DEVOPS WEEKLY ISSUE #618 - 30th October 2022
Lots of tools this week, from performance caching to a whole new developer collaboration UX. Plus posts on incident management, Unix time, API security and more.
StackHawk sponsors Devops Weekly
Adding security testing to the development lifecycle means deploying to production the right way the first time. Watch a StackHawk demo to see how you can use automated testing to avoid roadmap disruptions and slowdowns.
https://sthwk.com/watch-a-demo
News
Everyone thinks time is relatively simple, until they have to deal with a computer. This post explores the Unix epoch, and the various implications of design decisions and implementation details.
https://www.netmeister.org/blog/epoch.html
A good technical post on a new, low level capability in Open POlicy Agent. An intermediate representation format that would allow for different parallel implementations and likely some interesting tooling to be built.
https://blog.openpolicyagent.org/i-have-a-plan-exploring-the-opa-intermediate-representation-ir-format-7319cd94b37d
Discussion of customer-reported incidents, trying to remove the stigma that this is a failure, and the importance of building trusted customer relationships with good incident management practices.
https://thenewstack.io/there-is-no-shame-in-customer-reported-incidents/
A presentation from KubeCon all about providing virtual kubernetes clusters using vcluster. Discusses various interesting use cases.
https://speakerdeck.com/richburroughs/virtual-kubernetes-clusters-tips-and-tricks-rejekts
A presentation that presents a good introduction to API security, with some useful models and grouping of attack types.
https://www.slideshare.net/mtesauro/black-and-blue-apis-attackers-and-defenders-view-of-api-vulnerabilities
A post that touches on short and long term planning, incident management and the importance of psychological safety.
https://medium.com/@ElizAyer/nobody-could-have-known-inclusive-behaviors-to-counter-a-culture-of-short-termism-cf662e1bab26
Tools
Sturdy is billed as a version control platform that allows you to interact with your code at a higher abstraction level. It sits atop Git, but provides a very different UX without all the pushing and pulling.
https://github.com/sturdy-dev/sturdy
cachegrand is a key-value store designed to take advantage of modern hardware, providing high performance and with compatibility with Redis as a drop-in replacement.
https://thenewstack.io/cachegrand-a-fast-scalable-keystore-for-data-oriented-development/
https://github.com/danielealbano/cachegrand
Paralus is an all-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs. It enables controlled, audited access to Kubernetes infrastructure for your users, user groups, and services.
https://github.com/paralus/paralus
Murre is an on-demand, scaleable source of container resource metrics for Kubernetes. It fetches CPU & memory resource metrics directly from the kubelet and enriches the resources with the relevant Kubernetes requests and limits from each PodSpec.
https://www.groundcover.com/blog/murre
https://github.com/groundcover-com/murre