DEVOPS WEEKLY ISSUE #513 - 24th October 2020
A mix of content this week; security theatre, continuation management quality metrics, tracing infrastructure and more.
StackHawk sponsors Devops Weekly
Want a quick glimpse of how StackHawk works? Check out this 11 minute demo from SnykCon last week and learn about modern application security testing for DevOps teams.
http://sthwk.com/snykcon-demo
News
A good introduction to ARM and the coming challenges, and advantages, of wider availability on laptops and servers of ARM-based architectures.
https://blog.symphonia.io/posts/2020-10-13_how_to_prepare_for_the_coming_cpu_confusion
A great talk on security theatre. Good quotes on helping shift responsibilities earlier in the development process and good observations about the changing role of security teams.
https://swagitda.com/speaking/Exit-Stage-Left-Eradicating-Security-Theater-Kelly-Shortridge-Snykcon-2020.pdf
Slides from my talk last week at SnykCon, all about patterns for secure container base image management. Discussion of people, process and tools.
https://speakerdeck.com/garethr/patterns-for-secure-container-base-image-management
A new Salt release is available, which means a super detailed post on the latest features and fixes from Salt Tips.
https://salt.tips/whats-new-in-salt-magnesium/
An interesting paper on quality metrics for infrastructure as code. Looking specifically at Ansible, but intended to be generalised.
https://arxiv.org/pdf/2005.13474.pdf
Lots of people have written about tracing, but this post looks at some of the implementation challenges, from libraries and sampling to data transfer and storage.
https://netflixtechblog.com/building-netflixs-distributed-tracing-infrastructure-bb856c319304
A detailed walkthrough of using client certificates to authorize user access to a Kubernetes cluster.
https://medium.com/better-programming/k8s-tips-give-access-to-your-clusterwith-a-client-certificate-dfb3b71a76fe
As an alternative to using cron for recurring jobs on Linux machines you can also use Systemd Timers.
https://dev.to/bowmanjd/schedule-jobs-with-systemd-timers-a-cron-alternative-15l8
Events
The Software Circus Virtual Fest is back next week, Thursday 29th October, this time with a spooky twist! Join the Circus spirits on a 10-hour journey through your worst Cloud Native nightmares, wear your scariest costume and learn how to bring your projects back from the dead.
This is a free Community event, with a chilling line-up that includes Ian Coldwater, Kris Nova, Bryan Cantrill, Joe Beda and many more monsters. Check out the schedule and register today!
https://bit.ly/3kl9iVr
Tools
Akri lets you easily expose heterogeneous devices (such as IP cameras and USB devices) as resources in a Kubernetes cluster, while also supporting the exposure of embedded hardware resources such as GPUs and FPGAs.
https://github.com/deislabs/akri