DEVOPS WEEKLY ISSUE #372 - 11th February 2018
A busy week at Configuration Management Camp (still one of my favourite events) and a busy week for interesting posts as well, covering incident management and on-call, as well as the pros of fast release cycles, coverage of Devopsdays NYC and more.
Sponsor
Asking five (or more) whys is outdated. So is trying to find a Root Cause Analysis. Take a look at the case against RCA
http://try.victorops.com/DevOpsWeekly/ChatOpsUpdate
News
An excellent post on the state of on-call, digging into why it’s important for developers running services, and how to make it manageable.
https://medium.com/@copyconstruct/on-call-b0bd8c5ea4e0
A great set of notes from the recent Devopsdays New York, covering talks on failure, debugging systems, the history of devops, building teams, Kubernetes and more.
http://noidea.dog/blog/devopsdays-nyc-2018
One of the talks from Configuration Management Camp last week, looking at how to effectively test Ansible modules and playbooks using InSpec and Test Kitchen.
https://www.slideshare.net/nathenharvey/effective-testing-with-ansible-and-inspec
A series of posts on incident management in one team, looking at definitions and the integration of chatops into the process.
https://devblog.xero.com/sre-xero-managing-incidents-part-i-7d02d650a71c
https://devblog.xero.com/sre-xero-managing-incidents-part-ii-224a6e06f426
A detailed look at the performance impact of the Linux kernel page table isolation (KPTI) patches that workaround the Meltdown bug.
http://www.brendangregg.com/blog/2018-02-09/kpti-kaiser-meltdown-performance.html
An interesting observation on software developers and ivory tower architects. I think this applies to infrastructure and operations design too.
http://www.codingthearchitecture.com/2018/02/09/todays_software_developers_are_the_ivory_tower_architects_of_tomorrow.html
A post on the Kubernetes release cycle, which also covers some of the details of how the special interest group model works and the reason why the fast pace of change is a good thing.
https://gravitational.com/blog/kubernetes-release-cycle/
Another series of posts, this one on getting started with Puppet on Windows. Covers the basics as well as facter, hiera and managing modules with r10k, all from the perspective of a Windows administrator.
http://wragg.io/getting-started-with-puppet-on-windows/
http://wragg.io/puppet-variables-expressions-facts-and-hiera-on-windows/
http://wragg.io/using-puppet-modules-forge-and-r10k/
A useful slidedeck on best practices for securing Kubernetes, with a look at basic threat vectors and how to mitigate the risk.
https://speakerdeck.com/ianlewis/kubernetes-security-best-practices
CNCF - Cloud Native Computing Foundation
Free Webinar - Deployment Strategies on Kubernetes
February 13, Online
https://goo.gl/3gUvFY
Take a practical look at the different strategies to deploy an application to Kubernetes. We list the pros and cons of each strategy and define which one to adopt depending on real world examples and use cases.
Tools
Lots of problems occur between development and production due to differences in data. Dotmesh aims to solve those problems by allowing you to capture, manage and share the state of your whole application using a git-like CLI tool and a central hub.
https://dotmesh.com/blog/introducing-dotmesh/
https://github.com/dotmesh-io/dotmesh
The YAML language is actually huge, with features most people don’t use or know about, some of which result in interesting security problems. SafeYaml is an interesting idea, a small subset of YAML enforced by a simple linting tool.
https://github.com/imbal/safeyaml
Asking five (or more) whys is outdated. So is trying to find a Root Cause Analysis. Take a look at the case against RCA
http://try.victorops.com/DevOpsWeekly/ChatOpsUpdate