Kubernetes: tracing requests with AWS X-Ray, and Grafana data source is a step-by-step guide on how to setup tracing in your EKS cluster using AWS X-Ray by Arseniy Zinchenko - a member of the Ukrainian DevOps community.
Also, make sure to subscribe to his Substack! He posts new things quite often and I have no idea where does he find time and willpower to do so 😅
#aws #kubernetes #observability
Also, make sure to subscribe to his Substack! He posts new things quite often and I have no idea where does he find time and willpower to do so 😅
#aws #kubernetes #observability
RTFM! DevOps[at]UA
Kubernetes: tracing requests with AWS X-Ray, and Grafana data source
Launching AWS X-Ray on AWS Elastic Kubernetes Service, creating a Python Flask with the AWS X-Ray SDK, and connecting a Grafana data source for X-Ray
👍10❤1
I got a bit distracted in the recent days, so I make posts with delays.
Today we have a Donations Monday with a twist.
We are raising funds for two foundations at the same time:
- For NayTak for camouflage nets.
- For UA Responders an IVL and a defibrillator for medics from Kraken.
The twist is that you can win a remnant of an S-300 rocket (on the picture).
Every donation for >50 UAH is a chance to win!
You can donate on:
- a Monobank jar: https://send.monobank.ua/jar/5SizeGGzBM
- top up the card directly: 5375 4112 1191 0851
Please, add your contact details if you don’t use MonoBank for donations, so they know how to find you in case you win.
P.S. Tomorrow I will send a new newsletter issue, that I should’ve sent yesterday.
#Donations #Ukraine
Today we have a Donations Monday with a twist.
We are raising funds for two foundations at the same time:
- For NayTak for camouflage nets.
- For UA Responders an IVL and a defibrillator for medics from Kraken.
The twist is that you can win a remnant of an S-300 rocket (on the picture).
Every donation for >50 UAH is a chance to win!
You can donate on:
- a Monobank jar: https://send.monobank.ua/jar/5SizeGGzBM
- top up the card directly: 5375 4112 1191 0851
Please, add your contact details if you don’t use MonoBank for donations, so they know how to find you in case you win.
P.S. Tomorrow I will send a new newsletter issue, that I should’ve sent yesterday.
#Donations #Ukraine
❤7👍3🔥1💩1
A new issue of the CatOps digest is here!
I know it’s not Sunday today, but better late than sorry.
https://newsletter.catops.dev/p/catops-digest-2024-03-05
#digest #newsletter
I know it’s not Sunday today, but better late than sorry.
https://newsletter.catops.dev/p/catops-digest-2024-03-05
#digest #newsletter
newsletter.catops.dev
CatOps Digest 2024-03-05
What was on CatOps in the last couple of weeks...
🔥4❤1👍1
I know that many folks have a mix of corporate and private repositories on their laptops. By private, I mean their small projects,
Here's an interesting guide on one of the ways of how to keep separate users (email, signing key, name) for different repositories.
This would also work if you have repositories backed by different provides. For example, if you need to push to both GitHub and GitLab and use different SSH keys for that.
Here's a condensed version of this article on StackOverflow.
#git
dotfiles repo, forks of public repositories, etc.Here's an interesting guide on one of the ways of how to keep separate users (email, signing key, name) for different repositories.
This would also work if you have repositories backed by different provides. For example, if you need to push to both GitHub and GitLab and use different SSH keys for that.
Here's a condensed version of this article on StackOverflow.
#git
DEV Community
Multiple Identity Gitconfig (with GPG signing)
Have you ever had these problems like I did? You work with multiple groups or companies, or you wan...
👍9
On behalf of the Architecture Stage organizational committee I want to invite you to the DOU Day Conference!
It’ll take place offline in Kyiv on the 18th of May.
The thing is that if you buy a ticket now, you will get -50% off for the second one. So, a great opportunity to grab some tickets together with your teammates.
#event
It’ll take place offline in Kyiv on the 18th of May.
The thing is that if you buy a ticket now, you will get -50% off for the second one. So, a great opportunity to grab some tickets together with your teammates.
#event
👍2🤔1
For today’s Donations Monday I want to remind you that a fundraiser from Come Back Alive for the Ukrainian snipers is still ongoing.
You can support it via this link: https://savelife.in.ua/sniping/
#donations #Ukraine
You can support it via this link: https://savelife.in.ua/sniping/
#donations #Ukraine
savelife.in.ua
Снайпінг - savelife.in.ua
Зібрали понад 234 мільйони гривень на підсилення 100 снайперів для ефективної розвідки та ураження цілей на відстані понад 2 км
👍4
A new episode of our voice chat (in Ukrainian) is here!
We discussed OpenTofu and Terraform's license change in general and tried to find people, who already migrated to the new tool.
The episode is available on:
- YouTube
- Substack
- Spotify
- Apple Podcasts
#voice_chat
We discussed OpenTofu and Terraform's license change in general and tried to find people, who already migrated to the new tool.
The episode is available on:
- YouTube
- Substack
- Spotify
- Apple Podcasts
#voice_chat
YouTube
Говорилка CatOps: OpenTofu vs Terraform
У цьому випуску шукаємо людей, що вже спробували пересісти на OpenTofu і готові поділитись своїми враженнями, а також обговорюємо ситуацію навколо зміни ліцензії Terraform в цілому.
Матеріали, що згадуються у випуску:
- https://blog.terramate.io/10-biggest…
Матеріали, що згадуються у випуску:
- https://blog.terramate.io/10-biggest…
👍8
The core idea of this article is pretty simple: you need to protect your Terraform states. I don't think this is a debatable topic, and anyone has a different opinion on this matter.
To quote the article itself:
However, in the very end, this article provides some suggestions that I never saw implemented IRL:
- Store the state lock in a separately permissioned location
- Use a read-only role for t
#terraform
To quote the article itself:
an attacker can modify the Terraform state file it’s game over and bad times ahead.
However, in the very end, this article provides some suggestions that I never saw implemented IRL:
- Store the state lock in a separately permissioned location
- Use a read-only role for t
erraform plan executions#terraform
Plerion
Hacking Terraform State for Privilege Escalation
What can an attacker do if they can edit Terraform state? The answer should be 'nothing' but is actually 'take over your CI/CD pipeline'.
👍4
I don’t know how many of you here work with networks, but if you do, there’s a book bundle for you to check out.
#books
#books
Humble Bundle
Humble Tech Book Bundle: Networking by Packt
IT pros, level up your skill set with 20 books covering mission critical topics & career-boosting certs! Your purchase supports the Global Foodbanking Network.
👍3❤🔥1👎1🔥1
For todays Donations Monday I want to share with you a fundraiser for 101 Starlink terminals by Dzyga Paw foundation:
https://dzygaspaw.com/starlinks-101
#Donations #Ukraine
https://dzygaspaw.com/starlinks-101
#Donations #Ukraine
👍7💩1
I’m a bit busy this week, so there are going to be only some “low-effort” posts this week.
So, here’s a book bundle about data pipelines.
#books
So, here’s a book bundle about data pipelines.
#books
Humble Bundle
Humble Tech Book Bundle: Pipelines and NoSQL by O'Reilly
Tackle the most complex disciplines in the realm of data with 14 books on pipelines, privacy, machine learning & more! Your purchase helps Code for America.
👍7❤1
A new (delayed) issue of the CatOps Digest is here!
https://newsletter.catops.dev/p/catops-digest-2024-03-24
Better late than never, right?
#digest #newsletter
https://newsletter.catops.dev/p/catops-digest-2024-03-24
Better late than never, right?
#digest #newsletter
newsletter.catops.dev
CatOps Digest 2024-03-24
What was on CatOps in the last few weeks
👍5
Hey!
Let's close that Starlink fundraiser by Dzyga's Paw. There's less than $1k left, so I'm pretty sure we can make it today :D
#donations #Ukraine
Let's close that Starlink fundraiser by Dzyga's Paw. There's less than $1k left, so I'm pretty sure we can make it today :D
#donations #Ukraine
Dzyga's Paw
101 Starlinks For Ukrainian Army! • Dzyga's Paw
We are buying 101 Starlink terminals for the Ukrainian Military! Support this fundraiser, and we will buy TWICE AS MANY Starlinks for the same money!
👍5
Some time ago, I predicted that there is going to be more Kubernetes distributions. Then it didn’t happen, so I thought I was wrong.
Yet, now Canonical has introduced their Kubernetes distribution.
It’s based on the upstream Kubernetes 1.30, has some built-in add-ons, and yes, you can install it with
#kubernetes
Yet, now Canonical has introduced their Kubernetes distribution.
It’s based on the upstream Kubernetes 1.30, has some built-in add-ons, and yes, you can install it with
snap.#kubernetes
Ubuntu
How should a great K8s distro feel? Try the new Canonical Kubernetes, now in beta | Ubuntu
Canonical Kubernetes is a new distribution that combines ZeroOps for small clusters with intelligent automation for larger ones.
🔥9👍1😢1🫡1
A neat comparison between Argo and Flux.
I like the fact that the article mostly focuses on UX and use cases. Yet, I would disagree with this statement here:
I mean sure. If you have enough resources, go for it! However, I witnessed how getting down from “Argo per team” to “just one Argo” reduced resource consumption in a cluster by 90%.
#cicd #gitops
I like the fact that the article mostly focuses on UX and use cases. Yet, I would disagree with this statement here:
would deploy one Argo CD per tenant, where each tenant is an independent developer team with their applications, but it can work with multiple clusters, for example, dev/stage/prod, etc.
I mean sure. If you have enough resources, go for it! However, I witnessed how getting down from “Argo per team” to “just one Argo” reduced resource consumption in a cluster by 90%.
#cicd #gitops
Medium
Argo CD vs Flux CD
I’ve been seeing debates about two popular GitOps tools. I use both and I want to share with you my opinion and use cases.
👍8👎3🔥2😱2
People often say that Observability is a Data problem. Although, it sounds correct intuitively, I cannot say that I fully understood how Data engineering approaches could be applied to the Observability systems.
This article about Wide Events clarified things for me a bit. Indeed, if any event that happened in the system is just an object with some value and useful metadata, things like metrics, logs, and traces become less relevant - it's all events now!
Apparently, this is how Observability is done in Meta, according to the author, and apparently people in Meta like it. I never worked for Meta, I don't know what they really use there and if it's better than the tools available to us mere mortals.
However, this is an interesting concept, and it would be wonderful to see similar projects that are not internal to the Big Tech companies.
#observability
This article about Wide Events clarified things for me a bit. Indeed, if any event that happened in the system is just an object with some value and useful metadata, things like metrics, logs, and traces become less relevant - it's all events now!
Apparently, this is how Observability is done in Meta, according to the author, and apparently people in Meta like it. I never worked for Meta, I don't know what they really use there and if it's better than the tools available to us mere mortals.
However, this is an interesting concept, and it would be wonderful to see similar projects that are not internal to the Big Tech companies.
#observability
Substack
All you need is Wide Events, not “Metrics, Logs and Traces”
This quote from Charity Majors is probably the best summary of the current state of observability in the tech industry - a total, mass confusion.
👎4❤1👍1
Kondense is a Kubernetes tool that allows you resize contianers in a pod based on the memory pressure.
It’s installed as a sidecar and uses real-time memory pressure to determine the optimal memory for each containers in a pod.
You can read the justification behind this tool in this Reddit post
#kubernetes
It’s installed as a sidecar and uses real-time memory pressure to determine the optimal memory for each containers in a pod.
You can read the justification behind this tool in this Reddit post
#kubernetes
GitHub
GitHub - unagex/kondense: Automated resources sizing tool for containers in kubernetes
Automated resources sizing tool for containers in kubernetes - unagex/kondense
🔥3👍1
RedHat reported a 10/10 vulnerability in the xz compression library.
The vulnerability provides remote backdoor access and present in xz 5.6.0 and 5.6.1.
There’s also an interesting discussion of this vulnerability on HackerNews:
#security
The vulnerability provides remote backdoor access and present in xz 5.6.0 and 5.6.1.
There’s also an interesting discussion of this vulnerability on HackerNews:
annoying - the apparent author of the backdoor was in communication with me over several weeks trying to get xz 5.6.x added to Fedora 40 & 41 because of its "great new features".
#security
The Register
Malicious SSH backdoor sneaks into xz, Linux world's data compression library
STOP USAGE OF FEDORA RAWHIDE, says Red Hat while Debian Unstable and others also affected
😱16👍2
For those who also had holidays.
Everything you need to know about the recent
#security
Everything you need to know about the recent
xz vulnerability in one place.#security
Ars Technica
What we know about the xz Utils backdoor that almost infected the world
Malicious updates made to a ubiquitous tool were a few weeks away from going mainstream.
👍8