DEVOPS WEEKLY ISSUE #220 - 22nd March 2015
Doing the newsletter every week means that themes definitely emerge for some issues depending on what I’ve been reading that week. This week that means lots of interesting security content - from the very basics of setting up servers to advanced future container security ideas.
Sponsor
Devops Weekly is sponsored by Brightbox Cloud - serious UK-based cloud infrastructure from only 1.5p per hour (£10.95/month)
Start your £20 free trial now: http://brightbox.com/devopsweekly
Sponsored book
[eBook] 3 expert tips to enable a DevOps transformation & more
Companies utilizing DevOps practices are 2.5x more likely to exceed profitability, market share, and productivity goals. Get expert tips to enable a high performance DevOps transformation from guru Gene Kim, co-author of The Phoenix Project, and other experts.
http://cpwr.it/KigTf
News
A solid update on where container (and Docker) security is heading. Discussion of user namespaces to better isolate individual containers and seccomp to reduce the syscall surface area.
http://opensource.com/business/15/3/docker-security-future
A nice tutorial on basic server security measures, including SSh keys, firewalls, VPN all the way up to a private PKI. A good introduction to the why rather than the how,
https://www.digitalocean.com/community/tutorials/7-security-measures-to-protect-your-servers
A solid business argument for all the agile and devops discussions, focusing first on the growing need to adapt quickly, and then on the resulting need to reduce the cost of change.
http://blog.christianposta.com/microservices/microservices-and-reducing-the-cost-of-change/
A nice discussion of how to evolve team structures towards a devops mindset, including the idea of introducing a tools team to get things moving.
https://www.rallydev.com/community/engineering/you-dont-need-devops-team-you-need-tools-team
An excellent talk entitled AppSec is eating Security. Covers lots of material, from the importance of browser security to passwords and the move away from trusted networks and hardware devices.
https://www.youtube.com/watch?v=-1kZMn1RueI
Some good points about why adopting devops practices can be difficult. Alot of it comes down to the fact change is simply difficult but some good points about the differences in focus between operators and developers.
https://theagilecoder.wordpress.com/2015/02/24/why-is-devops-so-hard/
A description of different ways of combining virtualisation and containers and the reasons why you may choose to do so.
http://mainframedebate.com/2015/03/20/virtualization-vs-containerization/
The concept of an automated deployment is still relatively new for some folks. This short presentation introduces the pipeline from the point of view of systems administration.
http://www.slideshare.net/ProfFalken/pipelines-for-sysadmins
Jobs
Do you like solving problems? Do you like solving really big problems? Do you like the idea of wrangling 600+ servers spread over 2 virtual and 2 physical data centres that handle appx. 1000 requests p/second sized problems? If so, then you might like Qubit. We are a $26m funded personalisations and analytics startup, searching for a DevOps Engineer in Soho, Central London and as mentioned, we want a problem solver.
https://qubit.workable.com/jobs/6747
Coupa is looking for a Senior DevOps Engineer to join our team in the Bay Area. Coupa makes companies more profitable by amplifying their spend power, all with one simple platform that people actually enjoy. We use AWS, Chef, Ruby on Rails, and similar technologies. You would be working on a large scale web operation that supports millions of critical business processes for multinationals around the world, and would help us find innovative & creative ways to scale our platform.
http://hire.jobvite.com/CompanyJobs/Careers.aspx?nl=1&k=Job&j=oaPJZfwr&s=Newsletter%3a_DevOps_Weekly
Cloudsoft (cloudsoft.io) need smart cutting-edge developers to help grow open source tools for application blueprinting and automation: Apache Brooklyn (brooklyn.io) and clocker.io. You’ll be working with a wide range of systems, from analytics and nosql to networking and paas, to codify deployment and policies for management, and to extend the YAML blueprinting language. Java, JS, networking, bash and/or chef/salt/etc expertise advantageous. Remote and flexible working an option.
http://www.cloudsoftcorp.com/company/#careers
Tools
A nice and simple way of getting metrics from elasticsearch to graphite. Nice screenshots to show you what you’re getting too.
https://github.com/jamiealquiza/es-stats
A minimal githook application configured using a json file. You can set commands to run based on the repository changing and sent output to stdout and to slack.
https://github.com/octplane/small-deployer
Devops Weekly is sponsored by Brightbox Cloud - serious UK-based cloud infrastructure from only 1.5p per hour (£10.95/month)
Start your £20 free trial now: http://brightbox.com/devopsweekly