1 minute read

A mix of topics this week, with DevopsDays coverage, a few posts each on both monitoring and Kubernetes, and tools for managing your CLI tools and implementing software supply chain security.

StackHawk sponsors Devops Weekly

Bridge the gap between security and development teams by sharing valuable context on common web application threats. Check out 5 common threats to address together here:
https://sthwk.com/common-web-threats

News

DevopsDays is still going strong. Here are notes from the recent DevopsDays Amsterdam, covering hands-on workshops, talks on sociotechnical systems, survivorship bias and the open spaces.
https://engineering.silverfin.com/devopsdays-amsterdam-2023/

A look at the status of API Gateways for Kubernetes. A bit of historical context, the role of an API gateway, and thoughts on standardisation around envoy.
https://wso2.com/library/blogs/the-future-of-api-gateways-on-kubernetes/

Static websites are popular for lots of reasons, but how best to monitor one? Lots of good practice here for websites in general, especially those with a build process and CDN.
https://www.datadoghq.com/blog/static-web-application-monitoring-best-practices/

A monitoring post, on the pyramid of alerting. Infrastructure/operational to data to semantic/business alerts.
https://dev.to/karelvandenbussche/the-pyramid-of-alerting-1g48

Some optimisation tips for workloads running on OpenShift/Kubernetes. Covers node selectors, affinity, taints and toleration.
https://medium.com/@GranulateIntel/advanced-optimization-techniques-for-red-hat-openshift-6b8884efd329

A reminder that cloud native capabilities, in this case autoscaling, are useful for many use cases but not all, and assumptions in the cloud often lead to surprise costs.
https://www.infoworld.com/article/3702111/downsides-to-using-cloud-autoscaling-systems.html

Tools

Aqua is a declarative CLI version manager. Specify CLI tools in a config file, and then install with a command, or use the lazy install feature to install when first run.
https://aquaproj.github.io/

Macaron is a supply chain analysis tool, aimed at helping with the implementation of the SLSA supply chain security framework. It currently supports Maven, Gradle and Python based projects.
https://github.com/oracle/macaron
https://oracle.github.io/macaron/

Updated:

You May Also Enjoy

DEVOPS WEEKLY ISSUE #694 - 21st April 2024

less than 1 minute read

A theme of architecture this week, with posts on the development of large systems, infrastructure evolution at scale, internal developer toolchains and more.

DEVOPS WEEKLY ISSUE #693 - 14th April 2024

2 minute read

I’ve been crazy busy this week and travelling today, and with it being the start of a new quarter I thought a highlights issue, with some of the top posts fr...