Hi all, I figured this is pretty critical to share out. Docker recently announced in February that starting April 1st unauthenticated Docker Pulls from the Docker Hub registry will be limited to 10 per hour. This is a pretty significant breaking change, especially for those that run Kubernetes in production.
Many Kubernetes clusters may host open source software with images pulled from docker hub without credentials, thus by default the pulls are unauthenticated. And many of these clusters run behind a NAT.
I was very surprised to see this warning from Digital Ocean today and that there's only a 3 day lead time to address this. Surfacing for visibility in case anyone else doesn't regularly follow Docker Hub updates.
Yeah, we saw this about a month ago, but I’m ready to be busy on the 1st. Maybe everything will be fine? Or maybe we see widespread internet troubles in the 1st? Party on! I’ll be letting my pager rest this weekend so it’s good and ready to go on Tuesday.
Yeah, might be more like 6 months from now when I upgrade my k8s cluster version and cycle out containers I'll have no idea why things are failing. Fun times.
The entire 18f org was let go. Many of these employees oversaw the building of digital services.
Login.gov is a most critical SSO resource for logging into services such as the IRS for tax payments. It’ll see peak usage next month for taxes. The teams maintaining these have been indiscriminately let go.
More of these online services will start to go down, rapidly.
If the point of DOGE is really to tackle the deficit, all these moves are incredibly shortsighted.
(Yesterday the 18F former employee put https://18f.org/ as a transparent warning of what’s to come)
> If the point of DOGE is really to tackle the deficit, all these moves are incredibly shortsighted.
The point is to shutter or kneecap every last government service. When it becomes obvious which services were/are mission critical, they'll be replaced with private solutions -- most of which will conveniently be on offer from X.
In my 30+ years working at about everywhere and on everything the only place I’ve worked, inclusive of federal roles, with intentionally bottom productivity, are private government contractors. Federal employees while fairly kushy in benefits space were often pretty mission driven and believed deeply in what they were doing as they had taken a long term commitment on their role vs more money on the private side. The contractor space is a constant churn of bids and re orgs with the mission being keeping the contract in the next bidding cycle but losing it due to random political whims. It’s the most depressing form of employment I’ve ever experienced, and I’ve worked at multiple FAANG, so that’s really saying something.
This was hauntingly beautiful. A story of conscience and reconciliation with the paradoxes of war and personal spirituality/religion.
His decision to join the war as an interrogator, believing his presence and oversight would ensure the humane treatment of prisoners is admirable. I often wonder what is the right thing to do: non-participation, or conscientious participation to ensure abuses are minimized.
In this telling he tried to effect change from within, but was overwhelmed, both spiritually and physically, by what he found there.
If there is a positive to draw from it it lies in his ability to talk about the experience afterwards through drama and indirectly through this piece. I don't think that level of success often accrues to people trying to effect positive change from within.
Which one's more likely to be noticed (by the masses) and affect change? This article, years after, or the fact they have to increase wages 200+% because no one with a mirror will do the job?
I'm surprised you see this. I see it differently. Excuse my language, but I see a horse-shit sandwich. Have you read any Noam Chomsky? This is a great example of 'Manufacturing Consent' - through these feel good propaganda manufactured stories. Yes, I do think he believed his struggle was holy and justified. Yes, I am aware that this sounds harsh.
Wow I did not read the whole article. But's it's actually pretty moving... Ok fuck it. I'm going to do a pluralist 'both/and'. It's both a horse-shit sandwich and a story of conscience.
>I often wonder what is the right thing to do: non-participation, or conscientious participation
And I often hear people talk about how they would punch nazis. Yet when being in the reality of present day prevailing groupthink which justifies such abuses, expecting people to "conscientiously take part" is already getting hopeful.
Dmitry, you never cease to amaze me with your side projects and the lengths and hurdles you go through with ease. These writeups are fun to read and provide me with some inspiration if I'm ever stuck on something.
For those that don't know, Dmitry also ported linux to an 8 bit micro-controller.
He also wrote a whole suite [1] of utilities for later PalmOne and Treo devices that massively improved their capabilities and made them usable for a much longer time - absent PowerSDHC and WarpSpeed in particular, my old Palm TX wouldn't have lasted me until 2012.
Hi there! Sunil here (CTO at Buffer). Really great question! We've had a long and hard look at our salaries and have been in the midst of overhauling how exactly we determine salaries. One of the great things with being transparent about our salaries is that we learn so much about how we've originally set up our salaries and how we'd need to further adjust things. We received some great feedback and through that, we've realized how under-market our rates have been for areas like SF and NYC, while being quite above market rates in many other regions. We've been in the middle of overhauling how salaries get set, and have adjusted developer salaries based on some solid feedback. I believe we'll update the public numbers and be transparent about the process we took and our overall learnings quite soon!
Generally our approach with salaries (and much of the company) has been to iterate with continuous feedback loops. The feedback we receive in HN may further influence how we think about things. Would love any more thoughts/advice you have :)
> we've realized how under-market our rates have been for areas like SF and NYC, while being quite above market rates in many other regions.
It shouldn't come as a surprise that you have to pay more in markets like SF and NYC. The costs of living are much higher, and employees can switch jobs almost effortlessly.
Well, that's the weird part - they obviously knew that, because they have the location modifier (SF/NYC are location A/+$22k). Seems like the base levels are too low.
I worked in another state for a well known and generally hated company based in SF who wanted me to transfer there, offering a 20k cost of living adjustment. But the actual standard of living increase that would be required amounted to a raise of at least 50%. The response was that a lot of people want to live in SF and would take the hit. No thanks.
Taxes and rent costs blow away these piddly adjustments. Moving into SF from elsewhere requires _massive_ income adjustments.
After you take out the difference in house prices and gas prices, the rest is minimal.
I'd say an apartment here would cost $2000/mo more than Nashville. Gas is say 50% more expensive; let's say that's another $4K/year. That adds up to an additional $28K/year after tax; or, roughly $40K/year before tax.
Could you talk more about how it took "great feedback" to realize how under-market you were? I would imagine a tech company -- especially one that took so much time and effort coming up with compensation formulas -- would have their finger on the pulse of salary levels.
Thanks for the reply, Sunil! Wasn't expecting a response from the CTO. :) Glad to hear you are constantly making changes and improvements. I almost applied a while ago, but the salaries were off-putting.
How do you deal with someone who's doing just as much work as a person in SF/NYC, but living somewhere else feeling resentful that they're not making as much?
You send me their email because my team compensates people based on talent, not zip code.
I don't think you should pay some one more because they want to live somewhere expensive, just like you shouldn't pay them more if they decide they want to drive a tesla.
> I don't think you should pay some one more because they want to live somewhere expensive
I don't think that's the problem. The problem is, if you have someone you want in your team, and if that someone is living in SF for example, then you can't offer him the same kind of salary otherwise he will never accept.
I don't think I was very clear because this example is backwards. Maybe I should say we don't pay people less because they live in a flyover state. Engineers in sf do produce value that justifies a high salary. In many cases engineers outside sf can produce as much value.
What choices have you made in the past year that make you feel you're worth $63k/yr more than Colin? I mean, is Colin just not quite as smart and good at technology as you? Have you two talked about how much better you are than him?
That rhetorical line of questioning is a low blow, but as CTO you might be able to answer: what positive open and honest discussion has the open equity/salary table actually encouraged?
Idle gossip around the virtual water cooler is one thing, but for open salaries to be appreciated, there have to be positives that outweigh the obvious negatives.
Another thing not mentioned, does Buffer give bonuses for good work or is the spreadsheet an employee's total compensation?
This is a great post! Our entire team is fully remote all over the world, with 31 people in 22 different cities in each major continent. I'm quite glad the OP wrote this because it talks about the very first thing I try to say when people ask about what it's like for remote working: Remote working doesn't work for everyone. Some are energized by an office environment with face-to-face time, and others are more productive by self-managing and lots of focus time. I feel like it's key to recognize which camp you're in.
We've had to construct our hiring and on-boarding process to gauge in so many ways whether someone is a good culture fit and is also energized by remote working. We feel like there's no way to truly tell unless you work with them under a contract period, which is what we do for everyone that's hired. Generally we've found about 30% who enter this period aren't quite a fit for either remote or culture for us.
This. You can't just hire anyone remote. You have to hire people who want to be remote, embrace the isolation, and moreover, fit well into the culture you already have.
I don't think I necessarily agree with any of this.
First:
If you're hiring for a remote position, I think hiring people who "want" to be remote is obvious.
Second:
Hiring remote doesn't mean that you have to "embrace the isolation." There are plenty of people that do like the isolation, but I've worked with plenty of remote developers (I'm remote as well) that aren't isolated. We stay on hangouts/chats, work from coffee shops, meet up to work with colleagues/friends, or even work from someone else's office.
It's quite easy to meet other people in the same scenario (remote workers) that are more than happy to meet up to work, even if you're working with different companies. Just to have casual chat throughout the day or to bounce ideas off of.
Third:
I think "fitting will into the culture you already have" should be a requirement in general. Just because I worked on site wouldn't mean that I'd want to sacrifice culture anymore than I would if I worked remotely.
We're completely remote as well and have a very similar approach to hiring and on-boarding. It's definitely tougher to find the right candidates but it's a fun challenge for sure!
Yup, that's right. I'm an early Buffer employee/cto. I also wanted to confirm that I had the option of receiving some liquidity in this round by giving up some of my options that have vested. I chose not to sell them at this time as did most of the employees that had vested shares. Great thoughts guys!
Many Kubernetes clusters may host open source software with images pulled from docker hub without credentials, thus by default the pulls are unauthenticated. And many of these clusters run behind a NAT.
I was very surprised to see this warning from Digital Ocean today and that there's only a 3 day lead time to address this. Surfacing for visibility in case anyone else doesn't regularly follow Docker Hub updates.