DEVOPS WEEKLY ISSUE #492 - 31st May 2020

1 minute read

I usually ignore current events in these introductions but that doesn’t feel appropriate this weekend. To all of my friends in the US, stay safe.

News

Threat modelling is a powerful technique for understanding how your service might be attacked. This detailed post services as a great introduction to software developers who might not have a string security background.
https://martinfowler.com/articles/agile-threat-modelling.html

A lot can happen in a large cloud environment, that’s where audit logs come in. This post explains how to configure, collect and use audit logs in GCP.
https://www.datadoghq.com/blog/monitoring-gcp-audit-logs/

Slides from a talk I gave this last week at DockerCon, talking about reusable Dockerfiles and using GitHub Actions to create a fast packaging pipeline for lots of images.
https://speakerdeck.com/garethr/building-a-docker-image-packaging-pipeline-using-github-actions

A look at building a deployment process around Kubernetes, using Helm and ArgoCD.
https://medium.com/riskified-technology/gitops-deployment-and-kubernetes-f1ab289efa4b

A review of Rejoiner, a tool looking to bridge gRPC APIs with GraphQL. Good discussion of both pros and cons.
https://nordicapis.com/review-of-rejoiner/

A useful checklist for backend applications, covering networking, monitoring, logging, backups, secrets and more.
https://medium.com/@aleksei.kornev/production-readiness-checklist-for-backend-applications-8d2b0c57ccec

A quick introduction to enforcing policy in a Kubernetes cluster using Open Policy Agent.
https://www.infracloud.io/kubernetes-pod-security-policies-opa/

Jobs

King is looking for new members for the infrastructure engineering teams to help develop, manage and expand our software based networking setup across datacenters and (Google) cloud. Please take a look at the open role for networking engineer. We’re also still looking for both database and streaming data engineers, if that is more your style.
https://careers.king.com/jobs/job/14780-site-reliability-engineer-technology/
https://careers.king.com/jobs/job/15353-database-site-reliability-engineer-technology/
https://careers.king.com/jobs/job/15270-network-site-reliability-engineer-technology/

Tools

With the release of Server Side Apply in Kubernetes 1.16 we’re likely to see more client tools, and the new Terraform provider for Kubernetes looks like a good start. Some tooling as well for converting YAML into HCL to make migration easier.
https://www.hashicorp.com/blog/deploy-any-resource-with-the-new-kubernetes-provider-for-hashicorp-terraform/
https://github.com/hashicorp/terraform-provider-kubernetes-alpha
https://github.com/jrhouston/tfk8s

Updated: