#191 — November 7, 2018

Read on the Web

Web Operations Weekly

A Tour Through The OWASP Top 10 Webapp Security Threats— The Open Web Application Security Project (OWASP) is an organization set up to help raise awareness around web application security and their frequently updated ‘top 10’ list covers the main threats to Web applications today.

Yvonne Wilson

Facebook’s GraphQL Gets Its Own Open-Source Foundation— GraphQL, the Facebook-incubated data query language, is moving into its own open-source foundation to be hosted by The Linux Foundation.

TechCrunch

What Developers Have to Say About the State of Open Source— DigitalOcean surveyed more than 4,300 developers worldwide to learn how they and their companies are contributing to open source. See the report.

DigitalOcean sponsor

Google Cloud Scheduler: A Modern, Managed Cron Service for Automated Jobs— Simply create your schedules and Cloud Scheduler handles the rest by either making an HTTP request or sending a pub/sub message at the appropriate times.

Google Cloud Blog

Measuring Performance With Server Timing— The HTTP Server-Timing header provides a convenient way to communicate backend server performance timings to browser-based developer tools.

Drew McLellan

▶  Chaos Engineering: What Is It, and Where It's Going— The VP of Cloud Architecture Strategy at Amazon Web Services gives a high level talk about failure and the role of chaos engineering as a way to test the resiliency of systems.

Adrian Cockroft (AWS)

On IBM Buying Red Hat: 'At Least It Wasn’t Oracle'— What it was like for relatively new Red Hat employee, Chris Short, during the IBM acquisition announcement and the (last) week that followed.

Chris Short

💻 Jobs

DevOps Engineer at X-Team (Remote)— We help our developers keep learning and growing every day. Unleash your potential. Work from anywhere. Join X-Team.

x-team

Join Our Career Marketplace & Get Matched With A Job You Love— Through Hired, software engineers have transparency into salary offers, competing opportunities, and job details.

Hired

📘 Tutorials

Embracing Failures and Cutting Infrastructure Costs: Spot Instances in Kubernetes— ‘Spot Instances’ are unused servers made available for less than the regular price, but they can be shut down in an instant. Kubernetes to the rescue.

César Tron-Lozai

A PostgreSQL Performance Tuning Tutorial— And if you’re a Postgres user, check out our weekly Postgres newsletter.

Stackify

Free eBook: Actionable Continuous Delivery Metrics— This eBook provides you insight into your CD pipeline & helps you to improve your CD process with metrics.

GoCD sponsor

Immutable Infrastructure Using Packer, Ansible, and Terraform

Mitesh

💬 Stories & Opinions

Deadlines, Lies and Videotape: The Tale of a gRPC Bug— If your systems rely upon gRPC, this in-depth post mortem is a must read.

Ciaran Gaffney and Fran Garcia

Dissecting Apple's Meta-CDN During an iOS Update— An attempt to measure the load-sharing behavior of Apple’s CDNs during a major iOS rollout.

Blendin, Bendfeldt, et al.

Writing Network Drivers in Go— An academic presentation of a C-based network driver rewritten in Go with only 10% lower performance.

Sebastian Peter Johann Voit

VMware to Acquire Heptio for Enterprise Kubernetes Expertise— Heptio is an enterprise-focused consulting firm founded by two of the initial developers of Kubernetes.

Joab Jackson (The New Stack)

API Profiling at Pinterest— An API intern at Pinterest explains a few different ways in which profiling has proven helpful there.

Anika Mukherji (Pinterest)

What the .NET Renaissance Means for the Enterprise

Shanfan Huang

🔧 Tools

AWS EC2 Gets New Lower-Cost, AMD-Powered M5a and R5a Instances— Powered by custom AMD EPYC processors and priced 10% lower than ‘comparable’ (i.e. Intel-based) instances.

Amazon Web Services

Monitor All Your Infrastructure, Apps, and Logs in One Platform. Try Datadog Free

Datadog sponsor

Dive: A Tool for Exploring Each Layer in a Docker Image

Alex Goodman

Ariadne: A Python Library for Implementing GraphQL Servers— Inspired by Apollo Server from the JavaScript world.

Mirumee Labs

SDNS: A Lightweight, Fast Recursive DNS Server with DNSSEC Support— Always good to see more infrastructure tools written in Go.

Yasar Alev

#192 — November 14, 2018

Read on the Web

Web Operations Weekly

We're taking a break for Thanksgiving, and will be back on November 28. We hope you have a great holiday!
The WebOps Weekly team (Peter, Chris, and Za'e)

Behold HTTP/3, Formerly Known as 'HTTP-over-QUIC'— HTTP/3 is the coming new HTTP version that uses QUIC (a multiplexed stream transport over UDP originally designed by Google). More story here.

Daniel Stenberg

Amazon Corretto: A No-Cost Distribution of OpenJDK from Amazon— Java is one of the most popular languages in use by AWS customers and it’s interesting to see Amazon coming out with their own OpenJDK distribution and promising long-term support for it after recent moves by Oracle.

Amazon Web Services

Successful Software Starts Here— Unlock your biggest app performance bottlenecks with all new Raygun APM. Get unparalleled detail on traces presented in an intuitive UI. Now available for .NET.

Raygun sponsor

The Rise of Multivector DDoS Attacks— Cloudflare deals with more DDoS attacks than most companies and here they review a few, recent ‘interesting’ attacks. On the plus side, “the Internet seems less violent these days”.

Marek Majkowski (Cloudflare)

Optimizing an AWS Microservice— The lead engineer for a popular betting site explains what they learnt from optimizing an AWS-based microservice to reduce latency.

Jamie Munro

Machine Learning for Operations?— As the management of infrastructure becomes increasingly complex and fuelled by ever increasing amounts of data, could the adoption of ‘MLOps’ or ‘AIOps’ (as Gartner has christened this trend) help turn a flood of raw data into ops solutions?

Mary Branscombe

Google Announces .dev Top-level Domain, Open Registration in February— At this week’s Chrome Dev Summit (which we’re covering in more depth in Frontend Focus) Google announced they’d be opening up their .dev TLD to the public early next year.

Kyle Bradshaw

How a BGP Leak Vulnerability Hit Access to Google Services— A look at how earlier this week a BGP route leak interrupted access to Google’s services across the world with traffic rerouted via Russia and China. A key reminder that “enterprises need to continuously monitor their BGP routes and detect such incidents quickly in order to mitigate any service impacts to their business.”

Ameet Naik

💻 Jobs

Sr. Fullstack Engineer (Remote)— Sticker Mule is looking for passionate developers to join our remote team. Come help us become the Internet’s best place to shop and work.

Sticker Mule

Join Our Career Marketplace & Get Matched With A Job You Love— Through Hired, software engineers have transparency into salary offers, competing opportunities, and job details.

Hired

📘 Tutorials

Continuous Delivery with Amazon EKS and Jenkins X— How to automate your CI/CD needs when using Amazon Elastic Container Service for Kubernetes (Amazon EKS).

Arun Gupta

Real URLs for AMP Cached Content Using Cloudflare Workers

Gabbi Fisher and Avery Harnish (Cloudflare)

8 Architectural Considerations to Keep in Mind About Microservices

Bich Le

AWS CloudFormation Gets Support for Stack Drift Detection— It’s now possible to detect if a stack’s actual configuration differs, or has ‘drifted’, from its expected template configuration.

Amazon Web Services

Learn How to Configure the Elastic Stack to Collect and Analyze System Logs

DigitalOcean sponsor

gRPC Load Balancing on Kubernetes without Tears

William Morgan

4 Common Kubernetes Monitoring Traps to Avoid— A CNCF survey reveals 38% of respondents identify monitoring as one of their biggest Kubernetes-adoption challenges.

Eric Johanson

▶  3 Talks from Medium's GraphQL Tech Talks

Sasha Solomon (Medium Engineering)

Sharing Data Among Multiple Servers Through AWS S3— A WordPress and PHP-focused tutorial.

Smashing Magazine

💬 Stories & Opinions

A Netflix Web Performance Case Study— A look at what was involved in improving the ‘time-to-interactive’ for Netflix on the desktop.

Addy Osmani

Serving Millions of Users in Real-Time with Node.js and Microservices— A brief tale of fixing a bottleneck in a large Node microservices-based app and how it scales up to serving 1000s of requests per second.

Máté Huszárik and Peter Czibik (RisingStack)

Seagate Sets Out a Roadmap to 48TB Hard Drives in 2023

The Register

Stratus Update – Weekly Delivery of Cloud Native News ⛅️— A curated set of news, tools and services along with easy to digest commentary direct to your inbox.

Manifold sponsor

An AWS Region in Milan, Italy is Under Development— The upcoming Europe (Milan) region will be Europe’s sixth AWS region and is due to open in 2020.

Jeff Barr (AWS)

Scaling Millions of Connections with a Zero-Propagation Dynamic DNS

Andrew Sampson

#193 — November 28, 2018

Read on the Web

Web Operations Weekly

'The Datacenter as a Computer: Designing Warehouse-Scale Machines'— If getting a very thorough tour of how Google structures its datacenters for its collossal workloads sounds interesting to you, you’ll love this. It’s fascinating reading and packed with diagrams and photos. PDF here.

High Scalability

Five Lessons Learned From Writing Over 300,000 Lines of Infrastructure Code— Bills itself as a “concise masterclass on how to write infrastructure code”.

Yevgeniy Brikman

Expanding the CircleCI Ecosystem: Orbs and the Technology Partner Program— CircleCI just announced its first-ever Technology Partner Program. Our platform is now open to partners to contribute Orbs - first-in-industry configuration packages for CI.

CircleCI sponsor

WebSockets: A Conceptual Deep-Dive— A technical look at the world of WebSockets, the browser technology that can provide a fast, full-duplex persistent connection between a server and client.

Ably

AWS Introduces EC2 Instances Powered By Its Own 'Graviton' ARM Processors— AWS continues its relentless release of new EC2 instance types, this time powered by ARM-based CPUs of its own design. If this intrigues you, one of AWS’s VPs spoke about Amazon’s ‘custom silicon journey’ earlier this year.

Jeff Barr (AWS)

Herding the DNS Camel— Bert Hubert, the founder of PowerDNS and author of RFC 5452 (Measures for Making DNS More Resilient against Forged Answers), shares his views on forces influencing DNS protocol development.

IETF

💻 Jobs

DevOps Engineer at Clue (Permanent)— Clue is at a pivotal and exciting point in our journey. With 10 million MAUs globally and fast-paced growth, we're building our platform, monetization, and team to support our continued success.

Clue by Biowink

Join Our Career Marketplace & Get Matched With A Job You Love— Through Hired, software engineers have transparency into salary offers, competing opportunities, and job details.

Hired

📘 Tutorials

How to Build a Serverless Report Server with Azure Functions and SendGrid— Severless.. server? Nonetheless, this is a fun walk through what’s involved in using Azure Functions’ timer triggers to fire up a process that builds and emails a report.

Burke Holland

What's in a Docker Image?— Not only does it answer the question but shows how to dig around.

Cameron Lonsdale

Transferring Your Linux Images to DigitalOcean with Custom Images— Create and compress Linux and Unix-like virtual disk images and launch them on DigitalOcean Droplets.

DigitalOcean sponsor

Progressive Service Architecture at Auth0— Learn how to create a mature service architecture for scalability and high availability by building its topology progressively.

Dan Arias

RFC 8484: DNS Queries over HTTPS (a.k.a. DoH)

IETF

💬 Stories & Opinions

How GitLab Spent Two Weeks Hunting An NFS Bug in the Linux Kernel— An in-depth recap of debugging a GitLab issue that culminated in a patch for the Linux kernel.

Stan Hu (GitLab)

Automating Terraform: Infrastructure as Code as a Service

Matthew Smith

Overload Control for Scaling WeChat Microservices— WeChat is a very popular China-based chat system and this paper gives a look behind the scenes as to how it works.

the morning paper

Reliable Webhooks Using Serverless Architecture— “How we made our webhooks more reliable using SQS and Lambda”

Victor Zhu

Can SNMP (Still) Be Used to Detect DDoS Attacks?— SNMP is a protocol for collecting info about devices on IP networks, but SNMP polling is no longer a good way to detect DDoS attacks.

Pascal Geenens

When Not to Use Microservices

Charles Féval

Towards Usable Checksums: Automating the Integrity Verification of Web Downloads for the Masses— A look at an academic paper that addresses the problem of verifying the authenticity of downloads.

the morning paper

🔧 Tools & Code

Amazon CloudWatch Logs Insights: Interactive Log Analytics on AWS— In a move that’s likely to tread on a lot of other services’ toes, AWS is now providing a fully managed service for ‘cloud-scale’ log analysis.

Jeff Barr

AWS Transfer for SFTP: A Fully Managed SFTP Service for Amazon S3— At 30 cents an hour, you either better have a need for a $200 per month SFTP server or provision it as needed.

Jeff Barr

Shop Like a Developer – Discover and Experiment with Hot New Cloud Services 🔥

Manifold sponsor

AWS Unveils New C5n EC2 Instances with 100 Gbps Networking— If you have too much funding and too much data to shift, the solution is here.

Jeff Barr

Elasticsearch 6.5.0 Released— The hugely popular search server and document database takes another step forward with a new ODBC driver for Windows, new query filters, improved audit logging, minimal snapshots (smaller snapshots that don’t include large generated indexes), and cross-cluster replication (paid customers only, alas).

Elastic

Generate Self-Signed SSL Certificates for Local Development on a Mac— A bash script for generating trusted self-signed SSL certs for local development.

Russell Heimlich

#194 — December 5, 2018

Read on the Web

Web Operations Weekly

Amazon DynamoDB Goes 'On-Demand' with Pay-Per-Request Pricing— Amazon’s popular DynamoDB key-value store has adopted an optional on-demand pricing option that avoids the need to provision capacity ahead of time.

Amazon Web Services

First Major Kubernetes Security Flaw Unveiled— The first major security flaw in the popular cloud container orchestrator Kubernetes has been discovered - it’s a privilege escalation vulnerability and detecting if it has been exploited isn’t simple. Patched releases are already out but you need to upgrade older Kubernetes versions ASAP.

James Orme (The Stack)

Watch How to Create a Terraform Provider for Almost Anything— Terraform is an incredibly powerful tool that lets you define your infrastructure as code. Learn how to contribute to an existing provider or create your own from scratch by watching Eddie Zaneski, Manager of Developer Relations at DigitalOcean.

DigitalOcean sponsor

Introducing Cloud Native Application Bundles (CNAB)— Microsoft, Docker, Hashicorp and Bitnami have collaborated on this spec for packaging distributed apps along with their coupled services in a cloud-agnostic way. Initial support has been released as part of Docker App.

Microsoft, Docker, et al.

QUIC and HTTP/3: Too Big to Fail?— We’ve recently mentioned HTTP/3, the new name for the idea of delivering HTTP over QUIC. This post looks at the potential problems on the way to an HTTP/3 world.

Robin Marx

AWS Lambda Gains 'Layers' For Code Sharing Between Functions— Last week was a huge week for Lambda, the AWS serverless platform, as it introduced Layers which lets you centrally manage code and data shared across functions, as well as a way to use any programming language with Lambda. Lambda also introduced native support for both Ruby and C++.

Amazon Web Services

EC2 Gains Support for Instance Hibernation— As of today, instances of various types that are running Amazon Linux 1 can be hibernated. The hibernation process stores (and restores) the in-memory state of the instance to the root EBS volume.

Jeff Barr (AWS)

Simplifying Kubernetes with Docker Compose and Friends— Docker has open sourced support for using Docker Compose on Kubernetes, a feature previously limited to Docker Enterprise.

Gareth Rushgrove

💻 Jobs

DevOps Engineer at X-Team (Remote)— We help our developers keep learning and growing every day. Unleash your potential. Work from anywhere. Join X-Team.

x-team

Join Our Career Marketplace & Get Matched With A Job You Love— Through Hired, software engineers have transparency into salary offers, competing opportunities, and job details.

Hired

📘 Tutorials

The Git Workflow You Need: How to Deal with Multiple Teams in a Single Repo

Fernando Doglio

HTTP/2 and the HOL in the Waterfall— Head-of-line (HOL) blocking with HTTP is the concept of an HTTP request blocking further ones from being dealt with, a common HTTP/1 issue. But does HTTP/2 entirely solve it or just introduce new problems?

Felix Hassert

Free eBook: Actionable Continuous Delivery Metrics— This eBook provides you insight into your CD pipeline & helps you to improve your CD process with metrics.

GoCD sponsor

Building Serverless Python Apps Using AWS Chalice— Chalice is a Python framework built by Amazon Web Services.

Saurabh Sharma

Mistletoe Offline: Building A Custom Offline Page— Advice for building an offline page, for when a visitor can’t reach your site.

Jeremy Keith

Logs from the Edge— With Cloudflare’s Workers serverless plaform, it’s possible to send traffic logs to arbitrary locations - here’s how.

Michael Tremante (Cloudflare)

💬 Stories & Opinions

First Impressions of DigitalOcean's Kubernetes Engine

Alex Ellis

How Pinterest Runs Kafka At Scale

Yu Yang (Pinterest)

How I Passed the AWS Certified Solution Architect (Associate) Exam

Robert Leggett

Get Festive with Manifold’s 12 Days of Cloud Services 🦌🎅❄️

Manifold sponsor

Testing the Performance of Linux Distributions on AWS EC2— Several Linux distributions (Amazon, Clear, Debian, Red Hat, SUSE, and Ubuntu) go head to head in a benchmark on EC2. Intel’s Clear Linux distribution won a majority of the rounds.

Michael Larabel

The Path to Production: How and Where to Segregate Test Environments— An overview of the an idea of the stages, tests, and quality gates your pipeline could contain.

June Jung

Stop Calling Your APIs Microservices— Thoughts on the relationships between APIs, microservices, and containers.

Lukas Rosenstock

Reasons to Scale Horizontally— “if you think there is a decent chance that you will eventually need to scale horizontally because you will need more disk, memory, or CPUs, plan for it ahead of time.”

Sean T. Allen

🔧 Tools

Kubernetes 1.13 Released— Three notable features: simplified cluster management with kubeadm, Container Storage Interface (CSI) is now GA, and CoreDNS is now the default DNS server.

Kubernetes Release Team

k6: A Go-Powered Open Source Load Testing Tool— “Like unit testing, for performance.”

Load Impact AB

AWS Outposts: Run AWS Infrastructure On-Premises— An interesting option coming for heavy AWS users (or those with very deep pockets, we suspect) in 2019.

Amazon Web Services, Inc.

The AWS Well-Architected Tool— A self-service tool on AWS to help architects and managers review AWS workloads at any time and compare them to AWS best practices.

Amazon Web Services, Inc.

dnsrecords.io: A Quick Web-Based DNS Records Lookup Tool— Possibly useful if you haven’t got a terminal open..

Spatie

#195 — December 12, 2018

Read on the Web

Web Operations Weekly

Do you like podcasts? We do, and this year we've found a handful that you might find interesting. Scroll down to check out our special section dedicated to them and get your headphones on :-)
— The WebOps Weekly team (Peter, Chris, and Za'e)

HashiCorp Vault 1.0 Released— Vault is a popular tool for managing secrets and protecting sensitive infrastructure and app related data. GitHub repo.

HashiCorp

Phusion Passenger 6 Released— While Passenger was originally an app server solely aimed at getting Rails apps rapidly deployed to the Web, it’s now grown into a more general tool and now includes generic language support as well as first class support for other languages like Elixir and Rust.

Hongli Lai (Phusion)

Video Encoding, Storage, and Delivery in A Single Platform— Mux Video takes the pain out of video encoding and streaming with a simple API to data-optimized live and on-demand video. Get up and running in minutes, not months. By the creators of Zencoder, Video.js, and Demuxed.

Mux sponsor

Designing Headers for HTTP Compression— HTTP headers isn’t a common place we look for performance wins but they quickly add up. HTTP/2’s HPACK header compression can help, but how does it work?

Mark Nottingham

Real-Time Serverless with API Gateway WebSockets and AWS Lambda?— AWS has announced WebSockets support for API Gateway (coming soon, it’s not GA yet), and the serverless community got pretty excited as it opens up a promising new pattern for serverless development - connect via WebSockets to API Gateway and then call serverless functions over that connection.

Jared Short

How To Build a Real-Time App with GraphQL Subscriptions on Postgres— A walkthrough of building a real-time polling app using Postgres, GraphQL, and React with no specific back-end code (it uses Hasura’s GraphQL service running on Heroku - all for free).

Sandip Devarkonda

Windows Server 2019 Includes OpenSSH— The OpenSSH client and server are a supported ‘Feature-on-Demand’ in Windows Server 2019 and Windows 10 1809 - this comes the same week Microsoft announced its Edge browser will switch to the same engine as Chrome. Windows to adopt the Linux kernel in 2021? :-)

Danny Maertens (Microsoft)

AWS Europe (Stockholm) Region Now Open— The new Amazon Web Services region in Sweden is technically called eu-north-1 and is their fifth region in Europe. Some eagle-eyed Redditors have already noticed EC2 and RDS pricing is a little lower than other EU regions but instance type availability is a little patchy.

Jeff Barr (AWS)

💻 Jobs

Sr. Fullstack Engineer (Remote)— Sticker Mule is looking for passionate developers to join our remote team. Come help us become the Internet’s best place to shop and work.

Sticker Mule

Join Our Career Marketplace & Get Matched With A Job You Love— Through Hired, software engineers have transparency into salary offers, competing opportunities, and job details.

Hired

📘 Tutorials

Troubleshooting an Obscure OpenSSH Failure— How a curious continuous integration error led a team to uncover a person-in-the-middle SSH proxy.

Pivotal

What Is API Management?— An explanation of key API concepts and the relationship of API management to API gateways.

Karthik Krishnaswamy (NGINX, Inc.)

Deploy Your Clusters in Minutes with DigitalOcean Kubernetes

DigitalOcean sponsor

A Guide to the Kubernetes Networking Model— This is from earlier this year but is a very thorough introduction and rich with diagrams.

Kevin Sookocheff

A Crash Course on Building APIs with Lambda and Aurora Serverless— How to hook up a MySQL database to a serverless API by using Aurora Serverless, AWS’s new on-demand database service.

Adnan Rahić

Building AWS Lambdas for Real World using Ruby and Serverless Framework— A thorough tutorial covering Lambda’s new Ruby support, along with testing and logging considerations.

Jalerson Lima

Free eBook: Actionable Continuous Delivery Metrics— This eBook provides you insight into your CD pipeline & helps you to improve your CD process with metrics.

GoCD sponsor

Securing Your Site Like It’s 1999— “What follows are examples of critical mistakes that brought down several early websites, and how you can help protect yourself and your team from the same fate.”

Katie Fenn

🔧 Tools and Code

DigitalOcean Releases Its Kubernetes-Based Container Service— DigitalOcean joins providers like AWS, Google and Azure in offering a managed Kubernetes service in the cloud.

The DigitalOcean Blog

GitLab Announces GitLab Serverless— From December 22, GitLab 11.6 users will get access to a new, alpha ‘serverless’ offering that will let you build and manage serverless workloads from within the GitLab UI.

GitLab

An introduction to Kubeflow— Kubeflow is a Kubernetes-native platform for developing and and running scalable machine learning workloads.

Michelle Casbon and Amy Unruh

FreeBSD 12.0 Now Available

Glen Barber

Resilience Weekly: Weekly Reflections on the Resilience of Systems— An interesting newsletter that digs into matters around the resilience of systems, technology and people - a topic that has some crossover with operations.

Thai Wood

#196 — December 19, 2018

Read on the Web

Web Operations Weekly

Welcome to the last issue of the year and thanks for reading over 2018! We'll be back with a round-up of the best of 2018 in two weeks' time.

In the meanwhile, we want to recommend another newsletter you might be interested in called TLDR— it's a daily newsletter with TLDRs of the most interesting stories in tech (see today's issue here) and it's by one of our readers so you can't go wrong :-)

— The WebOps Weekly team (Peter, Chris, and Za'e)

How and Why Reddit Uses Envoy Proxy— A tour through Reddit’s journey with service communication and how and why they chose Envoy to help keep things organized.

Courtney Wang (Reddit)

Build a Serverless Twitter Reader using AWS Fargate— Most people think of Lambda when it comes to AWS and serverless, but Fargate is an interesting service that lets you run containers without managing servers and so operates at a different level to Lambda’s function oriented approach.

Raja Mani and Luis Pineda

Video Streaming in Just Two API Requests— The developer-first API for building best-in-class video applications. You’re one POST request away from being able to provide data-driven, reliable streams that are playable in seconds.

Mux sponsor

The Definitive PHP 5.6, 7.0, 7.1, 7.2 and 7.3 Benchmarks— A thorough performance test of 16 different platforms/configurations (WordPress, Drupal, Joomla) and five versions of PHP (5.6, 7.0, 7.1, 7.2, 7.3). Unsurpisingly, the most recent version of PHP 7.3 dominated.

Mark Gavalda (Kinsta)

Using Go to Build Microservices at The Economist: A Retrospective— Three years ago, the Economist moved to a Go-based microservice-oriented architecture and now we get to learn the (mostly) good and bad of their journey.

Kathryn Jonas

Why On Earth Did We Choose Jenkins for 2019?— One company shares their reasons for using Jenkins in 2019 although this led to a huge discussion on Reddit where GitLab CI seemed to be more popular.

Itiel Shwartz

Red Hat Contributes etcd to the CNCF— It’s been encouraging to see several key infrastructure projects being donated to foundations recently (including Kubernetes itself and also, this week, the Envoy proxy).

Brandon Philips (Red Hat)

💻 Jobs

Sr. Fullstack Engineer (Remote)— Sticker Mule is looking for passionate developers to join our remote team. Come help us become the Internet’s best place to shop and work.

Sticker Mule

Join Our Career Marketplace & Get Matched With A Job You Love— Through Hired, software engineers have transparency into salary offers, competing opportunities, and job details.

Hired

💬 Stories & Opinions

▶  How Rancher Discovered the Kubernetes Vulnerability— A 20 minute podcast interview with the cofounder of the company that discovered the recent Kubernetes vulnerability (CVE-2018-1002105).

The New Stack

How Airbnb is Moving 10x Faster at Scale with GraphQL and Apollo

Adam Neary

Scaling Christmas — An Illustrated Adventure— OK, you won’t learn much here, but if Christmas-themed operations intrigue you..

Brandon Weaver (Square)

My Journey to Achieving DevOps Bliss, Without Useless AWS Certifications— “how I transformed from a naive full-stack engineer struggling with AWS & PaaS providers to loving my life and achieving DevOps bliss”

Patrick Lee Scott

Configure, Provision, and Access a Kubernetes Cluster in Minutes— Effortlessly deploy and manage your clusters with DigitalOcean Kubernetes.

DigitalOcean sponsor

▶  Reddit’s Serverless and Compute Infrastructure at Scale— Two engineers from Reddit explain how they’ve used AWS and serverless technologies to serve over 1 billion videos a month.

Anand Mariappan and Jesjit Birak

4 Ways Docker Has Changed the Way Software Engineers Work— Docker wasn’t the first container platform but it certainly popularized the idea and has changed the way many developers work.

Geshan Manandhar

How Dashboards are Changing Human Behavior in DevOps

Jennifer Riggins

Netflix's Learnings From Adopting GraphQL

Artem Shtatnov and Ravi Srinivas Ranganathan (Netflix)

🔧 Tools & Code

Supergloo: A Service Mesh Orchestration Platform— A tool to help manage and orchestrate service meshes at scale even if you use multiple technologies for the services (e.g. Istio, Linkerd or Consul).

Solo

BloomRPC: A GUI Client for GRPC Services— Inspired by Postman and the GraphQL Playground, this tool aims to make it easy to explore and query your GRPC-based services.

Utility Warehouse Labs

Goldpinger: A Debugging tool for Kubernetes— Tests and displays connectivity between nodes in a cluster.

Bloomberg

Rendora: A Dynamic Renderer for Zero-Conf Server-Side Rendering— It’s built in Go, but you might find this useful for using headless Chrome to do server-side rendering of client-rendered content for bots, etc.

Rendora

A More Secure Domain Registrar

Cloudflare Registrar sponsor

OpsMop: Next Generation Config Management and App Deployment— Uses a Python 3-based declarative DSL. From the original creator of Ansible.

OpsMop

Grafani Loki: Like Prometheus, But for Logs— “Loki is a horizontally-scalable, highly-available, multi-tenant log aggregation system inspired by Prometheus.

Grafana Labs

#197 — January 2, 2019

Read on the Web

Web Operations Weekly

Welcome to 2019! This week we're reflecting on what happened in the web operations world in 2018, as well as the top stories and tools you, our fantastic readers 🤗, clicked on the most.

Thanks for supporting us in 2018 and we look forward to keeping you up to date into 2019!
— Peter Cooper, editor

🗞 Web operations developments in 2018

• The first big story of 2018 was about the Meltdown and Spectre CPU vulnerabilities whose repercussions continue to be felt.
• Someone managed to exploit ACME and get SSL certificates issued for domains they didn't own.
• AWS started the year by opening its 50th availability zone (in London) and adding native Go support to AWS Lambda.
• Red Hat acquired CoreOS, extending its moves into the Kubernetes world. IBM then bought Red Hat itself later in the year.
• Jerry Hargrove explained a lot of AWS services in neat illustrations.

Chaos Engineering: the History, Principles, and Practice— What is Chaos Engineering? This post provides a comprehensive overview into the origins of this discipline, its various manifestations, and recommendations for implementing Chaos Engineering in your own systems.

Gremlin sponsor

• The servers behind Fortnite went down under the load of the rapidly growing game.
• NGINX added support for HTTP2 Server Push and gRPC.
• Chrome began to mark all non-HTTPS sites as 'not secure' in a push to make HTTPS even more common.
• memcached was used in a variety of 'amplification' DDoS attacks.
• Let's Encrypt, the popular free security certificate issuing service, launched ACME v2 and wildcard certificate support.
• Cloudflare and APNIC launched the 1.1.1.1 DNS service. Cloudflare also launched its Workers 'JavaScript at the edge' service.
• Traffic to Amazon's Route 53 DNS service got rerouted by a BGP hijack in April. Cloudflare then explained what BGP leaks are.
• Amazon's Elastic Container Service for Kubernetes (EKS) went live. Azure's equivalent went GA shortly thereafter. Oh, and then VMware's.
• Microsoft acquired GitHub and then dumped a data center in to the sea.
• In the world of serverless, Google's Cloud Functions went live, as did AWS's Aurora Serverless MySQL. AWS's DynamoDB followed suit with on-demand pricing later in the year.
• Azure went down for a bit due to a cooling issue.
• MongoDB's new license caused a bit of drama.
• Kubernetes continued to eat the world.

Please note, this list is just a selection and isn't exhaustive.. you've got our issue archive for that :-)

💻 Jobs

DevOps Engineer at X-Team (Remote)— Join the most energizing community for developers. Work from anywhere with the world's leading brands.

X-Team

Find A Job Through Vettery— Vettery matches top tech talent with growing companies. Create your profile to get started.

Vettery

📘 Top Tutorials of 2018

12 Best Practices for User Account, Auth and Password Management— A post laying out best practices to ensure you have a safe, scalable, usable account authentication system.

Ian Maddox (Google)

A Modern (Re)Introduction to DNS— An attempt to provide a concise, modern, ‘correct introduction’ to DNS and related concepts. Pretty technical, but all worth knowing. “The goal is to be a mini “TCP/IP Illustrated” of DNS.”

Bert Hubert

📈 Data-Driven Guide to Engineering Leadership— Get actionable insights from 7 million commits and 85,000+ engineers, to increase your software teams velocity. [Free Guide]

GitPrime sponsor

Best Practices for Staging Environments— When you’ve got a new feature to push out, it’s tempting, but risky, to go straight to production. A ‘production lite’ staging environment can help you indulge yourself without affecting end users.

Alice Goldfuss

Behold HTTP/3, Formerly Known as 'HTTP-over-QUIC'— HTTP/3 is the (still) forthcoming new HTTP version that uses QUIC (a multiplexed stream transport over UDP originally designed by Google). More story here.

Daniel Stenberg

💬 Top Ops Stories of 2018

E-Commerce at Scale: Inside Shopify's Tech Stack— Shopify provides ecommerce services for over 600K sites - here’s how they keep their system running at over 80K requests per second while running on Ruby on Rails, a system not usually known for its speed, and MySQL.

Shopify Engineering

Moving Fast and Securing Things at Slack— Ease of deployment and security often have an inverse relationship but it pays to get both right. Slack does this by following a Security Development Lifecycle and has built some tools and processes to manage it smoothly.

Max Feldman

How Netflix Does Failovers in 7 Minutes Flat— Netflix decreased the time it takes to respond to an outage from 45 minutes to seven with no additional cost.

Amjith Ramanujam

Building a Central Logging Service In-House— A look at how a team built their own in-house central logging service to record all key events logged during user sessions, enabling them to track both errors and useful business metrics.

Akhil Labudubariki

🔧 Top Tools of 2018

GoAccess: A Visual, Real-Time Web Log Analyzer— An open source log analyzer and interactive viewer that runs in the terminal or through the browser. Supports logs from Apache, Nginx, Amazon S3, Elastic Load Balancing, CloudFront, etc.

Gerardo O.

GitHub Actions: Workflow Automation on GitHub— Still in beta, as of 2019, Actions takes GitHub into new, ops-style territory by providing definable, automated workflows for deploying and releasing software. It’s billed as “the biggest shift we’ve had in the history of GitHub”.

GitHub

Shop Like a Developer – Discover and Experiment with Hot New Cloud Services 🔥

Manifold sponsor

Google Releases reCAPTCHA V3: The New Way to Stop Bots— Instead of just showing a CAPTCHA, reCAPTCHA v3 gives incoming visitors a risk score and lets you take custom actions based on that score.

Google

Minimal Ubuntu: A Tiny Ubuntu Distribution for Containers— “The 29MB Docker image for Minimal Ubuntu 18.04 LTS serves as a highly efficient container starting point, and allows developers to deploy multicloud containerized applications faster.”

Canonical

A Collection of Unix Sysadmin Test Questions and Answers— Want to test your Unix sysadmin skills for an interview or just for fun? This collection of questions and answers should keep you entertained.

Trimstray

Play with Kubernetes: Learn Kubernetes in the Browser— The Play with Kubernetes Classroom is an online, hands-on Kubernetes learning environment that lets you follow a tutorial without installing anything locally.

Mano Marks (Docker)

#198 — January 9, 2019

Read on the Web

Web Operations Weekly

Hacker News: What Is Your 'Go To' Web Stack Today?— Someone simply asked the users of Hacker News what Web stack they’re using and.. a flood of interesting replies followed. While opinions about things like React vs Vue and Django vs Rails differed, PostgreSQL was a very common suggestion.

Hacker News

GitHub Announces Unlimited Free Private Repos— A late Christmas present comes from GitHub in the shape of their free offering now including unlimited private repositories (something that previously cost $7/mo) with a limit of three collaborators per repo. For balance, GitLab’s CEO had a response.

GitHub

Responsive Video for Headless CMS— We’ve combined forces with Sanity.io to make it easy to upload and preview videos within their CMS and deliver great video experiences at scale.

Mux sponsor

Is There Hope for IPv6?— Competition between IPv4 and IPv6 has implications for the future of the internet - is a mixed-standard Internet a passing phenomenon or could we get stuck here?

Internet Governance Project

SQL is No Excuse to Avoid DevOps— Should the presence of database administrators restrict your ability to adopt modern devops practices? No, argues Thomas, who then suggests some solutions to any deadlock.

Thomas A. Limoncelli

Big Price Reductions for AWS Fargate— AWS Fargate is Amazon’s container based compute engine where you just hand over your containers and it runs and scales them appropriately. Independently, Andy Warzon of Trek10 places Fargate’s pricing in context to other options.

Nathan Peck (AWS)

💻 Jobs

Find A Job Through Vettery— Vettery matches top tech talent with growing companies. Create your profile to get started.

Vettery

DevOps Engineer at X-Team (Remote)— Join the most energizing community for developers. Work from anywhere with the world's leading brands.

X-Team

📘 Tutorials & Opinion

Deploying MongoDB Using Docker— Provides an introduction to deploying MongoDB in a container including concepts like volume mapping and connecting to a MongoDB container from another container using links.

Akash Kathiriya

Improving HTML Time to First Byte with Cloudflare— Whatever tools and stack you use, a low ‘Time To First Byte’ will have a huge impact on users. This post introduces a Cloudflare-oriented approach for achieving one.

Patrick Meenan

Inside Stack Overflow’s Monitoring Systems

Hrishikesh Barua

Chaos Engineering Tools: Build or Buy?— This post is for teams that are ready to adopt chaos engineering and want guidance on the best strategy.

Gremlin sponsor

How VP9 Delivers Value for Twitch’s Esports Live Streaming— “FPGA-based real-time VP9 encoding can deliver at least 25% bitrate savings compared to the highest-quality H.264 encoders deployed in Twitch’s production today”

Yueshi Shen (Twitch)

A Review of Gloo, The Function Gateway— Gloo is a function gateway for tying together and routing multiple APIs.

Kristopher Sandoval

Risk Management for Engineering Resilience

Anthony O'Connell (ThoughtWorks)

How DevOps Should Use DBaaS (Database-as-a-Service) To Optimize Development— There are key benefits to outsourcing security and administration in many cases.

Wendy Dessler

The Role of Domain Driven Architecture and GraphQL in Digital Transformation— Paolo Negri, CTO at Contentful, believes GraphQL can be used for large-scale domain modeling within digital transformation initiatives.

Paolo Negri

🔧 Tools

Homebrew 1.9.0 Released— Homebrew is a very popular package manager for macOS and heavily used by developers. 1.9 introduces beta support for Linux and Windows 10.

Mike McQuaid

Tilt: Local Kubernetes Development with No Stress— Develop your microservices locally using Kubernetes while collaborating with your team.

Windmill Engineering

Replace Manual QA with Automated Visual Testing. Start for Free

Percy sponsor

jinx: A Wrapper for Managing NGINX— jinx is a Bash script to help you manage NGINX sites and configurations in a streamlined way.

Richard Blechinger

Pingdom to Kill Its Free Monitoring Plan in February— We thought we’d highlight this news as Pingdom is a particularly popular site monitoring service.

VentureBeat news

#199 — January 16, 2019

Read on the Web

Web Operations Weekly

HAProxy 1.9 Released with Key Improvements— Due to the holiday season, we missed this significant release of the fantastic load balancing and proxying tool. 1.9 brings end-to-end HTTP/2, buffer and connection management improvements, native HTTP representation, and more.

Daniel Corbett

Amazon Releases DocumentDB, a Document Database with MongoDB Compatibility— AWS has decided to compete with MongoDB’s own Atlas service by offering DocumentDB, a scalable, highly available, and fully managed document database service that supports MongoDB workloads. GeekWire reports on the background to the story.

Amazon Web Services, Inc.

What Is the Real Cost of Downtime?— For ecommerce companies, an outage brings business to a standstill. To illustrate the impact of downtime, Gremlin used online revenue metrics to calculate just how much each second of downtime costs the largest online retailers.

Gremlin sponsor

PagerDuty Releases Its Incident Response Best Practices— A cut down version of PagerDuty’s internal documentation which they use to define the principles and practices around real-time ops support and what to do when operations incidents arise.

PagerDuty, Inc.

Canary Analysis: Lessons Learned and Best Practices from Google and Waze— Waze estimates that ‘canary releases’ (where new releases only go out to a limited subset of users first) can prevent a quarter of all incidents on their services. Google shows how their Spinnaker CD system is used in the process.

Google Cloud Blog

Injecting Chaos to AWS Lambda Functions using Lambda Layers— “how to deploy a small chaos engineering experiment using Lambda Layers to conduct latency injection attacks to Lambda functions.” This is the sort of stuff you need to be thinking about if you want to make your functions truly resilient.

Adrian Hornsby

Principles of Modern Backend Application Development— A look at three principles that guide modern application development: keep it small; design for the developer; and make it networked.

Chris Stetson (NGINX, Inc.)

💻 Jobs

Sr. Fullstack Engineer (Remote)— Sticker Mule is looking for passionate developers to join our remote team. Come help us become the Internet’s best place to shop and work.

Sticker Mule

Find A Job Through Vettery— Vettery specializes in developer roles and is completely free for job seekers.

Vettery

📘 Tutorials

NGINX Mirroring Tips and Tricks— Recent versions of NGINX include the mirror module which lets you create duplicate (‘mirrored’) backend requests from an incoming request.

Alex Dzyoba

How To Use SNS and SQS to Distribute and Throttle Events— SNS distributing events to SQS is a powerful AWS serverless microservice pattern. This post shows how to create subscriptions, add filters, and throttle events.

Jeremy Daly

📈Data-Driven Guide to Engineering Leadership

GitPrime sponsor

An Introduction to Server Timing— Server-Timing is a special HTTP header you can use to surface performance data from specially instrumented backend code.

Charles Vazac

How to Keep Your Infrastructure Keys Safe with Vault— Using Hashicorp Vault to manage access to servers over SSH.

Benoît Gastinne and Erwan Alliaume

9 Kubernetes Security Best Practices Everyone Must Follow

Connor Gilbert

💬 Stories & Opinions

The Slow But Inevitable Shift To 'Cloudy' Infrastructure— The adoption of cloud technologies in the enterprise hasn’t been rapid but the latest stats from IDC show that, finally, the amounts spent on cloud infrastructure have overtaken that spent on traditional datacenter gear.

Timothy Prickett Morgan

How We Carried Out Load Tests for Holiday Season Levels of Traffic— A quick flash back to the holiday season and how a social commerce company prepared for it.

Fitz Nowlan (Curalate)

A DNS Hijacking Wave Is Targeting Companies At An Almost Unprecedented Scale— A clever trick allows attackers to obtain valid TLS certificate for hijacked domains.

Dan Goodin (Ars Technica)

Courts Handing Down Hard Jail Time for DDoS— Last week, two cyberattackers got serious jail sentences - one of ten years.

Krebs on Security

Why is Storage on Kubernetes So Hard?— A key problem is that “persistent storage cannot be bound to the rules of being dynamically created and destroyed.”

Gokhan Simsek

Does an AWS Certification Help with Pay/Finding a Higher Paying Job?— Reddit takes on the topic with responses including yes, no, maybe, and sometimes, although ultimately such certifications certainly don’t hurt.

Reddit

Security Worries Rise as Container Adoption Increases— Over 40 percent of companies have delayed or limited container adoption because of security concerns.

Lawrence Hecht

🔧 Tools

Act: Run Your GitHub Actions Locally— GitHub Actions is a still in-beta service that lets you perform various workflows on your repositories.

Nektos

Building CI/CD Pipelines Using the CircleCI AWS ECR Orb— CircleCI has recently released a new product called orbs which are designed to get you up and running quickly on CircleCI.

CircleCI sponsor

Nginx Office Hours: A Module to Limit When NGINX Works— It’s a little tongue in cheek, of course, but this module that lets you only serve content during office hours is billed as ‘a victory for the server’s labor rights’ 😄

Rubén Beltran del Río

The Big List of Naughty Strings— A list of strings that have a high probability of causing issues when used as user-input data. Try pushing these into your apps and services(!)

Max Woolf

dhcplb: Facebook's DHCP Load Balancer— Not many people need a DHCP relayer, but Facebook use this in production.

Facebook Incubator

#200 — January 23, 2019

Read on the Web

Web Operations Weekly

You're Thinking About Serverless Costs All Wrong— In the past year there have been a few articles warning us that serverless costs can escalate quickly, but Yan Cui thinks a lot of less obvious elements of cost are being ignored and that serverless ultimately presents a good deal compared to the alternatives.

Yan Cui

AWS Backup: Amazon's New Service for Automating Backups— Amazon has unveiled its latest AWS service, Backup. You can create backup plans, policies, and find/restore backups from one central place. It works with things like EBS volumes, DynamoDB, and RDS, and backups up to S3 or Glacier.

Jeff Barr

📈Data-Driven Guide to Engineering Leadership— Ship faster because you know more, not because you're rushing. Get actionable insights from 7 million commits and 85,000+ software engineers, to increase your team's velocity. Free Guide.

GitPrime sponsor

DHS Prepares Emergency Order to Prevent DNS Hijacking— As the US government’s shutdown drags on, the Department of Homeland Security is preparing to issue an emergency directive ordering agencies to secure login credentials for their DNS services. This comes on top of other consequences of the shutdown including TLS certificates not getting renewed for many government Web sites.

Sean Lyngaas (CyberScoop)

Go Now Supported on Google Cloud Functions— Go joins Node and Python as supported languages on Google’s serverless platform and answer to AWS Lambda. Here’s some quick-start docs and a really well produced 3 minute video introduction.

Google Cloud Blog

AWS CodePipeline Now Supports Deploying to Amazon S3

Amazon Web Services, Inc.

European Commission to Revoke British .eu Domains After Brexit— If you’re British or run a British company and own any .eu domains, you might want to get a plan in place ASAP.

Samuel Stolton

Travis CI Acquired by Idera— Idera is notable for acquiring mature technology projects and companies (such as Embarcadero and Sencha).

Konstantin Haase

💻 Jobs

Find A Job Through Vettery— Vettery specializes in developer roles and is completely free for job seekers.

Vettery

Sr. Fullstack Engineer (Remote)— Sticker Mule is looking for passionate developers to join our remote team. Come help us become the Internet’s best place to shop and work.

Sticker Mule

💬 Stories & Opinions

Automated Internet Speedtests for Distributed Networks— How a popular American chicken restaurant (known for running a lot of technology at the ‘edge’ in each of their outlets) chain monitors circuit capacity at over 2,000 locations daily.

Stuart Vassey and Colleen Hutson (Chick-fil-A)

How to Rewrite Your Bedrock Application While Remaining Operational— The story of how Chargify did a code rewrite of a legacy app by splitting their engineering team in two, one group to lead the rewrite, and the other to keep the existing product running..

Michael Klett

Webinar: Introduction to Chaos Engineering with Kolton Andrus

Gremlin sponsor

Caching Beyond RAM: The Case for NVMe— Exploring the possibility of using new storage devices to reduce DRAM dependency for cache workloads.

Alan Kasindorf

'API Gateways' Are Going Through an Identity Crisis— ‘API gateway’ is beginning to pick up a lot of different definitions. What are they, and where do they fit into the bigger picture?

Christian Posta

Collecting Kubernetes Failure Stories— “It should make it easier for people tasked with operations to find outage reports to learn from..” The actual list is here.

Henning Jacobs

Behind the Scenes of the Network that Powered AWS re:Invent 2018— Amazon’s Jeff Barr reveals how Amazon and CenturyLink designed a network that provided 180Gbps of bandwidth at AWS’s re:Invent event last year.

Jeff Barr (AWS)

Why GraphQL is Taking Over APIs

Azat Mardan

🔧 Tools

Ouroboros: Automatically Update Running Docker Containers with Latest Images— Monitors running Docker containers and updates them to the latest (or tagged) image in the registry.

Caleb Lemoine

A Well-Documented Webpack Boilerplate for Static Websites— ..that has all the necessary modern tools and optimizations built-in. It also has a perfect Lighthouse score.

Tristan Michael Lawrence

Headless 🤯 ECommerce with GraphQL as a Service— Manage super rich and beautifully structured product information at scale with the Crystallize headless ecommerce service.

Crystallize sponsor

Quiche: Cloudflare's Implementation of the QUIC Protocol, Built on Rust— Allows Cloudflare (and, perhaps, you) to experiment with the latest features of QUIC more easily.

Alessandro Ghedini (Cloudflare)

#201 — January 30, 2019

Read on the Web

Web Operations Weekly

An NGINX Configuration Generator Tool— Specify domains, paths, if you need PHP or not, cache expiry times, and a ton of other settings to get a full array of config files. Even if you don’t use them all as-is, it could be a handy way to get started.

Bálint Szekeres

HTTP/3: From Root to Tip— A fascinating writeup of the past and present of HTTP/3 and the backstory of how it works on top of the IETF QUIC transport.

The Cloudflare Blog

Engineers Build Business. We Can Prove It— Ship faster because you know more, not because you're rushing. GitPrime aggregates historical git data into easy to understand insights and reports, to help make engineering teams more successful. Debug your development with objective data. Learn more.

GitPrime sponsor

A Hybrid Cloud Approach That Handles 50M Requests a Day— Ryan Averill of FraudGuard, an IP reputation/threat tracking service, shares how their system is structured across both local colocation and AWS.

High Scalability

websocketd: Turn Any Program That Uses stdin/stdout into a WebSocket Server— Like inetd, but for WebSockets, this command line tool wraps existing CLI programs so they can be used over WebSockets.

Joe Walnes

Google Takes Its First Steps Toward Killing the URL— Google is considering ways to “rework how browsers convey what website you’re looking at” which could ultimately make URLs more hidden and behind the scenes.

Lily Hay Newman

💻 Jobs

DevOps Engineer at X-Team (Remote)— Join the most energizing community for developers. Work from anywhere with the world's leading brands.

X-Team

Find A Job Through Vettery— Vettery specializes in developer roles and is completely free for job seekers.

Vettery

📘 Tutorials

Why Are We Getting Streams in Redis?— An overview of the latest data type added to the popular Redis data structure server in its latest version, along with why they were added.

Fernando Doglio

An Incremental Architecture Approach to Building Systems— To avoid overengineering, we should start with a simple architecture and evolve it as needs arise.

Jan Stenberg (InfoQ)

Webinar: Introduction to Chaos Engineering with Kolton Andrus

Gremlin sponsor

Podman: Managing Pods and Containers in A Local Container Runtime

Brent Baude (Red Hat)

NGINX TLS/SSL HTTPS Tuning Tips

Hayden James

What Does a Site Reliability Engineer Do?— Read on to learn how SREs spend time on technical and process-oriented responsibilities and how they do more than operations or system administration teams.

Erik Dietrich

Seven Reliability Questions Engineering Managers Need to Ask Their Teams

Matthew Flaming (New Relic)

💬 Stories & Opinions

Migrating Kafka's Zookeeper With No Downtime— Yelp is a heavy user of Apache Kafka, the distributed streaming platform and Zookeeper is also used to keep things coordinated. Here’s how Yelp manages to switch Zookeeper clusters without Kafka going down.

Toby Cole (Yelp)

Backblaze's 2018 Hard Drive Reliability Stats— Backblaze, an online storage service with over 100,000 magnetic hard drives in deployment, frequently post overviews of the reliability of their drives.

Andy Klein (Backblaze)

How LinkedIn Uses Data to Improve Video Performance

LinkedIn Engineering

4.1% of US Cable Internet Users Exceed 1TB Per Month— The average broadband usage is 269GB per month.

Ars Technica

How Facebook Is Rethinking Data Center Design for Singapore

Facebook Code

▶  Processing Financial Indexes at Scale with a Serverless, Globally Distributed Architecture— A brief 6 minute stack tour in AWS’s latest outing of its This Is My Architecture series.

Bernie Thurston (Ultumus)

🔧 Tools

Alpine 3.9.0 Released— A popular Linux distribution for containers. 3.9 includes support for ARMv7 and a switch from LibreSSL to OpenSSL.

Alpine Linux Dev Team

Video for Serverless: Build Video in Just Two API Calls— Mux Video is an API-first platform, powered by data and designed by video experts to make beautiful video possible for every development team.

Mux sponsor

img2lambda: The AWS Lambda Container Image Converter Tool— img2lambda repackages container images into AWS Lambda layers so they can be used across Lambda functions easily.

Amazon Web Services Labs

ghp: A Simple Web Server for Serving Static 'GitHub Pages' Locally— Aimed at testing before deploying.

Curtis Lusmore

NGINX Announces General Availability of its NGINX API Management Solution— The NGINX Controller API Management Module is a next-generation solution for defining and publishing APIs, managing and securing API traffic, monitoring performance, and analyzing usage.

NGINX, Inc.

#202 — February 6th, 2019

Read on the Web

Web Operations Weekly

AWS Architecture Icons: An Official Icon Set— You can download archives of EPS, PNG and SVG icons (the EPS archive is over 400MB in size!) or play right away on draw.io (as an aside, draw.io is a fantastic browser based diagram editor and worth becoming familiar with).

Amazon Web Services, Inc.

How Many .com Domain Names Are Unused?— “Is there rampant domain speculation, or do I just think of the same names as everyone else? Let’s look at the data…” A nice bit of independent research. Unsurprisingly, it seems the majority of .coms are not actively used.

Christopher Forno

Tutorial: How to Build a Video Live Streaming App— Use Mux's simple, but powerful, video APIs to build live streaming into your application.

Mux sponsor

Saturating 10GbE at 7+ Million HTTP Request/s using ASP.NET Core— The folks working on ASP.NET Core aren’t messing around and are now able to serve 7+ million HTTP requests per second from a single server. Here’s a look at the numbers.

Ben Adams

Helping To Build Cloudflare, a CTO's Tale— For some reason I thought jgc founded Cloudflare, but not so. In this series of six brief blog posts, he shares how he joined the company and how he handles things as CTO.

John Graham-Cumming

What Would a EvE Online Internet Look Like?— I always love this guy’s experiments. If digging into the worlds of BGP, QEMU and running up 8000 VMs at the same time to replicate EvE Online’s game universe in networking form sounds fun to you, dive in.

Ben Cox

▶  Serverless Beyond the 'Hype'— A broad talk that digs into what ‘hype’ there really is around serverless approaches, the lay of the serverless land, and the role Kubernetes has to play in hosting serverless functions without vendor lock-in.

Alex Ellis (VMware)

💻 Jobs

Sr. Fullstack Engineer (Remote)— Sticker Mule is looking for passionate developers to join our remote team. Come help us become the Internet’s best place to shop and work.

Sticker Mule

Try Vettery— Vettery specializes in developer roles and is completely free for job seekers.

Vettery

📘 Tutorials

Running Jenkins Pipelines in AWS Lambda— A look at a AWS Lambda function to run Jenkins pipelines.

Carlos Sanchez

What's The Space Overhead of Base64 Encoding?— It’s become common to base64-encode binaries such as images or fonts so they can be delivered as part of HTML or CSS, but what’s the bandwidth overhead? Turns out that aftering gzipping, it’s not as bad as you might think.

Daniel Lemire

DNS Servers You Should Have Memorized— It’s worth keeping a few DNS servers in mind for testing or when you’re stuck on a weird connection.

Daniel Miessler

Use The Lead Time Metric to Improve Your CI/CD Process— GoCD’s latest CD metrics blog will guide you on how to identify bottlenecks and improve your CI/CD process.

GoCD sponsor

A Tutorial for Writing a systemd Service in Python

Florian Brucker

Building a Hybrid X86–64 and ARM Kubernetes Cluster— An interesting experiment in building a multi-arch cluster.

Carlos Eduardo

Understanding Kubernetes Cluster Autoscaling

Ajay Tripathy

💬 Stories & Opinions

The State of gRPC in The Browser— “With the release of gRPC-Web, gRPC is poised to become a valuable addition in the toolbox of frontend developers.”

Johan Brandhorst

MailChimp's Mandrill Service Experiences Outage Due to Transaction ID Wraparound— This is something you really need to be aware of if using Postgres at scale.

Hacker News

Finding Kafka’s Throughput Limit in Dropbox Infrastructure— Apache Kafka is a popular distributed streaming and queuing system and Dropbox uses it at scale.

Dropbox Tech Blog

📈Data-Driven Guide to Engineering Leadership

GitPrime sponsor

Scaling to Billions of Requests on Top of AWS EKS

Hugo Henley

'We use SQLite mounted on a shared volume in WAL mode'— I’m seriously looking forward to the blog post to come out of this interesting approach for high performance container communication.

Rick Branson on Twitter

Kubernetes as a Surprisingly Affordable Platform for Personal Projects? A Follow-Up

Florent Delannoy

🔧 Tools and Code

Public APIs: A Vast List of Public JSON APIs for Use in Web Dev

Todd Motto

Homebrew 2.0.0 Released— Previously a (very) popular package manager for macOS, Homebrew now officially supports Linux and Windows 10 with Windows Subsystem for Linux.

Mike McQuaid

FireHOL: Linux Firewalling and Traffic Shaping for Humans— It generates iptables-based firewall rules from a really nice config language.

Phil Whineray and Costa Tsaousis

crontab.guru: An Online Cron Schedule Expression Editor

WDT.io

Google Announces Kubernetes Operator for Apache Spark

Andrew Brust (ZDNet)

#203 — February 13, 2019

Read on the Web

Web Operations Weekly

Server Hunter: A Tool to Browse the VPS and Dedicated Server Marketplace— An interesting new site that brings together information on over 10,000 different VPS and dedicated server offerings, all the way down to NAT-only VPSes at pennies per month.

Server Hunter

Overcoming RESTlessness— Have you, too, sensed a slight anti-REST sentiment out there? Newer protocols like GraphQL, gRPC and Kafka are chipping away at common REST use cases, but rather than just replacing REST, Matt McLarty argues we should evolve by building on top of REST’s mature ecosystem.

Matt McLarty

The Chaos Monkey Guide for Engineers: Tips, Tutorials & Training— This guide is a full how-to for Chaos Monkey, including what it is, its pros and cons, and how it relates to Chaos Engineering broadly. It includes tutorials for getting started along with tips and guides for those looking to go beyond the basics.

Gremlin sponsor

Make Your Site’s Pages 'Instant' in 1 Minute— This is a neat little project, and surprisingly simple. Include a small piece of JavaScript on your page to add just-in-time prefetching of links on your site when people hover over where they intend to go next. The Hacker News discussion this project provoked is also quite interesting.

Alexandre Dieulot

AresDB: Uber’s Go and GPU-Powered Real-Time Analytics Engine— Uber has built a pretty significant project using Go and CUDA which uses GPUs to enable real-time computation and data processing in parallel. GitHub repo.

Jian Shen, Ze Wang, David Wang, Jeremy Shi, and Steven Chen

Develop and Test AWS Step Functions Workflows Locally— You can now use a local version of AWS Step Functions (called AWS Step Functions Local) to develop/test your workflows - it’s available as a JAR package or a Docker image.

Amazon Web Services

Facebook Expands Support for Let’s Encrypt— The world’s leading certificate authority has just got a serious 3 year sponsorship commitment from Facebook who note 38% of HTTPS domains they observe use Let’s Encrypt.

Let's Encrypt

💻 Jobs

DevOps Engineer at X-Team (Remote)— Join the most energizing community for developers. Work from anywhere with the world's leading brands.

X-Team

Try Vettery— Vettery specializes in developer roles and is completely free for job seekers.

Vettery

📘 Tutorials

Principled GraphQL: Ten Principles for GraphQL Use— Inspired by the Twelve Factor App, Apollo lays out ten principles for building better GraphQL-oriented systems.

Apollo

Dissecting Kubernetes: An Intro to Its Main Components— A 46 minute talk complete with a handy diagram and demos.

Joshua Sheppard

Share Your Whole Stack with Your Team, on Any Cloud, with One Workflow 🤯

Manifold sponsor

Bandwidth or Latency? When to Optimise for Which— A simple way to quickly and roughly work out whether your assets would benefit most from an increase in bandwidth or a reduction in latency.

Harry Roberts

Understanding API-Based Platforms: A Guide For Product Managers

Smashing Magazine

Tips for Running Free Dynos on Heroku in 2019— The somewhat convoluted rules around running stuff for free on Heroku. The short answer is free Heroku is for side projects and non-production environments.

Adam McCrea

💬 Stories & Opinions

Building Stable Systems with Load-Test Driven Development— Developers at one of the world’s biggest food ordering services show off how they use ‘load-test driven development’ while building their systems from a performance-first standpoint.

Just Eat

Using Docker and Kubernetes in High Security Environments

Christian Abdelmassih

Correlate Request Traces, Infrastructure Metrics, and Logs. Try Datadog Free

Datadog sponsor

New Relic, SignifAI and the Shifting View of Monitoring Technologies— Monitoring tool providers are integrating machine intelligence and AI into their services to better inform devops folks and SREs about the state of their systems.

Alex Williams

How PagerDuty Developed Its Postmortem Best Practices— We linked to PagerDuty’s recently opened incident response documents a few issues ago, but now you can learn just how they came up with them.

Rachael Byrne

▶  Discussing Making WordPress Faster with Patrick Meenan— A chat with Patrick Meenan of Cloudflare and founder of WebPageTest.org about making WordPress faster and technologies Cloudflare has been working on to help.

Webmaster Radio

#204 — February 20, 2019

Read on the Web

Web Operations Weekly

Google Rolls Out Its .dev TLD to the Public, But Check It Doesn't Break Your Internal Domains..— Used internally for a little while (such as with V8.dev), Google is now allowing the public to register their own .dev domain names. There are stiff ‘early access’ fees till February 28, though. Even if you don’t want one of these domain names, it’s worth checking your own internal ‘.dev’ names don’t conflict, as .dev is on Chrome’s preloaded HSTS list.

Google

Engineers Want Speed And Efficiency. We Provide Both— Semaphore 2.0 is the fastest CI/CD tool you've ever used, it supports highly customizable, powerful pipelines and offers a pricing model that allows you to pay only for what you use. Sign up free with GitHub and give it a run-through.

Semaphore 2.0 sponsor

Cloud Programming Simplified: A Berkeley View on Serverless Computing— Why is serverless the future of cloud computing? This paper, attempting to answer that question, (direct link to PDF) digs into the history, present and future of serverless computing and comes ten years after a similar paper from some of the same authors that ultimately defined what cloud computing was.

Jonas, Schleier-Smith, Sreekanti, et al.

A Quick Reference Guide for Nginx— Thorough notes covering Nginx best practices and security hardening techniques. It’s not an official guide but cuts right to the chase — following these practices will make your Nginx deployments better.

Trimstray and Contributors

Why Google Needed a Graph Serving System— The founder of Dgraph Labs, the graph database company, explains his earlier work at Google and how Google would improve their search systems using graph technology.

Manish Rai Jain (Dgraph Labs)

Awesome Self-Hosted: A Curated List of Self Hostable Services— In the spirit of the other “awesome” curated lists on GitHub, this one lists almost 900 different tools and services you can host for yourself, covering areas like Web analytics and MTAs to forums and video streaming services.

Contributors

💻 Jobs

Sr. Fullstack Engineer (Remote)— Sticker Mule is looking for passionate developers to join our remote team. Come help us become the Internet’s best place to shop and work.

Sticker Mule

Find A Job Through Vettery— Vettery specializes in developer roles and is completely free for job seekers.

Vettery

📘 Tutorials

An Evolving How-To Guide for Securing a Linux Server— There’s a lot to chew on here, but it covers the basic ground comprehensively, including sudo, firewalls, and securing sshd.

The Nacho Man

Tutorial: Chaos Engineering with Redis— Learn how to run Chaos Engineering experiments on Redis in this tutorial.

Gremlin sponsor

Understanding Database Sharding— Goes over what sharding is, some of its main benefits and drawbacks, and also a few common sharding approaches.

Mark Drake

Consider gRPC for Mobile APIs— gRPC is a popular and open RPC framework. This article looks at how it thrives in an Android development environment.

Skip Hovsmith

▶  Securing Container Workloads on AWS Fargate

Theo Salvo

💬 Stories & Opinions

Executing a Sunset— Sometimes life happens and you just have to shut down a product that still has users. Here’s how Etsy went about it in three cases.

Rachana Kumar

Incrementally Migrating 1M+ Lines of Code from Python 2 to Python 3— This isn’t a job you’re going to envy, but Dropbox had to do it with their popular desktop client.

Cary Yang (Dropbox)

📈Data-Driven Guide to Engineering Leadership

GitPrime sponsor

Python Packaging: How We Manage It at JobTeaser— They push packages of their own internal software to an EC2-hosted PyPI server.

Clement Demonchy

▶  Bringing Magic To Microservice Architecture Development— A talk on the issues developers run into when developing distributed, Kubernetes-native systems as opposed the ‘old way’ of doing things.

Ellen Körbes

💬 Code & Tools

The Periodic Table of Amazon Web Services, 2019 Edition— This is a pretty epic production and would make for a great wall poster.

Jerry Hargrove

deploy-to-kube: Deploy a Node.js App on Kubernetes with a Single Command— Supports any Kubernetes cluster whether self hosted or on Google, Amazon, Digital Ocean, etc. Or even KubeSail’s free environment.

KubeSail

Kuberhealthy: Easy Synthetic Testing for Kubernetes Clusters

Comcast

AWS CloudFormation Template to Deploy a Kubernetes Cluster using Amazon EKS

Amazon Web Services

Inlets: Expose Your Local Endpoints to the Internet— Combines a reverse proxy and WebSocket tunnels to expose your internal or development endpoints to the public Internet via an exit node.

Alex Ellis

A Sample Cloud-Native Application with 10 Microservices Showcasing Kubernetes, Istio, gRPC and OpenCensus— While they claim it’s not an “official” Google project, it’s always reassuring to see a big name stamped on examples like this.

Google Cloud Platform

#205 — February 27, 2019

Read on the Web

Web Operations Weekly

Top Ten Most Popular Docker Images Each Contain 30+ Vulnerabilities— Snyk, the security analysis folks, have been scanning Docker images en masse and discovered that many suffer from known vulnerabilities. Enjoy the whole report here, but the good news is upgrading base images will resolve most of the problems.

Lirin Tal

Massively Parallel Web Perf Testing on a Budget— This post goes into great detail about a specific use case where thousands of pages need to be tested quickly, why a serverless approach was chosen, and just how quick the end result is. (Psst.. we have a serverless newsletter if you like stuff like this.)

Stuart Sandine

Designing a Package Manager from the Ground Up - CircleCI Orbs— CircleCI recently launched a package manager just for CI: CircleCI orbs. If you're using orbs today and want to understand how to get the most from them, or if you're thinking about designing your own package management system, this post is for you.

CircleCI sponsor

k3s: Lightweight Kubernetes— From the folks behind RancherOS comes an interesting alternative build of Kubernetes that’ll work all the way down to a Raspberry Pi.

Rancher Labs

How to Roll a Super Cheap Kubernetes Cluster on AWS with kubeadm— Some bash and Terraform-based scripts that provision what the author believes is the ‘cheapest possible Kubernetes cluster’ on AWS. At a few bucks a month, I believe it.

Sam Weston

NGINX 1.15.9: Adds Dynamic Certificate Loading Support— This sounds like a minor release but support for variables in ssl_certificate and ssl_certificate_key directives could be of huge interest to you if you want to build paths to certificates dynamically.

NGINX

💻 Jobs

Front End Developer✌️ in Beautiful Norway🎉— Passion for React and GraphQL? Want to move to Norway?

Crystallize

Find a Job Through Vettery— Vettery specializes in developer roles and is completely free for job seekers. Create a profile to get started.

Vettery

💬 Stories & Opinions

A Rough Guide to Terraform at SendGrid— A thorough write up of how SendGrid (the folks we send our newsletters through) uses Terraform at scale for provisioning and managing most of its infrastructure.

Steven Bogacz

How Datto is Issuing Let’s Encrypt Certificates for 65,000 Servers

Philipp Heckel

Multi-CDN Strategy for Improved Performance and Reliability— If you want to deliver an optimal video viewing experience, you may need an advanced CDN strategy such as introducing additional CDNs and performing dynamic CDN-selection.

Mux sponsor

▶  Audi Builds a Microservices Dashboard with NGINX Plus as an API Gateway on AWS

Timo Stark

Serverless Needs a Bolder, Stateful Vision— The programming model for serverless is still mainly limited to stateless functions — the so-called Function-as-a-Service (FaaS) model — which limits the range of use-cases supported.

Jonas Bonér

AWS API Performance Comparison: Serverless vs. Containers vs. API Gateway— Compares the performance of three different architectures running the same HTTP endpoint.

Alex DeBrie

Cloud Irregular: IAM Is The Real Cloud Lock-In— “Forget Lambda and serverless: if you are doing anything at all in AWS besides using it as a fantastically overpriced datacenter, I pretty much guarantee you are deeply locked into IAM.”

Forrest Brazeal

Highly Available MySQL Clustering at WePay Using Orchestrator, Consul and HAProxy— WePay’s engineering team talks about their new highly available MySQL cluster built with HAProxy, Consul and Orchestrator. It improves upon their previous architecture by reducing any downtime from 30 minutes to 40-60 seconds.

InfoQ

Redis Turns 10: How It Started with a Single Post on Hacker News— The popular data structure server is a huge infrastructure favorite of mine for queues, message buses, and more.

Dave Nielsen (RedisLabs)

🛠 Code & Tools

Amazon Personalize: Real-Time Personalization and Recommendation— A machine learning service that makes it easy for developers to create individualized recommendations for customers. Based on the tech Amazon itself uses.

Amazon Web Services

NetworKit: A Toolkit for Large-Scale Network Analysis from Python

Christian Staudt and Henning Meyerhenke

Pingu: A Slack Notifier for Long-Running Processes— A simple shell-based way to send a message on Slack when a process finishes.

Chris Rehn

#206 — March 6, 2019

Read on the Web

Web Operations Weekly

We Analyzed 13 Billion Log Entries, Here's What We Learned— Kinsta is a premium WordPress host. They analyzed 13 billion log entries and share some results here. Desktop and mobile users are almost equal in number, Chrome leads the desktop browser race, Safari on mobile, and.. well, a lot more.

Brian Jackson (Kinsta)

How Is Software Developed at Amazon?— “Scaling is by mitosis. Teams split apart into smaller teams that completely own a service. EC2 started as one two pizza team.”

High Scalability

Ten Steps for Securing Your Web Applications— “Security is hard.” This post helps you handle both intended and unintended functionality. Make it a checklist for your apps.

Joe Kunter (Heroku)

Introducing Gremlin Free— Like a hosted Chaos Monkey as-a-Service, Gremlin Free helps you identify system weaknesses before they become outages. You can use Gremlin Free to randomly shut down servers and simulate CPU spikes on your way to building more reliable software.

Gremlin sponsor

The Challenging Migration from Heroku to Google Kubernetes Engine— The simplicity of Heroku made it easy for this team to get a prototype into production but as things took off, they wanted to adopt a Kubernetes-based approach. Here’s their story.

Adrien Joly (Algolia)

Linux 5.0: A Major Milestone with Minor Improvements— Linus Torvalds is frank about what this release really means: "‘5.0’ doesn’t mean anything more than that the 4.x numbers started getting big enough that I ran out of fingers and toes."

Steven J. Vaughan-Nichols (ZDNet)

💻 Jobs

DevOps Engineer at X-Team (Remote)— Join the most energizing community for developers. Work from anywhere with the world's leading brands.

X-Team

Find A Job Through Vettery— Vettery specializes in dev roles and is completely free for job seekers.

Vettery

📖 Stories

Rewriting an API Gateway Service from Clojure to Go— Moving to Go gave AppsFlyer a statically typed language, improved performance, and a more stable solution.

AppsFlyer

Deconstructing Shopify's Monolith— Shopify has one of the largest Ruby on Rails codebases in existence and its system was, for years, a huge monolith. This post looks at the limits they ran into and why and how they migrated to a microservices-based approach.

Kirsten Westeinde (Shopify)

Stopping Drupal’s SA-CORE-2019-003 Vulnerability— Drupal, the PHP-based CMS, discovered a severe vulnerability and released a patch. This post shows how Cloudflare analyzed that patch and created rules in their WAF to protect users automatically. Clever.

Richard Sommerville (Cloudflare)

How Cloudflare Built 'Firewall Rules'— A new feature that lets users construct expressions that perform complex matching against HTTP requests to choose how that traffic is handled.

David Kitchen (Cloudflare)

Go Down The Rabbit Hole— The tale of debugging a proxy that worked perfectly over the public internet, but failed inside an Amazon VPC.

Tim Baker (Deliveroo)

A Programming Language that Helped Shape the Digital New York Times— Intriguingly, the New York Times had its own non-public, internal programming language that powered its Web site for almost 20 years.

Brian Hamman

"So Lyft is paying $8M/mo to AWS.."— An interesting Twitter thread about how while giving AWS a lot of money feels unwise at scale, building a datacenter can be a worse proposition.

Hemant Mohapatra on Twitter

Is A Shared Database for Microservices an Anti-Pattern?

Roman Krivtsov

📘 Tutorials

Cache-Control for Civilians— An accessible look at what HTTP's Cache-Control header can do when it comes to controlling how your assets are cached.

Harry Roberts

Building Serverless Apps with Components from the AWS Serverless Application Repository— The AWS Serverless Application Repository contains open-source, serverless components that are searchable and deployable with customizable parameters and predefined licensing.

Aleksandar Simovic

Use The Lead Time Metric to Improve Your CI/CD Process— GoCD’s latest CD metrics blog will guide you on how to identify bottlenecks and improve your CI/CD process.

GoCD sponsor

How Rootless Buildah Works: Building Containers in Unprivileged Environments— Buildah is a tool and library for building Open Container Initiative (OCI) container images.

Daniel J Walsh (Red Hat)

5 Ways to Deploy to AWS Lambda Using Command-Line Tools— Brief summaries of systems you can use to make your lambda deployments more structured, including Stackery, AWS SAM, and the Serverless Framework.

Ran Ribenzaft

🛠 Code & Tools

ValuStor: A memcached Alternative Built on Scylla— Scylla itself is a highly scalable, distributed low-latency database (based on Apache Cassandra’s design) and ValuStor is an open source memcached alternative built on top of it and brings several interesting features to the party.

Peter Corless

Automated Visual Testing for Web Apps. Start for Free

Percy sponsor

OperatorHub.io: A Registry for Kubernetes Operators

The Operator Framework

tor_ssh.sh: A Quick Way to Enable SSH Access via Tor

Nick Busey

CDS: An 'Enterprise-Grade' Continuous Delivery Service— Build workflows (via a Web-based UI or CLI), run them, analyze logs, and more.

OVH

Kosko: Write Kubernetes Manifests in JavaScript

Tommy Chen

#207 — March 13, 2019

Read on the Web

Web Operations Weekly

The ACME Protocol Becomes an IETF Standard— 19 years after HTTP over TLS (i.e. HTTPS) was finalized as RFC 2818, the Automatic Certificate Management Environment (ACME) protocol, as used by Let’s Encrypt, has become an IETF standard with RFC 8555.

Let's Encrypt

NGINX Inc. To Be Acquired by F5— The creators of the popular NGINX HTTP server are being acquired for a cool $670 million. The project remains as-is though as NGINX, Inc. is focused on providing services around the project. Who’s F5, you say? Well..

NGINX, Inc.

How We Improved Tenserflow Serving Performance by Over 70%— Read about how Mux tuned the performance of Tensorflow Serving and learn how to build a low latency prediction pipeline.

Mux sponsor

GoDaddy, Apple, and Google Misissue 1 Million+ Certificates— A misconfiguration in the certificate generational tool some browser-trusted authorities use led to 63-bit serial numbers being used rather than 64-bit. This isn’t a major, exploitable security issue but will still result in mass revocations. There’s an interesting discussion thread about the issue too.

Dan Goodin

Cloudflare Raises $150M— In just several years, Cloudflare have become one of the most prominent companies in the Web infrastructure space with their CDN, WAF, and DDoS protection services.

Cloudflare

30 Years Ago The World Changed Forever. The Web is 30!— In March 1989, while at CERN, Sir Tim Berners-Lee wrote “Information Management: A Proposal” outlining the World Wide Web.

Coralie Mercier (W3C)

💻 Jobs

Senior Web Developer at Dr. Bill (Remote OK)— Dr. Bill helps Canadian doctors save time by streamlining their billing. Help lead our team into the next phase of growth.

Dr. Bill

Find A Job Through Vettery— Vettery specializes in dev roles and is completely free for job seekers.

Vettery

📘 Tutorials

How a Monolith Architecture Can Be Transformed into Serverless— A lot of tutorials focus on building serverless apps from scratch, but what about the more realistic case of slotting serverless approaches into existing, monolithic apps?

Kyle Galbraith

▶  Five Things About Azure Functions— A fun 4 minute video with the senior PM of Azure Functions covering five reasons to check out Azure’s serverless platform.

John Papa and Jeff Hollan

📈Data-Driven Guide to Engineering Leadership— Get actionable insights from 7 million commits and 85,000+ engineers, to increase your software teams velocity. Free Guide.

GitPrime sponsor

▶  Creating a Simple, Automated Container Deployment Pipeline

Sysadmin Casts

Building a Live Data Visualization in 4 Days Using Redis Pub/Sub— How Heap used its Kafka infrastructure and Redis’s pub/sub features to make a lightweight event bus.

Heap

Hosting Your Own Analytics with Fathom

Karolis Narkevičius

Sending Funny GIFs using Amazon's IoT Button and AWS Lambda— One of those fun projects.

rav3n

📖 Stories

The Lost Worlds of Telnet— Amazingly there are still Telnet-specific services still ready for you to access.

David Cassel

Rebuilding My Personal Infrastructure With Alpine Linux and Docker— A former Docker skeptic explains what was involved in rebuilding his stack.

Wesley Moore

gRPC to AWS Lambda: Is it Possible?— Coinbase has been experimenting with using AWS Lambda with gRPC as part of its drive towards a more service-oriented architecture. Is it even possible? Only ‘sort of’..

Paul Henry (Coinbase)

Managing Uber's Data Workflows at Scale— A look at Uber’s journey toward a unified, multi-tenant, and scalable data workflow management system.

Alex Kira

How Grab Simplified Its Data Ingestion and Transformation Process— Replacing Spark streaming with their own Go-powered pipeline yielded big improvements for the Asian transportation platform.

Grab Tech

🛠 Code & Tools

ZEIT Adds First-Class Support for Deploying Serverless Rust Functions— Complete with an example you can build and deploy yourself.

ZEIT

AWS Unveils a New, 'Open' Distribution of Elasticsearch— Elasticsearch is a popular document-oriented search and analytics engine/database and AWS is offering a new, purely open source distribution of it after concerns regarding recent additions of more proprietary features to the main project.

Jeff Barr

Shop Like a Developer – Discover and Experiment with Hot New Cloud Services 🔥

Manifold sponsor

CDNPerf: CDN Performance and Uptime Monitoring, Comparison and Analytics— A way to find the fastest CDN provider in the world or just your country.

ProspectOne

Radicle: A Decentralized Code Collaboration System Built on git and IPFS

Monadic GmbH

Introducing Kraken, an Open Source Peer-to-Peer Docker Registry

Cody Gibb, Evelyn Liu, and Yiran Wang (Uber)

Krontab: A Crontab-Like Editor for Kubernetes Cron Jobs

Jacob Tomlinson

#208 — March 20, 2019

Read on the Web

Web Operations Weekly

CDNs Collaborate to Prevent Request Loops Using CDN-Loop— Cloudflare, Fastly and Akamai have collaborated to build a new mechanism to protect against request ‘loops’ where requests get caught in a costly loop of proxies. Here’s a full explanation of the problem and how they’re solving it.

Alex Davidson (Cloudflare)

Who Has The Fastest Website in Formula 1?— Comparing the performance of 10 recently updated Formula One motor racing sites and seeing what common issues exist. Jake also goes through the tools and techniques used for testing.

Jake Archibald

How Under Armour Prepares for Peak Holiday Traffic— Under Armour's engineers use Chaos Engineering to build confidence that their systems will deliver a consistent customer experience during usage spikes.

Gremlin sponsor

The AWS EC2 Windows Secret Sauce— Some interesting digging around behind the scenes to try and figure out how AWS EC2 can provision Windows instances so quickly.

Maish Saidel-Keesing

Common Misconceptions About IPv6 Security— An attempt to “set the record straight for several of the most common misconceptions about IPv6 security.”

David Holder (APNIC)

Pi in The Sky: Calculating a Record-Breaking 31.4 Trillion Digits of Archimedes’ Constant on Google Cloud— Google have gained a Guinness World Record with this effort that took 2,795 node days of computation time and 17 PB of disk IO. As an interesting aside, Corey Quinn calculates it would have cost about $226k on GCP versus $180K on AWS.

Google Cloud Blog

💻 Jobs

Sr. Fullstack Engineer (Remote)— Sticker Mule is looking for passionate developers to join our remote team. Come help us become the Internet’s best place to shop and work.

Sticker Mule

Find A Job Through Vettery— Vettery specializes in dev roles and is completely free for job seekers.

Vettery

📖 Stories

How On-Demand Pricing Slashed an AWS DynamoDB Bill by 90%— A look at how a company using DynamoDB for all their app’s database needs saved big using the new on-demand pricing model.

Ashwin Bhat

New Microsoft Azure Elastic Agent Plugin for GoCD— Run your CI/CD pipelines on Azure virtual machines. Let GoCD scale up on-demand agents based on your needs.

GoCD sponsor

IPv6 Unmasking via UPnP— Exploring "a technique that relies on UPnP NOTIFY packets to uncover pairs of IPv4 and IPv6 addresses of dual-homed hosts."

Joe Marshall

Basecamp's Outage: When It Rains, It Pours— David Heinemeier Hansson, the creator of Ruby on Rails and CTO of Basecamp, shares how they’re ceasing major product development to focus on infrastructure and operations. In the comments, DHH notes they will be moving from Google Cloud Storage to AWS S3 as part of this.

Signal v. Noise

How Airbnb Simplified the Kubernetes Workflow for 1000+ Engineers

Manuel Pais

📘 Tutorials

Vertically Scaling PostgreSQL— The Postgres database is receptive to making use of extra CPU, memory and disk resources but some config tweaks are necessary. P.S. If you’re a Postgres user, check out our Postgres newsletter.

RapidLoop

How to Create a Scalable Image Processing Service on AWS Lambda and API Gateway in 10 Minutes— One of those thorough, step by step tutorials for you to follow along with. You’ll need to follow fast for it to be 10 minutes though.

Rainer Selvet

Building A Serverless Site From Scratch using S3, API Gateway, AWS Lambda, Go and Terraform

Roger Welin

Lightning Fast Headless Ecommerce with GraphQL✌PIM & Subscription Commerce🎉

Crystallize sponsor

7 Things You Should Know When Getting Started with Serverless APIs— VS Code, JavaScript and Azure-oriented answers to some of the earliest questions you might have about building simple serverless APIs. For beginners, but it’s good.

Simona Cotin

10 Tips for Building and Managing Containers

Anita Buehrle

Building a Python-Powered Data Pipeline with AWS S3, Lambda and DynamoDB

Yi Ai

#209 — March 27, 2019

Read on the Web

Web Operations Weekly

Why Fastly Loves QUIC and HTTP/3— QUIC (Quick UDP Internet Connections), originally prototyped at Google, is being standardized at the IETF and forms the heart of the next version of HTTP (HTTP/3). But despite all the upsides, there are downsides too.

Jana Iyengar (Fastly)

The Journey to 90%(ish) Serverless at Comic Relief— This case study looks at how a major British fundraising movement moved from a containerized, EC2-based approach to an almost fully serverless approach. A great case study of approaching using serverless in a high throughput, high profile scenario.

Adam Clark

Build & Deploy Serverless Apps on a Global Cloud Network— Learn how to start writing serverless APIs in JavaScript, and reserve a custom subdomain for your next project.

Cloudflare Workers sponsor

The Anatomy of an AWS Key Leak to a Public Code Repository— It's in every developer’s top 10 worst nightmares: you’ve accidentally committed a critical access token into a publicly visible repo. What happens next? Here’s one story.

Maish Saidel-Keesing

Kubernetes 1.14 Released— Persistent local volumes are now GA and there’s now production level support for Windows-powered nodes. Doug Tidwell of Red Hat has an easier to read What You Need to Know guide to the release.

Kubernetes Release Team

Authorization at LinkedIn’s Scale— With over 700 microservices in play at LinkedIn, they have to think seriously about authorization. Here’s their approach.

LinkedIn Engineering

💻 Jobs

Lead DevOps Engineer - CI/CD— You'll be leading the Delivery Platform team's technical vision and creating the best platform for all Heetch engineers.

Heetch

Find A Job Through Vettery— Vettery specializes in dev roles and is completely free for job seekers.

Vettery

📖 Stories

Bug Bounties and Black Swans: How Heroku Expects the Unexpectable— A brief story about how a bug bounty researcher helped Heroku detect and implementation a mitigation for a security vulnerability in Postgres even before a patch was released.

Heroku

Using Machine Learning to Ensure the Capacity Safety of Individual Microservices— How Uber has used machine learning to power operational metric forecasting and API-driven load generation to conduct adaptive, automated capacity safety tests for its microservices.

Ranjib Dey

How to Build a Serverless Video Live Streaming App— Use Mux's simple, but powerful, video APIs to build live streaming into your application.

Mux sponsor

Scaling LaunchDarkly From 4 to 200 Billion Feature Flags Daily— LaunchDarkly is a feature management service for third parties to adopt feature flags in their own apps. Here’s a look at some of the tools they use in their stack.

StackShare

▶  The Certainties About Your Job as a Site Reliability Engineer— A 30 minute chat with Steve Herrod about what SRE’s are and how the role is changing.

The New Stack

Is ‘AWS vs Kubernetes’ The New ‘Windows vs Linux’?

Ian Miell

Intel Gets Ready to Go Live with Servers with 12TB Optane?— Some dot joining leads Chris Mellor to speculate Intel will soon announce some seriously beefy 4 socket, 112 core server options supporting up to 12TB of Optane memory.

Chris Mellor

Was MongoDB Ever the Right Choice?

Justin Etheredge

📘 Tutorials

10 Docker Image Security Best Practices— A pretty good roundup of tips.

Liran Tal

How to Build Your Own CDN with Kubernetes— This tutorial is firmly in the “Interesting, but..” camp. You might pick up some useful ideas for distributing a stateless app geographically, though, but I’d leave running an actual CDN to, well, a CDN provider.

Ilhaan Rasheed

📈Data-Driven Guide to Engineering Leadership

GitPrime sponsor

Enriching Event-Driven Architectures with AWS Event Fork Pipelines— AWS Event Fork Pipelines is a serverless design pattern on top of SNS, SQS and Lambda for building scalable, highly available event-driven systems of your own.

Otavio Ferreira

So You Want Your Site to Work in China…?— It’s not just as simple as not annoying the Chinese government.

David Chanin

🛠 Code & Tools

NGINX 1.15.10 Released— Introduces support for port ranges in `listen directives and the loading of SSL certificates and secret keys from variables.

NGINX on Twitter

.NET Core Container Images Now Published to Microsoft Container Registry— The goal is for Microsoft’s container registry to be the canonical source of Microsoft-related container images which are then syndicated out to other places like Docker Hub.

.NET Blog

k3d: A Fast Kubernetes Dev Environment— Fast to start and with a minimal footprint, all organized around a clean, simple CLI tool.

Rishabh Gupta

Endlessh: An SSH Tarpit— Uses a quirk of the SSH protocol to waste attackers’ time. I ran this on a bare Linode VPS for fun and it caught a lot of malicious clients for 10 minutes at a time. The next level up is something like Cowrie which pretends to be a full on legitimate server.

Chris Wellons

#210 — April 3, 2019

Read on the Web

Web Operations Weekly

Distributed Application Architecture for Edge-Based Service Delivery— This feels like one of those things that seems a lot way away now but might become a key part of how we build and deploy apps in future. The European Telecommunications Standards Institute (ETSI) has created a working group around “Multiaccess Edge Computing” (MEC) and released this white paper on the concept. Is “edge” the next buzzword in web service delivery?

Sagar Nangare

PDF:  An Overview of AWS Lambda Security— AWS has released a whitepaper that looks at its Lambda serverless platform ‘through a security lens’ and is aimed at CIOs and analysts. It’s pretty high level but provides a good overview and reassures that Lambda is compliant with all of the most significant security standards (e.g. PCI DSS, HIPAA).

Amazon Web Services

20 Patterns to Watch for in Engineering Teams— GitPrime's new book draws together some of the most common software team dynamics, observed in working with hundreds of enterprise engineering organizations. Actionable insights to help you debug your development process with data. Get Your Copy.

GitPrime sponsor

Serverless DNS Over HTTPS (DoH) at the Edge— This is quite platform specific (it uses StackPath’s EdgeEngine which lets you execute serverless functions at edge locations) but it’s a neat walkthrough of something not usually done serverlessly. In related news, Mozilla are pushing ahead with rolling out DNS over HTTPS support in Firefox.

Chad Retz (StackPath)

Amazon Fulfillment Now Entirely Migrated Away from Oracle to AWS— This follows a rather lengthy period of drama between the two tech giants. What’s Amazon using now? AWS Aurora Postgres and DynamoDB.

The Register

Chef Goes Fully Open Source, Ish..— Automation tool vendor Chef is going 100% Apache 2.0 licensed, moving away from its previous “open core” model. The FAQs outline the situation.

Barry Crist (Chef)

💻 Jobs

Site Reliability Engineer @ Ably (UK Remote or London)— Join the team behind a global fault-tolerant serverless data stream platform and automate our Internet-scale infrastructure with code.

Ably Realtime

Find A Job Through Vettery— Vettery specializes in dev roles and is completely free for job seekers.

Vettery

📖 Stories

Implementing API Billing with Stripe— This goes into more detail than you might expect.

Kwindla (Daily)

How Twitch Addresses Scalability and Authentication— Curious how Twitch addresses scalability and performance challenges related to authentication? This is a very basic look.

Eugene Pivovarov

What Is Chaos Engineering? SREs Define the Practice & Where It's Going

Gremlin sponsor

DevOps is an Evolving Culture, Not a Team— An interesting critique of the current state of “devops” and what it really means.

Kyle Galbraith

PHP 8 To Add a JIT— "To introduce a JIT is to introduce considerable complexity." So it's going to take a while..

Joe Watkins

🛠 Code & Tools

docker-image-size-limit: A Tool to Keep Tabs on Your Docker Image Size— There’s also a basic introductory blog post.

wemake

h2t: HTTP Hardening Tool— A tool that scans a Web site and suggests HTTP security headers to apply.

Gildásio Júnior

Deploy Your Favorite Dev Tools with 1-Click Apps on DigitalOcean— Improve devops workflows and self-host Docker, Grafana, GitLab, OpenFaaS and more in just one click.

DigitalOcean sponsor

Considering Tools for REST API Monitoring in 2019

SLAO Developers Team

TXEH: A Go(lang) Library and CLU Utility for /etc/hosts Management

txn2

FastAPI: A High Performance Framework for Building Web APIs with Python 3.6+

Sebastián Ramírez

graphql-rest-proxy: Turn Your REST APIs into GraphQL— Certainly an interesting idea. The proxy/server is Express based (Node.js) under the hood so it’s easy to tinker with.

Kay Gosho

awesome-actions: A Curated List of Awesome Actions to Use on GitHub

Sarah Drasner