An article from Gremlin shares reliability recommendations for organizations adopting Kubernetes—urging teams to proactively test failure modes (e.g., simulate liveness probe failures, pod blackholes), learn from incidents, and implement resilience pipelines with tools like Gremlin's “Detected Risks” and reliability scorecards
https://www.gremlin.com/blog/reliability-recommendations-when-adopting-kubernetes
https://www.gremlin.com/blog/reliability-recommendations-when-adopting-kubernetes
Gremlin
Reliability recommendations when adopting Kubernetes
General reliability best practices when adopting Kubernetes.
❤1👍1
A writeup on DZone discusses maintaining alignment between two multi-master databases using a vector clock approach—employing asynchronous bi-directional message queues (via Kafka and Avro) and identical alignment algorithms on both sides
https://dzone.com/articles/keeping-two-multi-master-dbs-aligned-with-vector-clock
https://dzone.com/articles/keeping-two-multi-master-dbs-aligned-with-vector-clock
DZone
Keeping Two Multi-Master Databases Aligned With a Vector Clock
In this article, learn about an experience in keeping two different databases aligned with two different technologies by using an application-level solution.
A post by Yorick Peterse provocatively argues that asynchronous I/O—despite its efficiency gains—may be the “next billion‑dollar mistake,” tracing its complexities in both programming models (cooperative vs preemptive) and runtime implementations
https://yorickpeterse.com/articles/asynchronous-io-the-next-billion-dollar-mistake/
https://yorickpeterse.com/articles/asynchronous-io-the-next-billion-dollar-mistake/
👍2
A guide by Eric Carter unveils how Sysdig’s AI Workload Security for AWS can automatically detect usage of Amazon Bedrock, SageMaker, and Q—identifying real-time risks like unauthorized access, data tampering, and public exposure
https://sysdig.com/blog/ai-workload-security-for-aws/?ck_subscriber_id=2797503477
https://sysdig.com/blog/ai-workload-security-for-aws/?ck_subscriber_id=2797503477
👍2
A blogpost by Rami McCarthy and Daniel Grzelak humorously critiques AWS's inconsistent deletion patterns, highlighting how various services employ different confirmation mechanisms—ranging from typing “delete” to scheduling deletions. They explore how these inconsistencies can lead to accidental deletions and suggest that AWS could benefit from a more standardized approach .
https://awssecuritydigest.com/articles/eleventeen-ways-to-delete-an-aws-resource?ck_subscriber_id=2797503477
https://awssecuritydigest.com/articles/eleventeen-ways-to-delete-an-aws-resource?ck_subscriber_id=2797503477
Awssecuritydigest
Eleventeen ways to delete an AWS resource
Deleting stuff in AWS brings us great joy. Lucky there are infinite ways to do it!
❤6
KevisAlex’s “Interpreting Terraform Plan Outputs with the Help of an LLM” demystifies how large language models can translate Terraform’s complex plan data into practical insights. This blogpost guides DevOps teams through clear, step-by-step examples to streamline infrastructure as code workflows.
https://medium.com/@KevsAlex/interpreting-terraform-plan-outputs-with-the-help-of-an-llm-8f9824c63ecd
https://medium.com/@KevsAlex/interpreting-terraform-plan-outputs-with-the-help-of-an-llm-8f9824c63ecd
Medium
Interpreting Terraform Plan Outputs with the Help of an LLM
So, you’ve got a Terraform plan output in front of you. It’s filled with lines of code that look like a language only your computer…
❤1👍1
Recently, I received a message from a recruiter about an open position. We chatted, I sent my CV, and after a week they asked about my desired salary. Then they set a time to sign an NDA before any interview. That was my first warning sign.
I read the NDA carefully and found a few red flags worth sharing (my personal view, not legal advice):
Very broad definition of “Confidential Information.”
The NDA says “Confidential Information” means “any and all information…in whatever form,” including “business plans, forecasts, projections, analyses, compilations, records and other materials” . This could cover even simple chat notes - so you might break the agreement just by asking a normal question.
Three‑year term.
The NDA stays in force for three years from signing . For a one‑time interview, this long period seems too much. It could stop you from working on similar projects elsewhere for a long time.
Foreign jurisdiction.
All disputes must go to the DIFC Courts in Dubai under DIFC law . If you disagree, you could face high travel and legal costs to defend yourself there.
No warranties on information.
The NDA states there are no promises about the accuracy or completeness of the shared information . Yet if you accidentally misuse something, you are fully responsible.
Surprise timing of the NDA.
The recruiter never mentioned the NDA at the start. It only appeared at a late stage - after salary discussions and interview timing agreement. That “tricky” timing feels like a hidden catch.
Always read an NDA line by line. Ask:
- “What exactly counts as confidential?”
- “Why is the term so long?”
- “Am I okay with this jurisdiction?”
A few clear questions now can save you big headaches later.
Have you ever reviewed an NDA with similar points? What questions did you ask before signing?
I read the NDA carefully and found a few red flags worth sharing (my personal view, not legal advice):
Very broad definition of “Confidential Information.”
The NDA says “Confidential Information” means “any and all information…in whatever form,” including “business plans, forecasts, projections, analyses, compilations, records and other materials” . This could cover even simple chat notes - so you might break the agreement just by asking a normal question.
Three‑year term.
The NDA stays in force for three years from signing . For a one‑time interview, this long period seems too much. It could stop you from working on similar projects elsewhere for a long time.
Foreign jurisdiction.
All disputes must go to the DIFC Courts in Dubai under DIFC law . If you disagree, you could face high travel and legal costs to defend yourself there.
No warranties on information.
The NDA states there are no promises about the accuracy or completeness of the shared information . Yet if you accidentally misuse something, you are fully responsible.
Surprise timing of the NDA.
The recruiter never mentioned the NDA at the start. It only appeared at a late stage - after salary discussions and interview timing agreement. That “tricky” timing feels like a hidden catch.
Always read an NDA line by line. Ask:
- “What exactly counts as confidential?”
- “Why is the term so long?”
- “Am I okay with this jurisdiction?”
A few clear questions now can save you big headaches later.
Have you ever reviewed an NDA with similar points? What questions did you ask before signing?
😱11🔥3👍2🤯2❤1
AWS Senior Solution Architect Specialist Sébastien Allamand outlines how Amazon VPC Lattice combined with EKS Pod Identity IAM session tags enables secure communication across multiple Kubernetes clusters. This post demonstrates encryption in transit, fine-grained attribute-based access control, and Envoy sidecar proxies to simplify cross-cluster connectivity.
https://aws.amazon.com/blogs/containers/secure-cross-cluster-communication-in-eks-with-vpc-lattice-and-pod-identity-iam-session-tags/
https://aws.amazon.com/blogs/containers/secure-cross-cluster-communication-in-eks-with-vpc-lattice-and-pod-identity-iam-session-tags/
Amazon
Secure Cross-Cluster Communication in EKS with VPC Lattice and Pod Identity IAM Session Tags | Amazon Web Services
This blog was authored by Sébastien Allamand (Sr. Solution Architect Specialist, Containers). This blog has also been translated into Portuguese here. Solution overview When you create your applications and want to expose internal API endpoints, you can build…
👍1
In “Using Go Instead of Bash for Scripts,” Krzysztof Kowalczyk showcases how Go programs can supplant traditional shell noscripts for running, testing, and deploying applications. This tutorial outlines a single multi-purpose Go command-line tool with flags and helper functions for process execution, file handling, and environment management.
https://blog.kowalczyk.info/article/4b1f9201181340099b698246857ea98d/using-go-instead-of-bash-for-noscripts.html
https://blog.kowalczyk.info/article/4b1f9201181340099b698246857ea98d/using-go-instead-of-bash-for-noscripts.html
blog.kowalczyk.info
Using Go instead of bash for noscripts
❤3
This article explains how AWS’s open-source Bottlerocket OS strips away unnecessary components to provide a lean, secure foundation for running containers at scale. It highlights integration benefits with services like EKS and lays out performance, security, and operational gains for cluster operators.
https://aws.amazon.com/blogs/containers/benefiting-from-bottlerocket-an-open-source-container-optimized-operating-system/
https://aws.amazon.com/blogs/containers/benefiting-from-bottlerocket-an-open-source-container-optimized-operating-system/
Amazon
Unlocking Benefits with Bottlerocket: A Purpose-Built Container OS | Amazon Web Services
Post updated on Nov 26, 2024. This post discusses Bottlerocket, a Linux-based open source operating system that is purpose-built for running containers. We will walk through fleet management at scale and how users can benefit from it. We will also share the…
❤5
In this blogpost the AWS Containers team walks through a real-world scenario, showing how to streamline container deployment pipelines using native AWS tooling and best practices. Readers gain practical guidance on automating builds, scaling workloads, and monitoring production clusters with minimal overhead.
https://aws.amazon.com/blogs/containers/16532-2/
https://aws.amazon.com/blogs/containers/16532-2/
Amazon
How to Run WebAssembly on Amazon EKS | Amazon Web Services
WebAssembly (Wasm) is a revolutionary technology that promises to bring near-native performance to web applications. However, its potential extends far beyond the browser, enabling developers to run Wasm workloads in various environments, such as cloud-native…