DevOps'ish

DevOps, Cloud Native, Hybrid Cloud, Open Source, industry news, culture, and the ‘ish between.

DevOps’ish 239: KubeCon, tzdata, weak SSH keys revoked, Linux kernel CPU Namespace proposal, multicloud, and more

KubeCon + CloudNativeCon North America 2021 in Downtown Los Angeles was fantastic. I got to see friends I hadn’t seen in a long time and some people I met for the first time. “I didn’t realize you were so tall” was a common statement from people I was meeting for the first time. It was very cool to meet folks in the community and Red Hat for the first time. Read more →

DevOps’ish 237: The week before KubeCon, special announcement this week, Slack DNS issues, HTTPS is everywhere, Competitive Compatibility, PostgreSQL 14, Kube-fledged, and more

It has been a stressful and challenging past few weeks. But, it’s all worth it in the end. My KubeCon schedule is taking shape. I’ll be in L.A. starting Saturday, so if you’re around, feel free to ping me to chat or hang out. I mentioned on the CNCF Ambassador call last week something I’ve noticed recently. Thanks to the pandemic, my already sometimes tough to manage anxiety around large crowds in confined spaces is WAY worse. Read more →

DevOps’ish 229: Kubernetes 1.22, KubeCon schedule announced, security fails abound, Zoom’s paltry fine, finally death to 996, NSA Kubernetes Hardening Guidance, and much more

Kubernetes 1.22 shipped this week. I suggest you, at a minimum, read the release blog post or take a gander at the CHANGELOG and definitely read the No, really, you MUST read this before you upgrade. Some of the bigger changes: Audit log files are created with mode 0600 (owner read-only) Rootless mode containers moving to alpha: In my opinion, if you use Podman, you’re used to this. If you’re not, you should be using rootless containers intentionally for security reasons (more on that later). Read more →

DevOps’ish 229: Kubernetes 1.22, KubeCon schedule announced, security fails abound, Zoom’s paltry fine, finally death to 996, NSA Kubernetes Hardening Guidance, and much more

Kubernetes 1.22 shipped this week. I suggest you, at a minimum, read the release blog post or take a gander at the CHANGELOG and definitely read the No, really, you MUST read this before you upgrade. Some of the bigger changes: Audit log files are created with mode 0600 (owner read-only) Rootless mode containers moving to alpha: In my opinion, if you use Podman, you’re used to this. If you’re not, you should be using rootless containers intentionally for security reasons (more on that later). Read more →

DevOps’ish 227: So hot right now, Sunk Cost Fallacy, Right to Repair, future of tech events, HelloKitty ransomware now targets VMware ESXi, GitHub Copilot, and more.

I was struck with a very mild case of heat exhaustion a couple of weeks ago after standing over a hot grill hosting our family’s 4th of July party. So when the article “How hot is too hot for the human body?” came across my desk this week, I was uniquely interested in it. I’ve run several miles in the Middle East, the high plains of Colorado, Florida, the jungles of Honduras, and many points in between. Read more →

DevOps’ish 226: Kubernetes non-code contributions, don’t ban politics at work, engineers waste 1 day a week on technical debt, CentOS Stream is working out, and more

If you follow me on Twitter you know I’ve had a hard time with stable internet this week. Co-workers asking about my absence, I appreciate you. Sorry, y’all, sometimes everything breaks at once. But then today I get this when working on something newsletter related. Y’all… I can’t. I can’t. I can’t. Omg... Y'all... This error message. I can't. "This is an unsupported graphic file. GIF is the only supported graphic file type. Read more →

DevOps’ish 225: AWS Infinidash, GPT-3 via GitHub Copilot, Polywork, rainbow marketing, LinkedIn breach, VMs hiding ransomware, Kubernetes overspend, Helm, GitOps, Tailscale with Kubernetes, and more

“AWS Infinidash is a new networking technology that is being introduced to the AWS cloud. This technology is being used by AWS to provide a new networking model that is more efficient and more scalable than the current networking model.” —GPT-3 GPT-3 generated that statement about AWS Infinidash thanks to GitHub Copilot. I’m also using GitHub Codespaces through VSCode and the web to write this week’s newsletter. I’ll probably have a write-up on these new tools in the near future. Read more →

DevOps’ish 220: Fretting over free tier, Amazon’s creepy network, NOBELIUM, Half-Double Rowhammers on sale, Istio vs. Linkerd, cost of cloud, and more

I’m in surgery recovery mode. I will be for a while it looks like. Nerves are weird. Do me a favor; if you’re reading this, take the 2021 DORA State of DevOps survey. People Growing Concerns among Developers about the AWS Free Tier It feels like if you think you’re keeping yourself in the free tier you’re an API call or bug in the system away from a massive panic attack. Read more →

DevOps’ish 207: Solarwinds, 4 hour a week Kubernetes maintainer, mischievous Mailchimp, secrets management, Digital Ocean IPO, Sysdig, BOOP, Flux, and More

DevOps’ish is in a state of spring cleaning. First, I’ve found a tool that I like more than Pocket to bookmark and save pages in Raindrop.io. All the Recommended Reads automation is now pulling from Raindrop.io. Then three Zapier rules ferry everything off to the appropriate places. I made that transition midweek. Next is the newsletter service itself. I’ve been unhappy with the current provider ever since doing the never-easy switch from Mailchimp (how forward-thinking that was) to the current provider. Read more →

DevOps’ish 193

Saturday morning, I awoke at 5 AM to pain and an awful headache. I know this headache well; it was a headache from looking at a computer screen too much (after 25 years in the industry, I rarely get these). It was the headache of sitting down before 8:30 AM on Friday, the next time you look up it’s almost 2 PM, and you’ve crossed one thing off your list. Read more →