Skip to main content
NewA Postgres-Backed MCP Server in ~20 Lines

Learn DevOps by doing,
not just reading.

647+ simulators, quizzes, and hands-on exercises for engineers who prefer a terminal over a slide deck.

Join 5,000+ DevOps engineers learning every week

kubectl --watch
$
devops-daily --stats

// featured

Interactive Simulators

Browse all simulators

// categories

Popular Categories

Explore our content by topic

// exercises

Hands-On Exercises

Practice real-world DevOps scenarios with step-by-step guidance

View all exercises

// quizzes

Test Your Knowledge

Short interactive quizzes across Docker, Kubernetes, Terraform, networking, and more

// posts

Latest Posts

Stay up to date with the latest DevOps content

DevOps

Realtime Without a WebSocket Service

Live counters, presence, notifications: the reflex is to add a websocket service to run and pay for. But if your data already lives in Postgres, it has a pub/sub built in. Here is realtime fan-out with Postgres LISTEN/NOTIFY and SSE on a Neon Function, tested with two live subscribers.

|9 min read
DevOps

A Postgres-Backed MCP Server in ~20 Lines

Most of what an MCP server does is run database queries on behalf of an AI agent. So I put one right next to the database. Here is a Postgres-backed MCP server built on Neon Functions, deployed onto a database branch, with the code, a live client test, and the repo.

|10 min read
DevOps

Stop Using Random UUIDs as Primary Keys: uuidv7() Lands in PostgreSQL 18

Random UUIDv4 primary keys quietly wreck insert speed and bloat indexes on large tables. PostgreSQL 18 ships a native time-ordered uuidv7() that keeps the upsides of UUIDs without the B-tree penalty. Here are the numbers and how to adopt it.

|10 min read
Kubernetes

hostNetwork Is Still a Footgun: What CVE-2026-32193 Teaches Every Cluster

A recent AKS advisory let an untrusted pod with hostNetwork break out to the worker node. The Azure-specific bug is patched, but the footgun that made it reachable lives on every Kubernetes cluster. Here is how the escape class works and what to actually lock down.

|11 min read
Security

Splunk Shipped an Unauthenticated Database Sidecar: CVE-2026-20253

You did not install a PostgreSQL server, but Splunk Enterprise 10 did, and in affected versions its sidecar endpoint had no authentication. The result is a pre-auth, CVSS 9.8 path to writing files on the host as the Splunk user, now on CISA's actively-exploited list. The bug is patched; the broader lesson is about every helper service your tools quietly bundle.

|7 min read
DevOps

Streaming an AI Agent Without a Function Timeout

Long agent loops and long token streams run into the same wall: a serverless function that hits its execution cap and cuts the connection. Neon Functions hold long-lived streaming connections by default. I deployed two endpoints to prove it: one streamed for 90 seconds, the other streamed an agent token by token starting at 466 ms.

|9 min read

// guides

Latest Guides

Step-by-step tutorials to boost your DevOps skills

// tools

DevOps Tools and Calculators

Free, browser-only utilities. CIDR, JWT, base64, UUID, cron, K8s sizing, YAML. No sign-up, no server.

// about

DevOps Daily is a free, independent education platform for engineers who want to learn by running things, not by reading pitch decks. Kubernetes, Docker, Terraform, CI/CD, observability, and security, through hands-on simulators, quizzes, exercises, and a weekly newsletter.

Free
$0
forever
Simulators
30+
interactive
Subscribers
5,000+
engineers
Cadence
Weekly
no spam
devops-daily --subscribe
$ echo "Weekly DevOps digest. No spam. Unsubscribe anytime."
Weekly DevOps digest. No spam. Unsubscribe anytime.
$ subscribe --email
$

5,000+ engineers subscribed