DEVOPS WEEKLY ISSUE #468 - 15th December 2019
Incident management, terraform code organisation, supply chain attacks, debugging distributed systems and a range of other topics this week.
From our sponsor, VictorOps
[You’re Invited] Learn how to modernize your approach to incident management and slash MTTA/MTTR in the latest webinar from VictorOps + Splunk, Thursday, December 19th:
https://go.victorops.com/devopsweekly-modern-incident-management-webinar
News
A post on the importance of learning from all the things you did right when considering incident management.
https://www.learningfromincidents.io/blog/oops-learning-from-the-incident-you-didnt-have
Usage of Terraform generally starts with a single repository, but over time a monolithic code base can become inflexible. This post explores some alternatives and when they may be relevant.
https://sysadvent.blogspot.com/2019/12/day-5-break-up-your-terraform-project.html
A look at the evolution of Helm, the Kubernetes package manager. Discussing the release of Helm 3 and making changes to widely adopted software projects.
https://thenewstack.io/helm-3-is-almost-boring-and-thats-a-great-sign-of-maturity/
Supply chain attacks, on shared package repositories, appear to be increasing. A good post on a recent example in the Python ecosystem.
https://medium.com/@dmrickert/software-libraries-are-terrifying-4875b6a74be6
Cold start has been a problem for some serverless usecases. This post explores the new provisioned concurrency feature in AWS, how it works, how you can monitor it and where teh edges are.
https://lumigo.io/blog/provisioned-concurrency-the-end-of-cold-starts/
With the growth of microservices we saw systems built from a range of languages. As cloud native computing grows we’re seeing a similar polyglot pattern, in particular with container and serviceless based services.
https://medium.com/@mhausenblas/polyglot-cloud-native-compute-77f5fee69b00
A useful recap of common mistakes when looking to adopt devops practices, including focusing on a single devops team, adopting too many new tools too quickly and more.
https://aster.cloud/2019/09/06/6-devops-mistakes-to-avoid/
Debugging distributed systems still often comes down to looking at what’s happening at the network layer. This post provides a quick introduction to tools like dig, nc, netstat and more.
https://blog.mimacom.com/6-effective-cli-tools-debug-distributed-systems/
Tools
Stacker is a new OCI image build tool supporting reproducible and unprivileged builds.
https://github.com/anuvu/stacker/
https://github.com/anuvu/stacker/blob/master/doc/tutorial.md
[You’re Invited] Learn how to modernize your approach to incident management and slash MTTA/MTTR in the latest webinar from VictorOps + Splunk, Thursday, December 19th:
https://go.victorops.com/devopsweekly-modern-incident-management-webinar