Here is the awesome list of GitHub Actions both official and community-driven.

So, if you were looking into working with GHA, that might be a good thing to check. Also, if you're using GHA already, you may find some common actions to remove some repeated lines of code in your pipelines.

P.S. If you are not interested in GitHub Actions, but still adore the idea of YAML based CI, I just want to remind you that you can use YAML to configure Jenkins pipelines as well

#cicd #github #gha #jenkins

From our subscribers.

10 trends of real-world container use by DataDog.

1. ~90% of Kubernetes users leverage cloud-managed services

2. Amazon ECS users are shifting to Fargate

3. The average number of pods per organization has doubled

4. Host density is 3 times higher on Kubernetes than on Amazon ECS

5. Pod auto-scaling is becoming more popular

6. Organizations are deploying more stateful workloads on containers

7. Organizations running container environments create more monitors

8. Organizations are starting to replace Docker with containerd as their preferred runtime for Kubernetes

9. OpenShift adoption is growing rapidly

10. NGINX, Redis, and Postgres are the top three container images

More details are in the report.

#trends #containers

Finally! The recording of our voice chat about counter-offers is available online!

Our chat was in the mix of Ukrainian and Russian. You can listen to it on:
- Anchor
- Spotify
- Apple Podcasts

Unfortunately, Google Podcasts haven’t approved us yet. Hopefully, you’d be able to listen to this chat there soon.

You can also “watch” it on YouTube. I used quotes, because this is really just an audio with a static image.

TBH, I cannot promise when any other voice chats like this one will take place. In any case, though. Hit “like”, “subscribe”, all those usual things. Just in case we have more.

P.S. The next voice chat will be this Thursday! 17:00 UTC as usual in our discussions group

#voice_chat

This is a good and very important article on SRE structure - SRE Doesn’t Scale.

The main idea is, well, as it's stated in the title, that providing so-called "SRE support" doesn't scale well. It requires a lot of resources and manpower, and the majority of those resources are wasted in ad-hoc firefighting and context switch.

To solve this problem, a platform itself should be "productized" or "commodified". I.e. your platform should become an internal product. So, users of this platform can interact with it via APIs and ask for changes via feature requests and bug reports. As well as, your users will be able to share some good practices on how to interact with your platform among themselves.

Some notable quotes:

> Even Google, who has infinite money and an endless recruiting pipeline, says the SRE model—as it is often described by the people we encounter referencing the book—does not scale with microservices. Instead, they go on to describe a more tractable, framework-oriented model to address this through things like codified best practices, reusable solutions, standardization of tools and patterns, and, more generally, what I describe as the “productization” of infrastructure and operations.

> For some reason, this little detail gets lost and, consequently, we see groups attempting to throw people at the problem, such as embedding an SRE on each team. In practice, this usually means two things: 1) hiring a whole bunch of SREs—which even Google admits to being difficult and costly—and 2) this person typically just becomes the “whipping boy” for the team. More often than not, this individual is some poor ops person who gets labeled “SRE.”

And my favorite:

> In fact, many groups are probably better off simply removing “SRE” and “DevOps” from their vocabulary altogether because they often end up being distracting buzzwords.

#culture

​​HashiConf Global starts in 5 minutes!

If you have not yet registered and voting to HUG Kyiv, here are YouTube broadcast links:

Day 1 - PDT Broadcast: Track 1 | Track 2 | Track 3

Day 2 - PDT Broadcast: Track 1 | Track 2 | Track 3

P.S. If you're Ukrainian, and your browser not cached live.hashiconf.com/schedule token, HashiCorp very-very apologize to all of us. They tried to block occupied by Russia territories but blocked full Ukraine...
No chance to fix that issue today - the site supports only 2-letter country restrictions. HashiCorp promises to fix it for the next event and apologize yet another time.

Who won? We won!

Wiil be officially announced at Second Day of HashiConf Global that will start at 19:00 Kyiv TZ (16:00 UTC)

Nginx playground by Julia Evans.

It works just like any other code playground out there, but for Nginx configurations.

Could be useful if you want to test a change without rolling new machines.

#nginx

During our previous voice chat we briefly mentioned Wardley mapping.

This is an approach to map a strategy for product or process development.

Here's an awesome list of Wardley Maps, which contains a handful of resources that can help you get into mapping or improve your mapping skills.

#mapping #management

And here is the video that inspired one of our subscribers to learn about Wardley mapping:

https://www.youtube.com/watch?v=2IW9L1uNMCs

There are multiple ways to define, which technology to use in a company or a project.

Sometimes, the decision-making point is simply "I have experience working with the technology A". This is especially common, when a company size is not that big and impact of such decisions seems not very broad.

However, if you're choosing a cache solution, and you're choosing between Memcached and Redis, this article may help you to make a more informed one.

#redis #memcached #cache

Noice!

If you're using EC2 Auto Scaling or EC2 Fleet, now you can just tell it "gimme nodes with 2 to 4 vCPUs and 16 to 64 Gigs of RAM", instead of defining instance types explicitly!

It's available with the new Attribute-Based Instance Type Selection feature

#aws

From @catops_chat

Happy Friday!

P.S. Facebook rebrended as Meta

Пару дней назад вышел новый Technology Radar от ThoughtWorks (https://a.e42.link/j1qLb).

На этот раз много пунктов относится к инфраструктуре и командообразованию, также немалое количество пунктов про удаленную работу:
— 4 ключевые метрики DORA перешли в Adopt и рекомендуются для применения всеми. Если у вас нет дашборда для их отслеживания можно периодически раз в квартал проходить DORA quick check: https://a.e42.link/j1qWj
— Платформенные команды также перешли в Adopt и рекомендуются как хороший подход. Важно отметить, что платформенная команда это не переименованные operations, а команда разработки точно такая же как и любые другие команды разработки — со своим product owner, продуктовым планированием, разбиением на фичи, работой с бэклогом, и т.д. Одним словом, платформенная команда — это команда разработки, которая пишет продукт для использования внутри компании другими командами
— Учитывание когнитивной нагрузки команд в проектировании архитектуры. Про это уже говорилось в предыдущем радаре и в книге https://a.e42.link/j1qW8 — кто еще не знаком с концепцией и подходом очень рекомендуем ознакомиться
— Remote mob-programming. Это как парное программирование, только больше чем вдвоем и не в одной комнате у доски, а удаленное. Парное программирование мы применяли с отличными результатами как раз через Zoom — оно хорошо подходит для случая когда не совсем ясно как именно и что писать, гораздо лучше чем параллельная работа с синками через каждые 2-3 часа.
— В блоке Assess появилось использование Kubernetes Operator для управления ресурсами за пределами Kubernetes. В предыдущих радарах уже упоминались инструменты для этого, теперь на радаре появилась и сама практика. Также в этом радаре появился и Crossplane (https://a.e42.link/j1qWT)
— В блоке Trial по-прежнему находится https://a.e42.link/j1qWz (инструмент для построения внутренних технологических порталов и витрин),
— Также в этом же блоке появились Clickhouse, Kafka REST Proxy, Kafka Mirrormaker 2.0, OPA Gatekeeper for Kubernetes и Sealed Secrets
— Из Assess в Trial поднялись GitHub Actions, K3s и Pulumi
— Написание скриптов командной строки на Clojure: Babashka (https://a.e42.link/j1qWY) — за счет использования GraalVM обещают, что он стартует мгновенно, а не как другие JVM-приложения
— ExternalDNS для синхронизации ингрессов с DNS-провайдерами появился в Assess
— Batect (https://a.e42.link/j1qWt) как способ настройки окружений локальных и тестовых
— Berglas (https://a.e42.link/j1qWm) для управления секретами в GCP
— Dive (https://a.e42.link/j1qWZ) — сканнер оптимальности сборки докер-образов. Может отслеживать неэффективность послойной сборки и вычислять «лишний» объем образа (например файлы создаются в нижнем слое, а затем удаляются в верхнем слое)
— Lens (https://a.e42.link/j1qWp) как UI для Kubernetes перешел в Trial
— cert-manager (https://a.e42.link/j1qWl) наконец-то появился на радаре
— Появились аж 2 инструмента для тестирования инфракода: Conftest (https://a.e42.link/j1qWB) и Regula (https://a.e42.link/j1qWn). Оба используют язык Open Policy Agent для написания тестов. Такие тесты могут использоваться, например, для автоматизированного тестирования Compliance
— Появился Cosign (https://a.e42.link/j1qWG) — инструмент для подписи и проверки подписи контейнеров
— Забавно, но в этом радаре появились и современные альтернативы командам из Coreutils (под именем Modern Unix commands) наподобие ripgrep, ag, jq, httpie. Большой список таких команд можно посмотреть на https://a.e42.link/j1qWx
— Mozilla Sops (https://a.e42.link/j1qWf) для безопасного хранения шифрованных секретов в гит-репозиториях (с расшифровкой например через AWS KMS)
— Pactflow (https://a.e42.link/j1qWC) — инструмент для тестирования контрактов
— Proxyman (https://a.e42.link/j1qWk) — прокси для отладки веб-приложений
— Telepresence (https://a.e42.link/j1qWe) — инструмент для подключения локально запущенного приложения к удаленному кластеру кубернетес. Может пригодиться например для песочниц разработки

There was a question in CatOps chat regarding the resources to learn the Go programming language from scratch with the background in other technologies.

So, here is a quick ad-hoc list of resources, we came up with:

Books:
- Go in Practice
- The Go Programming Language

Courses and tutorials:
- Practical Go Lessons
- Algorythms with Go
- Go by Example
- Effective Go

Blogs:
- Three Dots Labs

Of course, you can also find a great list of learning materials in the Awesome Go list

If you would like to add to this short list - welcome in the comments!

#programming #go

1Password promise two years free membership for their service for Open Source software maintenaners and their teams.

However, to get access you have to be a project lead or a core contributor for an active open source project that is at least 30 days old. We’ll also accept applications from the organisers of community meetups and events, as well as some conferences.

Open source projects need to use a standard open source license and must be non-commercial. Your project should not have paid support or pay contributors.

More details on the linked page.

#security #free_stuff

TIL:

AWS has much higher environmental impact comparing to Google Cloud and Azure.

Would it drive decisions on what cloud to chose? I don’t know. Probably not.

However, if you’re looking for a cloud provider for your pet project or a startup, this is something to consider.

#cloud #aws #gcp #azure

DevOps-ish community loves Go.

So, here's a short story about simple re-arranging fields in a struct that saved 1/3 of memory consumption.

#programming #go #performance

From time to time people bring the topic of testing during our voice chests.

Here Kent Beck, a creator of extreme programming, provides 11 properties for good tests:

- Isolated — tests should return the same results regardless of the order in which they are run.
- Composable — if tests are isolated, then I can run 1 or 10 or 100 or 1,000,000 and get the same results.
- Fast — tests should run quickly.
- Inspiring — passing the tests should inspire confidence
- Writable — tests should be cheap to write relative to the cost of the code being tested.
- Readable — tests should be comprehensible for reader, invoking the motivation for writing this particular test.
- Behavioral — tests should be sensitive to changes in the behavior of the code under test. If the behavior changes, the test result should change.
- Structure-insensitive — tests should not change their result if the structure of the code changes.
- Automated — tests should run without human intervention.
- Specific — if a test fails, the cause of the failure should be obvious.
- Deterministic — if nothing changes, the test result shouldn’t change.
- Predictive — if the tests all pass, then the code under test should be suitable for production.

#programming #testing

Some people use to think that a job interview is a one-way road. Like an exam: there’s a person or two who ask questions to evaluate your skills and you should excel in answering everything.

While in reality interviews are bi-directional process. It is important for a company to hire matching talent, but it’s not less important for an individual to look for a matching company.

Here Gergely Orosz, an author of The Pragmatic Engineer Blog, proposes a test to evaluate the engineering culture in a team (eng culture may be different from team to ten in the large companies). This tests consists of 12 questions, which you can ask at any stage of the interviewing process.

As a bonus, you can evaluate you current company as well!

#culture #hiring

I have already recommended CUE (or cuelang) in a few chats to validate Kubernetes manifests.

However, the language itself is capable of many more things than just validate some configuration files.

For example, you can write your configuration in CUE as well!

Here is a blog post, which describes the basic concepts of this language as well as some real world use cases.

#cue #kubernetes

​​Some useful resources for Kubernetes CKA exam preparation:
- Kubectl Cheat Sheet for Kubernetes Admins & CKA Exam Prep
- Useful bookmarks. You are allowed to use those
- Killer.sh - CKS, CKA, CKAD simulator

Good luck to those, who is looking forward to complete one of those exams!

#kubernetes #education