Forem: Muhammad Kamran Kabeer

Building a Zero-Downtime Web Cluster on a Dell Latitude

Muhammad Kamran Kabeer — Mon, 13 Apr 2026 15:45:47 +0000

The Problem: The "Single Point of Failure"
Most small businesses host their websites on a single server. If that server crashes, their business stops. In this lab, I solved that problem by building a Distributed System using Nginx and Ansible.

The Architecture: The Traffic Cop
I used a Load Balancer strategy to ensure that even if a server dies, the website stays live.

Front-End: Nginx Load Balancer (Port 8888)

Back-End: Two Nginx Workers (Ports 8081 & 8082)

Key Technical Win: Fault Tolerance
The highlight of this lab was the Chaos Test. By manually stopping one of the web server containers, I verified that the Load Balancer instantly redirected all traffic to the healthy node. The result? Zero downtime for the user.

Tools Used:
Ansible: To automate the deployment and ensure the configuration is repeatable.

Docker: To isolate the services and simulate a multi-server environment on my Dell E7440.

Check out the Standalone Code:
🔗 https://github.com/muhammadkamrankabeer-oss/MK_Labs/tree/main/Lab3_Standalone

How I Automated a Monitoring Stack on my Dell Latitude using Ansible & Docker

Muhammad Kamran Kabeer — Sun, 12 Apr 2026 09:16:23 +0000

The Vision
As part of my Technical Lab Roadmap, I am moving away from manual configurations. In the world of modern DevOps, if you have to do it twice, you should automate it. Today’s goal: Transforming my Xubuntu-powered Dell Latitude into a fully monitored node using Infrastructure as Code (IaC).

The Architecture: A Three-Tier Observability Stack
To monitor a system effectively, you need a pipeline. Data must be generated, collected, and visualized. Here is how I structured this lab:

Generation (Node Exporter): A lightweight Go-based binary that exposes hardware metrics (CPU load, RAM usage, Disk I/O) via a web endpoint.

Collection (Prometheus): The "brain" of the operation. It's a time-series database that "scrapes" the metrics from the exporter at defined intervals.

Visualization (Grafana): The "eyes." It queries Prometheus to turn raw numbers into pulsing, real-time graphs.

The "Aha!" Moment: Solving Networking Hurdles
The biggest challenge was connectivity. When running Prometheus inside a Docker container, it views localhost as itself, not my laptop.

The Solution:

The Bridge: I used the Docker Gateway IP (172.17.0.1) to allow the container to look "outside" to the host hardware.

The Guard: Xubuntu’s UFW (Uncomplicated Firewall) initially blocked these requests. I had to explicitly allow traffic on port 9100 from the Docker interface.

The Implementation: Ansible Playbook
Instead of 20 terminal commands, I consolidated the entire setup into one Ansible Playbook. This ensures Idempotency—I can run this on any machine and get the exact same result.

YAML

name: Deploy Monitoring Stack hosts: localhost connection: local become: yes

tasks:
- name: Run Node Exporter (The Sensor)
community.docker.docker_container:
name: node-exporter
image: prom/node-exporter:latest
state: started
restart_policy: always
ports:
- "9100:9100"

- name: Run Prometheus (The Brain)
  community.docker.docker_container:
    name: prometheus
    image: prom/prometheus:latest
    state: started
    recreate: yes
    volumes:
      - "./prometheus.yml:/etc/prometheus/prometheus.yml"
      - "./alert_rules.yml:/etc/prometheus/alert_rules.yml"
    ports:
      - "9091:9090"

- name: Run Grafana (The Visuals)
  community.docker.docker_container:
    name: grafana
    image: grafana/grafana:latest
    state: started
    ports:
      - "3000:3000"

Going Pro: Proactive Alerting
Monitoring is useless if you have to stare at the screen all day. I integrated Alertmanager with a custom rule:

If CPU usage exceeds 85% for more than 2 minutes, fire a CRITICAL alert.

This moves the lab from "Basic Monitoring" to "Incident Response Readiness."

Key Takeaways for Students & Peers
Infrastructure is Code: Never install manually what you can automate.

Firewalls Matter: If your data isn't flowing, check your UFW/Iptables first.

Start Small: I’m doing this on an 8GB RAM Dell laptop. You don't need a cloud budget to learn high-level DevOps.

Check out the full Source Code:
🔗 https://github.com/muhammadkamrankabeer-oss/Lab2_Monitoring_Automation

Stop Leaving Your Servers Open: Hardening Linux in 5 Minutes with Ansible

Muhammad Kamran Kabeer — Sat, 11 Apr 2026 04:40:31 +0000

Hello, World! I’m Muhammad Kamran Kabeer.

As an IT Instructor and the founder of MK EduOps Solutions, I often see students and small businesses focus on "getting things to work" while completely ignoring "getting things secured."Today, I’m sharing Lab 1 from my new series: The Hardened Gateway. We will use Ansible to automate the security of a Linux server on a Dell Latitude E7440 (or any Ubuntu/Debian machine).

🛡️ Why "Default Deny"?
Most people try to block "bad" ports. The professional way is to deny everything and only open what you need. This is the "Zero-Trust" mindset.

🛠️ The Automation Code
Here is the Ansible block I use to secure my lab environments:

YAML

name: Lab 1 - The Hardened Gateway
hosts: localhost
become: yes
tasks:
- name: Ensure UFW is installed apt: { name: ufw, state: present }
- name: Set Default Policies to DENY community.general.ufw: { state: enabled, policy: deny, direction: incoming }
- name: Allow Essential Traffic community.general.ufw: { rule: allow, port: "{{ item }}", proto: tcp } loop: ['22', '80', '443', '81'] 🚀 The Result Running this ensures that only SSH and Web traffic can enter. Everything else—unsecured databases, internal APIs, or forgotten services—is hidden from the world.

Check out the full lab repository here:https://github.com/muhammadkamrankabeer-oss/MK-EduOps-Labs

How I Automated a Self-Healing WordPress Lab using Ansible & Docker

Muhammad Kamran Kabeer — Thu, 09 Apr 2026 16:21:08 +0000

The Challenge

As an IT educator, I wanted a lab environment that was stable, professional, and "self-healing." If a student (or a bug) crashes the site, I want it back up in seconds without manual work.
The Solution

I built a stack on my Dell Latitude E7440 using:

Vagrant & Debian: To create a clean, isolated sandbox.

Ansible: To automate the configuration (Infrastructure as Code).

Docker: To run WordPress and MariaDB.

Nginx Proxy Manager: To give it a professional URL (http://wordpress.test) instead of messy IP addresses.

Why this matters

By using Docker's restart_policy: always, if the WordPress container fails, the system "heals" itself immediately.

[INSERT YOUR TWO SCREENSHOTS HERE: NPM Dashboard and WordPress Welcome Page]
Work with me!

I am a professional educator and DevOps practitioner. If you need:

Technical Writing: I can turn your complex code into clear tutorials.

Lab Setup: I can help you automate your teaching environments.

Feel free to reach out here or on LinkedIn!