SRE / DevOps / Kubernetes Weekly Collection#62(Week 14, 2021)

  • In this blog post series, I collect the following 3 Weekly Mailing List I subscribe to, leave some comments as an aide-memoire and useful links.
  • Actually, I have already published the same content in my Japanese blog and am catching-up in English in this series.
  • I hope it contributes to the people browsing this kind of information as a reference.

DEVOPS WEEKLY ISSUE #536 April 4th, 2021

News

  • The title is “The Distributed Operating System Void”.
  • It defines and describes a distinct interface DOSi (Distributed Operating System Interface) between kubernetesland and userland that complements existing interfaces (CNI, CRI, CSI, OCI).
  • The title is “It is time to fulfill the promise of CI/CD”.
  • The message and points are clear and good.
  • I want the skill to create such materials that are visually easy to understand and do not feel difficult.
  • The title is “GitHub Actions Trigger Via Webhooks”.
  • It explains how to build a webhook that manually triggers a GitHub Action workflow.
  • The title is “What exactly should we be logging?”.
  • An article that draws out and summarizes the wisdom of the author as a security architect and technical leader during Q & A on logs. You will have the tools and knowledge to ask the right questions about the system.
  • The title is “Software Security at Rocketship Pace”.
  • It outlines the approach they took when designing the code scanning platform “Intersect” and the lessons learned in the process.
  • In the areas of SAST (Static Application Security Testing) and SCA(Software Configuration Analysis), there was no single tool on the market to meet all of their needs. To achieve the required coverage, they use multiple tools and build an orchestration layer so that all the tools work together.
  • The title is “CDN for long-tail content? Fight the cache miss with multilayer caching!”.
  • The content of the title is briefly explained with the following three points.
    ○ Ideal content structure
    ○ Long-tail content
    ○ Multilayer cache
  • The title is “When Is Service Mesh Worth It?”.
  • The following three points explain what I learned from Tetrate’s founding engineer and one of Google’s original Istio builders, Zach Butcher.
    ○ Service Mesh For The Rest of Us
    ○ Usability Improvements to Ease Adoption
    ○ When Service Mesh is Worth It
  • The title is “What’s New in Salt 3003 Aluminum Release”.
  • As the title suggests, it summarizes and explains the Salt Aluminum release.

Tools

  • The GitHub page of “cosign”, a tool for signing, validating, and saving containers in the OCI registry. I will skip it because it was taken up in KubeWeekly#255.

SRE Weekly Issue #264 April 4th, 2021

Articles

  • The contents related to the title are explained in the following four items.
    ○ The ask: practically infinite scalability
    ○ The application: millions of real time subscriptions
    ○ Limit 1: maximum target group size
    ○ Limit 2: Connection stability
  • The following section describes how Algolia’s group of hard-working individuals with their own skills and working styles created a good SRE team.
    ○ What SREs do at Algolia
    ○ How we work as a team
    ○ Pairing creates a team
    ○ Three Projects
    ○ The journey continues ..
  • As mentioned above, a follow-up article on Deno’s disability. They have confirmed with Cloudflare, which is used as a CDN as follows.
    ○ Cloudflare has assured us this issue will not occur again, and that they will implement changes in their systems to make sure this will not happen to any other Cloudflare customers.
  • As the title suggests, the following nine pillars are explained.
  1. Leadership and Culture
  2. Work Sharing
  3. Measurement
  4. SLOs and SLIs, Error Budgets
  5. Toil Reduction
  6. Deployments
  7. Performance Management
  8. Incident Management
  9. Anti-Fragility
  • As mentioned above, it is explained in FAQ format. Qs are as follows.
    ○ What is a deviation and do all deviations need to be investigated?
    ○ What is a planned deviation?
    ○ What’s the best process for investigating deviations?
    ○ Why is human error not an acceptable finding for deviations?
    ○ How much time should I allow for a deviation to be investigated?
    ○ Are out-of-specification (OOS) results considered deviations?
  • As mentioned above, the metric behaved unexpectedly, so they investigated it, found the cause, and confirmed the improvement of the system as a result.

Outages

KubeWeekly # 258 April 9th, 2021

The Headlines

  • CNCF joins Google Summer of Code 2021 (GSoC 2021). Click here to register. Until April 13, 2021 14:00.

ICYMI: CNCF online programs this week

  • The speaker answers the following two questions, and it is aiming to make the listener be able to understand “why the transformation to cloud native fails so often”, and choose the winning strategy to succeed in adopting effective technology and transforming the organization.
  1. Why did you need to change in the first place?
  2. What is wrong with your traditional approach to building software?
  • I thought that “Cloud Native is more than Tech” was obvious from the definition of CNCF, but it is important to materialize the elements.
  • I will skip it because it was covered in this “ICYMI: CNCF online programs this week” last week.

The Technical

  • It has worked on getting containers to work properly on Windows using Kubernetes. It had to do local development with containerd, so it configured the local machine, but it couldn’t find any comprehensive documentation, so it wrote down its steps and shared them.
  • At the beginning, Kubernetes Operator and Rust are explained, and the environment construction procedure with the combination is explained in the following items.
    ○ Implementing an operator
    ○ Project setup
    ○ Creating a CustomResourceDefinition
    ○ How Kubernetes and Operator work together
    ○ Creating a custom Controller
    ○ Implementing the operator logic
    ○ Finalizers
    ○ Creating and deleting deployments
    ○ Running the operator
    ○ Additional resources
  • As the title suggests, the following seven SRE best practices are explained.
  1. Error Budgets
  2. Define SLOs Like a User
  3. Monitoring Errors and Availability
  4. Efficiently Planning Capacity
  5. Paying Attention to Change Management
  6. Blameless Postmortem
  7. Toil Management
  • A step-by-step tutorial on how to set up Kong to proxy gRPC services. Explains two possible scenarios.
  • As the title suggests, it considers a plan to carry out multiple deployments on Kubernetes with no downtime. The contrast between “Kubernetes rolling updates”, “Blue/Green deployments” and “Rainbow deployments” was easy to understand.
  • An article that introduces the open source project “KubeVirt.io” that can manage VM workloads with Kubernetes and explains how to use it.
  • In the next article, it will explain how to use KubeVirt on the Kubermatic Kubernetes Platform.
  • It introduces GitLab Kubernetes Agent. It provides a secure connection between your GitLab instance and your Kubernetes cluster, allowing pull-based deployments to receive alerts based on network policies.
  • I will skip it, because it is taken up in DEVOPS WEEKLY ISSUE #536 above.

The Editorial

  • The author explains the content of the title in the following items.
    ○ An elephant in the room
    ○ There’s no holy grail
    ○ Why I use Kubernetes
    ○ Why I use Django
    ○ Standing on the shoulders of giants
    ○ What to make of this
  • The following sentence is questionable. Perfectly suited to help transition infrastructure to public clouds?
    ○ Kubernetes is perfectly suited to help transition infrastructure to public clouds like Azure or AWS.
  • I agree with the following.
    ○ In short, DevOps and Kubernetes are not a perfect match, but Kubernetes can certainly be a powerful tool when properly configured. Just make sure you are not getting in too deep, and understand that K8s is not an all-encompassing solution.
  • It has Buoyant CEO William Morgan as a guest to talk about his career from Twitter to Linkerd and his focus on Linkerd.
  • It explains the expected value when looking for a job of Kubernetes numerically.
  • Please note the following when looking at the numbers from the author. The job descriptions that we collected are slightly skewed:
  1. At Kube careers we only focus on Kubernetes jobs.
  2. If a job doesn’t have a clear salary range we discard it. Many job offers don’t indicate a salary range and we think this is not good for engineers looking for work.
  3. We discarded job offers from recruitment agencies.
  4. We analysed listings on platforms used by European and American audiences.
  5. The dataset is small — only 86 job descriptions from January, February and March 2021.

Upcoming CNCF Online Programs

  • 4/14/21: Enforce configuration and security checks for your YAML Files and Helm Charts with KubeLinter, by Viswajith Venugopal, StackRox — RSVP
  • 4/15/21: What’s new in Argo Workflows 3.0, by Alex Collins, Intuit — RSVP

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Yoshiki Fujiwara

・Cloud Solutions Architect - AWS@NetApp in Tokyo, Japan. #AWS Certified Solution Architect&DevOps Professional, #Kubernetes, ・Opinions are my own.