This week we have posts covering serverless operations, Kubernetes failure stories to learn from, discussions of how to make the argument for investing in technical infrastructure and case studies involving monitoring and deployment infrastructure.

From our sponsor, VictorOps

Cloud-based microservices, serverless architecture and distributed systems in a culture of continuous deployment leads to more incidents. See how you can build a DevOps-focused incident response and management plan for public, private and hybrid clouds:
http://try.victorops.com/devopsweekly/incident-response-hybrid-clouds

News

Prioritisation of finite resources is a common part of conversations around operations or devops. This post looks in detail at why investing in foundational technical infrastructure is important, and how to make the case for that investment.
https://lethain.com/how-to-invest-technical-infrastructure/

Understanding how systems fail is a critical part of operations. This site is collecting failure stories from Kubernetes users and has a nice summary of the impact and the technologies involved.
https://k8s.af/

The OWASP Top 10 security vulnerabilities is widely referenced. A new version of the top 10 specifically targeting Serverless applications is therefore potentially very useful. It covers issues with misconfiguration, injection vulnerabilities, auth problems and more.
https://www.owasp.org/index.php/OWASP_Serverless_Top_10_Project

Adopting serverless doesn’t remove the need for operations as much as change the nature of it. This presentation points at a few of the areas of interest with serverless ops.
https://speakerdeck.com/iennae/ops-in-the-serverless

The start of a series of posts looking at a modern monitoring architecture, exploring how much data to store and where to sacrifice precision for performance.
https://engineering.hellofresh.com/monitoring-at-hellofresh-part-1-architecture-677b4bd6b728

The operations and systems conference Velocity was last week, and this post takes a look at the general themes; observability, Kubernetes, chaos engineering, serverless and more.
https://medium.com/memory-leak/3-themes-from-the-velocity-conference-2019-e5165d4afb97

Lots of folks are mosting to having lots of Kubernetes clusters, which raises the issue of deploying applications across clusters. This post explores the approach taken by one team using Helm and Jenkins.
https://medium.com/dailymotion/deploying-apps-on-multiple-kubernetes-clusters-with-helm-19ee2b06179e

A post with some insights about how Facebook manage their huge infrastructure, looking at the evolution of cluster management and also at storage.
https://www.nextplatform.com/2019/06/10/future-kubernetes-will-mimic-what-facebook-already-does/

Some observations about how to get started in SRE, from getting buy in from management to signs of success.
https://www.oreilly.com/ideas/how-to-get-started-with-site-reliability-engineering-sre

A collection of CLI tools for working with Kubernetes, including visualisation tools, troubleshooting utilities and CLI tools for working with multiple clusters and namespaces.
https://medium.com/free-code-camp/how-to-set-up-a-serious-kubernetes-terminal-dd07cab51cd4

Tools

Kyverno is a new tool which extends Kubernetes with a Policy resource, which can be used for validating, mutating, or generating Kubernetes resources on the fly.
https://kyverno.io/

Razee is a multi-cluster continuous delivery tool for Kubernetes. It supports templating of configuration as well as built-in support for managing feature flags across environments.
https://razee.io/
https://github.com/razee-io

Cloud-based microservices, serverless architecture and distributed systems in a culture of continuous deployment leads to more incidents. See how you can build a DevOps-focused incident response and management plan for public, private and hybrid clouds:
http://try.victorops.com/devopsweekly/incident-response-hybrid-clouds