Once again, an RCE vulnerability emerges on Drupal's core. This time it is targeting Drupal 8's REST module, which is present, although disabled, by default.
Terraform is powerful (if not the most powerful out there now) and one of the most used tool which allows to manage infrastructure as code. It allows developers to do a lot of things and does not restrict them from doing things in ways which will be hard to support or integrate with.
Last year, my team launched web.dev at Chrome Dev Summit 2018. If you haven't heard of web.dev, it's a new educational resource for web developers that focuses on interactive learning. For example, we embed Glitch codelabs so developers can tinker with code as they read through documentation.
The Mass.gov development team is proud to release a new open source project, Drupal Test Traits (DTT). DTT enables you to run PHPUnit tests against your Drupal web site, without wiping your database after each test class. That is, you test with your usual content-filled database, not an empty one.
I recently bought 3 ODROID-HC1 devices to add a dedicated storage cluster to my home Kubernetes. I thought that it’s a good excuse to spend some time redeploying the cluster. Usually, I would’ve gone with CoreOS, since I’m a big fan of their immutable OS.
The shortlog gives us summaries of git log; the -s flag will suppress commit description and provide a commit count summary only, and the -n flag will sort output according to the number of commits per author instead of author alphabetic order.
We run two internal employee security training courses at PagerDuty; one for everyone covering a variety of general security topics relevant to all employees, and one for engineers covering more technical security concepts relevant to those in our engineering department.
At LimoenGroen we build mostly Dutch websites and sometimes multilingual sites. We therefore need a solid and developer friendly solution to deploy interface translations.
Informations sur les entreprises en opendata
At Target, we run a heterogeneous infrastructure in our datacenters (and many other places), where we have multiple different backend hosting infrastructure for workloads.
I thought it might be fun to write a blog post on “The Life of a GitHub Action.” When you go through orientation at Google they walk you through “The Life of a Query” and it was one of my favorite things. So I am re-applying the same for a GitHub Action.
Big news in open source/cloud. IBM will acquire open-source cloud software com…
The web is moving to HTTPS, preventing network attackers from observing or injecting page contents.
In recent years innersource is a term that has cropped up more and more. As with all new things in technology, there has been a healthy mix of interest and suspicion around what exactly innersource is (and what it isn’t).
Today we are bumping the major version number of Gravitational Teleport to 3.0 and for good reason. One of our beta testing customers said it best: This is too easy, now I can now authenticate once and access both my Kubernetes clusters [via kubectl] and the underlying servers [via SSH]!
A Docker image contains an application and all its dependencies. As it also contains the numerous binaries and librairies of an OS, it’s important to make sure no vulnerabilities exist in its root filesystem, or at least no critical or major ones.
At Bitnami we have been working on the Bitnami Kubernetes Production Runtime, a curated collection of services needed to deploy on top of your Kubernetes cluster (currently supporting GKE and AKS) to enable logging, monitoring and certificate and DNS management.
At dailymotion, we strongly believe in devops best practices, and are heavily investing in Kubernetes. Part of our products are already deployed on Kubernetes, but not all of them.
Some time ago, my colleague and manager of our platform team at Viki, Omkiran, started a company-wide conversation on re-hauling most of our entire infrastructure.
Disclaimer: I'm taking into account that you more or less know many of the AWS concepts in EMR, IAM, S3; together with what is Zeppelin and Spark. How to start with a project involving big data at your enterprise?
The last decades have seen a global shift from on-premise data centres to the provisioning of Virtual Machines (VMs) from mainstream cloud providers such as Amazon Web Services, Azure, Google Cloud Platform. In this article, we will explore the different pricing models of a typical cloud provider.
Service Objects is a highly usable pattern in Ruby on Rails that gives the ability to keep controllers skinny, models clean and remove domain logic from both.
You’re Missing Out on a Better Mac Terminal Experience. Mac command line apps, plugins, tweaks, and tips to make your terminal exactly what you want it to be: functional, minimal, aesthetic, or…
Over the past few years, there has been a lot of hype about containers. Docker, Kubernetes and related technology have taken the public cloud by storm (pun intended). At the same time, it seems, as software projects grow increasingly more complex, so too does the development process.
It was the day before KubeCon Seattle 2018 and we were all sitting in a huge conference hall spanning three rooms. There was barely room to move and then a series of lightning talks began including one from a friend of mine named Marko Mudnić.
Go has excellent support for executing external programs. Let’s start at the beginning. Here’s the simplest way to run ls -lah and capture its combined stdout/stderr.
Many people believe Agile to just be ‘the latest management fad’. Very often they scoff at the idea of becoming Agile because ‘something else will come along soon and replace it’.
It has been almost 3 years since I started working with OpenShift/k8s and a bit more than that with what we call now Linux Containers. During this period I’ve helped Customers from many different industries to move their application workloads to OpenShift.
The Core Rule Set is installed in just four steps, as described in the Installation Guide. Now, it’s even easier using the CRS Docker container. The effort to start the CRS in front of an application is reduced to a few seconds and only one command.