3 minute read

This issue is coming live from FOSDEM in Brussels, which makes gathering interesting content from the past week quite easy. The sheer number of talks and new open source tools being discussed or released means I’m bound to have missed something though. Special mention to the folks behind both the Configuration Management and the Testing and Automation rooms yesterday for lots of good content.

Sponsor

Devops Weekly is sponsored by Brightbox Cloud - launch cloud servers in multiple UK datacentres in seconds…
http://brightbox.com

FOSDEM

One of the talks from the Configuration Management room delved into how we learn to automate. Taking examples from training materials and community efforts and summing up with some support projects can provide to help people adopt them.
https://speakerdeck.com/nathenharvey/learning-to-automate

Another talk from the Configuration Management room, this one focusing on integration testing for Infrastructure. It introduces the new Test Kitchen framework, which aims to be a tool agnostic way of building repeatable tests for infrastructure and configuration management code. Lots of good ideas in here that should probably exist.
https://speakerdeck.com/bryanwb/dont-shrug-integration-testing-for-infrastructure-with-ruby-frameworks

This talk was from the Testing and Automation dev room. It covers building a continuous integration pipeline for building system packages and introduces a number of small tools that can be composed together for the intended purpose. The Gist contains notes and links to all the tools mentioned.
https://speakerdeck.com/mpasternacki/a-continuous-packaging-pipeline
https://gist.github.com/3831086

Jobs

Oracle are looking for people to join their Cloud Operations team to help run Oracle RightNow CX, a complex LAMP-based SaaS platform running on thousands of globally distributes nodes. We do DevOps, we do continuous integration, we do configuration management and we do big data. We don’t do boring!
http://bit.ly/12jScvL

Thomsons Online Benefits (Victoria, London, UK) are recruiting a DevOps Build Engineer. DevOps is a new team in Thomsons with a focus on supporting faster, more frequent and more robust deployments of our product: Darwin. This team has in-roads to Development, QA and IT Operations and owns the Release Management function. We need someone who can help us push automation for test and deployment as well as help us manage our builds and releases. We’re run Windows, MSSQL and IIS and code in C++ and ASP.Net using TFS, Jenkins and Powershell to automate.

The perfect candidate would have been exposed to the SDLC, Agile practices and cloud infrastructure. Previous automation experience is a must. If you enjoy a challenge and want to help define what DevOps means to Thomsons then this might be the perfect job for you. Give us a shout at [email protected] and mention DevOps in the subject line. You can find more about us at www.thomsons.com

News

A great, long and detailed writeup of why the recent Ruby on Rails vulnerabilities matter to you whether you’re a Ruby/Rails shop or not. Lots of good, scary examples and lots of advice, especially if you’re not up on security exploits.
http://www.kalzumeus.com/2013/01/31/what-the-rails-security-issue-means-for-your-startup/

Good talk on GitHub culture. The main take away surrounds how company structure is strongly linked with the prevailing culture of the organisation.
https://speakerdeck.com/tnm/scaling-happiness

Puppetcamp Ghent happened just before FOSDEM and this talk quickly demonstrates how to manage puppet with mcollective. Enabling and disabling runs, ad-hoc puppet runs and managing deployments are all covered. It’s also a good short introduction to using mcollective.
http://www.slideshare.net/PuppetLabs/presentation-16281121

It’s a good week for epic blog posts. This one is a fantastic case study all about introducing a devops culture into a traditional enterprise. Lots to admire and lots more to learn from, whether you work in an enterprise environment or not.
http://niek.bartholomeus.be/2013/01/28/introducing-a-devops-culture-in-a-traditional-enterprise/

Extending Nginx using Lua appears to be incredibly powerful, and real world tutorials like this one make a good case for investigating it for certain use cases.
http://3scale.github.com/2013/01/09/augment-your-api-without-touching-it/

Tools

I ended up speaking to the author of OWASP Zed Attack Proxy on Friday at FOSDEM. It looks to be a great penetration and vulnerability testing tool, and one that lends itself to being used as part of a continuous integration setup. Version 2.0.0 has just been released.
https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project

Updated: