A well crafted Dockerfile will avoid the need for privileged containers, exposing unnecessary ports, unused packages, leaked credentials, etc., or anything that can be used for an attack. Getting rid of the known risks in advance will help reduce your security management and operational overhead.
I’ve been a manager for many years at companies of different scale. Through these experiences, I’ve done my share of learning, and made some mistakes along that way that were important lessons for me. I want to share those with you.
Introverts generally need time to think and process information before they respond to anything, which can be difficult in a group situation where they’ve not had any context set ahead of time. It can also be difficult if they’re surrounded by extroverts who don’t need that time and start chiming in immediately with ideas.
Want the happiest life? Check the boxes of success and adventure, and do it as early as possible! Then move on to the next set of boxes. She who dies with the most checked boxes wins, right?
This explain really well why I never wanted music to become my job.
I think part of what we’re seeing from the “learning from incidents” community is just a shift in thinking and software to say, “OK, they didn’t do something wrong. Something happened that made sense for them to do what they did,” and kind of allowing for that conversation to happen.
We need to be asking different questions and we need to give more people seats at the table. I’ve been at way too many organizations where the incident was just the [site reliability engineers] in the room. It should have had marketing in the room, it should have had PR in the room, it should have had customer service in the room, it should have had leadership in the room. But it’s thought of as kind of an SRE issue, like SREs have to prepare for any type of situation that gets thrown their way.
The flip side of #hugops is I do think there is responsibility that should be held to the leadership of those companies. We’re empathetic to the engineers that are dealing with the situation they have, but in part that’s because leadership isn’t prioritizing their actions, or resilience and reliability in the same way that they prioritize some of their product efforts.
As my colleague Dr. Richard Cook has said, we shouldn’t be surprised that these systems go down. We should be more surprised that they stay up as often as they do.
Over the years, company merchandise or, as the cool kids call them, swag (which stands for “stuff we all get”), especially from tech companies, has become something of a talking point and even a status symbol in some circles.
I’m happy to buy some cool merch, but please replace all this free conference swag with charity donations.
Being good at telling your manager the right information at the right time and asking for what you need is a superpower. It makes you way more valuable to have on a team (because your manager knows they can trust you to give them the information they need), and it’s more likely that you’ll get what you want (because you’re making it easy for them to do that!).
Remember, ChromeOS is a monolith. iOS is a monolith. Your team is probably much smaller than either of those teams. You simply don’t need to juggle a lot of microservices to get what you want. Architect things the easy way until you’re absolutely forced to do them the hard way. That’s what we do.
Go is not an easy programming language. It is simple in many ways: the syntax is simple, most of the semantics are simple. But a language is more than just syntax; it’s about doing useful stuff. And doing useful stuff is not always easy in Go.