DEVOPS WEEKLY ISSUE #444 - 30th June 2019

1 minute read

Several posts this week on observability and monitoring, along with posts on configuration management, local development environments, threat modelling and more.

From our sponsor, VictorOps

[Free Webinar] VictorOps partnered with Catchpoint to share actionable ways to transform your monitoring and incident response practices. See how DevOps teams are being more proactive toward service reliability:
http://try.victorops.com/devopsweekly/death-to-downtime

News

An interesting draft paper entitled From Observability to Significance in Distributed Information Systems. The paper looks at the modelling challenges that underlie monitoring and explores a promise theory model of monitoring.
http://markburgess.org/cognitive2.pdf

Reviewing operational incidents is widely acknowledged as a good idea, but that doesn’t make them easy to conduct. This post has some observations on why.
https://www.adaptivecapacitylabs.com/blog/2019/06/17/some-observations-on-the-messy-realities-of-incident-reviews/

Many things swing between centralised and decentralised as both offer different trade offs. This post explores local development environments, and why you might not need to run a full cluster on your laptop.
https://medium.com/garden-io/you-dont-need-kubernetes-on-your-laptop-37653cbb28c9

A post on the move towards distributed systems, the difference between monitoring and observability and the importance of chaos engineering, feature flags and more.
https://speakerdeck.com/charity/observability-and-complex-systems-devopsdays-ams?slide=28

Threat modelling is a useful exercise for discovering likely vulnerabilities in your systems. This post provides a useful getting started guide.
https://hackernoon.com/how-to-get-started-with-threat-modeling-before-you-get-hacked-1bf0ea3310df

A look at giving individual pods in Kubernetes access to the AWS API via IAM roles. Also explores using Open Policy Agent to ensure a secure configuration.
https://medium.com/@jimmy.ray/whitelisting-aws-roles-in-kubernetes-7889a53b1285

RISC-V is a free and open-source instruction set, opening up lots of potential for innovation at the processor level. This post explores trying out Docker on RISC-V with a local VM.
https://medium.com/@carlosedp/docker-containers-on-risc-v-architecture-5bc45725624b

Tools

Jk is a new configuration authoring tool which supports writing configuration in Typescript. This brings both a powerful language and nice type hinting in your favourite IDE.
https://damien.lespiau.name/posts/2019-06-12-jk-configuration-as-code/
https://github.com/jkcfg/jk

Inlets looks like a useful tool for anyone wanting to share local development efforts with a remote audience. It’s an open source implementation of other similar tools, with docs covering how to run on a small VPS.
https://github.com/alexellis/inlets

[Free Webinar] VictorOps partnered with Catchpoint to share actionable ways to transform your monitoring and incident response practices. See how DevOps teams are being more proactive toward service reliability:
http://try.victorops.com/devopsweekly/death-to-downtime

Updated: