DEVOPS WEEKLY ISSUE #520 - 13th December 2020
Lots of infrastructure as code posts this week, along with several interesting operations case studies covering upgrading data infrastructure and monitoring systems at scale. Plus posts on SBOM, Kubernetes, digital transformation and more.
Env0 sponsors Devops Weekly
Check out a real world workflow of Infrastructure as Code automation, including notifications to Slack about what’s happening in your deployments!
https://www.env0.com/l/iac-automation-video
About env0: use Terraform to let your team manage their own environments in AWS, Azure and Google. Governed by your policies and with complete visibility & cost management.
News
Databases have limits that if you build a popular service and run it for a long time you’ll undoubtedly hit and need to plan for. This post talks about one such case, migrating a single table with 70 billion records and growing at more than 100 million rows a week.
https://medium.com/strava-engineering/the-boring-option-4a7c6ad16ab8
I wrote a post this week for SecAdvent, an introduction to the topic of software bill of materials, applicable use cases and in particular looking at the CrystalDX set of specifications and tools.
https://www.devseccon.com/a-quick-introduction-to-software-bill-of-materials-and-cyclonedx-secadvent-day-7/
Lots of teams have small home-grown monitoring services that sometimes see less testing and automation than the services they monitor. Sometimes changes to those services can lead to unexpected downside like with this interesting incident report.
https://sbg.technology/2020/12/09/its-just-a-monitoring-change/
Large organisations are rapidly changing how they work, adopting lots of devops practices and better integrating previously separate business units. This post summarises some of that towards a new operating model.
https://go.forrester.com/blogs/the-new-operating-model-is-upon-us/
Terraform, or other infrastructure as code tools, provide a programming language. But how often do we apply patterns and practices learned from other programming languages? This post takes us through a nice refactoring exercise to make the point.
https://medium.com/last9/infrastructure-as-code-as-software-a5e4b2b93e8e
Another post on applying structure and patterns to Terraform. This post looks at the roles and profiles pattern which evolved from the Puppet community and applying it to Terraform and Terragrunt.
https://medium.com/cloud-technology-solutions/the-role-profiles-pattern-across-infrastructure-as-code-3d8910dcd3c9
How do we relate conversations about digital transformation at the business level to devops practices and to agile software development? This post takes a run at providing an answer, and discusses why this is relevant to leaders at different levels of an organisation.
https://www.cloudops.com/blog/accelerating-digital-transformation-software-delivery-automation/
Access control systems can be complex, and Kubernetes RBAC is no exception. This post covers some behind-the-scenes details as well as pitfalls to avoid.
https://www.impidio.com/blog/kubernetes-rbac-security-pitfalls
Lots of organisations deploy to Linux but develop on other platforms. Sometimes it’s useful to have a local linux VM. This post covers how one open source project has been adopting multipass.
https://blog.alexellis.io/containerd-development-multipass/
Events
Workplace culture often gets relegated because it’s so intangible, but it will make or break your Cloud Native transformation. Join Holly Cummins and Jamie Dobson for insights, conversations and of course, industry gossip. Sign up for Container Solutions’ last WhatTheFinar of the year: Tuesday 15th Dec, 11am CET.
https://bit.ly/3ne8v9W
Tools
Bicep is a new and experimental declarative language which compiles down to Azure Resource Manager (ARM) templates.
https://github.com/Azure/bicep
Localizer is a no-frills development tool for Kubernetes that aims to let you mainly ignore Kubernetes, instead proxying services so they appear as local services on the host.
https://github.com/jaredallard/localizer
A handy small utility for any AWS admin. Provide an AWS IP address and digaws will return details like region, AWS service and more.
https://github.com/sampointer/digaws