DEVOPS WEEKLY ISSUE #293 - 7th August 2016

3 minute read

As with most issues of the newsletter I’ve included a few links to new tools. I always appreciate it when along with the tool itself I find a blog post explaining the context. Why something was written and by whom, and snapshot of the first release, is always of interest. If you release a new tool, remember to write a blog post too.

Sponsor

Downtime can be expensive. Download the Incident Management Buyer’s Guide to learn what your DevOps team can do about it. Get your copy here:
http://bit.ly/2aoyLJ0

Sponsored

A Tale of Two Pipelines: To DevOps or Not to DevOps

Join this webinar to see two pipelines in work environments where people are running around putting out fires, pointing fingers, siloed, and losing sleep vs. teams with highly optimized communications, well defined roles, and common understood goals. You’ll take away insights on key pipeline factors that plague traditional delivery pipelines, and major practices that have significant impacts when leveraging a DevOps culture and Continuous Delivery Pipeline.
http://ow.ly/a3Av302XEHK

News

The combination of BigQuery and the GitHub archive make for a fantastic research tool. This post uncovers how Docker is being used, by looking at Dockerfiles in nearly 300,000 GitHub projects.
http://blog.javabien.net/2016/08/01/analysing-docker-projects-on-github-with-bigquery/

All of the videos from the recent Monitorama conference are now available. Combined with the previous events that’s 135 videos covering everything you ever wanted to know about monitoring.
https://vimeo.com/monitorama

Devops conversations can sometimes focus on the barriers between development and operations, but sometimes forget other silos within those separate organisations. A good post about silos within the development org.
http://techbeacon.com/app-dev-silos-are-devops-killers-start-tearing-them-down

When learning how to secure applications it’s useful to have an insecure application with known vulnerabilities to learn from. Bad Dockerfile is a known insecure Dockerfile, useful for testing tools or learning more about container image security.
http://www.stindustries.net/docker/bad-dockerfile/

An informative story for anyone exploring chaos engineering approaches to building resilient systems. EC2, Systemd, ECS and more services combine to provide hard-to-simulate failures.
https://medium.com/production-ready/a-little-story-about-amazon-ecs-systemd-and-chaos-monkey-8bc7d1b5778#.iv3uuesg4

I’m also interested in academic research into various devops topics and happy to help when I can. This survey is aimed at investigating how applications should be designed to enable and better support continuous delivery practices.
https://docs.google.com/forms/d/1UPn1ucLXXgp-OQttw4KizO4L_vFjKs-jhYp3sAiRWIU/viewform

A good post on why it’s crazy to be dismissive of existing applications and existing infrastructure running an organisation when talking about moving to cloud services or more modern architectures.
https://apprenda.com/blog/cloud-existing-x-dilemma/

A good discussion of one of the tenets of mircoservices, that of being independently deployable.
https://medium.com/built-to-adapt/on-orchestrated-microservices-5c8bd787ead4#.1zp3uj2oe

A quick look at the current state of image signing for containers. Discussion of different approaches, why signing is useful and what some of the tools are doing today.
https://anchore.com/blog/signed-sealed-deployed/

Message queues are powerful tools for various tasks, but using them well can be challenging. This post is a good introduction to publish/subscribe architectures and some of the challenges of real time data processing with queues.
https://blog.ably.io/message-queues-the-right-way-to-process-and-work-with-realtime-data-on-your-servers-2d15985301f8#.8cydtmmeo

A nice, step-by-step look at using Google Cloud to setup a Jenkins based pipeline used to deploy a simple web application to Kubernetes, running in GKE.
https://medium.com/google-cloud/zero-to-continuous-delivery-with-google-cloud-platform-8e3bf1312fb5#.a6or4atmv

A simple example of writing a chat bot for Slack to act as a deployment tool. The power covers some of the pros for deploying via chat, but I do which it talked about some of the downsides and issues too.
https://tech-blog.serenytics.com/deploy-your-saas-with-a-slack-bot-f6d1fc764658#.n2xawflez

Jobs

Is Chef more to you than a character on South Park? Find new DevOps opportunities on Hired.
http://hrd.cm/23r2ok5

Events

Devopsdays Berlin is coming up later this year on November 16th and 17th. The organisers are on the lookout for sponsors and speakers, so get your submissions in before the 1st of September.
http://www.devopsdays.org/events/2016-berlin/welcome/

Tools

Terraform is an increasingly common tool for describing cloud infrastructure in code, but using it in teams requires some sharing of state. Enter Terragrunt, an open source service you can run to support locking and sharing state between users.
https://blog.gruntwork.io/add-automatic-remote-state-locking-and-configuration-to-terraform-with-terragrunt-656a57565a4d#.ejrf45azt
https://github.com/gruntwork-io/terragrunt

An interesting approach to creating an Apt package repository on S3, using Lambda to build the package index automatically when you upload new packages.
http://webscale.plumbing/managing-apt-repos-in-s3-using-lambda
https://github.com/szinck/s3apt

Skopeo is a command line utility for various operations on container images and image repositories. The main feature is the ability to explore image and layer metadata without pulling the filesystem portion.
https://github.com/projectatomic/skopeo

Downtime can be expensive. Download the Incident Management Buyer’s Guide to learn what your DevOps team can do about it. Get your copy here:
http://bit.ly/2aoyLJ0

Updated: