SRE / DevOps / Kubernetes Weekly Collection#17(Week 22)

Image for post
Image for post
  • In this blog post series, I collect the following 3 Weekly Mailing List I subscribe to, leave some comments as an aide-memoire and useful links.
  • Actually, I have already published the same content in my Japanese blog and am catching-up in English in this series.
  • I hope it contributes to the people browsing this kind of information as a reference.

DEVOPS WEEKLY ISSUE #491 May 24th, 2020
SRE Weekly Issue #220 May 24th, 2020
KubeWeekly #218 May 29th, 2020

DEVOPS WEEKLY ISSUE #491 May 24th, 2020

A good case study around improvising continuous integration build times, and the benefits with regards developer productivity. Parallelisation, maximum-allowable test time, randomised execution order and more good patterns

DEVOPS WEEKLY ISSUE #491 May 24th, 2020

A good case study around improvising continuous integration build times, and the benefits with regards developer productivity. Parallelisation, maximum-allowable test time, randomised execution order and more good patterns

  • The title is “From 25 Minutes to 7 Minutes: Improving the Performance of a Rails CI Pipeline”.
  • The story of speeding up the CI pipeline at Gusto. Faster code deployments are needed to reach customers who need the money faster for their business to survive, due to the impact of US COVID-19. Engineer productivity increased, and improved CI time increased PR by 2% more per engineer per week.
  • In the end, he said that “If you have any questions, I’m happy to answer any on Twitter!”

The start of a series of posts on getting started with Serverless applications. The aim is to provide good getting started material that has some depth and breadth, not just the basic hello world.

Postgres always has some surprising features. This post looks at using the embedded R functionality for data analysis, in this case with PostGIS and spatial data.

  • The title is “Spatial Analytics with PostGIS, PL/R and R”.
  • The first article in a series that introduces PostgreSQL users to PL/R, which can use procedural languages ​​for user-defined SQL functions in R language.
  • In the next article, the author will introduce how to perform special analysis including NVDI (Normalized Difference Vegetation Index) processing and sample analysis function by using PostgreSQL, PostGIS, R, PL/R in combination.

Windows is getting a built-in package manager. In preview at the moment but interesting to see Windows evolve into a more linux-like development environment.

  • The title is “Windows Package Manager Preview”. WinGet package manager release article. I feel it’s weird to mention AppGet in only one phrase in that way.
  • I’m not familiar with Windows at all, but the article “The Day AppGet Died.” was introduced on Twitter, so I took a look at the perspective from the guy who created AppGet and was devoted to Windows users’ getting a decent app management experience too. If you read the article, you can understand the feeling that I wanted to write.

A new version of the Thoughtworks Technology Radar is out. Billed as an opinionated guide to technology frontiers it’s an interesting look at new and emerging tools and processes.

  • The introduction page of “Technology Radar Vol.22” of Thoughtworks. It seems to be good in the sense that you can see the trend technology for each area in a crisp manner. It is good that you can see the explanation quickly by clicking.
  • There is also a tech series blog that explains the content of this and the technology that interests me in Japanese.

A set of video introductions to using AWS CDK to manage infrastructure and integrate into various AWS services.

  • A set of YouTube videos in 2 sessions. The title is “SEAT: CODE Lunch & Learn // AWS CDK with Adrià Lucena (Session 1)”. Click here for Session 2.
  • Comparisons with Terraform and commentary on the creator’s environment of the video are carefully done. I’m not using the CDK personally, so I appreciate a video that I can understand while comparing it with Terraform.

Slides from a talk at last years Lisa conference with a great introduction to common linux command line tools.

  • The title is “Linux Productivity Tools”.
  • An article that introduces tools that contribute to Linux productivity in eight parts. You can carefully explain the basic information, options, and usage examples of basic commands.

Another series of posts, this one introducing event sourcing and discussing common misconceptions.

  • The title is “Event Sourcing 〜 Part I: Understanding what it is, core components, and common misconceptions”.
  • Part 1 of a series explaining “event sourcing”. It provides an overview of event sourcing, core components, and common misconceptions.
  • Part 2 will show the elements through the implementation of event sourcing and explain some advantages.

King is looking for new members for the infrastructure engineering teams to help develop, manage and expand our software based networking setup across datacenters and (Google) cloud. Please take a look at the open role for networking engineer. We’re also still looking for both database and streaming data engineers, if that is more your style.

DevSecCon is a 24 hour event coming up on the 15th and 16th of June, focused on all things security and devops. Talks on threat modelling, design thinking, software supply chain attacks and several discussion panels.

  • The web page of “DevSecCon”, a 24-hour event (!?) held from June 15th to June 16th.
  • The event was held from 6/15 10:00 to 6/16 10:00 SST (Singapore Standard Time), so +1 hour is Japan time, so 6/15 11:00 to 6/16 11:00 JST (Japan Standard Time) ) 24 hours.

Managing feature flags at scale is an interesting problem. Piraha is a new tool that automatically refactors code to remove code as part of removing flags. Support for Java, Swift and ObjectiveC.

  • Introductory article of the tool “Piraha” developed by Uber and made into OSS. Click here for the GitHub page.
  • The flags that remain after achieving the purpose, such as the feature flag, are called stale flags, and Piraha automatically refactors the code related to stale flags.

Sidecars are used in Kubernetes for logging, service mesh, monitoring, getting certificates, secret decryption and more. generic-sidecar-injector is a framework for injecting sidecars and related configuration using Mutating Webhook Admission Controllers.

  • An introductory article of OSS framework “Generic Sidecar Injector”. Click here for GitHub page.
  • It solves the sidecar (so-called container), initcontainer, volume, and volume mount injections in various config-driven ways, and most of the sidecar injection needs without changing the code.

SRE Weekly Issue #220 May 24th, 2020

SRE From Home

Catchpoint is holding a mini-conference on the ways that SRE has changed as we shift to all-remote work, and I’m super-excited to be on the Q&A panel! Hope to see you there.


  • Online event “SRE From Home” web page. Schedule flow was LT x 2, workshop, live Q&A panel discussion, summary, networking.
  • 6/5 14:00 ~ 16:00 EST (Eastern US time), so 6/6 (Sat) 03:00 ~ 05:00 JST would be held in Japan time. Saturday dawn. After applying, I noticed the subtleties of time(at that moment). It was postponed at 7/23 12:00 ~ 16:15 EST (Eastern US time).

A bunch of rants about cloud-induced damage

A seasoned pro discusses some pitfalls of cloud-based architecture based on hard-won experience.

Rachel by the bay

  • An article that the author who “prefer physical hardware”complains about a “cloud” business. Dissatisfaction with the introduction of the singular point of troubleshooting is lined up one after the other, crossing other companies/vendors/other domains beyond the reach of oneself.
  • It would be nice if I could read these sentences easily, but I don’t feel comfortable at this stage. That’s my weakness.

How we’ve evolved on-call at Monzo

Monzo is back with updates on how their on-call has changed since their original article in 2018.

Shubheksha Jalan — Monzo

  • An article that discusses the theme of “How Monzo develops on-call (Translated)”.
  • According to the article that was published two years ago, the number of customers has increased, and it is important that the service is always running smoothly.
  • Sharing for other organizations looking to design human-centered on-call.

Human Impact of On-Call

Along with this rockin’ article about why it’s important to make on-call bearable, Incident Labs also has a survey on your on-call experience. Click through for the link.

Incident Labs

  • The title “Human Impact of On-Call” cites the need to care not only for the system but also for the corresponding human mentality. That’s the message that was mentioned above the subject in the article, “May is Mental Health Awareness Month.”
  • When discussing on-call in the future, the company sets the goal of “on-call is what builds and strengthens an organization.”

Observability and the Misleading Promise of AIOps

This really crystallizes a lot of my concerns with anomaly detection.

Danyel Fisher — The New Stack / Honeycomb

  • I checked it on DEVOPS WEEKLY ISSUE #490 the former issue, so I will skip it.

Why you can’t just ask “why”

If you ask someone why they did something, they’re likely to invent a logical-sounding reason without meaning to.

Lorin Hochstein

  • Under the theme of “Why you can’t just ask “why”, a rule-based system set by mathematical logic used in AI in the 1980s was taken as an example, an article that explains how experts elicit the cause of incidents during human interviews.

KubeWeekly #218 May 29th, 2020

The Headlines

Editor’s pick of the highlights from the past week.

Helm Project Journey Report

Introducing the latest Project Journey Report, Helm! Helm is an open source package manager for Kubernetes. It provides the ability to provide, share, and use software built for Kubernetes. Helm was created in 2015 at Deis, which was later acquired by Microsoft.

This report assesses the state of the Helm project and how CNCF has impacted its progress and growth. Without access to a multiverse to play out alternative scenarios, it is impossible to sort out causation. However, we can document correlations. This report is part of a series of project journey reports published by CNCF focused on graduated projects. Dive into the report here.

  • Released CNCF Helm Project Journey Report as a report for graduated products as CNCF.
  • We attempted to objectively evaluate the current state of Helm and how the CNCF impacted development and growth.
  • Regarding the number of contributions per company, Microsoft has acquired Deis, a developer, and nod the top, while the ratio of other companies is increasing Others, and the countries/companies to which contributors belong are diversifying. , Seen in healthy growth.

Last chance to save 30% on Linux Foundation training!

Don’t miss the deal- all Linux Foundation courses are 30% off until May 31! If you are looking to learn something new or sharpen your skills, this is the perfect opportunity. Learn more and take advantage of this deal today.

  • The final announcement of the 30% off campaign of the Linux Foundation training course until May 31st(at that moment).

Weekly recap of CNCF member and project webinars that you might have missed.

You can view all CNCF recorded and upcoming webinars here.

CNCF Member Webinar: Zero Trust Services in Kubernetes

Randy Abernethy, Managing Partner @RX-M

A Webinar video aimed at a detailed understanding of some of the key mechanisms in Kubernetes tool chains available to facilitate Zero Trust computing.

  • The demo is very smooth and easy to view, and the explanation is easy to understand.

CNCF Member Webinar: Integrating multi-location ADC with Prometheus+Grafana

Dave Blakey, CEO @Snapt Inc.

  • A Webinar video that explains the general principles of monitoring container-based ephemeral ADCs in.

CNCF Member Webinar: Resilient and Fast Persistent Container Storage Leveraging Linux’s Storage Functionalities

Philipp Reisner, CEO @LINBIT Christoph Boehm Walder @LINBIT and Joel Colledge @LINBIT

  • Storage is one of many genres that I have little understanding about, so I would like to strengthen it. Even though I didn’t know “LINSTOR”, I would like to keep down the Linux kernel elements (LVM, ZFS, dm-crypt, dm-cache, DRBD, etc.).

CNCF Member Webinar: Discover, Deliver and Secure your APIs Anywhere

Jakub Pavlik, Director of Engineering @Volterra and Madhukar Nayakbomman, Lead Solutions Engineer @Volterra

  • The three main themes are:
  1. API-related challenges for modern application delivery across multiple Kubernetes clusters and locations
  2. How a distributed cloud architecture addresses end-to-end API detection, delivery, security, and observability
  3. Live demo of API detection, delivery, and protection across multiple clusters

CNCF Project Webinar: Harbor, the trusted cloud native registry for Kubernetes

Michael Michael, Maintainer of Harbor, and co-chair Kubernetes’ SIG-Windows @VMware

  • It describes the updates of Harbor 2.0 (OCI, Trivy default scanner, SSL between services, custom Webhook/Slack Webhook, dark mode UI, etc.), future roadmap, etc.

CNCF Community Webinar: How to conduct a great livestream — Open Broadcaster Software(OBS) deep dive

Spencer Krum, Program Director @IBM and Duffie Cooley, Staff Cloud Native Architect @VMware

Tutorials, tools, and more that take you on a deep dive into the code.

Customise your Kind clusters: networking layer

Katie Gamanji, American Express

  • At the beginning, the author explains the need for a tool that simplifies Kubernetes cluster creation in a local environment. As a provisioning tool, “kind” is included in the description as a tool that allows you to configure advanced configurations at the network layer, including minikube, kind, microK8s , k3s, etc.
  • The audio function that the author has set in the article is good. I added it to Medium with Chrome extension, it worked before, but it doesn’t work for some reason.

Kubernetes Backup and Restore with Velero

Alen Komljen, Faire

  • The story is that I migrated a Kubernetes cluster that was in the public subnet on EKS to a private/public subnet using Velero . In AWS, you can’t change the network settings of configured services, not just EKS. I had Velero installed, so I restored all resources on the new Kubernetes cluster.
  • I’d like to try this too, but I don’t want to mess with EKS with my personal account, so my priority does not rise. Someday.

Packaging Cloud-native Applications With Gravity

InfraCloud Team

  • An introductory article to the OSS toolkit Gravity that creates “images” of Kubernetes clusters and the apps that run within them . Gravity provides cloud-native app delivery in a regulated/regulated environment, simplifying the admin experience.

How VOI went DARK

Georgy Korev, Voi Technology

  • VOI talked about connecting Grafana and Kubernetes with DARK (Dashboards As Resources in Kubernetes) to scale monitoring . It doesn’t seem that VOI has disappeared or has fallen to the dark side.
  • VOI examined existing OSS tools, but none of them met the requirements, so DARK was developed and its engineer Kévin Gomez made it an open source project.

You need containers to build an image

Ivan Velichko,

  • The author started from the question “We’ve been taught to start from a Dockerfile, build an image using that file, and only then run a container from that image. Alternatively, we could run a container specifying an image from a registry, yet the main idea persists — an image comes first, and only then the container. But what if I tell you that the actual workflow is reverse? ”.
  • Personally, it’s nice to share what the author noticed “somehow” when the Dockerfile was overwritten and he got a moss in the build. I would like to keep daily troubleshooting and awareness in the form.

Kubetap Documentation

Kubetap is an open source CNI-agnostic project that automates the process of proxying Kubernetes Services.

  • The GitHub page of the OSS tool “Kubetap” that automates the Kubernetes Service Proxy process as a kubectl plugin.
  • Looking at the logo makes me want to drink beer even in the daytime.

Kubernetes Apply vs. Replace vs. Patch

David Dooling, Atomist

  • There are problems such as how to use Kubernetes’s Apply, Replace, and Patch commands, and the answers given in Stack Overflow are incorrect, and the answers that are retrieved do not include the target to be compared. This article explains various approaches, including when to use them.

How We Built SELinux Support for Kubernetes in Gravity 7.0

Dmitri Shelenin, Gravitational

  • An article that DMITRI SHELENIN, who implemented SELinux support in version 7.0 of “Gravity” introduced in “Packaging Cloud-native Applications With Gravity” above, explained how they built SELinux and what kind of problems occurred and the shared the tips he wanted to share.

How to Autoscale Kubernetes Pods with Keda — Testing with k6

Michael Wanyoike

Articles, announcements, and morethatgive you a high-level overview of challenges and features.

Cloud Foundry on Kubernetes, with Chip Childers

Adam Glick and Craig Box, Kubernetes Podcast from Google

Ingress and the Service APIs, with Bowei Du

Adam Glick and Craig Box, Kubernetes Podcast from Google

The Wrong Question About Docker and Kubernetes

Charles Landau, Guidehouse

  • The author urged not to begin with the question “do I need docker or kubernetes?”, but instead, begin with “could we get value from the technical and management practices required to express a Dockerfile? A k8s podspec?” to ask.
  • It states that writing a Dockerfile in a business process is more valuable than the tool itself and may require more effort than the actual investment to implement Docker itself.

From Containers to Kubernetes with Node.js

Digital Ocean

  • An article introducing an e-book of the title by Digital Ocean.
  • For those who want to deepen the contents of this time, Kubernetes for Full-Stack Developers was introduced as the next one.

LOTE #7: Developer Experience, PaaS, and Testing in Production

Daniel Bryant, Datawire

  • A podcast transcript with Google’s Kelsey Hightower as a guest. First of all, thank you for writing Key takeaways.
  • Various points came out, such as “There is no single “best practice” architecture, such as microservices or a monolithic approach. Focus instead on your goals and constraints, and choose the practices that fit this best. Learn from other organizations, but recognize that labels (“nanoservice”, “macroservices”) do not always capture the actual underlying practice.”, and I felt that they were telling me that we should not lose sight of the principle.

GitOps Deployment and Kubernetes

Omer Kahani, Riskified

  • Since there were concerns about the deployment process when Riskified migrated to Kubernetes, so they decided the following four goals they wanted to achieve and used Helm and ArgoCD to achieve them.
  1. Easy to understand. Less magic, better.
  2. Be declarative. I want to declare a new state for a service.
  3. Be GitOps. With Git as the Single Source of Truth, all processes start with Git changes.
  4. Observability. Easily understand how each component of your app was deployed and constantly monitor the status of the components.

Logging in Kubernetes: EFK vs PLG Stack

InfraCloud Team

  • An article comparing EFK Stack (Elastic search, FluentD, and Kibana) and PLG Stack (Promtail, Loki and Grafana) as a logging base of Kubernetes.
  • The comparative examination of logging, tuning, and the swamp of maintenance are also quite deep. I can’t go so deep yet, so I’d like to deepen my understanding while listening to the pioneering knowledge.

NATS, the simple, secure, scalable and open source queue message with Ivan Kozlovic

Electro Monkeys Podcast (in French)

  • Continuing from last week, it had covered the French Electro Monkeys Podcast. They were talking about “NATS”, so if you are OK in French, please have a listen.

You can check some Recorded Webinars and Upcoming Webinars here. The following are posted as Upcoming CNCF webinars at that moment.

Member Webinar: Securing Service Mesh with Kubernetes, Consul and Vault
Nicole Hubbard, Developer Advocate @HashiCorp
May 29, 2020 10:00 AM Pacific Time

Member Webinar: 20,000 Upgrades Later, Lessons From a Year of Managed Kubernetes Upgrades
Adam Wolfe Gordon, Senior Software Engineer @DigitalOcean
June 2, 2020 10:00 AM Pacific Time

Member Webinar: Trivy Open Source Scanner for Container Images — Just Download and Run!”
Teppei Fukuda, Open Source Engineer @Aqua Security
June 3, 2020 10:00 AM Pacific Time

Member Webinar: How to better understand K8s workloads using Octant
Wayne Witzel III, Octant Maintainer @VMware
June 3, 2020 1:00 PM Pacific Time

Member Webinar: Kubernetes: Zero to Hero Deployments and Management
Anthony Ramirez, Director of Consulting @Nebulaworks
June 4, 2020 10:00 AM Pacific Time

Member Webinar: Lean DevOps: Building a Culture of Delivery
Kyle Campbell, CEO and Founder
June 5, 2020 10:00 AM Pacific Time

Member Webinar: Self-service of Cloud Services for Kubernetes Application
Lewis Marshall, Cloud-Native delivery advocate @Appvia
June 9, 2020 10:00 AM Pacific Time

Member Webinar: Develop your Cloud Native use cases at the Edge with K3s
Pranay Bakre, Staff Technical Marketing Engineer @Arm
Julio Suarez, Staff Engineer @Arm
June 10, 2020 7:00 AM Pacific Time

Member Webinar: Hybrid Cloud Kubernetes with Nodeless
Madhuri Yechuri, Founder @Elotl
June 10, 2020 10:00 AM Pacific Time

Community Webinar: Cluster API (CAPI) — A Kubernetes Subproject to simplify cluster lifecycle management
Katie Gamanji, Cloud Platform Engineer @American Express
Naadir Jeewa, Senior Member of Technical Staff @VMware
June 11, 2020 8:00 AM Pacific Time

Member Webinar: The Definitive Checklist for Delivering Reliable Kubernetes-based Applications
Brandon Groves, Senior Software Engineer @OverOps
Ben Morrise, Software Engineer @OverOps
June 11, 2020 10:00 AM Pacific Time

Project Webinar: Charting Your Voyage To Helm 3
Matt Farina, Lead Engineer @Samsung SDS
Martin Hickey, Senior Software Engineer @IBM
Adam Reese, Senior Engineer @Microsoft
June 12, 2020 10:00 AM Pacific Time

Member Webinar: Multitenancy Webinar: Better walls make better tenants
Adrian Ludwin, Senior Engineer @Google
June 17, 2020 8:00 AM Pacific Time

Member Webinar: Learning from the visible past to accelerate the observable future
Curtis Hrischuk, Technical Product Manager @Instana
June 17, 2020 10:00 AM Pacific Time

Member Webinar: How to Promote the use of Best Practices and Automate Security Policies Using Tools Like OPA and Kubernetes
Gary Duan, CTO and Co-Founder @NeuVector
June 18, 2020 10:00 AM Pacific Time

Member webinar: Kubernetes Cost Allocation Done Right
Webb Brown, Co-founder and CEO @Kubecost
June 24, 2020 10:00 AM Pacific Time

Member Webinar: Pivoting Your Pipeline from Legacy to Cloud Native
Tracy Ragan, CEO of DeployHub and CDF Board Member
July 1, 2020 1:00 PM Pacific Time

How about those articles? Do you have any interest in any?

Actually, I have some contents which I can not digest at this stage, I’ll make use of this aide-memoire and links for catching-up for myself too.

Bye now!!

Yoshiki Fujiwara

Written by

An infra engineer in Tokyo, Japan. Grew up in Athens, Greece(1986–1992). #Network, #Kubernetes, #GCP, #AWS SAP, #National Tour Guide for English

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store