The Kubernetes community is starting to move on beyond the core APIs and we’re seeing lots of innovation around custom resources. A few examples in today’s newsletter highlight this - for deployment, networking and user management. I’m sure we’ll see a lot more happening with CRDs next year too.

From our sponsor, Victorops

Combine the power of on-call scheduling and alerting in one powerful solution. When on-call scheduling software is highly integrated with your alerting platform, you improve overall incident visibility and collaboration. Learn more about managing your on-call and alerting platform:
http://try.victorops.com/devopsweekly/managing-on-call-systems

News

After a number of discussions at KubeCon last week, I wrote up some details about CNAB. This post explains Cloud Native Application Bundles in terms of existing emerging patterns and prior-art in the infrastructure as code space.
https://www.morethanseven.net/2018/12/15/what-is-cnab/

A good in-depth post on microservices architectures. It goes into some of the technical problems, but emphasises the social advantages.
https://medium.com/@odedia/microservices-are-for-humans-not-machines-721a6a56344f

This post compares and contrasts the classic middleware tier and the enterprise service bus with the new breed of service mesh technologies.
https://www.cloudops.com/2018/09/does-the-service-mesh-spell-the-end-for-middleware/

An interesting approach to visualising and communicating information about the health of an IT estate to senior management. Operations tends to focus on real-time visualisations, but big picture has a place for longer-term decision makers.
https://medium.com/@pollyrt/the-state-were-in-c7549cb03938

Statemaps look like an interesting approach to visualising the state of a system over time, focused mainly on prompting questions amongst observers which may warrant investigation.
https://www.slideshare.net/bcantrill/visualizing-systems-with-statemaps

A good talk on moving from a smaller team and monolith to a much larger, distributed team and service-based architecture. Lots of real-world technology and people observations from a growing team and system.
https://www.infoq.com/presentations/airbnb-soa-migration

Notes for a lecture on the different ways of restricting processes in Unix-family operating systems. A tour through ACLs, shells, chroot, cgroups, namespaces and more. Everything that underpins containers today.
https://www.netmeister.org/blog/restricting-processes.html

A multi-part series on the architecture of Tomcat as it pertains to monitoring, as well as what to monitor and which tools and JVM settings will help.
https://www.datadoghq.com/blog/tomcat-architecture-and-performance/
https://www.datadoghq.com/blog/tomcat-monitoring-tools/

Some handy tips for folks adopting there testing approach to devops practices, mentioning the importance of test data, service virtualisation, continuous integration and more.
https://www.agileconnection.com/article/5-key-factors-achieve-agile-testing-devops

Tools

Shipper introduces deployment strategies (like blue/green deployments and canary releases) into the Kubernetes API. Nicely avoids complex CI automation or deployment scripts, and integrates with Helm charts.
https://github.com/bookingcom/shipper

Osiris enables greater resource efficiency within a Kubernetes cluster by allowing idling workloads to automatically scale-to-zero and allowing scaled-to-zero workloads to be automatically re-activated on-demand by inbound requests.
https://github.com/deislabs/osiris

ecs-deploy is a continuous deployment platform for AWS ECS. It automates deploys based a simple JSON file which can be integrated in your CI/CD.
https://github.com/in4it/ecs-deploy

With more systems comes more places to store user authentication and authorization information. rbacsync introduces Kubernetes custom resources to avoid this problem, syncing user details from Google accounts to native Kubernetes RBAC.
https://github.com/cruise-automation/rbacsync

Combine the power of on-call scheduling and alerting in one powerful solution. When on-call scheduling software is highly integrated with your alerting platform, you improve overall incident visibility and collaboration. Learn more about managing your on-call and alerting platform:
http://try.victorops.com/devopsweekly/managing-on-call-systems