DEVOPS WEEKLY
ISSUE #479 - 1st March 2020

Several security posts this week following on from RSA, as well as posts on extending Kubernetes, using production analytics to ensure safe rollouts of complex systems and more.


From our sponsor, VictorOps
=======================

Efficient management of SQL schema evolutions allows DevOps professionals to deploy code quickly and reliably with little to no impact. Learn how modern teams are building out zero impact SQL database deployment workflows here:

https://go.victorops.com/devopsweekly-zero-impact-sql-database-deployments


News
====

An excellent talk from RSA on the intersection of governance, risk and compliance with devops practices.

https://www.rsaconference.com/usa/agenda/how-to-grc-your-devops


Conftest, the Open Policy Agent based tool for testing infrastructure as code, now has a handy plugin model. This post covers a few examples, for Kubernetes and AWS, and explains how to build your own.

https://www.blokje5.dev/posts/conftest-plugins/


A look at Gandalf; an intelligent, end-to-end analytics service for safe deployment in cloud-scale infrastructure.

https://blog.acolyer.org/2020/02/28/microsoft-gandalf/


An interesting set of examples and exercises around Kubernetes security, looking at built-in Kubernetes capabilities.

https://securek8s.dev/exercise/


Another RSA talk, this one looking at the potential for attackers who know how Kubernetes works under-the-hood. Some pretty nefarious ideas demonstrated well.

https://www.rsaconference.com/usa/agenda/advanced-persistence-threats-the-future-of-kubernetes-attacks-3


One of the advantages of Kubernetes as a platform is it’s extensibility. This post looks at two mechanisms for this; adding your own scheduler and creating an an operator.


https://wgtwo.com/blog/extending-k8s/


A low-level look at how the logging framework Fluentd gathers metadata from Kubernetes.

https://www.zebrium.com/blog/how-fluentd-collects-kubernetes-metadata


Jobs
====

env0 makes Infra-as-Code easy, empowering every dev and test case to have its own environment, while minimizing maintenance effort, costs and risk. We are a rapidly growing and well-funded startup based both in the San Francisco Bay Area and in Tel Aviv. We believe software development is a team effort, and are looking for people who strive for excellence, and enjoy the journey getting there.

https://www.env0.com/open-positions/devops-relations-advocate


Tools
=====

Dispatch is an open source crisis management orchestration framework. IT integrates with Slack, Google Apps, Jira, etc. to make it easier to react to assembling participants, sending out notifications, tracking tasks, and assisting with post-incident reviews.

https://medium.com/@NetflixTechBlog/introducing-dispatch-da4b8a2a8072
https://github.com/Netflix/dispatch


Ever wanted to query your Kubernetes cluster using SQL? Kube Query provides a bridge between osquery and Kubernetes to do just that.

https://blog.aquasec.com/kube-query-osquery-kubernetes-clusters


Efficient management of SQL schema evolutions allows DevOps professionals to deploy code quickly and reliably with little to no impact. Learn how modern teams are building out zero impact SQL database deployment workflows here:

https://go.victorops.com/devopsweekly-zero-impact-sql-database-deployments



If you received this email directly then you're already signed up, thanks! If however someone forwarded this email to you and you'd like to get it each week then you can subscribe at http://devopsweekly.com

--

You opted in for Devops Weekly at http://devopsweekly.com

You can always unsubscribe by visiting https://devopsweekly.us2.list-manage.com/unsubscribe?u=b6635e37e35fa5eff0c2a947a&id=a63f24d068&e=[UNIQID]&c=95ae319aa9

If you have other queries you can contact the list maintainer at gareth@morethanseven.net

Our mailing address is 43 Gwydir Street, Cambridge, UK, CB1 2LG