What a weird week. It started on Wednesday first of all. It felt like half of everyone was still on vacation. It was quiet but, it was busy. There was a lot of great content this week too surprisingly. The time at the end of one year, the beginning of another is awesome. So many folks are taking time to write down their thoughts on everything from note taking during programming to monorepos to Kubernetes to infosec. It feels kinda magical out in the world of tech right now. Hopefully, we can turn this positive energy into something awesome this year.

In case you have been in a cave, here are the top stories you might have missed the past two weeks:

  1. DevOps engineer interviews: Ask these questions
  2. 7 CI/CD tools for sysadmins
  3. Highest Paying Tech Companies of 2018 by Levels.fyi — Note: I think this list is utter rubbish. Give it a look and you’ll see why.
  4. How to become an AWS expert
  5. The truth about impostor syndrome
  6. 2018 Learnings, 2019 Expectations
  7. 10 books for your DevOps reading wishlist
  8. Moving on From Red Hat by Christian Posta
  9. The biggest technology failures of 2018
  10. YAML Has Won

Continuous delivery on modern infrastructure - Run GoCD on Kubernetes
Model Docker-based build workflows more effectively with our GoCD Kubernetes integration. Run GoCD natively on Kubernetes, define your build workflow and let GoCD provision and scale build infrastructure on the fly. SPONSORED

The real story on container, cloud, and data adoption
Poll results reveal where and why organizations choose to use containers, cloud platforms, and data pipelines. SPONSORED

Real World DevOps
The Real World DevOps Podcast talks about the messy, behind-the-scenes realities of running systems. We’ll be talking with practitioners from across the industry, both from traditional enterprises to modern cloud-native startups. SPONSORED

People

18 people in tech every programmer and software engineer needs to follow in 2019 — I’m honored (and flattered) to be on this list of wonderfully brilliant minds.

How Millennials Became The Burnout Generation — I’m stretched pretty thin on literally everything.

Kubernetes Dominates in IT Job Searches — #1 skill is Kubernetes, #4 is golang, #5 is Ansible

One year in San Francisco as a Software Engineer — Yikes…

On leaving Chef — Jeez… What’s going on at Chef. I’m not sure who I even know over there anymore.

Why It Is Difficult to Hire for DevOps? — DevOps is hard and hiring for it is even harder. But, orgs can help themselves here too.

Process

A pair of Kubernetes security issues this week. #shoutout to the Kubernetes Product Security Team:

  1. Security Impact of Kubernetes API server external IP address proxying — “It was reported to us by Michael Schubert of Kinvolk that the Kubernetes API server can be used as a HTTP proxy to not only cluster internal but also external target IP addresses.”
  2. Security release of dashboard v1.10.1 - CVE-2018-18264 — “A security issue was discovered in kubernetes dashboard versions v1.10.0 or older… The TLS secrets for a Kubernetes Dashboard can be obtained by visiting https://[DASHBOARD_HOST]/api/v1/secret/kube-system/kubernetes-dashboard-certs.”

How our kubernetes journey saved us $1 million dollars

Open Source Business Models Considered Harmful — If your value is the software you open sourced, don’t be surprised when you can’t make money on it. Provide value, open source what you can, and work from there.

How To Shutter Your Startup: Best Practices for Corporate Dissolution — Don’t screw up the end. Deprecate gracefully.

When you code, write down everything — When I was doing Ops and InfoSec work daily I wrote down everything. My notes were absurd and I was highly organized. It allowed me to drop complex project work and go put out the latest security incident and pick right back up where I left off.

Effective Mental Models for Code and Systems

On Thinking About Infrastructure as Code

Three Acquisitions In 2018 To Impact 2019’s Tech Landscape — Cloud, AI, and IoT are all getting touched.

Monorepos: Please don’t! — Don’t hurt ’em, Matt.

Monorepo: please do! — You tell ’em, Jacob.

Security trends to pay attention to in 2019 and beyond — Very insightful. If you have any thoughts that aren’t covered here please share them.

lorin/resilience-engineering — Resilience Engineering Notes

Tools

Linux Technology for the New Year: eBPF — Some are saying 2019 is the year of eBPF.

NSA Releasing the GHIDRA Reverse Engineering Tool at RSAConference — “GHIDRA is a reverse engineering framework that is available for Windows, macOS, and Linux that the NSA is unveiling at the conference.”

io_submit: The epoll alternative you’ve never heard about

The State of Kubernetes 2019 — I respect the folks over at Giant Swarm (a lot) and you should too.

Kubernetes In a Nutshell — I love the format of this. It’s almost like you could make index cards if you want to with it. When I update my Getting Started with Kubernetes article, this is definitely going in it.

Kicking the Tires on OpenEBS for Cluster Storage — If you have thought about trying out OpenEBS give this a once over. I should point out, the OpenEBS folks are great.

5 things you didn’t know about Istio — Learn how Istio helps address microservices challenges, in this talk from All Things Open 2018.

Hashicorp at Home — Applying the Hashicorp stack in your home; pretty cool idea.

Database migrations in Golang — Moving your state with Go 101

windmilleng/tilt — Local Kubernetes development with no stress

dbcli/litecli — CLI for SQLite Databases with auto-completion and syntax highlighting

project-koku/koku — An open source solution for cost management of cloud and hybrid cloud environments

Ne0nd0g/merlin — Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Best Linux Distro 2019, for desktop

DevOps’ish Tweet of the Week

Notes from this week’s issue can be found on GitHub.