[{"title":"How a Stateless Service (ECS) Accesses a Private DB","url":"/en/qna/2026-05-02-ecs-private-db-sg/","description":"How to configure Security Groups so that a stateless service like ECS Fargate can reach RDS in a Private Subnet","tags":["aws","ecs","rds","security-group","networking"],"section":"qna","date":"2026-05-02"},{"title":"iptables vs Security Group","url":"/en/qna/2026-05-02-iptables-vs-sg/","description":"iptables vs AWS Security Group - layer of operation, stateful tracking, rule evaluation, and practical selection criteria","tags":["aws","security-group","iptables","linux","networking"],"section":"qna","date":"2026-05-02"},{"title":"On-Premises Security Appliances and Cloud Connectivity","url":"/en/notes/2026-05-02-onprem-security-to-cloud/","description":"Overview of security appliance configurations in typical on-prem office environments and how to connect them securely to AWS","tags":["security","onprem","cloud","vpn","firewall","networking"],"section":"notes","date":"2026-05-02"},{"title":"PlayBall — Baseball Ticket Booking Platform","url":"/en/project/playball/","description":"Ticketing platform infrastructure built to handle bot attacks and high-traffic spikes","tags":["kubernetes","terraform","aws","devops","infrastructure"],"section":"project","date":"2026-05-01"},{"title":"Protocol Deep Dive — Network Protocol Layer-by-Layer Analysis","url":"/en/project/protocol-deep-dive/","description":"A learning project implementing L3/L4/L7 network protocols in Go and benchmarking the differences","tags":["network","protocol","go","tcp","udp","http2","grpc"],"section":"project","date":"2026-05-01"},{"title":"Environment-Specific Monitoring Dashboard Separation","url":"/en/troubleshooting/2026-04-20-monitoring-dashboard-env-split/","description":"No data in monitoring dashboards due to infrastructure differences between Dev (kubeadm) and Staging (EKS) — resolved with per-environment dashboard separation and exclude configuration","tags":["troubleshooting","monitoring","grafana","prometheus","cloudwatch","helm"],"section":"troubleshooting","date":"2026-04-20"},{"title":"Monitoring Data S3 Object Storage Architecture","url":"/en/troubleshooting/2026-04-20-monitoring-s3-object-storage/","description":"Redesigned Loki, Tempo, and Thanos to store monitoring data in S3 object storage instead of PVCs, resolving AZ-binding issues on Spot instances","tags":["troubleshooting","monitoring","loki","tempo","thanos","s3","prometheus"],"section":"troubleshooting","date":"2026-04-20"},{"title":"OTel Metrics Dashboard Troubleshooting","url":"/en/troubleshooting/2026-04-20-otel-dashboard-gateway/","description":"Only gateway appearing in Grafana dashboard — resolved by splitting Micrometer vs OTel metric paths and fixing missing namespace labels","tags":["troubleshooting","monitoring","opentelemetry","grafana","prometheus","spring-boot"],"section":"troubleshooting","date":"2026-04-20"},{"title":"Penetration Test — Infrastructure Vulnerability Findings and Remediation","url":"/en/notes/2026-04-15-pentest-remediation/","description":"Record of infrastructure vulnerability remediation following a 72-hour penetration test","tags":["security","pentest","kubernetes","aws","istio","terraform"],"section":"notes","date":"2026-04-15"},{"title":"CloudTrail + S3 Bucket Policy Circular Dependency","url":"/en/troubleshooting/2026-04-13-cloudtrail-s3-circular-dependency/","description":"Circular dependency between CloudTrail and S3 bucket policy during CloudTrail provisioning — resolved by pre-constructing the ARN in locals","tags":["troubleshooting","terraform","cloudtrail","s3","circular-dependency","aws"],"section":"troubleshooting","date":"2026-04-13"},{"title":"Istio ext_authz Adapter Design and Implementation","url":"/en/notes/2026-04-10-istio-authz-adapter/","description":"Real-time bot detection adapter based on Istio EnvoyFilter ext_authz — Go gRPC server integrated with AI Defense API to block ticketing bots","tags":["istio","envoy","grpc","go","security","bot-detection","ai"],"section":"notes","date":"2026-04-10"},{"title":"Route53 Record Deletion + Secrets Manager Reset","url":"/en/troubleshooting/2026-04-10-external-dns-sync-secrets/","description":"Route53 records deleted by external-dns sync policy, and Secrets Manager values overwritten on terraform apply — both resolved","tags":["troubleshooting","eks","external-dns","route53","secrets-manager","terraform"],"section":"troubleshooting","date":"2026-04-10"},{"title":"Istio Sidecar Startup Timing (holdApplicationUntilProxyStarts)","url":"/en/troubleshooting/2026-04-08-istio-sidecar-startup-timing/","description":"App container starting before Istio sidecar is ready, causing external service connection failures — resolved with holdApplicationUntilProxyStarts","tags":["troubleshooting","istio","sidecar","kubernetes","envoy"],"section":"troubleshooting","date":"2026-04-08"},{"title":"k6-operator MaxVUs Parallelism Error","url":"/en/troubleshooting/2026-04-05-k6-operator-maxvus/","description":"k6-operator incorrectly determined MaxVUs=1, causing a parallelism error — root cause was missing env vars in the Initializer Pod","tags":["troubleshooting","k6","k6-operator","load-testing","kubernetes"],"section":"troubleshooting","date":"2026-04-05"},{"title":"DiskPressure \u0026 CrashLoopBackOff Troubleshooting","url":"/en/troubleshooting/2026-04-02-disk-pressure-crashloop/","description":"Simultaneous DiskPressure on mini-gmk node and CrashLoopBackOff across multiple services — resolved","tags":["troubleshooting","kubernetes","disk-pressure","crashloopbackoff","loki","helm"],"section":"troubleshooting","date":"2026-04-02"},{"title":"WireGuard + Cilium IP Range Conflict Troubleshooting","url":"/en/troubleshooting/2026-03-29-wireguard-cilium-ip-conflict/","description":"WireGuard VPN connection failure after switching to Cilium eBPF due to IP range conflict — resolved by migrating to a non-overlapping subnet","tags":["troubleshooting","wireguard","cilium","networking","kubernetes","vpn"],"section":"troubleshooting","date":"2026-03-29"},{"title":"Java OOM Troubleshooting","url":"/en/troubleshooting/2026-03-23-java-oom/","description":"Java app ran out of memory, triggering the OOM Killer and taking down a worker node — JVM memory configuration analysis and fix","tags":["troubleshooting","java","oom","kubernetes","jvm","memory"],"section":"troubleshooting","date":"2026-03-23"},{"title":"ALB Elastic IP Auto-Assignment Issue","url":"/en/troubleshooting/2026-03-22-alb-eip-auto-assign/","description":"Confirming automatic EIP assignment to internet-facing ALB is expected AWS behavior, and cost analysis","tags":["troubleshooting","eks","alb","eip","aws","networking"],"section":"troubleshooting","date":"2026-03-22"},{"title":"NLB vs ALB","url":"/en/qna/2026-03-22-nlb-vs-alb/","description":"NLB vs ALB - OSI layer, routing, performance, CloudFront integration, and practical selection criteria","tags":["aws","alb","nlb","networking","interview"],"section":"qna","date":"2026-03-22"},{"title":"EKS Node Cluster Join Failure Checklist","url":"/en/troubleshooting/2026-03-21-eks-node-join-failure/","description":"Full checklist for diagnosing EKS node group join failures - VPC DNS, subnet tags, security groups, and eks-auth VPC Endpoint","tags":["troubleshooting","eks","node-join","vpc-endpoint","al2023","terraform"],"section":"troubleshooting","date":"2026-03-21"},{"title":"EKS Troubleshooting - Node Group Creation Failure and Missing vpc-cni Addon","url":"/en/troubleshooting/2026-03-21-eks-nodegroup-creation-failure/","description":"Node Group creation failure due to kubelet label rejection, and nodes stuck NotReady due to missing vpc-cni addon during EKS 1.34 cluster setup","tags":["troubleshooting","eks","terraform","kubelet","vpc-cni","addon"],"section":"troubleshooting","date":"2026-03-21"},{"title":"K8s Taint vs NodeSelector Troubleshooting","url":"/en/troubleshooting/2026-03-20-taint-nodeselector/","description":"Infrastructure Pods pushed to the worker node due to control-plane taint, causing resource exhaustion and app Pod Pending","tags":["troubleshooting","kubernetes","taint","nodeselector","scheduling","argocd"],"section":"troubleshooting","date":"2026-03-20"},{"title":"Kubernetes Service Selector \u0026 Endpoints Troubleshooting","url":"/en/troubleshooting/2026-03-19-service-selector-endpoints/","description":"Mismatch between Service selector labels and Pod labels prevents Endpoints registration, causing 503 errors","tags":["troubleshooting","kubernetes","service","endpoints","istio","503"],"section":"troubleshooting","date":"2026-03-19"},{"title":"Java Spring Boot Probe Troubleshooting","url":"/en/troubleshooting/2026-03-18-java-probe-crashloop/","description":"Java Spring Boot apps in Staging EKS entering CrashLoopBackOff - fixing missing context path and insufficient initialDelaySeconds","tags":["troubleshooting","eks","spring-boot","java","probe","crashloopbackoff","helm"],"section":"troubleshooting","date":"2026-03-18"},{"title":"OpenTelemetry + Istio mTLS Troubleshooting","url":"/en/troubleshooting/2026-03-18-otel-istio-mtls/","description":"OTEL Java agent fails to connect to Collector under Istio mTLS STRICT mode - resolved by adding PERMISSIVE exception for the Collector","tags":["troubleshooting","opentelemetry","istio","mtls","kubernetes","observability"],"section":"troubleshooting","date":"2026-03-18"},{"title":"Chrome QUIC/HTTP3 Intermittent 404 Troubleshooting","url":"/en/troubleshooting/2026-03-17-chrome-quic-http3-detail/","description":"Intermittent 404 errors caused by Chrome QUIC/HTTP3 protocol colliding with router UDP NAT timeout in a home server environment, resolved with Cloudflare Proxy","tags":["troubleshooting","chrome","quic","http3","cloudflare","networking","istio","ddns"],"section":"troubleshooting","date":"2026-03-17"},{"title":"Resolving Swagger 403, ArgoCD Dashboard, and CORS Issues","url":"/en/troubleshooting/2026-03-11-swagger-argocd-cors/","description":"Fixed multiple issues: Swagger 403 redirect, CORS errors causing frontend blank page, auth path mismatch, and ArgoCD dashboard improvements","tags":["troubleshooting","swagger","argocd","cors","istio","envoyfilter","helm","grafana"],"section":"troubleshooting","date":"2026-03-11"}]