CatOps

10 Feb 2023 12:45

Green Metrics is a tool to measure energy impact and CO2 equivalent of your workloads. This is still an experimental tool, so don't run it in production, please.

Yet, I still want to share it because there's a visible shift in the industry from "just give it more cloud instances" towards resource optimization.

Another example is AWS using Rust for many of their core products to achieve their sustainability goals.

Also, there was a dedicated Energy track on FOSDEM, the first time in its history.

There are multiple driving factors for this shift. Funny enough, one of them being COVID. As a speaker from Meta (Facebook) said: "We would have been happy to add more servers, but there were no more servers because factories in China were closed due to COVID too".

#sustainability #enegry #aws

CatOps

08 Feb 2023 17:44

So, I was out for some time because both FOSDEM and Cfgmgmt Camp conferences are back offline.

Here you can find some notes from a friend of mine on some talks from the Go devroom:
- Summary “Five Steps to Make Your Go Code Faster & More Efficient”
- Summary “Squeezing a go function”
- Summary “Recipes for reducing cognitive load”

I need some time to process both conferences and write something on my own. I'll try to do it this week, but no commitments.

Also, a lot of FOSDEM videos are already available online. You can check them out on the official website.

#slides #go #programing

CatOps

02 Feb 2023 12:54

Charity Majors argues in her article that taking job hierarchy too close to your heart is problematic. We all want to get promotions and have our contributions recognized. However, this is not a race to the bottom. Getting a position that you hate just because it’s higher in the hierarchy can be damaging to your wellbeing.

I think this is an important thing. I know many folks, who strive for “higher” positions not because they want to make an impact, but because “this is how the world works”. Also, I know situations when people are in the positions they’re not qualified for, but they’re just “too long with the company”, etc.

The main argument is that it’s totally fine to be an engineer and stay on the individual contributor’s track.

There are a couple of advices from Charity on how to make this work:
- Treat work hierarchy not as a ladder, but as a data structure: the hierarchy represents, who does what, but not who is “cooler”
- Involve engineers into the decision making process. If becoming a manager is the only way to make your voice heard, you’re in a wrong organization
- Flatten compensation ranges: it’s not necessary for the managers to earn more than individual contributors. In fact, it can be the opposite in many cases
- Be transparent and make sure that people understand not only what do they do, but also why. It’s not the amount of work that makes people burn out in many cases, but a feeling of meaningless of that work.

#culture

CatOps

30 Jan 2023 14:07

Happy Monday!

Here's the next "Donations Monday" updates, and I want to share with you the UA Responders foundation.

They mostly specialize in tactical medicine, but also cover other urgent needs.

How do I know them: my wife is helping them with some organizational stuff and my classmate takes care of their warehouse logistics.

They also have registration in Poland, so you can donate via IBAN in Zloty. However, there are other ways such as PayPal available as well.

P.S. A message for all the salespeople from ruzzia, who think this is a good idea to come to my dm and ask to promote your shit: go fuck yourself!

#donations #Ukraine

CatOps

28 Jan 2023 13:07

Notify is a simple Go library to send notifications to various channels e.g. popular messengers, social apps and message services such as SNS.

You can find the list of all supported destinations as well as an example of usage in the README.

#programming #go

CatOps

26 Jan 2023 12:16

​​Your SSO session can be stolen.

At least Grammarly, with their white partner prepared an internal phishing attack and get access to their OTP SSO session.

As a result, they choose to move to FIDO2, to prevent the possibility of that attack vector.

More about the attack and why choose FIDO2 in Part 1.
About implementation and problems - in Part 2.

#security

CatOps

23 Jan 2023 12:52

A new Monday column!

As you might have noticed, each CatOps post
has a button which leads to the page with various links on where to
donate and how to support Ukraine in other ways.

There are the
links to big foundations, which is fine. Those folks have earned their
reputation. However, I want to help my friends, who also gather
donations for AFU. Those are people I know personally and I want to help
them not just monetary, but with some visibility as well.

So, Pavlo and Naya are gathering funds for various needs, but mostly recon drones and other electronics.

You can follow each of them on Twitter to get updates on each round of donations.
- Pavlo
- Naya

Their requisites for donations:

- Pavlo
- Naya

Thank you for your help!

#donations #ukraine

CatOps

21 Jan 2023 11:56

My ISP decided to make me a digital detox but now my connection is back, so I can resume posting again!

Here’s a nice Twitter thread by Daniele Palencic about how a Kubernetes Ingress controller works. There’s also an unrolled version, if you prefer it this way.

Btw, I highly recommend subscribing to Daniele. He has some wonderful content on Kubernetes and also he has workshops on learnk8s.io

#kubernetes

CatOps

13 Jan 2023 17:43

Fluent Bit 2.0.0 with support for traces is released!

It means that now Fluent Bit fully integrates with systems like Prometheus and OpenTelemetry natively.

#observability

CatOps

10 Jan 2023 11:55

Sup! I'm back from vacationing.

First, I wanted to share something serious and fundamental-ish as the first post of the year. Unfortunately, I haven't read anything worthful yet :\

So, I want to share an episode from the ShipIT podcast, which is called "Fundametals". It was published a while ago, but I listened to it just recently.

I think it fits perfectly my idea to start this year on CatOps with something more interesting than just a link to a tool, etc. Enjoy!

BTW, this episode is also available on the major streaming platforms (I listened to it on Spotify). I won't provide the links, though, because I don't know which platform do you use. Also, their website has a transcript. So, if you prefer reading to listening, it's possible as well.

#podcast

CatOps

29 Dec 2022 12:15

cURL is going to support an output of server certificates in PEM format using -w (write-out) options.

Support for these new -w variables has been merged into curl’s master branch and is scheduled to be part of the coming release of curl version 7.88.0 on February 15th, 2023.

CatOps

23 Dec 2022 16:00

I like graphical representations of complex systems.

So, here you are: a zine-like scheme of the RAFT consensus algorithm

#raft #zine

CatOps

20 Dec 2022 14:56

Disk encryption in AWS is close to useless and potentially harmful.

No, it’s not like AWS is going to do anything with your data.

tl;dr: Encryption at rest protects you from cases when someone steals your disk. However, such an attack vector is so hard in a cloud environment that it’s completely worthless for an attacker.

However, the correct implementation of the encryption at rest will take time and effort that you can put into real risk mitigation and security hardening instead.

#security #aws

CatOps

17 Dec 2022 11:04

Last week we recorded one of our usual voice chats as a test. So, more people who were unable to join because of blackouts could listen to it.

Moreover, the topic of our voice chats was: “How to work without electricity, Internet access, and utilities”.

Although, we have touched other topics as well, as it usually happens:
- Starlinks and external antennas
- M1/2 MacBooks
- Ancient communication technologies

The recording is in Ukrainian and available on:
- YouTube as a static image
- Spotify
- Apple Podcasts
- Google Podcasts
- Anchor

Enjoy!

#voice #говорилка

CatOps

12 Dec 2022 12:44

A quite old article on debugging a NodeJS AWS Lambda function.

Yet, I still want to share this one, because even if you don‘t have NodeJS functions specifically, the article has some insights on how to debug Lambda functions in general.

Also, there some take away points that would be relevant for any HTTP workload, not just JS.

#aws #serverless

CatOps

09 Feb 2023 16:46

Ok, folks. Now, it's my time to post a recap from Fosdem and Configuration Management Camp conferences.

You can find it on Substack or in my blog.

Also, I would appreciate it if you subscribe to my substack! I consider moving my writing activities there and keep the blog only as a markdown backup.

Unfortunately, I don't write that often, but hey, it's free to subscribe!

#slides #fosdem #cfgmgmt_camp #event

CatOps

06 Feb 2023 11:36

As you may have noticed, there were not that many posts in the recent days. I even missed the newsletter (there will be one, no worries). And generally I may not post much this week.

Yet, the Monday donations post is a must.

So. Musicians Defend Ukraine is a fund created by the folks from Ukrainian music industry. One of them is a good friend of mine (shout-out to Kontrabass Promo!)

If you always dreamed to be a musician but ended up in engineering somehow, do not hesitate to donate! Actually, do not hesitate to donate regardless your relationship with music.

#donations #Ukraine

CatOps

31 Jan 2023 12:22

terraform-hcloud-kube-hetzner
is a Terraform module to create a lightweight Kubernetes cluster in the Hetzner cloud. It's based on openSUSE MicroOS and k3s Kubernetes distribution.

I'm not a big fan of Hetzner for many reasons, but if you need to run a cluster for cheap, this might be a viable solution for you.

P.S. This tool was initially shared in the CatOps chat (the chat is in Ukrainian). Feel free to join, if you like to! We also have voice rooms in open spaces format there to discuss various topics
from time to time.

#hetzner #kubernetes #terraform

CatOps

29 Jan 2023 14:33

The first CatOps newsletter issue of 2023 is live!

#newsletter

CatOps

27 Jan 2023 12:32

Folks at Cloudflare describe how they work with Terraform there.

This article contains some examples of using Cloudflare's Terraform provider, so those might be handy if you're using their product.

Also, there's a controversial opinion about the usage of Tf modules. This article claims that one should avoid modules, because they decrease clarity in the long run. Like, if you have multiple environments or accounts, or applications that are similar but slightly different from each other, the cardinality of modules' variables may become unbearable.

I won't comment on this. I think this is one of those cases, when context matters the most. Such an approach may suit you or may not. You need to decide whether you'd better use modules or not yourself.

#terraform

CatOps

25 Jan 2023 10:00

A short article on how to deploy an application into multiple Kubernetes clusters using ArgoCD. And also Vcluster and Kyverno.

It starts with cluster creation and walks you through the whole thing up to a running app. An interesting point for me was an ability of Kyverno to create resources based on event. I didn’t know about this ability and it seems very powerful (now, I’m wondering if one can create a resource in a cluster by an event in another using Kyverno).

However, I’ve missed some things here as well. It’s not like an example is a “hello world” one, it’s fine. Yet, I would appreciate it, if there were more in-depth glance into Argo. How does it manage an app in several clusters? Can one use multiple clusters for HA purposes, but abstract an app via Argo? What would happen if one needs an odd number of replicas, how is it going to be distributed between clusters?

If you know the answer, I’d be happy to have a chat with you. Also, if you have an article on that, I would happily check it out and also share it here!

#kubernetes #argocd

CatOps

22 Jan 2023 14:38

Usually, Sundays are for the newsletter. However, there was not that many posts on CatOps yet due to holidays and other stuff.

Yet, here’s another digest. Or more precisely, a list of articles about Internal Development Platforms aka IDPs, things such as Backstage.

There are articles starting from 2019 and the most recent one is from 2023!

#idp

CatOps

15 Jan 2023 11:32

A couple of days ago I attended a CNCF meetup here in Berlin (full recording is available on YouTube). So, I want to share some things that were presented there.

- NeuVector - an open-source security solution for Kubernetes recently bought by Suse. It has UI, so one can do click-ops if they want, but one can then export all the rules into custom definitions and apply in any other cluster. Obviously, you can configure NeuVector using only YAML as well. Feel free to explore their GitHub. Although, the website has more information about the tool.

- Tetragon - another real-time observability/security tool based on eBPF by the developers of Cilium. It doesn’t do CVE scans like NeuVector, but provides some real-time visibility and rules enforcement. Also, it doesn’t have a fancy UI.

- Cilium service mesh. It’s also based on eBPF. Check it out if you want to have a service mesh, but not sure about heavyweight solutions like Istio.

- Despite that several Cilium-based tools I mentioned before, the second talk was about the Cilium Cluster Mesh. It’s not new, but this solution looks very promising, especially if you’re running multiple clusters for HA or multi-region purposes.

#Kubernetes #security #networking

CatOps

11 Jan 2023 10:11

A new OPS-ish books collection from Humble Bundle - Linux and Sysadmin Tools.

As usual, you can pay a little bit more than €17 to unlock the whole bundle of 15 books.

Speaking of the books I can see there, I’ve heard that “Linux Pocket Guide” by Daniel J. Barrett is a good entry level book. Also, I’ve heard that “Linux System Programming” by Robert Live is good, although a little bit too specific. I’m personally interested in the AWK book the most. I use it in my day-to-day work quite frequently and I feel like I still too far away from its true potential.

#books

CatOps

31 Dec 2022 20:31

​​З Новим Роком, коти!

Happy New Year!

CatOps

28 Dec 2022 12:18

A nice overview of how Docker works on non-Linux hosts as well as an explanation, why I/O operations are so slow. Plus, some hints on how to make it faster for the local development.

tl;dr. Because Docker requires Linux capabilities, thus is has to have Linux VM to run Linux-based images on MacOS and Windows. This VM shares filesystem with the host, which is slow. There’s a new implementation VirtioFS, which is faster, but still not ideal.

We briefly discussed ways of running Docker on the new M-based Macs on our previous voice chat and this article has links to some tools we mentioned there, specifically: Rancher Desktop and Colima.

Also, I recall developers at my previous job complaining about slow-ish Docker performance, but IIRC VirtioFS was not widely adopted back then.

#docker #linux

CatOps

21 Dec 2022 15:39

Monokle CLI is yet another tool to validate cnfiguration for the objects in your
Kubernetes clusters. It's a part of a bigger Monokle project and can be used as a CLI and integrated into your CI/CD pipeline.

For now it can validate:
- YAML syntax
- The schemas of your YAMLs against a configurable K8s version
- Links/references between Kubernetes resources
- A set of predefined OpenPolicyAgent (OPA) policies
- Custom rules written in typescript

Also, it looks like there's an active development around this tool at the moment. So, let's see, how it goes.

#kubernetes

CatOps

19 Dec 2022 14:33

The new issue of the CatOps Digest came a little bit later, but it’s here now 🎉

#newsletter

CatOps

13 Dec 2022 13:42

An “Awesome SLOs” list.

Books, articles, videos, and more.

Also, it’s open source, so feel free to contribute!

#slo #observability

CatOps

06 Dec 2022 17:03

Here’s an article on Currying in Go. Currying is a technique borrowed from the functional programming. It’s essentially a partial implementation of a function.

Anyways, I find such articles interesting, because they show some unconventional angles of a language. I haven’t personally used currying in Go yet. However, examples in that article look reasonable. Maybe, one I day I will try it.

I’m not saying that you should use this technique in your code, but maybe you find it useful. In the latter case, you’re welcome!

#go #programming