagnosed.

Anti-Pattern

Alert Fatigue

So many low-value or noisy alerts fire that responders become desensitized and start ignoring them, including the ones that actually matter.

Anti-Pattern

Log Everything (Logging Noise)

Logging indiscriminately at high verbosity, burying useful signal in a flood of low-value messages while driving up storage cost and slowing search.

Anti-Pattern

Latest Tag in Production

Deploying container images by the mutable :latest tag, so production runs an unknown, changing version that cannot be reliably reproduced or rolled back.

Anti-Pattern

Hardcoded Secrets

Embedding API keys, passwords, or tokens directly in source code, where they leak through version control, logs, and shared binaries.

Anti-Pattern

Default Credentials

Shipping or deploying systems with vendor default usernames and passwords left unchanged, an instantly exploitable and heavily automated attack vector.

Anti-Pattern

Hero Culture

A team that depends on a few individuals heroically saving the day, rewarding firefighting over the boring, systemic work that prevents fires.

Anti-Pattern

Water-Scrum-Fall

A hybrid where agile ceremonies are bolted onto a waterfall lifecycle, with up-front planning and big-bang release bookending a thin layer of Scrum.

Tutorials38

Tutorial

Containerizing a Node.js Application

Learn to create optimized Docker containers for Node.js applications

Tutorial

Infrastructure as Code with Terraform on AWS

Define and provision AWS infrastructure using Terraform

Tutorial

CI/CD Pipeline with GitHub Actions

Set up a complete CI/CD pipeline using GitHub Actions

Tutorial

Setting Up a Monorepo with Turborepo

Create and manage a monorepo using Turborepo for efficient builds

Tutorial

Local Development with Docker Compose

Set up a complete development environment with Docker Compose

Tutorial

How to build and optimize Docker images for smaller, faster builds

Reduce Docker image size and build time with layer ordering, .dockerignore, and build cache strategies.

Tutorial

How to use multi-stage Docker builds to shrink production images

Separate build and runtime stages so compilers and dev dependencies stay out of the final image.

Tutorial

How to run a multi-container app with Docker Compose

Define an app, a database, and a cache as services in one Compose file with networks, volumes, and health checks.

Tutorial

How to deploy an application to Kubernetes with Deployment and Service

Package an image into a Kubernetes Deployment and expose it with a Service, then scale and roll out updates.

Tutorial

How to package a Kubernetes app with a Helm chart

Create a reusable Helm chart with templated manifests and values so one app deploys cleanly across environments.

Tutorial

How to configure liveness, readiness, and startup probes in Kubernetes

Add health probes so Kubernetes restarts unhealthy pods and only routes traffic to ready ones.

Tutorial

How to set up GitOps continuous delivery with Argo CD

Deploy and sync Kubernetes manifests from Git using Argo CD Applications with automated, self-healing syncs.

Tutorial

How to manage Kubernetes manifests across environments with Kustomize

Use a base plus overlays to customize Kubernetes manifests per environment without templating or duplication.

Tutorial

How to build a GitHub Actions pipeline for a web app

Create a complete GitHub Actions workflow that lints, tests, and builds an application on every push and pull request.

Tutorial

How to set up a GitLab CI/CD pipeline

Configure a .gitlab-ci.yml pipeline with stages for testing, building, and deploying using GitLab runners.

Tutorial

How to create a reusable GitHub Actions workflow

Build a callable workflow with inputs and secrets so multiple repositories share one tested CI definition.

Tutorial

How to run matrix builds in CI

Use a build matrix to test your code across multiple language versions and operating systems in parallel.

Tutorial

How to provision an AWS VPC with Terraform

Write Terraform configuration to create a VPC, subnets, and routing, then apply and destroy it safely.

Tutorial

How to write a reusable Terraform module

Package infrastructure into a Terraform module with variables and outputs so it can be reused across environments.

Tutorial

How to configure Terraform remote state with locking

Store Terraform state in a remote backend with state locking so a team can collaborate without corrupting state.

Tutorial

How to manage infrastructure with OpenTofu

Install OpenTofu and run the init, plan, and apply workflow as a drop-in, open-source alternative to Terraform.

Tutorial

How to provision cloud infrastructure with Pulumi

Define cloud resources in a general-purpose programming language using Pulumi and deploy them with up and destroy.

Tutorial

How to write an Ansible playbook to configure servers

Build an inventory and an idempotent Ansible playbook to install and configure software across multiple servers.

Tutorial

How to set up GitOps with Argo CD

Deploy applications to Kubernetes declaratively by syncing manifests from Git using Argo CD.

Tutorial

How to implement GitOps with Flux

Bootstrap Flux into a Kubernetes cluster and reconcile workloads from Git using GitRepository and Kustomization resources.

Tutorial

How to speed up CI builds with caching

Cache dependencies and build outputs in CI to cut pipeline time, with correct cache keys and invalidation.

Tutorial

How to publish a Docker image to a registry from CI

Build a Docker image in CI and push it to a container registry with proper tags and authentication.

Tutorial

How to adopt a trunk-based development workflow

Move to short-lived branches and continuous integration into a single trunk, using feature flags to ship safely.

Tutorial

How to build an environment promotion pipeline

Promote a single build artifact through dev, staging, and production with gated approvals instead of rebuilding per stage.

Tutorial

How to manage secrets securely in CI pipelines

Store, inject, and mask secrets in CI without leaking them, using scoped credentials and short-lived tokens.

Tutorial

How to generate an SBOM in your CI pipeline

Produce a software bill of materials for every build in CI and attach it as an artifact for compliance and security.

Tutorial

How to sign container images with Cosign

Sign and verify container images with Cosign keyless signing to secure your software supply chain.

Tutorial

How to set up self-hosted CI runners

Register and harden self-hosted runners to run CI jobs on your own hardware for performance and network access.

Tutorial

How to deploy Helm charts to Kubernetes from CI

Package an application as a Helm chart and deploy it to Kubernetes from a CI pipeline with per-environment values.

Tutorial

How to scan infrastructure-as-code for misconfigurations in CI

Add automated IaC security scanning to CI to catch insecure Terraform and Kubernetes configuration before it ships.

Tutorial

How to set up a CircleCI pipeline with workflows

Configure a CircleCI pipeline using jobs, workflows, and orbs to test and deploy an application.

Tutorial

How to manage versioned database migrations with Flyway

Set up Flyway, write versioned SQL migrations, and apply them repeatably across environments with validation and history tracking.

Tutorial

How to manage database migrations with Liquibase changelogs

Define schema changes in declarative Liquibase changesets, apply and roll them back, and track state across environments.

Blueprints19

Blueprint

On-Premises to Kubernetes Blueprint

Complete guide for migrating on-premises workloads to Kubernetes

Blueprint

VM to Containers Blueprint

Step-by-step guide for containerizing VM-based applications

Blueprint

Heroku to Kubernetes Blueprint

Migration from Heroku PaaS to self-managed Kubernetes

Blueprint

Jenkins to GitHub Actions Blueprint

CI/CD migration from Jenkins to GitHub Actions

Blueprint

Webpack to Vite Blueprint

Build tool migration from Webpack to Vite

Blueprint

Create React App to Vite Blueprint

Migration from Create React App to Vite

Blueprint

ESLint to Biome Blueprint

Linting migration from ESLint/Prettier to Biome

Blueprint

Physical Servers to Kubernetes Blueprint

Modernize applications running on bare-metal physical servers into containers orchestrated by Kubernetes, with phased discovery and re-platforming.

Blueprint

Jenkins to GitLab CI/CD Blueprint

Migrate Jenkins freestyle and pipeline jobs to GitLab CI/CD with pipeline-as-code, runners, and merge request pipelines.

Blueprint

Manual Deployments to Argo CD GitOps Blueprint

Replace manual kubectl and script-based deploys with Argo CD GitOps so Git is the single source of truth for Kubernetes state.

Blueprint

Manual Deployments to Flux GitOps Blueprint

Adopt Flux CD to reconcile Kubernetes clusters from Git, replacing manual deploys with declarative, pull-based GitOps and automated image updates.

Blueprint

ClickOps to Terraform Blueprint

Codify manually provisioned cloud resources into Terraform infrastructure-as-code with import, modules, remote state, and CI-driven plans.

Blueprint

Terraform to OpenTofu Blueprint

Migrate Terraform projects to OpenTofu, the open-source fork, with version pinning, state compatibility checks, and CI updates.

Blueprint

VM Monitoring to Prometheus and Grafana Blueprint

Replace legacy agent-based VM monitoring with Prometheus metrics, exporters, and Grafana dashboards using the RED and USE methodologies.

Blueprint

Ad-hoc Logging to OpenTelemetry Blueprint

Unify scattered logs, metrics, and traces under OpenTelemetry with the Collector, semantic conventions, and vendor-neutral export.

Blueprint

Self-Managed CI to Internal Developer Platform Blueprint

Evolve fragmented self-managed CI/CD into an internal developer platform with golden paths, self-service, and a service catalog.

Blueprint

Snowflake Servers to Immutable Infrastructure Blueprint

Replace hand-tuned snowflake servers with immutable infrastructure built from versioned images and replaced, never patched, in place.

Blueprint

CircleCI to GitHub Actions Blueprint

Migrate CircleCI pipelines to GitHub Actions with reusable workflows, matrix builds, OIDC cloud auth, and self-hosted runners.

Blueprint

Manual VM Configuration to Ansible Blueprint

Replace manual SSH server configuration with idempotent Ansible playbooks, roles, and inventory for repeatable configuration management.

Playbooks16

Playbook

Microservices Migration Playbook

Complete operational guide for decomposing a monolith into microservices

Playbook

DevOps Adoption Playbook

Organization-wide DevOps transformation playbook

Playbook

Kubernetes Platform Adoption Playbook

A phased program to stand up a production-grade internal Kubernetes platform and onboard application teams onto golden paths.

Playbook

Hybrid Cloud Operating Model Playbook

A phased program to run on-premises and public cloud as one operating model with consistent identity, networking, governance, and delivery.

Playbook

Container Platform Migration Playbook

A phased program to migrate workloads from VMs and Docker Compose onto a managed container platform with standardized build and deploy.

Playbook

Infrastructure as Code Adoption Playbook

A phased program to bring an ad-hoc cloud estate under infrastructure as code with modules, pipelines, and policy enforcement.

Playbook

Platform Engineering Program Playbook

A phased program to build an internal developer platform with golden paths and self-service that reduce cognitive load across product teams.

Playbook

Framework Upgrade Program Playbook

A repeatable program for keeping backend frameworks current through routine, low-risk major-version upgrades across a portfolio.

Playbook

CI/CD Modernization Playbook

A phased program to move from manual or brittle pipelines to fast, secure, pipeline-as-code delivery with automated gates.

Playbook

GitOps Adoption Playbook

A program to make Git the single source of truth for infrastructure and deployments using declarative, continuously reconciled delivery.

Playbook

Terraform and IaC Rollout Playbook

A program to introduce Terraform-based infrastructure as code across teams with reusable modules, secure state, and policy guardrails.

Playbook

Platform Engineering and Internal Developer Platform Playbook

A program to build an internal developer platform with golden paths, self-service infrastructure, and a service catalog that reduces cognitive load.

Playbook

Secrets Management Program Playbook

A program to eliminate hardcoded secrets and adopt centralized, rotated, least-privilege secret storage with dynamic and short-lived credentials.

Playbook

Container Migration Program Playbook

A program to migrate VM-based and legacy applications into containers with hardened images, registries, and orchestrated deployment.

Playbook

Cloud Cost and FinOps Program Playbook

A program to bring financial accountability to cloud spend through cost visibility, allocation, optimization, and continuous governance.

Playbook

MLOps Platform Build Playbook

A phased program to stand up an end-to-end MLOps platform covering feature stores, training pipelines, model registry, and automated deployment.

Checklists16

Checklist

Kubernetes Production Readiness Checklist

Confirm a Kubernetes cluster and its workloads are secure, observable, and resilient before serving production traffic.

Checklist

Terraform Module Review Checklist

Review a Terraform module for correctness, reusability, security, and maintainability before publishing it for shared use.

Checklist

GitOps Adoption Readiness Checklist

Verify the prerequisites for declarative, Git-driven Kubernetes delivery are in place before adopting GitOps.

Checklist

Infrastructure-as-Code Migration Readiness Checklist

Confirm you are ready to bring an existing manually managed cloud estate under infrastructure-as-code without disruption.

Checklist

Dependency Upgrade Safety Checklist

Safety checks for upgrading application dependencies, covering semver risk, testing, security, and staged rollout.

Checklist

Production Go-Live Readiness Checklist

End-to-end verification that a service is ready to serve real users in production, covering scaling, monitoring, security, and rollback.

Checklist

CI/CD Pipeline Review Checklist

A structured review of a continuous integration and delivery pipeline for correctness, speed, security, and reproducibility.

Checklist

GitOps Readiness Checklist

Verify that infrastructure and application delivery follow GitOps principles with Git as the single source of truth and automated reconciliation.

Checklist

Release & Deployment Cutover Checklist

Coordinate a controlled cutover from an old release or system to a new one, with sequencing, validation, and an explicit abort path.

Checklist

Rollback Readiness Checklist

Confirm a service can be reverted to a known-good state quickly and safely, covering artifacts, data, configuration, and traffic.

Checklist

Incident Response Readiness Checklist

Verify the people, processes, and tooling needed to detect, respond to, and learn from production incidents are in place.

Checklist

On-Call Handover Checklist

Ensure a clean transfer of on-call responsibility with full context on ongoing issues, risks, and operational state.

Checklist

Observability & SLO Review Checklist

Assess whether a service is observable enough to operate, with meaningful SLOs, golden-signal metrics, tracing, and actionable alerts.

Checklist

Infrastructure as Code Review Checklist

Review Terraform or equivalent IaC for security, modularity, state safety, and reproducibility before it provisions production.

Checklist

Disaster Recovery Readiness Checklist

Confirm an organization can recover critical services and data within defined objectives after a major failure.

Checklist

Platform Engineering & Internal Developer Platform Readiness Checklist

Assess readiness to build an internal developer platform that provides self-service, paved-path delivery for product teams.

Comparisons26

Comparison

EKS vs GKE

Amazon EKS and Google GKE are the leading managed Kubernetes services. GKE is more automated and mature; EKS offers deepest AWS integration.

Comparison

Terraform vs Pulumi

Terraform uses a declarative DSL (HCL) for infrastructure as code; Pulumi lets you define infrastructure in general-purpose languages like TypeScript, Python, or Go.

Comparison

Terraform vs CloudFormation

Terraform is a multi-cloud IaC tool; AWS CloudFormation is AWS's native infrastructure-as-code service. Terraform wins on portability; CloudFormation on AWS depth.

Comparison

OpenTofu vs Terraform

OpenTofu is the open-source fork of Terraform created after HashiCorp's BSL license change. The two are largely compatible but differ on licensing and governance.

Comparison

Docker vs Podman

Docker is the original container engine with a central daemon; Podman is a daemonless, rootless-friendly, drop-in alternative with strong Kubernetes affinity.

Comparison

Kubernetes vs Nomad

Kubernetes is the dominant, feature-rich container orchestrator; HashiCorp Nomad is a simpler, lightweight scheduler for containers and non-containerized workloads.

Comparison

Helm vs Kustomize

Helm packages Kubernetes apps as templated, versioned charts; Kustomize overlays plain YAML without templates. Helm suits distribution; Kustomize suits simple in-house config.

Comparison

ArgoCD vs Flux

Argo CD and Flux are the two leading GitOps continuous delivery tools for Kubernetes. Argo CD offers a rich UI; Flux is lightweight and Kubernetes-native by design.

Comparison

Ansible vs Terraform

Ansible is a configuration-management and automation tool; Terraform is a declarative infrastructure-provisioning tool. They overlap but solve different core problems.

Comparison

Monorepo vs Polyrepo

A monorepo stores many projects in one repository; a polyrepo splits them across many. The choice shapes code sharing, tooling, and team autonomy.

Comparison

Traefik vs NGINX

Traefik is a cloud-native reverse proxy with automatic service discovery; NGINX is a mature, high-performance web server and proxy with manual configuration.

Comparison

AWS CDK vs Terraform

The AWS CDK defines infrastructure in real programming languages that compile to CloudFormation; Terraform uses declarative HCL across many clouds. Code power versus multi-cloud reach.

Comparison

containerd vs CRI-O

containerd and CRI-O are the two main Kubernetes container runtimes. containerd is general-purpose and widely adopted; CRI-O is minimal and Kubernetes-only by design.

Comparison

Vault vs AWS Secrets Manager

HashiCorp Vault is a powerful, cloud-agnostic secrets and identity platform; AWS Secrets Manager is a managed, AWS-native secrets store. Power and portability versus simplicity.

Comparison

Crossplane vs Terraform

Crossplane manages cloud infrastructure through the Kubernetes API with continuous reconciliation; Terraform uses a standalone CLI and declarative HCL with explicit plan/apply.

Comparison

GitHub Actions vs GitLab CI/CD

Both run pipelines defined in YAML next to your code. GitHub Actions centers on a marketplace of reusable actions; GitLab CI/CD ships an integrated DevOps platform.

Comparison

GitHub Actions vs Jenkins

GitHub Actions is a managed, YAML-driven CI/CD service tied to GitHub; Jenkins is a self-hosted, plugin-rich automation server with maximum flexibility.

Comparison

CircleCI vs GitHub Actions

CircleCI is a dedicated cloud CI/CD platform known for speed and orbs; GitHub Actions is GitHub's native automation with a huge action marketplace.

Comparison

Prometheus vs Datadog

Prometheus is an open-source, self-hosted metrics and alerting system; Datadog is a hosted, all-in-one observability SaaS spanning metrics, logs, and traces.

Comparison

OpenTelemetry vs Vendor Agents

OpenTelemetry is an open, vendor-neutral standard for collecting telemetry; proprietary vendor agents are tightly integrated SDKs from a single observability provider.

Comparison

HashiCorp Vault vs Cloud Secrets Manager

Vault is a powerful, cloud-agnostic secrets and identity platform; cloud-native secrets managers are simpler, fully managed services tied to one cloud.

Comparison

npm vs pnpm

npm is Node's default package manager; pnpm is a faster, disk-efficient alternative using a content-addressable store and strict dependency isolation.

Comparison

pnpm vs Yarn

Both are alternative Node package managers. pnpm focuses on a strict, disk-efficient store; Yarn (Berry) offers Plug'n'Play and a flexible plugin architecture.

Comparison

Webpack vs Vite

Webpack is a mature, highly configurable bundler; Vite is a faster modern build tool using native ESM in dev and Rollup for production builds.

Comparison

ESLint vs Biome

ESLint is the established, plugin-rich JavaScript linter; Biome is a fast, Rust-based all-in-one linter and formatter with minimal configuration.

Comparison

Terraform vs Ansible

Terraform is a declarative infrastructure-provisioning tool; Ansible is a procedural configuration-management and automation tool. They solve different DevOps problems.

FAQs15

FAQ

What is a container?

A container is a lightweight, standalone unit that packages an application together with its dependencies, libraries, and configuration so it runs con...

FAQ

What is Kubernetes?

Kubernetes is an open-source platform for automating the deployment, scaling, and operation of containerized applications. It groups containers into l...

FAQ

What is a container image?

A container image is a read-only template that contains everything needed to run an application: code, runtime, libraries, environment variables, and ...

FAQ

What is a container registry?

A container registry is a storage and distribution system for container images, allowing them to be pushed after a build and pulled at deployment time...

FAQ

What is infrastructure as code?

Infrastructure as code (IaC) is the practice of defining and provisioning infrastructure, such as servers, networks, and databases, through machine-re...

FAQ

What is container orchestration?

Container orchestration is the automated management of the lifecycle of containers across a cluster of machines, including scheduling, scaling, networ...

FAQ

What is software supply-chain security?

Software supply-chain security protects the integrity of everything that goes into building and delivering software: source code, third-party dependen...

FAQ

What is a secret manager?

A secret manager is a dedicated service that securely stores, controls access to, and audits sensitive credentials such as API keys, database password...

FAQ

What is MLOps?

MLOps is a set of practices for reliably building, deploying, monitoring, and maintaining machine learning systems in production, applying DevOps prin...

FAQ

What is CI/CD?

CI/CD stands for Continuous Integration and Continuous Delivery (or Deployment). Continuous Integration means developers merge code into a shared bran...

FAQ

What is GitOps?

GitOps is an operational model where the desired state of infrastructure and applications is declared in a Git repository, and an automated controller...

FAQ

What is the difference between blue-green and canary deployments?

Both are strategies for releasing new versions with minimal risk. In a blue-green deployment you run two identical environments—one live (blue) and on...

FAQ

What is the difference between observability and monitoring?

Monitoring is collecting and alerting on predefined metrics and checks—it answers known questions like 'is CPU above 90%?' Observability is the broade...

FAQ

What is a feature flag?

A feature flag (or feature toggle) is a configuration switch that turns functionality on or off at runtime without deploying new code. It lets teams d...

FAQ

What is chaos engineering?

Chaos engineering is the practice of deliberately injecting failures into a system to test its resilience before real incidents expose weaknesses. Tea...

Glossaries62

Glossary

Microservices

An architectural style structuring an application as a collection of loosely coupled, independently deployable services

Glossary

CI/CD

Continuous Integration and Continuous Deployment - practices for automating code integration and delivery

Glossary

Infrastructure as Code

Managing and provisioning infrastructure through machine-readable configuration files

Glossary

Rollback

Reverting a system to a previous version after a failed deployment or migration

Glossary

CloudFormation

AWS service that provides infrastructure as code capabilities for provisioning and managing AWS resources using templates

Glossary

Disaster Recovery

A set of policies, tools, and procedures to enable the recovery of vital technology infrastructure after a natural or human-induced disaster

Glossary

Docker

A platform for developing, shipping, and running applications in containers, providing consistent environments across development and production

Glossary

Envoy

A high-performance open-source edge and service proxy designed for cloud-native applications, commonly used in service mesh architectures

Glossary

Flyway

An open-source database migration tool that uses SQL scripts to version control and apply database schema changes

Glossary

Istio

An open-source service mesh platform that provides traffic management, security, and observability for microservices architectures

Glossary

Kubernetes

An open-source container orchestration platform for automating deployment, scaling, and management of containerized applications

Glossary

Liquibase

An open-source database schema change management tool that tracks, versions, and deploys database changes

Glossary

Maintenance

Ongoing activities to keep software systems operational, including bug fixes, updates, and performance improvements

Glossary

Pulumi

An infrastructure as code platform that allows defining cloud infrastructure using general-purpose programming languages

Glossary

Restore

The process of recovering data, systems, or applications from backups after data loss, corruption, or disaster

Glossary

Terraform

An open-source infrastructure as code tool that enables defining and provisioning infrastructure across multiple cloud providers

Glossary

Backup

A copy of data or system configurations stored separately to enable recovery in case of data loss, corruption, or disaster

Glossary

Business Continuity

Planning and preparation to ensure that critical business functions can continue during and after a disaster or disruption

Glossary

Patching

The process of applying updates to software to fix bugs, address security vulnerabilities, or add minor improvements

Glossary

Support

Ongoing assistance provided to users and systems to ensure proper operation, troubleshoot issues, and maintain service levels

Glossary

Data Protection

Practices and technologies to safeguard data from unauthorized access, corruption, or loss

Glossary

Git

A distributed version control system for tracking changes in source code during software development

Glossary

Helpdesk

A resource for users to get technical support, troubleshoot issues, and receive assistance with software or systems

Glossary

MongoDB

A popular open-source document-oriented NoSQL database designed for scalability and flexibility

Glossary

Monitoring

The practice of observing and tracking system performance, health, and behavior in real-time

Glossary

Security

Measures and practices to protect systems, networks, and data from unauthorized access and threats

Glossary

Updates

Changes or improvements applied to software to fix issues, add features, or enhance security

Glossary

Platform as a Service (PaaS)

Platform as a service is a cloud model that provides a managed application platform, handling servers, runtimes, and scaling so developers focus on code rather than infrastructure.

Glossary

Autoscaling

Autoscaling is the automatic adjustment of the number of running compute instances or resources based on demand, metrics, or schedules, without manual intervention.

Glossary

Container

A container is a lightweight, isolated unit that packages an application together with its dependencies and runs as an isolated process on a shared host operating system kernel.

Glossary

Container Image

A container image is an immutable, read-only template containing an application and its dependencies, packaged as ordered filesystem layers from which running containers are created.

Glossary

Container Registry

A container registry is a service that stores, versions, and distributes container images, allowing clients to push built images and pull them for deployment.

Glossary

Pod

A pod is the smallest deployable unit in Kubernetes, consisting of one or more tightly coupled containers that share a network namespace, storage volumes, and lifecycle.

Glossary

Deployment (Kubernetes)

A Kubernetes Deployment is a controller that declaratively manages a set of identical pods, handling rollouts, rollbacks, and scaling by maintaining the desired number of replicas.

Glossary

ReplicaSet

A ReplicaSet is a Kubernetes controller that ensures a specified number of identical pod replicas are running at all times, recreating pods that fail or are deleted.

Glossary

ConfigMap

A ConfigMap is a Kubernetes object that stores non-confidential configuration data as key-value pairs, decoupling configuration from container images so applications can be configured per environment.

Glossary

Helm Chart

A Helm chart is a packaged, templated, and versioned collection of Kubernetes manifests that Helm uses to install, upgrade, and manage an application as a single releasable unit.

Glossary

Operator Pattern

The Operator pattern is a Kubernetes approach that encodes operational knowledge for a specific application into custom controllers and custom resources, automating tasks like deployment, upgrades, backup, and failover.

Glossary

Software Bill of Materials (SBOM)

A software bill of materials is a formal, machine-readable inventory of all components, libraries, and dependencies that make up a piece of software, along with their versions and relationships.

Glossary

Software Supply Chain Security

Software supply chain security is the practice of protecting every stage of building and delivering software, from dependencies and build systems to distribution, against tampering and compromise.

Glossary

Provenance

Provenance is verifiable metadata that records where a software artifact came from and how it was built — its source, build system, and inputs — so consumers can trace and trust it.

Glossary

DSSE (Dead Simple Signing Envelope)

DSSE is a standard format for wrapping a payload together with its signature so the signed content and its type are bound and tamper-evident.

Glossary

SLSA (Supply-chain Levels for Software Artifacts)

SLSA is a security framework that defines graduated levels of build integrity and provenance for software artifacts, so teams can measure and improve how trustworthy their builds are.

Glossary

Continuous Integration (CI)

A practice where developers merge code changes into a shared repository frequently, with each merge automatically built and tested to catch integration problems early.

Glossary

Continuous Delivery (CD)

A practice where software is kept in a releasable state at all times, with every change automatically built, tested, and prepared for deployment, leaving the final release as a manual decision.

Glossary

Continuous Deployment

A practice where every change that passes the automated pipeline is released to production automatically, with no manual approval step.

Glossary

GitOps

An operational model in which the desired state of infrastructure and applications is declared in a Git repository and automatically reconciled into the running environment by an agent.

Glossary

Canary Deployment

A release strategy in which a new version is rolled out to a small subset of users or servers first, so its behavior can be observed before exposing the whole user base.

Glossary

Observability

The degree to which the internal state of a system can be understood from the external data it produces, typically its metrics, logs, and traces.

Glossary

Telemetry

The automated collection and transmission of measurement data from a running system to a remote location for monitoring and analysis.

Glossary

Distributed Tracing

A technique that follows a single request as it propagates across multiple services, recording timing and context at each step to reveal the end-to-end path.

Glossary

Span

The basic unit of work in distributed tracing, representing a single named, timed operation with a start, an end, and contextual attributes.

Glossary

Metric

A numeric measurement of some aspect of a system captured over time, such as request rate, error count, or memory usage, used for monitoring and alerting.

Glossary

Structured Logging

The practice of emitting log entries as machine-readable structured data, typically key-value pairs or JSON, rather than free-form text strings.

Glossary

Service Level Objective (SLO)

A target value or range for a service level indicator over a period of time, expressing the desired level of reliability for a service.

Glossary

Service Level Indicator (SLI)

A quantitative measure of a specific aspect of a service's level of service, such as the proportion of successful requests or requests served within a latency threshold.

Glossary

Error Budget

The maximum amount of unreliability a service is allowed over a period, calculated as the difference between 100% and its service level objective.

Glossary

Toil

Manual, repetitive, automatable operational work that scales linearly with service size and provides no lasting value, a key target for reduction in site reliability engineering.

Glossary

Incident Management

The coordinated process for detecting, responding to, mitigating, and resolving unplanned disruptions to a service, then learning from them.

Glossary

Postmortem

A written, blameless analysis produced after an incident that documents what happened, the impact, the root causes, and the actions to prevent recurrence.

Glossary

On-Call

An arrangement in which designated engineers are available to respond to alerts and incidents outside normal working hours, usually on a rotating schedule.

Glossary

Mean Time to Recovery (MTTR)

The average time taken to restore a service after a failure, measured from the start of an incident to its resolution.