DEVOPS WEEKLY
ISSUE #400 - 26th August 2018
Serverless and data centre posts this week, along with discussions of the importance of software release processes, modern cloud forensic tools, configuration in AWS and more.
Sponsor
======
Continuously deliver and integrate while maintaining reliability with DevOps. Reduce friction and break down silos to build a collaborative DevOps culture dedicated to mitigating incident frequency, severity, and blast radius:
http://try.victorops.com/devopsweekly/devops-for-incidents
News
====
A useful set of best practices for serverless with tips on single-purpose functions, avoiding connections, using queues and more.
https://medium.com/@PaulDJohnston/serverless-best-practices-b3c97d551535
A nice introduction to the open compute project (OCP) which is creating and maintaining open specifications for server and datacenter hardware.
http://blog.cmd.nu/2018/08/open-datacenter-hardware-what-is-ocp.html
Good tips for ensuring the software release process is robust, emphasising that this means clear ownership and treating deployment software like the critical production system it is.
https://charity.wtf/2018/08/19/shipping-software-should-not-be-scary/
An interesting look at a forensics tool for cloud environments. Diffy picks up on differences between hosts that should be the same, and flags those for further investigation.
https://medium.com/netflix-techblog/netflix-sirt-releases-diffy-a-differencing-engine-for-digital-forensics-in-the-cloud-37b71abd2698
A detailed introduction to CQRS and event sourcing, containing lots of practical tips for implementing architectures based on this pattern.
https://medium.com/@hugo.oliveira.rocha/what-they-dont-tell-you-about-event-sourcing-6afc23c69e9a
A how-to for using AWS System Manager Parameter Store to store secrets, and other configuration, for your applications running on AWS.
https://www.davehall.com.au/blog/dave/2018/08/26/aws-parameter-store
The 12 factor applications pattern has been hugely influential, however this post takes issue with the use of environment variables for configuration. I see that as an interface requirement, how you manage that configuration is a separate concern.
https://krisbuytaert.be/blog/115-factor-apps/
CNCF - Cloud Native Computing Foundation
====
EnvoyCon is taking place on December 10th in conjunction with KubeCon + CloudNativeCon North America. Interested in sharing your expertise on Envoy? Submit a proposal to speak by August 24th!
http://bit.ly/2OjkMIp
Tools
====
A handy single sign on proxy application for controlling access to internal services. SSO integrates with Google accounts with OAuth2.
https://github.com/buzzfeed/sso
Kube Hunter is a handy tool for testing the security of a Kubernetes cluster. It can be run from outside the cluster or, interestingly, as a Pod to check what a compromised application would be able to access.
https://github.com/aquasecurity/kube-hunter
Continuously deliver and integrate while maintaining reliability with DevOps. Reduce friction and break down silos to build a collaborative DevOps culture dedicated to mitigating incident frequency, severity, and blast radius:
http://try.victorops.com/devopsweekly/devops-for-incidents
If you received this email directly then you're already signed up, thanks! If however someone forwarded this email to you and you'd like to get it each week then you can subscribe at http://devopsweekly.com
--
You opted in for Devops Weekly at http://devopsweekly.com
You can always unsubscribe by visiting https://devopsweekly.us2.list-manage.com/unsubscribe?u=b6635e37e35fa5eff0c2a947a&id=a63f24d068&e=d35d611795&c=1343e585c0
If you have other queries you can contact the list maintainer at gareth@morethanseven.net
Our mailing address is 43 Gwydir Street, Cambridge, UK, CB1 2LG
No comments:
Post a Comment