DevOps'ish

Cloud Native, DevOps, GitOps, Open Source, industry news, culture, and the ‘ish between.

DevOps’ish 233: Luke Hinds of Sigstore, three REALLY bad breaches/bugs, Docker’s increasing desperation, Kubernetes mTLS, update your Operators, BGP & filesystem benchmarks, and more

I spent most of the week in a deteriorated state. Getting over the 12 injections last Friday took much longer than expected. It still amazes me how much work I can do with a disability, medications that slow me down, and a lack of sleep (Max started Kindergarten this week). In a way, this is a lot like our systems, overtaxed by the increasing number of people using them. Ready to both be upgraded by an admin and taken down by a deluge of traffic at the same time (or worse, the opposite). Read more →

DevOps’ish 232 Notes

Every week I comb through 1000s of articles that get curated down to somewhere between 60 to 100 URLs eligible for DevOps'ish. Those URLs land in this notes file that ends up being source material for the newsletter. Being in that group of links is an achievement of its own and should be lauded. It's a shame when I have to choose between having too many links or someone's special thing getting featured in the newsletter. Read more →

DevOps’ish 232: seccomp’s day in the Kubernetes sun, Linux at 30, burn out, Chevy Bolt bot blunder, lifelong learning, GitOps, and more

A trying week capped off by trigger point injections. Long story short, I’ve been trying to get a family out of Afghanistan for the past two weeks to no avail. I won’t bore you with info or divulge identifying details. But, the possibility for their safe passage to the US has pretty much gone to 0. It’s hard telling a 16-year-old kid that you’ve exhausted all your resources. You can only offer tidbits of info. Read more →

DevOps’ish 231 Notes

Every week I comb through 1000s of articles that get curated down to somewhere between 60 to 100 URLs eligible for DevOps'ish. Those URLs land in this notes file that ends up being source material for the newsletter. Being in that group of links is an achievement of its own and should be lauded. It's a shame when I have to choose between having too many links or someone's special thing getting featured in the newsletter. Read more →

DevOps’ish 231: Kubernetes 1.22 release team livestream, problems in Perl, glibc, eBPF, Pod Security Admission, secure supply chains, tools galore, and more

My military service and tech worlds collided this week. I can’t say much about it yet but, I’ve been insanely busy with an array of things I never thought I’d need to do. More to come later. Join the DevOps’ish subreddit and talk about how bad the intro was. Our how dope the notes page is for this issue. People Cloud Tech Tuesdays: Kubernetes 1.22 Josh Berkus, Amy Marrich, and I sat down for a livestream with Savitha Raghunathan, James Laverack, Jesse Butler, and Guinevere Saenger to discuss all things Kubernetes and the Kubernetes 1. Read more →

DevOps’ish 230 Notes

Every week I comb through 1000s of articles that get curated down to somewhere between 60 to 100 URLs eligible for DevOps'ish. Those URLs land in this notes file that ends up being source material for the newsletter. Being in that group of links is an achievement of its own and should be lauded. It's a shame when I have to choose between having too many links or someone's special thing getting featured in the newsletter. Read more →

DevOps’ish 230: Complex Systems == No Single Root Cause, WFHers juggling two jobs, Service Reliability Math, eBPF Foundation, Dashboards, Tools from Black Hat and more

Another week another bout of bad weather. Systems here in our home have gotten a bit more robust since our multi-day total blackout. I took a meeting this week in a house with no power. The meeting was short, but it demonstrated that if everything goes to hell in a handbasket, my systems are redundant enough to enable me to pass whatever batons when needed. But, lately, it’s felt like a lot. Read more →

DevOps’ish 229 Notes

Every week I comb through 1000s of articles that get curated down to somewhere between 60 to 100 URLs eligible for DevOps'ish. Those URLs land in this notes file that ends up being source material for the newsletter. Being in that group of links is an achievement of its own and should be lauded. It's a shame when I have to choose between having too many links or someone's special thing getting featured in the newsletter. Read more →

DevOps’ish 229: Kubernetes 1.22, KubeCon schedule announced, security fails abound, Zoom’s paltry fine, finally death to 996, NSA Kubernetes Hardening Guidance, and much more

Kubernetes 1.22 shipped this week. I suggest you, at a minimum, read the release blog post or take a gander at the CHANGELOG and definitely read the No, really, you MUST read this before you upgrade. Some of the bigger changes: Audit log files are created with mode 0600 (owner read-only) Rootless mode containers moving to alpha: In my opinion, if you use Podman, you’re used to this. If you’re not, you should be using rootless containers intentionally for security reasons (more on that later). Read more →