DevOps'ish

DevOps, Cloud Native, Hybrid Cloud, Open Source, industry news, culture, and the ‘ish between.

DevOps’ish 210: Net Neutrality, Burnout, DevSecOps, Kubernetes galore, SubStack is bull, and more

The idea for the subject of this week’s intro came from K Rain Leander. Rain asks, “The past year has been one of lockdowns, increased security and decreased travel. DevOps became DevSecOps became DevSecOpsBiz. And the world embraced the work / life balance culture of DevOps. What are your favourite cultural shifts from the last year? What do you want to let go of forever? As we take a look at the latest updates in the DevOps world, also take a look at you and yours and let us know how you’re doing. And if we can help, let us know how.”

I won’t touch on the “DevOps became DevSecOps became DevSecOpsBiz” point because, while I have seen more folks saying DevSecOps outright, I cannot say the same for “DevSecOpsBiz.”

Lockdowns and constant existential dread are strongly demotivating. I’ll be happy when kids start getting vaccines in their arms. I’m very much tired of the constant worry and struggle. But, we as a society keep doing insane things. Case in point, letting the numbers get down to “safe” levels then reopening (in any capacity) until the number of deaths go back up. I get it; commerce is important. But do we constantly have to ride this up and down roller coaster? It’s disheartening and downright cruel to watch more people die so someone could sit in a half-capacity restaurant that they could have taken home. The things that haunt me in my life from my past are the lives I could’ve saved but was unable to.

Working from home full-time is something I’ve already been doing for a long time. Even when I wasn’t in a full-time WFH position, I still had the option, so I’ve maintained an office for the past ten years or so. I’m very fortunate this is the case. The no traveling thing is a double edged sword, though. Yes, you can improve relationships and build stronger bonds at home. But, there is evidence that some friendships are struggling under the pandemic. All of my friends are a significant drive away, so it’s not like I’m seeing them at all. That sucks. I won’t miss that in the new normal.

But, one trend I love is how little driving I’m doing. On Friday, I went down to Ann Arbor, Michigan, and received my first dose of the Pfizer vaccine manufactured at their 1,300-acre facility in nearby Kalamazoo, Michigan. It’s probably the longest I’ve driven in over a year. I don’t go to the doctor nearly as much as I used to but, I have better and easier access to treatment, which is an insanely positive experience for not just productivity but the environment too. I don’t need to waste an hour in the car to go to and from a doctor’s office. I jump into one of what feels like a billion different options for video conferencing. I only need to go to the doctor’s office for some mandatory tests and any treatment I can’t administer myself (injections, for example). This can stay. It’s a boon to the medical field, I’m sure. Commercial real estate will suffer for a time but, it’s for the greater good, in my opinion. I know CEOs of some tech companies can’t wait to get back to the office but, most of them have recently made massive investments in real estate for their employees.

I look forward to making the world more equitable for all too. This pandemic has shown that there are some genuinely privileged people out there doing some absurd things and putting others in danger (wear a damn mask, folks, just do it and do it right). Things that bother me the most right now are the things we’re NOT doing but should be because a significant portion of our resources are being spent on fighting a pandemic. The discovery of massive compromises has shown that we have had our eye off the ball as an industry. It’s not as easy as throwing firewalls and anti-virus on everything. That isn’t compatible with the way the workforce wants to work. We have to build more resilient systems continuously and educate people of the dangers of simple things like texts and emails that can bury a business.

I’ll never forget the first internal phishing campaign I ever ran. I used the first version of OpenShift (how coincidental) and 100% of the development team was caught entering credentials in a form that, if filled in and submitted, directed them to a page letting them know they’d just been phished and explaining how they got caught in great detail. The industry was moving at a breakneck pace before. Maybe after the countless compromises and side-channel attacks, we’ll learn something as a society. Or maybe not.

As far as, “take a look at you and yours and let us know how you’re doing. And if we can help, let us know how.” I’d say my number one indicator of stress, pain, and how well I’m doing is how much facial hair I’m sporting that day. The longer the facial hair, the more patience I need. But, it’s hard to explain to people that not shaving that morning saves resources for that last live stream or meeting of the day (think spoon theory). Psychological safety is good but, everything else piles up sometimes.

Nevertheless, don’t worry about me. My support system is solid. Others are not as fortunate. They’re punished for being born. Because of where they come from, the color of their skin, or because of how they feel. These are the people that need to be lifted and normalized. Stop the hate. Stop it now. That still won’t create a level playing field. But, it’s a step in a better direction. These aren’t political statements. They are most certainly not. They might require a political solution but, I’m asking for humans to treat each other nicely. That shouldn’t be such a loaded statement.

People

Cars Have Your Location. This Spy Firm Wants to Sell It to the U.S. Military
Protecting your data shouldn’t be up to someone else.

Never wait for a staging environment again 👩‍💻🧑‍💻👨‍💻👩‍💻
Do you find that your engineers spend too much time creating and maintaining staging environments and yet, there never seems to be enough environments to go around? A shortage of environments is a top driver of low developer productivity and often impacts an engineering team’s ability to ship features on time. With Release, you can get a full instance of your app with all of its services with every pull request. You’ll never have to wait around for staging environments again. 💡 Get started now 💡 SPONSORED

Mozilla leads push for FCC to reinstate net neutrality
“In a letter to FCC Acting Chair Jessica Rosenworcel Friday, ADT, Dropbox, Eventbrite, Reddit, Vimeo and Wikimedia joined Mozilla in calling net neutrality ‘critical for preserving the internet as a free and open medium that promotes innovation and spurs economic growth.’”

How to Measure Burnout Accurately and Ethically
“The Maslach Burnout Inventory (MBI) is the first scientifically developed measure of burnout and is used widely in research studies around the world. Since its first publication in 1981, the MBI has been applied for other purposes, such as individual diagnosis or organizational metrics. When used correctly, these applications of the MBI can greatly benefit employees and organizations. When used incorrectly, it can result in more confusion about what burnout is rather than greater understanding. Some of these applications are even unethical. This article explores what the MBI is, how misuses of the MBI have led to troubling outcomes, and how following the best practices for administering the MBI can help leaders design effective ways to build engagement and establish healthier workplaces.”

‘PyLadies’ mentorship group helps women Python developers
“Women are underrepresented in open source, with only 3% of all contributors identifying as female.”

Process

The Future of Cloud is Microsoft’s to Lose
True story. I use Azure A LOT these days.

Ever wondered “What is Feature Management? Who’s it for and why should I care?” Questions Answered: [Free Book] Definitive Guide to Feature Management Ship Fast. Rest Easy. LaunchDarkly. SPONSORED

7 Principles of DevSecOps With Kubernetes
“In this article, I indicate how Kubernetes can be used and configured to satisfy seven principles for a successful DevSecOps approach using Kubernetes. The seven DevSecOps principles are those identified in the Department of Defense Enterprise DevSecOps Reference Design.”

RIFT: Detection capabilities for recent F5 BIG-IP/BIG-IQ iControl REST API vulnerabilities CVE-2021-22986
“This post by Rich Warren and Sander Laarhoven discusses NCC Group observed in the wild exploitation attempts and detection logic for the F5 BIG-IP/BIG-IQ iControl REST API vulnerabilities CVE-2021-22986.”

The Cloud Native Landscape: Platforms Explained
“This post is part of an ongoing series from the Cloud Native Computing Foundation’s Business Value Subcommittee co-chairs Catherine Paganini and Jason Morgan that focuses on explaining each category of the cloud native landscape to a non-technical audience as well as engineers just getting started with cloud native. See also installments on the layers for application definition development, the runtime, the orchestration and management, and the provisioning.”

Without These 3 Things, You Don’t Have DevSecOps
Kinda nailed it.

Phishing sites now detect virtual machines to bypass detection
“Phishing sites are now using JavaScript to evade detection by checking whether a visitor is browsing the site from a virtual machine or headless device.”

Kubernetes Is Not Your Platform, It’s Just the Foundation
“As the platform should be considered a product, we can look at product metrics — and the categories in Figure 7 come from the book Accelerate by Nicole Forsgren, Jez Humble, and Gene Kim. They write that high-performing teams do very well at these key metrics around lead time, deployment frequency, MTTR, and change failure rate. We can use this to help guide our own platform services delivery and operations.”

Tools

Moving k8s communication to gRPC
“Often overlooked from a developer’s perspective, HTTP client libraries are clunky and require code that defines paths, handles parameters, and deals with responses in bytes. gRPC abstracts all of this away and makes network calls feel like any other function calls defined for a struct.”

Are you wondering why the term “observability” seems to be everywhere? It’s because it can help you debug and ship quality code faster! Find out in one of our Weekly Live Demos how you can gain confidence in production with observability.

Guess less and know more with Honeycomb. SPONSORED

Argo CD v2.0-rc1 is here!. Argoproj team is proud to announce the…
“Argoproj team is proud to announce the first release candidate for Argo CD v2.0! As denoted by the version number, this is a major release with many new features and enhancements, but no breaking changes or painful migrations. So what is new?”

Kubernetes is so Simple You Can Explore it with Curl
“Simple”

Reverse Engineering a –Docker– Container Image
In the end, it’s all Linux basics neatly put together.

17 Noteworthy AWS Cost Optimization Tools (Organized by Category)
“There are several categories of AWS cost optimization tools. These include the free tools offered by AWS (AWS native tools) as well as AWS cloud cost management tools, continuous cloud optimization tools, and Kubernetes cost management solutions available from Amazon and a variety of other vendors.”

curl is 23 years old today
Thank you so much, Daniel.

Here’s why Substack’s scam worked so well
Me too. “Before Substack came clean about its Pro program, I had already started to hear things from journalist friends about how certain people were getting massive amounts of money to write for the platform. Sure, they could call their newsletter by any name they wanted, but Substack was paying them to do it. And yet Substack was pretending that its successful newsletters were all bootstrapped. That sounded like shenanigans to me.”

Kubernetes autoscaling, explained
“What is Kubernetes autoscaling? This automation capability means you don’t have to manually provision and scale down resources as demand changes. It also prevents needless spending. Here’s how it works”

Call-for-Code-for-Racial-Justice/TakeTwo
TakeTwo solution provides a quick and simple tool for media creators and media consumers to be more vigilant to detect and eliminate racial bias (both overt and subtle) in their content

senthilrch/kube-fledged
A kubernetes add-on for creating and managing a cache of container images directly on the cluster worker nodes, so application pods start almost instantly

kubermatic/fubectl
Reduces repetitive interactions with kubectl

sbstp/kubie
A more powerful alternative to kubectx and kubens

vshymanskyy/awesome-wasm-tools
😎 A curated list of awesome, language-agnostic WebAssembly tools

harporoeder/ebpfsnitch
Linux Application Level Firewall based on eBPF and NFQUEUE.

kubernetes-sigs/node-feature-discovery-operator
Operator for managing Node Feature Discovery deployment

DevOps’ish Tweet of the Week

@sedonaprince_ on Twitter: "Let me put it on Twitter too cause this needs the attention"

Want more? Be sure to check out the notes from this week’s issue to see what didn’t make it to the newsletter but are still worth your time.


Sponsor DevOps'ish and put your brand in front of thousands of highly skilled operators, maintainers, developers, and leaders from Amazon, Apple, Google, IBM, Intel, Microsoft, Red Hat, many of the Fortune 100, and beyond. Download the DevOps'ish Sponsorship Prospectus now!


Join the Conversation

Join //devopsish for a stream of news and content throughout the week.


Share