DEVOPS WEEKLY ISSUE #598 - 12th June 2022
Supply chain security, infrastructure automation, local vs remote development environments and several new Kubernetes networking tools in this weeks issue.
StackHawk sponsors Devops Weekly
Are you and your team thinking about making application security testing part of your pipeline? Join StackHawk’s Scott Gerlach as he provides tactical guidance for how to help developers go faster, safer on June 22 at 10 AM PT.
https://sthwk.com/go-faster-safer
News
A detailed case study of adopting the SLSA framework for securing the software supply chain for a complex ecosystem. A good introduction to the domain and SLSA, plus implementation details.
https://documentation.suse.com/sbp/server-linux/html/SBP-SLSA4/index.html
There have been lots of improvements to remote development environments in the last few years, and this post advocates for taking the leap and moving away from local development.
https://dx.tips/the-end-of-localhost
A post on fully automating the set up of Kafka clusters using Cruise Control, Kafka Manager, Chef, and Terraform.
https://slack.engineering/building-self-driving-kafka-clusters-using-open-source-components/
An updated talk, and accompanying code, from the recent DockerCon providing up-to-date in-depth details on building container images for Node.js projects.
https://github.com/BretFisher/nodejs-rocks-in-docker
A collection of talks from the recent KubeCon conference focused on monitoring, including the new kubectl events command.
https://grafana.com/blog/2022/06/03/whats-next-in-kubernetes-monitoring-prometheus-histograms-observability-and-more-kubecon-eu-2022-in-review/
Tools
Kilo is a multi-cloud network overlay built on WireGuard and designed for Kubernetes.
https://github.com/squat/kilo
Submariner provides cross-cluster L3 connectivity for Kubernetes. It allows for running component services on different clusters, with direct networking between pods.
https://submariner.io/
https://github.com/submariner-io/
DNS is endlessly more powerful (for good and bad) than people expect. DNS Toys is a great example of this, exposing IP, time, the weather, currency conversation and more over DNS.
https://www.dns.toys/