Serverless and data centre posts this week, along with discussions of the importance of software release processes, modern cloud forensic tools, configuration in AWS and more.

Sponsor

Continuously deliver and integrate while maintaining reliability with DevOps. Reduce friction and break down silos to build a collaborative DevOps culture dedicated to mitigating incident frequency, severity, and blast radius:
http://try.victorops.com/devopsweekly/devops-outage-collaboration

News

A useful set of best practices for serverless with tips on single-purpose functions, avoiding connections, using queues and more.
https://medium.com/@PaulDJohnston/serverless-best-practices-b3c97d551535

A nice introduction to the open compute project (OCP) which is creating and maintaining open specifications for server and datacenter hardware.
http://blog.cmd.nu/2018/08/open-datacenter-hardware-what-is-ocp.html

Good tips for ensuring the software release process is robust, emphasising that this means clear ownership and treating deployment software like the critical production system it is.
https://charity.wtf/2018/08/19/shipping-software-should-not-be-scary/

An interesting look at a forensics tool for cloud environments. Diffy picks up on differences between hosts that should be the same, and flags those for further investigation.
https://medium.com/netflix-techblog/netflix-sirt-releases-diffy-a-differencing-engine-for-digital-forensics-in-the-cloud-37b71abd2698

A detailed introduction to CQRS and event sourcing, containing lots of practical tips for implementing architectures based on this pattern.
https://medium.com/@hugo.oliveira.rocha/what-they-dont-tell-you-about-event-sourcing-6afc23c69e9a

A how-to for using AWS System Manager Parameter Store to store secrets, and other configuration, for your applications running on AWS.
https://www.davehall.com.au/blog/dave/2018/08/26/aws-parameter-store

The 12 factor applications pattern has been hugely influential, however this post takes issue with the use of environment variables for configuration. I see that as an interface requirement, how you manage that configuration is a separate concern.
https://krisbuytaert.be/blog/115-factor-apps/

CNCF - Cloud Native Computing Foundation

EnvoyCon is taking place on December 10th in conjunction with KubeCon + CloudNativeCon North America. Interested in sharing your expertise on Envoy? Submit a proposal to speak by August 24th!
http://bit.ly/2OjkMIp

Tools

A handy single sign on proxy application for controlling access to internal services. SSO integrates with Google accounts with OAuth2.
https://github.com/buzzfeed/sso

Kube Hunter is a handy tool for testing the security of a Kubernetes cluster. It can be run from outside the cluster or, interestingly, as a Pod to check what a compromised application would be able to access.
https://github.com/aquasecurity/kube-hunter

Continuously deliver and integrate while maintaining reliability with DevOps. Reduce friction and break down silos to build a collaborative DevOps culture dedicated to mitigating incident frequency, severity, and blast radius:
http://try.victorops.com/devopsweekly/devops-outage-collaboration