DevOps & SRE notes

In this blogpost the AWS Containers team walks through a real-world scenario, showing how to streamline container deployment pipelines using native AWS tooling and best practices. Readers gain practical guidance on automating builds, scaling workloads, and monitoring production clusters with minimal overhead. https://aws.amazon.com/blogs/containers/16532-2/

This article explains how AWS’s open-source Bottlerocket OS strips away unnecessary components to provide a lean, secure foundation for running containers at scale. It highlights integration benefits with services like EKS and lays out performance, security, and operational gains for cluster operators. https://aws.amazon.com/blogs/containers/benefiting-from-bottlerocket-an-open-source-container-optimized-operating-system/

🐸 a database management tui https://github.com/achristmascarl/rainfrog

Trim 📏 your KUBECONFIG automatically https://github.com/alexellis/kubetrim

In “Using Go Instead of Bash for Scripts,” Krzysztof Kowalczyk showcases how Go programs can supplant traditional shell scripts for running, testing, and deploying applications. This tutorial outlines a single multi-purpose Go command-line tool with flags and helper functions for process execution, file handling, and environment management. https://blog.kowalczyk.info/article/4b1f9201181340099b698246857ea98d/using-go-instead-of-bash-for-scripts.html

AWS Senior Solution Architect Specialist Sébastien Allamand outlines how Amazon VPC Lattice combined with EKS Pod Identity IAM session tags enables secure communication across multiple Kubernetes clusters. This post demonstrates encryption in transit, fine-grained attribute-based access control, and Envoy sidecar proxies to simplify cross-cluster connectivity. https://aws.amazon.com/blogs/containers/secure-cross-cluster-communication-in-eks-with-vpc-lattice-and-pod-identity-iam-session-tags/

simple terminal UI for git commands https://github.com/jesseduffield/lazygit

Logging operator for Kubernetes https://github.com/kube-logging/logging-operator

Recently, I received a message from a recruiter about an open position. We chatted, I sent my CV, and after a week they asked about my desired salary. Then they set a time to sign an NDA before any interview. That was my first warning sign. I read the NDA carefully and found a few red flags worth sharing (my personal view, not legal advice): Very broad definition of “Confidential Information.” The NDA says “Confidential Information” means “any and all information…in whatever form,” including “business plans, forecasts, projections, analyses, compilations, records and other materials” . This could cover even simple chat notes - so you might break the agreement just by asking a normal question. Three‑year term. The NDA stays in force for three years from signing . For a one‑time interview, this long period seems too much. It could stop you from working on similar projects elsewhere for a long time. Foreign jurisdiction. All disputes must go to the DIFC Courts in Dubai under DIFC law . If you disagree, you could face high travel and legal costs to defend yourself there. No warranties on information. The NDA states there are no promises about the accuracy or completeness of the shared information . Yet if you accidentally misuse something, you are fully responsible. Surprise timing of the NDA. The recruiter never mentioned the NDA at the start. It only appeared at a late stage - after salary discussions and interview timing agreement. That “tricky” timing feels like a hidden catch. Always read an NDA line by line. Ask: - “What exactly counts as confidential?” - “Why is the term so long?” - “Am I okay with this jurisdiction?” A few clear questions now can save you big headaches later. Have you ever reviewed an NDA with similar points? What questions did you ask before signing?

KevisAlex’s “Interpreting Terraform Plan Outputs with the Help of an LLM” demystifies how large language models can translate Terraform’s complex plan data into practical insights. This blogpost guides DevOps teams through clear, step-by-step examples to streamline infrastructure as code workflows. https://medium.com/@KevsAlex/interpreting-terraform-plan-outputs-with-the-help-of-an-llm-8f9824c63ecd

Command line csv viewer https://github.com/YS-L/csvlens

kro | Kube Resource Orchestrator https://github.com/kro-run/kro

A blogpost by Rami McCarthy and Daniel Grzelak humorously critiques AWS's inconsistent deletion patterns, highlighting how various services employ different confirmation mechanisms—ranging from typing “delete” to scheduling deletions. They explore how these inconsistencies can lead to accidental deletions and suggest that AWS could benefit from a more standardized approach . https://awssecuritydigest.com/articles/eleventeen-ways-to-delete-an-aws-resource?ck_subscriber_id=2797503477

A guide by Eric Carter unveils how Sysdig’s AI Workload Security for AWS can automatically detect usage of Amazon Bedrock, SageMaker, and Q—identifying real-time risks like unauthorized access, data tampering, and public exposure https://sysdig.com/blog/ai-workload-security-for-aws/?ck_subscriber_id=2797503477

AI powered Kubernetes Assistant https://github.com/GoogleCloudPlatform/kubectl-ai

Meshery, the cloud native manager https://github.com/meshery/meshery

A post by Yorick Peterse provocatively argues that asynchronous I/O—despite its efficiency gains—may be the “next billion‑dollar mistake,” tracing its complexities in both programming models (cooperative vs preemptive) and runtime implementations https://yorickpeterse.com/articles/asynchronous-io-the-next-billion-dollar-mistake/

A writeup on DZone discusses maintaining alignment between two multi-master databases using a vector clock approach—employing asynchronous bi-directional message queues (via Kafka and Avro) and identical alignment algorithms on both sides https://dzone.com/articles/keeping-two-multi-master-dbs-aligned-with-vector-clock

The SQL IDE for Your Terminal. https://github.com/tconbeer/harlequin

Terminal JSON viewer & processor https://github.com/antonmedv/fx