DEVOPS WEEKLY ISSUE #381 - 15th April 2018

3 minute read

Some good posts on the basics this week, including continuous integration, technical debt and monitoring. Plus several posts on how Kubernetes integrates with other tools in the ecosystem.

Sponsor

Does it ever seem like post-incident reviews get in the way of continuous delivery and don’t contribute to overall site reliability? Do your post-incident reviews feel unorganized? Learn how to define the goals of your incident management and craft relevant post-incident reviews that actually help:
http://try.victorops.com/DevOpsWeekly/incident-management-goals

News

A succinct description of the value of continuous integration and continuous delivery, and the value of applying simple XP techniques when shipping software.
https://builttoadapt.io/whats-the-value-of-ci-cd-c2e6c39450bd

A good post on the concept of technical debt. It puts forward a model for measuring various characteristics of technical debt and proposes different types to watch out for.
https://engineering.riotgames.com/news/taxonomy-tech-debt

A excellent talk from microXchg on the various challenges of securing a Kubernetes cluster, showing how exploits happen, how you can defend against them and introducing some useful tools to help.
https://www.youtube.com/watch?v=YtrA7eauSSg
https://drive.google.com/file/d/1GRSNCFgni5e0ILchvTHccmmesz8IVXqh/view

A couple of posts about how to best integration Kubernetes with Vault for secrets management, including how to utilise secrets that expire.
https://medium.com/ww-engineering/working-with-vault-secrets-on-kubernetes-fde381137d88
https://medium.com/ww-engineering/working-with-vault-secrets-that-expire-aa40d00d9d2a

A set of posts on how to best monitor Amazon EBS volumes. What information can you get from CloudWatch, and what are the critical metrics to watch to best understand performance and stability.
https://www.datadoghq.com/blog/collecting-amazon-ebs-metrics/
https://www.datadoghq.com/blog/amazon-ebs-monitoring/

A set of trends for modern logging and monitoring tooling; from structured logs to service meshes and machine learning.
https://www.loggly.com/blog/6-devops-trends-watch-2018/

A useful, detailed look at the Kubernetes ingress system. Showing how to install and configure an ingress controller, along with examples of how to write your own.
https://www.joyfulbikeshedding.com/blog/2018-03-26-studying-the-kubernetes-ingress-system.html

Events

You’re invited to the O’Reilly Velocity Conference in San Jose, CA Now in its 11th year, the O’Reilly Velocity Conference (June 11-14 in San Jose, CA) helps systems engineers, software developers, and DevOps teams stay ahead of their game by keeping pace with key innovations and trends. Come to Velocity and learn the strategies and tools you need to make your systems fast, resilient, and secure. Topics include systems performance, microservices, monitoring and observability, containers, cloud infrastructure, security, and more. Early Price ends May 4. Register today to save up to $200!
https://oreil.ly/2GZ2ysI

Jobs

Pensando is an early-stage startup building something we need to test in a custom way, so we started building our own CI system, and we need some help! Requirements: Golang, Ansible and/or Chef, ops experience. Scaling experience in a VM/Container environment preferred.
http://bit.ly/2GYx85E

CNCF - Cloud Native Computing Foundation

Free Webinar - Kubernetes in Docker for Mac April 17, Online

Kubernetes was recently introduced in the desktop edition of Docker. Join us to learn about this major change and how Kubernetes was made available in Docker and as user-friendly as possible.
http://bit.ly/2GKAs8d

KubeCon + CloudNativeCon - Come together with leading cloud native contributors for a broad range of technical sessions on the cloud native ecosystem. We sold out in Austin and are excited to see thousands of you from the community join us, this time in Copenhagen!
http://bit.ly/2EARWy8

Tools

Most large organisations have a formal set of security controls, but how best to apply and monitor them? OSCAL is the Open Security Controls Assessment Language, a new project describing schemas and tools, including some examples of applying this new language via unit tests.
https://github.com/usnistgov/OSCAL

Building custom versions of Nginx can be useful, either because you want to utilise a specific library version (like OpenSSL) or because you have first or third-party custom modules. This handy build script does all the heavy lifting.
https://github.com/jaygooby/build-nginx

Does it ever seem like post-incident reviews get in the way of continuous delivery and don’t contribute to overall site reliability? Do your post-incident reviews feel unorganized? Learn how to define the goals of your incident management and craft relevant post-incident reviews that actually help:
http://try.victorops.com/DevOpsWeekly/incident-management-goals

Updated: