DEVOPS WEEKLY ISSUE #674 - 26th November 2023
Several FinOps related posts this week, along with a case study of moving build systems at scale, a review of the recent KubeCon event in Chicago and new tools for application and CI/CD configuration.
StackHawk sponsors Devops Weekly
Fuel up for re:Invent with StackHawk and Snyk! Join us at YardBird Table & Bar for coffee, mimosas and breakfast on Nov 30. RSVP here:
https://sthwk.com/dont-snooze-on-security
News
There is quite a bit of cross-over between how a central security team needs to interact with a larger development team, and what’s needed for cost-control in self-service platform teams. A good post on this topic.
https://stateofsecurity.com/how-information-security-and-risk-management-teams-can-support-finops/
How do you switch the build system for more than 200 developers, without slowing developer velocity? A great post on moving to Bazel, including local and remote instrumentation, parallel running and staggered rollout.
https://engineering.atspotify.com/2023/10/switching-build-systems-seamlessly/
A wide ranging review of the recent KubeCon event in Chicago, with interesting high-level observations and pointers to specific talks.
https://danielbryantuk.medium.com/kubecon-chicago-key-takeaways-3de5ca13b375
A recent talk from SEACON, focused on the challenges with data management, in particular looking at power consumption at scale, data growth due to AI and machine learning adoption and patterns to address the impending problem.
https://www.youtube.com/watch?v=r3AE8SrQWac
Putting aside the marketing spin, this is a good post on running ScyllaDB on Kubernetes using short-lived spot instances.
https://www.scylladb.com/2023/08/07/scylladb-on-kubernetes-how-to-run-intense-workloads-with-spot-instances/
Focus is a specification aiming to provide an open standard for cloud cost, usage, and billing data across all major cloud service providers. Interesting opportunity for more standardised tooling and transparency.
https://focus.finops.org/
Tools
Radius is a new application configuration tool. Using Bicep to define the components of an application, and use reusable recipes to run that on various infrastructure platforms.
https://radapp.io/
https://github.com/radius-project
Pipelight is a tiny command line tool that executes a list of tasks you provided in a configuration file. Ideal for CI/CD automation. Config written in Typescript, YAML or TOML.
https://pipelight.dev/
https://github.com/pipelight/pipelight
A simple utility for debugging IAM roles for Kubernetes services accounts on EKS.
https://github.com/pete911/kubectl-iam4sa