1_r/devopsish

This will be the first launch for ULA's Atlas V rocket in nearly 10 months.

Creators say they struggle to gain a foothold in a font market dominated by Monotype

Months after the campaign was discovered, victims are still coming forward and, in most cases, breaches at third-party vendors are to blame.

The leaders of Google, OpenAI, Microsoft and others will meet with lawmakers on Sept. 13 to kick off listening sessions that may shape A.I. rules in the United States.

None of us want to admit that we would rather feel overwhelmed than underwhelmed. In fact, we often experience a greater sense of our own value when we’re working than we do when we’re not. Working is not just a way to stay busy, but also to prove our worthiness – to others and to ourselves. The result is that without the right guardrails in place, we silently collude with employers who encourage us to overwork through intense pressure to perform. The authors outline strategies for intervening if you find yourself compulsively overworking, including honestly recognizing your tendency to work long and continuous hours, prioritizing sleep and movement, and choosing one activity outside of work that brings you true enjoyment.

Future imperfect

Welcome to a new week. Today’s update takes us to Vision Pro land. Apple is peeling back the cover of its Apple Vision Pro developer labs. We examine Apple’s motivation for hosting the labs. The discussion then turns to key differences between early Apple Watch app development and what we see unfold

Developer News

FOSS • Linux • Programming

Human rights organizations are raising alarms about a United Nations cybercrime treaty currently under negotiation, warning that the rules could expand the surveillance power of governments and give dictatorships further tools of repression.

After a historically slow period for tech IPOs, investors are getting read for debuts from Arm, Instacart and Klaviyo.

When you run First Aid, its reports an error with an inode. Here’s how to identify the item responsible by converting that inode number to a file path.

Linus has, as expected, released the 6.5 kernel.

Author: Richa Banker (Google) This blog describes the mixed version proxy , a new alpha feature in Kubernetes 1.28. The mixed version proxy enables an HTTP request for a resource to be served by the correct API server in cases where there are multiple API servers at varied versions in a cluster. For example, this is useful during a cluster upgrade, or when you're rolling out the runtime configuration of the cluster's control plane. What problem does this solve? When a cluster undergoes an upgrade, the kube-apiservers existing at different versions in that scenario can serve different sets (groups, versions, resources) of built-in resources. A resource request made in this scenario may be served by any of the available apiservers, potentially resulting in the request ending up at an apiserver that may not be aware of the requested resource; consequently it being served a 404 not found error which is incorrect. Furthermore, incorrect serving of the 404 errors can lead to serious consequences such as namespace deletion being blocked incorrectly or objects being garbage collected mistakenly. How do we solve the problem? The new feature “Mixed Version Proxy” provides the kube-apiserver with the capability to proxy a request to a peer kube-apiserver which is aware of the requested resource and hence can serve the request. To do this, a new filter has been added to the handler chain in the API server's aggregation layer. The new filter in the handler chain checks if the request is for a group/version/resource that the apiserver doesn't know about (using the existing StorageVersion API ). If so, it proxies the request to one of the apiservers that is listed in the ServerStorageVersion object. If the identified peer apiserver fails to respond (due to reasons like network connectivity, race between the request being received and the controller registering the apiserver-resource info in ServerStorageVersion object), then error 503("Service Unavailable") is served. To prevent indefinite proxying of the request, a (new for v1.28) HTTP header X-Kubernetes-APIServer-Rerouted: true is added to the original request once it is determined that the request cannot be served by the original API server. Setting that to true marks that the original API server couldn't handle the request and it should therefore be proxied. If a destination peer API server sees this header, it never proxies the request further. To set the network location of a kube-apiserver that peers will use to proxy requests, the value passed in --advertise-address or (when --advertise-address is unspecified) the --bind-address flag is used. For users with network configurations that would not allow communication between peer kube-apiservers using the addresses specified in these flags, there is an option to pass in the correct peer address as --peer-advertise-ip and --peer-advertise-port flags that are introduced in this feature. How do I enable this feature? Following are the required steps to enable the feature: Download the latest Kubernetes project (version v1.28.0 or later) Switch on the feature gate with the command line flag --feature-gates=UnknownVersionInteroperabilityProxy=true on the kube-apiservers Pass the CA bundle that will be used by source kube-apiserver to authenticate destination kube-apiserver's serving certs using the flag --peer-ca-file on the kube-apiservers. Note: this is a required flag for this feature to work. There is no default value enabled for this flag. Pass the correct ip and port of the local kube-apiserver that will be used by peers to connect to this kube-apiserver while proxying a request. Use the flags --peer-advertise-ip and peer-advertise-port to the kube-apiservers upon startup. If unset, the value passed to either --advertise-address or --bind-address is used. If those too, are unset, the host's default interface will be used. What’s missing? Currently we only proxy resource requests to a peer kube-apiserver when its determined to do so. Next we need to address how to work discovery requests in such scenarios. Right now we are planning to have the following capabilities for beta Merged discovery across all kube-apiservers Use an egress dialer for network connections made to peer kube-apiservers How can I learn more? Read the Mixed Version Proxy documentation Read KEP-4020: Unknown Version Interoperability Proxy How can I get involved? Reach us on Slack : #sig-api-machinery , or through the mailing list . Huge thanks to the contributors that have helped in the design, implementation, and review of this feature: Daniel Smith, Han Kang, Joe Betz, Jordan Liggit, Antonio Ojea, David Eads and Ben Luddy!

The creator of an online educational empire discusses why DevOps is needed now more than ever and how this is the perfect time to begin a career in DevOps.

While Ampere Computing's wares with the Altra (Max) and forthcoming AmpereOne families of AArch64 server processors are designed for the data center, if you feel so inclined they have published a guide on being able to run Steam for Linux on these ARM64 processors -- including Steam Play (Proton) for enjoying Windows games on these Linux servers.

Even ‘climate havens’ face a riskier future, and infrastructure often isn’t built to handle climate change. But there are steps cities can take to prepare.

Private equity firm Veritas Capital has made an offer to buy BlackBerry Ltd , according to a person familiar with the matter, months after the Canadian technology company began a strategic review.

What's the point of locks when hackers can easily get the keys to unlock them?

You may have heard of sigstore and its container image verification tool, cosign. This blog post introduces a policy-driven workflow, Enterprise Contract, built on those technologies.

Read the announcement Crafting Legacies,One Century at a Time Request the 100-Year Plan Read the announcement The 100-Year Plan ensures that your stories, achievements, and memories are p…

I’ve been spending a lot of time in the last couple of weeks doing non-technical work, so in this post I’m again going to go for a less-technical topic and explore some thoughts I’ve been having around the Kubernetes project as a whole, and how it’s organized. It should be noted that I do occasionally contribute to the Kubernetes project, as well as review some PRs from time to time, but I don’t have any inside knowledge into how CNCF (the organization managing Kubernetes) works or how/why we got here. For the purposes of this blog post I’m an interested outsider :)

Every time any of us packs a bag, we are making some very specific tech-focused decisions. It starts with what devices we need (or can live without) and cascades into charging bricks and cords and …

Some districts that once raced to block A.I. chatbots are now trying to embrace them.

Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.

Everyone being friendly on Zoom stifles creativity, Zoom founder said.