Not a technical post.
Today is the Volunteer Day. I want to dedicate this post to all the people who help daily our military forces as well as civilians.
Thank you for your work and dedication!
Now, I add a Linktree to each post that contains links to various volunteer organizations as well as other useful things. Today I want to share individuals and foundations I regularly support personally.
- Pavlo Bondarenko and Naya are collecting funds for recon drones and Starlinks for AFU. The both have PayPal, so it’s easy to send money from outside Ukraine. Pavlo is a friend of mine, we’ve been to Sziget Festival together a couple of times. Before the full scale invasion he was running a Ukrainian podcast production “Radio Podil”.
Pavlo’s links
Naya’s links
- UA Responders a foundation specialized on tactical medicine and other medical things. I know them, because my wife is actively helping there and my classmate helps them with logistics. They have Polish IBAN, so it’s handy to send money from within the EU. Obviously, they have other ways to accept donations as well.
- Come Back Alive. I mean, they do not require an introduction. This is the most famous and probably the oldest volunteer organization in Ukraine that helps UA military. Also, now they have a convenient web form to accept donations right in their website.
(image via @lachentyt)
#volunteers #Ukraine
Today is the Volunteer Day. I want to dedicate this post to all the people who help daily our military forces as well as civilians.
Thank you for your work and dedication!
Now, I add a Linktree to each post that contains links to various volunteer organizations as well as other useful things. Today I want to share individuals and foundations I regularly support personally.
- Pavlo Bondarenko and Naya are collecting funds for recon drones and Starlinks for AFU. The both have PayPal, so it’s easy to send money from outside Ukraine. Pavlo is a friend of mine, we’ve been to Sziget Festival together a couple of times. Before the full scale invasion he was running a Ukrainian podcast production “Radio Podil”.
Pavlo’s links
Naya’s links
- UA Responders a foundation specialized on tactical medicine and other medical things. I know them, because my wife is actively helping there and my classmate helps them with logistics. They have Polish IBAN, so it’s handy to send money from within the EU. Obviously, they have other ways to accept donations as well.
- Come Back Alive. I mean, they do not require an introduction. This is the most famous and probably the oldest volunteer organization in Ukraine that helps UA military. Also, now they have a convenient web form to accept donations right in their website.
(image via @lachentyt)
#volunteers #Ukraine
Here’s an article on Currying in Go. Currying is a technique borrowed from the functional programming. It’s essentially a partial implementation of a function.
Anyways, I find such articles interesting, because they show some unconventional angles of a language. I haven’t personally used currying in Go yet. However, examples in that article look reasonable. Maybe, one I day I will try it.
I’m not saying that you should use this technique in your code, but maybe you find it useful. In the latter case, you’re welcome!
#go #programming
Anyways, I find such articles interesting, because they show some unconventional angles of a language. I haven’t personally used currying in Go yet. However, examples in that article look reasonable. Maybe, one I day I will try it.
I’m not saying that you should use this technique in your code, but maybe you find it useful. In the latter case, you’re welcome!
#go #programming
A quite old article on debugging a NodeJS AWS Lambda function.
Yet, I still want to share this one, because even if you don‘t have NodeJS functions specifically, the article has some insights on how to debug Lambda functions in general.
Also, there some take away points that would be relevant for any HTTP workload, not just JS.
#aws #serverless
Yet, I still want to share this one, because even if you don‘t have NodeJS functions specifically, the article has some insights on how to debug Lambda functions in general.
Also, there some take away points that would be relevant for any HTTP workload, not just JS.
#aws #serverless
bahr.dev
How We Debugged And Fixed 'EMFILE: too many files open' On AWS Lambda NodeJS
This article shows how we debugged and fixed an 'EMFILE: too many files open' error on AWS Lambda.
An “Awesome SLOs” list.
Books, articles, videos, and more.
Also, it’s open source, so feel free to contribute!
#slo #observability
Books, articles, videos, and more.
Also, it’s open source, so feel free to contribute!
#slo #observability
GitHub
GitHub - stevexuereb/awesome-slo: Curated list of resources on SLOs
Curated list of resources on SLOs. Contribute to stevexuereb/awesome-slo development by creating an account on GitHub.
Last week we recorded one of our usual voice chats as a test. So, more people who were unable to join because of blackouts could listen to it.
Moreover, the topic of our voice chats was: “How to work without electricity, Internet access, and utilities”.
Although, we have touched other topics as well, as it usually happens:
- Starlinks and external antennas
- M1/2 MacBooks
- Ancient communication technologies
The recording is in Ukrainian and available on:
- YouTube as a static image
- Spotify
- Apple Podcasts
- Google Podcasts
- Anchor
Enjoy!
#voice #говорилка
Moreover, the topic of our voice chats was: “How to work without electricity, Internet access, and utilities”.
Although, we have touched other topics as well, as it usually happens:
- Starlinks and external antennas
- M1/2 MacBooks
- Ancient communication technologies
The recording is in Ukrainian and available on:
- YouTube as a static image
- Spotify
- Apple Podcasts
- Google Podcasts
- Anchor
Enjoy!
#voice #говорилка
YouTube
Як працювати без світла
Записали в тестовому режимі говрилку про те, як працювати, коли немає світла.Поговорили про зарядні станції, акумулятори, Старлінки, Макбуки на М1/2 (і які в...
Disk encryption in AWS is close to useless and potentially harmful.
No, it’s not like AWS is going to do anything with your data.
tl;dr: Encryption at rest protects you from cases when someone steals your disk. However, such an attack vector is so hard in a cloud environment that it’s completely worthless for an attacker.
However, the correct implementation of the encryption at rest will take time and effort that you can put into real risk mitigation and security hardening instead.
#security #aws
No, it’s not like AWS is going to do anything with your data.
tl;dr: Encryption at rest protects you from cases when someone steals your disk. However, such an attack vector is so hard in a cloud environment that it’s completely worthless for an attacker.
However, the correct implementation of the encryption at rest will take time and effort that you can put into real risk mitigation and security hardening instead.
#security #aws
Mellow Root
Disk encryption in AWS is close to useless and potentially harmful
Security theater is the practice of taking security measures that are considered to provide the feeling of improved security while doing little or nothing to...
Monokle CLI is yet another tool to validate cnfiguration for the objects in your
Kubernetes clusters. It's a part of a bigger Monokle project and can be used as a CLI and integrated into your CI/CD pipeline.
For now it can validate:
- YAML syntax
- The schemas of your YAMLs against a configurable K8s version
- Links/references between Kubernetes resources
- A set of predefined OpenPolicyAgent (OPA) policies
- Custom rules written in typescript
Also, it looks like there's an active development around this tool at the moment. So, let's see, how it goes.
#kubernetes
Kubernetes clusters. It's a part of a bigger Monokle project and can be used as a CLI and integrated into your CI/CD pipeline.
For now it can validate:
- YAML syntax
- The schemas of your YAMLs against a configurable K8s version
- Links/references between Kubernetes resources
- A set of predefined OpenPolicyAgent (OPA) policies
- Custom rules written in typescript
Also, it looks like there's an active development around this tool at the moment. So, let's see, how it goes.
#kubernetes
Medium
Monokle-CLI: Flexible Kubernetes YAML Validation
The importance of validation of your Kubernetes YAMLs as part of your pre-commit/deploy workflows is evident as the adoption of…
I like graphical representations of complex systems.
So, here you are: a zine-like scheme of the RAFT consensus algorithm
#raft #zine
So, here you are: a zine-like scheme of the RAFT consensus algorithm
#raft #zine
SRE-ish
Understanding RAFT consensus algorithm
A zine about RAFT
A nice overview of how Docker works on non-Linux hosts as well as an explanation, why I/O operations are so slow. Plus, some hints on how to make it faster for the local development.
tl;dr. Because Docker requires Linux capabilities, thus is has to have Linux VM to run Linux-based images on MacOS and Windows. This VM shares filesystem with the host, which is slow. There’s a new implementation VirtioFS, which is faster, but still not ideal.
We briefly discussed ways of running Docker on the new M-based Macs on our previous voice chat and this article has links to some tools we mentioned there, specifically: Rancher Desktop and Colima.
Also, I recall developers at my previous job complaining about slow-ish Docker performance, but IIRC VirtioFS was not widely adopted back then.
#docker #linux
tl;dr. Because Docker requires Linux capabilities, thus is has to have Linux VM to run Linux-based images on MacOS and Windows. This VM shares filesystem with the host, which is slow. There’s a new implementation VirtioFS, which is faster, but still not ideal.
We briefly discussed ways of running Docker on the new M-based Macs on our previous voice chat and this article has links to some tools we mentioned there, specifically: Rancher Desktop and Colima.
Also, I recall developers at my previous job complaining about slow-ish Docker performance, but IIRC VirtioFS was not widely adopted back then.
#docker #linux
Paolomainardi
Docker on MacOS is slow and how to fix it
Thanks to the DALL·E 2, we finally have a very nice graphic representation of the feelings of a Docker container inside a macOS environment, I will try with this article to make this poor container safe to the coast.
TL;DR Link to heading At the time of writing…
TL;DR Link to heading At the time of writing…
cURL is going to support an output of server certificates in PEM format using
Support for these new
-w
(write-out) options.Support for these new
-w
variables has been merged into curl’s master branch and is scheduled to be part of the coming release of curl version 7.88.0 on February 15th, 2023.Sup! I'm back from vacationing.
First, I wanted to share something serious and fundamental-ish as the first post of the year. Unfortunately, I haven't read anything worthful yet :\
So, I want to share an episode from the ShipIT podcast, which is called "Fundametals". It was published a while ago, but I listened to it just recently.
I think it fits perfectly my idea to start this year on CatOps with something more interesting than just a link to a tool, etc. Enjoy!
BTW, this episode is also available on the major streaming platforms (I listened to it on Spotify). I won't provide the links, though, because I don't know which platform do you use. Also, their website has a transcript. So, if you prefer reading to listening, it's possible as well.
#podcast
First, I wanted to share something serious and fundamental-ish as the first post of the year. Unfortunately, I haven't read anything worthful yet :\
So, I want to share an episode from the ShipIT podcast, which is called "Fundametals". It was published a while ago, but I listened to it just recently.
I think it fits perfectly my idea to start this year on CatOps with something more interesting than just a link to a tool, etc. Enjoy!
BTW, this episode is also available on the major streaming platforms (I listened to it on Spotify). I won't provide the links, though, because I don't know which platform do you use. Also, their website has a transcript. So, if you prefer reading to listening, it's possible as well.
#podcast
Changelog
Fundamentals with Kelsey Hightower (Ship It! #44)
Today’s conversation with Kelsey Hightower showed Gerhard what he was missing in his quest for automation and Kubernetes. The fundamentals that Kelsey shares will most certainly help you level up your game. This is a follow-up to the last 45 seconds of the…
A new OPS-ish books collection from Humble Bundle - Linux and Sysadmin Tools.
As usual, you can pay a little bit more than €17 to unlock the whole bundle of 15 books.
Speaking of the books I can see there, I’ve heard that “Linux Pocket Guide” by Daniel J. Barrett is a good entry level book. Also, I’ve heard that “Linux System Programming” by Robert Live is good, although a little bit too specific. I’m personally interested in the AWK book the most. I use it in my day-to-day work quite frequently and I feel like I still too far away from its true potential.
#books
As usual, you can pay a little bit more than €17 to unlock the whole bundle of 15 books.
Speaking of the books I can see there, I’ve heard that “Linux Pocket Guide” by Daniel J. Barrett is a good entry level book. Also, I’ve heard that “Linux System Programming” by Robert Live is good, although a little bit too specific. I’m personally interested in the AWK book the most. I use it in my day-to-day work quite frequently and I feel like I still too far away from its true potential.
#books
Humble Bundle
Humble Tech Book Bundle: Linux and Sysadmin Tools by O'Reilly
We’ve teamed up with O’Reilly for our newest bundle. Get books like Bash Cookbook & Linux Pocket Guide. Plus, pay what you want & support charity!
Fluent Bit 2.0.0 with support for traces is released!
It means that now Fluent Bit fully integrates with systems like Prometheus and OpenTelemetry natively.
#observability
It means that now Fluent Bit fully integrates with systems like Prometheus and OpenTelemetry natively.
#observability
GitHub
Release Fluent Bit 2.0.0 · fluent/fluent-bit
News
Fluent Bit v2.0.0 is the stable release!, new changes on this version:
Logs, Metrics, and Traces
Fluent Bit has always been agnostic of the data that its processes and moves around; one of the...
Fluent Bit v2.0.0 is the stable release!, new changes on this version:
Logs, Metrics, and Traces
Fluent Bit has always been agnostic of the data that its processes and moves around; one of the...
A couple of days ago I attended a CNCF meetup here in Berlin (full recording is available on YouTube). So, I want to share some things that were presented there.
- NeuVector - an open-source security solution for Kubernetes recently bought by Suse. It has UI, so one can do click-ops if they want, but one can then export all the rules into custom definitions and apply in any other cluster. Obviously, you can configure NeuVector using only YAML as well. Feel free to explore their GitHub. Although, the website has more information about the tool.
- Tetragon - another real-time observability/security tool based on eBPF by the developers of Cilium. It doesn’t do CVE scans like NeuVector, but provides some real-time visibility and rules enforcement. Also, it doesn’t have a fancy UI.
- Cilium service mesh. It’s also based on eBPF. Check it out if you want to have a service mesh, but not sure about heavyweight solutions like Istio.
- Despite that several Cilium-based tools I mentioned before, the second talk was about the Cilium Cluster Mesh. It’s not new, but this solution looks very promising, especially if you’re running multiple clusters for HA or multi-region purposes.
#Kubernetes #security #networking
- NeuVector - an open-source security solution for Kubernetes recently bought by Suse. It has UI, so one can do click-ops if they want, but one can then export all the rules into custom definitions and apply in any other cluster. Obviously, you can configure NeuVector using only YAML as well. Feel free to explore their GitHub. Although, the website has more information about the tool.
- Tetragon - another real-time observability/security tool based on eBPF by the developers of Cilium. It doesn’t do CVE scans like NeuVector, but provides some real-time visibility and rules enforcement. Also, it doesn’t have a fancy UI.
- Cilium service mesh. It’s also based on eBPF. Check it out if you want to have a service mesh, but not sure about heavyweight solutions like Istio.
- Despite that several Cilium-based tools I mentioned before, the second talk was about the Cilium Cluster Mesh. It’s not new, but this solution looks very promising, especially if you’re running multiple clusters for HA or multi-region purposes.
#Kubernetes #security #networking
YouTube
Kubernetes & Cloud Native Berlin Meetup New Year Edition
Welcome to the live stream of the Kubernetes & Cloud Native Berlin Meetup - Jan 2023. Doors open for the in person meet up at 5 pm. The talks will begin at 6 pm, so stay tuned.
Find more information here: https://www.meetup.com/berlin-kubernetes-meetup…
Find more information here: https://www.meetup.com/berlin-kubernetes-meetup…
My ISP decided to make me a digital detox but now my connection is back, so I can resume posting again!
Here’s a nice Twitter thread by Daniele Palencic about how a Kubernetes Ingress controller works. There’s also an unrolled version, if you prefer it this way.
Btw, I highly recommend subscribing to Daniele. He has some wonderful content on Kubernetes and also he has workshops on learnk8s.io
#kubernetes
Here’s a nice Twitter thread by Daniele Palencic about how a Kubernetes Ingress controller works. There’s also an unrolled version, if you prefer it this way.
Btw, I highly recommend subscribing to Daniele. He has some wonderful content on Kubernetes and also he has workshops on learnk8s.io
#kubernetes
Threadreaderapp
Thread by @danielepolencic on Thread Reader App
@danielepolencic: How does the Ingress controller really work in Kubernetes? I had to find out for myself, so I built one from scratch in bash 1/ Before diving into the code, here is a quick recap...
Usually, Sundays are for the newsletter. However, there was not that many posts on CatOps yet due to holidays and other stuff.
Yet, here’s another digest. Or more precisely, a list of articles about Internal Development Platforms aka IDPs, things such as Backstage.
There are articles starting from 2019 and the most recent one is from 2023!
#idp
Yet, here’s another digest. Or more precisely, a list of articles about Internal Development Platforms aka IDPs, things such as Backstage.
There are articles starting from 2019 and the most recent one is from 2023!
#idp
internaldeveloperplatform.org
Articles
Articles # Here we provide a repository of the latest and greatest blog posts and articles all about Internal Developer Platforms (IDP). Wrote an amazing piece and like to have it included? Submit a pull request!
2024 # Platform Engineering Dies in 4 Weeks…
2024 # Platform Engineering Dies in 4 Weeks…
A new Monday column!
As you might have noticed, each CatOps post
has a button which leads to the page with various links on where to
donate and how to support Ukraine in other ways.
There are the
links to big foundations, which is fine. Those folks have earned their
reputation. However, I want to help my friends, who also gather
donations for AFU. Those are people I know personally and I want to help
them not just monetary, but with some visibility as well.
So, Pavlo and Naya are gathering funds for various needs, but mostly recon drones and other electronics.
You can follow each of them on Twitter to get updates on each round of donations.
- Pavlo
- Naya
Their requisites for donations:
- Pavlo
- Naya
Thank you for your help!
#donations #ukraine
As you might have noticed, each CatOps post
has a button which leads to the page with various links on where to
donate and how to support Ukraine in other ways.
There are the
links to big foundations, which is fine. Those folks have earned their
reputation. However, I want to help my friends, who also gather
donations for AFU. Those are people I know personally and I want to help
them not just monetary, but with some visibility as well.
So, Pavlo and Naya are gathering funds for various needs, but mostly recon drones and other electronics.
You can follow each of them on Twitter to get updates on each round of donations.
- Pavlo
- Naya
Their requisites for donations:
- Pavlo
- Naya
Thank you for your help!
#donations #ukraine
A short article on how to deploy an application into multiple Kubernetes clusters using ArgoCD. And also Vcluster and Kyverno.
It starts with cluster creation and walks you through the whole thing up to a running app. An interesting point for me was an ability of Kyverno to create resources based on event. I didn’t know about this ability and it seems very powerful (now, I’m wondering if one can create a resource in a cluster by an event in another using Kyverno).
However, I’ve missed some things here as well. It’s not like an example is a “hello world” one, it’s fine. Yet, I would appreciate it, if there were more in-depth glance into Argo. How does it manage an app in several clusters? Can one use multiple clusters for HA purposes, but abstract an app via Argo? What would happen if one needs an odd number of replicas, how is it going to be distributed between clusters?
If you know the answer, I’d be happy to have a chat with you. Also, if you have an article on that, I would happily check it out and also share it here!
#kubernetes #argocd
It starts with cluster creation and walks you through the whole thing up to a running app. An interesting point for me was an ability of Kyverno to create resources based on event. I didn’t know about this ability and it seems very powerful (now, I’m wondering if one can create a resource in a cluster by an event in another using Kyverno).
However, I’ve missed some things here as well. It’s not like an example is a “hello world” one, it’s fine. Yet, I would appreciate it, if there were more in-depth glance into Argo. How does it manage an app in several clusters? Can one use multiple clusters for HA purposes, but abstract an app via Argo? What would happen if one needs an odd number of replicas, how is it going to be distributed between clusters?
If you know the answer, I’d be happy to have a chat with you. Also, if you have an article on that, I would happily check it out and also share it here!
#kubernetes #argocd
Piotr's TechBlog
Manage Multiple Kubernetes Clusters with ArgoCD
In this article, you will learn how to deploy the same app across multiple Kubernetes clusters with ArgoCD, vcluster and Kyverno.