Dear reader, please share this newsletter with a friend. Continued growth is a neccessary thing in the newsletter writing business. I am looking for ways to incentivize this without costing and arm and a leg. I read two articles this week that together make for an interesting economic problem. Pharmacists and others are stuck in the middle of wage stagnation and face overwhelmingly increasing demand for vaccinations, medicine shortages, and frustrated customers. A swath of people in the US (pharmacists in particular) has seen decreasing wages while others have seen wage growth. I’ve seen this first hand. In the US, most of our medical interactions are with pharmacists. Not nearly as much as in Europe, but if you have a medical condition, you see your pharmacist more often than doctors if everything is “manageable.” My CVS, where everyone used to know me by name, has had so much turnover lately that I could see the stress on the pharmacy’s staff faces that I didn’t recognize. “Hey Chris, I’ll be right with you.” a pharmacy tech that knows me said after helping someone in the store and approaching me from behind. There were two other people in line ahead of me, and the transaction times were gruelingly long. The amount of information communicated during the transactions was dense. This was mainly due to varying insurance policy coverage from plan to plan. The pharmacy had to explain to the customer before me that their old insurance has different coverages than their new insurance. That’s something that is a citizen’s responsibility here in the US. ...

I spent the week in Seattle. I’m writing this in SeaTac waiting for my flight back to Detroit because we’re going to a friend’s birthday party tomorrow night. Work is good, but I had a meeting this week to start working on a blog post for a new project I’m contributing to; GitBOM. GitBOM hopes to more clearly and cleanly identify dependencies in code bases without human intervention. GitBOM aims to complement SBOMs, not replace them. GitBOM creates “consistently construct verifiable Artifact Dependency Graph (ADG)s across languages, environments, and packaging formats, with zero developer effort, involvement, or awareness to enable automatic, verifiable artifact resolution across today’s diverse software supply chains.” Why is this important? Why am I getting involved? Because the government standard is far too low to be useful and SBOMs are starting to look like the cookie consent boxes that GDPR brought us. One thing I’m exceptional at is going from an order from the US government to the actual documentation implementing how the order should be followed. As I sat there listening to Aeva Black talk about how compute intensive (and expensive) it is to generate an SBOM of any significant depth. I wanted to know how the Cyber Security Executive Order had been implemented. ...

Not going to lie. The GitHub Action cron job that builds the website automatically for me has not worked for weeks. I moved some sites to various services, and DevOps’ish returned to Netlify because of the branch build command granularity. I use Hugo and future dated articles are built when the -F flag is passed. This is very helpful in ensuring the newsletter is done just how I like it. But, since returning to Netlify, the cron job to build the site at the right time of day has been busted. I finally had to go back in the commit history and copy/pasta all that and replace everything I was doing. It should work. This shows that no matter what, if you know you can look it up, your brain won’t prioritize memorizing it. But, COME ON!!! Free Copy of Honeycomb’s O’Reilly Book: Observability Engineering Looking to make the switch from monitoring to observability? Download your free copy of Honeycomb’s O’Reilly book: Observability Engineering to help you get started. Debrief the chapters with the authors themselves during our Authors’ Cut Series. ...

ICYMI on Notes: In DevOps’ish 277 I stated I will no longer publish the weekly notes file on the website. They are still made available on GitHub as they have been for the past 170 issues. If you’re curious about the why: spam emails that came as a result. Yeah, funny how that works. I occasionally ask for writing prompts from folks on Twitter. Sometimes asking on social media works well. Other times it’s giving someone a good URL. But this week, the people have spoken. They want to learn more about eBPF. What is eBPF? eBPF (which is no longer an acronym for anything) is a revolutionary technology with origins in the Linux kernel that can run sandboxed programs in a privileged context such as the operating system kernel. It is used to safely and efficiently extend the capabilities of the kernel without requiring to change kernel source code or load kernel modules. How does eBPF work? eBPF programs are event-driven and are run when the kernel or an application passes a certain hook point. Pre-defined hooks include system calls, function entry/exit, kernel tracepoints, network events, and several others. ...

A note about notes: I will no longer publish the weekly notes file on the website. They are still made available on GitHub as they have been for the past 170 issues. If you’re curious about the why: spam emails that came as a result. Yeah, funny how that works. The Past Week I’m writing this week’s newsletter intro from a Delta 737-900ER high above the western United States. I’m flying back from Seattle, where I had a great week (minus the fatigue and pain; I need to finish physical therapy). On Monday, I got to meet my new team face-to-face. The team is diverse in cultures, experiences, and skill sets. Share opinions on open source, the CNCF, and the Kubernetes ecosystem, as well as answer even the most basic of questions around governance. This is refreshing because I have the chance to help mentor and help people grow, in addition to my day job. I’m fortunate to be working with this wonderful group of folks. ...