What about the Donations Monday? Well, this time it's not really a foundation or a specific need.

Friends of mine are organizing a special fundraising event - Kubernetes Community Days Ukraine.

As you all know, I don't usually post events' announcements here. Yet, there are exceptions like this.

#donations #Ukraine

Remember those interview questions: “What happens during Linux boot process”, “What happens when you open a link in your browser”, and so on?

Well, the new age has come with questions like “What happens when you you do kubectl <command>”. I was actually asked this question on one of the interviews.

And here’s a guide on GitHub that explains just that.

P.S. Sorry, if I have shared it already. I’m going through some of my old bookmarks and trying to figure out, if there’s anything valuable in there. So, expect some old articles here.

#kubernetes

As you may have heard, LastPass had a breach recently.

And it looks like things are more complex comparing to the initial “some encrypted data was retrieved”.

According to this article, organizations need to re-onboard their users with SSO provider (if they used any) to ensure that their data is secure in LastPass.

Reddit discussion.

#security

The first spring issue of the CatOps Newsletter in live!

https://catops.substack.com/p/catops-digest-2023-03-05

#newsletter

​​A technological Donations Monday!

One of the biggest Ukrainian charity foundations - Come Back Alive - has announced a "Cyber Fundraiser" together with Portmone.

The goal is to collect 50M UAH for cyber defense and offense. Currently, only 19% is reached.

#donations #Ukraine

Spegel is an in-cluster OCI registry mirror.

It allows nodes to pull images from other nodes in a cluster when a public registry (or your private registry) is not available.

It can also help you to avoid rate limiting and decrease outside traffic if you’re using public registries to pull images in your clusters.

#kubernetes

​​The recording of our latest voice chat (in Ukrainian) is already available!

This time we were talking about dynamic (and not only) development environments in a cloud.

As usual, you can listen to it on your favorite platforms:

- Spotify
- Apple Podcasts
- Google Podcasts
- Anchor

It is also available on YouTube

Also, I would appreciate it if you rate CatOps on the platform you’re listening to it or put your 👍 on YouTube.

P.S. If you would like to listen to CatOps on a platform that is currently not available, please, let me know in the chat.

#voice #говорилка

It’s not a security-focus channel, but I post security-related things from time to time.

There is a book bundle related to cybersecurity on sale at Humble Bundle.

I cannot judge the quality of those books since I’m not an expert. Yet, hopefully it may be interesting to some of you.

#security

Some time ago (initial commit on the 2nd of May 2021) I started a small side-project - an Awesome List of Ukrainian IT Communities.

There are more than 60 chats, groups, channels, and other resources mentioned there already! And I would appreciate if you help to make this list even more awesome 😎

Your PRs are very welcome!

Also, there is web view if you prefer that.

#culture

A graphical explainer of how CORS works.

BTW, you can subscribe to this author on Substack. They post very nice zines from time to time!

#cors #web

​​Today's Donations Monday also goes to Come Back Alive.

Long hands of the Territorial Defense has accumulated 75% of its goal already and 7 regions have closed their goal. Let's help other TRDs complete their objectives as well!

If your region is already all-set, you can always help your neighbors or regions that have fewer donations, or Luhansk, which is the next in line.

#donations #Ukraine

UPD: Ah, sh*t, the Google Form was disabled! I have enabled it, so not it should work as expected.

A new Kubernetes operations survey by CatOps.

Last year I did a Kubernetes operations survey. You can find the results here.

There are things that would be interesting to observe in dynamic. Thus, I decided to make it an annual survey. Last year there were 102 responses, I hope there will be more this year. So, I would very appreciate it, if you could spend a couple of minutes to complete it.

I will share the results here, of course.

#kubernetes #survey

Docker Buildkit has a new `COPY --link` feature.

With --link enabled, files added with COPY won't be copied to the previous layer, but a new layer will be created. This can help you to better cache specific things and accelerate your Docker builds.

#docker

And not so great news about Docker.

Apparently, Docker is now deleting Open Source organizations.

Basically, the bottom line is that you cannot have an organization on a free account. At the first glance, it looks ok: you want a production-grade SaaS - you pay for it.

The main concern is that there's no official statement from Docker that existing names of such organizations will be locked, so no one can get those except original owners, even with paid accounts. Otherwise, it will open a gate for potential malicious code injection attacks.

#docker

​​You can know inside Terraform is a resource already known during plan stage or will be known only after apply.

That could be a useful hack to avoid "for_each" value depends on resource attributes that cannot be determined until apply error in cases when it could happen and still be able to use nice naming, that does not trigger resource recreation in case of list values change/reorder.

P.S. Not sure that it should be used anywhere at all.

#terraform

We are not about Marketing, but today's neat peak is:
Bad communication is a key to being remembered by millions of users.

https://www.docker.com/blog/we-apologize-we-did-a-terrible-job-announcing-the-end-of-docker-free-teams/

The new CatOps Digest is here!

Also, now you can access CatOps newsletter on its own domain: https://newsletter.catops.dev/

Have a nice day 👋

#newsletter #digest

Today I want to remind you about the UA Responders foundation that is gathering funds for tactical medicine.

They accept donations via cards, PayPal, and bank transfers. Also, they have a legal entity in Poland, so it's easy to transfer money inside the EU.

#donations #Ukraine

​​An article about why you should think twice before using Alpine Linux for your container images.

In nutshell, Alpine uses musl - an implementation of C standard library and many things depend on C standard library including DNS. Since musl doesn’t support DNS over TCP by design, you may get nxdomain errors if the DNS response is more than 512 bytes. And it can happen in Kubernetes.

TBH, Alpine got more stable in the recent years, but still…

The article also provides some alternatives like Wolfi, UBI, and of course, Debian/Ubuntu images. You can use Distroless images as well if you are looking for a small and secure images.

Also, here’s a related Reddit thread, so you can follow the discussion there as well.

#docker #alpine #dns #Kubernetes

​​​HUG Kyiv #16: Terraform

What:
- Deploy apps to K8s with Terraform
- RebonateBot: what, why, and how we use it

Who:
- Andrii Veklychev, SRE @ LiveLink Technology
- Maksym Vlasov, CatOps Engineer @ Star

When: Tuesday 28th March, 19:00 (Kyiv TZ)
Where: Online
Language: Ukrainian

Please, register here

#event

​​A new episode of our voice chat is here (in Ukrainian)!

This time we talked a little bit about observability and deploy of AWS Lambdas. You can find it on:
- YouTube
- Spotify
- Apple Podcasts
- Google Podcasts

Enjoy!

Also, I used AI-based voice enhancement by Adobe in this episode. So, let me know if it's better this way in the chat. Also, if you want to participate in the upcoming voice chats, do not hesitate to join! We usually do those each other Thursday at 20:00 Kyiv time. The next one will probably be next week.

P.S. If you want even more than that, DOU is currently looking for hosts for their own DevOps-themed podcast! If you want to be one, make sure to fill out that form!

#voice_chat #говорилка #observability #serverless