SRE / DevOps / Kubernetes Weekly Reportまとめ#34(9/20~9/25)
- この記事は2020/9/20~9/25に発行された下記3つのWeekly Reportを読み、備忘録兼リンク集として残したものです。
- DEVOPS WEEKLY ISSUE #508 September 20th, 2020
- SRE Weekly Issue #236 September 20th, 2020
- KubeWeekly #234 September 25th, 2020
- English Version of this blow is here.
- DEVOPS WEEKLY ISSUE #508 September 20th, 2020
- News
- Describing policy (or in fact configuration in general) in machine-readable form quickly gets into a conversation over whether you should prefer data, a general programming language or a DSL. This post does a good job of explaining why.
- An excellent post on moving to alerts based on service-level objectives, SLOs. Covers the why and how, based on documents used internally to make the case for the change.
- A discussion of the need to test in production and an introduction to the dark canary pattern for doing so safely.
- A look at a tool-agnostic architectural framework for building resilient systems, focused around predictability, observability, recoverability and keeping things simple.
- A look at a range of Kubernetes local clients/dashboards including Octant, Kubenav, Lens and more.
- Even with all the talk of cloud native, it’s still super useful for lots of roles to have a solid grounding in UNIX programming. This Advanced Programming in the UNIX Environment course is not available completely online.
- Have you ever wanted to write Python inside your SQL queries? Well now you can with Postgres using PL/Python. These post act as an introduction and show off some interesting demos with embedded numpy.
- An introduction to Open Policy Agent Gatekeeper, specifically looking at addressing issues with the built-in pod security policies feature in Kubernetes.
- GitHub Actions is still relatively new, but there is already a huge amount of content available for it. This post looks at various actions for analyzing code for security problems.
- Tools
- Terratag is a new CLI tool that enables users of Terraform to automatically create and maintain tags across their entire set of AWS, Azure, and GCP resources
- News
- SRE Weekly Issue #236 September 20th, 2020
- Articles
- My first outage
- Fault during testing of NordLink
- Throughput autoscaling: Dynamic sizing for Facebook.com
- Database migrations lessons learned
- Moobot vs. Gatebot: Cloudflare Automatically Blocks Botnet DDoS Attack Topping At 654 Gbps
- Availability, Maintainability, Reliability: What’s the Difference?
- Troubled Times: Episode 3
- Building and revising adaptive capacity sharing for technical incident response: A case of resilience engineering
- Outages
- Articles
- KubeWeekly #234 September 25th
- The Headlines
- KubeCon + CloudNativeCon Europe 2020 – Virtual Conference Transparency Report: A very successful first virtual event!
- YAML Templating Solutions: Helm & Kustomize
- ICYMI: CNCF Webinars
- CNCF Member webinar: Critical DevSecOps considerations for multi-cloud Kubernetes
- CNCF Member webinar: Mitigating Kubernetes attacks
- CNCF Member webinar: Using KubeVirt in telcos
- CNCF Member webinar: AWS controllers for Kubernetes – AWS services, now kubified!
- The Technical
- Ingress for Anthos — Multi-cluster ingress and global service load balancing
- Installing Kubernetes Metrics Server securely
- How we moved to Github-based Kubernetes config management
- GSoC 2020 – Building operators for cluster addons
- Detecting CVE-2020-14386 with Falco and mitigating potential container escapes
- Containing a real vulnerability
- Yes, you can run VMs on Kubernetes with KubeVirt
- The Editorial
- Grafana, with Torkel Ödegaard
- CommunityBridge Spotlight: Get the most out of the CommunityBridge program
- Cloud native ecosystem feels COVID-19 crunch
- DevOps 049: DevOps, Open Source, and OpenShift with Chris Short
- Ask the Product Manager Office Hours: Top 5 problems with Kubernetes and how we are fixing them
- Air Force to demo updating software on a jet in flight, official says
- Upcoming CNCF webinars
- The Headlines