DevOps’ish is brought to you by Honeycomb.
“Stop Letting Complexity Slow You Down”
Honeycomb makes it easy to understand and troubleshoot complex relationships within your distributed services. Solve problems faster. Ship reliable and performant features. SPONSORED

Last week, I reported the back and forth with Verizon’s and AT&T’s 5G efforts on the old C-band spectrum. This frequency band is also used to tell airplanes where the ground is as they’re on final approaches and landings, and the FAA has been frantically working to prevent a delay in the 5G rollouts of two of the US’s largest carriers.

Meanwhile, I’ll be getting introduced to this new service on January 19th as Verizon flips on their 5G network based on this frequency band on January 19th. This could also mean a shift in the works in terms of how I consume the internet. Right now, it’s a Comcast Business link. I would prefer not to be a Comcast customer. Home 5G, Project Kuiper, and Starlink Cat bed based internet are all looking like viable alternatives. Meanwhile, we learn that 5G could be used as a sensor itself.


you feel like shit
A site that helps you figure out why.

no hello
“Imagine calling someone on the phone, going hello! then putting them on hold… 🤦‍♀️”

Nike, Columbia Sportswear plan to start firing unvaccinated employees
Not just for healthcare providers anymore, companies have no time for COVID-19 shenanigans and are exposed to massive risk by having the unvaccinated in their midst. I can’t wait until this happens in the tech sector en masse. Take all the trash out in one fell swoop. All it takes is insurance companies saying they’ll charge employers a penalty if they don’t have an acceptable vaccination mandate. This is going to be fun.

Toxic Culture Is Driving the Great Resignation
Good. But, mobility alone won’t fix the problem. It’ll sure make the bad actors better known though. Like, I know better than to work for any of the Quicken Loans family of businesses. They’re generally toxic cesspools and I’ve kinda called them out on it. I’m on their naughty list now.

LastPass is holding people’s data hostage and it is an absolute disgrace that needs to stop
A LastPass employee actually reached out to me about my shallow take on the subject of LastPass. Little did they know I’ve loathed LastPass for a long time now (2015). I don’t know why I’m still surprised by actions like this.

French Navy ATL2 MPA: Someone Just Lasered the Wrong Aircraft
You’re a fucking idiot if you point a laser at a surveillance aircraft. They can detect energy changes like being lazzed for targeting, you know, by lasers.

Google Had Secret Project to ‘Convince’ Employees ‘That Unions Suck’
Of course it did. The fact Google did this systemically is no surprise.


The Security Obstructionism (SecObs) Market
“In security, obstructionism foments the dreaded Department of No, the begrudged gatekeeper, and the truculent Security Theatre1. Hence, I am introducing the term Security Obstructionism (SecObs)2, a category of tools, policies, and practices whose outcome is to impede or prevent progress for security’s (speculative) sake. I suspect the TAM (total addressable market) for SecObs is enormous and perhaps provides a more coherent understanding of security stacks than traditional market categories.”

5 Dashboard Design Best Practices
A bad dashboard might be worse than bad data or no data at all.

Apache Software Foundation warns its patching efforts are being undercut by use of end-of-life software “Despite the resource constraints inherent in a volunteer-staffed organization, Mark Cox said the ASF continues to achieve “a consistent process for how reported security issues are handled” among more than 350 diverse, independent Apache projects, and reserves the right to archive projects that fall short.”

10 real-world stories of how we’ve compromised CI/CD pipelines
Installing Jenkins and a few of its multitude of plugins is akin to installing Wordpress to manage your code deployment process.

Canon can’t get enough toner chips, so it’s telling customers how to defeat its DRM
Why does ink need a chip? I mean seriously, think about that for a second. The printer consumes ink and applies it to paper. You can do this without a chip. This shows how bad recycling programs are for these printer cartridges. Even worse, imagine how many perfectly good chips are sitting in landfills right now that could be used for literally anything else.


Working with Kubernetes API - Resources, Kinds, and Objects
“The Kubernetes API is a bit more advanced than just a bunch of HTTP endpoints thrown together. Therefore, it’s vital to understand the Kubernetes API structure and be fluent in the terminology before trying to access it from code.”

Auto-Diagnosis and Remediation in Netflix Data Platform
“We have been working on an auto-diagnosis and remediation system called Pensive in the data platform to address these concerns. With the goal of troubleshooting failing and slow workloads and remediating them without human intervention wherever possible. As our platform continues to grow and different scenarios and issues can disrupt the workloads, Pensive has to be proactive in detecting broad problems at the platform level in real-time and diagnosing the impact across the workloads.” 🤯🤯🤯

Tracing the path of network traffic in Kubernetes
“TL;DR: In this article, you will learn how packets flow inside and outside a Kubernetes cluster. Starting from the initial web request and down to the container hosting the application.”

Top 10 security best practices for securing backups in AWS
“I showed you the top ten security best practices and controls to protect your backup data in AWS. I encourage you to use these best practices to design and implement a backup and recovery strategy and architecture with multiple layers of controls that scales and achieves your business needs.”

Detect crashes in your Kubernetes cluster using kwatch and Slack
“In this tutorial, I will help you setup and deploy kwatch on your Kubernetes cluster. Plus, integrate with Slack to get notified on a channel when there is a crash in your apps.”

GitOps model for provisioning and bootstrapping Amazon EKS clusters using Crossplane and Flux
“In this blog post (Part 2), I will present the details of implementing the same use case using Flux for GitOps-based deployment.”

Pull Request Generator - ApplicationSet Controller
I’m curious what y’all think about this. Anyone using this in production?

“A chaos engineering style game where you seek out and destroy Kubernetes pods, twinstick shmup style.”

Bash script to check if a domain or list of domains can be spoofed based in DMARC records

DevOps’ish Tweet of the Week

Ian Coldwater 📦💥 (@IanColdwater on Twitter) “It’s frankly miraculous that the Internet works at all”

Want more? Be sure to check out the notes from this week’s issue to see what didn’t make it to the newsletter but are still worth your time.