Howdy folks, my colleague Vlad (DevOps Engineer) needs a car for the 128th brigade where he serves.
Volkswagen T4/T5
> We need a car for unfolding/folding communication nodes.
> For example this https://auto.ria.com/auto_volkswagen_t5_transporter_pass_33307692.html
Link to the MonoBank jar: https://send.monobank.ua/jar/AfWQTNoK5w
Bank card number:
5375 4112 0077 9804
Thank you for your support.
Volkswagen T4/T5
> We need a car for unfolding/folding communication nodes.
> For example this https://auto.ria.com/auto_volkswagen_t5_transporter_pass_33307692.html
Link to the MonoBank jar: https://send.monobank.ua/jar/AfWQTNoK5w
Bank card number:
5375 4112 0077 9804
Thank you for your support.
HUG Kyiv #15: Terraform
What:
- How (not) to test terraform.
- Helm charts in TF, good together :)
Who:
- Vsevolod Polyakov, SRE engineer @ Let's Enhance, founder of ukrops.club and author of @UkropsDigest.
- Oleksiy Kraevy, Senior DevOps engineer @ YayPay, a DevOps switcher from telecom, currently at a fin-tech startup on AWS.
When: Tuesday 25th October, 19:00 (Kyiv TZ)
Where: Online
Language: Ukrainian
Please, register here
#event
What:
- How (not) to test terraform.
- Helm charts in TF, good together :)
Who:
- Vsevolod Polyakov, SRE engineer @ Let's Enhance, founder of ukrops.club and author of @UkropsDigest.
- Oleksiy Kraevy, Senior DevOps engineer @ YayPay, a DevOps switcher from telecom, currently at a fin-tech startup on AWS.
When: Tuesday 25th October, 19:00 (Kyiv TZ)
Where: Online
Language: Ukrainian
Please, register here
#event
A blog post by Charity Majors about Platform Engineering as a next generation of OPS-ish work.
She also created a table of skills, or rather skills differences, between Platform engineers and DevOps engineers. I don’t fully agree with all those differences, but I’m not quite sure yet, is it because I’m not fully onboarded yet to the concept of Platform Engineering or I just generally disagree.
Anyways, if you need a single-sentence summary of the Platform Engineering, let it be this one:
One of the key principles of any developer platform is that it should be easy to do the right things, and hard to do the wrong things.
#culture #platform_engineering
She also created a table of skills, or rather skills differences, between Platform engineers and DevOps engineers. I don’t fully agree with all those differences, but I’m not quite sure yet, is it because I’m not fully onboarded yet to the concept of Platform Engineering or I just generally disagree.
Anyways, if you need a single-sentence summary of the Platform Engineering, let it be this one:
One of the key principles of any developer platform is that it should be easy to do the right things, and hard to do the wrong things.
#culture #platform_engineering
Honeycomb
The Future of Ops Is Platform Engineering
Platform engineering works cross-functionally with other SWE teams, optimizing their time to value and helping them own their code in prod.
A blog post by The Duckbill’s Group CEO Mike Julian with an ambitious title: “Why Cloud Finance Is Broken and Ineffective”.
The Duckbill’s Group is a consultant company that helps its customers to reduce their cloud spendings. Mostly in AWS (frankly, I’m not sure if they work with other clouds).
Despite the ambitious title, this article advocates for a very simple idea: “the cost of a cloud is a matter of architecture”. Yes, you can apply AWS savings plans to reduce the cost, you can obviously terminate dangling instances and volumes. It all contributes to your savings, but still the most important part is the architecture.
There’s also a linked article in the same blog that clarifies a bit this thesis as well as provides some practical insights into how to think about your architecture as a cost center.
The second article is AWS-specific, but the first one basically applies to any cloud.
#cloud #money #aws
The Duckbill’s Group is a consultant company that helps its customers to reduce their cloud spendings. Mostly in AWS (frankly, I’m not sure if they work with other clouds).
Despite the ambitious title, this article advocates for a very simple idea: “the cost of a cloud is a matter of architecture”. Yes, you can apply AWS savings plans to reduce the cost, you can obviously terminate dangling instances and volumes. It all contributes to your savings, but still the most important part is the architecture.
There’s also a linked article in the same blog that clarifies a bit this thesis as well as provides some practical insights into how to think about your architecture as a cost center.
The second article is AWS-specific, but the first one basically applies to any cloud.
#cloud #money #aws
The Duckbill Group
Why Cloud Finance Is Broken and Ineffective
Cloud finance is more “cloud” than “finance.” This fundamental misunderstanding leads to very ineffective cloud finance efforts. Here's how to fix them.
Do you prefer understandable diagrams to tons of text?
C4 model - describe principles for creating architecture diagrams and how to be sure that they will be useful and readable.
The site includes talk, which is so amazing, that I propose you spend 35min on it.
One of the mentioned tools in the talk is Structurizr. We start adopting that tool a few weeks ago and the final results look pretty nice.
And yes, Structurizr is more powerful than Mermaid, but do not work in plain markdown.
#documentation
C4 model - describe principles for creating architecture diagrams and how to be sure that they will be useful and readable.
The site includes talk, which is so amazing, that I propose you spend 35min on it.
One of the mentioned tools in the talk is Structurizr. We start adopting that tool a few weeks ago and the final results look pretty nice.
And yes, Structurizr is more powerful than Mermaid, but do not work in plain markdown.
#documentation
YouTube
Visualising software architecture with the C4 model - Simon Brown, Agile on the Beach 2019
In Simon Brown's talk at AOTB 2019 he explores the visual communication of software architecture based upon a decade of Simon’s experiences working with software development teams large and small across the globe.
He looks at what is commonplace today,…
He looks at what is commonplace today,…
HUG Kyiv #15: Terraform will start in a few hours
When: Tuesday 25th October, 19:00 (Kyiv TZ)
Where: Online
Language: Ukrainian
Youtube - https://youtu.be/S3LeJUhkJMw
Zoom - https://www.meetup.com/kyiv-hashicorp-user-group/events/288776938/
When: Tuesday 25th October, 19:00 (Kyiv TZ)
Where: Online
Language: Ukrainian
Youtube - https://youtu.be/S3LeJUhkJMw
Zoom - https://www.meetup.com/kyiv-hashicorp-user-group/events/288776938/
A nice article by a friend of mine on how to replace GNU Make with Invoke and Python. The nice part is that it goes beyond some simple “Hello world” examples.
I think using a tool like Invoke or Rake is beneficial. Yet, I still use GNU Make in many places mostly because it’s available almost everywhere out of the box.
As a bonus you can also check out the Task tool - yet another task automation tool written in Go. It uses YAML for configuration, therefore it’s declarative, but you know… YAML. Also, using a full fledged programming language obviously provides more features and flexibility.
#make #iac #automation
I think using a tool like Invoke or Rake is beneficial. Yet, I still use GNU Make in many places mostly because it’s available almost everywhere out of the box.
As a bonus you can also check out the Task tool - yet another task automation tool written in Go. It uses YAML for configuration, therefore it’s declarative, but you know… YAML. Also, using a full fledged programming language obviously provides more features and flexibility.
#make #iac #automation
Medium
Better make for automation
Everyone probably knows about make and Makefiles. Initially a build automation tool, it’s often used as wrapper around different tools to…
A list of security tools for AWS. It has both defensive and offensive as well as auditing tools.
This list is really huge, so I’m pretty sure that if you’re working on hardening your AWS setup, you’ll find something interesting for you there.
#security #aws
This list is really huge, so I’m pretty sure that if you’re working on hardening your AWS setup, you’ll find something interesting for you there.
#security #aws
GitHub
GitHub - toniblyx/my-arsenal-of-aws-security-tools: List of open source tools for AWS security: defensive, offensive, auditing…
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc. - toniblyx/my-arsenal-of-aws-security-tools
It looks like on Tuesday, Nov 1st, we will need to patch OpenSSL 3.x.x.
A critical vulnerability has been found in OpenSSL versions 3.0.0 through 3.0.6. So, older version are likely not affected by this problem.
Yet, Ubuntu 22.04 and RHEL 9.x have OpenSSL 3.x.x, hence require an upgrade.
The same news from another source.
#security
A critical vulnerability has been found in OpenSSL versions 3.0.0 through 3.0.6. So, older version are likely not affected by this problem.
Yet, Ubuntu 22.04 and RHEL 9.x have OpenSSL 3.x.x, hence require an upgrade.
The same news from another source.
#security
ZDNET
OpenSSL warns of critical security vulnerability with upcoming patch
We don't have the details yet, but we can safely say that come Nov. 1, everyone -- and I mean everyone -- will need to patch OpenSSL 3.x.
Humble Bundle has a new collection of Ops courses by Pluralsight.
This is a bundle of 20 items that together cost ~€31. And it has courses for different topics like Kubernetes, Terraform, cloud technologies, etc.
#courses #humblebundle
This is a bundle of 20 items that together cost ~€31. And it has courses for different topics like Kubernetes, Terraform, cloud technologies, etc.
#courses #humblebundle
Humble Bundle
Learn IT Ops with Pluralsight
We’ve teamed up with Pluralsight for our newest bundle. Get courses in IT operations covering cloud computing, AWS, and more, and support Girls Who Code.
The whole purpose of managed services is that you don’t need to care much about many things except costs. Yet, cost management could be tricky in the cloud.
Obviously, there are many consultants and services that build their business model by helping people to save some bucks.
However, there are also community solutions.
For example, here’s a community calculator for AWS VPN and a similar calculator for Google Cloud VPN.
Bonus: Reddit discussion about the Google Cloud VPN Costs calculator.
#aws #gcp #costs #networking
Obviously, there are many consultants and services that build their business model by helping people to save some bucks.
However, there are also community solutions.
For example, here’s a community calculator for AWS VPN and a similar calculator for Google Cloud VPN.
Bonus: Reddit discussion about the Google Cloud VPN Costs calculator.
#aws #gcp #costs #networking
There's gonna be a couple of posts today, so here's the first one.
AWS now allows one to transfer Elastic IPs between AWS accounts.
That's it. These are the news. However, it's a significant change especially for those, who are in process of re-design their cloud architecture.
#aws
AWS now allows one to transfer Elastic IPs between AWS accounts.
That's it. These are the news. However, it's a significant change especially for those, who are in process of re-design their cloud architecture.
#aws
Amazon
Amazon Virtual Private Cloud (VPC) now supports the transfer of Elastic IP addresses between AWS accounts
So, recently I posted about the TLS vulnerability that was patched on the 1st of November.
Here someone gathered the list of affected operation systems and patched version references
Make sure to check if you’re covered!
#security #tls
Here someone gathered the list of affected operation systems and patched version references
Make sure to check if you’re covered!
#security #tls
Telegram
CatOps
It looks like on Tuesday, Nov 1st, we will need to patch OpenSSL 3.x.x.
A critical vulnerability has been found in OpenSSL versions 3.0.0 through 3.0.6. So, older version are likely not affected by this problem.
Yet, Ubuntu 22.04 and RHEL 9.x have OpenSSL…
A critical vulnerability has been found in OpenSSL versions 3.0.0 through 3.0.6. So, older version are likely not affected by this problem.
Yet, Ubuntu 22.04 and RHEL 9.x have OpenSSL…
A nice technical article about volume snapshots in Kubernetes.
Kubernetes has a snapshot-controller with vendor-independent API. This article explains what are the benefits of using snapshots as well as provides several use case scenarios with configuration examples.
#kubernetes
Kubernetes has a snapshot-controller with vendor-independent API. This article explains what are the benefits of using snapshots as well as provides several use case scenarios with configuration examples.
#kubernetes
Palark
Kubernetes snapshots: What are they and how to use them?
An introduction to snapshots in Kubernetes and an overview of typical usage cases. Creating PVC templates, cloning data for testing, and performing consistent backups.
pgdump-aws-lambda is a ready-to-use Lambda function that creates a dump of your PostgreSQL database and streams it it S3.
There is already a native way to backup RDS databases. However, I can see a couple of use cases for this tool. For example:
- Backup databases that run on plain EC2 machines. I’m not sure if anyone does it today, but I worked in a company that did.
- Backup databases located outside AWS in case of hybrid setups. Obviously, it’s going to be challenging to configure such interconnection in a secure and reliable way, but if you’re using a hybrid setup, you already know what am I talking about.
- Use this Lambda function as a blueprint and extend its functionality. For example, obfuscate certain fields to create a non-production DB for tests, etc.
TBH, I’m not sure how it’s going to work with the 15 minutes hard limit for execution time for Lambdas, but you won’t find out unless you try, I guess.
So overall, an interesting project that I won’t likely use myself, but it might be fun to play with.
#databases #aws #serverless
There is already a native way to backup RDS databases. However, I can see a couple of use cases for this tool. For example:
- Backup databases that run on plain EC2 machines. I’m not sure if anyone does it today, but I worked in a company that did.
- Backup databases located outside AWS in case of hybrid setups. Obviously, it’s going to be challenging to configure such interconnection in a secure and reliable way, but if you’re using a hybrid setup, you already know what am I talking about.
- Use this Lambda function as a blueprint and extend its functionality. For example, obfuscate certain fields to create a non-production DB for tests, etc.
TBH, I’m not sure how it’s going to work with the 15 minutes hard limit for execution time for Lambdas, but you won’t find out unless you try, I guess.
So overall, an interesting project that I won’t likely use myself, but it might be fun to play with.
#databases #aws #serverless
GitHub
GitHub - jameshy/pgdump-aws-lambda: Lambda function for executing pg_dump and streaming the output to s3.
Lambda function for executing pg_dump and streaming the output to s3. - jameshy/pgdump-aws-lambda
A very interesting article about when to use AWS Lambda functions and when not.
The article explores a couple of serverless scenarios and whether it’s required to use a Lambda function there.
In nutshell: do not use Lambda when there’s a native integration between the components; and use it to transform data, not to transport it.
#aws #serverless
The article explores a couple of serverless scenarios and whether it’s required to use a Lambda function there.
In nutshell: do not use Lambda when there’s a native integration between the components; and use it to transform data, not to transport it.
#aws #serverless
Medium
When to use a Lambda function, and when not?
With the increasing number of direct integration between AWS services, AWS Lambda is not as essential as it used to be. So, when to use it?
This is a small nice article about how small changes could impact performance.
I like such stories very much. I believe, they expose the beauty of software engineering. Just like in maths classes complex equations result in something like x = 1.
Also, one can learn from this article a thing or two about the memory allocation in Go as well as some performance profiling techniques.
#programming #go #performance
I like such stories very much. I believe, they expose the beauty of software engineering. Just like in maths classes complex equations result in something like x = 1.
Also, one can learn from this article a thing or two about the memory allocation in Go as well as some performance profiling techniques.
#programming #go #performance
Hmarr
Making a Go program run 1.7x faster with a one character change • Harry Marr
Programmer and engineering manager working at GitHub. Co-founded Dependabot, and helped build Monzo and GoCardless.
Well, it’s happening. Pulumi now supports YAML in GA.
Here are my thoughts about this. The imperative revolution didn’t happen. We haven’t suddenly started to define the infrastructure in TypeScript or Go. Also, it looks like both approaches can co-exist just fine, even as a part of a single tool.
I think that the second point is great, because the users (we) have more options. Smaller setups can benefit from a simpler declarative way, while more complicated installations can leverage the whole power of general purpose languages.
#iac #pulumi
Here are my thoughts about this. The imperative revolution didn’t happen. We haven’t suddenly started to define the infrastructure in TypeScript or Go. Also, it looks like both approaches can co-exist just fine, even as a part of a single tool.
I think that the second point is great, because the users (we) have more options. Smaller setups can benefit from a simpler declarative way, while more complicated installations can leverage the whole power of general purpose languages.
#iac #pulumi
pulumi
Pulumi YAML General Availability
Pulumi YAML 1.0 with IDE integration, full convert support, simpler function syntax and Kubernetes Operator embedding