DevOps'ish 236: You need a personal laptop, USB-C for all, more zero-days this year than any other, Go generics, and more

People Why you need a personal laptop I’ll be adding a new laptop to the desk soon. Learn about leveraging the right type of AWS IAM policy mechanisms to build the responsibility separation between the “central” team and the individual “development” team. SPONSORED Upset by porn and ‘immoral content,’ a man planted pipe bombs outside cellphone stores, FBI alleges Because before the internet immoral content was better? Samoa Scraps Daylight Saving Time (DST) “DST was implemented in 2010… to give more time after work to tend to their plantations, promote public health, and save fuel. Instead it defeated its own goals by being used by people to socialize more” EU proposes mandatory USB-C on all devices, including iPhones “The rules are intended to cut down on electronic waste by allowing people to re-use existing chargers and cables when they buy new devices.” This will separate the buying of a charger from the buying of a device. And it’s USB-C too which has its own set of problems. ...

September 26, 2021 · 4 min · Chris Short

DevOps'ish 235: Data scientists shouldn't need to know Kubernetes, Pay Transparency, ever popular PHP, Crossplane, Flux, Kubernetes Network Policies, kube-vip, and more

People Why data scientists shouldn’t need to know Kubernetes I 100% agree with this. At most, a data scientist should be able to make a working Dockerfile that needs hardening and careful inspection. Facebook aware of Instagram’s harmful effect on teenage girls, leak reveals Facebook isn’t a good company rarely that acts in the best interests of its users. They have a market cap over $1 trillion and their stock is still soaring to new heights. We should be actively encouraging people to delete Facebook affiliated tools from their lives. Management platform for Infrastructure as Code Automation and Collaboration See how env0 automates and simplifies the provisioning of cloud deployments for Terraform, Terragrunt and GitOps workflows. Variables and Secrets granularity, Full CLI support, integration with OPA, Dynamic RBAC and quality of life features. Free Demo SPONSORED Pay Transparency Is Coming, and Employers Are Terrified A great reckoning is coming. Us knowing each others’ salaries is a good thing. Some of the most iconic 9/11 news coverage is lost. Blame Adobe Flash Flash strikes history. ...

September 19, 2021 · 4 min · Chris Short

DevOps'ish 234: Giving up on reopen dates, containers everywhere, Epic v. Apple, OWASP Top 10 changes, Kubernetes troubleshooting, Podman, and more

People Microsoft gives up predicting when its US offices will fully reopen And every other company should too. We just don’t know when they’ll reopen and constantly re-picking dates just to change them later seems silly. A Non-Tech Explanation of Containers and Kubernetes Through this simple analogy by 451 Research, get a better understanding of virtualization, containers, and Kubernetes. Learn the differences between these big topics and the role of each in a multicloud future. SPONSORED What is an SRE? “A comprehensive definition of SREs and Site Reliability Engineering, including what SREs do and what makes SREs different from other roles.” The Epic v. Apple verdict is out “The Epic v. Apple lawsuit has concluded. The verdict sees Apple come out largely unscathed — but with one of its central App store policies deemed illegal.” Meet the Little-Known Genius Who Helped Make Pixar Possible Alvy Ray Smith helped invent computer animation as we know it—then got royally shafted by Steve Jobs. Now he’s got a vision for where the pixel will take us next. ...

September 12, 2021 · 4 min · Chris Short

DevOps'ish 233: Luke Hinds of Sigstore, three REALLY bad breaches/bugs, Docker's increasing desperation, Kubernetes mTLS, update your Operators, BGP & filesystem benchmarks, and more

I spent most of the week in a deteriorated state. Getting over the 12 injections last Friday took much longer than expected. It still amazes me how much work I can do with a disability, medications that slow me down, and a lack of sleep (Max started Kindergarten this week). In a way, this is a lot like our systems, overtaxed by the increasing number of people using them. Ready to both be upgraded by an admin and taken down by a deluge of traffic at the same time (or worse, the opposite). Running along in a less than optimal state is pretty optimal for a lot of workloads. Sure, specific workloads will need certain kinds of hardware, and the software varies in those spaces. But, most of us are still using an abstraction of an abstraction of an abstraction (of an abstraction). Like a top starting to lose its grip on centrifugal force, our systems run fine until they don’t. Now, more than ever, we need to know how the systems are performing. What caused the slowdown? What sent the system sliding off the table into oblivion? Will it be able to be spinning like a top again soon? What do you do to pick it back up and having it moving like the top in Inception? All these questions are answered by the same question: How do we know if we’re doing the right thing? ...

September 5, 2021 · 7 min · Chris Short

DevOps'ish 232: seccomp's day in the Kubernetes sun, Linux at 30, burn out, Chevy Bolt bot blunder, lifelong learning, GitOps, and more

A trying week capped off by trigger point injections. Long story short, I’ve been trying to get a family out of Afghanistan for the past two weeks to no avail. I won’t bore you with info or divulge identifying details. But, the possibility for their safe passage to the US has pretty much gone to 0. It’s hard telling a 16-year-old kid that you’ve exhausted all your resources. You can only offer tidbits of info. HUGE shoutout to the team behind Ehtesab for enabling me to get SOME intel from folks on the ground. The situation itself is a failure. A failure on multiple levels. But, it’s a stark reminder that you have to experiment and sometimes try all the ways possible to get a solution into production. Can you deploy this feature as a feature flag, or do you need a canary or blue/green deployment? At what layer are you going to manage THAT? Your global load balancer? Maybe inside your application stack on a keepalived instance? Perhaps it’s better to handle this in your Kubernetes cluster by managing replica sets or ingresses. Once you get past that decision, there are many more along the way. Then it’s “go time.” Your solution is ready to handle some production traffic. ...

August 29, 2021 · 7 min · Chris Short