DEVOPS WEEKLY ISSUE #589 - 10th April 2022
Three posts on building reliable (people and technical) systems at scale, incident response processes and platform engineering this week that all feel like modern takes on classic systems operation.
StackHawk sponsors Devops Weekly
StackHawk and Snyk have partnered up to provide a complete set of application security testing tools for engineering and DevOps teams. Learn more:
https://sthwk.com/snyk-partnership
News
A good post on reliability patterns, including assuming failure, measuring from the customer perspective, reducing blast radius, self-healing infrastructure and more.
https://zendesk.engineering/zen-and-the-art-of-reliability-f42fa7e64849
A post on the emergence of developer platform engineering as a way of scaling development team productivity.
https://blog.getambassador.io/is-platform-engineering-the-new-devops-or-sre-472ed97a1885
Lots of advice on building an incident management process, including running drills, defining severity levels, service ownership, communication planning and more.
https://firehydrant.io/blog/incident-management-best-practices-before-the-incident/
A deep post on global distributed systems, looking at debugging Consul and also discussing which problems to solve and which to avoid with architectural decisions.
https://fly.io/blog/a-foolish-consistency/
As you can probably guess from this newsletter, I like learning new things. This next post looks at things communities can do to make learning by lurking easier. A big plus-one on public discourse.
https://www.netmeister.org/blog/learning-by-lurking.html
WIth the ubiquity of Kubernetes clusters lots of compute jobs have moved to running in Kubernetes clusters, including the venerable cronjob. This post explains how to configure cronjob resources and looks at monitoring and logging too.
https://www.containiq.com/post/kubernetes-cronjobs
An up-to-date guide on running Java applications in Docker containers.
https://sematext.com/blog/docker-java-tutorial/
Tools
Kaar, like tar but for Kubernetes. Package up all the manifests and container images into a single OCI archive.
https://github.com/kris-nova/kaar
Bubblewrap provides a container runtime tool aimed at providing unprivileged sandboxes, unlike most existing approaches, this is intended for running untrusted code.
https://github.com/containers/bubblewrap