Infrastructure testing, monitoring, managing access control, enterprise devops case studies and more this week.

From our sponsor, VictorOps

Episode two of Ship Happens, a DevOps podcast, is now live! VictorOps Engineering Manager, Benton Rochester sits down with Raygun’s Head of DevOps, Patrick Croot to learn about his journey into DevOps and how they’ve tightened their internal feedback loops:
http://try.victorops.com/devopsweekly/ship-happens-episode-two

News

A presentation from the recent Velocity conference on Test Driven Development for infrastructure. Covers the why, along with examples of approaches to unit testing, integration testing and end-to-end testing.
https://speakerdeck.com/joatmon08/test-driven-development-tdd-for-infrastructure

Amazon MQ is a managed Apache ActiveMQ service on AWS. These posts cover the ins-and-outs of monitoring the service, what’s important and how to collect various logs and metrics.
https://www.datadoghq.com/blog/amazon-mq-monitoring/
https://www.datadoghq.com/blog/collecting-amazon-mq-metrics-and-logs/

SSH Certificates are an excellent way to authorize access to hosts, but managing certificates, especially short term certificates, can be complicated. Bless provides a serverless application for certification management.
https://medium.com/@ikshitijsharma/blessing-away-ssh-worries-ultimate-practical-guide-to-setup-netflix-bless-in-under-60-minutes-d6880f2a8e23

A good description of the transformation Amazon went on moving from a large monolithic application to microservices, automated release pipelines and pushing security and operational responsibility to development teams.
https://www.allthingsdistributed.com/2019/08/modern-applications-at-aws.html

Discussion of container security often centers on the image, but with configuration management moving to being a developer problem there are other challenges. This post looks at workload security more holistically, and considers what it means at different stages of the SDLC.
https://snyk.io/blog/from-image-security-to-workload-security/

Although it’s sometimes easy to complain about, Bash is often the best solution to a problem. Bash-lib is an attempt to build a useful shared library of bash functions, focused on a small library of well tested and documented extensions.
https://www.conjur.org/blog/stop-bashing-bash/

Videos from the recent Devops Enterprise Summit are now available, with some great case studies from large organisations and talks on managing change.
https://www.youtube.com/playlist?list=PLvk9Yh_MWYuwXC0iU5EAB1ryI62YpPHR9

Events

KubeCon + CloudNativeCon North America is coming up in San Diego from the 18th until the 21st of November. The schedule is packed with talks on the CNCF projects like Kubernetes, Envoy and Helm as well as case studies, community meetings and more. The code KCNADOW19 will save DevOps Weekly readers 10% off the ticket price too.
http://bit.ly/2ko9SrP

Tools

Dy is a tool for managing YAML-based configuration by combining files from a directory structure.
https://github.com/sampointer/dy

Tracee is a new experimental tool that makes observing system calls from containers easier, using eBPF and filtering out other calls from host processes.
https://github.com/aquasecurity/tracee

Episode two of Ship Happens, a DevOps podcast, is now live! VictorOps Engineering Manager, Benton Rochester sits down with Raygun’s Head of DevOps, Patrick Croot to learn about his journey into DevOps and how they’ve tightened their internal feedback loops:
http://try.victorops.com/devopsweekly/ship-happens-episode-two