DevOps'ish

DevOps, Cloud Native, Hybrid Cloud, Open Source, industry news, and the ‘ish between.

DevOps’ish 183

General 9-11, war, and mental health warnings

This is hell week for me every year. The week before 9-11-2001, I lost my best friend. At the same time, mourning his loss in North Carolina still (I was stationed at Langley AFB, VA). I woke up early the morning after leaving the mountains and the funeral activities in Hendersonville. I was at my parents’ house. They’d taken time off the week before dealing with my dad’s mother’s (my grandmother’s) passing. While they were incredibly helpful, they’d missed all the work they could afford to, so we were leaving that day to be back home by nightfall. I flipped over to the news to see a weather update. I saw one smoking tower. Minutes later, I saw another plane smack into the second tower live. Scarred for life (I studied NYC architecture throughout my youth), I jumped in the shower after telling my ex-wife, “If they hit the Pentagon, we’re leaving, immediately.” She began frantically packing up our miraculously still sleeping daughter and her stuff.

I knew some things she didn’t, but she knew that the world was in some horrendously deep shit. I knew that the Pentagon was the next logical target after the Al Qaeda attacks on the USS Cole. But, the WTC was the wild card we didn’t see coming at all. I don’t know why we didn’t think it’d be a massive, all in one hit. Al Qaeda was known for stepping up their theatrics. I either learned right before leaving or immediately after returning to duty that the typical background chatter died down the week before 9-11. To the point, some folks were indeed worried before my departure.

We raced home in a Toyota RAV-4, listening to the day’s events unfold. By the time we hit I-64 in Virginia, we were in a group of folks moving down the interstate in convoy, we all ID’d as military (all branches), weren’t stopping for shit, and were driving between 80-100 mph. In a group that large, with flashing lights, by the afternoon of that day, everyone knew to get out of the way. The cops were not out. Even someone did try to pull us over; we’d have gotten them called off before you could say, World Trade Center. We got home. I was unloading the car, getting the latest on the day’s events from my boss. I was being added to a list to get on base. As soon as I was on it, I was to report in and expect to work non-stop. “Pack every tactical thing you got.”

I pulled the flag we fly in. It was a dark day for the United States. As I was folding the flag, a squadron of F-15s appeared on the return path to Langley Air Force Base. It was my second year in the US Air Force. I’d only seen pictures of fully loaded out F-15s up to that point. I immediately confirmed what I already knew before the Bush presser from the Oval that night by the armament being carried. We were at war, I knew it was Al Qaeda before the intel even came close to confirming it, and I was deeply shaken we did not catch it. It was so fucking obvious. “I want in the fight, now,” I told my boss. He reassured me, he knew. But, we had no idea what was in store for any of us.

The events of that day would trigger a series of life-altering decisions for everyone around me. We lost so many people that day. I’m still outraged and sad we missed the intelligence behind it. The intelligence hell we created in the aftermath of 9-11 was partly built and maintained with my own hands. We trampled so many people’s rights, but we had no idea because we only used and reacted to actionable intelligence in my roles. There were real walls between what I knew what we were doing with what we gathered and what the other agencies did with it. I just maintained all the infrastructure behind it for one of the regional sites. Everything else done by other intel agencies on station was unknown to me.

It wasn’t until the Snowden revelations that I realized how dirty my hands were in maintaining the most voracious intelligence gathering apparatus the world had ever known. The physical injuries and mental hell are the scars 9-11 veterans bare. But, there is so much more to 9-11 for me than the day of 9-11.

I made it through another year. I’m glad you did too.

DevOps’ish is brought to you by Accurics. Learn more about their open source project Terrscan which has been refactored to use Open Policy Agent.

People

KUBECTL Corgi Kubernetes Sticker Waterproof & Glossy
You need this sticker in your life.

The Official, Authorized List Of Legitimate Reasons For Deciding to Become a Manager
“It’s a question that gets asked a lot, in job interviews, 1x1s, and plain old casual conversation. I ask this question a lot, and I am often frustrated (or bored) by the answers I hear back.”

Things I Learned to Become a Senior Software Engineer
“It all began with a question: How do I grow further?”

Ramblings from Jessie: The Automated CIO
“This post is going to go into details about our automated Chief infrastructure Officer (CIO). I joke so much that I automated our CIO that I even named the repo holding the code… cio.”

How I Got An Offer At Facebook, Turned It Down, And Moved On
“There are lots of questions and answers online about how to get into one of the FAANG (facebook, amazon, apple, netflix, google) companies. This article is my experience and some recommendations.”

Process

Crunchy HA PostgreSQL - Ensure your data is always available
Meet your “always on” data requirements with trusted, open source components. Crunchy HA PostgreSQL gives you an all-in-one production PostgreSQL solution: HA, DR, monitoring that is securely deployed. Chat with Crunchy Data to learn more. SPONSORED

Event: Kickstart innovation, built on Kubernetes
We take OpenShift.tv on the road, to an extent, for the keynote to this two-day event. I’ll be talking about Operators and GitOps with two of the experts on the topics, Jason Dobies (Operators) and Christian Hernandez (GitOps) in what is one of the most fun keynotes I’ve ever made. Stay tuned in for the other great content including another OpenShift.tv styled interview I did with Clayton Coleman, top contributor to the open source Kubernetes project. This is a virtual event worth attending, y’all.

Scaleable Multiplayer Game Design with OpenShift
Here’s the GitHub repo too.

Why RudderStack Used Postgres Over Apache Kafka for Streaming Engine
“In this post, we answer the all-important question - ‘Why we did not prefer Apache Kafka over PostgreSQL for building RudderStack’. We discuss some of the challenges with using Apache Kafka over our implemented solution that uses PostgreSQL.”

PostgreSQL Node Metrics: Don’t Fly Blind
“If you are not actively monitoring your PostgreSQL clusters, and alerting on anomalous conditions, you are ‘flying blind’. Don’t do that!”

Intel AMT Hit By Another “Critical” Security Vulnerability
It never ends…

Progress Software acquires infrastructure automation pioneer Chef
“Progress Software Inc. today said it plans to acquire infrastructure automation firm Chef Software Inc. for $220 million, or about twice the $105 million in funding Chef has raised to date.”

Marc Andreessen On Productivity, Scheduling, Reading Habits, Work, and More
This interview was recorded earlier this year and originally appeared on The Observer Effect; it has only been lightly edited for formatting here.

Tools

Download today: Kubernetes security ebook - tips, tricks, best practices
The rapid adoption of Kubernetes to manage containerized workloads is driving great efficiencies in application development, deployment, and scalability. However, when security becomes an afterthought, you risk diminishing the greatest gain of containerization - agility. Download this ebook to learn how to (1) build secure images and prevent untrusted/vulnerable code, (2) configure RBAC, network policies, and runtime privileges, (3) detect unauthorized runtime activity, and (4) secure your Kubernetes infrastructure components such as the API server. SPONSORED

What killed Haskell, could kill Rust, too
“I’m gonna use a word here, and I don’t want you to take the word the wrong way. The wrong way you could take the word is ‘evil’, and the other way you could take the word is ‘ignorant’. But it’s not quite even ‘ignorant’. The word I’m gonna use is ‘arrogance’.” Huh… Sounds familiar.

CNCF End User Technology Radar Observability, September 2020
“The Themes: The most commonly adopted tools are open source. There’s no consolidation in the observability space. Prometheus and Grafana are frequently used together.”

Performance Benchmark Analysis of Egress Filtering on Linux
“Our friends at SAP asked us to perform a benchmark of the common Linux technologies available for this task. This blog post presents the methodology and results from benchmarking some of the Linux filtering technologies: eBPF, IP sets and iptables.”

Teams practicing CI/CD can level up deployments to production with Progressive Delivery. Using both feature flags & observability, dev teams can get REAL feedback from real users to validate how new features actually behave in production, before rolling them out to everyone.
How does it work, and what are some practical ways to get started?
Honeycomb.io CTO/co-founder, Charity Majors, & LaunchDarkly Developer Advocate, Dawn Parzych, will walk through what you need to know 917 10 AM PT, in this webinar Progressive Delivery: Using feature flags & observability to ship confidently. SPONSORED

Kubernetes YAML Generator

Arm’s latest Cortex-R82 chip aims to enable smarter storage hardware
Storage with compute… Oh heavens…

Service proxy, pod, sidecar, oh my!
“Imagine you’re developing a service… For certainty, let’s call it A. It’s going to provide some public HTTP API to its clients. However, to serve requests it needs to call another service. Let’s call this upstream service - B.”

The V Programming Language
V attempts to answer, “Fast compilation, Simplicity & maintainability, Great performance on par with C and zero cost C interop, Safety (immutability, no null, option types, free from data races), Easy concurrency, Easy cross compilation, Compile time code generation, Small compiler with zero dependencies, No global state, Hot code reloading”

ca-gip/kotary: Managing Kubernetes Quota with confidence
“It is an operator that brings a layer of verification and policy to the native ResourceQuotas mechanism. It introduced a new resource call a ResourceQuotaClaims that will let users ask to modify the specification of their quota.”

algolia/frontman
💎 A Ruby-based static website generator

DevOps’ish Tweet of the Week

Want more? Be sure to check out the notes from this week’s issue to see what didn’t make it to the newsletter.


Sponsor DevOps'ish and put your brand in front of thousands of highly skilled operators, maintainers, developers, and leaders from Amazon, Apple, Google, IBM, Intel, Microsoft, Red Hat, many of the Fortune 100, and beyond. Download the DevOps'ish Sponsorship Prospectus now!


Join the Conversation

Join the DevOps'ish group on Telegram for insight and in-depth discussions about real technical challenges facing real people. Also, join //devopsish for a stream of news and content throughout the week.


Share