1 minute read

A mix of content this week; security theatre, continuation management quality metrics, tracing infrastructure and more.

StackHawk sponsors Devops Weekly

Want a quick glimpse of how StackHawk works? Check out this 11 minute demo from SnykCon last week and learn about modern application security testing for DevOps teams.


A good introduction to ARM and the coming challenges, and advantages, of wider availability on laptops and servers of ARM-based architectures.

A great talk on security theatre. Good quotes on helping shift responsibilities earlier in the development process and good observations about the changing role of security teams.

Slides from my talk last week at SnykCon, all about patterns for secure container base image management. Discussion of people, process and tools.

A new Salt release is available, which means a super detailed post on the latest features and fixes from Salt Tips.

An interesting paper on quality metrics for infrastructure as code. Looking specifically at Ansible, but intended to be generalised.

Lots of people have written about tracing, but this post looks at some of the implementation challenges, from libraries and sampling to data transfer and storage.

A detailed walkthrough of using client certificates to authorize user access to a Kubernetes cluster.

As an alternative to using cron for recurring jobs on Linux machines you can also use Systemd Timers.


The Software Circus Virtual Fest is back next week, Thursday 29th October, this time with a spooky twist! Join the Circus spirits on a 10-hour journey through your worst Cloud Native nightmares, wear your scariest costume and learn how to bring your projects back from the dead.

This is a free Community event, with a chilling line-up that includes Ian Coldwater, Kris Nova, Bryan Cantrill, Joe Beda and many more monsters. Check out the schedule and register today!


Akri lets you easily expose heterogeneous devices (such as IP cameras and USB devices) as resources in a Kubernetes cluster, while also supporting the exposure of embedded hardware resources such as GPUs and FPGAs.