DevOps'ish

Cloud Native, DevOps, GitOps, Open Source, industry news, culture, and the ‘ish between.

DevOps’ish 233: Luke Hinds of Sigstore, three REALLY bad breaches/bugs, Docker’s increasing desperation, Kubernetes mTLS, update your Operators, BGP & filesystem benchmarks, and more

I spent most of the week in a deteriorated state. Getting over the 12 injections last Friday took much longer than expected. It still amazes me how much work I can do with a disability, medications that slow me down, and a lack of sleep (Max started Kindergarten this week). In a way, this is a lot like our systems, overtaxed by the increasing number of people using them. Ready to both be upgraded by an admin and taken down by a deluge of traffic at the same time (or worse, the opposite). Read more →

DevOps’ish 232: seccomp’s day in the Kubernetes sun, Linux at 30, burn out, Chevy Bolt bot blunder, lifelong learning, GitOps, and more

A trying week capped off by trigger point injections. Long story short, I’ve been trying to get a family out of Afghanistan for the past two weeks to no avail. I won’t bore you with info or divulge identifying details. But, the possibility for their safe passage to the US has pretty much gone to 0. It’s hard telling a 16-year-old kid that you’ve exhausted all your resources. You can only offer tidbits of info. Read more →

DevOps’ish 230: Complex Systems == No Single Root Cause, WFHers juggling two jobs, Service Reliability Math, eBPF Foundation, Dashboards, Tools from Black Hat and more

Another week another bout of bad weather. Systems here in our home have gotten a bit more robust since our multi-day total blackout. I took a meeting this week in a house with no power. The meeting was short, but it demonstrated that if everything goes to hell in a handbasket, my systems are redundant enough to enable me to pass whatever batons when needed. But, lately, it’s felt like a lot. Read more →

DevOps’ish 222: Industry under pressure, Holy $%^& I agree with Torvalds, US Congress begins assault on big tech, polkit vuln, ALPACA, How To Love Kubernetes and Not Wreck The Planet, and more

I want to point out a few signs that I think we’re pushing the industry too hard, too fast. Fires in AWS data centers, Fastly (the CDN) took an hour-long outage triggered by a customer finding a bug, Cloudflare had outages in Chicago and Los Angeles. Ransomware is running through companies like Grant went through Richmond (to the point the US Justice department is equating them, in some ways, to terrorist attacks). Read more →

DevOps’ish 217: KubeCon EU 2021, COSI confusion, Kohl’s GitOps tool, Colonial Pipelines attack, dev platforms, Docker dead in water, GitOps Con 2021, PodTopologySpread, and more

It was indeed KubeCon EU this week. What my family is told is one of my Super Bowl events (KubeCons and Red Hat Summit are in that class). It was indeed an extraordinary virtual event. That’s right; you read that right. KubeCon EU 2021 was a great virtual event. No one besides Deserted Island DevOps and CNCF has unlocked successful models of making a virtual event enjoyable. As a speaker, I did not test anything until thirty minutes before the talk on Friday morning. Read more →

DevOps’ish 206: Kubernetes README, ‘I will slaughter you’, Corey Quinn in NYT, 200 Million Certificates in 24 Hours, GitOps with Flux2, K8s on ISS, and more

Sometimes you don’t know what the world needs until someone tells you. On Monday this week, a friend asked if I had any additional books to point them to for Kubernetes help. I have a mile-long list in my head. I said, yeah, let me punch that up for you real quick. But, instead of creating a locked down doc or dust bin email, I built a website. Behold, Kubernetes README. Read more →

DevOps’ish 198

Remember last week how I said things would be punchier? Well, I updated the DevOps’ish Solarwinds supply chain compromise Index. By the way, Microsoft says it was, “used by a different threat actor.” I wrote the parts of the newsletter below, which are probably helpful. ¯\_(ツ)_/¯ The past few days have been incredibly challenging mentally and physically. I’m not sure if I would do it all the same way again. Read more →

DevOps’ish 188

We kinda went down a rabbit hole this week when I suggested folks check out yq, “The aim of the project is to be the jq or sed of yaml files.” First, there’s nothing wrong with this project. I like it, I find the tool useful, and that’s that. But the great debate started over our lord and savior, YAML. Yeah, I know, XML vs. JSON vs. YAML vs. TOML vs. Read more →

DevOps’ish 185

My daughter just informed me she very likely has contracted COVID-19. My apologies but, I’m going to forgo my usual introduction in the newsletter this week. I was going to discuss this lengthy piece but, give it a read instead: The Developer-Led Landscape. DevOps’ish is brought to you by Accurics. They’re cool people doing cool things with cloud native security. Check them out! Scanning Kubernetes IaC configurations with Terrascan Read more →