And not so great news about Docker.

Apparently, Docker is now deleting Open Source organizations.

Basically, the bottom line is that you cannot have an organization on a free account. At the first glance, it looks ok: you want a production-grade SaaS - you pay for it.

The main concern is that there's no official statement from Docker that existing names of such organizations will be locked, so no one can get those except original owners, even with paid accounts. Otherwise, it will open a gate for potential malicious code injection attacks.

#docker

​​You can know inside Terraform is a resource already known during plan stage or will be known only after apply.

That could be a useful hack to avoid "for_each" value depends on resource attributes that cannot be determined until apply error in cases when it could happen and still be able to use nice naming, that does not trigger resource recreation in case of list values change/reorder.

P.S. Not sure that it should be used anywhere at all.

#terraform

We are not about Marketing, but today's neat peak is:
Bad communication is a key to being remembered by millions of users.

https://www.docker.com/blog/we-apologize-we-did-a-terrible-job-announcing-the-end-of-docker-free-teams/

The new CatOps Digest is here!

Also, now you can access CatOps newsletter on its own domain: https://newsletter.catops.dev/

Have a nice day 👋

#newsletter #digest

Today I want to remind you about the UA Responders foundation that is gathering funds for tactical medicine.

They accept donations via cards, PayPal, and bank transfers. Also, they have a legal entity in Poland, so it's easy to transfer money inside the EU.

#donations #Ukraine

​​An article about why you should think twice before using Alpine Linux for your container images.

In nutshell, Alpine uses musl - an implementation of C standard library and many things depend on C standard library including DNS. Since musl doesn’t support DNS over TCP by design, you may get nxdomain errors if the DNS response is more than 512 bytes. And it can happen in Kubernetes.

TBH, Alpine got more stable in the recent years, but still…

The article also provides some alternatives like Wolfi, UBI, and of course, Debian/Ubuntu images. You can use Distroless images as well if you are looking for a small and secure images.

Also, here’s a related Reddit thread, so you can follow the discussion there as well.

#docker #alpine #dns #Kubernetes

​​​HUG Kyiv #16: Terraform

What:
- Deploy apps to K8s with Terraform
- RebonateBot: what, why, and how we use it

Who:
- Andrii Veklychev, SRE @ LiveLink Technology
- Maksym Vlasov, CatOps Engineer @ Star

When: Tuesday 28th March, 19:00 (Kyiv TZ)
Where: Online
Language: Ukrainian

Please, register here

#event

​​A new episode of our voice chat is here (in Ukrainian)!

This time we talked a little bit about observability and deploy of AWS Lambdas. You can find it on:
- YouTube
- Spotify
- Apple Podcasts
- Google Podcasts

Enjoy!

Also, I used AI-based voice enhancement by Adobe in this episode. So, let me know if it's better this way in the chat. Also, if you want to participate in the upcoming voice chats, do not hesitate to join! We usually do those each other Thursday at 20:00 Kyiv time. The next one will probably be next week.

P.S. If you want even more than that, DOU is currently looking for hosts for their own DevOps-themed podcast! If you want to be one, make sure to fill out that form!

#voice_chat #говорилка #observability #serverless

I love reading postmortems. A good postmortem usually unveils a set of problems some of which you can have in your company as well. As they say: there is never a single root cause.

Here is a postmortem from Reddit about their Pi-day outage.

It has everything you love: complex systems, legacy software, processes that were not tested that well, sacred knowledge that is long gone, etc.

Don’t get me wrong, I’m saying that not to shame Reddit. In fact they did a great job highlighting all the problems. It’s much harder and takes more courage than just say: Calico broke - Calico bad.

Also, I have similar problems at my place as well and I bet you have too. This why it’s important to recognize the importance of such “low priority tech debt”. Cleaning that out may save your company’s ass someday.

#kubernetes #networking #postmortem

One of the “because we can” tools: cfnctl adds Terraform commands when working with CloudFormation.

The idea is that you still have to write CloudFormation templates but the tool adds commands like plan, apply, destroy, and output.

#aws #tools

​​Just a reminder that our Kubernetes Operations Survey is still open! The goal of this survey is to better understand so-called 2nd day operations on Kubernetes e.g. upgrades, migrations and maintenances.

I would really appreciate it if you can spend a couple of minutes to complete it. Thanks a lot!

#kubernetes

​​Today’s Donations Monday is a reminder about the Cyberdef fundraiser by Come Back Alive.

The goal is to raise 50M UAH for telecom and compute equipment. Currently, about 40% is covered.

#donations #Ukraine

My boss from one of the previous jobs has written an article about algorithms that an SRE should know.

This is not a comprehensive article that describes each of them, rather a list that one can use to dig further. The list contains some load balancing, distributed consensus, and health check algorithms that we encounter every day but seldom think how they work under the hood.

#algorithms #programming #sre

​​​HUG Kyiv #16: Terraform will start in 2 hours!

What:
- Deploy apps to K8s with Terraform
- RenovateBot: what, why, and how we use it

Who:
- Andrii Veklychev, SRE @ LiveLink Technology
- Maksym Vlasov, CatOps Engineer @ Star


Where: Zoom (registration here), Youtube
Language: Ukrainian

​​And back to events.

Videos from the Kubernetes Community Days Ukraine are now available on YouTube!

Enjoy more than a dozen talks from the leaders of the industry!

#slides #kubernetes

GitLab is adopting FluxCD as its GitOps engine.

This is process has just started. So, GitLab's own Kubernetes agents remain the same and, according to this article, likely won't be deprecated till 2025. However, the GitOps functionality is transitioned into the maintenance mode.

Also, this article contains the justification behind Flux. Mainly, it was chosen because it fully relies on Kubernetes API, while Argo provides it's own API and UI, which is harder for GitLab folks to integrate into their own product.

#cicd #gitops #gitlab #kubernetes

Video from the 16th HashiCorp User Group Kyiv meetup (in Ukrainian) is available now!

If you were wondering what to watch on Friday, you have a perfect candidate!

Topics of this meetup:
- Deploy apps to K8s with Terraform
- RenovateBot: what, why, and how we use it

#slides #hashicorp #terraform #kubernetes

As a continuation of the HashiCorp / Terraform topic, I would suggest you an article by Yi Lu “The Pains in Terraform Collaboration”.

Problems discussed in this article may not be new to the Terraform users. Those are good old: state management, organization of the environments, merge-apply dilemma, etc.

Yet, the author points out the approaches different tools leverage to overcome those issues. Also, hopefully this article will motivate you to use Atlantis if you aren’t using it already.

#terraform #hashicorp

The new CatOps Digest is here!

You can read in on Substack. Also, if you like it, make sure to subscribe and tell your friends or colleagues about it 😉

#newsletter

For today’s Donation Monday I want to remind you about individual volunteers. Specifically, about my friends Pavlo and Naya who collect funds for drones and telecommunication equipment.

- Pavlo’s requisites
- Naya’s requisites

If you know other individual volunteers, make sure to donate them as well. There is no such thing as a small donation.

#donations #Ukraine