DEVOPS WEEKLY ISSUE #463 - 10th November 2019
Infrastructure testing, monitoring, managing access control, enterprise devops case studies and more this week.
From our sponsor, VictorOps
Episode two of Ship Happens, a DevOps podcast, is now live! VictorOps Engineering Manager, Benton Rochester sits down with Raygun’s Head of DevOps, Patrick Croot to learn about his journey into DevOps and how they’ve tightened their internal feedback loops:
http://try.victorops.com/devopsweekly/ship-happens-episode-two
News
A presentation from the recent Velocity conference on Test Driven Development for infrastructure. Covers the why, along with examples of approaches to unit testing, integration testing and end-to-end testing.
https://speakerdeck.com/joatmon08/test-driven-development-tdd-for-infrastructure
Amazon MQ is a managed Apache ActiveMQ service on AWS. These posts cover the ins-and-outs of monitoring the service, what’s important and how to collect various logs and metrics.
https://www.datadoghq.com/blog/amazon-mq-monitoring/
https://www.datadoghq.com/blog/collecting-amazon-mq-metrics-and-logs/
SSH Certificates are an excellent way to authorize access to hosts, but managing certificates, especially short term certificates, can be complicated. Bless provides a serverless application for certification management.
https://medium.com/@ikshitijsharma/blessing-away-ssh-worries-ultimate-practical-guide-to-setup-netflix-bless-in-under-60-minutes-d6880f2a8e23
A good description of the transformation Amazon went on moving from a large monolithic application to microservices, automated release pipelines and pushing security and operational responsibility to development teams.
https://www.allthingsdistributed.com/2019/08/modern-applications-at-aws.html
Discussion of container security often centers on the image, but with configuration management moving to being a developer problem there are other challenges. This post looks at workload security more holistically, and considers what it means at different stages of the SDLC.
https://snyk.io/blog/from-image-security-to-workload-security/
Although it’s sometimes easy to complain about, Bash is often the best solution to a problem. Bash-lib is an attempt to build a useful shared library of bash functions, focused on a small library of well tested and documented extensions.
https://www.conjur.org/blog/stop-bashing-bash/
Videos from the recent Devops Enterprise Summit are now available, with some great case studies from large organisations and talks on managing change.
https://www.youtube.com/playlist?list=PLvk9Yh_MWYuwXC0iU5EAB1ryI62YpPHR9
Events
KubeCon + CloudNativeCon North America is coming up in San Diego from the 18th until the 21st of November. The schedule is packed with talks on the CNCF projects like Kubernetes, Envoy and Helm as well as case studies, community meetings and more. The code KCNADOW19 will save DevOps Weekly readers 10% off the ticket price too.
http://bit.ly/2ko9SrP
Tools
Dy is a tool for managing YAML-based configuration by combining files from a directory structure.
https://github.com/sampointer/dy
Tracee is a new experimental tool that makes observing system calls from containers easier, using eBPF and filtering out other calls from host processes.
https://github.com/aquasecurity/tracee
Episode two of Ship Happens, a DevOps podcast, is now live! VictorOps Engineering Manager, Benton Rochester sits down with Raygun’s Head of DevOps, Patrick Croot to learn about his journey into DevOps and how they’ve tightened their internal feedback loops:
http://try.victorops.com/devopsweekly/ship-happens-episode-two