A new Monday column!

As you might have noticed, each CatOps post
has a button which leads to the page with various links on where to
donate and how to support Ukraine in other ways.

There are the
links to big foundations, which is fine. Those folks have earned their
reputation. However, I want to help my friends, who also gather
donations for AFU. Those are people I know personally and I want to help
them not just monetary, but with some visibility as well.

So, Pavlo and Naya are gathering funds for various needs, but mostly recon drones and other electronics.

You can follow each of them on Twitter to get updates on each round of donations.
- Pavlo
- Naya

Their requisites for donations:

- Pavlo
- Naya

Thank you for your help!

#donations #ukraine

A short article on how to deploy an application into multiple Kubernetes clusters using ArgoCD. And also Vcluster and Kyverno.

It starts with cluster creation and walks you through the whole thing up to a running app. An interesting point for me was an ability of Kyverno to create resources based on event. I didn’t know about this ability and it seems very powerful (now, I’m wondering if one can create a resource in a cluster by an event in another using Kyverno).

However, I’ve missed some things here as well. It’s not like an example is a “hello world” one, it’s fine. Yet, I would appreciate it, if there were more in-depth glance into Argo. How does it manage an app in several clusters? Can one use multiple clusters for HA purposes, but abstract an app via Argo? What would happen if one needs an odd number of replicas, how is it going to be distributed between clusters?

If you know the answer, I’d be happy to have a chat with you. Also, if you have an article on that, I would happily check it out and also share it here!

#kubernetes #argocd

​​Your SSO session can be stolen.

At least Grammarly, with their white partner prepared an internal phishing attack and get access to their OTP SSO session.

As a result, they choose to move to FIDO2, to prevent the possibility of that attack vector.

More about the attack and why choose FIDO2 in Part 1.
About implementation and problems - in Part 2.

#security

Folks at Cloudflare describe how they work with Terraform there.

This article contains some examples of using Cloudflare's Terraform provider, so those might be handy if you're using their product.

Also, there's a controversial opinion about the usage of Tf modules. This article claims that one should avoid modules, because they decrease clarity in the long run. Like, if you have multiple environments or accounts, or applications that are similar but slightly different from each other, the cardinality of modules' variables may become unbearable.

I won't comment on this. I think this is one of those cases, when context matters the most. Such an approach may suit you or may not. You need to decide whether you'd better use modules or not yourself.

#terraform

Notify is a simple Go library to send notifications to various channels e.g. popular messengers, social apps and message services such as SNS.

You can find the list of all supported destinations as well as an example of usage in the README.

#programming #go

The first CatOps newsletter issue of 2023 is live!

#newsletter

Happy Monday!

Here's the next "Donations Monday" updates, and I want to share with you the UA Responders foundation.

They mostly specialize in tactical medicine, but also cover other urgent needs.

How do I know them: my wife is helping them with some organizational stuff and my classmate takes care of their warehouse logistics.

They also have registration in Poland, so you can donate via IBAN in Zloty. However, there are other ways such as PayPal available as well.

P.S. A message for all the salespeople from ruzzia, who think this is a good idea to come to my dm and ask to promote your shit: go fuck yourself!

#donations #Ukraine

terraform-hcloud-kube-hetzner
is a Terraform module to create a lightweight Kubernetes cluster in the Hetzner cloud. It's based on openSUSE MicroOS and k3s Kubernetes distribution.

I'm not a big fan of Hetzner for many reasons, but if you need to run a cluster for cheap, this might be a viable solution for you.

P.S. This tool was initially shared in the CatOps chat (the chat is in Ukrainian). Feel free to join, if you like to! We also have voice rooms in open spaces format there to discuss various topics
from time to time.

#hetzner #kubernetes #terraform

Charity Majors argues in her article that taking job hierarchy too close to your heart is problematic. We all want to get promotions and have our contributions recognized. However, this is not a race to the bottom. Getting a position that you hate just because it’s higher in the hierarchy can be damaging to your wellbeing.

I think this is an important thing. I know many folks, who strive for “higher” positions not because they want to make an impact, but because “this is how the world works”. Also, I know situations when people are in the positions they’re not qualified for, but they’re just “too long with the company”, etc.

The main argument is that it’s totally fine to be an engineer and stay on the individual contributor’s track.

There are a couple of advices from Charity on how to make this work:
- Treat work hierarchy not as a ladder, but as a data structure: the hierarchy represents, who does what, but not who is “cooler”
- Involve engineers into the decision making process. If becoming a manager is the only way to make your voice heard, you’re in a wrong organization
- Flatten compensation ranges: it’s not necessary for the managers to earn more than individual contributors. In fact, it can be the opposite in many cases
- Be transparent and make sure that people understand not only what do they do, but also why. It’s not the amount of work that makes people burn out in many cases, but a feeling of meaningless of that work.

#culture

As you may have noticed, there were not that many posts in the recent days. I even missed the newsletter (there will be one, no worries). And generally I may not post much this week.

Yet, the Monday donations post is a must.

So. Musicians Defend Ukraine is a fund created by the folks from Ukrainian music industry. One of them is a good friend of mine (shout-out to Kontrabass Promo!)

If you always dreamed to be a musician but ended up in engineering somehow, do not hesitate to donate! Actually, do not hesitate to donate regardless your relationship with music.

#donations #Ukraine

So, I was out for some time because both FOSDEM and Cfgmgmt Camp conferences are back offline.

Here you can find some notes from a friend of mine on some talks from the Go devroom:
- Summary “Five Steps to Make Your Go Code Faster & More Efficient”
- Summary “Squeezing a go function”
- Summary “Recipes for reducing cognitive load”

I need some time to process both conferences and write something on my own. I'll try to do it this week, but no commitments.

Also, a lot of FOSDEM videos are already available online. You can check them out on the official website.

#slides #go #programing

Ok, folks. Now, it's my time to post a recap from Fosdem and Configuration Management Camp conferences.

You can find it on Substack or in my blog.

Also, I would appreciate it if you subscribe to my substack! I consider moving my writing activities there and keep the blog only as a markdown backup.

Unfortunately, I don't write that often, but hey, it's free to subscribe!

#slides #fosdem #cfgmgmt_camp #event

Green Metrics is a tool to measure energy impact and CO2 equivalent of your workloads. This is still an experimental tool, so don't run it in production, please.

Yet, I still want to share it because there's a visible shift in the industry from "just give it more cloud instances" towards resource optimization.

Another example is AWS using Rust for many of their core products to achieve their sustainability goals.

Also, there was a dedicated Energy track on FOSDEM, the first time in its history.

There are multiple driving factors for this shift. Funny enough, one of them being COVID. As a speaker from Meta (Facebook) said: "We would have been happy to add more servers, but there were no more servers because factories in China were closed due to COVID too".

#sustainability #enegry #aws

I posted about S3 encryption not being a panacea back in a day.

Here’s another article about why AWS S3 encryption by default won’t solve security for you and why you still have to pay attention to the bucket settings.

#aws #security

​​Donations Monday again!

TBH, I ran out of funds and charities in which I have personal connections.

So, this week I would appreciate it, if you could donate to my "little motherland" - Chernihiv region in the "Long Hands of TRD" project by Come Back Alive foundation! Of course, it's completely Ok if you want to support any other region.

I don't think this foundation require any sort of introduction. So, you know, what to do ;)

P.S. I need to get a new Linktree list with charities. I'll figure it out, I promise.

#donations #Ukraine

This is an unplanned post for today, but still.

A critical vulnerability was discovered in MacOS and iOS. That allegedly allows an arbitrary code to be executed with kernel privileges.

Please, make sure to update your OS on Apple devices if you have any. Also, make sure that your IT department is aware of this in case you have Apple devices as work machines.

Patched versions:
- MacOS: 13.2.1
- iOS: 16.3.1

The official statement doesn’t have much info. There is more in this Twitter thread.

#security

Long time no posts about databases! So, here’s a short story of how Retool migrated their 4TB Postgres database from version 9.6 to 13.

There are a couple of interesting moments in this story:
- “Lift and shift” migrations are still the case. Sometimes it’s better to have a brief period of downtime than risk a migration to fail mid-way
- Cloud solution might not suit or even fail you. Running things in the cloud doesn’t mean that you don’t need to take care of operations whatsoever (especially when it comes to DBs)
- Test using representative workload be it number of requests or the size of DB.
- Even if there’s a tool for a job, it may require some tweaking. Also, sometimes you need to be creative (it’s in the article, they’ve wrote a script to migrate a pair of particularly large tables)
- Write run books :)

I don’t know, how many of you manage databases, but these points are applicable not only to DB migrations I must say.

#databases

​​Finally! I have finished processing the recording of our previous Voice chat!

Last time we were talking about testing of Kubernetes and also what it takes to be a mentor. Audio is in Ukrainian.

I cut too many pauses in the end, so the conversation sounds a bit false in the end. I'll try to do better next time.

You can ~watch~ listen to it on YouTube. Audio is also available on Anchor and Spotify. It should be available soon on Apple Podcasts and Google Podcasts as well, but I'm not sure how often do those services read RSS.

Enjoy!

​​Happy World Cats Day!

Feel free to share your cats in the comments 😏

P.S. It's the first Cats Day in 2023. Up to 7 more are coming

New digest is here!
🎉🎉🎉

#newsletter #digest

Getting back to Pavlo and Naya for this Donations Monday.

They need to gather ~ €8100 for this week’s needs. 37% is there, 63% more to go! You know what to do!

- Pavlo’s requisites
- Naya’s requisites

#donations #Ukraine