2026-02-07 12:05:25
tags: aws, terraform, docker, devops
Quick question: How many Docker images are in your ECR registry right now?
If you've been pushing images from CI/CD for the past year, the answer is probably hundreds or thousands.
Here's the problem:
ECR storage: $0.10/GB-month
Your images: 500 images × 500MB avg = 250GB
Monthly cost: $25
Annual cost: $300
And it grows every single day.
You're literally paying for every failed build, every test branch, every "quick-fix" from 6 months ago.
Most teams only use the last 5-10 images. The rest? Dead weight costing you money.
Let me show you how to automatically clean up old images with Terraform and recover 70-90% of that storage cost.
ECR pricing is simple: $0.10/GB per month
But Docker images add up fast:
Typical Node.js app:
And that's just one application.
What you actually need:
You're paying 30x more than necessary.
ECR has built-in lifecycle policies that auto-delete images based on:
One Terraform resource. Set it once. Forget it forever.
# ecr-lifecycle.tf
resource "aws_ecr_repository" "app" {
name = "my-app"
image_tag_mutability = "MUTABLE"
image_scanning_configuration {
scan_on_push = true
}
tags = {
Name = "my-app"
}
}
resource "aws_ecr_lifecycle_policy" "app" {
repository = aws_ecr_repository.app.name
policy = jsonencode({
rules = [
{
rulePriority = 1
description = "Keep last 10 images"
selection = {
tagStatus = "any"
countType = "imageCountMoreThan"
countNumber = 10
}
action = {
type = "expire"
}
}
]
})
}
Deploy it:
terraform apply
# ECR will automatically delete images beyond the 10 most recent
# Runs daily, no manual intervention needed
Savings from this alone: 70-90% of storage costs! 🎉
# ecr-lifecycle-advanced.tf
resource "aws_ecr_lifecycle_policy" "multi_env" {
repository = aws_ecr_repository.app.name
policy = jsonencode({
rules = [
# Rule 1: Keep last 20 production images (tagged)
{
rulePriority = 1
description = "Keep last 20 production images"
selection = {
tagStatus = "tagged"
tagPrefixList = ["prod-", "v"]
countType = "imageCountMoreThan"
countNumber = 20
}
action = {
type = "expire"
}
},
# Rule 2: Keep last 10 staging images
{
rulePriority = 2
description = "Keep last 10 staging images"
selection = {
tagStatus = "tagged"
tagPrefixList = ["staging-"]
countType = "imageCountMoreThan"
countNumber = 10
}
action = {
type = "expire"
}
},
# Rule 3: Delete untagged images older than 7 days
{
rulePriority = 3
description = "Delete untagged images after 7 days"
selection = {
tagStatus = "untagged"
countType = "sinceImagePushed"
countUnit = "days"
countNumber = 7
}
action = {
type = "expire"
}
},
# Rule 4: Keep only last 5 dev/feature branch images
{
rulePriority = 4
description = "Keep last 5 dev images"
selection = {
tagStatus = "tagged"
tagPrefixList = ["dev-", "feature-"]
countType = "imageCountMoreThan"
countNumber = 5
}
action = {
type = "expire"
}
},
# Rule 5: Catch-all - delete any images older than 30 days
{
rulePriority = 5
description = "Delete any remaining images older than 30 days"
selection = {
tagStatus = "any"
countType = "sinceImagePushed"
countUnit = "days"
countNumber = 30
}
action = {
type = "expire"
}
}
]
})
}
# modules/ecr-with-lifecycle/main.tf
variable "repository_name" {
description = "ECR repository name"
type = string
}
variable "prod_image_count" {
description = "Number of production images to keep"
type = number
default = 20
}
variable "staging_image_count" {
description = "Number of staging images to keep"
type = number
default = 10
}
variable "dev_image_count" {
description = "Number of dev/feature images to keep"
type = number
default = 5
}
variable "untagged_days" {
description = "Days to keep untagged images"
type = number
default = 7
}
resource "aws_ecr_repository" "this" {
name = var.repository_name
image_tag_mutability = "MUTABLE"
encryption_configuration {
encryption_type = "AES256"
}
image_scanning_configuration {
scan_on_push = true
}
tags = {
Name = var.repository_name
ManagedBy = "terraform"
}
}
resource "aws_ecr_lifecycle_policy" "this" {
repository = aws_ecr_repository.this.name
policy = jsonencode({
rules = [
{
rulePriority = 1
description = "Keep last ${var.prod_image_count} production images"
selection = {
tagStatus = "tagged"
tagPrefixList = ["prod-", "release-", "v"]
countType = "imageCountMoreThan"
countNumber = var.prod_image_count
}
action = { type = "expire" }
},
{
rulePriority = 2
description = "Keep last ${var.staging_image_count} staging images"
selection = {
tagStatus = "tagged"
tagPrefixList = ["staging-", "stage-"]
countType = "imageCountMoreThan"
countNumber = var.staging_image_count
}
action = { type = "expire" }
},
{
rulePriority = 3
description = "Delete untagged images after ${var.untagged_days} days"
selection = {
tagStatus = "untagged"
countType = "sinceImagePushed"
countUnit = "days"
countNumber = var.untagged_days
}
action = { type = "expire" }
},
{
rulePriority = 4
description = "Keep last ${var.dev_image_count} dev/feature images"
selection = {
tagStatus = "tagged"
tagPrefixList = ["dev-", "feature-"]
countType = "imageCountMoreThan"
countNumber = var.dev_image_count
}
action = { type = "expire" }
}
]
})
}
output "repository_url" {
value = aws_ecr_repository.this.repository_url
}
output "repository_arn" {
value = aws_ecr_repository.this.arn
}
# main.tf
module "api_ecr" {
source = "./modules/ecr-with-lifecycle"
repository_name = "api-service"
prod_image_count = 30
staging_image_count = 15
dev_image_count = 5
untagged_days = 7
}
module "web_ecr" {
source = "./modules/ecr-with-lifecycle"
repository_name = "web-frontend"
prod_image_count = 20
staging_image_count = 10
dev_image_count = 3
untagged_days = 3
}
output "api_url" {
value = module.api_ecr.repository_url
}
Repository: api-service
Images: 847 total
- prod-* : 234 images
- staging-*: 198 images
- feature-*: 312 images
- untagged: 103 images
Total size: 423GB
Monthly cost: $42.30
Annual cost: $507.60
Repository: api-service
Images: 45 total
- prod-* : 20 images (kept last 20)
- staging-*: 10 images (kept last 10)
- feature-*: 15 images (kept last 5 per branch)
- untagged: 0 images (deleted after 7 days)
Total size: 22.5GB
Monthly cost: $2.25
Annual cost: $27
Savings: $480.60/year (95% reduction!) 🎉
ECR has a preview feature:
# See what WOULD be deleted without actually deleting
aws ecr get-lifecycle-policy-preview \
--repository-name api-service
Unfortunately, Terraform doesn't support this directly. Start with generous retention:
prod_image_count = 50 # Start high
dev_image_count = 20 # Start high
# Gradually decrease over time
Lifecycle policies work best with consistent tagging:
# In your CI/CD pipeline
docker tag myapp:latest $ECR_URL:prod-${GIT_SHA}
docker tag myapp:latest $ECR_URL:staging-${GIT_SHA}
docker tag myapp:latest $ECR_URL:feature-${BRANCH_NAME}-${GIT_SHA}
Set up CloudWatch alerts:
resource "aws_cloudwatch_metric_alarm" "ecr_deletions" {
alarm_name = "ecr-high-deletions"
comparison_operator = "GreaterThanThreshold"
evaluation_periods = 1
metric_name = "RepositoryPullCount"
namespace = "AWS/ECR"
period = 86400
statistic = "Sum"
threshold = 100
dimensions = {
RepositoryName = "api-service"
}
}
If you need to keep specific images forever:
# Option 1: Use a special tag prefix not in lifecycle rules
docker tag myapp:latest $ECR_URL:keep-forever-v1.0.0
# Option 2: Create separate repository for long-term images
module "releases_ecr" {
source = "./modules/ecr-with-lifecycle"
repository_name = "api-service-releases"
prod_image_count = 100 # Keep many more
}
prod-abc123
staging-abc123
dev-feature-xyz
Works well with lifecycle rules based on tag prefix.
v1.2.3
v1.2.4-rc1
latest
Good for release management, harder for lifecycle automation.
prod-v1.2.3-abc123
staging-v1.2.3-abc123
Best of both worlds - clear environment + version.
Rules are evaluated in order. More specific rules should have lower priority numbers:
rulePriority = 1 # Most specific (prod images)
rulePriority = 2 # Less specific (staging)
rulePriority = 5 # Catch-all (everything else)
Failed builds leave untagged images. Always have a cleanup rule:
{
rulePriority = 99
description = "Cleanup untagged"
selection = {
tagStatus = "untagged"
countType = "sinceImagePushed"
countUnit = "days"
countNumber = 1 # Delete after 1 day
}
action = { type = "expire" }
}
ECR won't delete images currently in use by ECS/EKS. This is good! But your count might be higher than expected.
# 1. Check current storage usage
aws ecr describe-repositories \
--query 'repositories[*].[repositoryName]' \
--output table
# For each repository, get image count
aws ecr list-images \
--repository-name api-service \
--query 'length(imageIds)'
# 2. Deploy lifecycle policy
terraform apply
# 3. Wait 24 hours (ECR runs cleanup daily)
# 4. Verify reduction
aws ecr list-images \
--repository-name api-service \
--query 'length(imageIds)'
# 5. Check cost savings next month 💰
Startup with 5 microservices:
Before:
After (lifecycle policies):
Savings: $1,710/year (95% reduction!)
Implementation time: 30 minutes
Ongoing maintenance: Zero
The Problem:
The Solution:
The Result:
Stop paying for every Docker image you've ever built. Set lifecycle policies today and reclaim your storage. 🚀
Implemented ECR lifecycle policies? How many images did you delete? Share in the comments! 💬
Follow for more AWS cost optimization with Terraform! ⚡
2026-02-07 11:58:47
태스크 하나가 폴더 하나입니다. 그 안에 index.md 파일이 있고, YAML frontmatter에 메타데이터를 적습니다. 폴더 구조가 곧 카테고리입니다. DB 없이 파일 시스템이 데이터베이스 역할을 합니다.
현재 7,655개 태스크, 94% 완료율로 운영 중입니다.
hq/
├── 회사A/
├── 회사B/
├── 개인/
└── inbox/
태스크 하나는 이렇게 생겼습니다:
배포-프로세스-개선/
└── index.md
---
date: 2026-02-07
estimation: 2h
focus_time: 1h 30m
priority: P1
done: false
recurrence: weekly
---
본문에 상세 내용, 메모, 결과물을 자유롭게 적습니다.
frontmatter 필드:
| 필드 | 역할 | 예시 |
|---|---|---|
date |
수행일 | 2026-02-07 |
estimation |
예상 소요 시간 | 2h |
focus_time |
실제 소요 시간 (자동 누적) | 1h 30m |
priority |
P0(긴급) ~ P3(낮음) | P1 |
done |
완료 여부 | false |
recurrence |
반복 주기 | weekly |
같은 이름의 태스크가 생기면 ___숫자를 붙입니다. 주간_회의, 주간_회의___2, 주간_회의___3.
Claude Code의 Skills 시스템으로 자연어 명령을 태스크 조작으로 연결합니다.
"시작"이라고 말하면 ~/.focus_session.json에 시작 시간을 기록합니다. "완료"라고 말하면 경과 시간을 계산하여 focus_time에 누적합니다.
🎯 포커스 시작!
태스크: index.md
시작: 2026-02-07T12:24:53
✅ 포커스 종료!
태스크: index.md
소요 시간: 56m
동시에 하나의 세션만 허용합니다.
recurrence 필드가 있는 태스크를 완료하면 다음 날짜의 태스크를 자동 생성합니다. done: false로 초기화하고 focus_time은 비웁니다. weekly는 +7일, daily는 +1일입니다.
"오늘 할일"이라고 말하면 Python 스크립트가 전체 파일을 스캔합니다.
📅 오늘 할일 (2026-02-07)
📋 오늘 (2개)
⬜ [P1] 블로그_글쓰기 (2026-02-07) 🔄
⬜ [P1] 코드_리뷰 (2026-02-07)
⚡ 높은 우선순위 미배정 (1개)
⬜ [P1] 시스템_개선
기한 지난 미완료 태스크, 날짜 없는 P0/P1 태스크도 함께 표시합니다.
| 연동 대상 | 방식 | 방향 |
|---|---|---|
| 외부 태스크 도구 | MCP 서버 | 양방향 동기화 |
| 캘린더 | CLI | 캘린더 → 태스크 |
| Git | git CLI | 변경사항 자동 커밋/푸시 |
소스 오브 트루스는 로컬 마크다운 파일입니다. 외부 도구의 이슈든 캘린더 일정이든 index.md로 수렴합니다.
사용자 ("시작", "완료", "오늘 할일")
↓
Claude Code Hook (키워드 감지)
↓
Skill (Python 스크립트 실행)
↓
마크다운 파일 (frontmatter 업데이트)
↓
Git (버전 관리, 푸시)
태스크의 라이프사이클:
생성 → 날짜/우선순위 배정 → 포커스 시작 → 완료 → (반복이면) 다음 태스크 자동 생성
2026-02-07 11:35:31
Picture yourself as a Lead Developer at a rapidly growing startup.
You have a critical deadline looming tomorrow, you opt to write "quick and dirty" code. You skip documentation, hard-code variables, and bypass the security checks. It works, and you ship the product making your boss is happy.
However, the following week, you need to implement an update, and suddenly, the system crashes. That "quick fix" is now obstructing new code, forcing you to spend 10 hours fixing the old mess before you can dedicate 1 hour to new work.
In software engineering, we call this Technical Debt.
Now, look at your life. That coffee you chugged at 4 PM because you didn't sleep? Debt. That difficult conversation you pushed to "next week"? Debt. Most people aren't exhausted because they work too hard—they are exhausted because they are spending 80% of their energy just paying the interest on their life's accumulated debt.
To understand how to fix your life, you have to understand where the "bugs" are hiding.
In programming, a Recursive Loop is a function that calls itself over and over. If there’s no "exit condition," it eventually eats up all the computer's resources and crashes.
Modern life is rife with financial recursive loops. Think of "Buy Now, Pay Later" schemes or high-interest credit cards.
The Bug: You spend money today that you haven't earned yet.
The Loop: Next month, you have to work harder just to pay for last month's dinner. This leaves you with less money for this month, so you swipe the card again.
The Crash: You aren't building a future; you are stuck in a loop of servicing your past.
The human brain is the most complex hardware on the planet. Like any computer, it generates "waste" as it runs. In software, Garbage Collection is a background process that automatically clears out unused data to free up memory.
For humans, Sleep is our Garbage Collection. While you sleep, your brain physically flushes out neurotoxins that build up during the day. When you "grind" through the night, you aren't being productive; you are manually disabling your system's cleaning cycle.
Latency is the delay between a command and a result. High latency makes a computer feel "laggy" and slow.
In life, latency is caused by Open Loops—tasks acknowledged but not completed.
"I need to fix that squeaky door."
"I need to reply to that awkward email."
"I need to book the dentist."
Even if you aren't thinking about them, these tasks are like background apps on a phone. They eat up your RAM (mental energy). By 3 PM, your system is lagging because 40% of your brain is busy "remembering" things you haven't done yet.
When a codebase becomes too messy to work with, engineers stop building new features and start Refactoring—cleaning up the internal structure without changing what it does. Here is how you refactor your life.
You can't fix a bug you hasn't been logged. For the next 24 hours, notice every time you feel a "ping" of stress.
Is it a Financial Bug (an unpaid bill)?
A Hardware Bug (feeling sluggish from bad food)?
Or a Latency Bug (an unfinished chore)?
Question for the Reader: What is the one "Open Loop" in your life right now that has been draining your battery for more than a week?
In operating systems, the SJF algorithm reduces waiting time by processing the quickest tasks first. Look at your "Latency Bugs." If a task takes less than 2 minutes, do it immediately.
Send the text.
Toss the trash.
File the document.
By clearing the "short jobs," you close the background apps and instantly lower your mental latency.
To prevent hardware failure, set a hard "Offline" time. At 10 PM, the server goes down. No blue light, no work emails, no input. This allows the "Garbage Collection" (sleep) to run at 100% efficiency.
You wouldn't expect a buggy, unoptimized app to win an award. Why do you expect a buggy, unoptimized life to feel successful?
Stop attempting to "hustle" through the mess. Take a week to refactor. Clean the code. Close the loops. Your future self is waiting for the upgrade.
In conclusion, just as a software engineer must address technical debt to maintain a functional and efficient codebase, we must also tackle the "technical debt" in our lives to achieve a balanced and fulfilling existence. By identifying and addressing financial, mental, and task-related "bugs," we can optimize our daily routines and reduce unnecessary stress. Implementing strategies like conducting a system audit, prioritizing quick tasks, and ensuring adequate rest can lead to a more productive and satisfying life. Embrace the process of refactoring your life, and you'll find yourself on the path to a more streamlined and successful future. Your life’s Version 2.0 is within reach—start the upgrade today.
System Status: Optimizing...
Every week, I send out a "System Update"—one actionable algorithm to refactor your health, wealth, and discipline.
What is one 'legacy habit' in your life that you're currently trying to deprecate?
2026-02-07 11:30:16
If your Shopify workflow goes sideways after adding a proxy—pages feel sluggish, requests start failing, or the storefront “looks like the wrong country”—the fastest fix is usually not swapping providers or turning on rotation. It’s getting calm and making the setup reproducible, using the same core assumptions described in the full Shopify proxies guide for 2026
.
A proxy is a chosen network exit. That’s it. It can help you centralize where traffic appears to come from, keep sessions consistent, and separate operator traffic from other network paths—but it’s not a speed hack. In many cases you’re adding an extra hop, so “faster” is not the default outcome.
The other principle that keeps teams out of chaos is to start with one stable exit before adding rotation. Rotation can be useful later, but if you begin with a moving target, you lose your ability to isolate variables. When something breaks, you want to know whether the change came from your device, your network, the proxy, Shopify’s status, or your pacing.
This checklist exists for one reason: prove your proxy setup is basically correct before you interpret symptoms.
Step A: Confirm you are actually using the proxy exit
Check your public IP before enabling the proxy.
Enable the proxy, check again, and record the new IP plus timestamp.
If the IP does not change, stop. Your traffic is not exiting where you think it is.
Step B: Confirm basic reachability and TLS sanity
Open one or two stable HTTPS sites to verify general connectivity.
If your tooling allows it, do one verbose request that logs only headers and status.
This prevents you from mislabeling a generic HTTPS or proxy problem as a Shopify issue.
Step C: Confirm Shopify Admin and storefront basics in a clean browser profile
Location and “weird behavior” issues are often stored state, not the exit IP. A clean browser profile removes that noise.
Create a fresh browser profile with no extensions and no saved cookies.
Log into Shopify Admin and load a few common pages such as Orders, Products, and Apps.
Open the storefront and note currency and language rendering and load time.
For operator workflows that need consistent, long-lived sessions, validating against a single stable exit, often the kind you’d associate with Static Residential Proxies
, makes later troubleshooting far more deterministic.
Step D: Capture a tiny debug packet
Write down:
Proxy host and port, protocol, and authentication method
Exit IP, intended region, and whether the test used a clean profile
The exact symptom and the exact moment it appears
That one minute of notes can save hours of “it changed but I don’t know what changed.”
When you troubleshoot proxies for Shopify operations, the order matters. Work from the outside in:
Device and network, then proxy health, then platform incidents, then pacing and tool behavior.
Layer 1: Device and network stability comes first
Temporarily disable VPNs, smart routing, and OS-level auto proxy settings.
Try a different network such as office Wi-Fi versus a hotspot without changing the proxy configuration.
If only one machine fails, treat it like a local networking problem first, including DNS, security software interception, and OS trust store issues.
Layer 2: Proxy health determines whether the exit is stable
Keep variables fixed: same region, same credentials, same protocol. Change only the node if you can.
Avoid proxying everything by default. Route only the browser profile or the specific app that needs it, so you don’t introduce unrelated latency and failures.
Layer 3: Platform incidents confirm whether Shopify itself is degraded
Before you go deeper, check whether Shopify is having an incident. If the platform is degraded, you can waste a lot of time “fixing” a proxy that was never the root cause. Shopify’s official status page is a quick reality check: Shopify Status
.
Layer 4: Pacing and tool behavior explain most rate-limit errors
429 errors are rarely solved by swapping IPs. They’re usually solved by slowing down, backing off, and respecting rate limits. If you’re calling the Admin API directly or through a tool, treat 429 as a signal to reduce concurrency and implement backoff that honors Retry-After, consistent with REST Admin API rate limits and the broader Shopify API limits
.
Rotation is an optimization layer, not a first response to throttling. Once your pacing is correct and reproducible, scaling patterns like Rotating Proxies can make sense for larger workloads without turning debugging into guesswork.
Slow speed after enabling a proxy usually comes from distance, overload, or scope
“Slow” typically comes from one of three causes: distance, overload, or over-scoping.
Distance means your exit node is far from you or from the Shopify edge you’re hitting, increasing round trips.
Overload means the node is saturated, so latency spikes and occasional timeouts appear.
Over-scoping means you proxied the entire machine or all traffic, so unrelated services add contention.
Isolation tests that stay reproducible:
Compare load time in a clean profile with proxy on versus off using the same pages.
Keep the same node and change only the network to see if your local path is the bottleneck.
Keep the same network and change only the node to detect saturation.
What typically helps:
Choose a closer region or node
Reduce how much you proxy by limiting it to the Shopify workflow
Prefer one stable exit for Admin sessions until you can describe the latency pattern with simple numbers such as consistent versus spiky
429 Too Many Requests is usually solved by slowing down and backing off
429 almost always means you’re going too fast for the limit, not that your IP is bad. The fix is straightforward and compliant:
Reduce concurrency
Add exponential backoff with jitter
Honor Retry-After when present
Avoid retry storms, especially when multiple workers share the same credentials
If your team uses multiple tools such as monitors, integrations, and bulk editors, confirm they are not collectively producing bursts. A reasonable rate per tool can become excessive at the account level.
407 Proxy Authentication Required points to credentials, allowlists, or protocol format
407 indicates the proxy requires authentication and the client did not provide it correctly. The most common root causes are:
Wrong username or password
IP allowlist not updated for the current public IP
Protocol or format mismatch where a tool expects a different scheme or credential syntax
The HTTP status meaning is documented in MDN’s 407 reference
. Practically, your fastest path is to compare your proxy string and protocol expectations against a known-good syntax. Many failures are simply right credentials with the wrong format, which is why teams keep a short internal reference aligned with Proxy Protocols.
Location mismatch is often stored state such as cookies and profile settings
When Shopify storefront locale or content appears wrong, the exit IP is only one variable. Common culprits include:
Cookies and cached storefront localization state
Account and profile preferences and saved markets behavior
Provider geo granularity such as city-level variance or mapping differences
A clean profile test is the fastest way to prove whether the mismatch is stored state. If the clean profile behaves as expected but your normal profile does not, you’re likely looking at cookies, cached storefront state, or profile-level settings rather than a proxy failure.
This routine is intentionally small and repeatable. It helps prevent “it worked yesterday” from becoming a permanent condition.
Minute 0–10: Run the baseline validation
Repeat the 10-minute checklist:
Verify exit IP change
Verify general HTTPS sanity
Test Admin and storefront in a clean profile
Record the debug packet
Minute 10–20: Run a controlled workflow test in Admin and storefront
Pick three to five tasks you actually do:
Open Orders, Products, and a couple of app pages
Perform one low-risk write action you commonly do, such as a tag edit or draft creation
Open the storefront and confirm the expected locale and currency display and load time
You are proving that normal operator work is stable, not stress-testing.
Minute 20–30: Check stability and confirm rate-limit-safe behavior
Keep the session open and navigate normally for five to ten minutes, watching for sudden latency spikes.
If your workflow involves API-based tooling, do a tiny test that confirms you handle rate limiting by backing off and honoring Retry-After, aligned with Shopify’s official limits.
Teams that standardize this routine across operators and developers tend to reduce proxy-related incidents because configuration changes stop being “mystery events,” which is the operational mindset MaskProxy encourages.
Treat the proxy as a chosen exit, then make one exit boringly stable before you add rotation.
When you see 429, slow down and back off, and design within Shopify’s published limits instead of escalating retries or increasing concurrency.
When location looks wrong, re-test in a clean profile first, then standardize provider evaluation and configuration as provider checklist + setup steps
.
2026-02-07 11:13:57
Whether you're just starting out or leveling up your senior dev skills, having the right learning platforms is a game-changer. Here are the services I use to keep my code sharp:
🔹 Codecademy – Interactive, hands-on lessons when starting a new language from scratch.
🔹 freeCodeCamp – Project-based curriculum for building a real-world portfolio (completely free).
🔹 Fireship – Video tutorials to learn complex tech stacks fast.
🔹 Laracasts& SymfonyCasts– PHP, Laravel, and Symfony ecosystems with top-tier screencasts. |
🔹 LeetCode& HackerRank – Preparing for technical interviews.
🔹 Pluralsight– Comprehensive paths and skill assessments for professional-level technology training. 🔗
2026-02-07 11:12:59
In Episode 1, we walked through the basics of how the web works. From typing a web address into your browser, through DNS lookups and secure connections, to rendering the page on your screen. We touched on things like TCP and HTTP, but that's just the surface. Now, in Episode 2, let's dig deeper into the networking protocols that power all this communication. These are the building blocks that make data move reliably and fast across the internet. We'll start with the low-level ones and move up.
Before the web can talk, it needs a transport layer that decides how data packets are sent between two machines. Think of this as choosing between a careful courier and a fast bike messenger.
Once TCP or UDP has done the hard work of moving packets around, the web needs a language for clients and servers to talk in. That language is HTTP and its secure cousins.
HTTP (Hypertext Transfer Protocol): Defines how a client (like your browser) sends a request and how a server replies with a response. It is a simple text based, request response protocol.The client asks for a resource (HTML, CSS, JSON, etc.), and the server answers with a status line, headers, and an optional body. By default, classic HTTP (HTTP/1.1) runs over TCP, so it inherits TCP’s reliability and ordering guarantees.
HTTPS (Hypertext Transfer Protocol Secure): Is not a different application protocol. It is simply HTTP running inside a TLS-encrypted tunnel. The “S” in https://prasunchakra.com means that before any HTTP request–response messages are exchanged, the client and server perform a TLS handshake to agree on keys and ciphers, and to authenticate the server’s identity using its certificate. So you can think of HTTPS as “take normal HTTP and wrap every byte of it inside TLS, at the transport layer.” Today, browsers treat plain HTTP as “not secure” and strongly prefer HTTPS everywhere.
HTTP/3 (QUIC): HTTP/2 improved performance by multiplexing many HTTP streams over a single TCP connection, but it ran into a TCP level problem called head of line (HOL) blocking. If one TCP packet is lost, TCP must hold back all later packets for that connection until the missing one is retransmitted, which delays every active HTTP stream sharing that connection. HTTP/3 takes a different route by running over QUIC, a transport protocol built on top of UDP. QUIC provides its own reliability, encryption (it uses TLS 1.3 integrated into the transport), and congestion control, but crucially it is stream-aware: it can treat each HTTP stream independently. This significantly reduces head of line blocking and improves perceived performance, especially on flaky mobile or Wi‑Fi networks where packet loss and changing network paths are common. Modern browsers are gradually adopting HTTP/3 for many large sites so that page loads, API calls, and asset fetches feel snappier and more resilient in real-world conditions.
Not everything on the internet fits cleanly into “classic web pages.” Some protocols exist for real time interactions, others are older but still important in the background.
WebSockets: WebSockets were created to solve a limitation of HTTP that the client always has to initiate the conversation. With WebSockets, the browser and server upgrade an existing HTTP connection, then switch to a protocol that keeps a single TCP connection open and full‑duplex.
Once the WebSocket is established, both the client and the server can send messages at any time without creating new HTTP requests, the connection remains open until it is explicitly closed which reduces overhead and latency, and messages can be sent as either text or binary frames, making WebSocket flexible for a wide range of real-time use cases.Which include chat apps, live dashboards (like stock prices or sports scores), collaborative tools (Figma, Google Docs‑style editors), multiplayer games, and any UI that needs instant updates pushed from the server.
SMTP (Simple Mail Transfer Protocol): It is the protocol responsible for sending emails between mail servers. When you hit “Send” in Gmail or Outlook, your client talks to an SMTP server over TCP, hands over the message, and then a series of SMTP servers relay that message until it reaches the recipient’s mail server.
A simplified flow works as follows: your email client submits the message to your provider’s SMTP server, that server looks up the recipient’s domain using DNS and forwards the email to the destination SMTP server, possibly passing through intermediate relay servers, and finally the recipient’s server accepts the message and stores it in a mailbox where it can later be retrieved using protocols such as IMAP or POP3. IMAP (Internet Message Access Protocol) and POP3 (Post Office Protocol version 3) are email retrieval protocols, with IMAP keeping messages stored and synchronized on the mail server across multiple devices, while POP3 downloads messages to the local device and usually removes them from the server.
FTP (File Transfer Protocol): This is one of the oldest protocols for transferring files between a client and a server. It uses separate control and data channels over TCP, which historically made it flexible but also a bit of a pain for firewalls and NAT devices.
Classic FTP has a big downside that the credentials and file contents are sent in plain text, so anyone sniffing the network can potentially see usernames, passwords, and data. Because of this, modern setups usually prefer secure alternatives such as SFTP (Secure File Transfer Protocol), which transfers files over SSH using a single encrypted channel for both commands and data, and FTPS (File Transfer Protocol Secure), which runs FTP over SSL/TLS to add encryption on top of the traditional FTP model.
From TCP and UDP at the transport layer to HTTP, HTTPS, WebSockets, SMTP, and FTP at the application layer, these protocols are the invisible glue that holds the internet together. Each one solves a slightly different problem: reliable delivery, secure browsing, real-time updates, email, or file transfer. The key idea to carry forward is this: when you type prasunchakra.com or open your favorite app, you are really triggering a carefully layered conversation between machines, with each protocol playing its part in the stack. As you build web apps, APIs, or backend systems, understanding these layers helps you reason about performance issues, security choices, and why things sometimes break in “mysterious” ways on real networks. In future episodes, we will zoom into specific pieces of this puzzle.