Redpill me on Kubernetes.

Home Forums History Redpill me on Kubernetes.

Viewing 19 reply threads
  • Author
    Posts
    • #186516
      Anonymous
      Guest

      Redpill me on Kubernetes.

    • #186517
      Anonymous
      Guest

      Let’s say you’re not NEET and work for or own a company that has a modern software stack that is composed of tens if not hundreds or thousands of services.

      You quickly realize that managing such a fleet of servers gets out of hand fast. You also recognize that the container deployment model is far superior to patching servers.
      Enter Kubernetes.

      It’s a dynamically programmable infrastructure control plane. You applications don’t have to merely run on the underlying infrastructure, they can actually communicate with it and mutate it within the confines of policy that you declare. This makes it so, among other things, your applications can serve themselves more compute, storage, memory and even request backing services to boot.

      The operational complexity that kubernetes brings on is significant at first however but once you overcome the learning curve the benefits greatly outweigh the costs.

      It enables software delivery teams to deliver software in a vertically integrated fashion, owning not just the development but also the deployment and operations.

      But wait there’s more

      • #186518
        Anonymous
        Guest

        this. it’s literally the greatest software to happen to devops/operations in ever. it’s ultra powerful in scaling. neets HATE kubernetes because, well, they are unemployed and stupid. anyone who says kubernetes is stupid is found out. the recoil in pain.

      • #186519
        Anonymous
        Guest

        >Let’s say you’re not NEET
        Stop reading there.
        Anyone else?

      • #186521
        Anonymous
        Guest

        Enter the Service Mesh
        I’ll be using istio for this example.

        Istio is like NGINX bonked Haproxy and Kubernetes in a weird software threeway.

        It’s a control plane for Envoy, a reverse proxy initially made by Lyft.

        Istio deploys Envoy in front of each running service (a service is like a part of your application) to form a service mesh.
        This is called the sidecar pattern.

        Once you have a service mesh you get service discovery and a lot of other things for free that would normally take a lot of manual configuration to setup yourself.

        For example, lets say you have waifu.cluster.example.com and that needs to talk to senpai.cluster.example.com. Istio makes these services known to eachother and establishes a mutual TLS connection between the two. So that way prying eyes can’t see the traffic you’re sending in the cluster. What’s more is istio can extend to multiple clusters. So you can have one service on one cluster and another service in another cluster in another geographic region and the connection is guaranteed to be transmitted over a cryptographically secure connection. Applications outside of the service mesh cannot talk to applications inside of the service mesh unless you explicitly allow them to. This lets you implement an application architecture that employs zero trust and defense in depth. So if one of your services gets popped, the attacker has to control the application process and even then only gets access to connections that that service connects to. So in essense lets say you had an admin service, an attacker who popped you waifu box couldn’t just make calls to the admin service once they’re inside your network.

        But wait there’s more

        • #186522
          Anonymous
          Guest

          Let’s now say that you’re a programmer. You write enterprise software every day (enterprise software is like the scripts you write to brag in the daily programming thread but they actually have value). You quickly realize that "jesus freaking christ on a pickle, how many times to I have to write authorization policy if I do this again I’m going to go columbine". So you sit there and go, wait I have a service mesh. Since the service mesh is standard, and enterprise software more or less does the same things regardless of the company you’re at, someone has already written some software you can just plug into the mesh.

          Enter Open Policy Agent

          OPA is a policy woke af controller for cloud native environments. Which is just fancy pants talk for it handles the authorization enforcement logic you really don’t want to write for the freaking thousandth time. Its written in go (a woke af programming language) (which I don’t like but that’s personal preference). It has this language runtime it uses that’s simple and works on the requests given to it from Istio. So you can just put OPA in front of your services as a sidecard and then write some authorization logic to allow or deny the request before it ever even hits your service. The policy language is called rego, and it’s so simple you can offload the work of writing and maintaining the logic to the business team. So every time they want to change some bullshit like ‘users of this type can’t view users of this other types porn collection’, they can just freaking write the rule themselves push it and see what happens. Whats more is that now since you’ve shifted the work left into the business unit, if they royally fuck something up… it’s not your fault anymore and you get to keep watching anime on the companies dime since you’re doing less work since you had to write less code.

          • #186524
            Anonymous
            Guest

            Now let’s pretend your a programmer again.

            this. it’s literally the greatest software to happen to devops/operations in ever. it’s ultra powerful in scaling. neets HATE kubernetes because, well, they are unemployed and stupid. anyone who says kubernetes is stupid is found out. the recoil in pain.

            This guy knows whats up.

            works on their machines

            This guy also might know.

            As a programmer you just want to freaking write code to ship features and begrudgingly fix bugs. You don’t really give a rats ass about how your software gets distributed or how its used. You embody Kendrick Lamar when he says "I don’t smoke crack motherfucker I sell it". But see you used to have all these teams in the way, which is nice to a point. But these teams get pissed off at you because you write shitty documentation. So instead of communicating with other humans you can now directly specify how the runtime requirements of your code. This makes the operations team super easy (you get paid more than them so that should be the case) it also makes the devops guys life easier because you’re helping him do his job better. So as a programmer you write a thing called a deployment, which is a deployment of your software, combine that with a service, which is how to outside world ie: other teams know how to talk to your software. You track all this configuration declaratively alongside your code in your version control system and it’ll work on your machine (if you’re running podman or minikube or kind or somehting) and it’ll also run in staging and production. The best part is, if it doesn’t work in one of those environments it’s someone elses fault, since they probably didn’t provide the correct configuration that you specified in your code. Whats more is the configuration is all in yaml. Say what you will about yaml but it is very human readable. So the code you write to deploy your software is actually kind of like its documentation.

            • #186525
              Anonymous
              Guest

              Let’s now say that you’re a programmer. You write enterprise software every day (enterprise software is like the scripts you write to brag in the daily programming thread but they actually have value). You quickly realize that "jesus freaking christ on a pickle, how many times to I have to write authorization policy if I do this again I’m going to go columbine". So you sit there and go, wait I have a service mesh. Since the service mesh is standard, and enterprise software more or less does the same things regardless of the company you’re at, someone has already written some software you can just plug into the mesh.

              Enter Open Policy Agent

              OPA is a policy woke af controller for cloud native environments. Which is just fancy pants talk for it handles the authorization enforcement logic you really don’t want to write for the freaking thousandth time. Its written in go (a woke af programming language) (which I don’t like but that’s personal preference). It has this language runtime it uses that’s simple and works on the requests given to it from Istio. So you can just put OPA in front of your services as a sidecard and then write some authorization logic to allow or deny the request before it ever even hits your service. The policy language is called rego, and it’s so simple you can offload the work of writing and maintaining the logic to the business team. So every time they want to change some bullshit like ‘users of this type can’t view users of this other types porn collection’, they can just freaking write the rule themselves push it and see what happens. Whats more is that now since you’ve shifted the work left into the business unit, if they royally fuck something up… it’s not your fault anymore and you get to keep watching anime on the companies dime since you’re doing less work since you had to write less code.

              Enter the Service Mesh
              I’ll be using istio for this example.

              Istio is like NGINX bonked Haproxy and Kubernetes in a weird software threeway.

              It’s a control plane for Envoy, a reverse proxy initially made by Lyft.

              Istio deploys Envoy in front of each running service (a service is like a part of your application) to form a service mesh.
              This is called the sidecar pattern.

              Once you have a service mesh you get service discovery and a lot of other things for free that would normally take a lot of manual configuration to setup yourself.

              For example, lets say you have waifu.cluster.example.com and that needs to talk to senpai.cluster.example.com. Istio makes these services known to eachother and establishes a mutual TLS connection between the two. So that way prying eyes can’t see the traffic you’re sending in the cluster. What’s more is istio can extend to multiple clusters. So you can have one service on one cluster and another service in another cluster in another geographic region and the connection is guaranteed to be transmitted over a cryptographically secure connection. Applications outside of the service mesh cannot talk to applications inside of the service mesh unless you explicitly allow them to. This lets you implement an application architecture that employs zero trust and defense in depth. So if one of your services gets popped, the attacker has to control the application process and even then only gets access to connections that that service connects to. So in essense lets say you had an admin service, an attacker who popped you waifu box couldn’t just make calls to the admin service once they’re inside your network.

              But wait there’s more

              Let’s say you’re not NEET and work for or own a company that has a modern software stack that is composed of tens if not hundreds or thousands of services.

              You quickly realize that managing such a fleet of servers gets out of hand fast. You also recognize that the container deployment model is far superior to patching servers.
              Enter Kubernetes.

              It’s a dynamically programmable infrastructure control plane. You applications don’t have to merely run on the underlying infrastructure, they can actually communicate with it and mutate it within the confines of policy that you declare. This makes it so, among other things, your applications can serve themselves more compute, storage, memory and even request backing services to boot.

              The operational complexity that kubernetes brings on is significant at first however but once you overcome the learning curve the benefits greatly outweigh the costs.

              It enables software delivery teams to deliver software in a vertically integrated fashion, owning not just the development but also the deployment and operations.

              But wait there’s more

              Woke af knowledgeable anon.
              May I ask: How is DevOps as a profession? I’m a CS student in the last year, and I’ve realised some time ago I don’t want to write software for a living and I think the whole infrastructure thing is more interesting.

              • #186526
                Anonymous
                Guest

                >How is DevOps as a profession
                after being in the business for 15 years I do almost nothing, am fully remote, and make over 200k, it’s smooth sailing at this point, devops has the power, knowledge, and visibility that other groups just don’t. do it but only if you enjoy it. writing software is literally for monkeys, but devops are plumbers. but i think devops is a good career to have, and it’s always in demand and only getting more in demand still. it’s automation automation automation. devops is necessary, neets are scrotebrained and think devops is a bad word. they are stupid and unemployed, and will always be poor stupid losers

                • #186537
                  Anonymous
                  Guest

                  I have less than half the industry experience of you but yeah, I’ve come to feel the same way. Early in my career I kept thinking that I want to eventually transition to becoming a developer, but setting up a nice infra, automation, pipelines, and such is super satisfying.
                  Also in my current role they gave me the power to drag developers into meetings and bully them into leaving behind legacy tech and move onto the platforms that our team in building.

                  I don’t have enough experience yet to ask for a very high amount, but planning to move countries once the china flu restrictions completely stop, so I actually have access to western pay levels. But even so, my current place is really low stress and comes with an extremely neat and exclusive perk thanks to the industry so not complaining.

              • #186532
                Anonymous
                Guest

                Well it depends on where you work. I work at a startup so the culture is very progressive and we have a really zen workflow. I have friends from uni that went on the work as Software Engineer 1s at FAANG companies, DevOps at Fortune 500s and SecOps at banks. They all hate their freaking lives and say what they do is super boring. But they do make way more money out of the gate. So if that tells you anything about the alternatives I guess it’s that the trade-off is significant.

                DevOps is a new field that kind of came about and formalized in the last 5 years. So as such the experience varies from place to place form what I’ve seen. I personally wouldn’t want to do so much of the Ops side of Dev ops as the DevOps Dev part. To get an idea of what more junior people in the wrong organizations get up to I’d recommend subscribing to /r/devops and just reading the complaints everyone has.

                >How is DevOps as a profession
                after being in the business for 15 years I do almost nothing, am fully remote, and make over 200k, it’s smooth sailing at this point, devops has the power, knowledge, and visibility that other groups just don’t. do it but only if you enjoy it. writing software is literally for monkeys, but devops are plumbers. but i think devops is a good career to have, and it’s always in demand and only getting more in demand still. it’s automation automation automation. devops is necessary, neets are scrotebrained and think devops is a bad word. they are stupid and unemployed, and will always be poor stupid losers

                I agree with him.

                Most SWE1 & 2 are going to just be writing cookie cutter code on some asinine backend that no one gives a fuck about. I find that soul crushing. Devops is marginally more fun than that because you get to have an intimate knowledge of the whole tech stack and you get a lot more responsibility as such.

                The times are changing though. There’s thing industry term called push left where we well, push left. Where left is the development side and right is the operations side of the spectrum. With all the information security risk in the world right now DevOps is becoming DevSecOps. Which I think is the new hostness and is what I’m trying to get into. It’s essentially being an Application Security Engineer and a Developer Operations Practitioner all rolled into one. I have mad ADHD so wearing more hats sounds appealing.

                It’s definitely a good career choice with a lot of room for vertical mobility and a fat paycheck out of the gate with good quality of life balance. If you do your job right you’ll be on call less.

                • #186556
                  Anonymous
                  Guest

                  Subscribe to a Reddit thing
                  Fuck off

                  • #186563
                    Anonymous
                    Guest

                    hur dur reddit bad I only use autistic image boards because I’m so cool with my no friends and anime waifus.

                    The Reddit userbase is 1000x the size of all of LULZ combined. So yes, if you want to see what life is like from a valid sample size you would go to reddit and see what normal people actually think of their jobs.

                    I could have also said Hackernews.

                    Real people that do real meaningful things for society exist outside of your little bubble. Does that make you feel small little man

                    • #186566
                      Anonymous
                      Guest

                      >more people use it so it must be better
                      The UI is trash and the "Community" is completely full of scrotebrains trying to stack "internet points". So hivemind "filter bubble" garbage gets forced to the top. I could get better and more informative conversations from discord chat rooms. At least on these scrotebrained cartoon boards I can talk to people with opinions who differ from mine.

                      Y cuminator is another terrible community full of elitist snobs. Not worth telling them anything – they already know everything.

                    • #186572
                      Anonymous
                      Guest

                      Why don’t you fuck off then? Seriously, what’s the point of coming to LULZ and complaining that it isn’t HN/Reddit?
                      >So yes, if you want to see what life is like from a valid sample size you would go to reddit and see what normal people actually think of their jobs.
                      Reddit is nowhere near a representation of real life and you are delusional to think otherwise.

                • #186558
                  Anonymous
                  Guest

                  Dev ops is freaking gay, and you WILL be doing boring work with scrotebrainS most of the time.

                  Reminder: you are not “DEVOPS” if you can’t invert a binary tree. You are not “devops” if you can’t can’t forcefully unload a stuck file descriptor from a running process, you’re NOT DEVOPS.

                  99% of “devops” CANNOT DO BOTH and are Reddit scrotebrain sysadmins who learned python. That will be your coworkers. Save yourself the day to day agony and just be a SWE.

                  • #186559
                    Anonymous
                    Guest

                    >SWE
                    enkoy getting blocked in your project by 3 months by the devops team

                  • #186560
                    Anonymous
                    Guest

                    >you are not “DEVOPS” if you can’t invert a binary tree.
                    hmmm didn’t think Jenkins and Terraform had binary trees.
                    >If you can’t can’t forcefully unload a stuck file descriptor from a running process
                    Why would I EVER need to do this? because you scrotegy devs have shit code?
                    I have replicas so I’ll just kill the shit then file a jira ticket and cc your manager pajeet.

              • #186540
                Anonymous
                Guest

                It’s half container orchestration, half server automation as a TL;DR. If your (dev)ops team is slim, I’d suggest not dealing with kubernetes unless you’re on GKE or EKS.

                I mean, it’s really so nebulous at this point as to what it actually means outside of "software dev ++"

                I’ve worked under the devops title at 4~5 different places ranging from bloomberg to various startups and my responsibilities vary from "infrastructure uptime specialist" to "principal software architect".

                >How is DevOps as a profession
                after being in the business for 15 years I do almost nothing, am fully remote, and make over 200k, it’s smooth sailing at this point, devops has the power, knowledge, and visibility that other groups just don’t. do it but only if you enjoy it. writing software is literally for monkeys, but devops are plumbers. but i think devops is a good career to have, and it’s always in demand and only getting more in demand still. it’s automation automation automation. devops is necessary, neets are scrotebrained and think devops is a bad word. they are stupid and unemployed, and will always be poor stupid losers

                Pretty much this, and I feel automation gets a bad rap for being "advanced bash scripting", but I’ve built my own internal services, built my own terraform providers, etc.

            • #186528
              Anonymous
              Guest

              So say I have a classic 3 tier architecture (load balancer, monolithic app server(s), db server). How hard is it to switch to kubernetes and and a services woke af architecture? Do I need a background in distributed computing?

              • #186544
                Anonymous
                Guest

                Super easy

                No background in distributed computing necessary.
                There are bootcamp scrotebrains that get hired as FTE DevOps
                engineers after a couple months of learning.
                Anyone with half a brain can do it.

                There are books on this, I recomend OReilly.
                But the best practices approach (in summary) is:

                Containerize the monolith
                Setup CICD to deploy the monolith as is
                Treat K8s deployments as if it was just another method of hosting VMS. (no horizontal scaling etc)
                Deploy your databases outside the cluster at first.
                Use something like Istio such that you can swap out traffic to the databases in your data layer.
                You have the option of containerizing your current loadbalancer and then moving it to a kubernetes ingress
                (eg. if you’re using NGINX you can have an NGINX service that routes traffic to your application and just run NGINX in K8s)
                Then port the load balancer configuration to a mixture of kubernetes ingress + istio traffic config.

                So the first checkpoint is | we’ve deployed the application in K8s|

                Then you want to modernize the monolith.
                Your goal is to make a modular monolith split on business domain boundaries
                Once it’s modularized you can define the service domain splits, so one module goes from IPC to RPC over the network in the cluster.
                You keep modularizing and using the strangler pattern to move away from the monolith over time.
                There’s a really great conference talk about how Reddit did this [1]

                So now you’ve effectively got a micro-services architecture

                The happy path is
                Monolith -> Modular Monolith -> Service Oriented Architecture ->
                |cloud native divide|
                Micro-services -> Event Driven Micro Services -> Event Driven Serverless

                The really cool part about going all the way to Evented Server-less is that the only thing that needs to stay up is your message broker and the loadbalancer. The functions only startup when they need to. It also auto-scales with Knative.

                [1] https://www.youtube.com/watch?v=nUcO7n4hek4

            • #186533
              Anonymous
              Guest

              Tha’s some real network swagga right thurr

            • #186625
              Anonymous
              Guest

              Let’s say you’re not NEET and work for or own a company that has a modern software stack that is composed of tens if not hundreds or thousands of services.

              You quickly realize that managing such a fleet of servers gets out of hand fast. You also recognize that the container deployment model is far superior to patching servers.
              Enter Kubernetes.

              It’s a dynamically programmable infrastructure control plane. You applications don’t have to merely run on the underlying infrastructure, they can actually communicate with it and mutate it within the confines of policy that you declare. This makes it so, among other things, your applications can serve themselves more compute, storage, memory and even request backing services to boot.

              The operational complexity that kubernetes brings on is significant at first however but once you overcome the learning curve the benefits greatly outweigh the costs.

              It enables software delivery teams to deliver software in a vertically integrated fashion, owning not just the development but also the deployment and operations.

              But wait there’s more

              I don’t understand the need for kubernetes. Say you’re writing for some application for your systems running on Redhat or Debian or something. Why not just write a proper package and be done with it?
              yum install Product or apt install product is easy.

              • #186627
                Anonymous
                Guest

                dependencies, isolation and scaling

                • #186629
                  Anonymous
                  Guest

                  But package managers already handle dependencies. And running apt or yum is easy to install something.

                  • #186630
                    Anonymous
                    Guest

                    ohh so just make a package for every system and maintain it separately. Yea nothing will go wrong with that idea.

                    • #186632
                      Anonymous
                      Guest

                      >make a package for every system
                      Why would anyone need to do that? Any sensible company that does horizontal scaling will use the same system for running business logic. My company uses like 90 servers across the country. We use RPM packages. My development team writes applications and I package them into yum to be installed on our servers. Installation is as simple as running [yum install product] on the servers since we have sources pointing to our deployment server.

                      • #186635
                        Anonymous
                        Guest

                        Enterprises are not sensible companies

                      • #186638
                        Anonymous
                        Guest

                        I’m talking about maintaining from a dev perspective. There has been a lot of shit flinging between distro maintainers and software vendors because of dependency reasons so the distros are forced to fork upstream which creates its own issues.

                        How the fuck do you put a modern application on a machine that has a frankenstein 3.10 kernel? (protip: you dont).

                        also good luck getting Red Hat, SUSE or Canonical to support your internal application.

                      • #186654
                        Anonymous
                        Guest

                        We’re not contracting RH to support our application. We just need a stable OS.

                      • #186656
                        Anonymous
                        Guest

                        then you’re devs put out a broken application that has hard system dependencies and RedHat releases a patch that breaks the shit out of your system. but since the application had no isolation it takes down everything else on the system.
                        I have no idea why as an Ops Guy you’d EVER want to run your development teams code in a non isolated environment.

                      • #186660
                        Anonymous
                        Guest

                        >then you’re devs put out a broken application that has hard system dependencies and RedHat releases a patch that breaks the shit out of your system.

                        Our servers are behind a firewall that keeps them offline to all but the deployment server. We won’t be updating redhat for a long while and our products don’t have hard system dependencies anyway.

                      • #186665
                        Anonymous
                        Guest

                        >Our servers are behind a firewall that keeps them offline to all but the deployment server.

                        ahh so you host nothing and have no users of the applications. Carry on then

              • #186637
                Anonymous
                Guest

                Also, CI/CD. I’m no dev so someone feel free to scream me down, but the way I’ve seen it work previously is:

                > Programmer fixes bug or some shit
                > Git commits changes to testing branch
                > DevOps system picks up changes
                > Automatically rolls them into container
                > Deploys image and triggers automated fuzzing and tests
                > Programmer or testing team review results and do manual tests
                > On approval changes merged with Master branch
                > DevOps system picks up changes
                > Rolls them into image and deploys seamlessly

                This automates the basic security, testing, deployment and whatever else, you’re essentially taking the need for a sysadmin to sit there apt-getting, uninstalling, reinstalling, changing shit etc on a test server before anyone can progress and give the devs the ability to just make the shit happen as they need it.

                • #186658
                  Anonymous
                  Guest

                  This is actually what we do in my company with the 90 servers across the country. There are quite a few commits that happen from the developers every day. We have jenkins hooked up to automate the yum-building and another job to distribute the remote yum-installs when the development branches get merged into the production branch. There’s no need for manual interfacing with yum or even uninstalling since one of the tests are to ensure that the old products get replaced with the new ones during the yum-install.
                  So again, what’s the point of kubernetes? I don’t see how it can benefit my company much with all of this automated setup.

                  • #186662
                    Anonymous
                    Guest

                    After that it’s zero downtime deployments, rollbacks, load balancing, service discovery
                    It’s a lot of stuff to script yourself but it’s a possible route of course.

                  • #186663
                    Anonymous
                    Guest

                    If you cant see the benefit then you probably dont need it. Kubernetes is not for every application. But it helps with a lot of Operational tasks. such as:

                    Application Isolation – shitty code wont break the system. Containers are separate from the host machine and other applications
                    Desired state – infrastructure and scheduling is done through a GitOps model of IaC.
                    Auto scaling – replicas schedule and deploy woke af on resource needs and availability creating fault tolerance within an application and of course the replicas themselves are predictable and repeatable.

                    There are probably more things I forgot to list but I’m drunk and tired so I dont care.

                  • #186664
                    Anonymous
                    Guest

                    You’d also want automatic scaling up and down to save on costs and handle spikes in traffic.

        • #186529
          Anonymous
          Guest

          Let’s say you’re not NEET and work for or own a company that has a modern software stack that is composed of tens if not hundreds or thousands of services.

          You quickly realize that managing such a fleet of servers gets out of hand fast. You also recognize that the container deployment model is far superior to patching servers.
          Enter Kubernetes.

          It’s a dynamically programmable infrastructure control plane. You applications don’t have to merely run on the underlying infrastructure, they can actually communicate with it and mutate it within the confines of policy that you declare. This makes it so, among other things, your applications can serve themselves more compute, storage, memory and even request backing services to boot.

          The operational complexity that kubernetes brings on is significant at first however but once you overcome the learning curve the benefits greatly outweigh the costs.

          It enables software delivery teams to deliver software in a vertically integrated fashion, owning not just the development but also the deployment and operations.

          But wait there’s more

          Let’s now say that you’re a programmer. You write enterprise software every day (enterprise software is like the scripts you write to brag in the daily programming thread but they actually have value). You quickly realize that "jesus freaking christ on a pickle, how many times to I have to write authorization policy if I do this again I’m going to go columbine". So you sit there and go, wait I have a service mesh. Since the service mesh is standard, and enterprise software more or less does the same things regardless of the company you’re at, someone has already written some software you can just plug into the mesh.

          Enter Open Policy Agent

          OPA is a policy woke af controller for cloud native environments. Which is just fancy pants talk for it handles the authorization enforcement logic you really don’t want to write for the freaking thousandth time. Its written in go (a woke af programming language) (which I don’t like but that’s personal preference). It has this language runtime it uses that’s simple and works on the requests given to it from Istio. So you can just put OPA in front of your services as a sidecard and then write some authorization logic to allow or deny the request before it ever even hits your service. The policy language is called rego, and it’s so simple you can offload the work of writing and maintaining the logic to the business team. So every time they want to change some bullshit like ‘users of this type can’t view users of this other types porn collection’, they can just freaking write the rule themselves push it and see what happens. Whats more is that now since you’ve shifted the work left into the business unit, if they royally fuck something up… it’s not your fault anymore and you get to keep watching anime on the companies dime since you’re doing less work since you had to write less code.

          Now let’s pretend your a programmer again.

          […]
          This guy knows whats up.

          […]
          This guy also might know.

          As a programmer you just want to freaking write code to ship features and begrudgingly fix bugs. You don’t really give a rats ass about how your software gets distributed or how its used. You embody Kendrick Lamar when he says "I don’t smoke crack motherfucker I sell it". But see you used to have all these teams in the way, which is nice to a point. But these teams get pissed off at you because you write shitty documentation. So instead of communicating with other humans you can now directly specify how the runtime requirements of your code. This makes the operations team super easy (you get paid more than them so that should be the case) it also makes the devops guys life easier because you’re helping him do his job better. So as a programmer you write a thing called a deployment, which is a deployment of your software, combine that with a service, which is how to outside world ie: other teams know how to talk to your software. You track all this configuration declaratively alongside your code in your version control system and it’ll work on your machine (if you’re running podman or minikube or kind or somehting) and it’ll also run in staging and production. The best part is, if it doesn’t work in one of those environments it’s someone elses fault, since they probably didn’t provide the correct configuration that you specified in your code. Whats more is the configuration is all in yaml. Say what you will about yaml but it is very human readable. So the code you write to deploy your software is actually kind of like its documentation.

          As a software engineer, I say thanks for explaining. But, also as a software engineer whose company has a dedicated devops team… if I ever start my own company, I am going 100% PaaS and am not even going to think about devops.

          • #186530
            Anonymous
            Guest

            Lots of PaaS competitors now too
            Heroku
            Platform.sh
            Aws Amplify

            Probably like 50+ more out there if you just do a simple search.

          • #186534
            Anonymous
            Guest

            Except theres a lot of inherent business risk in adopting a PAAS and it eats your margins. As someone who operates a company, PAAS is great until you get vendor lock in and Jeff Bezos fucks you 9 ways to Sunday on your AWS bill because you were too lazy to setup and self host an open source message queue or some bullshit like that and just HAD to use sqs

            A rebuttal might be oh I’ll use fargate or Google Cloud Run… Nah son. If you want to do anything beyond the happy path of the PAAS you need invest the time into building your own PAAS, probably on K8s.

            For some simple shit, yeah heroku or whatever is cool but if you want to scale and play in the big leagues wearing your big boy pants sitting at the big boys table you’ll be running K8s.

            • #186546
              Anonymous
              Guest

              I’m ok with that risk. Trying to account for the "maybe we might get 1 billion users" is scrotebrained. Obv, if you are in an existing company and you know what kind of load/problems you will be expecting but most likely you will already have an infra team.

              I just think it’s a bit scrotebrained for most people here who would be happy with earning like $2K a month from their SaaS product they are trying to make lol

              Speaking of SaaS, anyone have any ideas/problems worth tackling? I’d suck dick for an explanation of a problem, some domain knowledge, and an untapped market.

              • #186550
                Anonymous
                Guest

                I agree, K8s is probably not for every project, especially not for V1 of a product unless you need to do things like run workloads for users.

                $2k /m scale is a life style business at best and not a startup. Startups are venture scale. From personal experience the key point of adopting k8s early is the flexibility in deployment models.

                If you’re building B2B SaaS it makes selling the software so much easier if it can be easily deployed in K8s. You other option is shipping a golden ISO and that suuuuuuuucks balls.

                For basic B2C SaaS though, do whatever the fuck it doesn’t matter. There’s not inherent difficulty in building that shit.

                But again, as you grow you’ll get bonked when it comes time for a SOC2 audit and god forbid you close a government contract and then have to get FedRamp certified to run in FedCloud.

                Then having a certified tech stack running on K8s kicks ass because you save months of time and hundreds of thousands of dollars on rework time.

                • #186555
                  Anonymous
                  Guest

                  My idea of a SaaS would be no on-premises hosting at all. Fuck enterprise and b2b – I am not catering to them. Just want to write some SaaS the average Joe / small business can pay for. Having your business at the whims of a big company demanding shit like SSO, RBAC, audit logs, product security, change management, deployment options, integrations, team management, reporting, SLA shit, etc. FUCK ENTERPRISE.

                  >golden ISO
                  LMAO if you think that’s bad, I used to ship an exported VirtualBox virtual machine that people ran on their laptops and you’d reach the software through localhost. Wanna update? Install new virtual machine and lose all your data :^)

                  I was very proud of that one.

                  • #186562
                    Anonymous
                    Guest

                    >FUCK ENTERPRISE.
                    woke af

                    >SWE
                    enkoy getting blocked in your project by 3 months by the devops team

                    lmao ran into this myself. Trying to get some basic headless chrome snapshot testing and I need the freaking devops/infra team to set up the CI shit and they still haven’t.

                    Don’t give a fuck cause I get away with writing zero tests at the moment 🙂

          • #186542
            Anonymous
            Guest

            Amen. Enterprise SW engineer here and our “devOps” is mostly just ops. They made us developers become cloud experts. Coexisting with our devOps has been next to impossible.

            • #186545
              Anonymous
              Guest

              I’m sorry to hear that, company I’m working for I’m spending a lot of time collaborating with our dev team. Most of them aren’t cloud experts, but I try to at least impart some basic knowledge to them. The ideal state is the developer really shouldn’t need to know anything about their infrastructure.

          • #186631
            Anonymous
            Guest

            If you ever actually start your own company, it will be very hard to pass up the slave labor that DevOps provides.

      • #186547
        Anonymous
        Guest

        >It enables software delivery teams to deliver software
        amazing

      • #186575
        Anonymous
        Guest

        Enter the Service Mesh
        I’ll be using istio for this example.

        Istio is like NGINX bonked Haproxy and Kubernetes in a weird software threeway.

        It’s a control plane for Envoy, a reverse proxy initially made by Lyft.

        Istio deploys Envoy in front of each running service (a service is like a part of your application) to form a service mesh.
        This is called the sidecar pattern.

        Once you have a service mesh you get service discovery and a lot of other things for free that would normally take a lot of manual configuration to setup yourself.

        For example, lets say you have waifu.cluster.example.com and that needs to talk to senpai.cluster.example.com. Istio makes these services known to eachother and establishes a mutual TLS connection between the two. So that way prying eyes can’t see the traffic you’re sending in the cluster. What’s more is istio can extend to multiple clusters. So you can have one service on one cluster and another service in another cluster in another geographic region and the connection is guaranteed to be transmitted over a cryptographically secure connection. Applications outside of the service mesh cannot talk to applications inside of the service mesh unless you explicitly allow them to. This lets you implement an application architecture that employs zero trust and defense in depth. So if one of your services gets popped, the attacker has to control the application process and even then only gets access to connections that that service connects to. So in essense lets say you had an admin service, an attacker who popped you waifu box couldn’t just make calls to the admin service once they’re inside your network.

        But wait there’s more

        Let’s now say that you’re a programmer. You write enterprise software every day (enterprise software is like the scripts you write to brag in the daily programming thread but they actually have value). You quickly realize that "jesus freaking christ on a pickle, how many times to I have to write authorization policy if I do this again I’m going to go columbine". So you sit there and go, wait I have a service mesh. Since the service mesh is standard, and enterprise software more or less does the same things regardless of the company you’re at, someone has already written some software you can just plug into the mesh.

        Enter Open Policy Agent

        OPA is a policy woke af controller for cloud native environments. Which is just fancy pants talk for it handles the authorization enforcement logic you really don’t want to write for the freaking thousandth time. Its written in go (a woke af programming language) (which I don’t like but that’s personal preference). It has this language runtime it uses that’s simple and works on the requests given to it from Istio. So you can just put OPA in front of your services as a sidecard and then write some authorization logic to allow or deny the request before it ever even hits your service. The policy language is called rego, and it’s so simple you can offload the work of writing and maintaining the logic to the business team. So every time they want to change some bullshit like ‘users of this type can’t view users of this other types porn collection’, they can just freaking write the rule themselves push it and see what happens. Whats more is that now since you’ve shifted the work left into the business unit, if they royally fuck something up… it’s not your fault anymore and you get to keep watching anime on the companies dime since you’re doing less work since you had to write less code.

        Woke af k8s wizard. I just joined a team that replies HEAVILY on k8s, any recommended resources on getting up to speed? Starting to feel like I’m drowning haha.

        • #186576
          Anonymous
          Guest

          Start studying for your CKA
          even if you dont get the actual cert it will put you miles ahead of other people in your department.

          • #186577
            Anonymous
            Guest

            Thanks, I think I saw a course on Udemy that was geared toward prepping for that. Sounds like you have that cert, did you rely on a course or book? I saw "kubernetes up and running" was recommended on plebbit, any thoughts on that?

            • #186578
              Anonymous
              Guest

              depends on your learning style. They only do videos once a week with the "up and running" thing so in the mean time you could be doing Udemy (used that myself to get started).

              I would say go with both if you can. Knowledge is all about repetition.

              • #186581
                Anonymous
                Guest

                Thanks anon!

      • #186633
        Anonymous
        Guest

        Enter the Service Mesh
        I’ll be using istio for this example.

        Istio is like NGINX bonked Haproxy and Kubernetes in a weird software threeway.

        It’s a control plane for Envoy, a reverse proxy initially made by Lyft.

        Istio deploys Envoy in front of each running service (a service is like a part of your application) to form a service mesh.
        This is called the sidecar pattern.

        Once you have a service mesh you get service discovery and a lot of other things for free that would normally take a lot of manual configuration to setup yourself.

        For example, lets say you have waifu.cluster.example.com and that needs to talk to senpai.cluster.example.com. Istio makes these services known to eachother and establishes a mutual TLS connection between the two. So that way prying eyes can’t see the traffic you’re sending in the cluster. What’s more is istio can extend to multiple clusters. So you can have one service on one cluster and another service in another cluster in another geographic region and the connection is guaranteed to be transmitted over a cryptographically secure connection. Applications outside of the service mesh cannot talk to applications inside of the service mesh unless you explicitly allow them to. This lets you implement an application architecture that employs zero trust and defense in depth. So if one of your services gets popped, the attacker has to control the application process and even then only gets access to connections that that service connects to. So in essense lets say you had an admin service, an attacker who popped you waifu box couldn’t just make calls to the admin service once they’re inside your network.

        But wait there’s more

        Let’s now say that you’re a programmer. You write enterprise software every day (enterprise software is like the scripts you write to brag in the daily programming thread but they actually have value). You quickly realize that "jesus freaking christ on a pickle, how many times to I have to write authorization policy if I do this again I’m going to go columbine". So you sit there and go, wait I have a service mesh. Since the service mesh is standard, and enterprise software more or less does the same things regardless of the company you’re at, someone has already written some software you can just plug into the mesh.

        Enter Open Policy Agent

        OPA is a policy woke af controller for cloud native environments. Which is just fancy pants talk for it handles the authorization enforcement logic you really don’t want to write for the freaking thousandth time. Its written in go (a woke af programming language) (which I don’t like but that’s personal preference). It has this language runtime it uses that’s simple and works on the requests given to it from Istio. So you can just put OPA in front of your services as a sidecard and then write some authorization logic to allow or deny the request before it ever even hits your service. The policy language is called rego, and it’s so simple you can offload the work of writing and maintaining the logic to the business team. So every time they want to change some bullshit like ‘users of this type can’t view users of this other types porn collection’, they can just freaking write the rule themselves push it and see what happens. Whats more is that now since you’ve shifted the work left into the business unit, if they royally fuck something up… it’s not your fault anymore and you get to keep watching anime on the companies dime since you’re doing less work since you had to write less code.

        Okay, but now explain this in a simple way where it’s not broken up into three replies so that I know you actually understand the concept and benefits of container orchestration and are not just regurgitating corporate wordshit from your certs you cheated on.

      • #186674
        Anonymous
        Guest

        what is the best way to start learning this? I am not a devops guy but i am a data scientist and i feel quite handicapped without having knowledge of this stuff.
        i studied statistics, not programming, so plz no bulli.

        • #186675
          Anonymous
          Guest

          Udemy courses and YouTube videos

        • #186676
          Anonymous
          Guest

          Depends what you know already.
          > Buy a second hand server for cheap
          > Install ESXi or similar
          > Learn to create Virtual Machines
          > Learn some Linux
          > Setup a few VMs for running Docker on
          > Learn to make and use Docker containers
          > Learn to use Docker compose for deploying stacks
          > Learn to use Kubernetes to manage the Docker stacks
          > ?????
          > Proft

      • #186677
        Anonymous
        Guest
        • #186679
          Anonymous
          Guest

          thanks for the gold kind strangler.

    • #186520
      Anonymous
      Guest

      works on their machines

    • #186523
      Anonymous
      Guest

      how do i into kubernetes
      i have been trying to expose a http service on an nodeport for 2 hours and i am starting to lose my shit… how does anybody do this
      also the docs are shit and doesn’t actually say what fields there are for each object type. absolute shitshow

      • #186527
        Anonymous
        Guest

        Anonymize and post your config somewhere like a gist or a pastebin I’ll help you debug it.


        You need the following:

        1. A deployment
        – this specifies a container with a port
        2. A service
        – this maps an outside port to your deployment’s container port

        Nodeport is a common pitfall for people playing around with minikube and vanilla kubernetes. It’s not the recommended way to expose services because it sucks ass.

        You’ve been follwing these docs?
        https://kubernetes.io/docs/concepts/services-networking/service/#nodeport


        Highly reccomend taking the time to setup a BIND9 DNS and Haproxy infront of your cluster so you can use the subdomain/loadbalancer feature

        If you’re willing to try something new I promise I won’t disappoint. Try running Open Shift, it’s way more intuitive, the documentation is fantastic, and if you have a legitimate problem, with a Red Hat developer account you can actually get tier 3 support for free.

        Code Ready Containers is the development version, it comes with all the annoying to setup but critical stuff set up out of the box.

        It also has an awesome dashboard UI and these things called operators that just let you run common software from an app-store distribution model (it’s all free as open source)

        https://developers.redhat.com/products/codeready-containers/overview

        • #186531
          Anonymous
          Guest

          i’m trying to expose the boilerplate created from "helm create" externally. tried NodePort but i’m only getting served on one of the node IPs and that just gives me a 404 instead of the NGINX welcome page. port forward with kubectl shows me the page but thats useless.

          • #186536
            Anonymous
            Guest

            Are you running full k8s or minikube?

            • #186539
              Anonymous
              Guest

              k3s with two nodes

              • #186543
                Anonymous
                Guest

                If you run the container locally are you able to access the service? if yes then its an issue with your kubernetes setup
                >kubectl expose pod nginx –type=NodePort –port=80 –name=nginx
                Will create a service name nginx
                >kubetcl get services
                Will show you the ~30000 exposed port on the cluster. 80:30488/TCP or something
                You should be able to access the pod via the node, so <node ip>:30488 or whatever the port is

        • #186554
          Anonymous
          Guest

          Openshit is pajeetware
          Don’t fall for this meme. IBM are the garden gnomes of India. You’ll be writing – only red hat could fuck up Kubernetes.

          • #186561
            Anonymous
            Guest

            iCloud literally has services running on Open Shift. You think Apple is pajeetware.

            You’re just poor.

            • #186564
              Anonymous
              Guest

              >You think Apple is pajeetware
              https://www.h1bdata.org/employers/apple-inc

              Apple is right up Behind Google and IBM. IT’s like they’re competing over who can be the most indian

              • #186567
                Anonymous
                Guest

                That’s interesting. Didn’t know there was a site that tracked that. Thanks for the information.

                I take that in your small minded world it’s a bad thing that a company in the US is getting the best talent in the world. Those same people are taking jobs that you most likely would have dreamed of. The best of the best don’t waste their time with trash like you.

                Judging from that website there’s no way to tell those H1B hires are from India. If you walk on campus I guarantee you that yes they have Indian nationals. They have a moderately diverse assortment of employees because they hire people who can get jobs done. They certainty don’t hire imbeciles that spew hate on anonymous image boards. Go drink some horse de-wormer, pay your respects to the orange man and jack off to your cousin you inbred white trash fuck stick. This is a kubernetes thread, talk about kubernetes and leave bigotry for the 14 year olds on /b/

                That being said, how do outsourced workforces effect the developer operations pipeline. I’d love to hear your thoughts on a constructive topic. I might just learn something

                • #186573
                  Anonymous
                  Guest

                  >They certainty don’t hire imbeciles that spew hate on anonymous image boards. Go drink some horse de-wormer, pay your respects to the orange man and jack off to your cousin you inbred white trash fuck stick. This is a kubernetes thread, talk about kubernetes and leave bigotry for the 14 year olds on /b/
                  Are you mentally ill? Why are you bring up /poo/ in this thread?

    • #186535
      Anonymous
      Guest

      Acording to all this thread kubernetes is the end of IT and DevOps, but if it is how the fuck is there so much demand on devops to put them and do sysadmin work rebooting nodes in clusters?

      • #186538
        Anonymous
        Guest

        A) Most companies are not using k8s
        B) Its an evolution of DevOps

      • #186568
        Anonymous
        Guest

        >but if it is how the fuck is there so much demand on devops to put them and do sysadmin work rebooting nodes in clusters?
        Because DevOps, contrary to how these people sell themselves, is just Linux Cloud System Administration with a heavy focus on deploying "apps" aka websites. Not pooping on the people as they are smart but that is all DevOps is.

        • #186570
          Anonymous
          Guest

          This is correct. Don’t say that too loud though or they’ll be onto us.

    • #186541
      Anonymous
      Guest

      I’ve got some beefy hardware already and 64gb of memory, any thoughts on paying to do labwork in the cloud vs doing it on my own hardware?

    • #186549
      Anonymous
      Guest

      why pay for a few extra senior developers/lead architects and QA staff when one dude with k8s can take what the dev team produces and fix any problems with tape

    • #186579
      Anonymous
      Guest

      unemployedneet, right on time. we all predicted you would show up

    • #186580
      Anonymous
      Guest

      […]

      why are you angry about something you clearly dont understand brianlet?

      • #186584
        Anonymous
        Guest

        Microservices is a lot like communism, after it fails miserably they say "that wasn’t microservices" or "real microservices has not been tried yet", just to get the business to try again and waste more time on them

        […]
        I agree, IBM mainframes are the only way to go.

        nah there’s scalable cloud solutions that exist for monolithic, it’s also a push-button experience which is supposed to be what microservices were for to deploy lots of servers (again psuedo-correct me, curryscrotes) you don’t have to do mainframes

        • #186587
          Anonymous
          Guest

          Kubernetes != MicroServices
          you can deploy monolithic poo code into k8s just fine. Then isolate the fuck out of it because every deployment will take it down (which is to be expected with a monolithic deployment)

          • #186588
            Anonymous
            Guest

            they’re both gay, not interested, and pooping up this thread

    • #186582
      Anonymous
      Guest

      […]

      I agree, IBM mainframes are the only way to go.

    • #186583
      Anonymous
      Guest

      […]

      Hes right, but we wont accept it because we want to get paid,

      A load balancer and 2 servers its all we ever needed

      IaC is more than enough, beyond that microservies just overcomplicates stuff

      • #186585
        Anonymous
        Guest

        >push patch
        >prod is down for 16 hours and your engineering team is pulling all nighters trying to unspegetti the deployment and just get shit back online.
        >never figure out what broke it in the first place
        >make the same mistake again
        nah you’re right old school is the way to go.

        • #186593
          Anonymous
          Guest

          i said IaC with that you just redeploy the previous version chill for 20 and o back to sleep

          old school manual deployments are shit

          • #186596
            Anonymous
            Guest

            sure is fun waiting for terraform to destroy and rebuild infrastructure a fuck ton when your Dev team cant figure out what broke in their code…
            >Go back to sleep
            you wish – you’re gonna spend the entire night doing terraform destroy and terraform builds because your incompetent dev team has a deadline and they’ll keep pushing till something works.

      • #186586
        Anonymous
        Guest

        >push patch
        >prod is down for 16 hours and your engineering team is pulling all nighters trying to unspegetti the deployment and just get shit back online.
        >never figure out what broke it in the first place
        >make the same mistake again
        nah you’re right old school is the way to go.

        The way to getting paid a lot and an easy calm life is not gatekeeping companies or finding ways to fuck shit up to get shitty little billable hours. This is parasitic behavior and the company will just go under. The route to actual power is to complete an app and have it be stable, so the company can make money off of it. You then ask for a percentage. Microservices is all curryscrotes who have been job hopping their entire lives, and basically applied that shitty culture to the job

        • #186589
          Anonymous
          Guest

          >The route to actual power is to complete an app and have it be stable, so the company can make money off of it.

          Oh so that’s how Zuckerberg became so rich then? he asked for a percentage?

          >Microservices is all curryscrotes who have been job hopping their entire lives, and basically applied that shitty culture to the job

          Microservices is just a modern approach to the Unix "Do one thing and do it well" – it’s not new by any means. No sure how you’re getting "shitty culture" out of that. There is a reason companies including Microsoft, Google, Apple and Facebook are all in on Micro-services and it’s not because of "shitty culture" but rather they have real programmers with real problems on both the development and operations side of the fence. They’re not some shit freelance scammer who refuses to support the code after they develop it for the company and get paid.

        • #186611
          Anonymous
          Guest

          > not gatekeeping companies
          > to get shitty little billable hours.
          > This is parasitic behavior and the company will just go under.
          > The route to actual power is
          > who have been job hopping their entire lives

          Ah, you make perfect sense now.

          I was sure you were an elaborate troll before but now it’s pretty clear you’re just some loser freaking Dilbert sysadmin who has been sitting in the same inf for the last decade or more stagnating and relying on having a contrary opinion to sound current (because you think hating something makes it sound like you understand it or some shit).

          Tell us your wisdom regarding Linux vs Mac vs Windows oh learned one!

          • #186613
            Anonymous
            Guest

            >muh contrarian
            Microservices were a knee-jerk response to monoliths though, anti-monolith in nature. I don’t care which horse is winning this race, any attempt to paint enterprise into a more elaborate corner is admirable. Without lots of real potential dirty work the enterprise becomes a place of Mozilla tier chud worship.

      • #186645
        Anonymous
        Guest

        >Hes right, but we wont accept it because we want to get paid,
        Sounds like my entire career so far doing all this enterprise crap

    • #186594
      Anonymous
      Guest

      Reject modernity.
      Return to bash.

    • #186597
      Anonymous
      Guest

      I’ve tried learning kubernetes twice and it’s just too hard. Apparently secrets have to be base64 encrypted, and getting something as simple as a PERSISTENT VOLUME is nightmare tier.

      Sorry, but docker swarm is just easier.

    • #186617
      Anonymous
      Guest

      Every time LULZ has this thread it’s freaking hilarious. If you have workloads that map well to Kubernetes it’s magic and you’ll wonder how you ever lived without it. It’s not for all workloads or all businesses though. If you use it just for the sake of using the buzzword of the week then the extra overhead it adds probably isn’t going to be worth it to you and you’re going to hate it.
      Now cue the braying of that guy calling people curryscrote.

    • #186634
      Anonymous
      Guest

      Can anyone give advice on getting a DevOps career going? I’ve got 2yrs linux sysadmin experience.

      I’m trying to figure out the minimum skillset to become useful as a DevOps engineer and grow into the role.
      So far I’ve picked up:
      > bash, python
      > linux stuff from RHCSA
      > ansible
      > AWS from AWS CCP
      > Self taught docker image creation/management
      > CKAD for kubernetes basics

      Is there any other critical stuff to pick up? I imagine something like jenkins would be next, but any other advice?

      • #186689
        Anonymous
        Guest

        Learning terraform and basic cloud terminology helps a ton as well. If you’re looking for a place that leans heavily into the public cloud and kubernetes I’d suggest learning golang since both kubernetes and terraform are built on it.

        Often times places are looking for someone with SWE experience as well, so you can be a bit more of a developer advocate rather than just an infrastructure guy.

    • #186636
      Anonymous
      Guest

      I like the idea of not taking it up the ass from Jeff Bezos as a result of using proprietary shit services.

      A colleague of mine and I are having a long standing discussion about what it would mean for me/us to convert our AWS setup into K8S. He argues that I would be able to focus more on code. However, for me atleast, code is just one of the means to solve problems. I want to be able to run a piece of software to solve a problem. I’m worried that if I give up control, I won’t be able to just roll something.

      Also managers seem to not understand that having freedom to choose solutions also mean having the responsibility of keeping that software alive.

      Dunno. Still new to all this.

    • #186671
      Anonymous
      Guest

      absolutely lit. Any serious application is bonked without it.

    • #186678
      Anonymous
      Guest

      The shilling in this thread is over the freaking top. From every Kubernetes post I can already tell it is systemd tier garbage at best but scalable systems are arcane enough to where I’m not seeing a ton of counter argument

      looks like I have research to do

      • #186681
        Anonymous
        Guest

        >systemd tier garbage
        opinion discarded. Hating on systemd is done either because
        a) you’re a boomer and don’t realise it’s not 2011 even more
        b) you’re a scrotebrain zoomer and don’t know anything about Linux and are just trying to fit in
        c) you’re a neet typing this from his riced out thinkpad running Artix completely detached from the real world
        d) you are trolling

        • #186682
          Anonymous
          Guest

          Thanks for confirming my suspicions anon. Kubernetes is certified trash

          • #186683
            Anonymous
            Guest

            >Kubernetes is certified trash
            Can you elaborate why exactly? I am excited to read your well thought out arguments as to why this state of the art, well accepted and widely used container orchestration technology is trash.

            • #186684
              Anonymous
              Guest

              Simple, anyone who sucks a framework’s cock like you do is selling snake oil. Begone

              • #186685
                Anonymous
                Guest

                Amazing

              • #186686
                Anonymous
                Guest

                >selling snake oil.
                What exactly is snake oil about Kubernetes?

                • #186692
                  Anonymous
                  Guest

                  nothing, it’s a bait post and you fell for it, he’s a scrotebrain. kubernetes is awesome and there’s nothing he can do about it and it’s going to get him kicked out of tech because he doesn’t know how to automate

              • #186687
                Anonymous
                Guest
    • #186680
      Anonymous
      Guest

      Kubernetes is great, but man the container tech it builds upon is trash in so many ways. You can’t update your things for shit. Every second container pulls in a slightly different version of an entire Ubuntu or Debian or RHEL UBI or Alpine or whatever the fuck distro image, needlessly taking up storage, increasing your patch maintenance burden tenfold and providing great LotL opportunities for any attacker. The freaking overlay graph driver makes the kernel want to kill itself because of 128 layers of shit mounted on top of each other. There has been a relatively clean, much more storage-friendly and much more update-friendly software deployment model that doesn’t even require sandboxing at runtime since about 2006. I wish containers had gone in the direction of Nix instead of the garbage "FROM ubuntu and apt upgrade to unspecified versions, good luck ever recreating this container image kiddo" situation we’re stuck with now.

      • #186691
        Anonymous
        Guest

        >You can’t update your things for shit
        found the scrotebrain who doesn’t understand how to maintain containers LMAO

    • #186688
      Anonymous
      Guest

      […]

      correct. google and FB use a monorepo.

Viewing 19 reply threads
  • You must be logged in to reply to this topic.