-
Notifications
You must be signed in to change notification settings - Fork 0
/
buzz-2020-02.html
167 lines (153 loc) · 16.6 KB
/
buzz-2020-02.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><title>DEVOPS MEETUP #20</title><meta content="yes" name="apple-mobile-web-app-capable"><meta content="black-translucent" name="apple-mobile-web-app-status-bar-style"><meta content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no, minimal-ui" name="viewport"><link href="https://cdnjs.cloudflare.com/ajax/libs/reveal.js/3.8.0/css/reveal.css" rel="stylesheet"><link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/reveal.js/3.8.0/css/theme/night.css" id="theme"><!--This CSS is generated by the Asciidoctor-Reveal.js converter to further integrate AsciiDoc's existing semantic with Reveal.js--><style type="text/css">.reveal div.right {
float: right;
}
/* callouts */
.conum[data-value] {display:inline-block;color:#fff!important;background-color:rgba(50,150,50,.8);-webkit-border-radius:100px;border-radius:100px;text-align:center;font-size:.75em;width:1.67em;height:1.67em;line-height:1.67em;font-family:"Open Sans","DejaVu Sans",sans-serif;font-style:normal;font-weight:bold}
.conum[data-value] *{color:#fff!important}
.conum[data-value]+b{display:none}
.conum[data-value]:after{content:attr(data-value)}
pre .conum[data-value]{position:relative;top:-.125em}
b.conum *{color:inherit!important}
.conum:not([data-value]):empty{display:none}</style><link href="https://cdnjs.cloudflare.com/ajax/libs/reveal.js/3.8.0/lib/css/zenburn.css" rel="stylesheet"><script>var link = document.createElement( 'link' );
link.rel = 'stylesheet';
link.type = 'text/css';
link.href = window.location.search.match( /print-pdf/gi ) ? "https://cdnjs.cloudflare.com/ajax/libs/reveal.js/3.8.0/css/print/pdf.css" : "https://cdnjs.cloudflare.com/ajax/libs/reveal.js/3.8.0/css/print/paper.css";
document.getElementsByTagName( 'head' )[0].appendChild( link );</script><!--[if lt IE 9]><script src="https://cdnjs.cloudflare.com/ajax/libs/reveal.js/3.8.0/lib/js/html5shiv.js"></script><![endif]--></head><body><div class="reveal"><div class="slides"><section id="_devops_meetup_20" class="text-center"><h2>DEVOPS MEETUP #20</h2><div class="paragraph"><p><h3>MindValley</h3></p></div>
<div class="paragraph"><p>18th February 2020</p></div>
<div class="paragraph small"><small>Slides: <a href="https://devops-my.github.io/meetup">devops-my.github.io/meetup</a></small></div></section>
<section><section id="_community"><h2>Community</h2></section><section><div class="paragraph"><p>Volunteers (usually on <a href="https://engineers.my">engineers.my</a>)</p></div>
<h3><strong>JOIN US</strong></h3><div class="paragraph"><p>Monthly meetup announced on <a href="https://www.meetup.com/DevOpsMalaysia/">meetup.com</a><br>
Ping <code><strong>#meetups</strong></code> to volunteer / speak</p></div></section><section id="_other_meetups"><h2>OTHER MEETUPS</h2><div class="paragraph"><p>DevKami curated meetups:<br>
<a href="https://devkami.com/meetups">devkami.com/meetups</a></p></div></section><section id="_house_rules"><h2>House Rules</h2><div class="ulist step"><ul><li class="fragment"><p>minimal bikeshedding</p></li><li class="fragment"><p>respect opinions — agree to disagree</p></li><li class="fragment"><p>participate</p></li><li class="fragment"><p>thank the sponsors & volunteers</p></li></ul></div></section></section>
<section id="_buzzcorner"><h2>BUZZCORNER</h2></section>
<section><section id="_security"><h2>Security</h2></section><section id="_chrome_protect_from_insecure_downloads"><h2><a href="https://security.googleblog.com/2020/02/protecting-users-from-insecure_6.html">Chrome: Protect from insecure downloads</a></h2><div class="ulist"><ul><li><p>Chrome will gradually ensure that HTTPS pages only download secure files</p></li><li><p>start blocking "mixed content downloads" (non-HTTPS downloads started on HTTPS pages)</p></li></ul></div></section><section id="_cloudflare_js_libs_almost_never_updated"><h2><a href="https://blog.cloudflare.com/javascript-libraries-are-almost-never-updated/">CloudFlare: JS libs almost never updated</a></h2><div class="paragraph"><p>Libraries are almost never updated once installed.</p></div>
<div class="paragraph"><p>Example: Oldest version of <code>jQuery</code> CDNJS includes is <code>1.10.0</code>, released on May 25, <strong>2013</strong>. The project still gets an average of 100k requests/day.</p></div></section><section id="_12k_jenkins_servers_vulnerable"><h2><a href="https://www.helpnetsecurity.com/2020/02/11/cve-2020-2100/">12K+ Jenkins servers vulnerable</a></h2><div class="paragraph"><p>A vulnerability (CVE-2020-2100) in 12,000+ internet-facing Jenkins servers can be abused to mount, amplify reflective DDoS attacks against internet hosts.</p></div></section><section id="_microsoft_nsa_tipoff"><h2><a href="https://www.thestar.com.my/tech/tech-news/2020/01/15/microsoft-issues-critical-windows-security-fix-after-tipoff-from-us-nsa">Microsoft: NSA tipoff</a></h2><div class="paragraph"><p>Microsoft on Jan 14 rolled out an important security fix after the NSA tipped off the company to a serious flaw in its widely used Windows operating system.</p></div></section></section>
<section><section id="_articles"><h2>Articles</h2></section><section id="_should_you_self_host_google_fonts"><h2><a href="https://www.tunetheweb.com/blog/should-you-self-host-google-fonts/"><span style="font-size: smaller;">Should you self-host Google Fonts?</span></a></h2><div class="ulist step"><ul><li class="fragment"><p>historically browsers limited number of connections to each domain (typically 6/domain)</p></li><li class="fragment"><p>now HTTPS is the norm</p></li><li class="fragment"><p>HTTPS connection is more expensive to create</p></li><li class="fragment"><p><a href="https://developers.google.com/web/fundamentals/performance/http2#design_and_technical_goals">HTTP/2</a> actually benefits single connection & multiplexing a single TCP stream</p></li><li class="fragment"><p>Google Fonts CSS is <strong>render-blocking</strong></p></li></ul></div></section><section id="_foit_fout_foft"><h2>FOIT - FOUT - FOFT</h2><div class="paragraph"><p><a href="https://www.zachleat.com/web/webfont-glossary/">FOIT</a></p></div>
<div class="dlist"><dl><dt class="hdlist1">Flash of Invisible Text</dt><dd><p>Default browser behavior to render text invisible while the web font is loading. In modern browsers, FOIT lasts a maximum of 3 seconds (IE & Edge render immediately). When people say that web fonts are blocking resources, they are likely referring to FOIT. FOIT is our enemy.</p></dd></dl></div></section><section id="_foit_fout_foft_2"><h2>FOIT - FOUT - FOFT</h2><div class="paragraph"><p><a href="https://www.zachleat.com/web/webfont-glossary/">FOUT</a></p></div>
<div class="dlist"><dl><dt class="hdlist1">Flash of Unstyled Text</dt><dd><p>Default behavior to render text with the fallback system font while the web font has loaded. FOUT is preferable to FOIT but care must be taken to minimize its reflow effect.</p></dd></dl></div></section><section id="_foit_fout_foft_3"><h2>FOIT - FOUT - FOFT</h2><div class="paragraph"><p><a href="https://www.zachleat.com/web/webfont-glossary/">FOFT</a></p></div>
<div class="dlist"><dl><dt class="hdlist1">Flash of Faux Text</dt><dd><p>A font loading strategy to render a roman web font first, and then use <code>font-synthesis</code> to render bold and italic variations immediately while loading true fonts.</p></dd></dl></div>
<div class="imageblock" style=""><img src="https://alistapart.com/wp-content/uploads/2012/07/smear-slant.png?w=960" alt="faux"></div>
<div class="imageblock" style=""><img src="https://alistapart.com/wp-content/uploads/2012/07/real-styles.png?w=960" alt="actual"></div></section><section><div class="paragraph"><p>Security:</p></div>
<div class="ulist step"><ul><li class="fragment"><p>privacy implication (3rd-party tracking)</p></li><li class="fragment"><p>SPOF: Single Point of Failure (eg. China blocking Google CDN)</p></li><li class="fragment"><p>SRI + HTTP/2 issues</p></li><li class="fragment"><p>–– CORS blocked if using <code>crossorigin=use-credentials</code> and remote is using <code>Access-Control-Allow-Origin: *</code></p></li><li class="fragment"><p>–– SRI <a href="https://nooshu.github.io/images/2019/12/the-impact-annotated.png">delay</a> ≈1s (DNS→CONNECT→SSL)</p></li></ul></div></section><section><div class="imageblock stretch" style=""><img src="https://www.tunetheweb.com/assets/images/blog/local-gfonts.png" alt="Strip" height="100%"></div><div class="title">Figure 1. Huge win</div></section><section><div class="paragraph"><p>But!</p></div>
<div class="ulist step"><ul><li class="fragment"><p>Google Fonts might have better improvements in the future that you can benefit from <strong>automatically</strong></p></li><li class="fragment"><p>Variable fonts: allow different styles of font to be used without having to download separate fonts</p></li><li class="fragment"><p>Progressive Font Enrichment: download of additional character definitions as they are needed as a stream of extra information which supplements the currently downloaded font</p></li></ul></div></section><section><div class="paragraph"><p>…​so self-host?</p></div>
<div class="ulist step"><ul><li class="fragment"><p>yes it’s better to self-host as the performance gains can be substantial</p></li><li class="fragment"><p>however it requires <strong>EXTRA</strong> effort so YMMV (resource hints, <code>font-display: swap</code>, font subsetting)</p></li><li class="fragment"><p>AND Google Fonts servers are also smart and keep on improving (OS-aware font hints, subsetting, brotli)</p></li><li class="fragment"><p>Bottom line: experiment!</p></li></ul></div></section></section>
<section><section id="_tools"><h2>Tools</h2></section><section id="_github_cli"><h2><a href="https://github.blog/2020-02-12-supercharge-your-command-line-experience-github-cli-is-now-in-beta/">GitHub CLI</a></h2><div class="imageblock" style=""><img src="https://i1.wp.com/user-images.githubusercontent.com/10404068/74261502-34ae1380-4cb0-11ea-8baf-cf8248f1b222.png" alt="CLI" width="720"></div><div class="title">Figure 2. Pull request</div></section><section id="_pganalyze"><h2><a href="https://pganalyze.com/">PGAnalyze</a></h2><div class="quoteblock"><blockquote>BTW, pganalyze.com. I’m. Damn. Impressed. Use it.</blockquote><div class="attribution">— Han @angch</div></div></section></section>
<section><section id="_misc"><h2>Misc</h2></section><section id="_microsoft_makes_carbon_negative_pledge"><h2><a href="https://www.bbc.com/news/technology-51133811">Microsoft makes 'carbon negative' pledge</a></h2></section><section id="_solar_powered_website"><h2><a href="https://www.lowtechmagazine.com/2020/01/how-sustainable-is-a-solar-powered-website.html">Solar Powered Website</a></h2><div class="imageblock" style=""><img src="https://krisdedecker.typepad.com/.a/6a00e0099229e888330240a4e08597200d-500wi" alt="Solar" width="360"></div><div class="title">Figure 3. 1 kwH of solar can serve ≈50K unique visitors</div></section><section id="_kubeacademy"><h2><a href="https://kube.academy/">KubeAcademy</a></h2><div class="paragraph"><p>Recommended k8s learning resource.</p></div></section></section>
<section id="_buzz"><h2>/Buzz</h2></section></div></div><script src="https://cdnjs.cloudflare.com/ajax/libs/reveal.js/3.8.0/lib/js/head.min.js"></script><script src="https://cdnjs.cloudflare.com/ajax/libs/reveal.js/3.8.0/js/reveal.js"></script><script>Array.prototype.slice.call(document.querySelectorAll('.slides section')).forEach(function(slide) {
if (slide.getAttribute('data-background-color')) return;
// user needs to explicitly say he wants CSS color to override otherwise we might break custom css or theme (#226)
if (!(slide.classList.contains('canvas') || slide.classList.contains('background'))) return;
var bgColor = getComputedStyle(slide).backgroundColor;
if (bgColor !== 'rgba(0, 0, 0, 0)' && bgColor !== 'transparent') {
slide.setAttribute('data-background-color', bgColor);
slide.style.backgroundColor = 'transparent';
}
})
// See https://github.com/hakimel/reveal.js#configuration for a full list of configuration options
Reveal.initialize({
// Display presentation control arrows
controls: true,
// Help the user learn the controls by providing hints, for example by
// bouncing the down arrow when they first encounter a vertical slide
controlsTutorial: true,
// Determines where controls appear, "edges" or "bottom-right"
controlsLayout: 'bottom-right',
// Visibility rule for backwards navigation arrows; "faded", "hidden"
// or "visible"
controlsBackArrows: 'faded',
// Display a presentation progress bar
progress: true,
// Display the page number of the current slide
slideNumber: 'h.v',
// Control which views the slide number displays on
showSlideNumber: 'all',
// Push each slide change to the browser history
history: true,
// Enable keyboard shortcuts for navigation
keyboard: true,
// Enable the slide overview mode
overview: true,
// Vertical centering of slides
center: true,
// Enables touch navigation on devices with touch input
touch: true,
// Loop the presentation
loop: false,
// Change the presentation direction to be RTL
rtl: false,
// Randomizes the order of slides each time the presentation loads
shuffle: false,
// Turns fragments on and off globally
fragments: true,
// Flags whether to include the current fragment in the URL,
// so that reloading brings you to the same fragment position
fragmentInURL: true,
// Flags if the presentation is running in an embedded mode,
// i.e. contained within a limited portion of the screen
embedded: false,
// Flags if we should show a help overlay when the questionmark
// key is pressed
help: true,
// Flags if speaker notes should be visible to all viewers
showNotes: false,
// Global override for autolaying embedded media (video/audio/iframe)
// - null: Media will only autoplay if data-autoplay is present
// - true: All media will autoplay, regardless of individual setting
// - false: No media will autoplay, regardless of individual setting
autoPlayMedia: null,
// Number of milliseconds between automatically proceeding to the
// next slide, disabled when set to 0, this value can be overwritten
// by using a data-autoslide attribute on your slides
autoSlide: 0,
// Stop auto-sliding after user input
autoSlideStoppable: true,
// Use this method for navigation when auto-sliding
autoSlideMethod: Reveal.navigateNext,
// Specify the average time in seconds that you think you will spend
// presenting each slide. This is used to show a pacing timer in the
// speaker view
defaultTiming: 120,
// Enable slide navigation via mouse wheel
mouseWheel: false,
// Hides the address bar on mobile devices
hideAddressBar: true,
// Opens links in an iframe preview overlay
// Add `data-preview-link` and `data-preview-link="false"` to customise each link
// individually
previewLinks: true,
// Transition style (e.g., none, fade, slide, convex, concave, zoom)
transition: 'slide',
// Transition speed (e.g., default, fast, slow)
transitionSpeed: 'default',
// Transition style for full page slide backgrounds (e.g., none, fade, slide, convex, concave, zoom)
backgroundTransition: 'fade',
// Number of slides away from the current that are visible
viewDistance: 3,
// Parallax background image (e.g., "'https://s3.amazonaws.com/hakim-static/reveal-js/reveal-parallax-1.jpg'")
parallaxBackgroundImage: '',
// Parallax background size in CSS syntax (e.g., "2100px 900px")
parallaxBackgroundSize: '',
// Number of pixels to move the parallax background per slide
// - Calculated automatically unless specified
// - Set to 0 to disable movement along an axis
parallaxBackgroundHorizontal: null,
parallaxBackgroundVertical: null,
// The display mode that will be used to show slides
display: 'block',
// The "normal" size of the presentation, aspect ratio will be preserved
// when the presentation is scaled to fit different resolutions. Can be
// specified using percentage units.
width: 960,
height: 700,
// Factor of the display size that should remain empty around the content
margin: 0.1,
// Bounds for smallest/largest possible scale to apply to content
minScale: 0.2,
maxScale: 1.5,
// Optional libraries used to extend on reveal.js
dependencies: [
{ src: 'https://cdnjs.cloudflare.com/ajax/libs/reveal.js/3.8.0/lib/js/classList.js', condition: function() { return !document.body.classList; } },
{ src: 'https://cdnjs.cloudflare.com/ajax/libs/reveal.js/3.8.0/plugin/zoom-js/zoom.js', async: true },
{ src: 'https://cdnjs.cloudflare.com/ajax/libs/reveal.js/3.8.0/plugin/notes/notes.js', async: true },
],
});</script></body></html>