DevOps'ish

Cloud Native, DevOps, Open Source, industry news, culture, and the ‘ish between.

DevOps’ish 229: Kubernetes 1.22, KubeCon schedule announced, security fails abound, Zoom’s paltry fine, finally death to 996, NSA Kubernetes Hardening Guidance, and much more

Kubernetes 1.22 shipped this week. I suggest you, at a minimum, read the release blog post or take a gander at the CHANGELOG and definitely read the No, really, you MUST read this before you upgrade. Some of the bigger changes: Audit log files are created with mode 0600 (owner read-only) Rootless mode containers moving to alpha: In my opinion, if you use Podman, you’re used to this. If you’re not, you should be using rootless containers intentionally for security reasons (more on that later). Read more →

DevOps’ish 184

This is quite clever. DevOps’ish is brought to you by Accurics. Just announced: Terrascan extends Policy as Code to Kubernetes. People One lone hero in production is not sustainable-not for you, not for high-functioning teams, and not for customers who depend on your service. Collaborate well by instrumenting observability from the very beginning, and enable more resilient teams to build more reliable systems sustainably. In our guide, Developing a Culture of Observability, we lay out why o11y culture and tools go hand-in-hand. Read more →

DevOps’ish 180

Welcome! What a week it was. KubeCon EU 2020 was this past week. And amongst all the announcements there was a lot of activity and interaction too. Two things I realized this week were, first, y’all are really bubble gumming and duct taping clusters together into production like it’s no big deal just waiting to be bit by something. Second, the Kubernetes community is really an amazing bunch of people, in general. Read more →