DEVOPS WEEKLY ISSUE #501 - 2nd August 2020
Lots of high-level content this week. Digital transformation, building platforms for adoption, domain driven design, cloud centres of excellence. Plus seccomp details, a batch of Devops and security talks and more.
env0 sponsors Devops Weekly
Still running Terraform locally? Want an easy way to automate it in a collaborative way? env0 is the easiest way to get started automating Terraform, giving you consistent templates, total visibility of what’s running, and automatic project level cost visibility.
https://www.env0.com/l/devops-automation
News
How do you get the benefits of microservice architectures at scale while minimising operational complexity? This post looks at applying domain driven design concepts and provides a useful case study.
https://eng.uber.com/microservice-architecture/
The adoption of devops practices has gone hand-in-hand with organisations embracing digital transformation. Both phrases risk overuse but these posts discuss some useful mental models to help focus conversations.
https://aws.amazon.com/blogs/enterprise-strategy/mental-models-for-digital-transformation/
https://aws.amazon.com/blogs/enterprise-strategy/mental-models-to-clarify-the-goals-for-of-digital-transformation-part-2/
What properties of developer platforms lead to adoption? The following post is specifically about a large scale edge platform, but it’s a great read for anyone building platforms of all kinds for developers, including those doing so in internal platform teams.
https://blog.cloudflare.com/cloudflare-workers-serverless-week/
When first embracing devops practices and cloud services it’s common in large organisations to build a centre of excellence. There are some traps to avoid when taking this approach that the following post discusses.
https://www.contino.io/insights/cloud-centre-of-excellence-2020
The videos from the recent DevSecCon online conference are all available, with a range of interesting topics covered including infrastructure as code security, continuous audit compliance, supply chain attacks and more.
https://www.mydevsecops.io/post/devseccon24
A nice discussion of tradeoffs between serverless architectures and monolithic applications, mainly focused on smaller scale apps.
https://dev.to/iamcherta/my-monolith-doesn-t-fit-in-your-serverless-311o
A deep dive technical post on new features in the linux kernel which should make unprivileged containers more popular. Good introduction to the details of seccomp as well.
https://people.kernel.org/brauner/the-seccomp-notifier-new-frontiers-in-unprivileged-container-development
Role-based access control plays an important role in securing Kubernetes. This handy site collects together articles and tools and the official documentation in one place.
https://rbac.dev/
An interesting survey for anyone using Serverless technologies to take, from a wide range of companies in the space. I’ll look forward to the results when they are published.
https://codingsans.typeform.com/to/mPinnC