Top 5 DEV Comments from the Past Week

Docker images: think of them as blueprints, for example a blueprint for creating a cow.

Docker daemon: think of it as corral for letting the cows run wild.

Docker swarm (and Kubernetes): think of it as a rancher that manages the cows.

Let's say you create many cows (docker containers) with the same blueprint (docker image) and let the cows do their thing in the corral (docker daemon).

You have all the dairy cows in one place but it's getting pretty crowded and they're eating all the stuff around them (resources) and you need to redistribute them to other areas or they will die.

You hire the rancher named Kubernetes and tell him of all the other corrals (nodes). The rancher checks each corrals capacities (resources) that they can handle. The rancher will take care of moving the cows around when the corrals are low on food to more abundant areas and the rancher will also take care of creating new cows for you if cows die for any reason.

The rancher is responsible optimizing your cattle ranch as efficient as possible and making it scale as long as you tell him of all the locations that his allowed to move the cows to. You can also tell him to only grow the ranch to a certain size or to dynamically scale larger to produce more milk based on the dairy consumption demand by the population (auto-scaling).

Turbo Pascal. I'm old enough to remember using it and loving it, it's a 'teaching language' which fits my mentoring bent, and darn it if I still don't think in therms of := for object assignment from time to time.

I have a Security Checklist for AWS which you can apply to any Cloud Computing service, it was too painful for me to find the original so I was lazy and linked it from my LinkedIn:

linkedin.com/posts/andrew-wc-brown...

Rails has very sane defaults, Rails Security outline gives you a good idea where to look:

guides.rubyonrails.org/security.html

OWASP top ten is a useful resource:
owasp.org/index.php/Category:OWASP...

A fun way of thing of ways to compromise an app/system is looking at Kali Linux full list of tools for inspiration.

tools.kali.org/tools-listing

Maybe you are running an old version of Postgres? Exploit DB might have some means for me to find a way in:
exploit-db.com/

• Are you using dependabot?
• Are you using that searches for CVEs? eg. Synk
• Have you tried sniffing for credentials that may be in the git history?
• Are you enforcing MFA? Are you enforcing signing of git commits?
• Do you have tests for all your endpoints? If not that that is a good place to look to abuse access to records I should not have access to
• Are you hosted on AWS? If not I bet lots of you're resources have public-facing addresses, Are you using Sidekiq? That means you're using Redis, maybe Redis is public-facing and you have not kept it up to date and I can gain access via an exploit.
• I would run Metasploit against your servers

A bit busy at the moment but a very fun thing to investigate

Come now, we're just scratching the surface...

Given you're in command mode:

• :wqa will write, quit all buffers (in case you have more than one)
• :x will also save and quit
• :ex as above
• ZZ will save and quit
• ZQ will just quit
• :1,5wq will save only lines 1 to 5 and quit

There's more. A lot more. Interested? :h quit will take you to the Vim help section on quitting.

This is all well and good...brings back a lot of memories from undergrad school.

But after enduring such an interview from a company, PLEASE PLEASE PLEASE don't forget to then ask your interviewer how they've used/applied said "algorithms, data structures, design, optimization and honestly just an ever growing basket of subjects" in their CURRENT work.

If you get a blank stare back, you'll know that you were just put through an "interview" that was essentially algorithm hazing and nothing more. I'd seriously question whether or not I'd want to work for this company.