Dear reader, please share this newsletter with a friend. Continued growth is a neccessary thing in the newsletter writing business. I am looking for ways to incentivize this without costing and arm and a leg.
I read two articles this week that together make for an interesting economic problem. Pharmacists and others are stuck in the middle of wage stagnation and face overwhelmingly increasing demand for vaccinations, medicine shortages, and frustrated customers. A swath of people in the US (pharmacists in particular) has seen decreasing wages while others have seen wage growth. I’ve seen this first hand. In the US, most of our medical interactions are with pharmacists. Not nearly as much as in Europe, but if you have a medical condition, you see your pharmacist more often than doctors if everything is “manageable.”
My CVS, where everyone used to know me by name, has had so much turnover lately that I could see the stress on the pharmacy’s staff faces that I didn’t recognize. “Hey Chris, I’ll be right with you.” a pharmacy tech that knows me said after helping someone in the store and approaching me from behind. There were two other people in line ahead of me, and the transaction times were gruelingly long. The amount of information communicated during the transactions was dense. This was mainly due to varying insurance policy coverage from plan to plan. The pharmacy had to explain to the customer before me that their old insurance has different coverages than their new insurance. That’s something that is a citizen’s responsibility here in the US.
These pharmacy techs’ wage starts at $16/hour here in Michigan. By contrast, the average for UAW union employees (auto workers) here is $18/hour. Both jobs are complex, but the one with a direct customer-facing component is paid less.
The second article is about “quiet quitting” (it means work-life balance to most people) per the article, “Closing your laptop at 5 PM. Doing only your assigned tasks. Spending more time with family. These are just some of the common examples used to define the latest workplace trend of ‘quiet quitting.’” I’m sorry, what?
I see “quiet quitting” in my day-to-day work. But it’s not so much I’m unplugging to be wasting time. I’m unplugging to be a dad, husband, someone trying to make the world a little better, and get treatment for my disabilities. Without these responsibilities, I wouldn’t have the drive I do during daylight hours. If a company is worried about “productivity,” they are concerned about the wrong side of the problem. Instead of blaming “productivity” on this trend, pay people fairly and hire the correct number of people for the job to be done. Bringing everyone back into an office isn’t a fix to supposed productivity problems; I’d think it’d exacerbate them. It will drive your best people to seek the kind of position they need for their lives. The work from home cat is out of the bag for many jobs now, thanks to the pandemic.
I’m incredibly calendar-driven due to the nature of my work. My demand grows higher daily, but I must set boundaries. As I tell Julie, “I could work 24 hours daily, but I wouldn’t feel caught up.” I’ve tried to be more flexible with a predominantly west coast-based team. But, during volleyball season, when Julie coaches high school girls three years younger than their competitors on how to win, I have to stop being an AWS employee and start being Chris Short, no matter what. I went to a home game last night (thankfully, the 5 PM meeting I had was rescheduled), and holy smokes, this is a second-year program, and they’ll be ranked, no problem, if they can keep this up.
I see a few noteworthy things here. Based on Twitter interactions, quiet quitting is generally generational. One person’s boundary setting is another person’s “doing your job.” But, with a large swath of people putting in that overtime on a salary, they’ll see nothing for their extra efforts wage-wise, as mentioned in the first article. They’ll likely have to change jobs to see an appreciable raise, as was the case before the pandemic. Meanwhile, another group of Americans has seen improved wages due to demand with an ever-increasing amount of employee empowerment as we work from home and manage our schedules based on our needs daily.
There will always be a group of folks that prefer to or have to go into the office (just like the inverse). Don’t forget those of us who treat working from home as an accessibility issue (and were working from home long before the pandemic). The ergonomics in my custom spec’d office surpass anything any corporate office would willingly provide me. The lack of a commute helps me maximize time at work and home. If I start working at 5 AM because “I woke up with something on my mind” and stop working at 4:30 PM, I think I’ve put in a full day (even if I took a shower, got dressed, and took a 45-minute walk during the “work day”). Remember, there are a growing number of us in this boat too. We’ve invested thousands into making working from home work for five or more years during some of the most challenging years the world has seen of late.
Regardless, the economics behind this story is frustrating. The hard-working critical worker goes underpaid, while another group has seen the highest level of empowerment in decades. I’m not sure anything will change this either.
O’Reilly Book on Observability Engineering—Get Yours Free from Honeycomb!
Manage complex cloud-native systems, improve customer experiences, and build & run better software using Honeycomb. Get your FREE copy of our new O’Reilly book and register for our Authors’ Cut Series to discuss key concepts.
Now Hiring: Developer Advocacy Manager
Camunda is the leader in process orchestration software. Our software helps orchestrate complex business processes that span people, systems, and devices. With Camunda, business users collaborate with developers to model and automate end-to-end processes using BPMN-powered flowcharts that run with the speed, scale, and resiliency required to compete in today’s digital-first world.
As the Developer Advocacy Manager, you’ll be the direct people manager for a team of 4 Developer Advocates, responsible for career growth, performance evaluations, setting of priorities, and overall strategic guidance. You’ll also be responsible for strategic planning for the Developer Advocacy function, including quarterly OKRs and annual goals as well as documentation of team responsibilities, goals, and success metrics.
Note: The hiring manager is on a hard earned vacation.
Editor’s note: If your event would suit the DevOps’ish audience, please let me know!
Deserted Island DevOps 2022
SEPTEMBER 14-15, Live on Twitch from Mackinac Island, Michigan
This year we’re expanding our schedule to two days of streaming, and bringing our speakers together to deliver their talks. What does that mean to you? More great talks, with better production values, and new talk types! We’re excited to welcome you back to our Deserted Island this September 14th and 15th!
SEPTEMBER 19 – 21, 2022
ArgoCon is designed to foster collaboration, discussion, and knowledge sharing on the Argo Project, which consists of four projects: Argo CD, Argo Workflows, Argo Rollouts, and Argo Events. This event is aimed at audiences that are new to Argo as well as providing depth to those currently using Argo within their organization. Connect with others that are passionate about Argo and interact with project maintainers. Learn from practitioners about pitfalls to avoid and best practices on how to adopt Argo in your cloud native environment. Get inspired by and provide input to Argo leads on project roadmaps.
SEPTEMBER 28 - 29, 2022
eBPF Summit is a virtual event, targeted at DevOps, SecOps, platform architects, security engineers, and developers. Register to save the date and stay updated on event information.
KubeCon + CloudNativeCon Detroit 2022
OCTOBER 24 – 28, 2022
The Cloud Native Computing Foundation’s flagship conference gathers adopters and technologists from leading open source and cloud native communities in Detroit, Michigan from October 24 – 28, 2022. Join containerd, CoreDNS, Envoy, etcd, Fluentd, Harbor, Helm, Jaeger, Kubernetes, Linkerd, Open Policy Agent, Prometheus, Rook, TiKV, TUF, Vitess, Argo, Buildpacks, Cilium, CloudEvents, CNI, Contour, Cortex, CRI-O, Crossplane, dapr, Dragonfly, Emissary Ingress, Falco, Flagger, Flux, gRPC, KEDA, KubeEdge, Litmus, Longhorn, NATS, Notary, OpenTelemetry, Operator Framework, SPIFFE, SPIRE, and Thanos as the community gathers for five days to further the education and advancement of cloud native computing. Use code KCNAIPV22MEET for a discount at registration.
What ultra-successful people who practice DevRel know and do (YouTube)
Wesley Faulkner and Chris Short, AWS
I know there are DevRel’iens, as I call them, that read this newsletter. Here Wesley and I sit down and talk about how we connect with people like ourselves in previous positions.
A New Jailbreak for John Deere Tractors Rides the Right-to-Repair Wave
Lily Hay Newman, WIRED
“A hacker has formulated an exploit that provides root access to two popular models of the company’s farm equipment.”
She Had an AirTag in Her Lost Luggage. It Led Police to a Baggage Handler’s Home.
Daniel Victor, The New York Times
“An airport worker in Florida was charged with two counts of grand theft after a tracking device aided a sheriff’s investigation.” I will forever AirTag my luggage. I used to use Tile but, switched to AirTags when they came out.
Apple to workers: It’s back to the office 3 days a week starting in September
Juli Clover, WRAL TechWire
“Apple on Monday informed corporate employees that they must return to the office for three days starting the week of Monday, September 5”
Caste in California: Tech giants confront ancient Indian hierarchy
Paresh Dave, Reuters
“The update came after the tech sector - which counts India as its top source of skilled foreign workers - received a wake-up call in June 2020 when California’s employment regulator sued Cisco Systems on behalf of a low-caste engineer who accused two higher-caste bosses of blocking his career.”
Defensive Computing Checklist
“People need a new perspective on computing. Much of the advice offered to the public is flatly wrong. Even when people mean well, they are often mis-informed or merely parroting back an accepted principal. Perhaps the most famous advice that turned out to be wrong, was the suggestion to periodically change your passwords. Ugh. Then too, advice from techies is often right for other techies, but wrong for the general public.”
The Hacking of Starlink Terminals Has Begun
Matt Burgess, WIRED
“It cost a researcher only $25 worth of parts to create a tool that allows custom code to run on the satellite dishes.” Surprising no one who regularly reads this newsletter.
Creating an SBOM Attestation with Trivy and Cosign from Sigstore (YouTube)
Aqua Security Open Source
“In this video, we are going to showcase:
- What are attestations, and why do we need them?
- How to generate an SBOM with Trivy (either in SPDX or CycloneDX)
- Using Cosign to generate a key pair, create and then verify an attestation”
The entanglement of two quantum memory systems 12.5 km apart from each other
Ingrid Fadelli, Phys.org
“Researchers at the University of Science and Technology of China and Jinan Institute of Quantum Technology have recently demonstrated quantum entanglement between two memory devices located at 12.5 km apart from each other within an urban environment.” Come on quantum internet!
The Ultimate Guide to a Kubernetes Service vs. LoadBalancer vs. Ingress
“In this article, we will show how to expose the applications running in Kubernetes Pods to other applications inside the cluster and in the external world. We will discuss the three most common ways of doing so which are Kubernetes Services, LoadBalancers, and Ingress. We will show how they differ from one another and which one to choose according to your application’s requirements.”
Stargazing, solutions and staycations: the Kubernetes 1.24 release interview
Craig Box, Google
“With every new Kubernetes release comes an interview with the release team lead, telling the story of that release, but also their own personal story.”
Slowing Down to Speed Up - Circuit Breakers for Slack’s CI/CD
Frank Chen, Slack
“What happens when your distributed service has challenges with stampeding herds of internal requests? How do you prevent cascading failures between internal services? How might you re-architect your workflows when naive horizontal or vertical scaling reaches their respective limits? These were the challenges facing Slack engineers during their day-to-day development workflows in 2020.”
New macOS 12.5.1 and iOS 15.6.1 updates patch “actively exploited” vulnerabilities [Updated]
Andrew Cunningham, Ars Technica
“Kernel and WebKit bugs can allow arbitrary code execution on Apple’s devices.”
Scanning for AWS Security Issues With Trivy
“In short, Trivy can find a bunch of different types of security issue in pretty much anything you point it at, for free.”
Google blocks third record-breaking HTTPS DDoS attack
Jessica Lyons Hardcastle, The Register
“46 million requests per second network flood comes as attacks increase by more than 200% compared to last year”
How Discord Supercharges Network Disks for Extreme Low Latency
Glen Oakley, Discord
“To provide this enormous amount of data, we run a set of NoSQL database clusters (powered by ScyllaDB), each one the source of truth for their respective data set. As a real-time chat platform, we want our databases to respond to the high frequency of queries as fast as possible.”
How to Handle Kubernetes Health Checks
Andres Ivanov, DoorDash
“What we found was that health check endpoints were excluded from the reporting tracing data. This meant that the tracing data was not going to help us find what caused the health check to fail and we would need to check the logs as the next logical step.”
Windows 11: How to Install WSL2 and Linux Distros
“Installing WSL2 on Windows 11 is a real pain in the ass. It’s not as simple as going to the Microsoft Store and installing a Linux distro.”
Secure images, for lazy people
Evaluate source control (GitHub) security posture
Tracetest - Trace-based testing. End-to-end tests powered by your OpenTelemetry Traces.
gProfiler is a system-wide profiler, combining multiple sampling profilers to produce unified visualization of what your CPU is spending time on.
DevOps’ish Post of the Week
Got a newsletter worthy post?
Have a story for the newsletter? Getting exposure via this newsletter is a pull request away. Tips is the very first option, click “Get Started”, and send in your shiny, new thing.
Notes from this week’s issue can be found on GitHub