When building a modern container environment using Podman, one of the most confusing topics for many engineers is deciding when to use pods, when to use networks, and how to structure services that talk to each other. After all, microservices often depend on one another — APIs talk to APIs, backend apps talk to databases, dashboards talk to internal services — and it’s not immediately clear what should go where.
Category: Architecture
Solution Architecture, related decisions
Cow vs. Bison Mindsets in Technology: Stability and Adaptability as Enduring Strategies
In engineering and operations, two fundamental approaches shape how systems and teams evolve: the cow mindset—optimized for efficiency, consistency, and reliability—and the bison mindset—built for resilience, exploration, and change. These aren’t tied to any tool, trend, or era. They reflect timeless strategies for navigating certainty versus uncertainty. Core Differences Neither is “better.” Their value depends…
Containerised Application Triggering SSIS on Host: Insights and Challenges
The Problem When I containerised a Node.js application (using Podman on RHEL), I faced a challenge:The app needed to trigger SSIS packages (.dtsx files) using dtexec. SSIS was installed on the host, but not inside the container. Why not install SSIS in the container? So, how do we trigger SSIS from a container without installing…
Fixing Inter-Container Communication in Podman: Solving the Silent DNS Failure
My Podman containers on a custom network couldn’t resolve each other by name — even though everything looked correct. After methodically eliminating layers (network config, DNS daemon, container state, firewall), I discovered UFW was silently blocking UDP port 53 on the new podman4 bridge interface. The fix? One ufw allow rule. Here’s how I got…
RabbitMQ vs. Kafka: A Practical Guide to Choosing Your Message Broker
Introduction When designing modern, distributed systems—especially cloud-hosted microservices—choosing the right messaging backbone is critical. Two of the most popular options are RabbitMQ and Apache Kafka. While both enable asynchronous communication, they were built for different use cases.
Architectural Option Analysis: Securing Data Flow from Shopify Webhooks to an API Behind Kong Gateway
When integrating Shopify webhooks with an internal API protected by the Kong API Gateway, one of the first—and most critical—challenges you’ll encounter is authentication. Shopify signs its webhook payloads using an HMAC-SHA256 signature, which is delivered in a custom HTTP header (x-shopify-hmac-sha256). Unfortunately, this doesn’t align neatly with standard authentication mechanisms, especially those built into…
Podman Networking Demystified: When to Use Pods, Networks, or Both
If you’ve transitioned from Docker to Podman, you’ve likely encountered a fundamental question: “How should my containers communicate?” Unlike Docker’s straightforward container-to-container networking, Podman introduces pods—a powerful concept borrowed from Kubernetes that adds both capability and complexity.