Infra

How Security Groups (stateful, per-instance) and NACLs (stateless, per-subnet) form different layers of defense in a VPC, plus the common pitfalls each surface.

Comparing the four mechanisms that connect a VPC to other VPCs, on-premises networks, and external services — Peering, Transit Gateway, Site-to-Site VPN, and PrivateLink — across topology and cost.

How Route Tables decide traffic paths inside a VPC, the role of Internet Gateway and NAT Gateway as external exits, and the actual meaning of Public/Private Subnet.

How VPC simulates a private network boundary by combining IP CIDR, Subnet, and Tenancy. Includes vendor naming map across AWS / GCP / Azure / Alibaba.

Container orchestration basics and what backend developers need to know: core objects, networking, scaling with HPA, and operational essentials.

Covers container concepts, the differences from VMs, Docker’s architecture, and the basics of Dockerfile and Docker Compose.

Core Kafka concepts (topics, partitions, consumer groups, replication) and the background behind KRaft mode, which removes the ZooKeeper dependency.