DevOps for Backend Engineers
Docker basics, Kubernetes essentials, the CI/CD pipeline that catches bugs early.
Containers & Docker
A container packages your app and all its dependencies into an isolated, reproducible unit. "Works on my machine" → "Works everywhere."
Dockerfile essentials:
FROM node:20-alpine # base image (use alpine for smaller size)
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production # install before copying code (layer caching)
COPY . .
RUN npm run build
EXPOSE 3000
USER node # run as non-root
CMD ["node", "dist/index.js"]Key practices:
• Multi-stage builds (build in large image, copy artifacts to small image)
• .dockerignore (exclude node_modules, .git, tests)
• Non-root user
• Health check instruction
• Pin image versions (node:20.11-alpine not node:latest)
Kubernetes Fundamentals
Kubernetes (K8s) orchestrates containers at scale.
Key objects:
Pod — smallest deployable unit. One or more containers.
Deployment — manages pods. Handles rolling updates, replicas.
Service — stable network endpoint in front of pods.
Ingress — HTTP routing rules, TLS termination.
ConfigMap — non-sensitive config.
Secret — sensitive config (base64-encoded, RBAC-controlled).
HorizontalPodAutoscaler — auto-scales based on CPU/memory/custom metrics.
Deployment strategy:
Rolling update: replace pods gradually. Zero downtime. (Set maxUnavailable: 0, maxSurge: 1)
Blue/Green: two identical environments. Switch traffic at once. Instant rollback.
Canary: send 5% of traffic to new version. Validate. Gradually increase.
Requests & Limits: set CPU and memory requests (guaranteed) and limits (max). Without them, one app can starve others.
CI/CD Pipeline
CI (Continuous Integration) — on every push:
1. Install dependencies
2. Run linting and type checking
3. Run unit tests
4. Run integration tests
5. Build Docker image
6. Push image to registry
CD (Continuous Delivery/Deployment) — on merge to main:
1. Run all CI checks
2. Apply database migrations
3. Deploy to staging
4. Run smoke tests against staging
5. Deploy to production (automatic or with manual approval)
6. Monitor error rates for 10 minutes post-deploy
7. Auto-rollback if error rate spikes
Tools: GitHub Actions, GitLab CI, CircleCI, ArgoCD (GitOps).
Secrets in CI: Use GitHub Actions secrets, Vault, or AWS parameter store. Never echo secrets in logs.
The Backend from First Principles series is based on what I learnt from Sriniously's YouTube playlist — a thoughtful, framework-agnostic walk through backend engineering. If this material helped you, please go check the original out: youtube.com/@Sriniously. The notes here are my own restatement for revisiting later.