In retrospect, DevOps was a bad idea
(rethinkingsoftware.substack.com)
In retrospect, DevOps was a bad idea.
In retrospect, DevOps was a bad idea.
In retrospect, DevOps was a bad idea
(rethinkingsoftware.substack.com)
In retrospect, DevOps was a bad idea.
In retrospect, DevOps was a bad idea.
Disk I/O bottlenecks in GitHub Actions
(depot.dev)
When your CI pipelines are slow, you can only optimize so much. Bottlenecks in CPU, Network, Memory, and Disk I/O can all contribute to slow CI pipelines. Let's take a look at how disk I/O can be a bottleneck in GitHub Actions.
When your CI pipelines are slow, you can only optimize so much. Bottlenecks in CPU, Network, Memory, and Disk I/O can all contribute to slow CI pipelines. Let's take a look at how disk I/O can be a bottleneck in GitHub Actions.
Dagger: A shell for the container age
(dagger.io)
The Unix shell is over 50 years old, but it still defines how programmers use their computers. We type a few words in a terminal, and milliseconds later an ephemeral factory comes online: the Unix pipeline. Data streams through a network of simple programs working concurrently, like robots on the factory floor, executing a computational choreography we composed seconds ago. Its job done, the factory vanishes. Onto the next command. That loop built the internet, and still runs it today.
The Unix shell is over 50 years old, but it still defines how programmers use their computers. We type a few words in a terminal, and milliseconds later an ephemeral factory comes online: the Unix pipeline. Data streams through a network of simple programs working concurrently, like robots on the factory floor, executing a computational choreography we composed seconds ago. Its job done, the factory vanishes. Onto the next command. That loop built the internet, and still runs it today.
Building a Firecracker-Powered Course Platform to Learn Docker and Kubernetes
(iximiuz.com)
This is a long overdue post on iximiuz Labs' internal kitchen. It'll cover why I decided to build my own learning-by-doing platform for DevOps, SRE, and Platform engineers, how I designed it, what technology stack chose, and how various components of the platform were implemented.
This is a long overdue post on iximiuz Labs' internal kitchen. It'll cover why I decided to build my own learning-by-doing platform for DevOps, SRE, and Platform engineers, how I designed it, what technology stack chose, and how various components of the platform were implemented.
Solving the Pain that is CI/CD
(dan-manges.com)
Last week, The Pain That Is GitHub Actions was on the front page of Hacker News. It received 700 upvotes and 500+ comments. The pain is widespread, and opinions on how to solve it are highly varied.
Last week, The Pain That Is GitHub Actions was on the front page of Hacker News. It received 700 upvotes and 500+ comments. The pain is widespread, and opinions on how to solve it are highly varied.
You have 5 days before the new DockerHub limits hit you
(blacksmith.sh)
Docker Hub is about to implement much stricter pull rate limits starting April 1st, 2025. If you're running CI/CD pipelines—especially on self-hosted runners—this could hurt.
Docker Hub is about to implement much stricter pull rate limits starting April 1st, 2025. If you're running CI/CD pipelines—especially on self-hosted runners—this could hurt.
Ignoring unwanted Terraform attribute changes
(mattsbit.co.uk)
I’ve ocassionally found Terraform providers that take an attribute and manipulate it in a way that.. isn’t favourable.
I’ve ocassionally found Terraform providers that take an attribute and manipulate it in a way that.. isn’t favourable.
Show HN: NPM-Audit-to-Report
(github.com/egorsmkv)
A simple Go program that converts `security-audit.json` to `security-audit.md` so you can use it in CI pipeline.
A simple Go program that converts `security-audit.json` to `security-audit.md` so you can use it in CI pipeline.
Gravity CI
(gravity.ci)
Gravity monitors build artifact sizes to prevent accidental increases – right in your CI pipeline.
Gravity monitors build artifact sizes to prevent accidental increases – right in your CI pipeline.
Build a Container Image from Scratch
(danishpraka.sh)
For a developer, a Container image is essentially a collection of configurations required to run a container. But what really is a container image? You might know what a container image is, how it is made up of layers and that it’s a collection of tar archives. There are questions that still went unanswered, questions such as what makes up a layer, how are layers combined to form a complete filesystem or multi-platform images, etc.
For a developer, a Container image is essentially a collection of configurations required to run a container. But what really is a container image? You might know what a container image is, how it is made up of layers and that it’s a collection of tar archives. There are questions that still went unanswered, questions such as what makes up a layer, how are layers combined to form a complete filesystem or multi-platform images, etc.
Pin Your GitHub Actions
(michaelheap.com)
Way back in 2019, Julien Renaux published Use GitHub Actions at your own risk. While the title is a little sensational, it correctly pointed out that any maintainer can update a branch or tag to point at new code without you knowing. This means that if any action is compromised, you'll start leaking secrets without knowing it.
Way back in 2019, Julien Renaux published Use GitHub Actions at your own risk. While the title is a little sensational, it correctly pointed out that any maintainer can update a branch or tag to point at new code without you knowing. This means that if any action is compromised, you'll start leaking secrets without knowing it.
Zero-Downtime Kubernetes Deployments on AWS with EKS
(glasskube.dev)
I am Jakob—an engineer working at Glasskube, which helps companies distribute their application to customer-controlled environments. We build an Open Source Software Distribution platform called Distr (github.com/glasskube/distr), the hosted version of which is running on AWS EKS.
I am Jakob—an engineer working at Glasskube, which helps companies distribute their application to customer-controlled environments. We build an Open Source Software Distribution platform called Distr (github.com/glasskube/distr), the hosted version of which is running on AWS EKS.
Show HN: Re-Imagining Configuration Management
(configfacets.com)
One platform, endless possibilities: Streamline application and deployment configurations, Infrastructure as Code (IaC), agentic prompts, feature flags, and more.
One platform, endless possibilities: Streamline application and deployment configurations, Infrastructure as Code (IaC), agentic prompts, feature flags, and more.
Show HN: Uncloud – Uncomplicated container orchestration without control plane
(github.com/psviderski)
Uncloud is a lightweight clustering and container orchestration tool that lets you deploy and manage web apps across cloud VMs and bare metal with minimized cluster management overhead.
Uncloud is a lightweight clustering and container orchestration tool that lets you deploy and manage web apps across cloud VMs and bare metal with minimized cluster management overhead.
Semaphore CI is now open-source
(github.com/semaphoreio)
Semaphore CI/CD helps product teams ship software faster, with quality and security.
Semaphore CI/CD helps product teams ship software faster, with quality and security.
Factory – The Agentic Command Center for Building Software
(factory.ai)
The hard part of coding isn’t the code, it’s everything else. The hard part is spending months trying to find all the hidden dependencies and broken APIs and mismatched versions. The hard part is the understanding, planning, negotiating, re-prioritizing, and documenting. Enterprise software development is hard because combing through the labyrinth of outdated docs and tech debt is like trying to untangle all the rivers of the world once they’ve already flowed into the ocean.
The hard part of coding isn’t the code, it’s everything else. The hard part is spending months trying to find all the hidden dependencies and broken APIs and mismatched versions. The hard part is the understanding, planning, negotiating, re-prioritizing, and documenting. Enterprise software development is hard because combing through the labyrinth of outdated docs and tech debt is like trying to untangle all the rivers of the world once they’ve already flowed into the ocean.
The Kubernetes Mirage: When Scaling Up Becomes Your Greatest Downfall
(medium.com)
It’s 3 AM when your phone erupts. Production is down. Your “fault-tolerant” Kubernetes cluster has become a digital Ouija board — pods vanishing, nodes collapsing, logs whispering nonsense. By sunrise, you’ve burned a lifetime supply of cloud credits and aged three years. Welcome to the Kubernetes paradox: the tool meant to save you now owns you.
It’s 3 AM when your phone erupts. Production is down. Your “fault-tolerant” Kubernetes cluster has become a digital Ouija board — pods vanishing, nodes collapsing, logs whispering nonsense. By sunrise, you’ve burned a lifetime supply of cloud credits and aged three years. Welcome to the Kubernetes paradox: the tool meant to save you now owns you.
Skill Path to Run Any Databases on Kubernetes
(iximiuz.com)
Master database management on Kubernetes with Get Started with KubeBlocks! This skill path guides you through five tutorials—from setup to auto-tuning—showing how KubeBlocks runs any database with ease and production-grade power. Learn to deploy, upgrade, back up, monitor, and optimize databases, aligned with Operator Capability levels. By the end, you’ll wield KubeBlocks to streamline operations and boost performance. Let’s get started!
Master database management on Kubernetes with Get Started with KubeBlocks! This skill path guides you through five tutorials—from setup to auto-tuning—showing how KubeBlocks runs any database with ease and production-grade power. Learn to deploy, upgrade, back up, monitor, and optimize databases, aligned with Operator Capability levels. By the end, you’ll wield KubeBlocks to streamline operations and boost performance. Let’s get started!
Replace Docker Compose with Quadlet and Systemd
(matduggan.com)
So for years I've used Docker Compose as my stepping stone to k8s. If the project is small, or mostly for my own consumption OR if the business requirements don't really support the complexity of k8s, I use Compose.
So for years I've used Docker Compose as my stepping stone to k8s. If the project is small, or mostly for my own consumption OR if the business requirements don't really support the complexity of k8s, I use Compose.
Launch HN: Massdriver (YC W22) – Self-serve cloud infra without the red tape
(ycombinator.com)
Hi HN! We’re Cory, Dave, and Chris, the founders of Massdriver (https://www.massdriver.cloud/), an infrastructure automation platform. Massdriver enforces organizational standards and delivers consistent, compliant deployments—no more endless approvals, red tape, or broken Terraform plans.
Hi HN! We’re Cory, Dave, and Chris, the founders of Massdriver (https://www.massdriver.cloud/), an infrastructure automation platform. Massdriver enforces organizational standards and delivers consistent, compliant deployments—no more endless approvals, red tape, or broken Terraform plans.
Fly To Podman: a script that will help you to migrate from Docker
(github.com/Edu4rdSHL)
fly-to-podman is a small bash script that helps you migrate from Docker to Podman. It will migrate your Docker containers, images, and volumes to Podman, as well as keep your container data and configurations (mounts, ports, etc.) intact.
fly-to-podman is a small bash script that helps you migrate from Docker to Podman. It will migrate your Docker containers, images, and volumes to Podman, as well as keep your container data and configurations (mounts, ports, etc.) intact.
Agent-Less System Monitoring with Elixir Broadway
(opsmaru.com)
We've started working on something that will be a critical component the Opsmaru platform. This part requires having proper infrastructure monitoring for several reasons. While Opsmaru has health monitoring for every cluster managed by the platform, it doesn't give us deep insights into the metrics of the systems.
We've started working on something that will be a critical component the Opsmaru platform. This part requires having proper infrastructure monitoring for several reasons. While Opsmaru has health monitoring for every cluster managed by the platform, it doesn't give us deep insights into the metrics of the systems.
Status.sh: Bash script to generate a static status page
(github.com/Cyclenerd)
Simple Bash script to generate a static status page. Displays the status of websites, services (HTTP, SAP, MySQL...), and ping. Everything is easy to customize. 🤓
Simple Bash script to generate a static status page. Displays the status of websites, services (HTTP, SAP, MySQL...), and ping. Everything is easy to customize. 🤓
Prefer tee -a, not >>, in CI
(huonw.github.io)
Shell scripts sometimes have to append data to a file. Redirecting output with >> is the conventional way and works fine, but using tee -a instead is a usually better default, especially in continuous integration. It’s just as easy and gives automatic introspection: the same value is printed to stdout and so appears in normal logs too.
Shell scripts sometimes have to append data to a file. Redirecting output with >> is the conventional way and works fine, but using tee -a instead is a usually better default, especially in continuous integration. It’s just as easy and gives automatic introspection: the same value is printed to stdout and so appears in normal logs too.
Terraform Config Root Setups
(resourcely.io)
Terraform is a powerful tool for managing infrastructure as code, but how you organize your configurations can make or break your project’s scalability, maintainability, and team collaboration. At the core of this organization are config roots—the directories where your Terraform configurations live.
Terraform is a powerful tool for managing infrastructure as code, but how you organize your configurations can make or break your project’s scalability, maintainability, and team collaboration. At the core of this organization are config roots—the directories where your Terraform configurations live.
Does anyone here uses AI in Production for performing DevOps and SRE tasks
(ycombinator.com)
Does anyone here uses AI in Production for performing DevOps and SRE tasks
Does anyone here uses AI in Production for performing DevOps and SRE tasks
Down the rabbit hole: Implementing SSH port forwarding over AWS Session Manager
(joinformal.com)
A technical quest through obscure SSH and AWS Session Manager features in service of enabling VS Code Remote SSH via the Formal Connector, culminating in forking and fixing several concurrency bugs in AWS’s own reference library for connecting to compute instances using SSM.
A technical quest through obscure SSH and AWS Session Manager features in service of enabling VS Code Remote SSH via the Formal Connector, culminating in forking and fixing several concurrency bugs in AWS’s own reference library for connecting to compute instances using SSM.
Do-nothing scripting: the key to gradual automation (2019)
(danslimmon.com)
Every ops team has some manual procedures that they haven’t gotten around to automating yet. Toil can never be totally eliminated.
Every ops team has some manual procedures that they haven’t gotten around to automating yet. Toil can never be totally eliminated.