1 minute read

Lots of observability posts this week, from introductions to instrumentation to consideration for data engineering. Plus software bill of material standards, the complexities of branching, security posture management and more.

StackHawk sponsors Devops Weekly

On July 28, ZAP Creator Simon Bennetts is giving a first look at ZAP’s new automation framework. Grab your spot:
https://sthwk.com/ZAP-Automation-Framework

News

The NTIA Multistakeholder process has published the minimum elements for a software bill of materials. Lower level than most considers will care for, but lots happening in this space at the moment on the standards and early tooling fronts.
https://www.ntia.gov/blog/2021/ntia-releases-minimum-elements-software-bill-materials
https://www.ntia.gov/report/2021/minimum-elements-software-bill-materials-sbom

A look at the tradeoffs between testing in a pipeline and observability in production for data engineering.
https://medium.com/bigeye/testing-vs-observability-which-is-right-for-your-data-quality-needs-1ceb34a12867

A post describing 6 categories of security posture in need of management, from cloud and applications to identity and devices.
https://www.linkedin.com/pulse/6-categories-cybersecurity-posture-david-matousek/

The OpenTelemetry standard is making it easier for generic client libraries to have built-in instrumentation, but there are still interesting tradeoffs and design decisions as discussed in this post.
https://neskazu.medium.com/opentelemetry-in-client-libraries-96136d441f0b

Large open source projects have interesting dynamics. This thoughtful post from the Knative project considers whether a project or product mindset would be best for the long term future of the project.
https://hackmd.io/8YbvSOwsS1SCy9gQsyP9mQ

A post on the complexity of branching strategies and the fact many teams just take that friction for granted rather than try something simpler.
https://thinkinglabs.io/articles/2021/07/14/on-the-evilness-of-feature-branching-a-tale-of-two-teams.html

A deep dive on what’s happening under the hood of AWS Lambda.
https://www.bschaatsbergen.com/behind-the-scenes-lambda

An example of using Google Cloud, Pulumi and Debezium, a Change Data Capture framework, to build a fault tolerant event driven architecture.
https://daily.dev/blog/building-a-fault-tolerant-event-driven-architecture-with-google-cloud-pulumi-and-debezium

A nice summary of what observability is and why it’s important.
https://adri-v.medium.com/unpacking-observability-a-beginners-guide-833258a0591f

Tools

A handy Kubernetes operator that simplifies the management of Role Bindings and Service Accounts, using a declarative configuration for RBAC with new custom resources.
https://github.com/FairwindsOps/rbac-manager

Moco is a MySQL operator on Kubernetes using GTID-based semi-synchronous replication.
https://github.com/cybozu-go/moco

Updated:

You May Also Enjoy

DEVOPS WEEKLY ISSUE #698 - 19th May 2024

1 minute read

This week we have posts on APIs, behind the scenes of a large production infrastructure, speeding up monorepo builds and tools for managing feature flags and...

DEVOPS WEEKLY ISSUE #697 - 12th May 2024

less than 1 minute read

This week we have a range of posts covering API specification languages, log formats and CI/CD pipelines as well as tools for building development environmen...

DEVOPS WEEKLY ISSUE #696 - 5th May 2024

1 minute read

The DORA survey is back this week, along with posts on Jevons paradox, monitoring and testing ML models, reliability and service architecture and more.