Another week, another senseless loss. This week marked the third suicide to take place in my family/extended family in my lifetime. To a degree, I understand if you’re suffering. But, suicide is a long term solution to generally short term problems. If you or someone you know is considering harming yourself, please reach out. The psychological damage you will inflict on others is far worse than going to a therapist yourself. At the very least, please reach out to one of the numbers listed on the American Psychological Association Crisis hotlines and resources page. I’m literally in therapy going through a suicide that was very close to me that I never got to put the loose ends around, from 15 years ago. Don’t do this to people you care about, it’s not fair. O’Reilly Book on Observability Engineering—Get Yours Free from Honeycomb! Manage complex cloud-native systems, improve customer experiences, and build & run better software using Honeycomb. Get your FREE copy of our new O’Reilly book and register for our Authors’ Cut Series to discuss key concepts. ...

Dear reader, please share this newsletter with a friend. Continued growth is a neccessary thing in the newsletter writing business. I am looking for ways to incentivize this without costing and arm and a leg. I read two articles this week that together make for an interesting economic problem. Pharmacists and others are stuck in the middle of wage stagnation and face overwhelmingly increasing demand for vaccinations, medicine shortages, and frustrated customers. A swath of people in the US (pharmacists in particular) has seen decreasing wages while others have seen wage growth. I’ve seen this first hand. In the US, most of our medical interactions are with pharmacists. Not nearly as much as in Europe, but if you have a medical condition, you see your pharmacist more often than doctors if everything is “manageable.” My CVS, where everyone used to know me by name, has had so much turnover lately that I could see the stress on the pharmacy’s staff faces that I didn’t recognize. “Hey Chris, I’ll be right with you.” a pharmacy tech that knows me said after helping someone in the store and approaching me from behind. There were two other people in line ahead of me, and the transaction times were gruelingly long. The amount of information communicated during the transactions was dense. This was mainly due to varying insurance policy coverage from plan to plan. The pharmacy had to explain to the customer before me that their old insurance has different coverages than their new insurance. That’s something that is a citizen’s responsibility here in the US. ...

I spent the week in Seattle. I’m writing this in SeaTac waiting for my flight back to Detroit because we’re going to a friend’s birthday party tomorrow night. Work is good, but I had a meeting this week to start working on a blog post for a new project I’m contributing to; GitBOM. GitBOM hopes to more clearly and cleanly identify dependencies in code bases without human intervention. GitBOM aims to complement SBOMs, not replace them. GitBOM creates “consistently construct verifiable Artifact Dependency Graph (ADG)s across languages, environments, and packaging formats, with zero developer effort, involvement, or awareness to enable automatic, verifiable artifact resolution across today’s diverse software supply chains.” Why is this important? Why am I getting involved? Because the government standard is far too low to be useful and SBOMs are starting to look like the cookie consent boxes that GDPR brought us. One thing I’m exceptional at is going from an order from the US government to the actual documentation implementing how the order should be followed. As I sat there listening to Aeva Black talk about how compute intensive (and expensive) it is to generate an SBOM of any significant depth. I wanted to know how the Cyber Security Executive Order had been implemented. ...

Not going to lie. The GitHub Action cron job that builds the website automatically for me has not worked for weeks. I moved some sites to various services, and DevOps’ish returned to Netlify because of the branch build command granularity. I use Hugo and future dated articles are built when the -F flag is passed. This is very helpful in ensuring the newsletter is done just how I like it. But, since returning to Netlify, the cron job to build the site at the right time of day has been busted. I finally had to go back in the commit history and copy/pasta all that and replace everything I was doing. It should work. This shows that no matter what, if you know you can look it up, your brain won’t prioritize memorizing it. But, COME ON!!! Free Copy of Honeycomb’s O’Reilly Book: Observability Engineering Looking to make the switch from monitoring to observability? Download your free copy of Honeycomb’s O’Reilly book: Observability Engineering to help you get started. Debrief the chapters with the authors themselves during our Authors’ Cut Series. ...

ICYMI on Notes: In DevOps’ish 277 I stated I will no longer publish the weekly notes file on the website. They are still made available on GitHub as they have been for the past 170 issues. If you’re curious about the why: spam emails that came as a result. Yeah, funny how that works. I occasionally ask for writing prompts from folks on Twitter. Sometimes asking on social media works well. Other times it’s giving someone a good URL. But this week, the people have spoken. They want to learn more about eBPF. What is eBPF? eBPF (which is no longer an acronym for anything) is a revolutionary technology with origins in the Linux kernel that can run sandboxed programs in a privileged context such as the operating system kernel. It is used to safely and efficiently extend the capabilities of the kernel without requiring to change kernel source code or load kernel modules. How does eBPF work? eBPF programs are event-driven and are run when the kernel or an application passes a certain hook point. Pre-defined hooks include system calls, function entry/exit, kernel tracepoints, network events, and several others. ...