Articles on Cloudowski DevOps Expert

7 lessons from writing AI agents for platforms

Wed, 25 Feb 2026 00:00:00 +0000

I decided to bet on AI agents and started writing them a long time ago. There are many reasons, but the main one is pure laziness. I’ve always wanted to automate things, and that’s why I became a DevOps engineer in the first place.

What is GitOps?

Thu, 05 Feb 2026 00:00:00 +0000

Is GitOps just another buzzword? We already have DevOps, DevSecOps, MLOps, and lately even LLMOps or AIOps. It’s easy to feel overwhelmed by all these terms. However, GitOps is one of those concepts that actually changes how we work for the better.

5 Challenges of Using AI for Platform Engineering

Wed, 03 Dec 2025 00:00:00 +0000

AI is transforming software development, but platform engineering presents unique challenges. While LLMs excel at writing application code, they struggle with platform management tasks. Here are the 5 key challenges and why platform engineering needs a different approach to AI.

From CI/CD to CI&CD: A Modern Deployment Strategy with GitOps

Mon, 10 Mar 2025 00:00:00 +0000

Continuous Integration and Continuous Delivery (CI/CD) has become an indispensable cornerstone of modern software development, enabling teams to automate the build, test, and deployment processes. However, the traditional CI/CD pipeline, where a single system orchestrates both building and deploying, can become a bottleneck, especially in complex, cloud-native environments. This article examines the limitations of this monolithic approach and introduces a more robust and scalable alternative: separating the CI process from the CD process and leveraging GitOps principles. We’ll delve into the benefits of this evolved strategy, including improved resource utilization, enhanced rollback capabilities, a declarative approach that aligns with modern infrastructure, and enhanced security.

How AI helped me to migrate my website

Mon, 03 Mar 2025 00:00:00 +0000

In AI, I am interested in practical applications, and I have found a very specific one.
I used it for something very important to me - migrating my website from WordPress to Hugo, and I am very pleased with how smoothly it went thanks to AI (mainly LLM).

Top 10 Tips for Kubernetes Certification

Mon, 05 Aug 2024 08:34:31 +0000

In my previous article, I wrote about Kubernetes certifications and my impressions of them. This time, I’m going to share 10 helpful tips for those who are considering taking any or all of the exams.

How to get certified in Kubernetes and is it really worth it?

Mon, 29 Jul 2024 09:45:04 +0000

Some people say certificates and exams are not necessary for those who really know their stuff. I will address it later on but I want to start with sharing my experience on Kubernetes certification after I recently passed 5 exams and got awarded with the Kubestronaut title.
I decided to share my thoughts and tips on the process to help anyone thinking of taking an official Kubernetes exam and getting a certificate.
If you’re looking for technical tips I will share them in the next article. I am also not going to describe particular exams’ content because I just can’t - I’ve explicitly promised that to the Linux Foundation by acknowledging at the beginning of each exam and I always keep my promises. Even if I did, it wouldn’t be much help as the exams are practical and require from users both theoretical knowledge and its very quick application to a live environment.

Top 10 DevOps Skills

Mon, 16 Jan 2023 08:00:00 +0000

(You can also watch the video)

DevOps is a huge area - a mix of technology and culture. So what is required to become a DevOps engineer? What skills are required?
In the following parts, I’m going to show you a clear path for DevOps engineers, architects, and experts.
I have divided the article into 3 parts:

A recipe for a bespoke on-prem Kubernetes cluster

Thu, 08 Apr 2021 11:46:00 +0000

So you want to build yourself a Kubernetes cluster? You have your reasons. Some may want to utilize the hardware they own, some may not fully trust these fancy cloud services or just simply want to have a choice and build themselves a hybrid solution. There are a couple of products available that I’ve reviewed, but you’ve decided to build a platform from scratch. And again, there are a myriad of reasons why it might be a good idea and also many that would convince you it’s not worth your precious time. In this article, I will focus on providing a list of things to consider when starting a project building a Kubernetes-based platform using only the most popular open source components.

Which Kubernetes distribution to choose for on-prem environments?

Sat, 30 Jan 2021 12:47:00 +0000

Most people think that Kubernetes was designed to bring more features and more abstraction layers to cloud environments. Well, I think the biggest benefits can be achieved in on-premise environments, because of the big gap between those environments and the ones that can be easily created in the cloud. This opens up many excellent opportunities for organizations which for some reasons choose to stay outside of the public cloud. In order to leverage Kubernetes using on-premise hardware, one of the biggest decisions that needs to be made which software platform to use for Kubernetes. According to the official listing of available Kubernetes distributions, there are dozens of options available. If you look closely at them, however, there are only a few viable ones, as many of them are either inactive or have been merged with other projects (e.g. Pivotal Kubernetes Service merged with VMware Tanzu). I expect that 3-5 of these distributions will eventually prevail in the next 2 years and they will target their own niche market segments. Let’s have a look at those that have stayed in the game and can be used as a foundation for a highly automated on-premise platform.

How to modify containers without rebuilding their image

Sat, 26 Sep 2020 11:47:00 +0000

Containers are a beautiful piece of technology that ease the development of modern applications and also the maintenance of modern environments. One thing that draws many people to them is how they reduce the time required to set up a service, or a whole environment, with everything included. It is possible mainly because there are so many container images available and ready to use. You will probably need to build your own container images with your applications, but many containers in your environment will use prebuilt images prepared by someone else. It’s especially worth considering for software that is provided by the software vendor or a trusted group of developers like it has been done in the case of “official” images published on Docker Hub. In both cases, it makes your life easier by letting someone else take care of updates, packaging new versions, and making sure it works. But what if you want to change something in those images? Maybe it’s a minor change or something bigger that is specific for your particular usage of the service. The first instinct may tell you to rebuild that image. This, however, brings some overhead - these images will have to be published, rebuilt when new upstream versions are published, and you lose most of the benefits that come with those prebuilt versions. There is an alternative to that - actually, I found four of them which I will describe below. These solutions will allow you to keep all the benefits and adjust the behaviour of running containers in a seamless way.

4 ways to manage Kubernetes resources

Sat, 14 Mar 2020 22:00:00 +0000

Kubectl is the new ssh

When I started my adventure with linux systems the first tool I had to get to know was ssh. Oh man, what a wonderful and powerful piece of software it is! You can not only log in to your servers, copy files, but also create vpns, omit firewalls with SOCKS proxy and port-forwarding rules, and many more. With Kubernetes, however, this tool is used mostly for node maintenance provided that you still need to manage them and you haven’t switched to CoreOS or another variant of the immutable node type. For any other cases, you use kubectl which is the new ssh. If you don’t use API calls directly then you probably use it in some form and you feed it with plenty of yaml files. Let’s face it - this is how managing Kubernetes environment looks like nowadays. You create those beautiful, lengthy text files with the definitions of the resources you wish to be created by Kubernetes and then magic happens and you’re the hero of the day. Unless you want to create not one but tens or hundreds of them with different configurations. And that’s when things get complicated.

Why Vault and Kubernetes is the perfect couple

Fri, 21 Feb 2020 22:00:00 +0000

The (not so) secret flaws of Kubernetes Secrets

When you’re starting learning and using Kubernetes for the first time you discover that there is this special object called Secret that is designed for storing various kinds of confidential data. However, when you find out it is very similar to ConfigMap object and is not encrypted (it can be optionally encrypted at rest) you may start wondering - is it really secure? Especially when you use the same API to interact with it and the same credentials. This, combined with a rather simple RBAC model, can create many potential risks. Most people would stick with one of three default roles for regular users - view, edit, and admin - with view as the only one that forbids viewing Secret objects. You need to be very careful when assigning roles to users or deciding to create your custom RBAC roles. But again, this is also not that easy since RBAC rules can only whitelist API requests - it is not possible to create exceptions (i.e. create blacklists) without using the external mechanism such as Open Policy Agent.

How to build CI/CD pipelines on Kubernetes

Wed, 23 Oct 2019 20:00:00 +0000

Kubernetes as a standard development platform

We started with single, often powerful, machines that hosted many applications. Soon after came virtualization, which didn’t actually change a lot from a development perspective but it did for the field of operations. So developers became mad, and that’s when the public cloud emerged to satisfy their needs instead of operations guys’. Now, this pendulum has moved once again and we have something that is beneficial for both sides - Kubernetes platform. I keep saying and will repeat it here again - I think it’s one of the best projects that have emerged in the last decade. It has completely changed the perspective of how we deliver applications and also how we manage platforms for them. This time I want to focus on the delivery process and how it can be built and what the real benefits of using Kubernetes for that purpose are.

10 most important differences between OpenShift and Kubernetes

Thu, 29 Aug 2019 20:00:00 +0000

UPDATED on 10.6.2019 (after the release of OpenShift 4.1): Added information on OpenShift 4.

UPDATED on 30.8.2019: Added information on CodeReady Containers for running single OpenShift node.

OpenShift has been often called as “Enterprise Kubernetes” by its vendor - Red Hat. In this article, I’m describing real differences between OpenShift and Kubernetes.

Jenkins on OpenShift - how to use and customize it in a cloud-native way

Wed, 31 Jul 2019 20:00:00 +0000

I can’t imagine deployment process of any modern application that wouldn’t be orchestrated by some kind of pipeline. It’s also the reason why I got into containers and Kubernetes/OpenShift in the first place - it enforces changes in your approach toward building and deploying but it makes up for with all these nice features that come with Kubernetes.

Maintaining big Kubernetes environments with factories

Sun, 21 Jul 2019 20:00:00 +0000

People are fascinated by containers, Kubernetes and cloud native approach for different reasons. It could be enhanced security, real portability, greater extensibility or more resilience. For me personally, and for organizations delivering software products for their customers, there is one reason that is far more important - it’s the speed they can gain. That leads straight to decreased Time To Market, so highly appreciated and coveted by the business people, and even more job satisfaction for guys building application and platforms for them.

Honest review of OpenShift 4

Thu, 20 Jun 2019 20:00:00 +0000

We waited over 7 months for OpenShift Container Platform 4 release. We even got version 4.1 directly because Red Hat decided not to release version 4.0. And when it was finally released we almost got a new product. It’s a result and implication of acquisition of CoreOS by Red Hat announced at the beginning of 2018. I believe that most of the new features in OpenShift 4 come from the hands of a new army of developers from CoreOS and their approach to building innovative platforms. But is it really that good? Let me go through the most interesting features and also things that are not as good as we’d expect from over 7-month development (OpenShift 3.11 was released in October 2018).

How to increase container security with proper images

Sun, 26 May 2019 20:00:00 +0000

Security is a major factor when it comes to a decision of whether to invest your precious time and resources in new technology. It’s no different for containers and Kubernetes. I’ve heard a lot of concerns around it and decided to write about the most important factors that have the biggest impact on the security of systems based on containers running on Kubernetes.
This is particularly important, as it’s often the only impediment blocking potential implementation of container-based environment and also taking away chances for speeding up innovation. That’s when I decided to help all of you who wants strengthen security of their containers images.

Three levels of highly available apps on Kubernetes

Mon, 21 Jan 2019 22:00:00 +0000

Beautiful but useless systems

Hundreds of applications, thousands of users and millions of requests - that is often a landscape of a modern IT environment. However, problems are still the same.

Shamans in organizations - who are they and why are they dangerous

Mon, 08 Oct 2018 20:00:00 +0000

Imagine for a while that your organization is like a village where there are regular residents and shamans who keep most of the knowledge for themselves. This is a story about them and why it is dangerous, how to manage it and prevent from reaching your goals and causing harm to other residents.

Why managing container images on OpenShift is better than on Kubernetes

Sat, 15 Sep 2018 20:00:00 +0000

So you’ve decided to go with Kubernetes and started building your container images. Now the question is where to push them and how to manage them properly?

Treat your pods according to their needs - three QoS classes in Kubernetes

Sun, 11 Mar 2018 22:00:00 +0000

One of the features that comes with Kubernetes is its ability to scale horizontally services running on it and use available resources more efficiently. I’ve been hearing that containers are just lightweight virtualization (which is not true) so you can put more apps on the same resources. I can agree that it’s partially true

Myths around containers. Part 3: Speed

Thu, 22 Feb 2018 22:00:00 +0000

Containers are considerably faster than virtual machines - at least that’s what most people say. But do they actually bring more speed to overall development and deployment process? Let’s find out in the third part of my article series.

Myths around containers. Part 2: Portability

Sun, 28 Jan 2018 22:00:00 +0000

Is it true that after so many years we finally have real, portable format for all applications? It seems that we’ve come very close to that goal and it’s time to find out more about portability that comes with container revolution.

Myths around containers. Part 1: Security

Sun, 07 Jan 2018 22:00:00 +0000

We had many revolutions in IT infrastructure world over past 20 years or so. Virtualization promised hardware abstraction, private cloud promised lower costs and flexibility and containers keep adding more to that pile creating a vision of perfect world.

10 reasons why Kubernetes has won

Sat, 16 Dec 2017 22:00:00 +0000

We’ve been falling for the containers hype for the past few months and Kubernetes has emerged as a leader among container orchestrator to help build solutions on a bigger scale than your own laptop. Here are 10 reason why it’s won the war and become first choice for container orchestrator.