If you follow me on Twitter you know it has been a roller coaster week on the home front. I was getting a haircut today and a topic that I often hear lately is how terrible doctor’s are of late about informing folks of bad news. Our family went from thinking the absolute worst as laid out by doctors one afternoon. Only to have a doc twelve hours later tell us, no, everything is fine (Yay! 🥳). We’ll do this one test to prove it. We’re very confident this is a false positive. A friend of mine and I talk about this phenomenon from time to time. But, even my barber had a friend that had the news he had 4-6 years to live and the doctor said, “Yeah. You better start checking off that bucket list.” Why has this become common place? This somewhat inhuman behavior has to be being taught somehow for it to be so widespread one would think. I get it, telling people they might have to deal with the death of a loved one is hard. But, let’s rattle off all scenarios not just the death one. pat on the shoulder

Also, if you use Amazon EKS, I have a new newsletter called EKS News.

Editor’s note: I cannot ignore the war being waged in Europe. But, this newsletter is a tech newsletter. Generally, the audience responds negatively to “political” news. But, one person’s politics, is another person’s life. All the Ukraine news is here in the notes. Don’t if you don’t want to see it. Skip it!

DevOps’ish is brought to you our friends at Honeycomb.
“Stop Letting Complexity Slow You Down”
Honeycomb makes it easy to understand and troubleshoot complex relationships within your distributed services. Solve problems faster. Ship reliable and performant features. SPONSORED

Events

EKS Anywhere Deployed on VMware Complete with an API Gateway — Omaha Amazon Web Services Meetup — Monday, March 7, 2022 7:00 PM ET.

SoloCon 2022 is March 8-10 (Free to attend)
On March 8th-9th, you will hear from top industry speakers during our sessions, followed by a day of hands-on workshops on March 10th.

This year’s event brings together experts to speak about their use of Solo.io enterprise open source technologies. We will combine keynote speakers, technical sessions and hands-on training, and offer a variety of ways to network. Some key topics you’ll see at SoloCon 2022 include service mesh, eBPF, GraphQL, WebAssembly (Wasm), and more. We haven’t forgotten to make it fun, so keep an eye out for games and prizes too.

Calling all front-line DevOps and SRE practitioners: Join IR Conf on April 1 (no joke), a free, half-day virtual conference for industry experts and new voices in incident response. Incident responders will come together to swap horror stories about the biggest outages, discuss best practices, and gain a better understanding of how the best are dealing with incidents. Register to:

  • Discover trends and tooling in resiliency and incidence response
  • Gain guidance on how to structure your teams, tooling, and processes
  • Learn better practices from incident response experts
  • Connect with a community of incident responders who care about this, learn from each other

GitOpsCon Europe 2022 on 2022-05-17 is designed to foster collaboration, discussion, and knowledge sharing on GitOps. This event is aimed at audiences that are new to GitOps as well as those currently using GitOps within their organization. Get connected with others that are passionate about GitOps. Learn from practitioners about pitfalls to avoid, hurdles to jump, and how to adopt GitOps in your cloud native environment.

ArgoCon
SEPTEMBER 19 – 21, 2022
ArgoCon is designed to foster collaboration, discussion, and knowledge sharing on the Argo Project, which consists of four projects: Argo CD, Argo Workflows, Argo Rollouts, and Argo Events. This event is aimed at audiences that are new to Argo as well as providing depth to those currently using Argo within their organization. Connect with others that are passionate about Argo and interact with project maintainers. Learn from practitioners about pitfalls to avoid and best practices on how to adopt Argo in your cloud native environment. Get inspired by and provide input to Argo leads on project roadmaps.

People

Gender discrimination at fintech startup, Fast
Twitter friend Tessa Kriesel is the victim of what appears to be a regular occurrence in the tech industry. Here’s a month (often more) of pay to stay quiet and walk away. Let me tell you, secrets will eat you alive but, I still think open secrets are worse. Open secrets are a toxin and quite poisoning at the scale of the tech industry. Case in point, this CEO was already on my ‘Bad Actor’ list. This story was also featured on Business Insider.

Silenced No More Act: Washington passes the bill
The NDAs I’ve signed over the years would be incredibly hard to prove but, quite easy to start expensive litigation over. I’d want to read the text of any law like this coming to Michigan but, I think I could get behind this effort.

Intel CEO Attends State of the Union as Biden Pushes Chips Act
That is a pretty serious ask of a President to reach out to a key CEO to help with a policy initiative.

Low Process Culture, High Process Culture “My boss gave me a helpful piece of advice. He told me that if I knew what to do, I should just do it, and then fit the process to it. It helped a lot.”

Process

NSA report: This is how you should be securing your network
This article is PACKED with useful nuggets from the NSA. I can safely say the multiple times I’ve deployed the NSA guidance on networks, those networks were not targeted for attack.

The Far Reach of the White House’s Zero Trust Memo
I was going to do something like this. Someone beat me to it.

Daxin: Stealthy Backdoor Designed for Attacks Against Hardened Networks
“Espionage tool is the most advanced piece of malware Symantec researchers have seen from China-linked actors.”

Kubernetes Hardening Tutorial Part 3: Authentication, Authorization, Logging & Auditing
“Learn how to set up an AWS EKS cluster with Terraform and leverage best practices to configure roles, service accounts, logging, and auditing with useful tools.”

Critical GitLab vulnerability could allow attackers to steal runner registration tokens
“It has been assigned a CVSS score of 9.6 and has been patched in the latest releases: 14.8.2, 14.7.4, and 14.6.5 for GitLab Community Edition (CE) and Enterprise Edition (EE).” Patch that shit NOW! Do not pass go, do not get $200.

Unusual sign-in activity mail goes phishing for Microsoft account holders
I talked to someone not at all in tech this week but they knew I worked where I do and she was very aware of the chance of increased attacks on providers and consumers.

Tools

Linus Torvalds prepares to move the Linux kernel to modern C
“The Linux kernel’s foundation is the ancient C89 standard of C. Now, Torvalds has decided to upgrade to 2011’s more modern C11 standard.”

The SSD Edition: 2021 Drive Stats Review
Seems like the right move is to move to SSD for backups. I’ve already started that slow and expensive process. There’s a problem with older machines and newer discs and USB controllers.

Using Amazon EC2 Spot Instances with Karpenter “With the introduction of Amazon EC2 Spot Instances, customers can reduce costs up to 90% compared to On-Demand prices. Combining a high performing cluster auto scaler like Karpenter with EC2 Spot Instances, EKS clusters can acquire compute capacity within minutes while keeping costs low.”

Getting Started with GitOps & Flux
“During this session Priyanka (aka “Pinky”) gives you an overview of how to get better security, velocity, and reliability with GitOps, and then showcases Flux’s CLI by boostrapping Flux, creating a new tenant, and setting up Source and Kustomization syncs to continuously reconcile with a project repository.”

Introduction - Secrets Store CSI Driver
“Secrets Store CSI Driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a Container Storage Interface (CSI) volume.”

How to Get Vault Secrets into Kubernetes “In this session, you will learn how to use the Vault CSI driver to render secrets into container environments for native application consumption.”

Diving into IAM Roles for Service Accounts
“In this walkthrough, we will show the journey and the concepts behind how Kubernetes Service Accounts can be leveraged to gain access to an AWS service and resource. We will start numerous Kubernetes Pods on an Amazon EKS cluster in an attempt to access Amazon S3.”

Lenovo Announces The ThinkPad X13s Laptop, Powered By Snapdragon 8cx Gen 3
I’m actually kinda excited about these. I could see myself using an OS that supports a mobile chip in my computer (ignore the five right behind me).

Introducing Ballast: An Adaptive Load Test Framework
“With this in mind, we developed Ballast, an adaptive load test framework that leverages traffic capture using Berkeley Packet Filter (BPF) and replays the traffic using a PID Controller mechanism to adjust the number of requests per second (RPS) to each service.”

DevOps’ish Tweet of the Week

Sasha Rosenbaum 🇺🇦 (@DivineOps on Twitter) “Razom for Ukraine Registered 501(c)(3) organization, tax-exempt in the US, check if your company offers a donation match https://razomforukraine.org/donate/”

Want more? Be sure to check out the notes from this week’s issue to see what didn’t make it to the newsletter but are still worth your time.