Schlomo Schapiro

DevOps is not a title, not a box to buy, nor a software to install - how can you explain DevOps in 5 minutes, e.g. as an elevator pitch riding up to the top floor with your boss? DevOps is like a driving license for running code in production In my opinion, this is the easiest and best explanation, that everybody can understand. Specifically, it is like a motorcycle driving license and this analogy carries surprisingly far, e.g.: motorcyclists pass a theoretical exam → Engineers should know about their obligations before working in production motorcyclists drive on their own, the instructor drives behind and gives instructions via radio → Engineers should work in production and a DevOps coach should accompany them with expertise motorcyclists are fully accountable for their mistakes (e.g. hitting a tree) while they learn driving → Engineers working in production are fully acc

Software rules the world, and everybody is its subject. But you can be a ruler, too - if you like  I keep telling my family. Here is a little example where I try to rule my secondary printer by automating the tedious task of rotating and scaling content to print. My Little Zebra Printer My secondary printer (shown here on the shelf in my home office) is a little miracle device: It is a thermal transfer receipt printer , that prints on a roll of continuous paper that is 10cm (4in) wide. Specifically a Zebra GX420d . You can get such a used printers relatively cheap. This is exactly a printer like you know from your local supermarket. And it is a super useful tool to have at home, as many print jobs don't require a full A4 page and don't need to be printed on fancy bright white paper with ever-lasting toner. Most common print jobs are shipping labels (no need to cut them to size), small shopping lists (fits in a pocket), little notes to stick into a book (e.g. reading order for a

This is especially useful for all Google Workspace admins who still use their regular account as domain admin. Google's security best practices for administrator accounts mentions Don’t use a super admin account for daily activities and I believe that this is a really important point. If you haven't done so, I also strongly recommend going over this acrticle as it serves as a check-list for your admin setup. Why isn't everybody using an admin account? Well, paying for yet another Google Workspace license just for admin work might be too much for you, especially for smaller domains. A Shared Admin Account - Bad Idea Some domains use a shared super admin account where every user has their own YubiKey configured as MFA. While this approach does separate between regular work and admin access, it doesn't give a good solution IMHO: You can't know who actually used it because multiple people have access and Google doesn'

Attending the 2024 Foss Backstage was again a real pleasure, my last one was in 2022 . I enjoyed participating in a conference in Berlin, in person and about Open Source. The only thing I don't understand is, why not more people come to it, there where only about 200 attendees on-site and another 60 online. Corporate Open Source Open Source in the business and as a serious business practice is clearly growing up. Most larger companies who sent representatives to this conference already have some sort of Open Source governance framework in place. It was also a nice meeting of many old acquaintances from the German corporate Open Source community. Has Open Source outgrown the OSPO   (video) , since SUN defined the role 25 years ago? - asks  Per Ploug Krogslund  who established Open Source Program Office (OSPO) teams at Zalando and Spotify. By my own observation it clearly has not outgrown it: Outside this Open Source conference, most companies I personall

I'm a big fan of test driven development  (TDD) for infrastructure components. I'm currently working on a hardware-related topic where we also use the system serial number as identifier. To create a proper integration test, we need to be able to start a system and set the serial number to a known value. This can easily be done with the help of virtual machines like in VMware or VirtualBox , but I couldn't find a way for changing the system serial number on hardware boxes, cloud VMs (e.g. on Alibaba Cloud) or other Linux system. Problem Analysis I was thinking: Linux is the operating system where I can potentially do everything . So how hard can this be? After some digging around I found out that there are those main sources for the serial number on Linux: /sys/firmware/dmi/tables/DMI contains a binary blob of Desktop Management Interface data provided by the kernel and the dmidecode utility is commonly used to decode

I'm a frequent user of Google Workspace and even accept the switch from free to paid for my family domain . One topic has always been on my to-do list: Proper backups to support disaster recovery after a major problem. It turns out that Google Workspace has a significant flaw: It is technically impossible to create a full backup of all data and to restore that! Google simply doesn't offer any API for that. As a result, all backup vendors are forced to work with the regular APIs. As a result, not everything in Google Workspace can be stored in a backup, e.g. Google Sites (new, not classic). Some content, like Google Drawings and others, can only be backed up as a static file (e.g. PDF) and not restored into a new Google Drawing. Google itself doesn't offer much on backup and disaster recovery: Recover deleted files and folders for Drive users Restore deleted shared drives or their files How to mitigate ra

Attending the FOSS Backstage 2022 conference on "Community, Management & Compliance In Open Source Development" was a real highlight for me: A conference About Open Source In Berlin In person! I fondly remember the first edition in 2018 ( YouTube Archive , Flickr Photo Archive ) which actually helped with my Open Source work at DB Systel . Given the ongoing COVID pandemic, the conference was very small, with only about 60 people attending in person and 200 additional remote participants. That, and the conference location in a co-working space, gave the event a very intimate and personal feeling. More like a true community meet-up than a polished commercial event. The 2022 edition put the major focus on major Open Source related initiatives and community topics, but it didn't talk much about the practical sides of Open Source compliance, e.g. the OpenChain Project . I spoke with the organisers about that, and they indicated that future F

It seems like I can't get a printer that "just works". I recently decided to replace our HP X476 printer with something nicer and bigger, an HP Color LaserJet M880 ( background story & review in German ). And of course there is something that needs fixing: The Chrome browser on Linux wouldn't let us print in color, even though all other applications had no problem to print in color. Even with Chrome color printing was possible, if one used the system printing dialog instead of the built-in Chrome print preview. This strange behavior of course piqued my curiosity. After some digging around I found out that the Chrome browser needs to parse and understand  the printer driver PPD! Chrome tries to find out how to configure color or grayscale printing in order to offer the user the choice. If Chrome can't understand the printer driver then it simply doesn't offer the choice between color and grayscale — and then some printer driver default can ch

Following up on Lifting the Curse of Static Credentials and Eliminating the Password of Shared Accounts , I have many discussions about why we would benefit from removing password prompts for website logins. Let's dig deeper into the details and show why removing password prompts leads to a  safer security architecture . Update 11.03.2022: Added more details about business vs. consumer websites and additional security suggestions surrounding WebAuthn Problem Space For context, imagine a website that needs to identify online users via their email address. We assume that the website in question is not the primary email system of a user but some other website, e.g. an e-commerce shop system or a collaborative productivity tool. As a User As a user of that website I want to easily sign up for an account have an easy way to login into the account be sure that my account is protected from others or attacks be able to easily recover access to my account i