DEVOPS WEEKLY ISSUE #372 - 11th February 2018

2 minute read

A busy week at Configuration Management Camp (still one of my favourite events) and a busy week for interesting posts as well, covering incident management and on-call, as well as the pros of fast release cycles, coverage of Devopsdays NYC and more.

Sponsor

Asking five (or more) whys is outdated. So is trying to find a Root Cause Analysis. Take a look at the case against RCA
http://try.victorops.com/DevOpsWeekly/ChatOpsUpdate

News

An excellent post on the state of on-call, digging into why it’s important for developers running services, and how to make it manageable.
https://medium.com/@copyconstruct/on-call-b0bd8c5ea4e0

A great set of notes from the recent Devopsdays New York, covering talks on failure, debugging systems, the history of devops, building teams, Kubernetes and more.
http://noidea.dog/blog/devopsdays-nyc-2018

One of the talks from Configuration Management Camp last week, looking at how to effectively test Ansible modules and playbooks using InSpec and Test Kitchen.
https://www.slideshare.net/nathenharvey/effective-testing-with-ansible-and-inspec

A series of posts on incident management in one team, looking at definitions and the integration of chatops into the process.
https://devblog.xero.com/sre-xero-managing-incidents-part-i-7d02d650a71c
https://devblog.xero.com/sre-xero-managing-incidents-part-ii-224a6e06f426

A detailed look at the performance impact of the Linux kernel page table isolation (KPTI) patches that workaround the Meltdown bug.
http://www.brendangregg.com/blog/2018-02-09/kpti-kaiser-meltdown-performance.html

An interesting observation on software developers and ivory tower architects. I think this applies to infrastructure and operations design too.
http://www.codingthearchitecture.com/2018/02/09/todays_software_developers_are_the_ivory_tower_architects_of_tomorrow.html

A post on the Kubernetes release cycle, which also covers some of the details of how the special interest group model works and the reason why the fast pace of change is a good thing.
https://gravitational.com/blog/kubernetes-release-cycle/

Another series of posts, this one on getting started with Puppet on Windows. Covers the basics as well as facter, hiera and managing modules with r10k, all from the perspective of a Windows administrator.
http://wragg.io/getting-started-with-puppet-on-windows/
http://wragg.io/puppet-variables-expressions-facts-and-hiera-on-windows/
http://wragg.io/using-puppet-modules-forge-and-r10k/

A useful slidedeck on best practices for securing Kubernetes, with a look at basic threat vectors and how to mitigate the risk.
https://speakerdeck.com/ianlewis/kubernetes-security-best-practices

CNCF - Cloud Native Computing Foundation

Free Webinar - Deployment Strategies on Kubernetes February 13, Online
https://goo.gl/3gUvFY

Take a practical look at the different strategies to deploy an application to Kubernetes. We list the pros and cons of each strategy and define which one to adopt depending on real world examples and use cases.

Tools

Lots of problems occur between development and production due to differences in data. Dotmesh aims to solve those problems by allowing you to capture, manage and share the state of your whole application using a git-like CLI tool and a central hub.
https://dotmesh.com/blog/introducing-dotmesh/
https://github.com/dotmesh-io/dotmesh

The YAML language is actually huge, with features most people don’t use or know about, some of which result in interesting security problems. SafeYaml is an interesting idea, a small subset of YAML enforced by a simple linting tool.
https://github.com/imbal/safeyaml

Asking five (or more) whys is outdated. So is trying to find a Root Cause Analysis. Take a look at the case against RCA
http://try.victorops.com/DevOpsWeekly/ChatOpsUpdate

Updated: