What a weird week. It started on Wednesday first of all. It felt like half of everyone was still on vacation. It was quiet but, it was busy. There was a lot of great content this week too surprisingly. The time at the end of one year, the beginning of another is awesome. So many folks are taking time to write down their thoughts on everything from note taking during programming to monorepos to Kubernetes to infosec. It feels kinda magical out in the world of tech right now. Hopefully, we can turn this positive energy into something awesome this year.
In case you have been in a cave, here are the top stories you might have missed the past two weeks:
- DevOps engineer interviews: Ask these questions
- 7 CI/CD tools for sysadmins
- Highest Paying Tech Companies of 2018 by Levels.fyi — Note: I think this list is utter rubbish. Give it a look and you’ll see why.
- How to become an AWS expert
- The truth about impostor syndrome
- 2018 Learnings, 2019 Expectations
- 10 books for your DevOps reading wishlist
- Moving on From Red Hat by Christian Posta
- The biggest technology failures of 2018
- YAML Has Won
Continuous delivery on modern infrastructure - Run GoCD on Kubernetes
Model Docker-based build workflows more effectively with our GoCD Kubernetes integration. Run GoCD natively on Kubernetes, define your build workflow and let GoCD provision and scale build infrastructure on the fly. SPONSORED
The real story on container, cloud, and data adoption
Poll results reveal where and why organizations choose to use containers, cloud platforms, and data pipelines. SPONSORED
Real World DevOps
The Real World DevOps Podcast talks about the messy, behind-the-scenes realities of running systems. We’ll be talking with practitioners from across the industry, both from traditional enterprises to modern cloud-native startups. SPONSORED
18 people in tech every programmer and software engineer needs to follow in 2019 — I’m honored (and flattered) to be on this list of wonderfully brilliant minds.
How Millennials Became The Burnout Generation — I’m stretched pretty thin on literally everything.
On leaving Chef — Jeez… What’s going on at Chef. I’m not sure who I even know over there anymore.
Why It Is Difficult to Hire for DevOps? — DevOps is hard and hiring for it is even harder. But, orgs can help themselves here too.
A pair of Kubernetes security issues this week. #shoutout to the Kubernetes Product Security Team:
- Security Impact of Kubernetes API server external IP address proxying — “It was reported to us by Michael Schubert of Kinvolk that the Kubernetes API server can be used as a HTTP proxy to not only cluster internal but also external target IP addresses.”
- Security release of dashboard v1.10.1 - CVE-2018-18264 — “A security issue was discovered in kubernetes dashboard versions v1.10.0 or older… The TLS secrets for a Kubernetes Dashboard can be obtained by visiting https://[DASHBOARD_HOST]/api/v1/secret/kube-system/kubernetes-dashboard-certs.”
Open Source Business Models Considered Harmful — If your value is the software you open sourced, don’t be surprised when you can’t make money on it. Provide value, open source what you can, and work from there.
How To Shutter Your Startup: Best Practices for Corporate Dissolution — Don’t screw up the end. Deprecate gracefully.
When you code, write down everything — When I was doing Ops and InfoSec work daily I wrote down everything. My notes were absurd and I was highly organized. It allowed me to drop complex project work and go put out the latest security incident and pick right back up where I left off.
Three Acquisitions In 2018 To Impact 2019’s Tech Landscape — Cloud, AI, and IoT are all getting touched.
Monorepos: Please don’t! — Don’t hurt ‘em, Matt.
Monorepo: please do! — You tell ‘em, Jacob.
Security trends to pay attention to in 2019 and beyond — Very insightful. If you have any thoughts that aren’t covered here please share them.
lorin/resilience-engineering — Resilience Engineering Notes
Linux Technology for the New Year: eBPF — Some are saying 2019 is the year of eBPF.
NSA Releasing the GHIDRA Reverse Engineering Tool at RSAConference — “GHIDRA is a reverse engineering framework that is available for Windows, macOS, and Linux that the NSA is unveiling at the conference.”
The State of Kubernetes 2019 — I respect the folks over at Giant Swarm (a lot) and you should too.
Kubernetes In a Nutshell — I love the format of this. It’s almost like you could make index cards if you want to with it. When I update my Getting Started with Kubernetes article, this is definitely going in it.
5 things you didn’t know about Istio — Learn how Istio helps address microservices challenges, in this talk from All Things Open 2018.
Hashicorp at Home — Applying the Hashicorp stack in your home; pretty cool idea.
Database migrations in Golang — Moving your state with Go 101
windmilleng/tilt — Local Kubernetes development with no stress
dbcli/litecli — CLI for SQLite Databases with auto-completion and syntax highlighting
project-koku/koku — An open source solution for cost management of cloud and hybrid cloud environments
Ne0nd0g/merlin — Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
DevOps’ish Tweet of the Week
If your response to a meeting invite is to point out the non-Free Software components of the invite/scheduling process, you are being a jerk.— VM (Vicky) Brasseur @ ONS EU (@vmbrasseur) January 5, 2019
Zealots drive people away and do #FreeSoftware no favours. It's possible to believe w/o preaching & scolding. Try it.
Notes from this week’s issue can be found here.
Sponsor DevOps'ish and put your brand in front of thousands of highly skilled operators, maintainers, developers, and leaders from across the Fortune 500, Silicon Valley, and beyond.
Join the Conversation
Join the DevOps'ish group on Telegram for insight and in-depth discussions about real technical challenges facing real people. If you're into Reddit, join //devopsish. You can follow me on Twitter and LinkedIn too.