CatOps

2022-02-02 13:15:34 Information from our chat.

Be careful committing to SOPS for your secret management.

It looks like they're looking for maintainers at the moment, which means that this project is not supported right now to a degree it was before.

P.S.: If you want to share any interesting information, feel free to join our chat! Although, keep in mind that a mix of Ukrainian and Russian is used there.

#security Открыть/Комментировать

2022-02-01 18:07:01 So, if you want to know, how the real serverless looks like, here you are.

WebVM allows you to run fully functional Debian virtual machine in your browser.

The article provides an overview of the technology as well as the things that make this possible.

Obviously, there are not many businesses implementations for this at the moment, but I see great potential in it.

#serverless #wasm Открыть/Комментировать

2022-02-01 12:16:28 Consul API Gateway is now in beta.

It also got TCPRoute Support as well as now it's supported in the official Helm Chart.

There is also a new learning material for you to take a closer look at it.

#hashicorp #kubernetes #networking #consul Открыть/Комментировать

2022-01-28 13:57:21 Some Friday material.

This short article is a perfect analogy for programming and systems design in general! Открыть/Комментировать

2022-01-27 15:25:50 And another security update comes from Let's Encrypt.

Let's Encrypt will revoke all active certificates that were issued and validated with the TLS-ALPN-01 challenge before 00:48 UTC on 26 January 2022. Because of a bug, those certificates are considered mis-issued.

They estimate this is <1% of all active certificates, so it's not that bad, though.

#security #tls Открыть/Комментировать

2022-01-26 11:17:48 It's time to patch node OS for your Kubernetes clusters. If you manage nodes on your own, of course.

CVE-2022-0185 can allow a container in Kubernetes to escape using unshare Linux command. Usually, it's blocked by Docker's seccomp filter, which is disabled by default in Kubernetes.

#kubernetes #security Открыть/Комментировать

2022-01-25 20:32:19 RedHat presented their own minimal Kubernetes distribution targeted at edge devices - MicroShift.

Functionally, MicroShift repackages OpenShift core components into a single binary that weighs in at a relatively tiny 160MB executable (without any compression/optimization).

As a monolith, it provides an “all-or-nothing” start/stop behavior that works well with systemd and enables fast (re)start times of a few seconds.

So first of all, you can now install OpenShift on a Raspberry Pi as a single binary. Secondly, your car will probably run Kubernetes in the nearest future.

#kubernetes #OpenShift #RedHat Открыть/Комментировать

2022-01-25 12:00:12 Just a friendly reminder that we still have our Kubernetes survey form opened!

We would appreciate it if you can spend some time filling it!

Cheers!

#kubernetes Открыть/Комментировать

2022-01-24 15:05:12 If you haven’t read a Roblox’s postmortem on October‘s 73-hour outage, you definitely should!

Even though this event happened in October, the postmortem was released just a few days ago. And in this case, this is a very good decision! Especially, because this write up provides a detailed analysis on what happened at that time and what chain of events caused that.

It‘s cool to read postmortem the next day after an outage - we are all curious human beings. Unfortunately, those postmortems usually they are lacking many details. This is understandable: it‘s not enough time for a thorough analysis, also your team is probably already tired.

In this case, though, you can have a detailed overview of what happened as well as plans to prevent this chain of events happening again. Moreover, with some plans already implemented.

It‘s a pity that not may companies do similar postmortems. And I must say that this is probably in their disadvantage either. After reading this document I have a feeling that Roblox is a cool place to work, TBH.

#postmortem #hashicorp #consul Открыть/Комментировать

2022-01-22 17:00:44 New AWS white paper with guidance for implementing WAF

#aws #security Открыть/Комментировать