OpenShift day-two operations for application teams
Upgrades, monitoring, logging, quotas, backup mindset, and when to escalate to the platform team — the work that starts after the first deploy succeeds.
51 posts on this topic.
Upgrades, monitoring, logging, quotas, backup mindset, and when to escalate to the platform team — the work that starts after the first deploy succeeds.
Argo CD on OCP, the OpenShift GitOps operator, app-of-apps cautions, sync versus platform guardrails, and drift on managed clusters — without pretending Git is the whole story.
What ImageStreams are for, how BuildConfigs produce tags, S2I vs Dockerfile builds, and when to skip in-cluster builds and pull from an external registry instead.
The oc commands worth learning first on OpenShift: login and projects, how oc relates to kubectl, common platform verbs, and a calm debugging order.
How Projects relate to Namespaces, what view/edit/admin mean, ServiceAccounts, oc adm policy, and how to test permissions before they become incident surprises.
Why OpenShift uses SCCs, how restricted and anyuid differ, common Pod failures, and a practical path to debug denials without reaching for cluster-admin.
A practical guide to OpenShift Routes for people who know Services and Ingress: how Routes differ, edge TLS, hostnames, oc get route, and debugging traffic from the edge to the Pod.
A practical comparison for Kubernetes users meeting OpenShift: same core API, vendor packaging, Routes, SCCs, Projects, Operators, where skills transfer, and honest limits.
k9s is a terminal-based UI for Kubernetes that makes navigating, debugging, and managing cluster resources faster than any kubectl command you can type.
kubectl neat removes the noise from Kubernetes YAML output — no more wading through auto-generated fields, timestamps, and status blocks to find what you actually need.
kubectl node-shell gives you direct shell access to any Kubernetes node without SSH — essential for low-level debugging that pod-level access cannot reach.
Use the kubectl tree plugin to follow ownerReferences and see which Deployment owns which ReplicaSet and Pod — without spelunking YAML.
Stop typing long kubectl config commands. kubectx and kubens let you switch between clusters and namespaces instantly — a must-have for multiple environments.
KubeKosh runs a real Kubernetes cluster inside a single Docker container with a browser terminal and scenario validation. Build kubectl muscle memory locally, for free.
stern lets you stream logs from multiple pods and containers simultaneously, with color-coded output and powerful filtering — the tool kubectl logs should have been.
A stable app enters the cluster — told from the Pod's perspective: who creates me, who talks to me, who keeps me alive, and how my life ends.
A practical introduction to Helm charts, releases, and values — when Helm helps, how install upgrade and rollback work, and when plain YAML is enough.
A practical guide to startup, readiness, and liveness probes: what each one does, how to configure HTTP, TCP, and exec checks, and how they connect to Services.
The kubectl commands and flags worth learning first: get, describe, logs, contexts, apply, explain, dry-run, and a calm debugging order.
A practical map from docker-compose.yml to Deployments, Services, volumes, and env vars — plus what gets harder and how to migrate incrementally.
A practical beginner guide to StatefulSets: stable pod identity, ordered rollouts, headless Services, volumeClaimTemplates, and when Deployments are not enough.
A practical beginner guide to Kubernetes Jobs and CronJobs: when to use them instead of Deployments, how schedules and backoff work, and how to debug failed runs.
A practical guide to Ingress rules, how they differ from Services, why you need an Ingress controller, TLS basics, and how to debug empty backends.
A practical guide to running a local Kubernetes cluster with kind or minikube, connecting kubectl, deploying your first workload, and cleaning up without surprises.
A beginner-friendly guide to Kubernetes boundaries, permissions, and the security habits that prevent small mistakes from becoming cluster-wide problems.
A practical first debugging path for Pods, Deployments, Services, and the small signals Kubernetes gives before things fail loudly.
A beginner-friendly guide to how Kubernetes uses CPU and memory requests, limits, QoS classes, and scheduling events when placing Pods.
A practical beginner guide to Kubernetes storage, PersistentVolumes, PersistentVolumeClaims, StorageClasses, and the checks that make storage problems less mysterious.
A beginner-friendly guide to putting configuration in the right place, using ConfigMaps and Secrets safely, and checking what Pods actually receive.
A practical beginner guide to how Pods get stable addresses, how Services route traffic, and what Kubernetes DNS really resolves.
A practical beginner explanation of how Pods, ReplicaSets, and Deployments relate, why each exists, and how to inspect them with kubectl.
A beginner-friendly explanation of the Kubernetes Control Plane, Kubelets, Pods, Services, and more through the lens of a nationwide supermarket chain.
A beginner-friendly way to think about Kubernetes before memorising commands: desired state, controllers, scheduling, services, and debugging.
Pagers do not care about duty time limits — what aviation rest rules taught me about sustainable on-call rotations and tired humans making tired mistakes.
What I try to do first when a cluster or workload looks wrong — before random kubectl and hoping.
Zero trust in Kubernetes sounds right until you lock yourself out of DNS — how I roll out NetworkPolicy without turning Friday into a outage.
Kubernetes schedules on promises and kills on limits — why copying YAML from a tutorial is not a sizing strategy, and what I do instead.
A personal note on habits from the cockpit that still show up when a cluster misbehaves.
Rolling, Blue-Green and Canary are different ways to handle risk — not just synonyms for zero-downtime deploy.
You don't need every system green to operate safely — you need to know what's deferred, what's compensating, and when to stop.
Argo CD, drift, and the honest cases where Git as source of truth helps — or makes things worse.
When every ping is an emergency, none of them are — what aviation radio habits taught me about paging on-call engineers.
Why a staging cluster earns its keep when you treat it like recurrent training — not a cheaper copy of production you never fly.
Rolling back or stopping a release mid-flight is a trained maneuver — not an admission that the team is bad at their jobs.
Two-person review and a preflight checklist mindset for kubectl, Helm, and GitOps — borrowed from aviation, adapted for YAML.
Running a cluster at 100% utilisation is like planning a flight with zero alternate fuel — workable on paper until the weather shifts.
Notes from a Lufthansa pilot who started over in DevOps — no shortcut story, just what actually helped.
Kubernetes will send traffic to a Pod that looks "running" but isn't ready to work.
Who speaks, who listens, who decides — lessons from the cockpit for noisy war rooms.
Below ten thousand feet, pilots limit conversation to essentials — production deserves the same focus when the blast radius is real.
Procedures don't replace thinking — but they buy you time when the adrenaline kicks in.