DEVOPS WEEKLY ISSUE #508 - 20th September 2020

1 minute read

Alerting on SLOs, testing in production, UNIX programming fundamentals, Kubernetes dashboards and a handy tool for tagging cloud resources with Terraform.

env0 sponsors Devops Weekly

Setting up a CD pipeline in 5 minutes? It’s actually doable these days with off the shelf tools. Check out how:
https://www.env0.com/l/devops-cd-blog

About env0: use Terraform to let your team manage their own environments in AWS, Azure and Google. Governed by your policies and with complete visibility & cost management.

News

Describing policy (or in fact configuration in general) in machine-readable form quickly gets into a conversation over whether you should prefer data, a general programming language or a DSL. This post does a good job of explaining why.
https://www.osohq.com/post/anatomy-of-a-rule

An excellent post on moving to alerts based on service-level objectives, SLOs. Covers the why and how, based on documents used internally to make the case for the change.
https://mads-hartmann.com/sre/2020/09/08/alerting-on-slos.html

A discussion of the need to test in production and an introduction to the dark canary pattern for doing so safely.
https://engineering.linkedin.com/blog/2020/production-testing-with-dark-canaries

A look at a tool-agnostic architectural framework for building resilient systems, focused around predictability, observability, recoverability and keeping things simple.
https://medium.com/rocket-mortgage-technology-blog/pork-a-technology-resilience-framework-745207bd28d5

A look at a range of Kubernetes local clients/dashboards including Octant, Kubenav, Lens and more.
https://ordina-jworks.github.io/cloud/2020/08/28/kubernetes-clients-comparison.html

Even with all the talk of cloud native, it’s still super useful for lots of roles to have a solid grounding in UNIX programming. This Advanced Programming in the UNIX Environment course is not available completely online.
https://stevens.netmeister.org/631/
https://www.youtube.com/channel/UC7-CyoYfsrVI-dsuHRQx0IQ/videos

Have you ever wanted to write Python inside your SQL queries? Well now you can with Postgres using PL/Python. These post act as an introduction and show off some interesting demos with embedded numpy.
https://info.crunchydata.com/blog/getting-started-with-postgres-functions-in-pl/python
https://info.crunchydata.com/blog/exploring-plpy-turn-postgres-table-data-into-a-numpy-array

An introduction to Open Policy Agent Gatekeeper, specifically looking at addressing issues with the built-in pod security policies feature in Kubernetes.
https://aws.amazon.com/blogs/containers/using-gatekeeper-as-a-drop-in-pod-security-policy-replacement-in-amazon-eks/

GitHub Actions is still relatively new, but there is already a huge amount of content available for it. This post looks at various actions for analyzing code for security problems.
https://zimmergren.net/github-actions-for-security-code-analysis/

Tools

Terratag is a new CLI tool that enables users of Terraform to automatically create and maintain tags across their entire set of AWS, Azure, and GCP resources
https://github.com/env0/terratag

Updated: