​​Friday is a good day for some humor.

I bet you have heard about the 10x Engineer. But have you heard about -10x Engineer.

Jokes aside, this is a nice article of what things to avoid at work.

And here's a good review of this article by Primagen.

Remember that a couple of years ago GitHub has disabled automatic execution for its Actions?

The idea behind this decision is more or less described in this article - Build Pipeline Security. The problem described in this article is not some sort of a rocket science. Thus, any malicious actor can do something similar.

This brings me to the topic of CI integrations for public repositories. I think on some podcast or in some article I’ve heard an advice for the beginners to create their pet project and configure CI for it. So, you can show that you have some practical experience. Ok, GitHub has you covered, but what about other CIs which are available for public repositories? Thus, I might have been a good advice, if we were living in the world here all the people are kind to each other, which is not the case.

Does it mean that you cannot have a CI for your pet-project? Of course, not! Just be careful with what it actually can execute on each step. The author of the linked article suggests putting deploy noscripts into a separate private repository. I think, nowadays any major VCS vendor allows one to have at least one private repository for free.

Yet, I would say that this is not good enough and you should also make sure that you should follow GitHub’s steps and enforce a mandatory approvals for CI runs as well as have some quotas in place for the compute resources available for your CI. Again, GitHub has you covered here, but if you want to use something else, you are on your own.

#cicd #security #github #aws

​​Today it's been 6 years since this channel was created.

It's all started on the 22nd of May 2017. Thank you for staying with us for so long and hope you enjoy this journey as much as I do!

If you want to with CatOps happy birthday, you could donate to one of these charities:

- Pavlo Bondarenko
- UA Responders
- Come Back Alive
- Serhiy Prytula Charity Foundation
- Kolo Foundation
- Or any other fundraiser that you trust

I'm also thinking about making a special AMA edition of our voice chat this Thursday. If you have any questions you would like to ask us, feel free to add them to this Sli.Do form. Even if we don't have a voice chat, I can answer them in writing anyway.

Cheers!

#donations #Ukraine

If you want to get familiar with Cilium, the Linux Foundation has a free Introduction to Cilium course, which is a part of the bigger CNCF learning path.

#learning #networking #cilium

A short article on how to infect SSH public keys.

Is it a serious threat - no, not really. However, this article describes a rather unknown feature of SSH as well as serves as a reminder that using keys for SSH access has its flaws.

#security #ssh

A little bit later than usual but a new issue of the CatOps Digest is here!

#newsletter #digest

​​Today I want to remind you about the UA Responders Foundation that raise funds for tactical medicine.

Tactical medicine saves lives!

#donations #Ukraine

​​DNS is one of the protocols that powers the Internet. Yet, sometimes it seems like people dismiss it as something trivial or boring.

NsLookup Learning Center is a collection of articles about various concepts of DNS that can help you to better understand how it works.

#dns

Who will win: Kubernetes or a simple list request? is a postmortem-like story that unveils how Kubernetes objects are retrieved from ETCD.

It’s useful to know those quirks bot only when you write software that talk to the Kube API, but also when you operate a cluster under the load since those request could be generated by something else.

#kubernetes #etcd

At last!

I have finalized the results of this year’s Kubernetes Operations Survey by CatOps! You can find it:

- In my personal blog.
- On Substack.

Ukrainian version is currently in review and (hopefully) is coming soon.

Also, I would appreciate it, if you subscribe to my Substack, since I put such long posts there rather than on Telegram.

Have a great weekend!

#kubernetes #catops

An incredible story by Juraj Majerik.

In his spare time he has created an Uber-simulation app. With Go on backend and React on front-end.

He didn’t just created an app but also deployed it and configured the infrastructure and monitoring for it. Moreover, he has documented the entire process. So, you can pretty much follow his journey.

There is also a neat summary of this project by Gergely Orosz (Pragmatic Engineer). Here is a part I want to highlight:

I really like how this project showcases _just_ _how much time_ can go into infrastructure setup. At companies with dedicated platform teams, those teams take exactly this kind of load off other teams building greenfield projects.

Both as an engineer, and especially as an engineering manager, don’t forget there’s a real cost to setting up and then maintaining infrastructure. Much infrastructure work is invisible as it does not involve commits, and most engineers won’t document the time they spend on these tasks, like Juraj has. But this is work that still needs to be done!

#programming #devops

Today we have a joint fundraiser by DOU and Kolo: Send a shark to the seaside.

The goal is to raise ₴10М to buy 5 Shark UAVs for the 15th Separate Brigade of the Artillery Reconnaissance.

The link above is in Ukrainian. Unfortunately, there’s no English version yet. However, here’s a direct link to donate.

#donations #Ukraine

A new episode of our voice chat (in Ukrainian) is here!

This time we discussed our job interviews experience from different countries. We also talked about what’s it like to lay off people and if AI will replace us.

You can find this new episode on:

- YouTube
- Spotify
- Apple Podcasts
- Google Podcasts
- Substack

P.S. I have switched to Substack for episodes hosting. So, it’s a good time to subscribe 😉

#voice #interviews #говорилка

Convert your rage into donations.

There are two important ongoing fundraisers by Come Back Alive:

- Pack the Sky to strengthen the air defense.
- We are living here for demining operations.

#donations #Ukraine

Kubernetes as a Platform.

Frankly, you can skip the most of the text from this article. However, it gives a nice high-level overview of the tools you can use in Kubernetes to address various aspects of the platform building.

#kubernetes #platform

Late night CatOps Digest:

https://newsletter.catops.dev/p/catops-digest-2023-06-11

#CatOps #newsletter

For today’s Donations Monday I would like to remind you about Pavlo and Naya who raise funds for recon drones and equipment for them.

This week’s goal is to get a bit more than €10k drones and the telecommunication equipment.

- Pavlo’s requisites
- Naya’s requisites

#donations #Ukraine

In my last Kubernetes Operations Survey, there were very few Cluster API users. However, the technology is not abandoned at all.

So, if you want to know more about Cluster API, check out the learning course by VMware.

Also, check out the results of the Kubernetes survey if you haven't done that already.

#kubernetes

A kinda old article by Sarah Drasner with a couple of tips for Engineering Managers. Yet, those advices are timeless, one could say.

I'm posting this since I assume that there are also people in EM roles among the subscribers.

Also, if you missed the voice chat about Engineering Management with Oleks Maistrenko, make sure to check that out too!

#management

From our subscriber:

Till the end of June you can save up to 40% on the Linux Foundation courses with this promo code:

JUNEBBQ40

UPD. Also, AWS has extended the promo code for exam retake. So, if you fail the exam the first time, you can retake it for free. More details:

AWSRETAKE

#linux #education #kubernetes #aws

Some Friday material (also, from our subscribers, btw).

DevOps is Bullshit.

Now, once you've got clickbaited, let's talk. The premise of this article has been already repeated many times in different words: a single person cannot know everything and be good in everything, job-specialization is actually good, you can have good enough Jacks of All Trades in the beginning, but it doesn't scale.

The answer that this article provides is to build platforms. Internal platforms, specifically. You know, do Platform Engineering. And I fully agree with this statement. Yet, this article comes from a company that sells you an "IDP as a Service". So, you can clearly see some vested interest here. What I dislike specifically about this article is that instead of striving for standardization, a good platform should "accommodate all the various needs and configurations". I mean, if you sell it to others, it makes sense. If you are building an internal platform, why would you do that?

Anyway, nice Friday read. Here's a reaction video by Primeagen (this is how I actually "read" this article).

Also, if you have any interesting things to share - welcome to our chat! Chat is in Ukrainian, tho.

#devops #culture #platform