2 minute read

So, with newly released major security vulnerabilities in bash, AWS rebooting and lots of people at Puppet Conf, Icinga Camp and Surge it’s been a quite week.


Devops Weekly is sponsored by Brightbox Cloud - serious UK-based cloud infrastructure from only 1.5p per hour (£10.95/month)

Start your £20 free trial now: http://brightbox.com/devopsweekly

Sponsored event

O’Reilly Velocity is coming on 17-19 November in Barcelona. You can enter to win a free conference pass by tweeting an answer to any of the following questions and using the hashtag #velocitytrivia, or by emailing [email protected].

Q. Name the keynote talk whose speaker works at a subsidiary of the Financial Times in London. Q. Which Velocity Event gives you 5 mins. to get on stage and talk your latest passion, idea or hack? Q. What session can I attend to learn if TLS is fast yet?

The deadline for entry is Wednesday 1st October 2014 at 1am GMT. One winner will be chosen at random.


If you ever attend, or plan to attend, an industry event you should read this post. Heck, if you plan to leave your house your should read it. Our amazing community has a problem with diversity and anything you can do to make it more welcoming has to be a good thing.

By now everyone will probably be aware, but just in case, Bash has a serious vulnerability that probably affects you. This is the best write-up I’ve found which quickly explains how this works and how it could be exploited.

My talk from the recent Puppet Conf (disclaimer: I’m now a Puppet Labs employee), all about high level infrastructure testing. Includes a few experiments writing tests against infrastructure APIs and talks a bit about policy driven development.

A full chapter on infrastructure automation from the Practicing Ruby book, stepping through the why alongside step-by-step examples of Chef recipes.

I’ve made this point before but not so eloquently. If you’re writing Puppet, Chef or similar DSL based tool then you’re a programmer.

Syslog is great, except when the standard isn’t actually adhered to. This next post shows how to deal with this situation using logstash and grok filters.

At a previous job I a bit of desktop work, so this article about applying modern automation and devops approaches to large scale desktop systems was interesting. Lots of good points and ideas.

A good talk and slide deck which quickly explains the state of networking for docker containers.

It’s difficult to get people to work effectively together if they have never met, so for distributed organisations organising an internal conference is a nice idea. This post covers a few gotchas and an experience report from a recent effort.


How much do companies pay for DevOps engineers? Find out in a Hired auction where 1,000+ companies in SF, NYC, LA, & SEA send you offers with salary & equity up front. Join today!


The new puppet server was released at Puppet Conf. Puppet server is a drop-in replacement for the current puppet master with some pretty big performance and scalability improvements.

If you’re using Route53 DNS then Roadworker should be of interest. It’s a Ruby based DSL for creating zones and records. Good examples too.

If like me you’re maintaining a number of puppet modules you probably have an occasional day when you try and remember to update lots of static files (Rakefile, .travis.yml, Gemfile, etc.) across all of them. Modulesync looks a nice solution to that issue.