I was incredibly busy this week. I spoke at the October 2020 CNCF Eastern Canadian Meetup. I turned the introduction to last week’s newsletter into its own blog post, Fear and Loathing in YAML, and it made the front page of the orange site (you read it here first). And then, of course, all the live streaming for Red Hat.

Speaking of live streaming. When we look back at 2020, it seems like live streaming will be the thing the COVID-19 brought into our daily lives. Twitch is cleaning up its act and trying to be a little more grown up: Twitch DMCA Purge Deletes Thousands Of Streamers’ Videos. Then a major US politician got up to 400K people viewing her stream simultaneously. It seems like, live streaming, in general, is turning into the new Twitter. It’s an exciting world, for sure. I need to sit down and write out some additional thoughts on live streaming, my setup, etc. But that’ll be for another day.

DevOps’ish is brought to you by Accurics. They’re cool people doing cool things with cloud native security. Check them out! Scanning Kubernetes IaC configurations with Terrascan

Want to see your organization in DevOps’ish? Review the newsletter sponsor page for all the details. Give the DevOps’ish Sponsorship Prospectus a gander if you need help convincing your marketing team they should spend. SPONSORED


One lone hero in production is not sustainable-not for you, not for high-functioning teams, and not for customers who depend on your service. Collaborate well by instrumenting observability from the very beginning, and enable more resilient teams to build more reliable systems sustainably.

In our guide, Developing a Culture of Observability, we lay out why o11y culture and tools go hand-in-hand. Learn how to build a culture of observability with Honeycomb. SPONSORED

How to waste your career, one comfortable year at a time
“I recently saw this tweet asking people about their career’s most expensive mistake. The most common one was people staying too long at their jobs and not switching sooner.” I can confirm this. The happy medium between keeping your job and losing money by not taking the next opportunity is pretty short in tech. If you’re early in your career, always be looking for the next thing. Have a minimum pay raise in mind to cover the sunk costs of changing jobs and risk of it sucking for a year. This number will increase over time. The number should be a percentage of your current salary (10-15% pay raises to change jobs is normal). Once you have your feet under you, you’ll have an excellent idea of what metrics matter to you.

Nude on Zoom: Jeffrey Toobin and other embarrassing video meetings
Henceforth, pants are mandatory. This kind of behavior is 100% unacceptable and if this ever were to happen on a call I was on, I would push for the employee’s immediate termination. There’s no reason for this. Check your privilege at the door, please. Zoomsterbating.com will point to the Zoomsterbating tag here on DevOps’ish. A little shame could go a long way in changing behaviors.

Falsehoods programmers believe about time zones
This is an absolutely wonderful article about earth’s time management. There was an update to the tzdata files this week so I cracked it open and read all about how America/Detroit came to be. Time is fascinating and we very much treat like a construct we control.

Developer survey: C# losing ground to JavaScript, PHP and Java for cloud apps, still big in gaming
“Plus: What puts off developers from adopting cloud? Price”

Tea and Anarchy with Alice Goldfuss and Ian Coldwater
“Bridget chats with Alice Goldfuss and Ian Coldwater.”


Protecting K8s Against MITRE ATT&CK Techniques - Download Whitepaper
The rapid adoption of Kubernetes for business-critical operations is driving new security challenges that must be addressed - namely an expansion of the attack surface that exposes you to new threats. The MITRE ATT&CK framework was recently adapted to Kubernetes to identify nine distinct attack vectors and techniques unique to Kubernetes that attackers employ. Download this whitepaper from StackRox to learn about these nine techniques and the individual tactics within each technique, and get actionable recommendations to protect your environment and reduce your attack surface. SPONSORED

How Local Fonts Can Save The Environment
This article talks about how creators of web sites have a responsibility to the planet too. The Website Carbon Calculator is pretty dope too.

Docker Hub Image Retention Policy Delayed, Subscription Updates
Docker’s gonna Docker.

Startups, It’s Time to Think Like Camels — Not Unicorns
“The world has changed. In the wake of Covid-19, and the global recession it has caused, business leaders, innovators, entrepreneurs, and investors are all girding for a long period of extremely challenging conditions in the global market. How can startups and innovators of all stripes survive in such conditions? Many are not prepared.”

Intel Agrees to Sell Storage Unit to SK Hynix for $9 Billion
This is going to change the storage industry in interesting ways.


Oh Dear, uptime monitoring like no other
With Oh Dear, you get uptime monitoring, SSL certificate alerts, performance monitoring and we’ll crawl your entire site, reporting 404’s, server errors and more. With our unlimited status pages and cron job monitoring, Oh Dear is all the monitoring you’ll ever need. Sign up with code DEVOPSISH and get a 30% discount on your first 3 months. SPONSORED

Discussing/modifying the kubernetes/kubernetes release cadence
In the wake of 2020 day-to-day life, the Kubernetes community is seriously considering moving to three releases a year.The four releases a year cadence is a breakneck pace given everyone’s current situation. The thread is a very healthy debate and I’d encourage everyone to read it. Keep your hot takes to yourself though, or @ me on Twitter with them or something.

RIAA blitz takes down 18 GitHub projects used for downloading YouTube videos
This is total bullshit. I use youtube-dl for legit purposes at least two or three times a week. This isn’t cool, GitHub.

On our Abusive Relationship with Mozilla’s Firefox
It is entirely possible we need to leave Firefox behind and encourage something new.

Linux interface analytics on-demand with iftop
Got network bandwidth? Are you sure? Find out with iftop.

Secure NTP with NTS
“NTS is a new authentication mechanism for NTP. It enables clients to verify that the packets they receive from the server have not been modified while in transit. The only thing an attacker can do when NTS is enabled is drop or delay packets.”

Neon Programming Language
“Neon is a high-level, statically typed, garbage collected, imperative programming language intended for teaching and learning the craft of programming.”

Fedora 33 To Be Released Next Week
I’ll be updating my server before the streaming rig. We’ll see how it goes.

OpenTelemetry’s First Release Candidates
“OpenTelemetry has hit another milestone with the tracing specification reaching release candidate status.”

Dangit, Git!?!
Git is an imperfect tool. Here’s some help.

Network Segmentation: Concepts and Practices
“By seeking easy and uncomplicated network management–or simply because they don’t know better–many organizations can end up with hundreds or thousands of systems connected in a single, massive network. This arrangement can lead to havoc if the network falls victim to attack or even unintentional error. In this blog post, we review the basics of network segmentation and describe how organizations should implement it as an ongoing process.”

Introducing pvc-autoresizer
“Today, we are excited to announce pvc-autoresizer, which is new, Kubernetes-native, open-source software to provide the ability to expand the size of Persistent Volume Claims (PVCs) on Kubernetes cluster automatically.”

A Kubernetes operator to sync secrets from AWS Secrets Manager

DevOps’ish Tweet of the Week

DevOps’ish Tweet of the Week from @jbaruch

Want more? Be sure to check out the notes from this week’s issue to see what didn’t make it to the newsletter.