#office-hours - July 2024 | Slack Archive

27 messages

Public "Office Hours" are held every Wednesday at 11:30 PST via Zoom. It's open to everyone. Ask questions related to DevOps & Cloud and get answers!
👉️ https://cpco.io/slack-office-hours

Jun 2024

July 2024

Aug 2024

erikover 1 year ago

@here office hours is starting in 30 minutes! Remember to post your questions here.

Nennaover 1 year ago

Links from today's office hours:

https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
https://github.com/cloudposse/atmos/pkgs/container/atmos/versions
https://buttons.github.io/
https://expensio.co/why-self-hosting-is-better
https://github.com/sponsors/cloudposse
https://www.linen.dev/s/sweetops
https://www.kaspersky.com/blog/openssh-vulnerability-mitigation-cve-2024-6387-regresshion/51603/
https://github.com/hashicorp/vscode-terraform/issues/1557#issuecomment-2172984054

Zapierover 1 year ago(edited)

DevOps "Office Hours" (2024-07-03)

Michaelover 1 year ago

Potential discussion item on AWS now supporting CloudShell environments in VPCs: https://aws.amazon.com/about-aws/whats-new/2024/06/aws-cloudshell-amazon-virtual-private-cloud/

erikover 1 year ago

@here office hours is starting in 30 minutes! Remember to post your questions here.

Michael Goldsbieover 1 year ago

Can someone send me the link to the office hours Zoom?

Brandon Wilsonover 1 year ago

Same. Looks like it feel off my calendar.

Nennaover 1 year ago

Links from today's office hours:

https://aws.amazon.com/about-aws/whats-new/2024/06/aws-cloudshell-amazon-virtual-private-cloud/
https://aws.amazon.com/about-aws/whats-new/2024/01/aws-cloudshell-docker-13-regions/
https://github.com/cloudposse/geodesic
https://github.com/leg100/pug
https://github.blog/changelog/2024-07-08-github-actions-gpu-hosted-runners-are-now-generally-available/
https://github.com/grafana/loki/issues/8756
https://github.com/cloudposse/terraform-aws-components/tree/main/modules/eks/loki
https://grafana.com/blog/2024/06/27/grafana-security-update-grafana-loki-and-unintended-data-write-attempts-to-amazon-s3-buckets/
https://dexidp.io/
https://github.com/ory/hydra
https://github.com/gravitational/teleport
https://www.pomerium.com/
https://github.com/pomerium
https://grafana.com/oss/tempo/
https://signoz.io/
https://aws.amazon.com/xray/
https://sorry-cypress.dev/
https://claude.ai/login?returnTo=%2F%3F
https://kagi.com/

Zapierover 1 year ago(edited)

DevOps "Office Hours" (2024-07-10)

Michaelover 1 year ago

Not sure if this has been talked about already, but I thought it was a worthwhile read (https://log.martinatkins.me/2024/05/22/terraform-ephemeral-values/)

erikover 1 year ago

@here office hours is starting in 30 minutes! Remember to post your questions here.

Michael Goldsbieover 1 year ago

Can you send me a link to the office hours?

Roy Spragueover 1 year ago

On the secrets agent, you have to pass the ssrf token which helps with the chicken and egg deal with accessing secrets. How do you authenticate to the secrets vault without having to have a secret... https://github.com/aws/aws-secretsmanager-agent?tab=readme-ov-file#step-3-retrieve-secrets-with-the-secrets-manager-agent

Nennaover 1 year ago

Links from today's office hours:

https://www.investing.com/news/stock-market-news/google-near-deal-to-acquire-cybersecurity-startup-wiz-for-23-billion--wsj-3518269
https://github.com/sauljabin/kaskade
https://arstechnica.com/security/2024/07/new-blast-radius-attack-breaks-30-year-old-protocol-used-in-networks-everywhere/
https://www.theregister.com/2024/07/12/cisa_broke_into_fed_agency/
https://github.com/taubyte/tau
https://labs.leaningtech.com/blog/mini-webvm-your-linux-box-from-dockerfile-via-wasm
https://github.com/aws/aws-secretsmanager-agent
https://ochagavia.nl/blog/using-s3-as-a-container-registry/
https://techcrunch.com/2024/07/10/aws-app-studio-promises-to-generate-enterprise-apps-from-a-written-prompt/
https://krebsonsecurity.com/2024/07/researchers-weak-security-defaults-enabled-squarespace-domains-hijacks/
https://porkbun.com/
https://porkbun.com/tld/design/?url=https://porkbun.com%3Futm_source%3DGoogle_Search%26utm_medium%3DHomepage_OldDesignCampaign%26gad_source%3D1&coupon=GOOG19A&utm_source=google&utm_medium=cpc&gclid=CjwKCAjw1920BhA3EiwAJT3lSXxG6xXQBeRZQQLVeFS1yTCr5_4o-S5A18CVU-R2qyUL31_D2VTBrRoCqk0QAvD_BwE
https://krebsonsecurity.com/2024/07/researchers-weak-security-defaults-enabled-squarespace-domains-hijacks/
https://webvm.io/
https://www.cursor.com/
https://supermaven.com/
https://coderabbit.ai/
https://www.codium.ai/
https://aws.amazon.com/blogs/aws/introducing-amazon-guardduty-malware-protection-for-amazon-s3/
https://docs.k8ssandra.io/
https://d2908q01vomqb2.cloudfront.net/f1f836cb4ea6efb2a0b1b99f41ad8b103eff4b59/2024/05/02/ML-16059_image004.png
https://aws.amazon.com/blogs/machine-learning/build-a-serverless-exam-generator-application-from-your-own-lecture-content-using-amazon-bedrock/
https://github.com/kubernetes-sigs/secrets-store-csi-driver
https://infisical.com/docs/documentation/guides/local-development
https://www.2ndquadrant.com/en/resources/
https://reuters.com/markets/deals/google-backed-software-developer-gitlab-explores-sale-sources-say-2024-07-17/

Zapierover 1 year ago(edited)

DevOps "Office Hours" (2024-07-17)

Michaelover 1 year ago

Fun article on using S3 as a container registry and potential performance benefits: https://ochagavia.nl/blog/using-s3-as-a-container-registry/

Srinidhi Sivakumarover 1 year ago

https://www.linkedin.com/posts/srinidhi-sivakumar-771a46116_devops-itchallenges-techt[…]204274302977-hUVU?utm_source=share&utm_medium=member_desktop

Curious about the biggest hurdles in DevOps? Share your thoughts and join the discussion!

Dave Gregoryover 1 year ago

AWS are end-of-lifing QLDB (Quantum Ledger Database) in a year. Surprise announcement via AWS Health, no explanation I've seen and no explicit blog post that I can see (this and this allude to it and there are banners on the docs and sales pages). Anyone else been using it? Any recommendations for audit log storage, or wisdom on audit logging in general? I feel like the kind of detail expected by NIST 800-53 is hard to reconcile with user-friendly presentation, but outsourcing audit logging seems crazy.

Michaelover 1 year ago

Interesting results from Stack Overflow’s Annual Developer Survey
https://stackoverflow.blog/2024/07/24/developers-want-more-more-more-the-2024-results-from-stack-overflow-s-annual-developer-survey/

erikover 1 year ago

@here office hours is starting in 30 minutes! Remember to post your questions here.

elvis limover 1 year ago

Anyone has experience on working on single node kubernetes? Will be used for demoing App software functionality (comments or reactions welcomed!)

Tech list: (Hardware is workstation with multi-cpu/large memory/large storage/Nvidia GPU)
(1) OS: Flatcar Linux
(2) k3s - Kubernetes
(3) postgresql in kubernetes
(4) Localstack in kubernetes to make some AWS requirements transparent
(5) GPU suport (nvidia operator)

Nennaover 1 year ago

Links from today's office hours:

https://slack-imgs.com/?c=1&o1=ro&url=https%3A%2F%2Fmedia.licdn.com%2Fdms%2Fimage%2FD5622AQFyLU-m9y39nw%2Ffeedshare-shrink_800%2F0%2F1721837908603%3Fe%3D2147483647%26v%3Dbeta%26t%3DTv5iIMHFHduplR53pZFSvhpyPRQ4LgCzqSlJYGTyvGM
https://www.linkedin.com/posts/jonassteinberg_wow-does-this-suck-i-understand-it-in-a-activity-7221911632501731330-4xog?utm_source=share&utm_medium=member_desktop
https://www.ubicloud.com/blog/difference-between-running-postgres-for-yourself-and-for-others
https://www.bloomberg.com/news/articles/2024-07-23/cyber-firm-wiz-rejects-alphabet-s-23-billion-offer-seeks-ipo
https://fakemail.stream/
https://lokal.so/
https://github.com/ivbeg/awesome-status-pages
https://www.techtarget.com/whatis/feature/Explaining-the-largest-IT-outage-in-history-and-whats-next
https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/
https://x.com/George_Kurtz/status/1814235001745027317
https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/
https://github.com/orgs/github/projects/4247/views/1?filterQuery=is%3Aopen+-status%3A%22Q4+2022+%E2%80%93+Oct-Dec%22%2C%22Q2+2023+%E2%80%93+Apr-Jun%22%2C%22Q3+2023+%E2%80%93+Jul-Sep%22%2C%22Q4+2023+%E2%80%93+Oct-Dec%22+label%3Aactions
https://github.com/julienlevasseur/terraform-provider-uname
https://aws.amazon.com/blogs/database/replace-amazon-qldb-with-amazon-aurora-postgresql-for-audit-use-cases/
https://stackoverflow.blog/2024/07/24/developers-want-more-more-more-the-2024-results-from-stack-overflow-s-annual-developer-survey/
https://www.yugabyte.com/
https://open.nytimes.com/enhancing-the-new-york-times-web-performance-with-react-18-d6f91a7c5af8
https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html#kubernetes-release-calendar
https://www.vcluster.com/

erikover 1 year ago

@here office hours is starting in 30 minutes! Remember to post your questions here.

haroon ejazover 1 year ago

@Erik Osterman (Cloud Posse)
I need to implement open source CI/CD tool. Can anyone recommend any good tool they use? Our projects are non-containerized.
The tools we are checking are:
1. https://docs.gitlab.com/ee/ci/
2. https://jenkins.io/
3. https://drone.io/
4. https://www.gocd.org/
5. https://concourse-ci.org/
Which one should we choose from above list or anyone recommend any other?

Nennaover 1 year ago(edited)

Links from today's office hours:

https://www.theregister.com/2024/07/29/infosec_roundup/
https://github.com/sickcodes/Docker-OSX
https://trufflesecurity.com/blog/anyone-can-access-deleted-and-private-repo-data-github
https://blog.trailofbits.com/2024/07/30/our-audit-of-homebrew/
https://github.com/automq/automq
https://repost.aws/questions/QUshILm0xbTjWJZSD8afYVgA/codecommit-cannot-create-a-repository
https://github.com/SummitRoute/aws_breaking_changes
https://github.com/giscus/giscus
https://opentofu.org/blog/opentofu-1-8-0/
https://github.com/opentofu/opentofu/issues/300
https://github.blog/changelog/2024-07-25-actions-usage-metrics-is-generally-available
https://siliconfolklore.com/internet-history/
https://github.com/Yelp/detect-secrets
https://bitbucket.org/$org/$repo/admin/pipelines/openid-connect
https://github.com/orgs/community/discussions/31132
https://www.lemonsqueezy.com/blog/stripe-acquires-lemon-squeezy
https://open.spotify.com/episode/3bTJwwDWUTJxjJYBoFJVe1

oskar maria grandeover 1 year ago(edited)

Just wanted to add that the Internet was pretty clearly - at least as a side effect - designed to route around destroyed infrastructure. All in the context of the Cold War; I mean that context was all encompassing. Licklider and any "higher order" goals of the actual designers were actually extra. You don't have to be explicitly designing around destruction through nuclear war; that was an implicit reality over decades during the conception and design of the internet even until and after TCP/IP came about in 1983. That HN article is kinda vapor in that sense, still good to try talking about history.

Vint Cerf himself:

> The earliest demonstration of the triple network Internet was in

July 1977. We had several people involved. In order to link a

mobile packet radio in the Bay Area, Jim Mathis was driving a

van on the San Francisco Bayshore Freeway with a packet radio

system running on an LSI-11. This was connected to a gateway

developed by .i.Internet: history of: Strazisar, Virginia;

Virginia Strazisar at BBN. Ginny was monitoring the gateway and

had artificially adjusted the routing in the system. It went

over the Atlantic via a point-to-point satellite link to Norway

and down to London, by land line, and then back through the

Atlantic Packet Satellite network (SATNET) through a Single

Channel Per Carrier (SCPC) system, which had ground stations in

Etam, West Virginia, Goonhilly Downs England, and Tanum, Sweden.

The German and Italian sites of SATNET hadn't been hooked in

yet. Ginny was responsible for gateways from packet radio to

ARPANET, and from ARPANET to SATNET. Traffic passed from the

mobile unit on the Packet Radio network across the ARPANET over

an internal point-to-point satellite link to University College

London, and then back through the SATNET into the ARPANET again,

and then across the ARPANET to the USC Information Sciences

Institute to one of their DEC KA-10 (ISIC) machines.

> So what we

were simulating was someone in a mobile battlefield environment

going across a continental network, then across an

intercontinental satellite network, and then back into a

wireline network to a major computing resource in national

headquarters. Since the Defense Department was paying for this,

we were looking for demonstrations that would translate to

militarily interesting scenarios. So the packets were traveling

94,000 miles round trip, as opposed to what would have been an

800-mile round trip directly on the ARPANET. We didn't lose a

bit!

https://netvalley.com/archives/mirrors/cerf-how-inet.html

So Elon's Starlink and its usage during the current Ukraine war is just another natural coming to fruition of that old plan through the way of privatization; all kick-started still during the Reagan's Cold War years (not an Elon fan btw but still).

Zapierover 1 year ago(edited)

DevOps "Office Hours" (2024-07-31)

June 2024 Browse by date August 2024