The wrong way to use DORA Metrics.
If you’re not aware, so-called DORA metrics are the core metrics DevOps report is built on:
- Deployment frequency
- Lead time for changes
- Change failure rate
- Time to restore service
- Reliability
These metrics are frequently used to measure the performance of a team. So, this article highlights some pitfalls of using DORA metrics for measuring productivity, including, of course, the good old Campbell’s Law.
#culture
Читать полностью…
CatOps is more than 7 years old. I hope during this time many of you have got promotions!
Perhaps, some of you have even switched to the management track. Thus, I think this article about 10 common ways engineering managers get stuck may be interesting to you.
Also, it’s written in a peak Internet content form: a numbered list! Items on the list are:
1. Ignoring destructive behaviors
2. Trying to please everyone
3. Fighting too hard for your principles
4. Not spending time building relationships
5. Defining your role too narrowly
6. Forgetting your manager is a human being
7. Neglecting Personal Development
8. Only managing down
9. Only managing up
10. Never managing up
A description of each item is in the article.
#management
Читать полностью…
Anyone can Access Deleted and Private Repository Data on GitHub
Sounds scary, if you didn't deep dive into how git works and how GitHub hosts it.
TL;DR: If some repo can git fetch upstream - all these fetchable commits will be always accessible from this fork/main repo.
Only after the visibility of the repo changes - new commits will be not discoverable.
For more details and examples, check this article, which was brought to us from CatOps Chat.
#security #git #github
Читать полностью…
Today's donation Monday is more IT-related than ever.
NGO Aerorozvidka makes and supports many interesting stuff for the Defense Forces of Ukraine, starting from IT solutions (like DELTA), through ISTAR, to Robotics technologies.
You can choose which direction to support on aerorozvidka.ngo/donate-page or just pop-up their Monobank.
And not so long ago they celebrated their 10th anniversary.
#donations #Ukraine
Читать полностью…
CrowdStrike 🤦♂️
https://www.yahoo.com/news/live/microsoft-outage-it-crowdstrike-status-flights-grounded-latest-072117660.html
CrowdStrike is aware of reports of crashes on Windows hosts related to the Falcon Sensor.
Symptoms include hosts experiencing a bugcheck\blue screen error related to the Falcon Sensor.
Current Action: CrowdStrike Engineering has identified a content deployment related to this issue and reverted those changes.
If hosts are still crashing and unable to stay online to receive the Channel File Changes, the following steps can be used to workaround this issue.
Workaround Steps:
Boot Windows into Safe Mode or the Windows Recovery Environment
Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
Locate the file matching “C-00000291*.sys”, and delete it.
Boot the host normally.
Читать полностью…
Many years ago there was an open lecture or rather Q&A in my university by one of Facebook engineers.
He mentioned that they do not use Git, to which I was surprised and asked why. He didn’t provide a concrete answer, since it was like this when he joined.
However, this article may have an answer to why Facebook uses Mercurial instead of Git. “May” because obviously there’s just one viewpoint.
Tl;dr: because they had a unique use case as well as unique amounts of money to contribute to a custom solution. Still, it’s interesting that their initial proposal to contribute to Git was sorta declined.
So, here we are. Does it mean that you also need to switch to Mercurial to be like Facebook? No! Very likely you’re not Facebook. Moreover, I only used 1 project stored in Mercurial in my life (I’m not trying to argue that there are more).
Still, I like such articles on the topic of “tech history”. I think they help us to better understand why we are where we are and how did we get here.
#git #hg #facebook #history
Читать полностью…
The second practical part of the Helm charts testing article.
- Read in the blog
- Read on Substack
#kubernetes #helm #testing
Читать полностью…
How Wise reduced AWS RDS maintenance downtimes from 10 minutes to 100 milliseconds is an interesting story for those who do DB operations.
From time to time, it's necessary to apply changes that require downtime. However, it's unacceptable to have long "maintenance windows" nowadays. So, one has to be creative.
#dba #mariadb
Читать полностью…
In case you missed it somehow.
regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server
A newly discovered vulnerability allows a malicious actor to execute code remotely with the highest privileges on a host. CVE assigned to this vulnerability is CVE-2024-6387.
Glibc-based Linux systems are affescted.
Affected OpenSSH versions:
- OpenSSH versions earlier than 4.4p1 are vulnerable to this signal handler race condition unless they are patched for CVE-2006-5051 and
CVE-2008-4109.
- Versions from 4.4p1 up to, but not including, 8.5p1 are not vulnerable due to a transformative patch for CVE-2006-5051, which made a
previously unsafe function secure.
- The vulnerability resurfaces in versions from 8.5p1 up to, but not including, 9.8p1 due to the accidental removal of a critical component
in a function.
OpenBSD systems are unaffected by this bug, as OpenBSD developed a secure mechanism in 2001 that prevents this vulnerability.
Here's another interesting fact: "In our security analysis, we identified that this vulnerability is a regression of the previously patched vulnerability CVE-2006-5051, which was reported in 2006."
This is why you always need to have several lines of defense in your systems. Also, since I got into the industry, it was always advised not to open SSH to the world and hide it behind a VPN or such. This advice still stands. Moreover, today you have solutions in place that allow you avoiding SSH at all.
#security #ssh
Читать полностью…
Sup!
Together with UkrOps Digest we are raising funds for the UAV equipment for the Skelyar platoon of the Rubizh brigade.
Specifically, we are raising money for:
- Antenas
- Batteries
- Controller unit
- 2 sets of cables
The end goal is 150k UAH.
There is also a raffle:
1. Our defenders will sign two platoon banners. Each 300 UAH donation is a chance to win one. So, if you donate 300UAH, you get one "ticket", 600 UAH - 2 "tickets", and so on.
2. Those with top 5 highest donations will have a chance to write a message on a drone!
Vsevolod Polyakov - the author of UkrOps Digest - knows these guys personally, thus I can vouch for them as well.
🎯Goal: 150 000.00 ₴
🔗Monobank Jar
https://send.monobank.ua/jar/6k2H9iu8tN
💳 Direct card number
5375411219683781
Many thanks to y'all!
#donations#Ukraine
Читать полностью…
For today’s Donations Monday, I want to share with you a fundraiser from the Come Back Alive foundation “The second line of air defense”.
#donations #Ukraine
Читать полностью…
An article called Maybe you need Kubernetes is surprisingly not about Kubernetes.
Instead, it touches the topic of embracing the complexity of modern tech and, more importantly, how one can only progress by learning complex stuff.
As the author puts it himself:
People don’t like to hear this, but difficulty is a moat. When something gets easy, it gets cheap. If you want to be paid a lot, you need to be really good at something that’s both in-demand and hard. If it were easy, everyone would be doing it.
P.S. It's also nice to see that this article is an answer to a video on YouTube. I missed the good old polemics. It seems like online comments have killed it.
#career #kubernetes
Читать полностью…
Yet another explainer of what has happened to CrowdStrike on July 19th and more importantly, how.
tl;dr: config changes. Config changes can be dangerous too. Despite there were successful deploys between the update of CrowdStrike Scanner and the outage, it seems like a new type of config was deployed which caused the entire clusterfuck.
This line is also interesting:
June 4th, Red Hat released a KB relating to kernel panics that were caused by the Crowdstrike sensor
process. This was a bug in the Linux kernel itself, that the sensor was
triggering and wasn’t Crowdstrike’s fault. However it does prove that config that has passed the Content Validator can cause kernel panics.
UPD: I think the most important take-away here is not
what caused the outage or
how the deployment process at CrowdStrike looks like. It's the fact that problems can be obscure enough. When something goes wrong big times, it's easy to "blame" a "big thing": the whole deployment process, or code quality, or people behind the software. This is much more comforting than the idea that
any small change can cause a butterfly-effect and take your whole system down. This was true for CrowdStrike and this
is true for you as well.
#postmortem #crowdstrike #windows
Читать полностью…
UkrOps continues raising funds for the Skelyar platoon.
Right now, about a half of the goal is accumulated.
🔗Monobank Jar
https://send.monobank.ua/jar/6k2H9iu8tN
💳 Card number
5375411219683781
A link to the original message:
/channel/UkropsDigest/636
#donations #Ukraine
Читать полностью…
Today is the Sysadmin’s day. My congratulations to everyone involved!
In an episode about SRE with Denys Vasyliev there was a point that SRE is just a glorified OPS.
So, I think this ongoing book would be appropriate for today:
Reliability Engineering Mindset.
It’s ongoing and, apparently, you can subscribe to get updates.
#sysadmin #sre #books
Читать полностью…
Today I want to share with you some preparation materials for certifications:
- By Sybex Comptia
- By Packt
Also, till the end of July you can get Linux Foundation certificates with a discount!
And last but not least, some Rust books recommendations as a bonus.
#books
Читать полностью…
That was a long Friday for us... to check all the memes about CrowdStrike and Microsoft.
Anyway, there is 7 min educational video about what causes all these Windows crashes just by one badly compiled CrowdStrike file.
Читать полностью…
All of us use open source in our day-to-day life, often as tools to make living. However, there is a looming danger in the open-source community. To illustrate it, here’s a quote from the Register:
A "Youth and Open Source" panel was held at the United Nations (UN) Open Source Program Office (OSPO) for Good conference in the UN building in Manhattan. There was only one little problem with it. To quote Ruth Ikegah, a young Nigerian open source project manager, "We need more young people here because I see a lot of old people here."
With more people going into retirement like James Gosling - the creator of Java -
did recently, there is a risk of many crucial projects left undermaintained in the long run. Another quote from the Register:
As David Nalley, president of the Apache Software Foundation (ASF) and director of open source strategy at Amazon Web Services (AWS), said at the conference: "Getting people to maintain old code isn't easy. For experienced programmers, it leads to burnout, and younger developers want to make new things. Who doesn't?"
I wanted to end this post on some positive note, like “contribute to open source - it’s fun”, but sometimes it is not. So, I dunno, I don’t have a solution at hand.
#opensource
Читать полностью…
The fundraiser by UkrOps continues. It has slowed down a bit, so let’s keep it running strong!
Convert your rage into donations.
These funds will be spent on the equipment for UAV.
🎯Goal: 150 000.00 ₴
🔗Monobank Jar
https://send.monobank.ua/jar/6k2H9iu8tN
💳 Direct card number
5375411219683781
#donations #Ukraine
Читать полностью…
At last! I converted my talk from FW Days DevOps 2024 into an article in English.
You can find it in my blog or on Substack.
This is the Part I which goes through the ideas behind the testing of Helm charts. But have no fear! I learn on my previous mistakes, so the second part that walks you through the technical aspects of tests is also ready and will be published tomorrow!
Also, you can still watch the video of my talk on the FW Days conference (in Ukrainian). It has basically the same content as the articles.
Enjoy!
#kubernetes #helm #testing
Читать полностью…
Convert your rage into donations.
Together with UkrOps Digest we are still raising funds for the Skelyar platoon. These funds will be spent on the equipment for UAV. Right now, we have 1/3 or the required sum.
🎯Goal: 150 000.00 ₴
🔗Monobank Jar
https://send.monobank.ua/jar/6k2H9iu8tN
💳 Direct card number
5375411219683781
#donations #Ukraine
Читать полностью…
Today's Friday, so we can talk about some more relaxed topics.
Your Company's Problem is Hiding in Plain Sight - High Work-In-Progress (WIP) is a good reminder that working on everything everywhere all-at-once is a bad idea. I'd like to bring up this topic, because I think this issue is even more prevalent in platform teams.
What I missed in this article is some advices on how to address the issue in a controlled fashion: how to properly calculate it and "sell" to the management. Still, you can get some ideas from the discussion on Reddit.
So, as a bonus, I'd also like to share these two articles:
- One is on the Little's Law
- The second one is on the cost of context switching
P.S. I'm in that age when I really regret slacking out at the Queuing Theory lectures in the university :\
#culture
Читать полностью…
A reasonable article on how to provide meaningful feedback. Specifically, on how not to be afraid to provide meaningful feedback.
You may already know many of these points, but it won't hurt to re-read them. Also, this is one of the cases where actual practice weights more than theory.
P.S. The original article seems to be behind a paywall, but I was able to read it just fine via Pocket. In any case, here are the tl;dr points provided by the author himself:
Way before giving feedback…
- Build a relationship with the other person - This starts the path of giving feedback to someone like it’s your close friend. Good relationship = easy feedback.
- Share that you are open to receiving feedback - This results in the other person seeing you are growth-minded and often leads to them asking for feedback too.
- Give positive feedback first - This helps build a positive relationship and ensures the other person knows you are on their side and looking out for them.
When you do need to give feedback, follow the feedback process…
- Look inward first. Know your intent - Ensure you are sharing the feedback for the right reason. Not to vent, but to help the other person.
- Get permission - When in doubt, confirm with the other person. This allows them to opt in and prevents backlash.
- Show you care - The most important step. Let them know the reason you are sharing is because you care.
- State your observations - Stick to the facts of the situation. These should hardly be debatable. Call out the common problem.
- Explain the impact - Help the other person understand why it matters. Is it impacting you, others, or the business?
- Get their thoughts - You’re solving a problem together. Get their take on it.
- Align on next steps - Ensure it’s clear what to do moving forward.
#culture #feedback
Читать полностью…
Ruby was the first programming language I tried to consciously learn. Meaning, it wasn't a part of a university curriculum or something.
Despite not using it for many years, I still have some warm feelings towards this language. In this article Lucas Seiki Oshiro argues that Ruby is good for shell scripts as well.
Ruby is strongly associated with the Rails framework. So, I think this article is a good reminder that programming languages are more than just frameworks.
#programming #ruby
Читать полностью…
Programming skills are essential for work in tech. So, here is a book bundle by Pearson with some books that may help you with those skills.
#books #programming
Читать полностью…
As Charity Majors put it: "Nines do not matter if your users are unhappy". At the same time, nines do not matter if your users do not care.
This small article is a friendly reminder about the cost of adding nines to your SLOs.
P.S. There are some other interesting articles in that blog, BTW.
#slo
Читать полностью…
5629
