DEVOPS WEEKLY ISSUE #496 - 28th June 2020
This issue I’d like to welcome the new sponsor for Devops Weekly, env0. env0 are doing some interesting things with providing self-service environments for development teams that you should definitely check out.
env0 sponsors Devops Weekly
Are you running Terraform locally? Want an easy way to automate it in a collaborative way? env0 is the easiest way to get started automating Terraform, giving you consistent templates, total visibility of what’s running, and automatic project level cost visibility.
Check it out at https://www.env0.com/automate-terraform
News
Multi-cloud, whereby organisations either by design or simply scale, use multiple cloud providers, is likely to continue growing, This posts looks ahead at what that might mean for the software (and service) stack we use to build applications.
https://redmonk.com/jgovernor/2020/06/26/the-coming-smokestack-rethinking-and-retooling-multi-cloud/
A good introduction to Open Policy Agent, based on notes taken by a new user.
https://medium.com/trendyol-tech/first-look-to-opa-open-policy-agent-3542810941c9
A post making the case for adding security testing to your CI pipeline, with a discussion of different types of security testing.
https://www.stackhawk.com/blog/ci-pipeline-security-bug-testing/
A discussion of Serverless adoption and the current barriers to entry, both organisational and technical.
https://blog.newrelic.com/technology/serverless-brian-leroux-interview/
An interesting look at the evolution of a technology stack (in this case for Slack) over the course of several years.
https://stackshare.io/stack-history-timeline-slack-tech-stack-evolution
A good outstage report and investigation into a Casandra cluster issue caused by counter columns.
https://www.ably.io/blog/cassandra-counter-columns-nice-in-theory-hazardous-in-practice
A podcast recording, and transcript/notes from a discussion on devops workflows and Kubernetes. Some good points about the importance of knowledge sharing.
https://semaphoreci.com/blog/nigel-poulton-on-how-kubernetes-can-make-or-break-the-devops-workflow
A useful paper for anyone running containers. Describing a methodology for penetration testing Docker-based systems.
[https://www.cs.ru.nl/bachelors-theses/2020/Joren_Vrancken__4593847A_Methodology_for_Penetration_Testing_Docker_Systems.pdf](https://www.cs.ru.nl/bachelors-theses/2020/Joren_Vrancken4593847__A_Methodology_for_Penetration_Testing_Docker_Systems.pdf)
Jobs
King is looking for new members for the infrastructure engineering teams to help develop, manage and expand our software based networking setup across datacenters and (Google) cloud. Please take a look at the open role for networking engineer. We’re also still looking for both database and streaming data engineers, if that is more your style.
https://careers.king.com/jobs/job/14780-site-reliability-engineer-technology/
https://careers.king.com/jobs/job/15353-database-site-reliability-engineer-technology/
https://careers.king.com/jobs/job/15270-network-site-reliability-engineer-technology/
Tools
awsls is a handy utility for listing resources in AWS. Given the huge number of different APIs this should be useful for anyone working regularly with AWS.
https://github.com/jckuester/awsls
Konstraint is a tool for anyone using Open Policy Agent Gatekeeper. It makes it easy to generate ConstrainTemplates from rego policy files, making it easier to use standard Open Policy Agent tooling.
https://github.com/plexsystems/konstraint
KUTTL is a new testing tool for Kubernetes clusters. It’s focused on integration and end-to-end testing of Kubernetes operators
https://kuttl.dev/
https://github.com/kudobuilder/kuttl