Jon brought Nick "Mohclips" into the podcast to talk to us about some of the things he does.
Nick talks about "Gold Images" – and mentions that he’s created images because of issues of provenance. He mentions docker containers holding cryptocurrency miners. We agree that you should check the images you’re downloading are coming from the vendors of those images, as it’s not just on Docker, there are also issues with at least AWS (Amazon Web Services) public AMIs (AWS Machine Image) and Azure public VM images too.
We also discuss CIS (Center for Internet Security) hardening guides and Nick mentions that he uses Ansible to implement the controls. Jon mentions an interview with Jeff Geerling to quote some numbers of Ansible Modules.
We talk a bit about Ansible 3, and Collections which are formally introduced in this release.
We talk about Semantic versioning, and explain about how movements in version numbers should explain why you would move between one major version number and the next, or between a major.minor version number, or between a major.minor.patch version number and the next.
Next Nick talks about ServerSpec, a set of RSpec tests for servers and Jerry suggests that Nick might be talking about Inspec instead. Jerry also mentions Molecule which is similar. Jerry asks whether Nick uses a CI/CD (Continuous Integration and Continuous Delivery or Continuous Deployment) system. Nick explains why he doesn’t.
Jerry talks about Netdata. Stu talks about Pulumi. Jerry talks again about Tinkerbell which was linked to from DevOps Weekly. Stu mentions that Tinkerbell was also mentioned on an Equinix Metal blog post which also covers quite a bit of Pulumi too.
We want to remind our listeners that we have a Telegram channel and email address if you want to contact the hosts. We also have Patreon, if you’re interested in supporting the show. Details can all be found on our Contact Us page.