1 minute read

Lots of tools this week, from Kubernetes autoscaling to kernels for low level compute, to high level domain specific deployment tools and more.

StackHawk sponsors Devops Weekly

Join StackHawk on December 16 for a hands-on workshop covering how to automate application security testing in CI/CD using GitHub Actions. Register:
https://sthwk.com/github-workshop

News

An interesting post on the concept of sharding, why general purpose sharding is useful, and notes on a new project in this space.
https://rakyll.org/shardz/

Insider threat is something some teams and organisations need to carefully consider. This post provides a clear set of scenarios, along with real-world examples.
https://magoo.medium.com/malicious-insider-scenarios-cf7e37789e40

Vulnerability data is often messier that you might realise. A few interesting posts analysing the central CVE database, looking at quality and growth. Lots of research opportunities here.
https://jerrygamblin.com/2021/07/23/tracking-cpe-data-quality-issues/
https://jerrygamblin.com/2021/07/17/cve-prophet/

Skip the title, this post provides a nice introduction to Nix, especially if you have familiarity with Docker.
https://blog.replit.com/nix-vs-docker

Tools

Kusk is a new Kubernetes ingress controller that routes requests based on an OpenAPI specification, reducing repetition.
https://kubeshop.io/blog/configure-ingress-with-openapi
https://github.com/kubeshop/kusk

A new Kubernetes autoscaling service, Karpenter observes the aggregate resource requests of unscheduled pods and makes decisions to launch and terminate nodes to minimize scheduling latencies and infrastructure cost.
https://karpenter.sh
https://github.com/aws/karpenter

Hubris is a lightweight, memory-protected, message-passing kernel for deeply embedded systems. An interesting vision for open source low level compute.
https://oxide.computer/blog/hubris-and-humility
https://github.com/oxidecomputer/hubris
https://github.com/oxidecomputer/humility

Acra is a database security suite. It provides a proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots and more for a variety of SQL and NoSQL databases.
https://github.com/cossacklabs/acra
https://www.cossacklabs.com/blog/acra-0-90-0

I’m a big fan of higher level domain-specific tools that focus on specific ecosystems. Kuby is a new Kubernetes deployment tool that’s highly optimised for Ruby on Rails.
https://getkuby.io
https://github.com/getkuby/kuby-core
https://evilmartians.com/chronicles/kubing-rails-stressless-kubernetes-deployments-with-kuby

Updated:

You May Also Enjoy

DEVOPS WEEKLY ISSUE #694 - 21st April 2024

less than 1 minute read

A theme of architecture this week, with posts on the development of large systems, infrastructure evolution at scale, internal developer toolchains and more.

DEVOPS WEEKLY ISSUE #693 - 14th April 2024

2 minute read

I’ve been crazy busy this week and travelling today, and with it being the start of a new quarter I thought a highlights issue, with some of the top posts fr...