DEVOPS WEEKLY ISSUE #441 - 9th June 2019

3 minute read

Infrastructure as code, service level objectives, the importance of local development environments as well as new tools for exploring cloud-based infrastructure. Lots to read in this week’s issue.

From our sponsor, VictorOps

Want to see how to continuously improve DevOps and IT operations, along with system reliability, with this list of the top incident management KPIs to monitor? See how tracking these metrics can lead to on-call incident management that doesn’t suck:
http://try.victorops.com/devopsweekly/top-incident-management-metrics

News

Service Level Objectives are one of the tenets of SRE, this post explores how to set up alerting based on SLOs, discussing where to use white and black box testing.
https://developers.soundcloud.com/blog/alerting-on-slos

A detailed post on using AWS CDK to define AWS infrastructure using Typescript. Also covers testing serverless applications locally using SAM.
https://sanderknape.com/2019/05/building-serverless-applications-aws-cdk/

A look at why local development is different to production, starting with the point that we often have better observability looking in production than when developing the code in the first place.
https://medium.com/windmill-engineering/observability-doesnt-work-in-dev-c214a9fb3e2d

GraphQL is increasingly popular for certain types of APIs, but brings with it new types of query vulnerabilities. This post explores some of them, and ways to protect your GraphQL services.
https://blog.apollographql.com/securing-your-graphql-api-from-malicious-queries-16130a324a6b

The question of how best to partition workloads in Kubernetes comes up regularly. This post explores how one organisation uses separate clusters and namespaces to split things up between teams and environments.
https://medium.com/cruise/building-a-container-platform-at-cruise-part-1-507f3d561e6f

A post exploring building a production logging stack, looking at ingestion, data retention, disaster recovery and more.
https://medium.com/box-tech-blog/logging-at-box-more-efficient-and-more-cost-effective-b42206c59b53

A well argued post that some of the tension between monorepo and multi-repo approaches may be more to do with the properties of Git than the approaches themselves.
https://www.rookout.com/cant-git-no-satisfaction-why-we-need-a-new-gen-source-control/

Express Data Path (XDP) is a powerful tool for fast packet processing in the Linux kernel. This post introduces XDP and eBPF and the advantages of moving networking to userspace.
https://sematext.com/blog/ebpf-and-xdp-for-processing-packets-at-bare-metal-speed/

A post describing several tools for working with Kubernetes configuration, looking at kubeval and conftest for validating and testing the documents.
https://medium.com/@princerachit/validating-kubernetes-deployment-yamls-d46a16a7e664

A few tips for anyone building Docker images for Python, exploring problems with some of the common simple examples people often come across.
https://pythonspeed.com/articles/dockerizing-python-is-hard/

Jobs

Upvest is hiring a Lead DevSecOps engineer in Berlin (Visa/relocation assistance offered too). Upvest provides you with the tools to build on top of Bitcoin and Ethereum. Focus on your application, not the infrastructure. We take care of the security, of blockchain communication, and provide a simple HTTP API to allow you to build an application underpinned by the blockchain. We’re hiring especially for a lead DevSecOps engineer to codify and solidify our CI/CD and harden and secure our environment. We use GCP and Kubernetes but there is a lot of scope for designing and taking ownership of the current setup.

Interested? Send us a note along with your resume to [email protected] or check out our jobs page.
https://upvest.join.com/

Tools

Wash is a new project from the folks at Puppet. It’s a shell which allows for interacting with your cloud infrastructure using typical unix tools. Use ls to list EC2 instances or S3 buckets, use find to find specific instances, use ps to see what processes they may be running, etc.
https://puppetlabs.github.io/wash/

Typhoon is a free and open source Kubernetes distribution. As well as distributing Kubernetes, the distro also comes with Terraform code to provision and manage a cluster.
https://typhoon.psdn.io/

Bloom is a new caching solution specifically designed with HTTP REST-style APIs in mind. It has solid documentation which covers the design as well as implementation instructions.
https://github.com/valeriansaliou/bloom

Want to see how to continuously improve DevOps and IT operations, along with system reliability, with this list of the top incident management KPIs to monitor? See how tracking these metrics can lead to on-call incident management that doesn’t suck:
http://try.victorops.com/devopsweekly/top-incident-management-metrics

Updated: