quyennv.com

Senior DevOps Engineer · Healthcare, Singapore

Hi, I'm Quyen. This blog is where I share notes on DevOps, cloud, and tech.

Recent posts

A Pattern Language for Microservices

Overview of the microservices pattern language from microservices.io: architectural style, service boundaries, collaboration, deployment, observability, and more.

Read more →

Thinking in Systems: A Primer

Key ideas from Donella Meadows' Thinking in Systems—stocks and flows, feedback loops, the systems zoo, why systems surprise us, system traps, leverage points, and living in a world of systems.

Read more →

Managed Secrets in CI/CD and Deployment

How to manage secrets in pipelines and deployments: vaults, CI/CD variables, Kubernetes; patterns and best practices for build and runtime.

Read more →

Packer for Mutable and Immutable Infrastructure

How Packer builds machine images for mutable vs immutable patterns: bake once, deploy many; replace instead of patch; example with AWS and Azure.

Read more →

Self-Hosted CI/CD Agent with AKS and Azure DevOps – Part 2

How to run a self-hosted CI/CD agent on AKS/EKS with Azure DevOps. Prepare the Kaniko repo, start script, and clean up offline agents.

Read more →

Logging Architecture: Application, Log Sidecar, and Log Daemon

Full architecture for centralized logging: app pods, log sidecar pattern, node-level log daemon (DaemonSet), with Kubernetes examples and trade-offs.

Read more →

Implementing a Rollback Strategy

Rolling back vs rolling forward for databases and deployments: when to use each, how they differ, and why backup/restore still comes first.

Read more →

Design and Deploy a CI/CD System with Azure Kubernetes and Azure DevOps – Part 1

Overview of CI/CD architecture and self-hosted agents on AKS. Compare Docker-in-Docker (DinD) with Kaniko, dockershim, and Kubernetes releases.

Read more →

Pulumi: Architecture, How It Works, and Implementation

Pulumi IaC: architecture (language host, engine, providers, state), how pulumi up works, and how to implement a project with TypeScript.

Read more →

Istio Service Mesh: Traffic, Resiliency, Observability, and Security

Introduction to Istio: data plane and control plane, traffic control (canary, dark launch, egress), service resiliency, chaos testing, observability, and security—based on Introducing Istio Service Mesh for Microservices.

Read more →

SRE Pipeline and Process: Material and Best Practices

SRE pipeline from build to operate, core processes (incident, change, release), and best practices with a clear follow-and-process flow.

Read more →

Docker: Containers, Images, and the Basics

Docker architecture (client, daemon, containerd, runc), image layers and union filesystem, plus Dockerfile, commands, and Compose.

Read more →

Kubernetes (K8S): Architecture, Pods, Deployments, and Security

Kubernetes architecture (control plane and data plane), core concepts, kubectl, and security: RBAC, network policies, secrets, and pod security.

Read more →

End-to-End Monitoring and Best Practices

What to monitor, how to design SLIs/SLOs, and best practices for end-to-end monitoring—metrics, logs, traces, alerting, and user experience.

Read more →

See all posts

About this site

quyennv.com is my personal technology blog: DevOps, cloud (AWS, Azure), Kubernetes, CI/CD, and tutorials. Posts are in Markdown with code and images.

About me · All posts