Back to maintenance operations: #GitOps isn’t just for CI/CD or deployments—it’s also a robust framework for reliable maintenance tasks, especially one-off, long-running operations.

#devops #infra

Boring reminder: If an alert isn’t actionable, it shouldn’t exist. Alerts are for action, not noise.

#devops #infra #observability

The beauty of microservices and containerization: Language barriers have faded. Develop in Python, deploy in Go, connect via gRPC or REST - mix and match as needed. No more rewriting everything in Java just because the stack started that way!

Captain Obvious strikes again: when setting up blackbox_exporter to monitor your endpoints, host it on a separate server/cloud. Not on the same cluster you're going to monitor. A downed blackbox_exporter doesn’t export much 😄

#devops #infra #prometheus

#Terraform lets you keep modules in the same repo as your code, which is great for getting started. But as your deployment logic grows, consider moving modules to a separate repo.
This brings major benefits: better version control and easier QA/testing for module changes.

#devops #infra

When planning a new service that handles customer data, and if maintenance procedures are required, always ask: how can this operation be safeguarded? How will we observe progress? How will we handle failures?

Design maintenance operations to be safe by default.

#DevOps #SRE #DataSafety

Reminder: never write a single line of customer-facing code without a clear business requirement or at least acknowledgment—no matter how small or quick the change.

If it’s customer-facing, it must be acknowledged by those selling the software or other key stakeholders. Don’t bypass the lifecycle; it exists for a reason.

#SDLC #engineering

Think about it: to augment human knowledge with #LLM, you still need human expertise to identify and correct mistakes and hallucinations.

Ironic.

Spent some time with #FoundationDB over the weekend. It’s a powerful tech, but has some rough edges for devs:
1. No support for Linux/amd64 Docker on Apple M-series.
2. Lacks native drivers for Golang and Java.
3. Docs miss some core basics.

That said, once you dive in on a real Linux machine, FoundationDB shines!

HAPPY 15th BIRTHDAY GO!

Go (#golang) turns 15. Always a pleasure to use this language in my projects!

https://go.dev/blog/15years

#software #development #go

Avoid spamming repeated alerts for the same event - alerts should be one-time, actionable notifications. Repeating them adds little value and just clutters the team’s workflow.

Do yourself a favor and set up Alertmanager/Opsgenie properly.

#devops

Secrets management via #SOPS and HashiCorp #Vault:
1. Store secrets in a Git repository as SOPS-encrypted files.
2. #Terraform gains read access to secrets during provisioning, e.g., via Google KMS.
3. #Terraform uses the vault_kv_secret_v2 module to inject secrets into Vault.
4. Applications consume secrets directly from Vault or through Kubernetes integration.

This approach separates long-term and runtime secrets storage, enhancing #security and flexibility.

By now, we all know #Golang Viper (https://github.com/spf13/viper) is amazing right out of the box.

Right.

But it gets even better with its option to integrate directly with HashiCorp Vault - for those who hate storing credentials and configs in environment variables or mounts 😄

Captain Obvious strikes again: assess the expenses associated with any cloud service _before_ you start implementation. Even a bit of napkin math is better than a surprise bill.

#cloud #engineering #SDLC

@ajgeiss0702 yea that’s clear, but that makes me wonder - why I can’t use a regular mail client, without the proton bridge 🙃

I’m wondering, what’s the point of #proton mail e2e encryption if, at the end, the same SMTP is used to communicate with people using external servers?

#FunFact: Meta has decided that our posting on them violating the GDPR would violate their "community standards" and deleted it several times on http://facebook.com..

@fumnanya @requiem but Spark uses a subscription model... ☹️

God will never give you more than you can handle, unless you were born in the wrong place or don't have money. That makes God super mad.

Microsoft has confirmed that Windows 11 users will not be able to uninstall the controversial “Recall” feature, despite earlier reports suggesting otherwise. Recall, part of the Copilot+ suite announced in May, automatically captures screenshots of user activity on the operating system including sensitive information such as passwords or financial data https://digitalmarketreports.com/news/25091/microsoft-recall-feature-on-windows-11-not-removable-after-all/ Do yourself a favor and get rid of Windows from your life—enough of these greedy companies. #privacy #security