DevOps'ish

DevOps, Cloud Native, Hybrid Cloud, Open Source, industry news, culture, and the ‘ish between.

DevOps’ish 228: Natural disasters, GitOps with Codefresh, NSO Group, MeteorExpress, Linkerd, Kubernetes 1.22, TSMC’s 2nm chips, cloud outposts, and more

At 8:13 PM last Saturday, the family and I were gathered in our basement, evading a tornado warning that came through the area. The storm spawned three tornadoes. Luckily, we weren’t hit directly. But we lost power, internet, and cell service. After getting the all-clear and assessing the situation, it was clear that we would be without power for quite a few hours. Making a newsletter last week wasn’t happening. It was technically impossible, and to be honest, I had a big ole stack of higher priorities come in. Then a few hours turned into a few days without these services. Luckily, we have a gas stove and water heater.

I spent Monday morning frantically trying to find a place with the trifecta of power, internet, and cell service. It didn’t exist within a twenty-minute radius of our house. We spent over 44 hours without power. We were lucky we didn’t have to wait much longer than that. The roof that I thought was damaged wasn’t (the shingles in our yard weren’t ours 😬😬😬). Cell service came back up in the morning on Tuesday.

The fragility of our millions of dollars in infrastructure became very apparent Saturday night as we watched our world turn suddenly dark with little warning. I’m more used to hurricanes (typhoons) where you know days in advance to be ready. The suddenness of it all is what sucked. We got a relatively typical warning of potential severe weather (a 5050 shot of something happening). It wasn’t until after Max was in bed that things got bad. Getting through it all takes calm and patience. But that’s hard to say to the five-year-old.

As always, I treated the whole thing as a learning and preparation exercise for the next storm. Julie got an updated battery pack. We also got a solar panel charging station and a solar and hand-cranked powered emergency radio with many bells and whistles. When I made coffee using a mortise and pestle as a grinder, I realized I needed to get a hand-cranked coffee grinder (It’s a solid five-minute workout, according to my Apple Watch). Also, I’m not going to lie; this neck fan might be one of the greatest inventions ever (especially in humid weather).

My wife said the weekend felt like three weeks on Tuesday while I nodded in vigorous agreement. It made this week chaotic and more challenging to manage than usual. I am lucky I had a well-trained intern and a supportive team around me.

People

GitHub Hires Former NSA OSS Chief as VP of Security Operations
Looks like GitHub is taking the whole secure pipeline thing to heart.

Good news! Honeycomb just published new chapters in their upcoming O’Reilly book, written by Charity Majors, Liz Fong-Jones, and George Miranda. Read this preview today to learn what constitutes good observability and how to make improvements from what you’re doing now. These chapters also provide practical do’s and don’ts for migrating from legacy tooling, such as metrics monitoring and log management.

GitOps Guide to the Galaxy (Ep 19): GitOps with Codefresh
Christian Hernandez and I sit down and talk to Dan Garfield about GitOps at Codefresh.

Nooses, Anger and No Answers: Inside the Uproar Over a Future Amazon Site
Amazon doesn’t actually own the warehouse until it’s done. The town is at a loss as to what to do. Then low and behold they say only two were technically nooses. What the fuck? Cops are grading knot tying now? If I walked into any building with a noose or anything that looked like a noose, I’d be looking for the person who put it there and less worried about the quality. Racist towns are the future ghost towns.

Credit to Tech’s Pandemic Leadership
Despite everything else, “America’s tech companies have been leading the way for how large employers should aid in the country’s pandemic response.”

Israel begins investigation into NSO Group spyware abuse
”‘We want them to check everything,’ says the CEO of a cybersecurity company implicated in campaigns against politicians, activists, and other notable figures.”

Process

From Stolen Laptop to Inside the Company Network
From trivial loss of property to holy 🤬 🤬!!!

LaunchDarkly Named a Leader in Feature Management and Experimentation
Discover why in its first Wave report dedicated to Feature Management And Experimentation, Forrester rates LaunchDarkly’s platform a Leader among vendor features that enable development teams to reduce software release headaches and enable true testing in production. Download today! SPONSORED

Cut us some Slack: $27bn+ later, collab tool officially belongs to Salesforce
If you’re in the US and watched ANY Olympic coverage I’m sure you’ve been reminded excessively of the closure of this deal.

The Level Up Hour (E42): IT security jargon and lingo
“A lot of terms get thrown around when it comes to IT security, and sometimes it’s hard to keep it all straight. So in this episode, let’s go through the various security buzzwords and jargon you’ve likely come across as developers. We’ll explain any basics you may have been missing during the last episode, and some of the deeper topics we’ll cover will be: authentication, authorization, attestation, DevSecOps, SPIFFE, SPIRE and anything else you can think of. So if anything in that sentence was a new term to you, buckle up because we’ll cover it in this talk. Oh, and let’s not forget TLS, which is not SSL, but everyone thinks it is.”

About Google Drive’s “A security update will be applied to some of your files” message
I’ve seen this quite a few times lately but didn’t really understand the why behind. Well, now I know.

MeteorExpress | Mysterious Wiper Paralyzes Iranian Trains with Epic Troll
The Iranian train system was hacked, trolled, and an all new wiper was discovered in the process.

Tools

Announcing Linkerd’s Graduation
Now the real service mesh war has begun.

It’s time for Dev Tool Time!
Join Sourcegraph for our bi-monthly virtual web series where we invite great developers to talk about their favorite dev tools, productivity hacks, and more. Register now.

Kubernetes 1.22 - What’s new? - New features and deprecations
“This release brings 56 enhancements, an increase from 50 in Kubernetes 1.21 and 43 in Kubernetes 1.20. Of those 56 enhancements, 13 are graduating to Stable, a whopping 24 are existing features that keep improving, and 16 are completely new.”

Deploying Microsoft’s New Linux Distribution as a VM is Not Easy
Well, it was designed to be used in Azure so I’m not sure what you were expecting.

TSMC Will Start Making 2nm Chips As Intel Tries to Catch Up
Intel being a laggard is something we might have to get used to for a year or two while Gelsinger picks up the pieces of the chip maker.

Spending On Cloud Outposts Is Climbing The Hockey Stick
Yeah, the cloud doesn’t solve everything. Who knew?

First ‘Time Crystal’ Built Using Google’s Quantum Computer
“Like a perpetual motion machine, a time crystal forever cycles between states without consuming energy. Physicists claim to have built this new phase of matter inside a quantum computer.”

Cosign 1.0!. And other Sigstore July Updates!

Hundreds of Ways to Get S#!+ Done—and We Still Don’t
I really don’t think this is a tooling problem. I used to be highly organized and a detailed note taker. Sadly, nowadays, my work and decisions have to happen in a just in time manner or otherwise I’d be the most organized person at work. The tools have to come with processes for people to use them.

backube/scribe
Asynchronous data replication for Kubernetes CSI storage

DevOps’ish Tweet of the Week

amy nguyen (@amyngyn) on Twitter: "Google encouraged employees who experienced harassment/assault to use their Employee Assistance Program benefits (provided by Lyra Health), then pressured counselors to provide records of their sessions to use in court when those employees filed lawsuits https://t.co/jTy9vwws5f"

Want more? Be sure to check out the notes from this week’s issue to see what didn’t make it to the newsletter but are still worth your time.


Sponsor DevOps'ish and put your brand in front of thousands of highly skilled operators, maintainers, developers, and leaders from Amazon, Apple, Google, IBM, Intel, Microsoft, Red Hat, many of the Fortune 100, and beyond. Download the DevOps'ish Sponsorship Prospectus now!


Join the Conversation

Join //devopsish for a stream of news and content throughout the week.


Share