2019 February

02-23 Exploiting Drupal8's REST RCE

Once again, an RCE vulnerability emerges on Drupal's core. This time it is targeting Drupal 8's REST module, which is present, although disabled, by default.

02-18 Welcome

Terraform is powerful (if not the most powerful out there now) and one of the most used tool which allows to manage infrastructure as code. It allows developers to do a lot of things and does not restrict them from doing things in ways which will be hard to support or integrate with.

02-15 Puppeteer is my new dev server

Last year, my team launched web.dev at Chrome Dev Summit 2018. If you haven't heard of web.dev, it's a new educational resource for web developers that focuses on interactive learning. For example, we embed Glitch codelabs so developers can tinker with code as they read through documentation.

02-10 Introducing Drupal Test Traits

The Mass.gov development team is proud to release a new open source project, Drupal Test Traits (DTT). DTT enables you to run PHPUnit tests against your Drupal web site, without wiping your database after each test class. That is, you test with your usual content-filled database, not an empty one.

02-02 How to deploy multi-arch Kubernetes cluster using Kubespray

I recently bought 3 ODROID-HC1 devices to add a dedicated storage cluster to my home Kubernetes. I thought that it’s a good excuse to spend some time redeploying the cluster. Usually, I would’ve gone with CoreOS, since I’m a big fan of their immutable OS.

2019 January

01-30 Little Things I Like to Do with Git

The shortlog gives us summaries of git log; the -s flag will suppress commit description and provide a commit count summary only, and the -n flag will sort output according to the number of commits per author instead of author alphabetic order.

01-24 PagerDuty Security Training

We run two internal employee security training courses at PagerDuty; one for everyone covering a variety of general security topics relevant to all employees, and one for engineers covering more technical security concepts relevant to those in our engineering department.

01-21 How-to deploy Drupal interface translations

At LimoenGroen we build mostly Dutch websites and sometimes multilingual sites. We therefore need a solid and developer friendly solution to deploy interface translations.

01-18 Entreprise.data.gouv.fr

Informations sur les entreprises en opendata

01-15 On Infrastructure at Scale: A Cascading Failure of Distributed Systems

At Target, we run a heterogeneous infrastructure in our datacenters (and many other places), where we have multiple different backend hosting infrastructure for workloads.

01-14 The Life of a GitHub Action

I thought it might be fun to write a blog post on “The Life of a GitHub Action.” When you go through orientation at Google they walk you through “The Life of a Query” and it was one of my favorite things. So I am re-applying the same for a GitHub Action.

01-14 101 Bash Commands and Tips for Beginners to Experts

Big news in open source/cloud. IBM will acquire open-source cloud software com…

01-08 mkcert: valid HTTPS certificates for localhost

The web is moving to HTTPS, preventing network attackers from observing or injecting page contents.

01-07 Innersource: A Guide to the What, Why, and How

In recent years innersource is a term that has cropped up more and more. As with all new things in technology, there has been a healthy mix of interest and suspicion around what exactly innersource is (and what it isn’t).

01-06 Teleport becomes the universal gateway for SSH and Kubernetes with v3.0

Today we are bumping the major version number of Gravitational Teleport to 3.0 and for good reason. One of our beta testing customers said it best: This is too easy, now I can now authenticate once and access both my Kubernetes clusters [via kubectl] and the underlying servers [via SSH]!

01-04 Adding CVE scanning to a CI/CD pipeline

A Docker image contains an application and all its dependencies. As it also contains the numerous binaries and librairies of an OS, it’s important to make sure no vulnerabilities exist in its root filesystem, or at least no critical or major ones.

01-04 Bitnami Kubernetes Production Runtime 1.1

At Bitnami we have been working on the Bitnami Kubernetes Production Runtime, a curated collection of services needed to deploy on top of your Kubernetes cluster (currently supporting GKE and AKS) to enable logging, monitoring and certificate and DNS management.

01-04 From Jenkins to Jenkins X

At dailymotion, we strongly believe in devops best practices, and are heavily investing in Kubernetes. Part of our products are already deployed on Kubernetes, but not all of them.

01-01 Persistent Data for StatefulSets with Containership.io Kubernetes on DigitalOcean

01-01 How we supercharge Continuous Integration (CI) tools at Viki!

Some time ago, my colleague and manager of our platform team at Viki, Omkiran, started a company-wide conversation on re-hauling most of our entire infrastructure.

2018 December

12-25 Building Scalable Analytics with AWS — Part I

Disclaimer: I'm taking into account that you more or less know many of the AWS concepts in EMR, IAM, S3; together with what is Zeppelin and Spark. How to start with a project involving big data at your enterprise?

12-24 Embracing failures and cutting infrastructure costs: Spot instances in Kubernetes

The last decades have seen a global shift from on-premise data centres to the provisioning of Virtual Machines (VMs) from mainstream cloud providers such as Amazon Web Services, Azure, Google Cloud Platform. In this article, we will explore the different pricing models of a typical cloud provider.

12-24 Using Service Objects in Go

Service Objects is a highly usable pattern in Ruby on Rails that gives the ability to keep controllers skinny, models clean and remove domain logic from both.

12-22 You’re Missing Out on a Better Mac Terminal Experience

You’re Missing Out on a Better Mac Terminal Experience. Mac command line apps, plugins, tweaks, and tips to make your terminal exactly what you want it to be: functional, minimal, aesthetic, or…

12-22 ko: fast Kubernetes microservice development in Go

Over the past few years, there has been a lot of hype about containers. Docker, Kubernetes and related technology have taken the public cloud by storm (pun intended). At the same time, it seems, as software projects grow increasingly more complex, so too does the development process.

12-21 Be KinD to yourself

It was the day before KubeCon Seattle 2018 and we were all sitting in a huge conference hall spanning three rooms. There was barely room to move and then a series of lightning talks began including one from a friend of mine named Marko Mudnić.

12-20 Advanced command execution in Go with os/exec

Go has excellent support for executing external programs. Let’s start at the beginning. Here’s the simplest way to run ls -lah and capture its combined stdout/stderr.

12-20 Agile Isn’t New, It’s Just Common Sense Rebranded

Many people believe Agile to just be ‘the latest management fad’. Very often they scoff at the idea of becoming Agile because ‘something else will come along soon and replace it’.

12-18 The Unrecognized Platform

It has been almost 3 years since I started working with OpenShift/k8s and a bit more than that with what we call now Linux Containers. During this period I’ve helped Customers from many different industries to move their application workloads to OpenShift.

12-16 Core Rule Set Docker Image

The Core Rule Set is installed in just four steps, as described in the Installation Guide. Now, it’s even easier using the CRS Docker container. The effort to start the CRS in front of an application is reduced to a few seconds and only one command.