https://www.osmondvanhemert.nl/tags/devops/Recent content in DevOps on Osmond van Hemert — Senior Software Engineer | AI, Security, InfrastructureHugo -- gohugo.ioen© Osmond van Hemert. All rights reserved.Thu, 02 Apr 2026 00:00:00 +0000https://www.osmondvanhemert.nl/posts/260402-google-cloud-next-2026/Thu, 02 Apr 2026 00:00:00 +0000https://www.osmondvanhemert.nl/posts/260402-google-cloud-next-2026/Google Cloud Next 2026 put platform engineering front and center, with new tools for developer experience, Gemini-powered operations, and a maturing GKE ecosystem.https://www.osmondvanhemert.nl/posts/260312-supply-chain-security-slsa-adoption/Thu, 12 Mar 2026 00:00:00 +0000https://www.osmondvanhemert.nl/posts/260312-supply-chain-security-slsa-adoption/Supply chain security frameworks like SLSA and SBOM requirements are moving from recommendations to mandates. Here’s what developers need to know about the shifting landscape.https://www.osmondvanhemert.nl/posts/260226-opentofu-infrastructure-as-code/Thu, 26 Feb 2026 00:00:00 +0000https://www.osmondvanhemert.nl/posts/260226-opentofu-infrastructure-as-code/OpenTofu has matured significantly since its fork from Terraform. Here’s where things stand and what it means for teams managing cloud infrastructure.https://www.osmondvanhemert.nl/posts/260212-cloud-finops-engineering-ownership/Thu, 12 Feb 2026 00:00:00 +0000https://www.osmondvanhemert.nl/posts/260212-cloud-finops-engineering-ownership/FinOps has evolved from a finance initiative to an engineering discipline, and the teams that treat cloud costs as a first-class engineering metric are winning.https://www.osmondvanhemert.nl/posts/251225-platform-engineering-2025-retrospective/Thu, 25 Dec 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/251225-platform-engineering-2025-retrospective/Reflecting on how platform engineering matured in 2025, from internal developer platforms to the evolution of the DevOps toolchain.https://www.osmondvanhemert.nl/posts/251204-opentelemetry-logs-ga-three-pillars/Thu, 04 Dec 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/251204-opentelemetry-logs-ga-three-pillars/OpenTelemetry’s logging API and SDK reaching general availability completes the observability trifecta. Here’s why this matters more than you might think.https://www.osmondvanhemert.nl/posts/251120-aws-reinvent-2025-preview/Thu, 20 Nov 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/251120-aws-reinvent-2025-preview/With re:Invent just around the corner, here’s what matters most for teams building on AWS — and what’s likely just marketing noise.https://www.osmondvanhemert.nl/posts/251113-zero-day-treadmill-patch-tuesday/Thu, 13 Nov 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/251113-zero-day-treadmill-patch-tuesday/November’s Patch Tuesday brought critical zero-days being actively exploited, reminding us that patch management is still the unglamorous foundation of security.https://www.osmondvanhemert.nl/posts/251016-kubernetes-132-platform-maturity/Thu, 16 Oct 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/251016-kubernetes-132-platform-maturity/Kubernetes 1.32 arrives with improvements to sidecar containers, resource management, and the continued push to simplify the platform for operators.https://www.osmondvanhemert.nl/posts/251009-cisa-secure-by-design-traction/Thu, 09 Oct 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/251009-cisa-secure-by-design-traction/CISA’s Secure by Design initiative is moving from voluntary pledges to measurable industry impact, and software vendors are starting to feel the pressure.https://www.osmondvanhemert.nl/posts/250918-slack-price-hike-saas-costs/Thu, 18 Sep 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/250918-slack-price-hike-saas-costs/A viral post about Slack’s massive price increase highlights the growing problem of SaaS cost escalation and what engineering teams can do about it.https://www.osmondvanhemert.nl/posts/250828-bitnami-docker-deletion/Thu, 28 Aug 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/250828-bitnami-docker-deletion/Broadcom’s deletion of Bitnami images from Docker Hub is a wake-up call about depending on container registries you don’t control.https://www.osmondvanhemert.nl/posts/250731-quic-protocol-linux-kernel/Thu, 31 Jul 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/250731-quic-protocol-linux-kernel/The push to bring QUIC protocol support into the Linux kernel marks a significant shift in how we think about transport-layer networking.https://www.osmondvanhemert.nl/posts/250710-opentelemetry-full-maturity/Thu, 10 Jul 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/250710-opentelemetry-full-maturity/With OpenTelemetry’s logging signal reaching GA status, the project now covers all three pillars of observability with stable APIs, fulfilling a long-standing promise to the industry.https://www.osmondvanhemert.nl/posts/250529-opentofu-terraform-fork-maturing/Thu, 29 May 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/250529-opentofu-terraform-fork-maturing/A year and a half after forking from Terraform, OpenTofu is proving that community-driven infrastructure tooling can thrive — but challenges remain.https://www.osmondvanhemert.nl/posts/250508-docker-model-runner-local-ai/Thu, 08 May 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/250508-docker-model-runner-local-ai/Docker’s new Model Runner feature brings local AI model execution into the Docker Desktop workflow, blurring the line between containers and inference.https://www.osmondvanhemert.nl/posts/250501-tech-tariffs-software-supply-chain/Thu, 01 May 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/250501-tech-tariffs-software-supply-chain/New US tariffs on technology imports are sending ripples through hardware supply chains, cloud pricing, and software infrastructure planning.https://www.osmondvanhemert.nl/posts/250424-spring-2025-exploit-wave-fortinet-ivanti/Thu, 24 Apr 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/250424-spring-2025-exploit-wave-fortinet-ivanti/A surge of active exploitation targeting Fortinet and Ivanti edge devices highlights the persistent vulnerability of network perimeter infrastructure.https://www.osmondvanhemert.nl/posts/250327-ingress-nightmare-kubernetes-vulnerability/Thu, 27 Mar 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/250327-ingress-nightmare-kubernetes-vulnerability/CVE-2025-1974 and related vulnerabilities in the Kubernetes ingress-nginx controller allow unauthenticated remote code execution, affecting an estimated 40% of Kubernetes clusters.https://www.osmondvanhemert.nl/posts/250313-github-actions-supply-chain-attack/Thu, 13 Mar 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/250313-github-actions-supply-chain-attack/A compromised GitHub Action exposed secrets from thousands of repositories, highlighting how CI/CD pipelines have become prime targets for supply chain attacks.https://www.osmondvanhemert.nl/posts/250227-kubernetes-container-security-hardening/Thu, 27 Feb 2025 00:00:00 +0000https://www.osmondvanhemert.nl/posts/250227-kubernetes-container-security-hardening/With Kubernetes pushing security features to GA and CISA issuing container hardening guidance, the container ecosystem is growing up on security. Here’s what matters for platform teams.https://www.osmondvanhemert.nl/posts/241128-aws-reinvent-2024-highlights/Thu, 28 Nov 2024 00:00:00 +0000https://www.osmondvanhemert.nl/posts/241128-aws-reinvent-2024-highlights/AWS re:Invent 2024 opens with major announcements around Trainium2 chips, Aurora DSQL, and Amazon’s own Nova AI models. Here’s what’s worth paying attention to.https://www.osmondvanhemert.nl/posts/240718-crowdstrike-global-outage/Thu, 18 Jul 2024 00:00:00 +0000https://www.osmondvanhemert.nl/posts/240718-crowdstrike-global-outage/A faulty CrowdStrike Falcon sensor update has caused one of the largest IT outages in history, bricking millions of Windows machines worldwide.https://www.osmondvanhemert.nl/posts/240704-regresshion-openssh-vulnerability/Thu, 04 Jul 2024 00:00:00 +0000https://www.osmondvanhemert.nl/posts/240704-regresshion-openssh-vulnerability/CVE-2024-6387 reveals a critical remote code execution flaw in OpenSSH, and it’s a regression from a fix made back in 2006.https://www.osmondvanhemert.nl/posts/240425-ibm-hashicorp-acquisition/Thu, 25 Apr 2024 00:00:00 +0000https://www.osmondvanhemert.nl/posts/240425-ibm-hashicorp-acquisition/IBM’s $6.4 billion acquisition of HashiCorp signals a major consolidation in the cloud infrastructure space. Here’s what it means for Terraform users and the broader IaC community.https://www.osmondvanhemert.nl/posts/240411-broadcom-vmware-licensing-shakeup/Thu, 11 Apr 2024 00:00:00 +0000https://www.osmondvanhemert.nl/posts/240411-broadcom-vmware-licensing-shakeup/Broadcom’s aggressive restructuring of VMware’s licensing and product portfolio is forcing organizations to rethink their virtualization strategies.https://www.osmondvanhemert.nl/posts/240125-jenkins-cve-2024-23897-cicd-security/Thu, 25 Jan 2024 00:00:00 +0000https://www.osmondvanhemert.nl/posts/240125-jenkins-cve-2024-23897-cicd-security/A critical Jenkins vulnerability allows arbitrary file reads through the CLI. Here’s why this matters more than your typical CVE and what it reveals about CI/CD security.https://www.osmondvanhemert.nl/posts/240111-opentofu-1-6-terraform-fork-grows-up/Thu, 11 Jan 2024 00:00:00 +0000https://www.osmondvanhemert.nl/posts/240111-opentofu-1-6-terraform-fork-grows-up/OpenTofu hits its first GA release, proving that the open-source fork of Terraform is more than a protest — it’s a viable alternative.https://www.osmondvanhemert.nl/posts/240104-opentofu-open-source-infrastructure/Thu, 04 Jan 2024 00:00:00 +0000https://www.osmondvanhemert.nl/posts/240104-opentofu-open-source-infrastructure/As OpenTofu approaches its first stable release, the HashiCorp license change continues to reshape how we think about open source infrastructure tooling.https://www.osmondvanhemert.nl/posts/231214-kubernetes-129-mandala-release/Thu, 14 Dec 2023 00:00:00 +0000https://www.osmondvanhemert.nl/posts/231214-kubernetes-129-mandala-release/Kubernetes 1.29 ships with native sidecar container support, improved networking, and a continued push toward simplifying cluster operations.https://www.osmondvanhemert.nl/posts/231130-aws-reinvent-2023-amazon-q/Thu, 30 Nov 2023 00:00:00 +0000https://www.osmondvanhemert.nl/posts/231130-aws-reinvent-2023-amazon-q/AWS re:Invent 2023 introduces Amazon Q, Graviton4, and a wave of AI-integrated cloud services that signal where enterprise infrastructure is heading.https://www.osmondvanhemert.nl/posts/231026-opentofu-terraform-fork/Thu, 26 Oct 2023 00:00:00 +0000https://www.osmondvanhemert.nl/posts/231026-opentofu-terraform-fork/OpenTofu, the community fork of Terraform born from HashiCorp’s license change, is rapidly building momentum under the Linux Foundation.https://www.osmondvanhemert.nl/posts/231012-http2-rapid-reset-attack/Thu, 12 Oct 2023 00:00:00 +0000https://www.osmondvanhemert.nl/posts/231012-http2-rapid-reset-attack/CVE-2023-44487 exploits a fundamental aspect of HTTP/2 to enable record-breaking DDoS attacks. Here’s what you need to know and do.https://www.osmondvanhemert.nl/posts/230831-opentofu-terraform-fork-open-source/Thu, 31 Aug 2023 00:00:00 +0000https://www.osmondvanhemert.nl/posts/230831-opentofu-terraform-fork-open-source/HashiCorp’s switch to the Business Source License has triggered a community fork of Terraform called OpenTofu, and the implications for infrastructure-as-code are enormous.https://www.osmondvanhemert.nl/posts/230810-hashicorp-terraform-bsl-license/Thu, 10 Aug 2023 00:00:00 +0000https://www.osmondvanhemert.nl/posts/230810-hashicorp-terraform-bsl-license/HashiCorp’s decision to relicense Terraform and other products under the Business Source License has sent shockwaves through the infrastructure community.https://www.osmondvanhemert.nl/posts/230629-moveit-breach-supply-chain-security/Thu, 29 Jun 2023 00:00:00 +0000https://www.osmondvanhemert.nl/posts/230629-moveit-breach-supply-chain-security/The MOVEit Transfer vulnerability has now impacted hundreds of organizations worldwide — a stark reminder that managed file transfer tools remain critical and under-secured attack surfaces.https://www.osmondvanhemert.nl/posts/230525-microsoft-build-2023-copilot-stack/Thu, 25 May 2023 00:00:00 +0000https://www.osmondvanhemert.nl/posts/230525-microsoft-build-2023-copilot-stack/Microsoft Build 2023 reveals the ‘Copilot Stack’ — a layered architecture that shows how Microsoft plans to embed AI into every developer workflow.https://www.osmondvanhemert.nl/posts/230323-github-copilot-x-ai-powered-developer-experience/Thu, 23 Mar 2023 00:00:00 +0000https://www.osmondvanhemert.nl/posts/230323-github-copilot-x-ai-powered-developer-experience/GitHub announces Copilot X with GPT-4 integration, chat, voice, pull request summaries, and docs — here’s what developers should actually expect.https://www.osmondvanhemert.nl/posts/230309-us-national-cybersecurity-strategy-2023/Thu, 09 Mar 2023 00:00:00 +0000https://www.osmondvanhemert.nl/posts/230309-us-national-cybersecurity-strategy-2023/The Biden administration’s new cybersecurity strategy shifts liability toward software vendors, and developers need to pay attention.https://www.osmondvanhemert.nl/posts/230202-esxiargs-ransomware-vmware-esxi/Thu, 02 Feb 2023 00:00:00 +0000https://www.osmondvanhemert.nl/posts/230202-esxiargs-ransomware-vmware-esxi/A massive ransomware campaign is exploiting a two-year-old VMware ESXi vulnerability, and the scale of unpatched systems is alarming.https://www.osmondvanhemert.nl/posts/230105-circleci-security-incident/Thu, 05 Jan 2023 00:00:00 +0000https://www.osmondvanhemert.nl/posts/230105-circleci-security-incident/CircleCI discloses a security incident and urges all customers to immediately rotate secrets stored in the platform. A reminder of the risks in our CI/CD supply chain.https://www.osmondvanhemert.nl/posts/221208-kubernetes-126-electrifying/Thu, 08 Dec 2022 00:00:00 +0000https://www.osmondvanhemert.nl/posts/221208-kubernetes-126-electrifying/Kubernetes 1.26 ‘Electrifying’ arrives with significant improvements to storage, scheduling, and the ongoing effort to remove legacy code.https://www.osmondvanhemert.nl/posts/221124-aws-reinvent-2022-cloud-opinionated/Thu, 24 Nov 2022 00:00:00 +0000https://www.osmondvanhemert.nl/posts/221124-aws-reinvent-2022-cloud-opinionated/AWS re:Invent 2022 kicks off with a clear message: the cloud giant is moving beyond primitives and toward opinionated, integrated solutions.https://www.osmondvanhemert.nl/posts/221110-github-universe-2022-copilot-business/Thu, 10 Nov 2022 00:00:00 +0000https://www.osmondvanhemert.nl/posts/221110-github-universe-2022-copilot-business/GitHub Universe 2022 puts AI front and center with Copilot for Business, while Codespaces and Actions get meaningful upgrades.https://www.osmondvanhemert.nl/posts/221103-openssl-critical-vulnerability-response/Thu, 03 Nov 2022 00:00:00 +0000https://www.osmondvanhemert.nl/posts/221103-openssl-critical-vulnerability-response/The OpenSSL 3.0.7 patch for CVE-2022-3602 and CVE-2022-3786 arrived this week — here’s what happened and what it teaches us about vulnerability response.https://www.osmondvanhemert.nl/posts/221013-microsoft-ignite-2022-azure/Thu, 13 Oct 2022 00:00:00 +0000https://www.osmondvanhemert.nl/posts/221013-microsoft-ignite-2022-azure/Microsoft Ignite 2022 delivered a wave of Azure updates that signal where enterprise cloud infrastructure is heading next.https://www.osmondvanhemert.nl/posts/221006-cloudflare-r2-storage-wars/Thu, 06 Oct 2022 00:00:00 +0000https://www.osmondvanhemert.nl/posts/221006-cloudflare-r2-storage-wars/Cloudflare R2’s general availability challenges AWS S3’s dominance with zero egress fees and full S3 API compatibility, reshaping the economics of cloud storage.https://www.osmondvanhemert.nl/posts/220915-uber-breach-social-engineering/Thu, 15 Sep 2022 00:00:00 +0000https://www.osmondvanhemert.nl/posts/220915-uber-breach-social-engineering/A teenager allegedly breached Uber’s internal systems through social engineering and MFA fatigue, exposing fundamental weaknesses in how we think about authentication.https://www.osmondvanhemert.nl/posts/220901-heroku-ending-free-tier/Thu, 01 Sep 2022 00:00:00 +0000https://www.osmondvanhemert.nl/posts/220901-heroku-ending-free-tier/Heroku’s decision to eliminate free dynos and databases marks the end of an era. Where do developers go now for easy, free deployment?https://www.osmondvanhemert.nl/posts/220526-broadcom-vmware-acquisition/Thu, 26 May 2022 00:00:00 +0000https://www.osmondvanhemert.nl/posts/220526-broadcom-vmware-acquisition/Broadcom’s proposed $61B acquisition of VMware could reshape the enterprise cloud and virtualization landscape for years to come.https://www.osmondvanhemert.nl/posts/220505-kubernetes-124-dockershim-removal/Thu, 05 May 2022 00:00:00 +0000https://www.osmondvanhemert.nl/posts/220505-kubernetes-124-dockershim-removal/Kubernetes 1.24 finally removes Dockershim, completing the long-telegraphed divorce from Docker as a container runtime.https://www.osmondvanhemert.nl/posts/220127-terraform-1-1-iac-maturity/Thu, 27 Jan 2022 00:00:00 +0000https://www.osmondvanhemert.nl/posts/220127-terraform-1-1-iac-maturity/Terraform 1.1 brings refactoring support and moved/imported blocks, signaling that Infrastructure as Code tooling is growing up.https://www.osmondvanhemert.nl/posts/211216-software-supply-chain-security-after-log4j/Thu, 16 Dec 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/211216-software-supply-chain-security-after-log4j/A week after Log4Shell, the patching chaos continues. But the bigger lesson is about software supply chain security and why we need SBOMs now.https://www.osmondvanhemert.nl/posts/211202-aws-reinvent-2021-cloud-abstractions/Thu, 02 Dec 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/211202-aws-reinvent-2021-cloud-abstractions/AWS re:Invent 2021 delivered a clear message: the cloud is moving toward higher-level abstractions, and developers should pay attention.https://www.osmondvanhemert.nl/posts/211125-aws-reinvent-2021-serverless-evolution/Thu, 25 Nov 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/211125-aws-reinvent-2021-serverless-evolution/AWS re:Invent 2021 is underway in Las Vegas, and the announcements already hint at where cloud infrastructure is headed next.https://www.osmondvanhemert.nl/posts/211118-centos-stream-9-enterprise-linux-shift/Thu, 18 Nov 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/211118-centos-stream-9-enterprise-linux-shift/CentOS Stream 9 has arrived as the successor to both CentOS 8 and the traditional CentOS model — and the enterprise Linux community is still adapting.https://www.osmondvanhemert.nl/posts/211014-gitlab-ipo-open-source-business/Thu, 14 Oct 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/211014-gitlab-ipo-open-source-business/GitLab’s successful IPO this week validates the open-core model and raises important questions about the future of open-source developer tooling.https://www.osmondvanhemert.nl/posts/211007-windows-11-developer-perspective/Thu, 07 Oct 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/211007-windows-11-developer-perspective/Windows 11 launched this week with WSL improvements, a new Microsoft Store, and Android app support coming soon. Here’s what matters for developers.https://www.osmondvanhemert.nl/posts/210930-facebook-bgp-outage-internet-fragility/Thu, 30 Sep 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/210930-facebook-bgp-outage-internet-fragility/Facebook, WhatsApp, and Instagram went down for six hours due to a BGP misconfiguration, exposing how fragile the internet’s routing infrastructure really is.https://www.osmondvanhemert.nl/posts/210902-confluence-rce-cve-2021-26084/Thu, 02 Sep 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/210902-confluence-rce-cve-2021-26084/The critical Confluence Server RCE vulnerability is being actively exploited in the wild, raising urgent questions about the sustainability of self-hosted enterprise software.https://www.osmondvanhemert.nl/posts/210805-kubernetes-1-22-release/Thu, 05 Aug 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/210805-kubernetes-1-22-release/Kubernetes 1.22 drops several long-deprecated beta APIs and graduates key features to stable — a sign the project is maturing and cleaning house.https://www.osmondvanhemert.nl/posts/210729-windows-365-cloud-pc-future/Thu, 29 Jul 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/210729-windows-365-cloud-pc-future/Microsoft announces Windows 365, a full Cloud PC experience — and it might reshape how we think about developer workstations and enterprise IT.https://www.osmondvanhemert.nl/posts/210701-terraform-1-0-infrastructure-as-code-milestone/Thu, 01 Jul 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/210701-terraform-1-0-infrastructure-as-code-milestone/After years of 0.x releases, Terraform hits 1.0 with stability guarantees. What this means for the IaC ecosystem and your existing workflows.https://www.osmondvanhemert.nl/posts/210610-fastly-cdn-outage-single-points-failure/Thu, 10 Jun 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/210610-fastly-cdn-outage-single-points-failure/When a single configuration change at Fastly took down half the internet, it exposed uncomfortable truths about how we build on CDN infrastructure.https://www.osmondvanhemert.nl/posts/210603-gitops-argocd-cncf-incubation/Thu, 03 Jun 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/210603-gitops-argocd-cncf-incubation/With ArgoCD accepted into CNCF incubation and Flux reaching its own milestones, GitOps is transitioning from buzzword to standard practice for Kubernetes deployments.https://www.osmondvanhemert.nl/posts/210527-microsoft-build-2021-developer-platform/Thu, 27 May 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/210527-microsoft-build-2021-developer-platform/Microsoft Build 2021 doubled down on the developer platform strategy with Azure improvements, deeper GitHub integration, and a clearer vision for the cloud-native developer workflow.https://www.osmondvanhemert.nl/posts/210506-colonial-pipeline-ransomware/Thu, 06 May 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/210506-colonial-pipeline-ransomware/The Colonial Pipeline ransomware attack exposes how deeply intertwined our digital infrastructure has become with physical systems we take for granted.https://www.osmondvanhemert.nl/posts/210415-codecov-supply-chain-attack/Thu, 15 Apr 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/210415-codecov-supply-chain-attack/Codecov’s compromised Bash Uploader script exposed CI/CD secrets for thousands of organizations, highlighting a systemic weakness in how we trust third-party tools in our build pipelines.https://www.osmondvanhemert.nl/posts/210408-kubernetes-1-21-release/Thu, 08 Apr 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/210408-kubernetes-1-21-release/Kubernetes 1.21 lands with immutable Secrets and ConfigMaps going stable, CronJobs promoted to GA, and signals that the platform is maturing past its explosive growth phase.https://www.osmondvanhemert.nl/posts/210311-ovhcloud-datacenter-fire/Thu, 11 Mar 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/210311-ovhcloud-datacenter-fire/A catastrophic fire at OVHcloud’s Strasbourg datacenter destroys thousands of servers and raises hard questions about cloud resilience and backup strategies.https://www.osmondvanhemert.nl/posts/210304-microsoft-exchange-hafnium-zero-day/Thu, 04 Mar 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/210304-microsoft-exchange-hafnium-zero-day/Four zero-day vulnerabilities in Microsoft Exchange Server are being actively exploited at scale, and the fallout is only beginning.https://www.osmondvanhemert.nl/posts/210218-texas-grid-cloud-resilience/Thu, 18 Feb 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/210218-texas-grid-cloud-resilience/The Texas power grid failure is knocking out data centers and cloud services, offering hard lessons about infrastructure resilience, multi-region architecture, and the physical realities underlying our digital systems.https://www.osmondvanhemert.nl/posts/210211-solarwinds-supply-chain-security/Thu, 11 Feb 2021 00:00:00 +0000https://www.osmondvanhemert.nl/posts/210211-solarwinds-supply-chain-security/Three months after the SolarWinds breach disclosure, the full scope is still unfolding and the implications for software supply chain security demand fundamental changes in how we build and deploy software.https://www.osmondvanhemert.nl/posts/201224-centos-stream-shift/Thu, 24 Dec 2020 00:00:00 +0000https://www.osmondvanhemert.nl/posts/201224-centos-stream-shift/Red Hat’s decision to shift CentOS from a stable downstream rebuild to a rolling upstream preview has sent shockwaves through the server community.https://www.osmondvanhemert.nl/posts/201217-solarwinds-supply-chain-attack/Thu, 17 Dec 2020 00:00:00 +0000https://www.osmondvanhemert.nl/posts/201217-solarwinds-supply-chain-attack/The SolarWinds supply chain attack is a watershed moment for software security — and it has profound implications for how we build, ship, and trust code.https://www.osmondvanhemert.nl/posts/201029-docker-hub-rate-limiting/Thu, 29 Oct 2020 00:00:00 +0000https://www.osmondvanhemert.nl/posts/201029-docker-hub-rate-limiting/Docker Hub’s new rate limits take effect November 1st. If you haven’t prepared your build pipelines, you’re about to find out the hard way.https://www.osmondvanhemert.nl/posts/201015-hashicorp-waypoint-boundary/Thu, 15 Oct 2020 00:00:00 +0000https://www.osmondvanhemert.nl/posts/201015-hashicorp-waypoint-boundary/HashiCorp announced two new open-source tools at HashiConf Digital — Waypoint for application deployment and Boundary for secure remote access. Here’s why they matter.https://www.osmondvanhemert.nl/posts/200917-github-cli-1-developer-workflow/Thu, 17 Sep 2020 00:00:00 +0000https://www.osmondvanhemert.nl/posts/200917-github-cli-1-developer-workflow/GitHub CLI 1.0 is here, bringing pull requests, issues, and repo management to the terminal. A look at what it means for developer workflows.https://www.osmondvanhemert.nl/posts/200903-kubernetes-119-extensibility/Thu, 03 Sep 2020 00:00:00 +0000https://www.osmondvanhemert.nl/posts/200903-kubernetes-119-extensibility/Kubernetes 1.19 lands with extended support windows, Ingress API improvements, and a clear signal that the platform is maturing fast.https://www.osmondvanhemert.nl/posts/200827-kubernetes-1-19-release/Thu, 27 Aug 2020 00:00:00 +0000https://www.osmondvanhemert.nl/posts/200827-kubernetes-1-19-release/Kubernetes 1.19 arrives with the longest support window yet and a focus on stability features. For production operators, this is the release we’ve been asking for.https://www.osmondvanhemert.nl/posts/200709-terraform-013-module-foreach/Thu, 09 Jul 2020 00:00:00 +0000https://www.osmondvanhemert.nl/posts/200709-terraform-013-module-foreach/Terraform 0.13 brings count and for_each to modules, automatic provider installation, and custom validation rules. A look at what changes in practice.https://www.osmondvanhemert.nl/posts/200611-cicd-pipeline-security-remote-work/Thu, 11 Jun 2020 00:00:00 +0000https://www.osmondvanhemert.nl/posts/200611-cicd-pipeline-security-remote-work/As teams rushed to enable remote development workflows, CI/CD pipelines became a prime target. Here’s what’s going wrong and how to harden your build infrastructure.https://www.osmondvanhemert.nl/posts/200416-github-free-for-teams/Thu, 16 Apr 2020 00:00:00 +0000https://www.osmondvanhemert.nl/posts/200416-github-free-for-teams/GitHub drops pricing barriers for teams, making unlimited private repos and essential collaboration features free for everyone.https://www.osmondvanhemert.nl/posts/200409-infrastructure-as-code-pandemic-scaling/Thu, 09 Apr 2020 00:00:00 +0000https://www.osmondvanhemert.nl/posts/200409-infrastructure-as-code-pandemic-scaling/The sudden shift to remote work has stress-tested Infrastructure as Code practices at unprecedented scale. Here’s what’s working, what’s breaking, and what we should learn.https://www.osmondvanhemert.nl/posts/200305-tech-remote-work-infrastructure/Thu, 05 Mar 2020 00:00:00 +0000https://www.osmondvanhemert.nl/posts/200305-tech-remote-work-infrastructure/As tech companies start mandating work-from-home policies amid growing COVID-19 concerns, the infrastructure supporting remote work faces its biggest test yet.https://www.osmondvanhemert.nl/posts/200220-docker-desktop-new-direction/Thu, 20 Feb 2020 00:00:00 +0000https://www.osmondvanhemert.nl/posts/200220-docker-desktop-new-direction/Three months after selling Docker Enterprise to Mirantis, Docker Inc. is refocusing on developer experience. What does this mean for the container ecosystem?https://www.osmondvanhemert.nl/posts/200116-github-actions-reshaping-ci-cd/Thu, 16 Jan 2020 00:00:00 +0000https://www.osmondvanhemert.nl/posts/200116-github-actions-reshaping-ci-cd/GitHub Actions went generally available in November 2019. Two months in, the migration patterns are becoming clear — and the implications for the CI/CD landscape are significant.