DEVOPS WEEKLY ISSUE #251 - 25th October 2015

2 minute read

More great conferences and more great content this week, with a few things from DevSecCon in London and from Devops Enterprise in SF. I’m at OSCON and Velocity in Amsterdam all this coming week so if you’re there do say Hi.

Sponsor

Devops Weekly is sponsored by Brightbox Cloud: the multi-zone cloud platform built for High Availability.

Try an SSD cloud server in 30 seconds with your £20 free credit…
http://brightbox.com/devopsweekly

Sponsored

[eBook] Goodbye War Room, Hello DevOps 2.0

Make war rooms the exception, not the rule in 2.0. Discover 6 ways to build quality into everything and say goodbye to crazy expensive bug fixing and war rooms.
http://ow.ly/OMSU2

News

Great post on why empathy isn’t something you have or you don’t, it’s a constant process of continuous design and conversations.
http://blog.ingineering.it/post/131687591759/revisiting-empathy

A really good presentation on practical steps organisations can take to improve, focusing on accelerating learning and making work visible across the organisation.
http://www.slideshare.net/dev2ops/devops-kaizen-practical-steps-to-start-sustain-a-transformation

The Rumprun project aims to provide just enough OS to take various POSIX environments and allow for compiling them down to run as unikernels. This example shows how that’s done with Rust.
https://gandro.github.io/2015/09/27/rust-on-rumprun/

A nice high-level overview of various points in a typical development lifecycle that security considerations or tools can be integrated.
https://securosis.com/blog/building-security-into-devops-security-integration-points

I’ve seen a number of different approaches to container image builds and this post describes (and gives a name to) a method using an intermediary image to build the final image, without the need to expose the implementation (say Docker) to the original developer.
https://zwischenzugs.wordpress.com/2015/07/04/redhats-docker-build-method-s2i/

One of the talks from the DevSecCon event in London this last week. This talk focuses on what is required from security to evolve for devops and contains lots of before and after examples for discussion.
http://www.slideshare.net/shannonlietz/devseccon-keynote-london-2015

A great demonstration of the potential of combining resource schedulers and container. This demo shows low and high priority jobs seamlessly and quickly scaling up and down using the force12 microscaling.
http://blog.force12.io/2015/10/16/microscaling-in-a-box.html

An interesting break-down of the container ecosystem today. Covering everything from platforms to tools. Still lots of gaps but the authors are accepting pull requests.
https://sysdig.com/the-container-ecosystem-project/

A nice introduction to Lattice and Diego, two of the open source components of the larger Cloud Foundry which can be used as a lightweight but pretty comprehensive container management system.
http://thenewstack.io/microservices-made-easier-cloud-foundrys-lattice-diego/

Documentation is important and hard to get right for any non-trivial application. This post details some of the reasons why documentation goes wrong, and lays down some opinions for a solid documentation effort.
http://hackingdistributed.com/2013/02/11/principled-documentation/

Tools

An interesting experiment in writing a threat model in code, alongside the application code. Threatspec parses comments in a specific format and outputs useful documentation and diagrams.
http://threatspec.org/
https://github.com/pki-io/threatspec

Anycast is commonly used in datacentres but generally not available in typical cloud environments like AWS. AWSnycast aims to address that by creating a routing daemon for AWS route tables. It can already be used to create an HA NAT service.
https://github.com/bobtfish/AWSnycast

Devops Weekly is sponsored by Brightbox Cloud: the multi-zone cloud platform built for High Availability.

Try an SSD cloud server in 30 seconds with your £20 free credit…
http://brightbox.com/devopsweekly

Updated: