DEVOPS WEEKLY ISSUE #330 - 23rd April 2017

3 minute read

A packed issue this week with everything from service management to new container tools and views of devops as a movement to in-depth incident reports.

Sponsor

Incident management is essential to modern DevOps environments. Learn why in the eBook, “Making the Case for Real-time Incident Management” from your friends at VictorOps.
http://try.victorops.com/realtime_incident_mgmt/devopsweekly

Sponsored

Practical Tips to Start Your DevOps Journey

Even when DevOps is not fully embraced throughout an organization there are still benefits. And getting started can be quicker than you think. In this on-demand webinar, Andreas Grabner, Chief DevOps Activist at Dynatrace, shares practical tips that all IT groups can use to start their DevOps journey quickly.
http://ow.ly/yJpv306Zlyy

News

Management tools tend to need a great deal of access to your systems to do there job, so protecting the interfaces to those management tools should be a priority. Some good advice and discussion of common patterns.
https://www.ncsc.gov.uk/blog-post/protect-your-management-interfaces

A nice look at the new LinuxKit project announced at DockerCon. This post delves into running the build tools and demonstrating how testing works, as a way to understand the potential of the tool.
https://gianarb.it/blog/linuxkit-operating-system-build-for-containers

An excellent writeup of issues with not securing a Kubernetes infrastructure during a recent CTF exercise. The issues are well explained, and nicely demonstrate the new attack surface areas with new tools.
https://hackernoon.com/capturing-all-the-flags-in-bsidessf-ctf-by-pwning-our-infrastructure-3570b99b4dd0

A detailed set of slides from DockerCon, covering how to analyse the performance of your applications running in containers.
https://www.slideshare.net/brendangregg/container-performance-analysis

Building systems automatically based on metadata is a lot less effort than describing them upfront. This post provides a great example of this looking at configuring monitoring and logging for applications running on Kubernetes.
https://medium.com/@micahhausler/compose-your-infrastructure-dont-micromanage-it-5cb2062946c

A quick introduction to the challenges of Windows server automation, and a look at the Chocolatey package manager, including the DSC integration.
https://www.slideshare.net/ferventcoder/software-management-with-powershell-dsc-and-chocolatey-powershell-summit-2017

I included a wide ranging infrastructure survey a few months back, and the results of that survey have just been published. Data on the adoption of configuration management tools, deployment pipelines, container adoption and more.
https://medium.com/@rothgar/infrastructure-survey-results-ec6ab950c5b

A nice summary of why ITIL and Devops are not incompatible. I like the statement “ITSM is Devops best practice.”
http://blog.queueload.com/2017/04/19/itil-devops-the-clash-that-shouldnt-be/

It’s always interesting to read people’s views of devops and this post makes some good observations about the changing role of developers and operators. I don’t buy all of it, and it’s too San Francisco centric, but a worthwhile read.
https://medium.com/@cindysridharan/what-is-devops-5b0181fdb953

Another good view of devops, again not one I completely buy into. The argument here is the operability is a clearer thing to aim for that the less easily measured devops.
http://www.alwaysagileconsulting.com/articles/aim-for-operability-not-devops-as-a-cult/

A good explanation of why you might want to turn over infrastructure on a regular basis, in this case terminating and restarting containers and hosts every day. No mention of dealing with forensics in this model of operations though.
https://blog.edgemesh.com/edgemeshs-clean-slate-protocol-782fa00eb3c6

Some good tips for anyone maintaining a Chef infrastructure (or really any large codebase) in particular focused on good naming practices and building for collaboration.
https://blog.dnsimple.com/2017/04/cookbook_maintenance/

An interesting way of explaining AWS VPC networking via a town planning analogy. Useful given the large number of concepts in the VPC APIs.
http://start.jcolemorrison.com/aws-vpc-core-concepts-analogy-guide/

A good first-hand report of dealing with an incident at scale, and the importance of holding a postmortem.
https://cloudplatform.googleblog.com/2017/02/Incident-management-at-Google-adventures-in-SRE-land.html

Jobs

Articulate is looking for Site Reliability Engineers in Europe and Australia to join our Engineering Ops team. We’re a fully distributed company with a high degree of autonomy and no office space. At Articulate you’ll work remotely with an awesome team of engineers to evolve our services, improve site reliability, contribute to open source projects, and delight our customers. Join us in building systems and tools that enable our engineers to ship with speed and confidence so we can empower millions of learners around the world.
http://articulate.applytojob.com/apply/YTxubFfTMS

As a talented developer, shouldn’t companies apply to you? On Hired, we empower you to find your ideal role, by delivering multiple job offers, with upfront compensation details and personalized career support.
http://hrd.cm/2jHrf1B

Tools

Kubemr is a mapreduce framework for data processing on Kubernetes. It’s an interesting example of using the various Kubernetes primitives to build higher-level systems.
http://www.sajalkayan.com/post/kubemr.html
https://github.com/turbobytes/kubemr

Vaul UI is a user interface for the Vault secrets management application. It’s neatly packaged as either a local application or a shared web app, and supports a number of backends for authentication.
https://github.com/djenriquez/vault-ui

Deputize neatly integrates PagerDuty and LDAP, by exporting on-call information from a PagerDuty schedule to a configurable LDAP group.
https://blog.threatstack.com/balancing-security-and-your-on-call-rotation-using-deputize
https://github.com/threatstack/deputize

Weathervane is a new application for conducting a performance benchmark against a virtualized or cloud environment.
https://blogs.vmware.com/performance/2017/04/weathervane-performance-benchmarking-now-open-source.html
https://github.com/vmware/weathervane

Incident management is essential to modern DevOps environments. Learn why in the eBook, “Making the Case for Real-time Incident Management” from your friends at VictorOps.
http://try.victorops.com/realtime_incident_mgmt/devopsweekly

Updated: