DEVOPS WEEKLY ISSUE #406 - 7th October 2018
Some good posts on the act of operations this week, from discussion of SRE to more details posts on service-level objectives, physical security and observabiliy.
Sponsor
DevOps surfaces in different ways between different teams. But, holistic incident management processes benefit all DevOps teams. See for yourself why this is:
http://try.victorops.com/devopsweekly/devops-for-incidents
News
A thought-provoking piece that makes the argument that it might be too easy to rebrand operations and SRE without actually changing anything. Lots of good observations here.
https://theagileadmin.com/2018/10/02/sre-the-biggest-lie-since-kanban/
A great presentation (with notes) all about being on-call, service-level objectives, determining failure and more.
https://docs.google.com/presentation/d/1GsOYK5UGjQEgl2rNjSI7TAapkfYsNje87NBr37K36gE/edit
I’ve picked up on lots of conversations of late about right-sized services over microservices. Like with most architecture conversations there are rarely absolute solutions as much as tradeoffs to understand.
https://robertnorthard.com/devops-days-well-architected-monoliths-are-okay/
Pester is a handy testing framework for PowerShell, and this post covers using it for testing your infrastructure. Lots of references to useful libraries and an exploration of storing results for later analysis.
https://tjaddison.com/2018/09/23/Saving-and-reporting-on-Pester-Infrastructure-test-results-in-Log-Analytics
A long post that touches on the importance of end-to-end observability as systems grow, and why focusing on the critical path is a good idea for scaling development practices.
https://medium.com/@rakyll/cpdd-critical-path-driven-development-6c2592fb8ea4
Not everyone has everything hosted wtih a cloud service provider, and thinking about physical security is an important part of operating systems. This post is a nice primer on securing your server room.
https://www.hpe.com/us/en/insights/articles/how-to-secure-your-server-room-1809.html
If you’re running a popular web presence you’ll likely have people trying to abuse or compromise it. This post looks at approaches for detecting and sinkholing this sort of traffic to keep real user data safe.
https://tech.showmax.com/2018/10/sinkholing-1/
The challenges of software adoption, or changing practices, is highly context specific. This post is a nice introduction to some of the challenges of change in a classic enterprise organisation.
https://zwischenzugs.com/2018/10/02/why-are-enterprises-so-slow/
A useful post on secrets in a serverless world, looking mainly at how to manage sensitive configuration in Google Cloud Functions.
https://www.sethvargo.com/secrets-in-serverless/
CNCF - Cloud Native Computing Foundation
KubeCon + CloudNativeCon is coming up on November 13-15 in Shanghai. Join us to discuss the future of cloud native computing, including emerging trends in microservices architectures and container orchestration with technologies like Kubernetes, Prometheus, and many more.
http://bit.ly/2oPLjT6
Events
Devopsdays Philadelphia is coming up on October 23rd and 24th. Lots of create people-orientated content looking at the schedule; from checklists to humane operations practices and psychological safety.
https://www.devopsdays.org/events/2018-philadelphia/welcome/
Tools
Kubespy is a handy tool that for observing changes in a Kubernetes cluster in real team. Useful for debugging configuration and for getting a better understanding of how Kubernetes works under-the-hood.
https://github.com/pulumi/kubespy
StateSevice is a new tool for helping to manage VM-based or other stateful workloads. It provides an HTTP API for state transitions which is designed for use by other management tools like Chef.
https://code.fb.com/open-source/stateservice/
https://github.com/facebookincubator/StateService
DevOps surfaces in different ways between different teams. But, holistic incident management processes benefit all DevOps teams. See for yourself why this is:
http://try.victorops.com/devopsweekly/devops-for-incidents