Yeah, I keep my Windows PC purely for League of Legends due to their anti cheat (read rootkit) and it’s a pre-2017 chip, so it’s not Win 11 eligible (which I’ve always counted my blessings for). And also the Spotify web page doesn’t work well for me on Linux. Other than that, I do pretty much everything on my newer Linux machine.

Plus Sized Lobsters

Yes, I think yaml’s biggest strength is also its built-in flaw: its flexibility. Yaml as a data structure is built to be so open-ended that it can be no surprise when every component written in Go and using Yaml as a data structure builds their spec in a slightly different way, even when performing the exact same functions.

That’s why I yearned for something like CUE and was elated to discover it. CUE provides the control that yaml by its very nature cannot enforce. I can create CUE that defines the yaml structure in general so anything my system builds is valid yaml. And I can create a constraint which builds off of that and defines the structure of a valid kubernetes manifest. Then, when I go to define the CUE that builds up a KubeVela app I can base its constraints on those k8s constraints and add only KubeVela-specific rules.

Then I have modules of other components that could be defined as KubeVela Applications on the cluster but I define their constraints agnostically and merge the constraint sets together to create the final yaml in proper KubeVela Application format. And if the component needs to talk to another component, I standardize the syntax of the shared function and then link that function up to whatever tool is currently in use for that purpose.

I think it’s a good point that overgeneralization can and does occur and my “one size fits all” approach might not actually fit all. But I’m hoping that if I finish this tool and shop it to a place that thinks it’s overkill, I can just have them tell me which parts they want generalized and define a function to export a subset of my CUE for their needs. And in that scenario, I would flip and become a big proponent of “Just General Enough”. Because then, they can have the streamlined fit-for-purpose system they desire and I can have the satisfaction of not having to do the same work over and over again.

But the my fear about going down that road is that it might be less of an export of a subset of code and more of building yet another system that can MAD-style generate my whole CUE system for whatever level of generalization I want. As you say, it just becomes another abstraction layer. Can’t say I’m quite ready to go that far 😅

Thanks for the info. When I searched MASD, it told me instead about MAD, so it’s good to know how they’re differentiated.

This whole idea comes from working in a shop where most of their DevSecOps practices were fantastic, but we were maintaining fleets of Helm charts (picture the same Helm override sent to lots of different places with slightly different configuration). The unique values for each deployment were buried “somewhere” in all of these very lengthy values.yaml override files. Basically had to did into thousands of lines of code whenever you didn’t know off-hand how a deployment was configured.

I think when you’re in the thick of a job, people tend to just do what gets the job done, even if it means you’re going to have to do it again in two weeks. We want to automate, but it becomes a battle between custom-fitting and generalization. With the tradeoff being that generalization takes a lot of time and effort to do correctly.

So, I think plenty of places are “kind of” at this level where they might use CUE to generalize but tend to modify the CUE for each use case individually. But many DevOps teams I suspect aren’t even using CUE, they’re still modifying raw yaml. I think of yaml like plumbing. It’s very important, but best not exposed for manual modification unless necessary. Mostly I just see CUE used to construct and deliver Helm/kubernetes on the cluster, in tools like KubeVela and Radius. This is great for overriding complex Helm manifests with a simple Application .yaml, but the missing niche I’m trying to fill is a tool that provides the connections between different tools and constrains the overall structure of a DevSecOps stack.

I’d imagine any company with a team who has solved this problem is keeping it proprietary since it represents a pretty big advantage at the moment. But I think it’s just as likely that a project like this requires such a heavy lift before seeing any gain that most businesses simply aren’t focusing on it.

I’ve never heard of this before, but you’re right that it sounds very much like what I’m doing. Thank you! Definitely going to research this topic thoroughly now to make sure I’m not reinventing the wheel.

Based on the sections in that link, I wondered if the MASD project was more geared toward the software dev side or devops. I asked Google and got this AI response:

“MAD” (Modern Application Development) services, often used in the context of software development, encompass a broader approach that includes DevOps principles and tools, focusing on rapid innovation and cloud-native architectures, rather than solely on systems development.

So (if accurate), it sounds like all the modernized automation of CI/CD, IaC, and GitOps that I know and love are already engaging in MAD philosophy. And what I’m doing is really just providing the last puzzle piece to fully automate stack architecting. I’m guessing the reason it doesn’t already exist is because a lot of the open source tools I’m relying on to do the heavy lifting inside kubernetes are themselves relatively new. So, hopefully this all means I’m not wasting my time lol

Yeah, I’ve been using it heavily. While someone without technical knowledge will surely allow AI to build a highly insecure app, people with more technological knowledge are going to propel things to a level where the less tech savvy will have fewer and fewer pitfalls to fall into.

For the past two months, I’ve been leveraging AI to build a CUE system that takes a user desire (e.g. “i want to deploy a system with an app that uses a database and a message queue” expressed as a short json) and converts a simple configuration file that unpacks into all the kubernetes manifests required to deploy the system they want to deploy.

I’m trying to be fully shift-left about it. So, even if the user’s configuration is as simple as my example, it should still use CUE templating to construct the files needed for a full DevSecOps stack - Ingress Controller, KEDA, some kind of logging such as ELK stack, vulnerability scanners, policy agents, etc. The idea is the every stack should at all times be created in a secure state. And extra CUE transformations ensure that you can split the deployment destinations in any type of way, local/onprem, any cloud provider, or any combination thereof.

The idea is that if I need to swap out a component, I just change one override in the config and the incoming component already knows how to connect to everything and do what the previous component was doing because I’ve already abstracted the component’s expected manifest fields using CUE. So, I’d be able to do something like changing my deployment from one cloud to another with a click of a button. Or build up a whole new fully secure stack for a custom purpose within a few minutes.

The idea is I could use this system to launch my own social media app, since I’ve been planning the ideal UX for many years. But whether or not that pans out, I can take my CUE system and put a web interface over it to turn it into a mostly automated PaaS. I figure I could undercut most PaaS companies and charge just a few percentage points above cost (using OpenCost to track the expenses). If we get to the point where we have a ton of novices creating apps with AI, I might be in a lucrative position if I have a PaaS that can quickly scale and provide automated secure back ends.

Of course, I intend on open sourcing the CUE once it’s developed enough to get things off the ground. I’d really love to make money from my creative ideas on a socialized media app that I create, am less excited about gatekeeping this kind of advancement.

Interested to know if anyone has done this type of project in the past. Definitely wouldn’t have been able to move at nearly this speed without AI.

Oh my god, how embarrassing.

What about a bridge? You didn’t think about a bridge, did you? Bet you feel pretty dumb now.

Yeah, I have a lot of outdated books too.

Edit: I guess people don’t enjoy book puns?

Yeah, if I were you I’d cut my losses and try to find another place. If you’re lucky enough to know this place has bugs while very little of your stuff has been exposed, I’d get out before the problem has taken hold in your life.

That said, there are ways to deal with infestations. Likely if it’s been a problem dating back years, there’s some place they retreat to that kick starts the population each time they’re exterminated. But in typical homes, steam treatments from professionals can eradicate the pests. Mark Rober made a pretty good video pushing back on some of the stigma:

https://www.youtube.com/watch?v=2JAOTJxYqh8

Good luck to you. I hope you end up in a good place after all this. Sucks to get this close to a stable living space only to be thwarted by invertebrates.

Yeah, from that year Shawn rapidly changed appearance and no one seemed to notice. That’s just like Shawn.

Same here. I’ve been building a bootstrap script, and each time I test it, it tears down the whole cluster and starts from scratch, pulling all of the images again. Every time I hit the Docker pull limit after 10 - 12 hours of work, I treat that as my “that’s enough work for today” signal. I’m going to need to set up a caching system ASAP or the hours I work on this project are about to suddenly get a lot shorter.

Yeah, there is a lot to miss about those days. Seems naive looking back to not have known that those early-net vibes could not last.

I subscribed to a writing magazine in the late 90s or so and they had a web forum. It was amazing to be able to post my writing online and get feedback from a community of people who were virtually always friendly (if sometimes blunt) and dedicated to the craft. I miss that genuine feeling of community, seeing the same pool of people around you so often that you notice when someone’s been gone a while.

It can’t be the same now for a lot of reasons, but I agree that Lemmy and its Fediverse counterparts (I’ve only been on Lemmy) are the closest thing we have now. And having recently looked in on the alternative, I just notice reddit getting worse and worse and Lemmy getting better and better.

We should enjoy this time when this world is small. And welcome the refugees as they arrive. Would love for the people to own the means of production, but at this point I will be thrilled if the people can at least come together and seize control of the means of meme production.

I am maybe misplaced in this conversation. I was born in 1990. I do feel a deep nostalgia for early chat rooms and IRC. So much so that I’m trying to build up a chat platform of my own.

In comparison to the time of asking people their A/S/L and just hanging out talking about how our lives are different, there are now maybe four (or five?) categories of potentially society-ending threats hanging around our cultural zeitgeist. All of them addressable, but it just hangs around every internet thread like a miasma now.

But I do think we’ll find ourselves nostalgic for this time in a similar way that we look back on the 80’s. In the same way it became possible in the mid 70’s to just buy some off-the-shelf components and assemble them into personal computers that can be sold en masse, it is every year more and more possible for a relative novice (such as myself) to do something like create their own chat room app. With some prior experience and the help of AI, I’ve got the bare bones of a shift-left style DevSecOps stack, and it feels really exciting. It feels like I’m a guy in the 70’s in his garage putting a prototype personal computer together, the way you can abstract your requirements from deployed resources in CI/CD. I envision a near future where corporate capitalistic social media becomes stale and increasingly awful (status quo) and the average consumer can have an idea for an app and have a fully hardened back end system to support it in the span of an afternoon. I’m looking forward to a new crop of communication technologies that we collectively develop as a people to tackle the overarching issues which affect us all. Imagine if we could all organize to efficiently locate ideal candidates for public office and democratically work out our differences in environments where peaceful debate and separate chill zones are both encouraged, rather than profit-driven systems where outrage is king. We can do so much better, and we are just now on the cusp of having all the tools to enable the average person to finally be able to help themselves.

I’m sorry for the tangent, and for polluting this thread with all of this. I know it’s not really on topic, I’m just waiting for tests to process and really pumped up about starting a revolution later, idk, maybe, I mean, like only if you feel like revolting.

It’s a horse

Recently had to come to terms with the fact that when I was a kid I thought of George Costanza as “the fat bald guy on Seinfeld” but in present day I am now older and possibly also fatter than George was on the show.

The article says that the administration seems to be claiming the executive order where they changed the name of United States Digital Service to United States DOGE Service allows them to make the sweeping changes they are making. This is of course ludicrously beyond the pale when it comes to data security violations involved in taking control of data managed by other agencies and getting involved in their staffing. It’s a smokescreen for autocracy.

The claim in this particular instance is that they are saying the executive order redefined the reporting structure of the department. Where previously they reported to the Office of Management and Budget, where everything is subject to FOIA requests in the short term, they claim their USDS reports to the White House Chief of Staff and therefore is shielded from FOIA during the current administration. We can theoretically get the data later (I’m sure they’ll be very responsible with chain of custody on such important data 🙄) but it will be 4 years later, when no one cares because we’re in the trenches dealing with the long term consequences of what’s happening right now. So, it is subject to FOIA, yes. But they’re making up stories and betting the courts won’t dare to challenge them.

So it’s like if I bragged my house payment is only 100 bucks, but that’s only my electricity bill, I actually paid a million dollars cash for the house but let’s not count that.

I spent about 20 minutes today trying to get Copilot on Word to tell me how to disable Copilot on Word. Worth every penny.

I also find USB to be limiting when it comes to range. I can go about 50 feet with a nice thick HDMI with copper wiring, but any further than 20 feet on USB necessitates fiber optics. Not an issue for everyone, but something I have been running into.