Week 51, 2020
AWS launches new managed services: Announcing Amazon Managed Service for Grafana (in Preview) and Amazon Managed Service for Prometheus.
Monitoring & securing AWS with Microsoft
"Interesting approach, how to setup (advanced) monitoring of AWS with Azure Security Center (CSPM), Azure Defender (CWPP), Cloud App Security (CASB), and Azure Sentinel (SIEM)." (from Cloud Security Reading List)
Can developer productivity be measured?
"Defining and measuring programmer productivity is one of the most difficult parts of an engineering manager or CTO’s job description. When everything you do is intangible, how should you measure it? Can it be measured at all?"
The CSS Mindset
"You need a certain mindset to write good CSS."
How to Make Your Code Reviewer Fall in Love with You
"Value your reviewer’s time". tl;dr; Start with these and read the article for more:
- Review your own code first
- Write a clear changelist description
- Automate the easy stuff
- Answer questions with the code itself
- Narrowly scope changes
- Separate functional and non-functional changes
- Break up large changelists
Chrome is bad
tl;dr; "Google Chrome installs Keystone on your computer, which makes your whole computer slow even when Chrome isn't running. Deleting Chrome and Keystone makes your computer way, way faster, all the time." Alternative facts about the issue from Hacker News.
How I read books: setting up a new system
"Knowledge is much more valuable when we can act on it, and change our behavior."
tl;dr; Active learning / reading; Processing and reflecting; Repeating; Presenting; Taking action. (from HackerNewsletter)
Week 50, 2020
Wait, Docker is deprecated in Kubernetes now? What do I do?
tl;dr; Use CRI runtimes instead: containerd or CRI-O.
Google Cloud: default container runtime to change to Containerd with GKE node version 1.19 and higher.
"As the Docker container runtime will be removed from the Kubernetes project in the future, GKE is beginning a migration to the Containerd runtime. Support for the Containerd image variants became Generally Available in GKE in September 2019." See: Using containerd images
A better Kubernetes, from the ground up
"What we would do differently if we built something new, from the ground up, with no regard for compatibility with Kubernetes?" (from Cloud Security Reading List)
Travis CI is no longer providing CI minutes for open source projects
The move from Travis CI to other (more OSS friendly) Continues Integration services has been seen for some time and this will accelerate it. The popular choices are: GitHub Actions, Circle CI, Google Cloud Build, Drone CI.
AWS Lambda now supports container images as a packaging format
You can now package your functions as container images and use familiar container development tools to build Lambda applications. (from Cloud Security Reading List)
Monitor and secure your containers with new Container Threat Detection
Google announced the general availability of Container Threat Detection (a built-in service in Security Command Center Premium tier) to help monitor and secure container deployments in GCP. (from Cloud Security Reading List)
Advent of Code
Reminder that the Advent of Code is again here with programming puzzles.
"PostgREST serves a fully RESTful API from any existing PostgreSQL database. It provides a cleaner, more standards-compliant, faster API than you are likely to write from scratch." (from hackernewsletter)
The UI & UX Tips Collection: Volume One
"Collection of my popular UI & UX tips from the past 12 months that can, with little effort, help improve both your designs, and the overall user experience." (from Weekend Reading)
Chess tactics explained
If you watched the The Queen's Gambit miniseries and got interested of playing it, the Chess tactics explained gets you started with more than just basic rules. (from hackernewsletter)
"Discover the best tools to build software, no code required"
Week 49, 2020
Development and Operations
Using SSL certificates from Let’s Encrypt in your Kubernetes Ingress via cert-manager
Walkthrough of the process of automating the issuance and renewal of certificates provided by Let's Encrypt for Kubernetes Ingress using the cert-manager add-on. (from cloudseclist.com)
Use Amazon EC2 Mac Instances to Build & Test macOS, iOS, ipadOS, tvOS, and watchOS Apps
"Powered by Mac mini hardware and the AWS Nitro System, you can use Amazon EC2 Mac instances to build, test, package, and sign Xcode applications for the Apple platform including macOS, iOS, iPadOS, tvOS, watchOS, and Safari." The downside of this is that "The instances are launched as EC2 Dedicated Hosts with a minimum tenancy of 24 hours" which is due Apple EULA and thus one CI build costs about $26. And what I read from HN the real viable option is still to use MacStadium.
Tools of the trade
"Repository providing a security policies library that is used for securing Kubernetes clusters configurations. The security policies are created based on CIS Kubernetes benchmark and rules defined in Kubesec.io." (from cloudseclist.com)
"Screenity is a feature-packed screen and camera recorder for Chrome. Annotate your screen to give feedback, emphasize your clicks, edit your recording, and much more." (from Weekend Reading)
Why Apple's replacement for Intel processors works really, really well
"They added Intel's memory-ordering to their CPU. When running translated x86 code, they switch the mode of the CPU to conform to Intel's memory ordering."