DEVOPS WEEKLY ISSUE #290 - 17th July 2016

3 minute read

Hopefully something for everyone this week, or lots for people interested in everything. From serverless and function-as-a-service tools and discussions to the importance of well-maintained QA environments and the basics of SQL. Plus container adoption stories and devops in the enterprise. Phew.

Sponsor

Downtime is expensive - in more ways that one. Learn the costs of downtime and how to minimize them in the new eBook from VictorOps, “Making the Case for Real-Time Incident Management.”
http://try.victorops.com/downtimedata/devopsweekly

Sponsored

Verizon’s DevOps Transformation [webcast replay]

Check out this webcast replay to hear Nita Awatramani, Associate Director at Verizon Enterprise Solutions, share how Verizon was able to streamline operations, optimize business output and deliver more useful products faster to their consumers by using a DevOps approach. The results are amazing!
http://ow.ly/ooQd300TUwM

News

An interesting opinion about improving the state of software security, by taking influences from the evolution of testing and software quality over the past 10+ years.
https://medium.com/@moshjeier/software-security-does-quality-provide-a-blueprint-for-change-252691df1b3#.t7lvlo37o

It’s common to have some sort of intermediary QA environment for various forms of testing. It’s also too common for that environment to be poorly maintained and often to make it slow to get changes into production safely. Some tips to fix the impasse.
http://www.michaelnygard.com/blog/2016/07/qa-instability-implies-production-instability/

An interesting case-study of one large retailers devops transformation efforts. Some good points about optimising the hiring process and about initial missteps.
http://www.v3.co.uk/v3-uk/analysis/2464611/sainsburys-devops-revolution-cuts-upfront-capital-costs-and-lead-times-for-new-services

A detailed look at what we mean by Serverless. Includes some of the pros and cons, impact on operations, examples of emerging architectures and more.
http://martinfowler.com/articles/serverless.html

A nice practical container adoption story, focused on the benefits of a single deployment artefact and eschewing introducing a scheduler.
https://gocardless.com/blog/from-idea-to-reality-containers-in-production-at-gocardless/

Another practical container story, this time in a much larger enterprise organisation which chose to use Puppet along with Docker UCP to build and manage a container platform.
https://scottydoesntknow.io/building-a-caas-for-the-enterprise-part-1/

A good list of the good, bad and ugly when it comes to adopting a platform (or indeed container) as a service. Everything from issues with networking and metrics to the advantages of consistency.
https://sysdig.com/blog/deploying-private-paas-good-meh-aw-crap/

SQL is pretty amazing, but can be hard to get your head around more than just the basics. This post provides a great beginners guide to the important concepts.
http://www.sohamkamani.com/blog/2016/07/07/a-beginners-guide-to-sql/

A great review of the recent Realtime Data Processing at Facebook paper. The paper covers the variety of different tools used and build for realtime data analytics and introduces 5 design decisions for anyone building similar systems.


https://blog.acolyer.org/2016/07/11/realtime-data-processing-at-facebook/

Jobs

Vrtigo is a VR analytics company looking for talented data and infrastructure engineers. We’re a funded startup in downtown SF backed by Samsung, the leader in VR headset shipments. You’ll help build and maintain our data pipeline using technologies like Kafka, Spark, and Cassandra, and container schedulers like Mesosphere and Kubernetes. There’s also a healthy amount of Golang and some dabbling in the latest VR development environments. Join us if you want to change the way VR experiences are created.
http://vrtigo.io/careers

Tools

Sanctuary is a handy tool for launching a Vault instance in AWS. It provides a simple tool which configures AWS services like S3 (for logs), DynamoDB (for secrets) and a VPC network, along with certs from letsencrypt.
https://www.drud.com/sanctuary-a-turn-key-vault-in-the-cloud/

LeverOS is an open source serverless (or function-as-a-service) platform. Functions are written in Javascript and uploaded by the included tools, and can then be executed using the same tool or via an HTTP API.
https://github.com/leveros/leveros

If you’re seriously using AWS you often end up with multiple credentials to manage, whether for multiple accounts of IAM profiles. Enter ASAM, which provides a handy utility to switch between accounts, as well as helpers for ssh and scp.
https://github.com/mheffner/awsam

A nifty way of assigning IAM credentials to individual docker containers rather than to hosts. Involves some iptables hackery but useful for some usecases.
https://github.com/swipely/iam-docker

Kong is an interesting looking proxy built atop Nginx, but exposing configuration via a simple HTTP API and allowing for a set of pre-existing plugins to be added to individual routes.
https://getkong.org/

Downtime is expensive - in more ways that one. Learn the costs of downtime and how to minimize them in the new eBook from VictorOps, “Making the Case for Real-Time Incident Management.”
http://try.victorops.com/downtimedata/devopsweekly

Updated: