149: Ahh-Me or Ay-Em-Eye, Don't stop learning, GitOps, open is better, iTerm2 vuln, Ansible Operators, and More

This week’s introduction is brought to you by Corey Quinn. Send complaints Corey’s way:

What’s made of comfy ring-spun cotton, available in your size and shape, AND guaranteed to start a flame war with your AWS pals? The 2019 Last Week in AWS Charity T-Shirt! This year’s shirts come in two flavors — one for each pronunciation of the acronym for Amazon Machine Images. Are you an Ahh-Me or an Ay-Em-Eye? Pick your preference, and wear it loud and proud!

As usual, all proceeds from these shirts go directly to St. Jude Children’s Research Hospital, which has helped increase the survival rate of childhood cancer from 20% to over 80%. Families never receive a bill from St. Jude for treatment, travel, housing, or food.

Now you can wear your inside joke on your chest, and your heart on your sleeve all at the same time. Visit https://snark.cloud/charityshirt to buy your shirt today!

Editor’s Note: The Short family is on vacation. DevOps’ish 150 will likely be a beautiful picture.

DevOps’ish Last Week’s Top Five

1. AWS billing is broken and Kubernetes won’t last, says irreverent economist Corey Quinn
2. Terraform at Starbucks: Infrastructure as Code for Software Engineers
3. 12 Kubernetes configuration best practices
4. Ansible Crash Course
5. Detecting Agile BS

See the top ten →

Events

All Day DevOps, Live Online
November 6, 2019 (24 hours)
From your desktop, laptop, or mobile device
Free Registration

On November 6th, we will be supporting the live online All Day DevOps conference. This is a 24 hour event with 5 simultaneous tracks, delivering 125+ sessions in 38 time zones. Session tracks include Cloud Native Infra and Monitoring, DevSecOps and Automated Security, CI/CD, Site Reliability Engineering, and Cultural Transformation.

KubeCon + CloudNativeCon North America 2019
The Cloud Native Computing Foundation’s flagship conference gathers adopters and technologists from leading open source and cloud native communities in San Diego, California from November 18-21, 2019. Join Kubernetes, Prometheus, Envoy, CoreDNS, containerd, Fluentd, OpenTracing, gRPC, CNI, Jaeger, Notary, TUF, Vitess, NATS, Linkerd, Helm, Rook, Harbor, etcd, Open Policy Agent, CRI-O, and TiKV as the community gathers for four days to further the education and advancement of cloud native computing. Use code KCNACSN10 at checkout for a 10% discount on KubeCon Corporate Registration.

People

Software Engineering Promotions: Advice to Get to That Next Level — “This article collects advice on promotions that I’ve been giving to engineers on my team - many of whom have since been promoted to that next level.”

20+ basic Algorithms Problems from Coding Interviews — “It’s important that you practice these Algorithms based questions because even though they seem obvious and easy, sometimes they become tricky to solve in the actual interview, especially if you have never coded them by yourself.”

To Prepare for Automation, Stay Curious and Don’t Stop Learning — Continuous learning is the most important part of DevOps. Don’t rest on your laurels. You’re baking competitive advantage into your business every day until you stop learning.

Process

Docker Desktop asset, fiscal stress prompt acquisition buzz — “Docker still has a great opportunity to add value around Kubernetes, but it doesn’t help when people are wondering about their future viability as a company,” said Jay Lyman, analyst at 451 Research. “When a company shuffles execs, it’s an opportune time to lay out their vision of the future, so someone else doesn’t do it for them.” Use an incognito window if you can’t see it.

GitOps is Continuous Deployment for cloud native applications — GitOps is what DevOps implementations should strive for. git push and off goes your workloads to their respective environments, tests, and eventually off to production.

GitLab’s unconventional journey to CI/CD and Kubernetes — “How the Delivery team at GitLab used our existing resources to overhaul our system to make way for CI/CD.”

F1 teams back open-source designs proposal — Open is better.

Proposal: Permanently change all proprietary licensing to open source · Issue #2786 · caddyserver/caddy — Open is better.

Open Source Gerrymandering

Tools

iTerm2 Vulnerability — There’s a gnarly vuln in iTerm2 that didn’t seem to get a lot of attention this week.

Building Kubernetes Operators in an Ansible-native way — My colleague Tim Appnel and I get you familiar with Ansible Operators and what they can do in your environments. It’s a wide world of possibilities.

12 Kubernetes configuration best practices — “It should be noted however that ensuring adherence to these best practices requires more than just knowing what they are. The level of success you have in consistently following these recommendations will also be determined by the degree to which you can automate the process of checking your environment for misconfigurations.”

A New Linux Memory Controller Promises to Save Lots of RAM — “Roman Gushchin, a member of Facebook’s Linux kernel engineering team, has proposed a brand new slab memory controller for the Linux kernel. This new slab memory controller promises to provide a much-improved memory utilization between multiple memory cgroups, via sharing slab pages.”

Deploying Ansible Tower and Terraform — “Are Terraform and Ansible an unlikely pairing, two star-crossed lovers, or just the right technological marriage to simplify workflows for sysadmins, developers, and users? Find the right answer here.”

How to install whois on RHEL 8 / CentOS 8 — You’ll need EPEL.

DevOps in Practice: Moving NGINX Controller Development to GitLab CI — NGINX Controller development moved from GitHub and Jenkins to GitLab CI/CD.

Demystifying Persistent Storage Myths for Stateful Workloads in Kubernetes — “Kubernetes is everywhere now. If you are moving or have moved your workloads to containers and still want to keep up with virtual machines, Kubernetes can do that for you. Due to this, K8S is slowly becoming a mainstream cloud operating system. However, when it comes to handling storage for applications, specifically stateful applications, you have to do some research.”

salesforce/sloop — Kubernetes History Visualization

karydia/karydia — Kubernetes Security Walnut

digitalocean/clusterlint — A best practices checker for Kubernetes clusters. 🤠

weaveworks/wksctl — Open Source Weaveworks Kubernetes System

DevOps’ish Tweet of the Week

woah. @SlackHQ TIL, and i ❤️ you! pic.twitter.com/vLJphX0Vxe

• mo (@usrdev) October 8, 2019

See Notes →