For today’s Donations Monday, I want to share with you a fundraiser from the Come Back Alive foundation “The second line of air defense”.

#donations #Ukraine

Programming skills are essential for work in tech. So, here is a book bundle by Pearson with some books that may help you with those skills.

#books #programming

The upcoming systemd 256 release will have a replacement for sudo - run0.

You can read more about run0 in this article.

#linux

Ruby was the first programming language I tried to consciously learn. Meaning, it wasn't a part of a university curriculum or something.

Despite not using it for many years, I still have some warm feelings towards this language. In this article Lucas Seiki Oshiro argues that Ruby is good for shell scripts as well.

Ruby is strongly associated with the Rails framework. So, I think this article is a good reminder that programming languages are more than just frameworks.

#programming #ruby

​​​​Sup!

Together with UkrOps Digest we are raising funds for the UAV equipment for the Skelyar platoon of the Rubizh brigade.

Specifically, we are raising money for:

- Antenas
- Batteries
- Controller unit
- 2 sets of cables

The end goal is 150k UAH.

There is also a raffle:

1. Our defenders will sign two platoon banners. Each 300 UAH donation is a chance to win one. So, if you donate 300UAH, you get one "ticket", 600 UAH - 2 "tickets", and so on.
2. Those with top 5 highest donations will have a chance to write a message on a drone!

Vsevolod Polyakov - the author of UkrOps Digest - knows these guys personally, thus I can vouch for them as well.

🎯Goal: 150 000.00 ₴

🔗Monobank Jar
https://send.monobank.ua/jar/6k2H9iu8tN

💳 Direct card number

5375411219683781

Many thanks to y'all!

#donations#Ukraine

A reasonable article on how to provide meaningful feedback. Specifically, on how not to be afraid to provide meaningful feedback.

You may already know many of these points, but it won't hurt to re-read them. Also, this is one of the cases where actual practice weights more than theory.

P.S. The original article seems to be behind a paywall, but I was able to read it just fine via Pocket. In any case, here are the tl;dr points provided by the author himself:

Way before giving feedback…

- Build a relationship with the other person - This starts the path of giving feedback to someone like it’s your close friend. Good relationship = easy feedback.
- Share that you are open to receiving feedback - This results in the other person seeing you are growth-minded and often leads to them asking for feedback too.
- Give positive feedback first - This helps build a positive relationship and ensures the other person knows you are on their side and looking out for them.

When you do need to give feedback, follow the feedback process…

- Look inward first. Know your intent - Ensure you are sharing the feedback for the right reason. Not to vent, but to help the other person.
- Get permission - When in doubt, confirm with the other person. This allows them to opt in and prevents backlash.
- Show you care - The most important step. Let them know the reason you are sharing is because you care.
- State your observations - Stick to the facts of the situation. These should hardly be debatable. Call out the common problem.
- Explain the impact - Help the other person understand why it matters. Is it impacting you, others, or the business?
- Get their thoughts - You’re solving a problem together. Get their take on it.
- Align on next steps - Ensure it’s clear what to do moving forward.

#culture #feedback

In case you missed it somehow.

regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server

A newly discovered vulnerability allows a malicious actor to execute code remotely with the highest privileges on a host. CVE assigned to this vulnerability is CVE-2024-6387.

Glibc-based Linux systems are affescted.

Affected OpenSSH versions:

- OpenSSH versions earlier than 4.4p1 are vulnerable to this signal handler race condition unless they are patched for CVE-2006-5051 and
CVE-2008-4109.
- Versions from 4.4p1 up to, but not including, 8.5p1 are not vulnerable due to a transformative patch for CVE-2006-5051, which made a
previously unsafe function secure.
- The vulnerability resurfaces in versions from 8.5p1 up to, but not including, 9.8p1 due to the accidental removal of a critical component
in a function.

OpenBSD systems are unaffected by this bug, as OpenBSD developed a secure mechanism in 2001 that prevents this vulnerability.

Here's another interesting fact: "In our security analysis, we identified that this vulnerability is a regression of the previously patched vulnerability CVE-2006-5051, which was reported in 2006."

This is why you always need to have several lines of defense in your systems. Also, since I got into the industry, it was always advised not to open SSH to the world and hide it behind a VPN or such. This advice still stands. Moreover, today you have solutions in place that allow you avoiding SSH at all.

#security #ssh

Today's Friday, so we can talk about some more relaxed topics.

Your Company's Problem is Hiding in Plain Sight - High Work-In-Progress (WIP) is a good reminder that working on everything everywhere all-at-once is a bad idea. I'd like to bring up this topic, because I think this issue is even more prevalent in platform teams.

What I missed in this article is some advices on how to address the issue in a controlled fashion: how to properly calculate it and "sell" to the management. Still, you can get some ideas from the discussion on Reddit.

So, as a bonus, I'd also like to share these two articles:

- One is on the Little's Law
- The second one is on the cost of context switching

P.S. I'm in that age when I really regret slacking out at the Queuing Theory lectures in the university :\

#culture

A new issue of the CatOps Digest is here!

https://newsletter.catops.dev/p/catops-digest-2024-07-07

#newsletter #digest

Convert your rage into donations.

Together with UkrOps Digest we are still raising funds for the Skelyar platoon. These funds will be spent on the equipment for UAV. Right now, we have 1/3 or the required sum.

🎯Goal: 150 000.00 ₴

🔗Monobank Jar
https://send.monobank.ua/jar/6k2H9iu8tN

💳 Direct card number

5375411219683781

#donations #Ukraine

How Wise reduced AWS RDS maintenance downtimes from 10 minutes to 100 milliseconds is an interesting story for those who do DB operations.

From time to time, it's necessary to apply changes that require downtime. However, it's unacceptable to have long "maintenance windows" nowadays. So, one has to be creative.

#dba #mariadb

At last! I converted my talk from FW Days DevOps 2024 into an article in English.

You can find it in my blog or on Substack.

This is the Part I which goes through the ideas behind the testing of Helm charts. But have no fear! I learn on my previous mistakes, so the second part that walks you through the technical aspects of tests is also ready and will be published tomorrow!

Also, you can still watch the video of my talk on the FW Days conference (in Ukrainian). It has basically the same content as the articles.

Enjoy!

#kubernetes #helm #testing

The second practical part of the Helm charts testing article.

- Read in the blog
- Read on Substack

#kubernetes #helm #testing

The fundraiser by UkrOps continues. It has slowed down a bit, so let’s keep it running strong!

Convert your rage into donations.

These funds will be spent on the equipment for UAV.

🎯Goal: 150 000.00 ₴

🔗Monobank Jar
https://send.monobank.ua/jar/6k2H9iu8tN

💳 Direct card number

5375411219683781

#donations #Ukraine

Many years ago there was an open lecture or rather Q&A in my university by one of Facebook engineers.

He mentioned that they do not use Git, to which I was surprised and asked why. He didn’t provide a concrete answer, since it was like this when he joined.

However, this article may have an answer to why Facebook uses Mercurial instead of Git. “May” because obviously there’s just one viewpoint.

Tl;dr: because they had a unique use case as well as unique amounts of money to contribute to a custom solution. Still, it’s interesting that their initial proposal to contribute to Git was sorta declined.

So, here we are. Does it mean that you also need to switch to Mercurial to be like Facebook? No! Very likely you’re not Facebook. Moreover, I only used 1 project stored in Mercurial in my life (I’m not trying to argue that there are more).

Still, I like such articles on the topic of “tech history”. I think they help us to better understand why we are where we are and how did we get here.

#git #hg #facebook #history

All of us use open source in our day-to-day life, often as tools to make living. However, there is a looming danger in the open-source community. To illustrate it, here’s a quote from the Register:

A "Youth and Open Source" panel was held at the United Nations (UN) Open Source Program Office (OSPO) for Good conference in the UN building in Manhattan. There was only one little problem with it. To quote Ruth Ikegah, a young Nigerian open source project manager, "We need more young people here because I see a lot of old people here."

With more people going into retirement like James Gosling - the creator of Java - did recently, there is a risk of many crucial projects left undermaintained in the long run. Another quote from the Register:

As David Nalley, president of the Apache Software Foundation (ASF) and director of open source strategy at Amazon Web Services (AWS), said at the conference: "Getting people to maintain old code isn't easy. For experienced programmers, it leads to burnout, and younger developers want to make new things. Who doesn't?"

I wanted to end this post on some positive note, like “contribute to open source - it’s fun”, but sometimes it is not. So, I dunno, I don’t have a solution at hand.

#opensource

That was a long Friday for us... to check all the memes about CrowdStrike and Microsoft.
Anyway, there is 7 min educational video about what causes all these Windows crashes just by one badly compiled CrowdStrike file.

Today's donation Monday is more IT-related than ever.

NGO Aerorozvidka makes and supports many interesting stuff for the Defense Forces of Ukraine, starting from IT solutions (like DELTA), through ISTAR, to Robotics technologies.

You can choose which direction to support on aerorozvidka.ngo/donate-page or just pop-up their Monobank.

And not so long ago they celebrated their 10th anniversary.

#donations #Ukraine

Today I want to share with you some preparation materials for certifications:

- By Sybex Comptia
- By Packt

Also, till the end of July you can get Linux Foundation certificates with a discount!

And last but not least, some Rust books recommendations as a bonus.

#books

Anyone can Access Deleted and Private Repository Data on GitHub

Sounds scary, if you didn't deep dive into how git works and how GitHub hosts it.

TL;DR: If some repo can git fetch upstream - all these fetchable commits will be always accessible from this fork/main repo.
Only after the visibility of the repo changes - new commits will be not discoverable.

For more details and examples, check this article, which was brought to us from CatOps Chat.

#security #git #github

Today is the Sysadmin’s day. My congratulations to everyone involved!

In an episode about SRE with Denys Vasyliev there was a point that SRE is just a glorified OPS.

So, I think this ongoing book would be appropriate for today:

Reliability Engineering Mindset.

It’s ongoing and, apparently, you can subscribe to get updates.

#sysadmin #sre #books