1 minute read

A post on the emergence of platform engineering, which is also handily the topic of the latest State of Devops survey which opens this week. Plus a few monitoring posts this week, from large scale eBPF usage to open source APM and observability tools.

StackHawk sponsors Devops Weekly

StackHawk is hosting Office Hours this Tuesday, Oct. 11 at 10 AM PT. Join in to see how teams can use existing devtools like Postman Collections and Cypress Test Suites to start scanning without openAPI specs.


Large organisations are starting to realise some of the potential in eBPF, with this detailed writeup of a powerful infrastructure observability system a good example.

A post on the evolution of systems operations, and the emergence of platform engineering as distinct. Some thoughts on the differences between different roles and models, and were we might be heading next.

Some research into AWS security. Some good insights into the risks inherent with the complexity of IAM and the built-in metadata service.

Usage of open source software has been a key part of most devops teams, but contributing back is often harder. This post explains some of the tension, and how one organisation approaches it.

The 2022 State of Devops survey is open, and this year the focus is on platform engineering. Please take time to complete, and look out for the results.

An interview (audio and transcript) about the perils of estimates, and alternative approaches, and some thoughts on agile and the software industry as a whole.


Coroot is an interesting looking monitoring and troubleshooting tool for microservice architectures. Some interesting usage of cloud metadata, service mapping, monitoring stack integration and more.

SigNoz is an open-source APM (Application Performance Monitoring) tool which supports metrics, traces and logs.

Kubernetes operators can require high level access to the cluster. Badrobot therefore looks like a handy tool. It statically analyses manifests for high risk configurations such as lack of security restrictions on the deployed controller and the permissions of an associated clusterole.