English
English posts
Kubernetes is not YAML first. It is boundary, state, and signal under pressure.
Mainline
KAI Road of Kubernetes
KAI Road of Kubernetes 01 — What a Kubernetes Pod is, and why it does not manage containers directly
Start with the core Kubernetes abstraction: what a Pod actually manages, and why Kubernetes schedules Pods instead of orchestrating containers directly.
Core idea A container is an execution unit. A Pod is an orchestration unit.
KAI Road of Kubernetes 02 — What a Deployment is, and why Pods should not be babysat manually
A Pod is not enough. A Deployment captures the desired replica count, Pod template, selector, and rollout behavior so Kubernetes can keep a workload converged.
Core idea A Pod is one landing of a workload. A Deployment is the rule that keeps the workload converged.
KAI Road of Kubernetes 03 — What a Service is, and why Pod IPs should not be your interface
Pods can be replaced by Deployments at any time. A Service gives a changing group of Pods a stable network entry point through DNS, ClusterIP, selectors, EndpointSlices, and ready backend endpoints.
Core idea Pods change and Pod IPs drift. A Service turns a group of Pods into a stable network entry point.
KAI Road of Kubernetes 04 — What Probes are, and why Running is not Ready
A Service gives a stable entry point, but Kubernetes still needs to know which Pods can safely receive traffic. This chapter separates readiness, liveness, and startup probes so a workload does not turn a slow warm-up into a restart loop.
Core idea Running only means the process is up. Ready means the Pod can safely receive traffic. Probes are the workload status signals Kubernetes acts on.
KAI Road of Kubernetes 05 — ConfigMaps and Secrets: keep settings out of the image
Probes let a workload report state, but the same application still needs different settings in different environments. This chapter separates container images, ConfigMaps, and Secrets so runtime configuration does not get baked into the image.
Core idea An image should package the program, not the environment decision. ConfigMaps and Secrets let Kubernetes inject runtime data into Pods without rebuilding the image.
Production
Production notes
Concepts
Technical concepts
GitOps review checklist before Argo CD syncs production
A compact pre-sync checklist for GitOps changes so an innocent YAML edit does not become surprising production behavior in Kubernetes.
Core idea GitOps applies intent; it does not prove the rollout math is safe.
Kubernetes deployment guardrails: probes, rollout settings, and fast triage
A compact baseline for readiness, liveness, rollout settings, and fast triage before a Kubernetes deployment turns into an outage.
Core idea Readiness routes traffic; liveness decides restart. Treat them as separate contracts.
Agent observability in production: spans, tool events, and failure memory
Basic logging is not enough for agent systems in production; you need traces, tool-level outcomes, and a short path from failure back to prompt or policy.
Core idea Basic logs are not enough; agent systems need traces, tool events, and failure memory.