DEVOPS WEEKLY ISSUE #161 - 2nd February 2014
I’m writing today’s newsletter live from FOSDEM which has been the usual mix of interesting talks and interesting people. I’m then heading off to Configuration Management Camp in Gent so if anyone is around for that event do say Hi.
Sponsor
Devops Weekly is sponsored by Brightbox Cloud - launch cloud servers in multiple UK datacentres in seconds…
http://brightbox.com
News
A nice hierarchy of devops needs, identifying 5 layers through which you can evolve your practices - starting with backups and security and moving towards robust tools and systems and operator happiness.
https://www.kickstarter.com/backing-and-hacking/hierarchy-of-devops-needs
What to monitor is a surprisingly difficult question given finite time to implement, so learning from things that people forgot to monitor is super useful. This post covers ten things that bit.ly forgot to monitor but now do. How many do you monitor?
http://word.bitly.com/post/74839060954/ten-things-to-monitor
A good detailed survey of what people (in London at least) are currently using for monitoring. Based on some in-depth interviews and with a little data and lots of analysis. Some other trends, like people using micro-service architectures, also came up in lots of conversations.
http://blog.dataloop.io/2014/01/30/what-we-learnt-talking-to-60-companies-about-monitoring/
There are lots of similarities between ITIL and Devops in terms of community and intent. This post questions whether Devops can learn from the ITIL journey and avoid some of the problems.
https://community.servicenow.com/community/learn/blog/2014/01/20/devoops-we-did-it-again-what-devops-should-learn-from-itil
An interesting presentation from FOSDEM this weekend, about the amount of metadata available to Configuration Management systems (in this case Chef and Puppet) and how best to manage it.
http://www.slideshare.net/lynxmanuk/a-metadata-ocean-in-chef-and-puppet
Another FOSDEM presentation, by the same author, this time no patterns for auto-scaling. A good introduction along with simple advice for getting started - irrespective of the technology used.
http://www.slideshare.net/lynxmanuk/autoscaling-best-practices
Brightbox, the very nice sponsor for this newsletter, have shipped a database as a service product to go with their infrastructure as a service. Currently supports MySQL, with PostgreSQL on the way. It’s free to experiment with until the 1st of March.
http://brightbox.com/blog/2014/01/28/announcing-cloud-sql-database-service/
The role of distributions and distribution packages is increasingly being questioned, whether by containerization efforts or language specific package managers. This talk ask a few questions that we need better answers to.
http://www.slideshare.net/dberkholz/is-distributionlevel-package-management-obsolete
It’s the last chance to complete the Developers and Application Security – Who is Responsible? survey. Do take the time to fill this in if you get the chance, the results should be interesting.
http://trustedsoftwarealliance.com/2013/12/12/survey-developers-and-application-security-who-is-responsible/
If you’re working with auditors it’s often a requirement to turn audit rules into software configuration. Here’s a few examples from PCI on Debian based systems.
http://annaken.blogspot.com/2014/01/translating-user-security-for-pci.html
As any tool matures and is used by lots of developers practices and patterns emerge. This post nicely summarises a bunch of the current best practices for writing Chef cookbooks, and importantly explains the why behind the how.
http://jtimberman.housepub.org/blog/2014/02/01/evolution-of-cookbook-development/
Various conversations going on about what to install inside a container and what to just install on the container how. This post demonstrates using the Serf distributed orchestration tool running the agent within a docker container.
http://blog.ctl-c.io/?p=43
Events
QCon is coming back to London on the 5th to the 7th of March. The usual wide range of tracks, from scalable architectures, resilience and next generation cloud to devops and a track dedicated to people skills. Use the discount code devopsweekly for £100 off the conference price.
http://qconlondon.com/
Tools
Breaking the mainline build for a project of any size is always frustrating, but doubly so if that project is huge and distributed. Zuul is a gating system used by OpenStack that works with code review tools and continuous integration systems to prevent broken builds being merged into master.
http://ci.openstack.org/zuul/
NCF is a framework for configuration management built on-top of CFEngine. It helps structure CFEngine projects as well as providing strong conventions and reusable components.
http://www.slideshare.net/normation/ncf-a-powerful-and-structured-cfengine-framework
https://github.com/Normation/ncf