DevOps'ish

DevOps, Cloud Native, Hybrid Cloud, Open Source, industry news, and the ‘ish between.

DevOps’ish 205: Kubernetes Pod Security Policy Deprecation, open source skills are crucial, harms of large language models, Supermicro, water plant breach, VSCode repo FUD, and more

First off, Happy Valentine’s Day. I hope you’re enjoying it as best you can. This week I learned that an organization in the healthcare industry is working on a large project involving Kubernetes Pod Security Policies as a mainstay in their project. In case you haven’t heard, Pod Security Policies (PSPs) will begin the Kubernetes deprecation process in the 1.21 release. Kubernetes 1.21 releases on or about Thursday, April 8th, 2021. Read more →

DevOps’ish 202: AWS/Elastic drama, prioritize disability issues, ADT Peeping Tom, Software Is Your Competitive Advantage, Traefik to Caddy, No-Cost RHEL, serverless with Podman and more

Unpopular opinion alert (and Disclaimer)… Call me old fashioned, but I thought two of the top tenets of open source were candor and goodwill. I thought it was good practice to contribute to a project before baking it into a product. This was often the case for open source friendly vendors. But, it feels like AWS came along and never got that memo. I feel like AWS has done a lot more taking and productizing (aka making AWS a trillion-dollar, with a T, business) than contributing back to open source. Read more →

DevOps’ish 200: Solarwinds plot thickens, Women hit hard in jobless report, Red Hat acquires StackRox, Slack outage, Podman and Docker Compose, WebAssembly training, greatsuspender compromise, and more

The first full work week of the year has already been filled with news. But, Monday saw a Slack outage, Wednesday saw an insurrection in the US, and there is a new twist in the Solarwinds supply chain compromise. We’ll discuss two of these topics and more. Note: I’m looking for an intern this summer to help with OpenShift.tv (live streaming). If you know anyone that may be interested, please ask them to apply. Read more →

DevOps’ish 198

Remember last week how I said things would be punchier? Well, I updated the DevOps’ish Solarwinds supply chain compromise Index. By the way, Microsoft says it was, “used by a different threat actor.” I wrote the parts of the newsletter below, which are probably helpful. ¯\_(ツ)_/¯ The past few days have been incredibly challenging mentally and physically. I’m not sure if I would do it all the same way again. Read more →

Solarwinds

DevOps’ish Solarwinds supply chain compromise Index

A one-stop shop for opinion, analysis, and/or coverage of the Solarwinds supply chain compromise. Coverage includes official statements and filings, accredited media coverage, industry analyisis, and noteworthy blogs, digital media, and other mediums as deemed worthwhile. Official Statements Security Advisory | SolarWinds Solarwinds US SEC 8K Mitigate SolarWinds Orion Code Compromise - Emergency Directive 21-01 CISA Updates Alert and Releases Supplemental Guidance on Emergency Directive for SolarWinds Orion Compromise | CISA Microsoft Internal Solorigate Investigation Update – Microsoft Security Response Center Statement on the story from The New York Times regarding JetBrains and SolarWinds | JetBrains Blog CLASS ACTION COMPLAINT FOR VIOLATION OF THE FEDERAL SECURITIES LAWS SOLARWINDS CORPORATION, KEVIN B. Read more →

DevOps’ish 196

Some people understand that the advancement of technology is marching at an ever quickening pace. We’re talking about exponential advancement every year. Five years ago, Kubernetes was brand new. Now it’s democratizing computing across clouds. Docker, the company behind some glue technology that made containers the new norm in software, has died twice now. The size and shape of infrastructure has changed so much in the past two years, it’s hard to remember ten years ago when Vagrant was brand new. Read more →

DevOps’ish 195

A few themes to this week’s news are worth discussing here in the newsletter’s introduction to give folks a clearer picture of each topic. We’ll tackle them in the same People, Process, and Tools format DevOps’ish uses (which are the three core components of DevOps, in order of importance). Surprisingly, I have to explain the Tools section of the news the most because it involves one of the world’s most toxic companies, Docker. Read more →

DevOps’ish 194

There is usually a lot of hype surrounding Apple announcements. The recent report of Apple starting to build Macs with their own ARM-based silicon is no exception. But, there’s some meat to this hype; let me explain. It wasn’t long ago that my iPhone 8 Plus with its A11 Bionic chip could leave my MacBook Air I was using as a daily driver in the dust. The ARM-based phone you’re carrying around (Apple or otherwise) probably has more computing power than the entire Apollo space program. Read more →

DevOps’ish 193

Saturday morning, I awoke at 5 AM to pain and an awful headache. I know this headache well; it was a headache from looking at a computer screen too much (after 25 years in the industry, I rarely get these). It was the headache of sitting down before 8:30 AM on Friday, the next time you look up it’s almost 2 PM, and you’ve crossed one thing off your list. Read more →

DevOps’ish 192

This week has been quite a blur. Working backward (literally and figuratively), we’re re-entering lockdown as a household again. A visit with my pain management doctor on Thursday in which he told me the hospital we both live near has seen COVID-19 admissions double this week pushed things very front of mind. A statement from our state’s governor on Thursday put things into motion towards lockdown (which she can no longer mandate thanks to our state legislature passing a law preventing her from doing so; nuts, I know). Read more →