Zero-downtime Kubernetes rolling updates with custom readiness probes
Why the default rollingUpdate strategy silently drops traffic, and how to write probes that actually reflect your application's readiness state.
Personal notes & writeups
Infrastructure,
done properly.
Senior DevOps Engineer based in Helsinki. I write about Kubernetes internals, observability, secrets management, and low-level Linux networking. Opinions are my own.
All posts
6 entries2024-11-14
→
2024-10-02
Building a GitOps pipeline with ArgoCD, Helm and Vault secrets injection
A complete walkthrough: from bare Argo installation to syncing Helm releases with secrets pulled live from Vault — without storing anything sensitive in Git.
→
2024-08-19
Linux kernel tuning for high-throughput networking: sysctl, IRQ affinity and XDP
How to push a commodity server past 10 Gbps without buying new hardware. A deep dive into interrupt coalescing, RSS, RPS and writing your first XDP program.
→
2024-07-05
Distributed tracing with OpenTelemetry, Jaeger and Prometheus in a microservices mesh
Instrumenting a polyglot microservices environment end-to-end: from auto-instrumentation agents to custom span attributes and exemplar-linked metrics.
→
2024-05-22
eBPF-based network observability: writing your first packet filter from scratch
A bottom-up introduction to eBPF: from verifier internals and map types to attaching a TC classifier that counts per-port byte rates in real time.
→
2024-03-11
HashiCorp Vault HA cluster with Raft storage and auto-unseal via AWS KMS
Setting up a three-node Vault cluster that survives node failures, automatically unseals on restart, and never stores the unseal key anywhere you control.
→