DevOps'ish

Cloud Native, DevOps, GitOps, Open Source, industry news, culture, and the ‘ish between.

DevOps’ish 245: Please do not attempt to simplify this code, Rust Mod Team, feedback, attackers don’t bother brute-forcing long passwords, GitOps, kube-scheduler-simulator, and more

“PLEASE DO NOT ATTEMPT TO SIMPLIFY THIS CODE. KEEP THE SPACE SHUTTLE FLYING.”: This almost 2000 lines of code that make up the persistent volume controller was one of the most popular social media posts this week: 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 // ================================================================== // PLEASE DO NOT ATTEMPT TO SIMPLIFY THIS CODE. // KEEP THE SPACE SHUTTLE FLYING. Read more →

DevOps’ish 243: Bellwethers, changes at Red Hat, Kubernetes 2021 Steering Committee Election Results, Monstrosity Email, Bitbucket’s move to AWS is complete, and more

bellwether — noun — a person or thing that shows the existence or direction of a trend; index. I want to introduce a metric I use to evaluate potential employers. I have bellwethers. People that I respect and whose work interests me. I use them to gauge my potential for success at a company. I keep a mental list of folks and where they’re working. In some cases, when I start to evaluate a specific employer, I check how long they’ve been there and often ask folks who have been there a long time how to succeed. Read more →

DevOps’ish 239: KubeCon, tzdata, weak SSH keys revoked, Linux kernel CPU Namespace proposal, multicloud, and more

KubeCon + CloudNativeCon North America 2021 in Downtown Los Angeles was fantastic. I got to see friends I hadn’t seen in a long time and some people I met for the first time. “I didn’t realize you were so tall” was a common statement from people I was meeting for the first time. It was very cool to meet folks in the community and Red Hat for the first time. Read more →

DevOps’ish 238: Leaving Red Hat, KubeCon + CloudNativeCon L.A. 2021, Chainguard, BGP for you and me, Data on Kubernetes Report, and more

Personal Note: If you’re reading this and you’re at KubeCon in L.A. and you don’t find me and say hello. I’ll be sad. I had a crazy day. I flew on a freaking plane! Two thousand three hundred miles, no less! I’m in Los Angeles, California, for KubeCon + CloudNativeCon North America 2021. Keep your eyes peeled on my Twitter for the most up to date shenanigans. I already have a travel tip in the books for folks ride sharing from LAX. Read more →

DevOps’ish 237: The week before KubeCon, special announcement this week, Slack DNS issues, HTTPS is everywhere, Competitive Compatibility, PostgreSQL 14, Kube-fledged, and more

It has been a stressful and challenging past few weeks. But, it’s all worth it in the end. My KubeCon schedule is taking shape. I’ll be in L.A. starting Saturday, so if you’re around, feel free to ping me to chat or hang out. I mentioned on the CNCF Ambassador call last week something I’ve noticed recently. Thanks to the pandemic, my already sometimes tough to manage anxiety around large crowds in confined spaces is WAY worse. Read more →

DevOps’ish 233: Luke Hinds of Sigstore, three REALLY bad breaches/bugs, Docker’s increasing desperation, Kubernetes mTLS, update your Operators, BGP & filesystem benchmarks, and more

I spent most of the week in a deteriorated state. Getting over the 12 injections last Friday took much longer than expected. It still amazes me how much work I can do with a disability, medications that slow me down, and a lack of sleep (Max started Kindergarten this week). In a way, this is a lot like our systems, overtaxed by the increasing number of people using them. Ready to both be upgraded by an admin and taken down by a deluge of traffic at the same time (or worse, the opposite). Read more →

DevOps’ish 232: seccomp’s day in the Kubernetes sun, Linux at 30, burn out, Chevy Bolt bot blunder, lifelong learning, GitOps, and more

A trying week capped off by trigger point injections. Long story short, I’ve been trying to get a family out of Afghanistan for the past two weeks to no avail. I won’t bore you with info or divulge identifying details. But, the possibility for their safe passage to the US has pretty much gone to 0. It’s hard telling a 16-year-old kid that you’ve exhausted all your resources. You can only offer tidbits of info. Read more →

DevOps’ish 230: Complex Systems == No Single Root Cause, WFHers juggling two jobs, Service Reliability Math, eBPF Foundation, Dashboards, Tools from Black Hat and more

Another week another bout of bad weather. Systems here in our home have gotten a bit more robust since our multi-day total blackout. I took a meeting this week in a house with no power. The meeting was short, but it demonstrated that if everything goes to hell in a handbasket, my systems are redundant enough to enable me to pass whatever batons when needed. But, lately, it’s felt like a lot. Read more →

DevOps’ish 229: Kubernetes 1.22, KubeCon schedule announced, security fails abound, Zoom’s paltry fine, finally death to 996, NSA Kubernetes Hardening Guidance, and much more

Kubernetes 1.22 shipped this week. I suggest you, at a minimum, read the release blog post or take a gander at the CHANGELOG and definitely read the No, really, you MUST read this before you upgrade. Some of the bigger changes: Audit log files are created with mode 0600 (owner read-only) Rootless mode containers moving to alpha: In my opinion, if you use Podman, you’re used to this. If you’re not, you should be using rootless containers intentionally for security reasons (more on that later). Read more →