DEVOPS WEEKLY ISSUE #275 - 3rd April 2016

3 minute read

A bit of a change this week, Devops Weekly has a new sponsor! After talking with several interesting companies over the past month I’m happy to announce VictorOps as the new sponsor for the newsletter. You can read a little more here https://victorops.com/blog/devops-weekly-victorops-win/ and do say congratulations to them on https://twitter.com/victorops.

Sponsor

Built for DevOps – The VictorOps platform provides seamless incident management to improve uptime and make on-call suck less.

Start your free trial today: http://try.victorops.com/DevOps-Weekly

Sponsored

30-minute DevOps Performance Clinic

Join our webinar April 7th to learn the four technical metrics you should be tracking to identify software issues before they crash your system. Already having software issues? Ask our performance expert during our extended Q&A session.
http://ow.ly/10bsSL

News

The 2016 Devops Survey is open. For those that haven’t seen previous years this is an in-depth study into the adoption of various devops practices within organisations. The results from previous years are hugely useful to anyone promoting or encouraging devops adoption so please do take the time to fill it in this year.
http://bit.ly/2016DevOpsSurvey

Interesting overview, including looking into the technical details, of Twitter’s observability platform - focused on measurement and metrics for a complex distributed system.
https://blog.twitter.com/2013/observability-at-twitter
https://blog.twitter.com/2016/observability-at-twitter-technical-overview-part-i

Some good advice for anyone adopting devops practices. A simple set of tests focused around reducing silos, minimising hero behaviour, simplifying environments and more.
https://medium.com/@stahnma/from-devops-to-devops-e51d70758da6#.dvtkmtct9

A nice review of the recent designing delivery book, with a number of important points about the applicability of system thinking to operations.
https://oliverbaier.wordpress.com/2016/03/27/designing-delivery-by-jeff-sussna/

A good reminder that by using external package repositories you’re in-effect extending your network out into the internet. As shown with the recent NPM issues this probably isn’t a great idea.
https://devcentral.f5.com/articles/what-infrastructure-should-learn-from-npm-javascript-debacle-18563

A nifty approach to preventing manual configuration drift. A simple script which tags AWS instances with a ‘contaminated’ whenever someone logs in via SSH. You could then automatically reprovision those machines.
http://www.unixdaemon.net/cloud/contaminate-aws-instance-on-login/

Announced at Build this week, Microsoft are including the Ubuntu user space in the next version of Windows 10. This post has some of the technical details and pointers to what to expect next.
http://blog.dustinkirkland.com/2016/03/ubuntu-on-windows.html

The growth of container orchestration tools has been a theme over the last year or so, with lots of momentum behind several tools and new ones emerging to compete or complement. This post delves into the relationships between some of the tools and the resulting confusion.
http://it20.info/2016/03/the-incestuous-relations-among-containers-orchestration-tools/

An interesting proposal for the NPM node repository to provide a stable snapshot with support and interoperability guarantees, akin to how RedHat provide RHEL.
https://medium.com/@DanForys/is-it-time-for-a-curated-stable-npm-cdebdab6ecb6#.8vt5psaoq

A useful, if simple, checklist for anyone building websites, focusing on various security issues. It would be useful if it provided more context with each of the checklist items.
https://securitychecklist.org/

Jobs

We.Are.Expensify.com - We’re on the hunt for one bright soul to join our infrastructure team to help battle expense reports that suck. We guarantee you fun, an amazing opportunity to learn and teach, and the siren’s call of distant riches. With a healthy mix of cloud and owned racks, you’d work hand-in-hand in our engineering org on a profitable, well-loved product with a focus on improving scaling and security.

we.are.expensify.com/jobs

Cloud infrastructure Developer – in Test (perm) Hiscox is undertaking a high profile internal project to start making use of cloud services in 2016/17. At the core of this will be a small specialised team, dedicated to providing an automated delivery pipeline for Infrastructure as Code as well as a steadily increasing portfolio of applications. Quality and pace of change are core considerations in this effort. This role is responsible for ensuring quality in all aspects of the delivery cycle with a focus on test automation.
https://careers.peopleclick.com/careerscp/client_hiscox/external/jobDetails.do?functionName=getJobDetail&jobPostId=12787&localeCode=en-us

Build & Release engineer (perm) The Build & Release Engineer helps drive the adoption of DevOps culture, methodology, tools and processes across IT delivery teams in a way that add tangible business value to Hiscox. Key responsibilities include ensuring that technical teams are trained and in Continuous Delivery processes and associated tool chain (Splunk, UCD, Puppet, Bamboo, GIT etc)
https://careers.peopleclick.com/careerscp/client_hiscox/external/jobDetails.do?functionName=getJobDetail&jobPostId=12498&localeCode=en-us

Events

The DevSecCon conference is coming back to London on the 20th of October and currently has an open call for proposals. Last year was a great cross-section of people from development, operations and security so a highly recommended event to speak at or attend.
http://www.devseccon.com/call-for-proposals/

Tools

Netdata is a tool for real-time performance measurements for computer infrastructure. It deals with per-second measurements and displays them on an interactive dashboard.
http://netdata.firehol.org/
https://github.com/firehol/netdata

Lynis is a security auditing and hardening tool for Linux and Unix based systems. Implemented as a set of plugins it scans and reports on various vulnerabilities or misconfigurations.
https://github.com/CISOfy/lynis

Built for DevOps – The VictorOps platform provides seamless incident management to improve uptime and make on-call suck less.

Start your free trial today: http://try.victorops.com/DevOps-Weekly

Updated: