1 minute read

Platform Engineering, alert design and some good real world stories of debugging, testing or building internal tooling this week.

StackHawk sponsors Devops Weekly

[ICYMI] DAST is Dead! Long Live DAST! The Evolution of Dynamic API security Testing webinar is now available on YouTube. Watch on-demand here.
https://sthwk.com/long-live-dast-webinar

News

A look at Platform Engineering, and introducing a layered model of platform, with the oft-missing platform orchestration layer binding together the application and infrastructure.
https://www.syntasso.io/post/platform-engineering-orchestrating-applications-platforms-and-infrastructure

A good troubleshooting writeup (featuring ceph, systemd and containerd), and a good reminder of the layered complexity of the software systems we operate.
https://blog.palark.com/sre-troubleshooting-ceph-systemd-containerd/

Good alert design is hard. This post looks in particular at the problem with workflows acknowledging alerts and the impact on alert fatigue.
https://medium.com/production-care/keep-your-dashboard-clean-acknowledgement-is-not-a-solution-501c3d832c62

A quick post on building a Slack bot to help with handoff for ongoing incidents. A good reminder of the powerful combination of APIs for your ops tools and the low barrier to writing and running bots like this with modern cloud infrastructure.
https://medium.com/@matt_weingarten/creating-an-oncall-handoff-bot-7ee3f67d1033

Another blog post in this series, looking at testing in microservices environments, and how one organisation has solved this with its own customer tooling.
https://medium.com/riskified-technology/elevating-microservices-testing-and-development-using-dynamicenv-852ffeeacff2

A few handy checklists for security focused code review, for both server and frontend applications. Plus a discussion of security code reviews in general, including reference to threat modelling.
https://axolo.co/blog/p/code-review-security-checklist

Tools

LLRT is an experimental, lightweight JavaScript runtime intended to Serverless environments. It targets a subset of the Node API, but enables much faster startup time and faster overall performance, as well as lower running costs.
https://github.com/awslabs/llrt

Updated:

You May Also Enjoy

DEVOPS WEEKLY ISSUE #694 - 21st April 2024

less than 1 minute read

A theme of architecture this week, with posts on the development of large systems, infrastructure evolution at scale, internal developer toolchains and more.

DEVOPS WEEKLY ISSUE #693 - 14th April 2024

2 minute read

I’ve been crazy busy this week and travelling today, and with it being the start of a new quarter I thought a highlights issue, with some of the top posts fr...