Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about how companies face the increasing occurrence of security threats in Cloud Native applications.
1. In a world of containers, threats can be hard to spot; a badly configured Docker instance, for example, might expose a weakness which, when exploited, allows attackers to build malicious images containing any kind of payload they want. Fascinating (even if scary) find by the Aqua Security team. You might want to read their latest research report, by the way.
https://blog.aquasec.com/malicious-container-image-docker-container-host
2. A few days ago we received notification of CVE-2020-15598, a „Denial of Service vulnerability in the underlying ModSecurity engine“. Affecting one of the most popular open source application firewalls, this vulnerability allows for low complexity attacks of potentially high impact.
https://coreruleset.org/20200914/cve-2020-15598/
3. The Swiss cloud security scene is very active, which is not surprising given the huge number of financial institutions around here. For professionals interested in securing this sensitive ecosystem, two resources: first, a handy set of KPIs to follow; and second, a ticket to the (online) Swiss Web Security Day 2020 co-organized by our friends at SWITCH and scheduled for October 28th.
https://www.eventbrite.de/e/swiss-web-security-day-2020-tickets-97289416263
4. If you’re a Thunderbird user, you should upgrade to version 78 as soon as possible; this new version is not compatible with Enigmail anymore, instead including a built-in OpenPGP feature. We’re big, big fans of Thunderbird in VSHN, and now even more.
https://blog.thunderbird.net/2020/09/openpgp-in-thunderbird-78/
5. The tool of the week is Veeral Patel’s „How to Secure Anything“ compilation of documents, papers, and guidelines. An absolute treasure with plenty of interesting information.
https://github.com/veeral-patel/how-to-secure-anything
Which strategies do you use to keep your systems secure? How do you balance the flexibility required by DevOps teams with the rigidity of security regulations? Would you like to share something with the community? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.
PS: would you like to receive VSHN.timer every Monday in your inbox? Subscribe to our new VSHN.timer newsletter!
PS (again): We have published quite a few VSHN.timer entries dedicated to security, check them out:  #8, #17, #22, #27, #32  and #54.

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about how companies keep an eye on AWS costs while deploying multi-cloud solutions.
1. One of the most common issues companies face when using cloud services it the risk of runaway costs. If you’re in the market for cheap EC2 instances, you might want to do it „the hacker way“ with this excellent service and API.
https://ec2.shop/

The cloud is horrible. Just discovered we accidentally left a GPU instance running that billed us $3000. https://t.co/sZ2SphRLSw

— Brad Dwyer {🏗} (@braddwyer) September 9, 2020

2. How about being notified about the potential costs of your Terraform or AWS deployments… right at the moment of submitting a pull request? That’s what Infracost proposes, and it’s a terrific idea to keep your credit card balance under control.
https://www.infracost.io/
3. „HEY“ is the new hot e-mail app of the moment, made by the Basecamp team. Besides their recent clash with Apple, they’ve also made the headlines about their multi-cloud setup. A Cloud Guru published an interview with Blake Stoddard, engineer at HEY, explaining their stack in detail. Interesting perspective around an architecture some argue is an anti-pattern.
https://acloudguru.com/blog/engineering/scaling-the-hottest-app-in-tech-on-aws-and-kubernetes
4. One of the biggest issues with multi-cloud setups is integration and synchronization across workloads. One possible solution is Triggermesh, and Sameer Naik from Rancher recently explained how to integrate events generated by Triggermesh Sources for AWS (SAWS) into Rancher clusters.
https://rancher.com/blog/2020/integrate-aws-service-with-triggermesh/
5. The demand for Kubernetes services is pushing platform providers to adapt. AWS recently published the AWS Controllers for Kubernetes (ACK), a tool that allows developers to control AWS services directly from Kubernetes deployments.
https://aws.amazon.com/blogs/containers/aws-controllers-for-kubernetes-ack/
How do you keep track of costs for your cloud services? Have you deployed multi-cloud services yet? Are you using Kubernetes in AWS? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.
PS: would you like to receive VSHN.timer every Monday in your inbox? Subscribe to our new VSHN.timer newsletter!

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about the myriad of programming languages you can use to power your Cloud Native apps. And yes, the pun in the title is incomplete 😉
1. There’s often two sides to the equation of writing Cloud Native apps: the backend and the frontend. For the frontend, the choice seems rather limited to JavaScript. Or is it? The truth is, thanks to projects like Babel, there’s a lot of choices for your frontend developers: Python, F#, Smalltalk, Objective-C, and yes, even PHP, which is, as the project explains, „expanding Atwood’s Law„!
https://gitlab.com/kornelski/babel-preset-php
2. The name of the Babel project could not be more appropriate: migrating apps from one programming language to another is a major task. It’s no surprise that Facebook is using Machine Learning to automatize this situation, in a project called TransCoder. Like Deepl but for programming languages.
https://ai.facebook.com/blog/deep-learning-to-translate-between-programming-languages/
3. Did you know that Go 1.15 was released last month? We join the one and only Kelsey Hightower in a celebration of the most widely used programming language in the Cloud Native landscape, and we watch its future evolution with great attention (which might include generics?)
https://blog.golang.org/go1.15

The Go programming language is at the foundation of some amazing open source projects. Just to name a few:

Terraform
Docker
Kubernetes
Etcd
Prometheus
CockroachDB
NATS
Vault
Caddy
Open Policy Agent pic.twitter.com/9QXzq14yuS
— Kelsey Hightower (@kelseyhightower) August 12, 2020

4. Krishna Sundarram recently taught us of the existence of at least two computer games simulating a software engineering process. You read that right: Shenzhen I/O and Factorio.
https://blog.nindalf.com/posts/factorio-and-software-engineering/
5. The tool of the week is WienerScript. To our VSHN.timer readers in Vienna, Austria: rejoice. To our Schwiiiiitzertütsch-speaking readers: where’s our SchwiiizerScript?
https://github.com/pichsenmeister/WienerScript
What other languages do you use to create your cloud native apps? Have you played Shenzhen I/O or Factorio? What was the word we omitted from the title of this post? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.
PS: would you like to receive VSHN.timer every Monday in your inbox? Subscribe to our new VSHN.timer newsletter!
PS (bis): Check out our previous VSHN.timer editions about programming languages: #50, #30 and #18.

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to review some of the places our favorite captain has been during summer 2020.
1. What happened this last summer? Lots of things. The release of Kubernetes 1.19; the rewrite of k3d from scratch; Loodse became Kubermatic; and the recent announcement of the new Contributor Website, aimed to become „the one stop shop for Kubernetes contributor content and news.“ It’s hard to keep up!
https://www.kubernetes.dev/blog/2020/08/24/announcing-the-contributor-website/
2. Do you need Kubernetes? That’s the million dollar (or rather, Swiss francs) question these days. Thankfully Alex Hewson decided to write down the reasons why anyone should consider Kubernetes for their production workloads… or not.

3. If your team decides that indeed, Kubernetes is the way to go, you will need some examples to get started, and others to keep going. This GitHub repository contains a curated list of ready-to-use YAML files, showcasing the most important use cases and features of almost every Kubernetes installation.
https://github.com/ContainerSolutions/kubernetes-examples
4. The Kubernetes developer experience involves lots of YAML, kubectl, patience, rinse and repeat. Can these cycles be shortened? John Reese from Plex Systems thinks that verifying policies with Conftest are the solution, and he was kind enough to explain it all in detail.

5. The tool of the week is kconmon by Karl Stoney, a „Kubernetes node connectivity tool that preforms frequent tests, and exposes Prometheus metrics that are enriched with the node name, and the locality information (such as zone), enabling you to correlate issues between availability zones or nodes.“
https://github.com/Stono/kconmon
How do you pronounce the word „Kubernetes,“ anyway? Do you verify your deployments with policies? Would you like to share other Kubernetes news with the community? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.
PS: would you like to receive VSHN.timer every Monday in your inbox? Subscribe to our new VSHN.timer newsletter!

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about tools, tips, and tricks to write Kubernetes Operators.
1. One of the primary mechanisms to create Kubernetes Operators is through the Operator Framework created by Red Hat, closely related to their Operator Hub. And the definitive guide to learn how to write powerful, maintainable operators is O’Reilly’s „Kubernetes Operators“ book by Jason Dobies and Joshua Wood, available as a free download.
https://developers.redhat.com/books/kubernetes-operators
2. How do you verify the code test coverage in your operators? This guide will provide some insight.
https://www.openshift.com/blog/runtime-code-profile-for-kubernetes-operators-1
3. Want to write Kubernetes Operators? Here’s Red Hat’s 7 best practices for doing so. TL;DR: apply common sense.
https://www.openshift.com/blog/7-best-practices-for-writing-kubernetes-operators-an-sre-perspective
4. Not everybody is happy with the Operator Framework. Darren Shepherd, CTO and Founder of Rancher Labs (who we had already quoted in our previous edition about operators) published an interesting thread in Twitter recently, exposing his opinion, and as usual, definitely worth a read.

I have a really strong negative reaction to operator framework. When anybody brings it up I really get irritated. The fact that I get so irritated does signal to me I’m being irrational. In short operators is a concept, not a framework and the framework hurts, I’ll explain 1/9

— Darren Shepherd (@ibuildthecloud) July 17, 2020

5. Would you like to use something a bit less convoluted than the Operator Framework? Why not giving the shell-operator a try? It is marketed by their creators as „operator-sdk but for scripts.“ Here’s a nice guide to learn how to use it.
https://medium.com/flant-com/shell-operator-for-kubernetes-update-2f1f9f9ebfb1
Have you written or published operators? Do you use the Operator Framework? What’s your opinion on the current state of this ecosystem? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.
PS: would you like to receive this every Monday in your inbox? Subscribe to our new VSHN.timer newsletter!

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about the most important announcements made during last week’s KubeCon + CloudNativeCon Europe 2020.
1. Did you know? It turns out there are 6.5 million cloud native developers worldwide, almost 2 million more than last year! That’s the main result of a survey of the CNCF. More and more developers are using cloud native technologies and Kubernetes to deploy their workloads.
https://thenewstack.io/kubecon-eu-cloud-native-developers-now-an-army-6-5-million-strong/
2. Red Hat made several important announcements, including updates to their cloud native developer tools: Teckton OpenShift Pipelines, CodeReady Workspaces, CodeReady Studio, and the odo command-line tool for OpenShift.
https://adtmag.com/articles/2020/08/18/red-hat-tools-announcements.aspx
3. Among many other announcements, Red Hat has also released new edge computing capabilities for OpenShift 4.5.
https://siliconangle.com/2020/08/18/red-hat-pushes-the-layers-of-edge-computing-through-new-ways-of-deploying-openshift-kubecon/
4. We’re very excited to learn that Red Hat and Intuit will collaborate in the Argo CD project! Argo CD is one of the key pieces of our Project Syn, and we look forward to see how together they bring Argo CD to a new level.
https://www.businesswire.com/news/home/20200817005176/en/Red-Hat-Intuit-Join-Forces-Argo-Project/
5. KubeCon + CloudNativeCon 2020 was a massive event, where companies of all sizes have announced a myriad of new products and solutions. Check out the reviews in Forbes and Toolbox Tech for more information!
https://www.forbes.com/sites/janakirammsv/2020/08/23/5-interesting-announcements-from-kubeconcloudnativecon-europe-2020/#3faa58cd5320
Have you watched any KubeCon + CloudNativeCon Europe 2020 sessions last week? Would you recommend any in particular? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.
PS: would you like to receive this every Monday in your inbox? Subscribe to our new VSHN.timer newsletter!

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about random interesting things going on in our industry as KubeCon + CloudNativeCon Europe 2020 gets started.
1. Google Cloud Audit Logs record all activity in Google Cloud Platform (GCP) projects, databases, virtual machines, and more. This article by DataDog explains the structure of GCP audit logs, provides some best practices, and explains how to export them to other supports.
https://www.datadoghq.com/blog/monitoring-gcp-audit-logs/
2. Although most readers of this column probably know DNS in and out, here’s a nice explanation by Julia Evans to a simple question: what happens when you update your DNS?
https://jvns.ca/blog/how-updating-dns-works/
3. Exoscale recently introduced a much awaited, very useful component to their excellent infrastructure (which we use a lot here at VSHN!): the Exoscale Load Balancer. By the way, did you know that APPUiO is featured in Exoscale’s Marketplace?
https://www.exoscale.com/syslog/network-load-balancer-release/
4. Ever worried about not being able to SSH into your servers in case of an emergency? Carl Tashian from smallstep recently published a short guide to configure SSH servers with a hardware key… which might be useful as a „last resort“ procedure.
https://smallstep.com/blog/ssh-emergency-access/
5. The tool of the week is Scalr, allowing to scale Cloud instances based on policy checks in configurable intervals. Works out-of-the-box with Cloudscale, Hetzner, DigitalOcean, and other providers.
https://ngine-io.github.io/scalr/
Are you going to watch KubeCon + CloudNativeCon videos? Or are instead going to watch the Swiss Cloud Native Computing Meetup next week instead? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.
PS: By the way, next week we’ll post a summary of interesting things said and done during Kubecon + CloudNativeCon Europe 2020. Stay tuned!

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about what’s in store for that little side project of a Finnish student, you know, that thing he called Linux, you might have heard about it, maybe.
1. The question is very simple: who will maintain the Linux Kernel in the future? How do you get both passionate developers and sponsors to finance and make technically possible the evolution of this critical piece of our world? Linux Torvalds spoke about this issue at the Open Source Summit a few weeks ago.
https://www.theregister.com/2020/06/30/hard_to_find_linux_maintainers_says_torvalds/
2. Speaking about the evolution of the Linux Kernel, last week we heard about the announcement of version 5.8. Among the new features, there’s one that will make MacBook users rejoice: „Ability to swap fn and ctrl keys on Apple keyboards.“
https://www.omgubuntu.co.uk/2020/08/linux-5-8-kernel-features
3. The Linux Kernel keeps changing. Lately we learnt that the project deprecated the 80-character line coding style. Even weirder, somebody submitted a patch… for the Apple Desktop Bus driver, common at the times of the Macintosh II.
https://www.phoronix.com/scan.php?page=news_item&px=Linux-Kernel-Deprecates-80-Col
4. One of the most controversial things in Linux, generating discussions hotter than those between Torvalds and Andrew Tanenbaum in the 90s, was the introduction of systemd. Dave McKay wrote an article on Howtogeek providing an interesting account of its advantages, drawbacks, and why it will survive the test of time after all.
https://www.howtogeek.com/675569/why-linuxs-systemd-is-still-divisive-after-all-these-years/
5. Have you ever asked yourself why there’s a „V“ in „SIGSEGV„? Well, me neither, but Marek has, and the answer will surprise you. Bonus: at the end of the article, the fix to all bugs, like, ever.
https://idea.popcount.org/2020-06-18-why-is-there-a-v-in-sigsegv-segmentation-fault/
Do you contribute to the Linux Kernel project? What do you think of systemd? Do you handle SIGSEGV in your code? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.

This week we’re going to talk about various useful concepts around container technology: legal issues, registries, and security.

1. From a legal point of view, it can become quite hard for companies to figure out the licensing requirements of containers. This is a very sensitive point for large corporations, particularly those who have to undergo regular audits; the layered structure of Docker containers adding layers of complexity to the equation. Thankfully the Linux Foundation has published an extensive article about the subject, providing some interesting technical details at the same time.

https://www.linuxfoundation.org/blog/2020/04/docker-containers-what-are-the-open-source-licensing-considerations/

2. There’s a new container registry in town: DigitalOcean has recently introduced their brand new container registry. The competition in a field where Docker Hub used to be all alone is getting stronger. By the way, in the same vein, Red Hat has just released Quay version 3.3.

https://www.digitalocean.com/products/container-registry/

3. Containers are now at the basis of most online infrastructure; which increases the likelihood of them being targets of attacks exploiting security failures. Pawan Shankar from Sysdig recently wrote a 12-step guide with container image scanning best practices.

https://sysdig.com/blog/image-scanning-best-practices/

4. Speaking about container security, Dockle and Trivy are container image linters, that can be very useful in CI/CD pipelines, making sure our images are safe and sound before distributing them. Both were used in the „Security Issues“ website, which sadly hasn’t seen many updates in the past few months.

https://github.com/goodwithtech/dockle

5. The tool of the week is sinker, a useful tool to automatically sync image versions from registry to registry.

https://github.com/plexsystems/sinker

Do you run your own container registry? How do you synchronize images with other registries? Do you scan your images for vulnerabilities? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.

PS: For those of you interested in the subject, here are the previous container-related VSHN.timer entries: VSHN.timer #12 and VSHN.timer #17, and VSHN.timer #40. Check them out!

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about one of our specialties: Red Hat OpenShift!
1. Ten days ago Red Hat released OpenShift 4.5. The new features of this release include: support for VMware vSphere; new compact 3-node clusters; and the new Vertical Pod Autoscaler. And there’s much more!
https://www.openshift.com/blog/openshift-4.5-arrives-bringing-new-supported-installations
2. OpenShift itself is based in a community distribution called OKD, of which version 4.5 has been recently made available to the public. This open source project can be freely inspected, installed and used by anyone looking for a solid Kubernetes distribution.
https://www.openshift.com/blog/okd4-is-now-generally-available
3. Speaking about OKD4, Craig Robinson has recently published a step-by-step tutorial on how to install OKD as a single node cluster.
https://medium.com/swlh/guide-okd-4-5-single-node-cluster-832693cb752b
4. Red Hat and Amazon are longtime partners. A few months ago, AWS announced the future availability of a managed OpenShift service, akin to a similar offerings already available in Azure. It is not yet available, however, so in the meantime you should get started with a quick introduction to installing OpenShift on AWS.
https://www.theregister.com/2020/05/14/red_hat_openshift_aws/
5. Still undecided about which Kubernetes platform to use? Platform9 published a white paper with a review and comparison of VMware Tanzu, Google Anthos, OpenShift, Rancher, and Platform9 Managed Kubernetes, with a few valid points to consider.
https://platform9.com/resource/buyers-guide-to-enterprise-kubernetes-solutions-a-comparison-of-openshift-vs-vwware-tanzu-vs-google-anthos-vs-rancher-vs-platform9-managed-kubernetes/
Have you upgraded to OpenShift 4.5 already, or do you plan to? How do you like the new features? Do you have any tips you would like to share with the community? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.
PS: For those of you Red Hat fans, here are the previous OpenShift-related VSHN.timer entries: VSHN.timer #9 and VSHN.timer #28. Check them out!

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about the first line of the Agile Manifesto: individuals and interactions.
1. It’s unavoidable; after a certain age, most IT professionals ask themselves questions about their career. Or at least they might just feel tired of being asked the same stupid questions over and over again. Anyway, if you are looking for career advice, Karl Hughes created a list of 23 alternative career paths for software developers to grow into, and we’re sure you’ll find it useful. (Disclaimer: the author of these lines chose the first entry in the list!)
https://www.freecodecamp.org/news/alternative-career-paths/
2. There’s a whole category of self-help books and blog posts with lists of „habits of successful people“ but they all mostly boil down to the same recipes. Instead we prefer to focus today on this simple piece of advice by Mattias Geniar: just slow down. Let’s think before acting, let’s learn to have patience, and let’s drive our careers as a marathon, not as a sprint.
https://ma.ttias.be/want-to-improve-add-a-delay/
3. The COVID-19 pandemic is sadly still active and expanding across the world. We have already talked about working from home in this series, but as this is still relevant for many of us, here’s a list of 7 quick tips by Time Magazine to share much more enjoyable online meetings. Stay safe and use a mask when in public places!
https://time.com/5861183/video-calling-tips/
4. Crises happen; it’s only a matter of time. The important is to face them as a team, and to learn enough from them so as to not to repeat them in the future. Take for example Slack and their recent outage on May 12th. Their strategy can be summarized as „All Hands on Deck.“ In the same register, don’t miss the post-mortem of the Cloudflare outage last Friday, and then learn why it’s better to optimize for MTTR instead of MTBF.
https://slack.engineering/all-hands-on-deck-91d6986c3ee
5. The tool of the week is PACE, a minimalist project management tool which has recently moved into public preview mode. It looks extremely polished and simple to use, and thanks to its integration with GitHub, it will certainly be useful to many teams out there.
https://pace.dev/
How do you structure your teams? How much flexibility do they have to organize themselves? Do you have any tips you would like to share with the community? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.

This week we’re going to talk about some interesting news coming from Redmond, WA.

1. Times have changed a lot. It was about 20 years ago when Steve Ballmer called Linux „a cancer“, making quite a few people jump to the Linux bandwagon right away. In the meantime, Linux has conquered our pockets through Android, and continues to provide support for most cloud services out there. Now even Windows 10 boots with Linux off-the-box… It was time for Microsoft (via its president Brad Smith) to recognize the importance of the Linux project and move forward.

https://www.theverge.com/2020/5/18/21262103/microsoft-open-source-linux-history-wrong-statement

2. It was only a question of time for Microsoft Azure (of all places!) to support Windows Server containers. And it has finally happened, although it took a bit longer than one would have thought. However, in these times of Visual Studio Code, .NET, and SQL Server all running on Linux, it might only be an interesting option for legacy app deployments.

https://www.theregister.com/2020/04/29/windows_server_containers_azure_kubernetes/

3. Speaking about Windows Containers, you may be asking yourself some questions about them, such as how they compare to Linux containers, and what are their trade-offs. Thankfully Chad Crowell from Linux Academy has recently published a nice introduction to the subject.

4. There is a lot going on right now in the „Microsoft galaxy;“ for those interested, the recorded sessions of Microsoft Build 2020 are available online for free.

https://www.windowscentral.com/microsoft-build-2020-sessions-now-available-demand

5. The tool of the week brings Azure and Kubernetes closer: the recently introduced Azure Service Operator for Kubernetes allows DevOps engineers to provision Azure services through the standard kubectl tool.

https://github.com/Azure/azure-service-operator

How do you like the „new Microsoft“? Have you deployed Windows containers in production? Do you have any other tips you would like to share with the community? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about one of the most important programming languages behind the Cloud Native revolution: Go!
1. More than 10 years after its introduction, this „experimental“ language (in the words of Rob Pike) has become one of the most popular in the last decade: TIOBE named Go the programming language of the year in 2009 and 2016, and it currently occupies the 12th step in the ranking; PYPL puts Go on the 13th spot; and RedMonk places it at the 15th place. So what is next, then? Well, apparently, generics are, but as always trying to keep the language minimalist and focused.
https://blog.golang.org/generics-next-step
2. Dave Cheney is an expert Go developer and his (almost 10 year old!) blog is a must-read to learn about the most intricate aspects of Go. In one of his latest articles, he explains how final binary sizes depend on the number of types and equality operations, and how to keep them low.
https://dave.cheney.net/2020/05/09/ensmallening-go-binaries-by-prohibiting-comparisons
3. Developers are finding novel ways to use Go. For example Go+ is a statically-typed, script-like programming language for data science, compatible with and inspired by Go.
https://github.com/qiniu/goplus
4. Another innovative project in the Go landscape is TinyGo, a project to build a Go compiler targeting microcontrollers (like the Arduino or the PineTime smartwatch) and also browsers (through WebAssembly or WASM) using LLVM. Think Emscripten, but for Go.
https://tinygo.org/
5. This week we feature two different „tools of the week:“ the first one is bingo, a tool to ensure strict dependency management of binaries, overcoming some limitations in Go modules. Very useful for reproducible build environments, such as in CI/CD pipelines. The second one is oneshot, a single-request, first-come-first-served HTTP web server; a nifty cross-platform tool to exchange files between computers!
https://github.com/bwplotka/bingo
Have you deployed services written in Go? Have you published any interesting open source project using it? Do you have any other tips you would like to share with the community? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about tools and strategies to keep our clusters (and our teams) healthy and sound.
1. We read a few weeks ago on the Kubernetes Blog how to use Kuberhealthy 2.0.0 to specify KPIs for our clusters (for example availability, uptime, etc) and have this awesome operator report that data to Prometheus automatically. A very simple step-by-step guide!
https://kubernetes.io/blog/2020/05/29/k8s-kpis-with-kuberhealthy/
2. Troubleshooting issues in Kubernetes involves a non-negligible amount of web browsing to find solutions. Runbooks are a DevOps-specific resource with step-by-step solutions for common issues in Linux, Kubernetes, Python, and more. CrashLoopBackOff pods, anyone? We’d recommend keeping these Runbooks in a pinned tab in your favorite browser. It does not contain solutions to all issues, but it’s an excellent starting point for sure.
https://containersolutions.github.io/runbooks/
3. A few weeks ago we talked about Kubernetes dashboards (including an epic Excel worksheet!) In the meantime we discovered yet another way to manage our clusters: mount a cluster as a file system! Remember the Unix mantra that says „everything is a file“? Well, here you go.
https://github.com/configurator/kubefs
4. At the end of the day, there’s no better way to keep Kubernetes clusters healthy than by… learning how to use it properly. Long-time readers of VSHN.timer have most certainly seen previous issues dedicated to the subject of learning, but today we would like to showcase this GitHub project with a concise and very clear introduction to the subject.
https://github.com/knrt10/kubernetes-basicLearning/blob/master/readme.md
5. Let’s be honest; keeping an eye on AWS costs is not for the fainthearted. Thankfully Henning Jacobs from Zalando wrote a blog post teaching us various ways to save on cloud costs when running Kubernetes clusters on AWS. Simple tricks to remember before the CFO comes running to your desk.
https://srcco.de/posts/saving-cloud-costs-kubernetes-aws.html
What other approaches do you use to keep your clusters healthy? How much of your monitoring is automated? Do you have any other tips you would like to share with the community? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about GitHub, one of the most important elements in the workflow of software developers worldwide.
1. Since its creation in 2008, GitHub has become a major force in the world of software development. Following the events of the „Black Lives Matter“ movement during the last few weeks, GitHub has decided to rename the default, master branch to main, in order to get rid of its references to slavery. In this difficult time for the affected communities, words matter, and every gesture of support to the cause greatly matters as well.
https://www.zdnet.com/article/github-to-replace-master-with-alternative-term-to-avoid-slavery-references/
2. During the last GitHub Satellite conference a session stood up from the rest: „What every GitHub user should know about VS Code“ by Sana Ajani and Burke Holland. The level of integration between Visual Studio Code and GitHub should not surprise anyone, knowing that both belong to the same company! Check it out, there’s a lot of very interesting tips and tricks.
https://www.youtube.com/watch?v=T6sW1Dk9B4E
3. GitHub recently released a new tool, called GitHub Classroom. It provides tools for programming and computer science teachers to assign, assess and grade assignments; for large or small classes, either in public or in private.
https://classroom.github.com/
4. GitHub Actions have taken the world of CI/CD by storm, offering a powerful tool for developers to test and release code. One of those actions is the Super Linter, providing validation tools for a myriad of programming languages out-of-the-box.
https://github.com/github/super-linter
5. The tool of the week is the Line-Clipper, a browser extension for Chrome and Firefox that helps developers make that missing connection between their GitHub browser window to their IDE.
https://github.com/NickyMateev/Line-Clipper
How much of your workflow have you integrated with GitHub so far? Has it become so important to you that you keep a tab open with its current status? Do you have any other tips you would like to share with the community? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about small tips and tricks to help us efficiently develop apps of any kind (with a slight preference for cloud native ones, of course!)
1. Writing code is easier said than done, particularly for those new to the craft. So many options for nearly everything we do! Fear not, Mickey Muldoon has recently compiled an excellent list of 20 rules to solve common conundrums faced by software developers, juniors and seniors alike. Worth a re-read every so often.
https://muldoon.cloud/programming/2020/04/17/programming-rules-thumb.html
2. PostgreSQL is (by far) one of the most popular database engines ever created. As workloads move to The Cloud, it can become tricky to configure it properly, so that apps can scale and users can be sure that their data is safe. For this reason Sorint.lab created stolon, a cloud native high availability manager for PostgreSQL. And they published a blog post to explain it in detail. What else?
https://sgotti.dev/post/stolon-introduction/
3. Python is simply put a de facto standard in the realm of programming languages. But it remains somewhat daunting for newcomers, given the size of the Python ecosystem, to know exactly which tools and versions to install for testing, documentation, and many other tasks. Thankfully Claudio Jolowicz came to the rescue and described his idea of a „hypermodern“ Python setup with all best practices, in a series of six blog posts: 1, 2, 3, 4, 5, and 6.
https://cjolowicz.github.io/posts/hypermodern-python-01-setup/
4. It is safe to assume you use Git, right? Well, who doesn’t, anyway? If you’re a fan of git diff you will love delta, a syntax-highlighter for git and diff output. Your workflow (and your eyes) will thank you for it.
https://github.com/dandavison/delta
5. The tool of the week is regex101.com, a free tool to design (and test) regular expressions. It features a very useful bonus: regex code generation in various languages: C#, Go, Java, PHP, Ruby, Rust… Just don’t use it to parse e-mail addresses. Pretty please. That’s a very bad idea.
https://regex101.com/
What other tools do you use to simplify your life as a coder? Do you actually use regular expressions to parse e-mail? Seriously? Do you have any other tips you would like to share with the community? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about the weirdest possible idea used to manage Kubernetes clusters. And how to build your own!
1. Kubernetes specialists make a living typing the kubectl many times a day (or the oc command if you are interacting with OpenShift.) They usually keep a few browser windows open, with Rancher, the OpenShift web console, the standard Kubernetes web UI, or a simpler k9s running in a terminal window. But for teams who might feel that these tools aren’t enough (or instead, that they do too much) here’s a tutorial explaining how to build your own real-time Kubernetes dashboard as a simple web page.
https://learnk8s.io/real-time-dashboard
2. How about having a conversation with your Kubernetes clusters on the company chat? Well that’s exactly what BotKube does. It provides basic management facilities that can be integrated into Slack, Mattermost, and other chat systems thanks to an open architecture, so that DevOps engineers can run kubectl commands directly from their current chat system. Very smart and fun to use!
https://www.botkube.io/
3. Kubernetes remains a complex beast, and it can be difficult to manage it properly; in that case you might want to use something like the kubernetes-common-services project, which handles for you the installation and management of services such as cert-manager, nginx-ingress and Prometheus. And if all else fails, just contact us!
https://github.com/ManagedKube/kubernetes-common-services
4. The Kubernetes ecosystem is exploding with solutions and ideas; take for example oneinfra, the Kubernetes as a Service project. As expected it features its own terminal tool, its own web console, and many other components. We suppose you can use oneinfra to run a onedev instance?
https://github.com/oneinfra/oneinfra
5. The tool of the week is (of course!) the most enterprise-friendly of all Kubernetes dashboards: a spreadsheet! Perfect for understaffed startups where the CFO might need to scale a few deployments while keeping an eye on the last quarter revenue figures.
https://github.com/learnk8s/xlskubectl
How do manage your deployments? Have you created your own dashboard (or spreadsheet)? Do you have any tips you would like to share with the community? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about how the Linux kernel, after powering our servers and our smartphones, might finally conquer the last frontier: the desktop.
1. You might have heard the news from the 2020 Microsoft Build conference held two weeks ago: Microsoft will enable the Windows Subsystem for Linux to run GUI Linux applications side-by-side with Windows applications. For (at least) the past 22 years the press has spoken about „the year of Linux on the desktop,“ and in any case it sounds incredible that it might happen thanks to the same company that called Linux a „cancer“ almost 20 years ago.
https://www.theverge.com/2020/5/19/21263377/microsoft-windows-10-linux-gui-apps-gpu-acceleration-wsl-features
2. To a large degree, the Linux kernel powers most of the web (even more now thanks to containers and Kubernetes!) and the vast majority of all smartphones out there. It is widely trusted for its security and stability. But how is it tested? Which tools do the kernel developers use? This article on #embeddedbits provides the whole story, including links to the various tools used in the process.
https://embeddedbits.org/how-is-the-linux-kernel-tested/
3. It’s been already 10 years since one of the major earthquakes in the history of Linux: the creation of systemd. A story of politics, influence, technology, legacy, and people insulting one other online.
https://blog.darknedgy.net/technology/2020/05/02/0/
4. If bare metal computing is your thing, check out this list of awesome tools; we’ve found a few gems in those repositories worth playing with.
https://github.com/alexellis/awesome-baremetal
5. The tool of the week is bashtop; if top, htop and vtop are not enough, here’s another one with a nice dashboard and plenty of colors for your terminal.
https://github.com/aristocratos/bashtop
Do you see yourself using Linux GUI applications in a Windows box? How do you like the „new Microsoft“? Do you have any tips you would like to share with the community? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about the latest news in IT security. It’s a wild world out there.
1. Earlier this month Björn Ruytenberg made public the Thunderspy vulnerabilities, leading to (hang tight) nine practical exploitation scenarios. Here’s the scary part: this one affects any computer with Thunderbolt ports, providing stealth and absolute control, even though it requires physical access to the device. Really scary stuff, but a good example of responsible disclosure… and some not really ideal responses from various vendors.
https://thunderspy.io/
2. Speaking about security specialists, we found the story of Marcus Hutchins absolutely fascinating. Hutchins allegedly saved the Internet from what was, at the time, the worst cyberattack in history, a malware known as WannaCry. His story features Defcon, FBI agents, and the life of an otherwise unknown but utterly brilliant computer science student caught in the whirlwind of technology.
https://www.wired.com/story/confessions-marcus-hutchins-hacker-who-saved-the-internet/
3. Most of us log in and out of SSH connections all the time; but most importantly, here in VSHN many of us are also involved in setting and managing secure SSH connections for our customers. In any case, this guide to SSH properly and this list of SSH tips and tricks will surely teach you some new tricks.
https://gravitational.com/blog/how-to-ssh-properly/
4. If you manage Kubernetes clusters, you might be asking yourself how to make sure that you haven’t forgotten some security configuration somewhere that might come back and bite you. Thankfully Microsoft has come up with an extensive attack matrix for Kubernetes which might provide some starting points for your investigation. And since we’re at it, you might also want to monitor the outbound traffic from your clusters as well.
https://www.microsoft.com/security/blog/2020/04/02/attack-matrix-kubernetes/

5. The tool of the week is the Managed Kubernetes Inspection Tool, used to validate several common security-related configuration settings of clusters and the objects contained therein. Given the astronomical number of configuration options in our clusters, this one is a must have in our toolbelts for sure.
https://github.com/darkbitio/mkit
How do you secure the perimeters around your IT infrastructure? Do you have any tips you would like to share with the community? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.
This week we’re going to talk about the latest trends and news around CI/CD, documentation, and system testing.
1. Many of our customers rely on us to set CI/CD pipelines in various systems; they have definitely become a staple of agile organizations these days. They allow software to be easily tested, deployed to various environments, and all just happens by magic, just pushing code to a repository. But how secure are those pipelines? Vladyslav Protasenia from Devforth has prepared a step-by-step guide for secure CI setups, with a specific focus on Drone and AWS.
https://devforth.io/blog/step-by-step-guide-to-modern-secure-ci-setup
2. Ever wished to have automatically generated documentation for your CustomResourceDefinitions? Look no more: crds.dev has the solution, it is located here, and it is open source.
https://doc.crds.dev/
3. In the constantly moving ground of Kubernetes, apiVersions change continuously and that might leave your clusters with some deprecated resources. In that case, you are going to find Pluto by Fairwinds to be of great help. Pluto can check both static manifests and Helm charts for deprecated apiVersions, and it works with both Helm 2 and 3 releases. Give it a spin!
https://github.com/FairwindsOps/pluto
4. We have talked about Kubernetes operators in a previous issue of VSHN.timer; suffice to say that if you develop operators and you need to test them, KUTTL (aka the KUbernetes Test TooL) has you covered. Just write your tests and assertions using YAML and run them automatically, as part of your CI/CD setup.
https://kuttl.dev/
5. If you are an advanced GitHub user using the full power of GitHub actions to automate your workflow, you are going to love the tool of the week: the Actions Panel application; trigger your actions with the click of a button!
https://www.actionspanel.app/
Has your team set any CI/CD pipelines up already? Are they useful in your DevOps workflows? Do you have any tips you would like to share with the community? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.