
OpenShift day-two operations for application teams
Upgrades, monitoring, logging, quotas, backup mindset, and when to escalate to the platform team — the work that starts after the first deploy succeeds.
Technical notes and things I'm still learning. Not a tutorial site — more like a lab notebook.
Expand a series for reading order. kubectl & tools covers plugins and CLIs for daily cluster work.
Search, filter by topic, or browse with previews.

Upgrades, monitoring, logging, quotas, backup mindset, and when to escalate to the platform team — the work that starts after the first deploy succeeds.

Argo CD on OCP, the OpenShift GitOps operator, app-of-apps cautions, sync versus platform guardrails, and drift on managed clusters — without pretending Git is the whole story.

What ImageStreams are for, how BuildConfigs produce tags, S2I vs Dockerfile builds, and when to skip in-cluster builds and pull from an external registry instead.

The oc commands worth learning first on OpenShift: login and projects, how oc relates to kubectl, common platform verbs, and a calm debugging order.

How Projects relate to Namespaces, what view/edit/admin mean, ServiceAccounts, oc adm policy, and how to test permissions before they become incident surprises.

Why OpenShift uses SCCs, how restricted and anyuid differ, common Pod failures, and a practical path to debug denials without reaching for cluster-admin.

A practical guide to OpenShift Routes for people who know Services and Ingress: how Routes differ, edge TLS, hostnames, oc get route, and debugging traffic from the edge to the Pod.

A practical comparison for Kubernetes users meeting OpenShift: same core API, vendor packaging, Routes, SCCs, Projects, Operators, where skills transfer, and honest limits.

k9s is a terminal-based UI for Kubernetes that makes navigating, debugging, and managing cluster resources faster than any kubectl command you can type.

kubectl neat removes the noise from Kubernetes YAML output — no more wading through auto-generated fields, timestamps, and status blocks to find what you actually need.

kubectl node-shell gives you direct shell access to any Kubernetes node without SSH — essential for low-level debugging that pod-level access cannot reach.

Use the kubectl tree plugin to follow ownerReferences and see which Deployment owns which ReplicaSet and Pod — without spelunking YAML.

Stop typing long kubectl config commands. kubectx and kubens let you switch between clusters and namespaces instantly — a must-have for multiple environments.

KubeKosh runs a real Kubernetes cluster inside a single Docker container with a browser terminal and scenario validation. Build kubectl muscle memory locally, for free.

stern lets you stream logs from multiple pods and containers simultaneously, with color-coded output and powerful filtering — the tool kubectl logs should have been.

A stable app enters the cluster — told from the Pod's perspective: who creates me, who talks to me, who keeps me alive, and how my life ends.

A practical introduction to Helm charts, releases, and values — when Helm helps, how install upgrade and rollback work, and when plain YAML is enough.

A practical guide to startup, readiness, and liveness probes: what each one does, how to configure HTTP, TCP, and exec checks, and how they connect to Services.

The kubectl commands and flags worth learning first: get, describe, logs, contexts, apply, explain, dry-run, and a calm debugging order.

A practical map from docker-compose.yml to Deployments, Services, volumes, and env vars — plus what gets harder and how to migrate incrementally.

A practical beginner guide to StatefulSets: stable pod identity, ordered rollouts, headless Services, volumeClaimTemplates, and when Deployments are not enough.

A practical beginner guide to Kubernetes Jobs and CronJobs: when to use them instead of Deployments, how schedules and backoff work, and how to debug failed runs.

A practical guide to Ingress rules, how they differ from Services, why you need an Ingress controller, TLS basics, and how to debug empty backends.

A practical guide to running a local Kubernetes cluster with kind or minikube, connecting kubectl, deploying your first workload, and cleaning up without surprises.

A beginner-friendly guide to Kubernetes boundaries, permissions, and the security habits that prevent small mistakes from becoming cluster-wide problems.

A practical first debugging path for Pods, Deployments, Services, and the small signals Kubernetes gives before things fail loudly.

A beginner-friendly guide to how Kubernetes uses CPU and memory requests, limits, QoS classes, and scheduling events when placing Pods.

A practical beginner guide to Kubernetes storage, PersistentVolumes, PersistentVolumeClaims, StorageClasses, and the checks that make storage problems less mysterious.

A beginner-friendly guide to putting configuration in the right place, using ConfigMaps and Secrets safely, and checking what Pods actually receive.

A practical beginner guide to how Pods get stable addresses, how Services route traffic, and what Kubernetes DNS really resolves.

A practical beginner explanation of how Pods, ReplicaSets, and Deployments relate, why each exists, and how to inspect them with kubectl.

A beginner-friendly explanation of the Kubernetes Control Plane, Kubelets, Pods, Services, and more through the lens of a nationwide supermarket chain.

A beginner-friendly way to think about Kubernetes before memorising commands: desired state, controllers, scheduling, services, and debugging.

Pagers do not care about duty time limits — what aviation rest rules taught me about sustainable on-call rotations and tired humans making tired mistakes.

What I try to do first when a cluster or workload looks wrong — before random kubectl and hoping.

Zero trust in Kubernetes sounds right until you lock yourself out of DNS — how I roll out NetworkPolicy without turning Friday into a outage.

Kubernetes schedules on promises and kills on limits — why copying YAML from a tutorial is not a sizing strategy, and what I do instead.

A personal note on habits from the cockpit that still show up when a cluster misbehaves.

Rolling, Blue-Green and Canary are different ways to handle risk — not just synonyms for zero-downtime deploy.

You don't need every system green to operate safely — you need to know what's deferred, what's compensating, and when to stop.

Argo CD, drift, and the honest cases where Git as source of truth helps — or makes things worse.

When every ping is an emergency, none of them are — what aviation radio habits taught me about paging on-call engineers.

Why a staging cluster earns its keep when you treat it like recurrent training — not a cheaper copy of production you never fly.

Rolling back or stopping a release mid-flight is a trained maneuver — not an admission that the team is bad at their jobs.

Two-person review and a preflight checklist mindset for kubectl, Helm, and GitOps — borrowed from aviation, adapted for YAML.

Running a cluster at 100% utilisation is like planning a flight with zero alternate fuel — workable on paper until the weather shifts.

Notes from a Lufthansa pilot who started over in DevOps — no shortcut story, just what actually helped.

Kubernetes will send traffic to a Pod that looks "running" but isn't ready to work.

Who speaks, who listens, who decides — lessons from the cockpit for noisy war rooms.

Below ten thousand feet, pilots limit conversation to essentials — production deserves the same focus when the blast radius is real.

Procedures don't replace thinking — but they buy you time when the adrenaline kicks in.