DEVOPS WEEKLY
ISSUE #492 - 31st May 2020

I usually ignore current events in these introductions but that doesn’t feel appropriate this weekend. To all of my friends in the US, stay safe.


News
====

Threat modelling is a powerful technique for understanding how your service might be attacked. This detailed post services as a great introduction to software developers who might not have a string security background.

https://martinfowler.com/articles/agile-threat-modelling.html


A lot can happen in a large cloud environment, that’s where audit logs come in. This post explains how to configure, collect and use audit logs in GCP.

https://www.datadoghq.com/blog/monitoring-gcp-audit-logs/


Slides from a talk I gave this last week at DockerCon, talking about reusable Dockerfiles and using GitHub Actions to create a fast packaging pipeline for lots of images.

https://speakerdeck.com/garethr/building-a-docker-image-packaging-pipeline-using-github-actions


A look at building a deployment process around Kubernetes, using Helm and ArgoCD.

https://medium.com/riskified-technology/gitops-deployment-and-kubernetes-f1ab289efa4b


A review of Rejoiner, a tool looking to bridge gRPC APIs with GraphQL. Good discussion of both pros and cons.

https://nordicapis.com/review-of-rejoiner/


A useful checklist for backend applications, covering networking, monitoring, logging, backups, secrets and more.

https://medium.com/@aleksei.kornev/production-readiness-checklist-for-backend-applications-8d2b0c57ccec


A quick introduction to enforcing policy in a Kubernetes cluster using Open Policy Agent.

https://www.infracloud.io/kubernetes-pod-security-policies-opa/


Jobs
====

King is looking for new members for the infrastructure engineering teams to help develop, manage and expand our software based networking setup across datacenters and (Google) cloud. Please take a look at the open role for networking engineer. We're also still looking for both database and streaming data engineers, if that is more your style.

https://careers.king.com/jobs/job/14780-site-reliability-engineer-technology/
https://careers.king.com/jobs/job/15353-database-site-reliability-engineer-technology/
https://careers.king.com/jobs/job/15270-network-site-reliability-engineer-technology/


Tools
=====

With the release of Server Side Apply in Kubernetes 1.16 we’re likely to see more client tools, and the new Terraform provider for Kubernetes looks like a good start. Some tooling as well for converting YAML into HCL to make migration easier.

https://www.hashicorp.com/blog/deploy-any-resource-with-the-new-kubernetes-provider-for-hashicorp-terraform/
https://github.com/hashicorp/terraform-provider-kubernetes-alpha
https://github.com/jrhouston/tfk8s


If you received this email directly then you're already signed up, thanks! If however someone forwarded this email to you and you'd like to get it each week then you can subscribe at http://devopsweekly.com

--

You opted in for Devops Weekly at http://devopsweekly.com

You can always unsubscribe by visiting https://devopsweekly.us2.list-manage.com/unsubscribe?u=b6635e37e35fa5eff0c2a947a&id=a63f24d068&e=[UNIQID]&c=b3e8f282bd

If you have other queries you can contact the list maintainer at gareth@morethanseven.net

Our mailing address is 43 Gwydir Street, Cambridge, UK, CB1 2LG