A relatively brief issue this week as I’ve mainly been on holiday the past week. Still several interesting posts on security embracing devops, a look at existing Kubernetes dashboards, the Tekton project and more.

From our sponsor, VictorOps

Incident management and response don’t need to suck. See how you can build a collaborative incident management plan with shared transparency into developer availability and on-call schedules for IT operations:
http://try.victorops.com/devopsweekly/incident-response-transformation

News

A quick introduction to the Tekton project, building a set of standarding CI/CD primitives and CRDs for running them on Kubernetes.
https://www.slideshare.net/VictorIglesias6/introduction-to-tekton

A discussion of what we mean when we talk about a single source of truth for data in our systems, and how the wrong mental model can lead to issues operating the dependent services.
https://www.hidefsoftware.co.uk/2019/08/26/the-single-source-of-truth-really/

A useful overview of existing options when it comes to dashboards for Kubernetes. Some overlap obviously but some take on specific use cases or users.
https://srcco.de/posts/kubernetes-web-uis-in-2019.html

OCI Artifacts provide a way for existing registries to service different types of content. WIth the project moving forward, this post gives a glimpse of what’s next, and how you can get involved if this piques your interest.
https://stevelasker.blog/2019/08/25/oci-artifacts-and-a-view-of-the-future/

A slide deck looking at the roles of application team and platform team when adopting Kubernetes. Observations about secrets, bound services, images and more.
https://www.slideshare.net/cdavisafc/youve-made-kubernetes-available-to-your-developers-now-what

An attempt to codify some of the drivers of DevSecOps, including an emphasis on maker-driven, automation, experimentation and more.
https://www.verica.io/the-measure-of-devsecops/

A post introducing the Wash shell, which normalises how you list or access various cloud-based resources (like EC2 instances, docker containers, Kubernetes deployments, etc.) right in the shell.
https://puppetlabs.github.io/wash/posts/2019/08/introducing-wash/

A new set of high-quality free learning material for Kubernetes. Split into specific courses with each of those split into bite size video lessons.
https://kubernetes.academy/

A quick overview of security practices, and tools, around Kubernetes, based on a recent talk from All Day Devops.
https://blog.sonatype.com/kubesecops-kubernetes-security-practices-you-should-follow

Tools

PartiQL is a SQL-compatible query language which provides access to relational, semi-structured, and nested data.
https://aws.amazon.com/blogs/opensource/announcing-partiql-one-query-language-for-all-your-data/
https://partiql.org/

Incident management and response don’t need to suck. See how you can build a collaborative incident management plan with shared transparency into developer availability and on-call schedules for IT operations:
http://try.victorops.com/devopsweekly/incident-response-transformation