Cross-Domain Content¶
The most valuable content on this wiki spans multiple domains. Real incidents don't respect domain boundaries — a DNS problem might be a TLS problem, which might be a Kubernetes problem.
Cross-Domain Incident Case Studies¶
20 complex incidents that each span exactly 3 domains. Each starts with a misleading symptom in one domain, requires investigation in a second, and needs remediation in a third.
| # | Incident | Domains | Level |
|---|---|---|---|
| 1 | DNS + TLS + Cert-Manager | Networking → Security → K8s | L2 |
| 2 | Grafana Empty + Prometheus + NetworkPolicy | Observability → K8s → Networking | L2 |
| 3 | SSH Timeout + MTU + Terraform | Linux → Networking → DevOps | L2 |
| 4 | Pod OOMKilled + Sidecar + Helm | K8s → Observability → DevOps | L2 |
| 5 | HPA Flapping + Clock Skew + NTP | K8s → Linux → Networking | L2 |
| 6 | Alert Storm + Flapping Healthchecks | Observability → Networking → K8s | L2 |
| 7 | Disk Full + Runaway Logs + Loki | Linux → Observability → K8s | L2 |
| 8 | Service Mesh 503 + Envoy + RBAC | Networking → K8s → Security | L3 |
| 9 | Deployment Stuck + ImagePull + Vault | K8s → Security → DevOps | L2 |
| 10 | Terraform State Lock + DynamoDB | DevOps → Cloud → Security | L2 |
| 11 | CI Pipeline + Docker Cache + Registry | DevOps → K8s → Networking | L2 |
| 12 | Node NotReady + NIC Firmware + Ansible | K8s → Datacenter → DevOps | L2 |
| 13 | Backup Job + iSCSI + VLAN | Linux → Networking → Datacenter | L2 |
| 14 | Database Replication Lag + RAID | Linux → Datacenter → K8s | L2 |
| 15 | Container Vuln Scanner + False Positive | Security → DevOps → K8s | L2 |
| 16 | Canary Deploy + Wrong Backend + Ingress | DevOps → K8s → Networking | L2 |
| 17 | Job Queue + CPU Throttle + cgroup | K8s → Linux → Observability | L2 |
| 18 | API Latency + BGP Route Leak + ACL | Networking → Datacenter → Security | L3 |
| 19 | User Auth + OIDC + Cert + KMS | Security → Cloud → K8s | L3 |
| 20 | Ansible + SSH Agent + Firewall | DevOps → Linux → Networking | L2 |
See the full cross-domain case studies index for the complete incident matrix with domain breakdown.
Cross-Domain Lessons¶
All 115 lessons in the Lessons section are inherently cross-domain — each follows a real problem across multiple technology boundaries. Highlights:
End-to-End Traces — follow a single action through every layer:
- What Happens When You Click a Link — DNS → ARP → TCP → TLS → HTTP → load balancing → app
- What Happens When You
kubectl apply— YAML → API server → etcd → scheduler → kubelet → pod - What Happens When You
git pushto CI — Git hooks → webhook → CI runner → build → test → deploy
Incident-Driven — start broken, investigate across domains:
- The Cascading Timeout — Circuit breakers, retry storms, backpressure, bulkheads
- The Split-Brain Nightmare — Distributed consensus, quorum, CAP theorem
- The Monitoring That Lied — Metric lag, counter resets, percentile math