Sometimes, people claim that I am anti-certifications, which is not true. I haven't had an experience in my life when I had to get a certificate for a new job or a promotion. However, if certification works for you, it's great!
Besides, until the 16th of April, you can buy courses from CNCF with 30% discount.
#courses #cncf
Besides, until the 16th of April, you can buy courses from CNCF with 30% discount.
#courses #cncf
Linux Foundation - Training
Promo Inactive - Linux Foundation - Training
Sign up for our newsletter to get updates on our latest promotions.
Despite a clickbait title, this is actually a good article with a list of good practices for Kubernetes.
tl;dr list:
- Use ephemeral contianers for debug
- Use admission controllers
- Kustomize is a nice tool
- Autoscale based on custom metrics if it makes sense
- Tweak API Priority and Fairness (APF) if it makes sense
- Submariner for multicluster (I have used other tools for multi-cluster, there are many ways of connecting clusters, so it's up to you to decide, what to use)
- Use Topology Spread Constraints
#kubernetes
tl;dr list:
- Use ephemeral contianers for debug
- Use admission controllers
- Kustomize is a nice tool
- Autoscale based on custom metrics if it makes sense
- Tweak API Priority and Fairness (APF) if it makes sense
- Submariner for multicluster (I have used other tools for multi-cluster, there are many ways of connecting clusters, so it's up to you to decide, what to use)
- Use Topology Spread Constraints
#kubernetes
Medium
7 Mind-Blowing Kubernetes Hacks
Kubernetes harbors capabilities that even seasoned developers might not be fully aware of. These hacks delve into the more esoteric, yet…
A programming books bundle on Humble Bundle by Manning Press.
There are a couple of books that could be interesting to you, even if programming is not your primary occupation.
#books #programming
There are a couple of books that could be interesting to you, even if programming is not your primary occupation.
#books #programming
Humble Bundle
Humble Tech Book Bundle: Code Like a Pro 2024 by Manning
Tackle coding challenges head-on with this book bundle from Manning! Learn about the strengths of Python, Rust, Go & more! Your purchase helps Girls Who Code.
or today's Donations Monday, I'd like to remind you about a big fundraiser by "Come Back Alive" to support the Ukrainian snipers there's still a long way to go, but the majority of the funds are already there.
#donations#Ukraine
#donations#Ukraine
savelife.in.ua
Снайпінг - savelife.in.ua
Збираємо 220 мільйонів гривень для снайперів, які працюють на великі і надвеликі дистанції
I had a whole talk about testing of the Helm charts, but it's not the only (almost) YAML that you could test!
This blog post describes how one could test their Prometheus alerts. Which is more productive than waiting till something happens.
#observability#testing
This blog post describes how one could test their Prometheus alerts. Which is more productive than waiting till something happens.
#observability#testing
Aviator Blog - Automate tedious developer workflows
A Guide to Unit Testing Prometheus Alerts - Aviator Blog
Although Prometheus alerts are widely used alerting system, unit testing these alerts is uncommon. Learn about best practices of testing these alerts.
I'm no Azure user - this thing came from the chat.
Azure has a collection of verified modules for Terraform and Bicep (their own IaC tool).
So, if you happened to work with Azure, check it out! Maybe, it could make your life a bit easier.
#iac #terraform #azure
Azure has a collection of verified modules for Terraform and Bicep (their own IaC tool).
So, if you happened to work with Azure, check it out! Maybe, it could make your life a bit easier.
#iac #terraform #azure
If you work with Kubernetes, there won't be any new information for you. However, when you encounter a namespace stuck in the "Termination" state the first time, it might be dumbfounding.
This article describes what to do in such situations. Also, it's good to learn about
#kubernetes
This article describes what to do in such situations. Also, it's good to learn about
finalizers
at some point anyway.#kubernetes
Devoriales
Resolve Stuck Namespaces in Kubernetes: A Step-by-Step Tutorial
Some lightweight read for you on Friday.
From the 80's to 2024 - how CI tests were invented and optimized sneak peeks into the history of automated testing. And evaluates possible future avenues where testing strategies could go.
Fun fact: Jenkins is apparently 20 years old. I didn't know that :D
Another fun fact: we had a voice chat about Jenkins recently. Yet, I still need to find some mental power to edit it.
#cicd
From the 80's to 2024 - how CI tests were invented and optimized sneak peeks into the history of automated testing. And evaluates possible future avenues where testing strategies could go.
Fun fact: Jenkins is apparently 20 years old. I didn't know that :D
Another fun fact: we had a voice chat about Jenkins recently. Yet, I still need to find some mental power to edit it.
#cicd
Graphite.dev
From the 80's to 2024 - how CI tests were invented and optimized
While Google started automating its build tests in 2003, the engineering industry took longer to do the same. But automation was sorely needed: Software systems are growing larger and ever more complex… To make matters worse, new versions are pushed to users…
A fresh issue of the CatOps Digest is here:
https://newsletter.catops.dev/p/catops-digest-2024-04-21
#digest #newsletter
https://newsletter.catops.dev/p/catops-digest-2024-04-21
#digest #newsletter
newsletter.catops.dev
CatOps Digest 2024-04-21
What was on CatOps in the last few weeks
For today’s Donations Monday I would like to remind you about the UA Responders foundation that raises funds for medical equipment.
I know these folks personally, so I can vouch for them.
#donations #Ukraine
I know these folks personally, so I can vouch for them.
#donations #Ukraine
Ha! I was sure I shared this article with y'all before, but when I tried to find it on the channel today, I was unable to. In any case, even it was here, it won't hurt to repeat it.
So, here it is - Kubernetes: EKS, Calico and custom Admission Webhooks.
This article sheds some light on the EKS networking. The gist is that if you use anything except the native VPC CNI, your control plane pods (API, scheduler, etc.) and workload pods will end up in different networks, because you cannot install any custom pods into the control plane.
Unless you use admission webhooks, you probably won't even notice; but if you do, API won't be able to contact your admission controller pods without some workarounds.
This is the nature of managed services: you gain something - you loose something.
#kubernetes #eks #aws
So, here it is - Kubernetes: EKS, Calico and custom Admission Webhooks.
This article sheds some light on the EKS networking. The gist is that if you use anything except the native VPC CNI, your control plane pods (API, scheduler, etc.) and workload pods will end up in different networks, because you cannot install any custom pods into the control plane.
Unless you use admission webhooks, you probably won't even notice; but if you do, API won't be able to contact your admission controller pods without some workarounds.
This is the nature of managed services: you gain something - you loose something.
#kubernetes #eks #aws
Medium
Kubernetes: EKS, Calico and custom Admission Webhooks
Timeout problems
A couple of articles on how to improve your CLI experience.
- 7 Amazing CLI Tools You Won't Be Able To Live Without - I really enjoyed this one and borrowed some configuration from there. It also comes with a complimentary video, so you can see those configs in action.
- How I setup my terminal for max productivity - came in the Substack email today. This is basically just a list of many CLI tools, some of them are useful, others less so. You may find something for you there, though.
#cli #productivity
- 7 Amazing CLI Tools You Won't Be Able To Live Without - I really enjoyed this one and borrowed some configuration from there. It also comes with a complimentary video, so you can see those configs in action.
- How I setup my terminal for max productivity - came in the Substack email today. This is basically just a list of many CLI tools, some of them are useful, others less so. You may find something for you there, though.
#cli #productivity
Josean
7 Amazing CLI Tools You Won't Be Able To Live Without
These are 7 amazing cli tools that are incredibly helpful when working on the terminal. There's no going back once you try them!
Two small security-related articles for you today.
- About vulnerabilities in AI and ML applications. tl;dr: with the raise of popularity of AI/ML applications, the number of potential security holes raises as well. Especially interesting is the fact, that sometimes hackers exploit the same attack vectors that were used against the web applications long ago and were mostly mitigated since then.
- A small excerpt from the DevOpsSec report if you'd rather stick with an "old and prooven" technology, there are some bad news for you as well - according to the DevSecOps2024 report, 90% of Java services have vulnerabilities.
#security
- About vulnerabilities in AI and ML applications. tl;dr: with the raise of popularity of AI/ML applications, the number of potential security holes raises as well. Especially interesting is the fact, that sometimes hackers exploit the same attack vectors that were used against the web applications long ago and were mostly mitigated since then.
- A small excerpt from the DevOpsSec report if you'd rather stick with an "old and prooven" technology, there are some bad news for you as well - according to the DevSecOps2024 report, 90% of Java services have vulnerabilities.
#security
Security Boulevard
Vulnerabilities for AI and ML Applications are Skyrocketing
In their haste to deploy LLM tools, organizations may overlook crucial security practices. The rise in threats like Remote Code Execution indicates an urgent need to improve security measures in AI development.
For today's Donations Monday together with AWS Notes and UA Responders we are raising funds for rehabilitation of our warriors.
After the time in hospitals additional rehabilitation is still required for those who lost their limbs or eyesight. The goal of this fundraiser is to provide additional recovery courses for these people.
You can donate to the Monobank Jar:
https://send.monobank.ua/jar/4H6tH9GEPR
Or via a speacial Stripe link (Monobank jars do not always work with non-Ukrainian cards, at least for me).
https://bit.ly/43GbxKj
#donations #Ukraine
After the time in hospitals additional rehabilitation is still required for those who lost their limbs or eyesight. The goal of this fundraiser is to provide additional recovery courses for these people.
You can donate to the Monobank Jar:
https://send.monobank.ua/jar/4H6tH9GEPR
Or via a speacial Stripe link (Monobank jars do not always work with non-Ukrainian cards, at least for me).
https://bit.ly/43GbxKj
#donations #Ukraine
send.monobank.ua
Безпечний переказ коштів
Надсилайте безкоштовно та безпечно кошти
At last! A new issue of our Voice Chat is out! It took me way longer, because I had to switch from Davinci Resolve to Kdenlive, since Davinci doesn't really work on Linux despite their claims.
In any case, here we are. We talked about Jenkins this time: who uses it, why is it still in use, and what alternatives would we use instead.
The voice chat is in Ukrainian and is available on:
- YouTube
- Substack
- Spotify
- Apple Podcasts
- or via a direct RSS feed
#voice_chat #cicd #jenkins
In any case, here we are. We talked about Jenkins this time: who uses it, why is it still in use, and what alternatives would we use instead.
The voice chat is in Ukrainian and is available on:
- YouTube
- Substack
- Spotify
- Apple Podcasts
- or via a direct RSS feed
#voice_chat #cicd #jenkins
YouTube
Jenkins
Цього разу діди наголосували тему Jenkins. Тож обговорюємо чи не першу CI/CD платформу, чому вона досі жива і популярна, а також, які ще варіанти існують на ринку.
Музика на початку та в кінці випуску: Metre - Depth Charge
Музика на початку та в кінці випуску: Metre - Depth Charge
A curious story about S3 billing. So, AWS charges you for unauthorized access attempts to your buckets. Thus, it’s possible to create an attack to inflate someone’s AWS bill if you know the buckets’ names.
Honestly, I’m not sure what’s the moral of this story. Make your buckets private unless public access is strictly required. Do not use common names or if you have to, use prefixes or/and suffixes to distinguish buckets or randomize the names.
#aws #s3 #security
Honestly, I’m not sure what’s the moral of this story. Make your buckets private unless public access is strictly required. Do not use common names or if you have to, use prefixes or/and suffixes to distinguish buckets or randomize the names.
#aws #s3 #security
Medium
How an empty S3 bucket can make your AWS bill explode
Imagine you create an empty, private AWS S3 bucket in a region of your preference. What will your AWS bill be the next morning?
A couple of articles I stumbled upon when researching some things for work.
- You can use ARG in the FROM definition in a Dockerfile. I didn't know that it's possible. Back in a day I tried using ENV there and it didn't work, so I assumed it's non-configurable. Apparently, it is. You may argue if it's a good practice to alter the
- A workaround for Terraform's `default_tags` definition. This way you can "exclude" the
Again, these two articles have no relation whatsoever, just want to share them with you.
#aws #terraform #docker
- You can use ARG in the FROM definition in a Dockerfile. I didn't know that it's possible. Back in a day I tried using ENV there and it didn't work, so I assumed it's non-configurable. Apparently, it is. You may argue if it's a good practice to alter the
FROM
configuration this way, but I can clearly see use cases for that.- A workaround for Terraform's `default_tags` definition. This way you can "exclude" the
default_tags
for some resoures in Terraform. For example, if you're using the default
subnets, etc. that were imported in Terraform. You cannot change tags for those things in AWS, so you need to workaround that. Again, using default
s in AWS is probably not a good practice, but sometimes those things are in use for historical reasons, etc.Again, these two articles have no relation whatsoever, just want to share them with you.
#aws #terraform #docker
DEV Community
Terraform: Prevent default_tags on a specific resource
Prevent AWS default_tags from being applied to a specific resource
A friend of mine is raising funds for an FPV complex for his brother that works as an instructor in the Foreign Legion.
Monobank Jar:
https://send.monobank.ua/jar/2P9ANBRRp4
Card number: 5375411213105070
The goal is 125k UAH and we're almost there.
You can find more info about this fundraiser (in Ukrainian) via these links:
- https://www.instagram.com/reel/C6eCeExtr9B/?igsh=MXM2aHJ4NTc3ejB6eQ==
- https://www.facebook.com/share/v/BvQUapoc2j7jyr3E/?
Monobank Jar:
https://send.monobank.ua/jar/2P9ANBRRp4
Card number: 5375411213105070
The goal is 125k UAH and we're almost there.
You can find more info about this fundraiser (in Ukrainian) via these links:
- https://www.instagram.com/reel/C6eCeExtr9B/?igsh=MXM2aHJ4NTc3ejB6eQ==
- https://www.facebook.com/share/v/BvQUapoc2j7jyr3E/?
Go is super popular in platform engineering. Just recently I participated in a discussion about it on Reddit :D
And at last, HumbleBundle has a book collection dedicated to this language!
#go #programming #books
And at last, HumbleBundle has a book collection dedicated to this language!
#go #programming #books
Humble Bundle
Golang Programming by Packt
Add the powerful open source language Go to your programming repertoire with this bundle of 19 books! Your purchase helps Save the Children.