This week’s work fun: confirmed that Google Cloud’s default K8s Ingress setup pre-1.17 basically guarantees HTTP 502 responses for up to 10 minutes during regular app rollouts. To trigger the issue you just need to have fewer replicas of the app than there are K8s nodes/VMs. When a replica that lives on a node is deleted during a regular rolling update and there isn’t another to replace it Google’s Load Balancers happily continue to send traffic there. You can repro this with a basic setup from their official tutorials. Switching to their new Container-Native load balancers seems to help. It’s wild, though. 1.17 is fairly new in GKE and clusters aren’t auto-upgraded to Container-Native. Google has basically been selling a broken load balancer setup to GKE customers for years.

Enjoying Amazon’s Utopia remake. But seriously, how hard is it to tag torture scenes and let people opt-in to auto-skip? They already “X-Ray” actors in the scene on the pause screen. They have the metadata.

Memo reveals ‘shocking’ police misuse of COVID-19 database, say rights groups
Ontario police services made thousands of unauthorized searches of the COVID-19 first-responder data portal, according to documents obtained by the Canadian Constitution Foundation, a civil rights charity

This is wild and depressing. A database full of PHI is built in a rush to help 911 dispatchers. It turns out to be useless to them, but instead gets queried willy-nilly by police. “Shocking”!