DEVOPS WEEKLY
ISSUE #381 - 15th April 2018
Some good posts on the basics this week, including continuous integration, technical debt and monitoring. Plus several posts on how Kubernetes integrates with other tools in the ecosystem.
Sponsor
======
DevOps means working for continuous delivery while also maintaining site reliability. Incidents are inevitable when you're developing quickly, but it's important to learn from your incidents to help minimize the impact and avoid similar issues in the future. This post-incident review template can be downloaded and used by your team to better evaluate incidents and learn from them:
http://try.victorops.com/DevOpsWeekly/PIR-Template
News
====
A succinct description of the value of continuous integration and continuous delivery, and the value of applying simple XP techniques when shipping software.
https://builttoadapt.io/whats-the-value-of-ci-cd-c2e6c39450bd
A good post on the concept of technical debt. It puts forward a model for measuring various characteristics of technical debt and proposes different types to watch out for.
https://engineering.riotgames.com/news/taxonomy-tech-debt
A excellent talk from microXchg on the various challenges of securing a Kubernetes cluster, showing how exploits happen, how you can defend against them and introducing some useful tools to help.
https://www.youtube.com/watch?v=YtrA7eauSSg
https://drive.google.com/file/d/1GRSNCFgni5e0ILchvTHccmmesz8IVXqh/view
A couple of posts about how to best integration Kubernetes with Vault for secrets management, including how to utilise secrets that expire.
https://medium.com/ww-engineering/working-with-vault-secrets-on-kubernetes-fde381137d88
https://medium.com/ww-engineering/working-with-vault-secrets-that-expire-aa40d00d9d2a
A set of posts on how to best monitor Amazon EBS volumes. What information can you get from CloudWatch, and what are the critical metrics to watch to best understand performance and stability.
https://www.datadoghq.com/blog/collecting-amazon-ebs-metrics/
https://www.datadoghq.com/blog/amazon-ebs-monitoring/
A set of trends for modern logging and monitoring tooling; from structured logs to service meshes and machine learning.
https://www.loggly.com/blog/6-devops-trends-watch-2018/
A useful, detailed look at the Kubernetes ingress system. Showing how to install and configure an ingress controller, along with examples of how to write your own.
https://www.joyfulbikeshedding.com/blog/2018-03-26-studying-the-kubernetes-ingress-system.html
Events
======
You're invited to the O'Reilly Velocity Conference in San Jose, CA
Now in its 11th year, the O'Reilly Velocity Conference (June 11-14 in San Jose, CA) helps systems engineers, software developers, and DevOps teams stay ahead of their game by keeping pace with key innovations and trends. Come to Velocity and learn the strategies and tools you need to make your systems fast, resilient, and secure. Topics include systems performance, microservices, monitoring and observability, containers, cloud infrastructure, security, and more. Early Price ends May 4. Register today to save up to $200!
https://oreil.ly/2GZ2ysI
Jobs
====
Pensando is an early-stage startup building something we need to test in a custom way, so we started building our own CI system, and we need some help! Requirements: Golang, Ansible and/or Chef, ops experience. Scaling experience in a VM/Container environment preferred.
http://bit.ly/2GYx85E
CNCF - Cloud Native Computing Foundation
====
Free Webinar - Kubernetes in Docker for Mac
April 17, Online
Kubernetes was recently introduced in the desktop edition of Docker. Join us to learn about this major change and how Kubernetes was made available in Docker and as user-friendly as possible.
http://bit.ly/2GKAs8d
KubeCon + CloudNativeCon - Come together with leading cloud native contributors for a broad range of technical sessions on the cloud native ecosystem. We sold out in Austin and are excited to see thousands of you from the community join us, this time in Copenhagen!
http://bit.ly/2EARWy8
Tools
=====
Most large organisations have a formal set of security controls, but how best to apply and monitor them? OSCAL is the Open Security Controls Assessment Language, a new project describing schemas and tools, including some examples of applying this new language via unit tests.
https://github.com/usnistgov/OSCAL
Building custom versions of Nginx can be useful, either because you want to utilise a specific library version (like OpenSSL) or because you have first or third-party custom modules. This handy build script does all the heavy lifting.
https://github.com/jaygooby/build-nginx
DevOps means working for continuous delivery while also maintaining site reliability. Incidents are inevitable when you're developing quickly, but it's important to learn from your incidents to help minimize the impact and avoid similar issues in the future. This post-incident review template can be downloaded and used by your team to better evaluate incidents and learn from them:
http://try.victorops.com/DevOpsWeekly/PIR-Template
If you received this email directly then you're already signed up, thanks! If however someone forwarded this email to you and you'd like to get it each week then you can subscribe at http://devopsweekly.com
--
You opted in for Devops Weekly at http://devopsweekly.com
You can always unsubscribe by visiting https://devopsweekly.us2.list-manage.com/unsubscribe?u=b6635e37e35fa5eff0c2a947a&id=a63f24d068&e=d35d611795&c=4bd024778a
If you have other queries you can contact the list maintainer at gareth@morethanseven.net
Our mailing address is 43 Gwydir Street, Cambridge, UK, CB1 2LG
No comments:
Post a Comment