Personal blog of Nghia Pham -- full-stack developer writing about Kubernetes, infrastructure, platform engineering, frontend (React, Angular, Vue), backend, databases, and software craft.https://blog.nghia-pham.com/https://blog.nghia-pham.com/blog/backstage-kubernetes-platform-engineering-practical-guide/https://blog.nghia-pham.com/blog/backstage-kubernetes-platform-engineering-practical-guide/Implement a practical Internal Developer Platform with Backstage on Kubernetes, software templates, service catalog, and golden paths for engineering teams.https://blog.nghia-pham.com/blog/argocd-advanced-patterns-app-of-apps-promotion/https://blog.nghia-pham.com/blog/argocd-advanced-patterns-app-of-apps-promotion/Implement advanced ArgoCD patterns for scalable GitOps: App of Apps, environment promotion, sync waves, and safe progressive delivery workflows.https://blog.nghia-pham.com/blog/e-is-for-etcd-kubernetes-brain/https://blog.nghia-pham.com/blog/e-is-for-etcd-kubernetes-brain/A deep dive into etcd, the distributed key-value store that powers Kubernetes. Learn about consistency, high availability, and backup strategies.https://blog.nghia-pham.com/blog/b-is-for-best-practices-security-reliability/https://blog.nghia-pham.com/blog/b-is-for-best-practices-security-reliability/The second post in our Kubernetes A-to-Z series covering essential best practices for security, reliability, and resource management.https://blog.nghia-pham.com/blog/a-is-for-authentication-rbac-securing-cluster/https://blog.nghia-pham.com/blog/a-is-for-authentication-rbac-securing-cluster/The sixteenth post in our Kubernetes A-to-Z series covering authentication mechanisms, Role-Based Access Control, security contexts, and cluster security best practices.https://blog.nghia-pham.com/blog/d-is-for-deployments-application-lifecycle/https://blog.nghia-pham.com/blog/d-is-for-deployments-application-lifecycle/The fourth post in our Kubernetes A-to-Z series covering Deployments, rolling updates, rollbacks, and application lifecycle management strategies.https://blog.nghia-pham.com/blog/c-is-for-containers-docker-fundamentals/https://blog.nghia-pham.com/blog/c-is-for-containers-docker-fundamentals/The second post in our Kubernetes A-to-Z series covering container fundamentals, Docker basics, and essential concepts needed before learning Kubernetes.https://blog.nghia-pham.com/blog/f-is-for-federation-multi-cluster-management/https://blog.nghia-pham.com/blog/f-is-for-federation-multi-cluster-management/The seventeenth post in our Kubernetes A-to-Z series covering multi-cluster architectures, federation patterns, service mesh, disaster recovery, and cross-cluster communication.https://blog.nghia-pham.com/blog/g-is-for-gitops-modern-deployment-argocd-fluxcd/https://blog.nghia-pham.com/blog/g-is-for-gitops-modern-deployment-argocd-fluxcd/A comprehensive guide to GitOps principles and practices, comparing ArgoCD and FluxCD with practical examples, deployment strategies, and production best practices.https://blog.nghia-pham.com/blog/building-internal-developer-platforms-kubernetes/https://blog.nghia-pham.com/blog/building-internal-developer-platforms-kubernetes/Learn how to build an Internal Developer Platform (IDP) on Kubernetes with Backstage, self-service capabilities, golden paths, and platform engineering best practices.https://blog.nghia-pham.com/blog/i-is-for-ingress-managing-external-access/https://blog.nghia-pham.com/blog/i-is-for-ingress-managing-external-access/The tenth post in our Kubernetes A-to-Z series covering Ingress controllers, routing rules, TLS termination, and advanced traffic management patterns.https://blog.nghia-pham.com/blog/k-is-for-kubernetes-basics-and-architecture/https://blog.nghia-pham.com/blog/k-is-for-kubernetes-basics-and-architecture/The first post in our Kubernetes A-to-Z series covering Kubernetes fundamentals, architecture, components, and basic cluster setup.https://blog.nghia-pham.com/blog/j-is-for-jobs-cronjobs-batch-processing/https://blog.nghia-pham.com/blog/j-is-for-jobs-cronjobs-batch-processing/Learn how to run one-off tasks and scheduled batch jobs in Kubernetes using Jobs and CronJobs resources.https://blog.nghia-pham.com/blog/kafka-partitions-deep-dive-iot-architecture/https://blog.nghia-pham.com/blog/kafka-partitions-deep-dive-iot-architecture/Design Kafka topic and partition strategy for IoT workloads with practical guidance on throughput, ordering, consumer scaling, and operational limits.https://blog.nghia-pham.com/blog/kubernetes-backup-disaster-recovery-velero-etcd/https://blog.nghia-pham.com/blog/kubernetes-backup-disaster-recovery-velero-etcd/Design a practical backup and disaster recovery strategy for Kubernetes with etcd snapshots, Velero, restore drills, and RTO/RPO planning.https://blog.nghia-pham.com/blog/h-is-for-helm-package-management-kubernetes/https://blog.nghia-pham.com/blog/h-is-for-helm-package-management-kubernetes/The eleventh post in our Kubernetes A-to-Z series covering Helm charts, repositories, templating, values, and application lifecycle management.https://blog.nghia-pham.com/blog/kubernetes-multi-tenancy-namespace-rbac-quota/https://blog.nghia-pham.com/blog/kubernetes-multi-tenancy-namespace-rbac-quota/Design a practical multi-tenant Kubernetes model with namespace boundaries, RBAC, network isolation, quotas, and operational guardrails.https://blog.nghia-pham.com/blog/kubernetes-cost-optimization-production/https://blog.nghia-pham.com/blog/kubernetes-cost-optimization-production/A practical guide to reducing Kubernetes infrastructure spend with right-sizing, autoscaling, scheduling strategy, and workload-level optimization.https://blog.nghia-pham.com/blog/kubernetes-security-hardening-checklist-production/https://blog.nghia-pham.com/blog/kubernetes-security-hardening-checklist-production/A practical security hardening checklist for production Kubernetes clusters, covering identity, network, workloads, supply chain, and runtime controls.https://blog.nghia-pham.com/blog/kubernetes-series-plan/https://blog.nghia-pham.com/blog/kubernetes-series-plan/A comprehensive 24-part blog series covering Kubernetes from beginner to advanced level, with practical examples and real-world scenarios.https://blog.nghia-pham.com/blog/kubernetes-vs-docker-swarm-complete-guide/https://blog.nghia-pham.com/blog/kubernetes-vs-docker-swarm-complete-guide/A comprehensive comparison of Kubernetes and Docker Swarm container orchestration platforms, including detailed command cheatsheets, architecture differences, and practical examples.https://blog.nghia-pham.com/blog/m-is-for-configmaps-secrets-managing-configuration/https://blog.nghia-pham.com/blog/m-is-for-configmaps-secrets-managing-configuration/The ninth post in our Kubernetes A-to-Z series covering ConfigMaps, Secrets, configuration management patterns, and environment-specific deployments.https://blog.nghia-pham.com/blog/l-is-for-logging-monitoring-observability/https://blog.nghia-pham.com/blog/l-is-for-logging-monitoring-observability/The thirteenth post in our Kubernetes A-to-Z series covering logging architectures, Prometheus metrics, distributed tracing, and observability best practices.https://blog.nghia-pham.com/blog/o-is-for-operators-extending-kubernetes/https://blog.nghia-pham.com/blog/o-is-for-operators-extending-kubernetes/The twelfth post in our Kubernetes A-to-Z series covering Operators, Custom Resource Definitions (CRDs), controller patterns, and extending Kubernetes.https://blog.nghia-pham.com/blog/n-is-for-namespaces-organizing-cluster/https://blog.nghia-pham.com/blog/n-is-for-namespaces-organizing-cluster/The seventh post in our Kubernetes A-to-Z series covering Namespaces, multi-tenancy, resource quotas, and cluster organization strategies.https://blog.nghia-pham.com/blog/p-is-for-pods-basic-building-blocks/https://blog.nghia-pham.com/blog/p-is-for-pods-basic-building-blocks/The third post in our Kubernetes A-to-Z series covering pods, their lifecycle, networking, storage, and multi-container patterns.https://blog.nghia-pham.com/blog/observability-stack-kubernetes-prometheus-otel-loki/https://blog.nghia-pham.com/blog/observability-stack-kubernetes-prometheus-otel-loki/Build a practical Kubernetes observability stack using metrics, logs, and traces with Prometheus, OpenTelemetry, Loki, and actionable SLO-driven alerting.https://blog.nghia-pham.com/blog/postgresql-index-deep-dive-why-indexes-are-larger-than-you-think/https://blog.nghia-pham.com/blog/postgresql-index-deep-dive-why-indexes-are-larger-than-you-think/Understand why PostgreSQL indexes can grow quickly in production and how to control index bloat with better schema design, maintenance, and query patterns.https://blog.nghia-pham.com/blog/q-is-for-quality-assurance-testing-kubernetes/https://blog.nghia-pham.com/blog/q-is-for-quality-assurance-testing-kubernetes/The fifteenth post in our Kubernetes A-to-Z series covering testing strategies, chaos engineering, CI/CD integration, and quality assurance best practices.https://blog.nghia-pham.com/blog/r-is-for-replicasets-high-availability/https://blog.nghia-pham.com/blog/r-is-for-replicasets-high-availability/The sixth post in our Kubernetes A-to-Z series covering ReplicaSets, scaling strategies, pod disruption budgets, and high availability patterns.https://blog.nghia-pham.com/blog/stateful-workloads-kubernetes-postgresql-kafka-operators/https://blog.nghia-pham.com/blog/stateful-workloads-kubernetes-postgresql-kafka-operators/Run stateful workloads safely on Kubernetes with operator-based patterns for PostgreSQL and Kafka, including storage, scaling, backup, and failure recovery.https://blog.nghia-pham.com/blog/service-mesh-comparison-istio-linkerd-consul/https://blog.nghia-pham.com/blog/service-mesh-comparison-istio-linkerd-consul/A comprehensive comparison of service mesh platforms including architecture, features, performance benchmarks, and practical implementation guides for Istio, Linkerd, and Consul Connect.https://blog.nghia-pham.com/blog/s-is-for-services-networking-service-discovery/https://blog.nghia-pham.com/blog/s-is-for-services-networking-service-discovery/The fifth post in our Kubernetes A-to-Z series covering Services, networking patterns, service discovery, and load balancing in Kubernetes.https://blog.nghia-pham.com/blog/t-is-for-troubleshooting-common-issues-solutions/https://blog.nghia-pham.com/blog/t-is-for-troubleshooting-common-issues-solutions/The fourteenth post in our Kubernetes A-to-Z series covering debugging techniques, common issues, diagnostic commands, and systematic troubleshooting approaches.https://blog.nghia-pham.com/blog/u-is-for-upgrades-cluster-lifecycle/https://blog.nghia-pham.com/blog/u-is-for-upgrades-cluster-lifecycle/Master the art of Kubernetes upgrades. Learn about version skew policies, node draining, and strategies for zero-downtime cluster maintenance.https://blog.nghia-pham.com/blog/v-is-for-volumes-persistent-storage-kubernetes/https://blog.nghia-pham.com/blog/v-is-for-volumes-persistent-storage-kubernetes/The eighth post in our Kubernetes A-to-Z series covering Volumes, PersistentVolumes, PersistentVolumeClaims, storage classes, and stateful application patterns.https://blog.nghia-pham.com/blog/y-is-for-yaml-kubernetes-language/https://blog.nghia-pham.com/blog/y-is-for-yaml-kubernetes-language/Love it or hate it, YAML is the language of Kubernetes. Learn syntax tips, common pitfalls, and tools to validate your manifests.https://blog.nghia-pham.com/blog/z-is-for-zero-downtime-deployments-advanced-strategies/https://blog.nghia-pham.com/blog/z-is-for-zero-downtime-deployments-advanced-strategies/The final post in our Kubernetes A-to-Z series covering advanced deployment strategies, GitOps, progressive delivery, canary deployments, and production-ready patterns.https://blog.nghia-pham.com/blog/kibana-cho-developer-filter-log-saved-search-dashboard-rest-api/https://blog.nghia-pham.com/blog/kibana-cho-developer-filter-log-saved-search-dashboard-rest-api/Hướng dẫn toàn diện sử dụng Kibana cho lập trình viên backend: filter error log bằng KQL, tránh pitfall với ES|QL, tạo Saved Search và Dashboard qua GUI, tương tác Kibana qua REST API và quản lý API key an toàn.Wed, 15 Apr 2026 00:00:00 GMThttps://blog.nghia-pham.com/blog/kibana-series-plan/https://blog.nghia-pham.com/blog/kibana-series-plan/Roadmap series 28 bài học Kibana từ cơ bản đến production — cover Discover, KQL/ES|QL, Lens, Dashboard, Alerts, RBAC, ILM, automation và troubleshooting cho developer backend.Wed, 15 Apr 2026 00:00:00 GMThttps://blog.nghia-pham.com/blog/canvas-dung-report-co-branded-cho-stakeholder/https://blog.nghia-pham.com/blog/canvas-dung-report-co-branded-cho-stakeholder/Dùng Canvas của Kibana để dựng infographic pixel-precise có brand công ty: khác Dashboard thế nào, expression language pipeline, data source ESSQL, dynamic image/color theo value, và export PDF multi-page giao CEO/CFO — dành cho developer backend và platform team.Thu, 16 Apr 2026 00:00:00 GMThttps://blog.nghia-pham.com/blog/discover-nang-cao-runtime-fields-filter-phuc-tap-highlighting/https://blog.nghia-pham.com/blog/discover-nang-cao-runtime-fields-filter-phuc-tap-highlighting/Nâng Discover từ mức cơ bản lên power-user: tạo Runtime field không cần reindex, filter nested object và regex, bật highlighting để scan log nhanh, phân biệt Saved Query với Saved Search, inspect request để debug query và tối ưu performance.Thu, 16 Apr 2026 00:00:00 GMThttps://blog.nghia-pham.com/blog/kql-va-esql-so-sanh-hai-ngon-ngu-query-kibana/https://blog.nghia-pham.com/blog/kql-va-esql-so-sanh-hai-ngon-ngu-query-kibana/Phân biệt KQL và ES|QL trong Kibana 8.x: triết lý khác nhau, cú pháp đối chiếu, pitfall phổ biến, và quy tắc tay chọn ngôn ngữ nào cho filter, aggregation, alert và dashboard — dành cho developer backend và DevOps.Thu, 16 Apr 2026 00:00:00 GMThttps://blog.nghia-pham.com/blog/lens-tu-drag-drop-toi-cong-thuc-phuc-tap/https://blog.nghia-pham.com/blog/lens-tu-drag-drop-toi-cong-thuc-phuc-tap/Dựng visualization trong Kibana 8.x bằng Lens: drag-drop chart cơ bản, Formula mode với function và time shift, annotation layer cho deploy marker, reference line cho SLO, pitfall về cardinality và time interval — dành cho developer backend muốn tự làm dashboard production-grade.Thu, 16 Apr 2026 00:00:00 GMT