DevOps'ish

Cloud Native, DevOps, Open Source, industry news, culture, and the ‘ish between.

DevOps’ish 240: You’re probably underpaid, Karanbir Singh Steps Down, Honeycomb’s cool $50 million, and more

KubeCon hangover is real. I grossly overestimated how much I’d be able to do in four days, of course. I spent my little break between jobs trying to sleep in most days. Spend extra time with Max (daddy pick-ups from school are a real thing now). But, any time I went to do something technical or constructive, it took a lot longer than I thought it would. I did a lot of little niceties to various websites, pre-employment stuff, write the $newjob blog post, and generally did not think about complex things. Read more →

DevOps’ish 239: KubeCon, tzdata, weak SSH keys revoked, Linux kernel CPU Namespace proposal, multicloud, and more

KubeCon + CloudNativeCon North America 2021 in Downtown Los Angeles was fantastic. I got to see friends I hadn’t seen in a long time and some people I met for the first time. “I didn’t realize you were so tall” was a common statement from people I was meeting for the first time. It was very cool to meet folks in the community and Red Hat for the first time. Read more →

DevOps’ish 238: Leaving Red Hat, KubeCon + CloudNativeCon L.A. 2021, Chainguard, BGP for you and me, Data on Kubernetes Report, and more

Personal Note: If you’re reading this and you’re at KubeCon in L.A. and you don’t find me and say hello. I’ll be sad. I had a crazy day. I flew on a freaking plane! Two thousand three hundred miles, no less! I’m in Los Angeles, California, for KubeCon + CloudNativeCon North America 2021. Keep your eyes peeled on my Twitter for the most up to date shenanigans. I already have a travel tip in the books for folks ride sharing from LAX. Read more →

DevOps’ish 236: You need a personal laptop, USB-C for all, more zero-days this year than any other, Go generics, and more

People Why you need a personal laptop I’ll be adding a new laptop to the desk soon. Learn about leveraging the right type of AWS IAM policy mechanisms to build the responsibility separation between the “central” team and the individual “development” team. SPONSORED Upset by porn and ‘immoral content,’ a man planted pipe bombs outside cellphone stores, FBI alleges Because before the internet immoral content was better? Samoa Scraps Daylight Saving Time (DST) Read more →

DevOps’ish 235: Data scientists shouldn’t need to know Kubernetes, Pay Transparency, ever popular PHP, Crossplane, Flux, Kubernetes Network Policies, kube-vip, and more

People Why data scientists shouldn’t need to know Kubernetes I 100% agree with this. At most, a data scientist should be able to make a working Dockerfile that needs hardening and careful inspection. Facebook aware of Instagram’s harmful effect on teenage girls, leak reveals Facebook isn’t a good company rarely that acts in the best interests of its users. They have a market cap over $1 trillion and their stock is still soaring to new heights. Read more →

DevOps’ish 234: Giving up on reopen dates, containers everywhere, Epic v. Apple, OWASP Top 10 changes, Kubernetes troubleshooting, Podman, and more

People Microsoft gives up predicting when its US offices will fully reopen And every other company should too. We just don’t know when they’ll reopen and constantly re-picking dates just to change them later seems silly. A Non-Tech Explanation of Containers and Kubernetes Through this simple analogy by 451 Research, get a better understanding of virtualization, containers, and Kubernetes. Learn the differences between these big topics and the role of each in a multicloud future. Read more →

DevOps’ish 232: seccomp’s day in the Kubernetes sun, Linux at 30, burn out, Chevy Bolt bot blunder, lifelong learning, GitOps, and more

A trying week capped off by trigger point injections. Long story short, I’ve been trying to get a family out of Afghanistan for the past two weeks to no avail. I won’t bore you with info or divulge identifying details. But, the possibility for their safe passage to the US has pretty much gone to 0. It’s hard telling a 16-year-old kid that you’ve exhausted all your resources. You can only offer tidbits of info. Read more →

DevOps’ish 231: Kubernetes 1.22 release team livestream, problems in Perl, glibc, eBPF, Pod Security Admission, secure supply chains, tools galore, and more

My military service and tech worlds collided this week. I can’t say much about it yet but, I’ve been insanely busy with an array of things I never thought I’d need to do. More to come later. Join the DevOps’ish subreddit and talk about how bad the intro was. Our how dope the notes page is for this issue. People Cloud Tech Tuesdays: Kubernetes 1.22 Josh Berkus, Amy Marrich, and I sat down for a livestream with Savitha Raghunathan, James Laverack, Jesse Butler, and Guinevere Saenger to discuss all things Kubernetes and the Kubernetes 1. Read more →

DevOps’ish 230: Complex Systems == No Single Root Cause, WFHers juggling two jobs, Service Reliability Math, eBPF Foundation, Dashboards, Tools from Black Hat and more

Another week another bout of bad weather. Systems here in our home have gotten a bit more robust since our multi-day total blackout. I took a meeting this week in a house with no power. The meeting was short, but it demonstrated that if everything goes to hell in a handbasket, my systems are redundant enough to enable me to pass whatever batons when needed. But, lately, it’s felt like a lot. Read more →

DevOps’ish 229: Kubernetes 1.22, KubeCon schedule announced, security fails abound, Zoom’s paltry fine, finally death to 996, NSA Kubernetes Hardening Guidance, and much more

Kubernetes 1.22 shipped this week. I suggest you, at a minimum, read the release blog post or take a gander at the CHANGELOG and definitely read the No, really, you MUST read this before you upgrade. Some of the bigger changes: Audit log files are created with mode 0600 (owner read-only) Rootless mode containers moving to alpha: In my opinion, if you use Podman, you’re used to this. If you’re not, you should be using rootless containers intentionally for security reasons (more on that later). Read more →