Depending where in the world you might be, a return to the office might be right around the corner. Here in Southern California, tech companies are welcoming employees back Labor Day or sooner, which means I have about 3 months to figure out how to fit back into my signature Levi chinos. Do they make shoehorns for pants? I’m starting to sound like my Product team!

🔥 Top Cream

This issue’s top 5 stories:

1. Architecting Kubernetes clusters: choosing the best autoscaling strategy
2. How Netflix uses eBPF flow logs at scale for network insight
3. New container feature: Volatile overlay mounts
4. 12 Common Misconceptions about AWS DynamoDB
5. Kubernetes and the challenges of continuous software delivery

🌎 Society

• Blog about what you’ve struggled with

• Apple employees push back against returning to the office in internal letter: “over the last year we often felt not just unheard, but at times actively ignored.”

• Reddit Drunk Post: Things I’ve learned as a Sr. Engineer

• Stack Overflow Sold to Tech Giant Prosus for $1.8 Billion: this deal is Prosus’ biggest investment in online learning and comes weeks after it sold a chunk of its massive Tencent holding.

📟 DevOps

• The Mysterious Gotcha of gRPC Stream Performance: “recently, we spent longer than planned trying to work out why the performance of a gRPC streaming server was worse than expected. So we rolled up our sleeves and went sleuthing in-house.”

• How To Write Ansible Playbooks: this series will walk you through some of Ansible’s main features which you can use to write playbooks for server automation. At the end, you’ll create a playbook to automate setting up a remote Nginx web server and deploy a static HTML website to it.

• Why (and how) GitHub is adopting OpenTelemetry: GitHub needed a solution that would allow them to standardize telemetry usage, while also making it easy for developers around the organization to instrument their code. The OpenTelemetry project provided us with exactly that!

• Continuous Infrastructure Deployment with Terraform Cloud: “today I will be exploring Terraform Cloud to automate infrastructure changes via GitHub Actions and promote those changes from one environment to the next.”

• How a Jenkins Job Broke our Jenkins UI: troubleshooting plugin upgrades and debugging Jenkins.

• Best Practices Around Production Ready Web Apps with Docker Compose: “here’s a few patterns I’ve picked up based on using Docker since 2014. I’ve extracted these from doing a bunch of freelance work.”

• The need for slimmer containers

• How Netflix uses eBPF flow logs at scale for network insight: Netflix has developed a network observability sidecar called Flow Exporter that uses eBPF tracepoints to capture TCP flows at near real time.

• New container feature: Volatile overlay mounts: with containers, we don’t always care about data being retained after a crash. See how volatile overlay mounts can help increase performance in these situations.

🛠️ DevOps Tools

• A new future for icanhazip: the history of how icanhazip.com was born, and its future as the infamous domain exchanges ownership.

• Dockerfile ENTRYPOINT vs CMD vs RUN

• ElectricEye: continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability.

☸️ Kubernetes

• Architecting Kubernetes clusters: choosing the best autoscaling strategy: scaling pods and nodes in a Kubernetes cluster could take several minutes with the default settings. Learn how to size your cluster nodes, configure the Horizontal and Cluster Autoscaler, and overprovision your cluster for faster scaling.

• GitOps Demystified: my view of what GitOps is and my take on some of its pros and cons. I’ll also try to give a bit more insight into what it looks like to Implement GitOps and use a GitOps pattern.

• CKS, CKA and CKAD Simulator: 22 scenarios to verify your K8s security skills and prepare for the CKS exam.

• Top 10 PromQL examples for monitoring Kubernetes

• Kubernetes and the challenges of continuous software delivery

• GitOps is a placebo: oh no he didn’t!

• Failure stories: How to destroy Elasticsearch while migrating it within Kubernetes

🔐 Security

• Amazon devices will soon automatically share your Internet with neighbors: Amazon’s experimental wireless mesh networking turns users into guinea pigs.

• Have I been Pwned goes open source: want to find out if someone’s stolen your user IDs and passwords? The”Have I Been Pwned” service can help and now the code behind it is being open sourced. They are also collaborating with the FBI.

• M1RACLES: a covert channel vulnerability in the Apple Silicon “M1” chip.

💻 Programming

• In praise of --dry-run: something I always want to see in a tool which does anything non-trivial is a --dry-run mode. To be able to know what you’re about to do, before you do it, is a great and wondrous thing, helpful to the novice and the experienced user alike.

• PostgreSQL EXPLAIN Output Explained: EXPLAIN ANALYZE is the key to optimizing SQL statements in PostgreSQL. This article does not attempt to explain everything there is to it. Rather, it will provide a brief introduction, explain what to look for and show you some helpful tools to visualize the output.

• Context Managers and Python’s with Statement: in this tutorial, you’ll learn what the Python with statement is for, how to use it and how to implement your own context managers.

🐧 Linux

• A Guide to the Zsh Completion With Examples: the Zsh module “zstyle” and an introduction to Zsh’s completion system.

• 7 Linux networking commands that every sysadmin should know: there are a few commands that should always be in your sysadmin toolbox. Get to know these 7 essential networking commands.

• Anatomy of a Linux DNS Lookup: Part 1: these posts are intended to break down how a program decides how it gets an IP address on a Linux host, and the components that can get involved.

🔩 Hardware

• USB-C levels up and powers up to deliver 240W in upgraded power delivery spec

🚢 Leadership

• Building an SRE Team? How to Hire, Assess, & Manage SREs: “considering adopting SRE? We will explain the roles and responsibilities of a SRE team within your organization, and how to start building one.”

AWS

• AWS Data Transfer Cost Explorer: analyzes the billed Data Transfer items in your AWS account and presents them visualized on a map.

• The 17 Ways to Run Containers on AWS: 17 container options, along with guidance and commentary as to which you should choose for a given task.

• SQS Now Supports a High Throughput Mode for FIFO Queues: Amazon SQS announces the general availability of high throughput mode for FIFO queues, allowing you to process up to 3000 messages per second per API action. This is a tenfold increase compared to current SQS FIFO queue throughput quota.

• AWS Lambda Extensions are now GA: Lambda Extensions are a new way to integrate your favorite operational tools for monitoring, observability, security, and governance with AWS Lambda.

• 12 Common Misconceptions about AWS DynamoDB

• Amazon CloudWatch adds Control Plane API Usage Metrics across AWS Services: AWS API call count metrics organized by AWS service in the CloudWatch console.

• CloudWatch Logs announces Dimension support for Metric Filters: allows you to create filter patterns to search for and match terms, phrases, or values in your CloudWatch Logs log events, and turn these into metrics that you can graph in CloudWatch Metrics or use to create a CloudWatch Alarm.

• Amazon Aurora MySQL Improves Availability of Read Replicas: read availability is now maintained through writer node restarts.

Article version: 1.0.0