Anatomy of Unsuccessful Incident Management
- Confusion about Processhttps://blog.kintaba.com/posts/anatomy-of-unsuccessful-incident-management
- Panic and Thrash
- Lack of Awareness
- Blame
- Uncoordinated & Conflicting Response
- Confusion over Ownership
- Repeat Problems
How GitOps Improves the Security of Your Development Pipelines
1. Config as Codehttps://www.weave.works/blog/how-gitops-improves-security-development-pipelines
2. Changes are auditable
3. Production matches the desired state kept in Git
DataHub: Popular metadata architectures explained
https://engineering.linkedin.com/blog/2020/datahub-popular-metadata-architectures-explained
https://engineering.linkedin.com/blog/2020/datahub-popular-metadata-architectures-explained
docker-mailserver
A fullstack but simple mail server (SMTP, IMAP, Antispam, Antivirus...). Only configuration files, no SQL database. Keep it simple and versioned. Easy to deploy and upgrade.https://github.com/tomav/docker-mailserver
Evolving Container Security With Linux User Namespaces
https://netflixtechblog.com/evolving-container-security-with-linux-user-namespaces-afbe3308c082
https://netflixtechblog.com/evolving-container-security-with-linux-user-namespaces-afbe3308c082
k8spin-operator
Kubernetes multi-tenant operator. Enables multi-tenant capabilities in your Kubernetes Cluster.https://github.com/k8spin/k8spin-operator
How to sell SLOs to Engineering Directors
https://medium.com/brexeng/how-to-sell-slos-to-engineering-directors-9c6379c3f246
https://medium.com/brexeng/how-to-sell-slos-to-engineering-directors-9c6379c3f246
dog
dog is a command-line DNS client, like dig. It has colourful output, understands normal command-line argument syntax, supports the DNS-over-TLS and DNS-over-HTTPS protocols, and can emit JSON.https://github.com/ogham/dog
tobs
Tobs is a tool that aims to make it as easy as possible to install a full observability stack into a Kubernetes cluster.https://github.com/timescale/tobs
Operable Software
In this post, I'll cover views on simplicity and complexity, how people actually approach their systems and form mental models of them, and how we should rather structure things if we want to make systems both observable and operable.
https://ferd.ca/operable-software.htmlForbidden lore: hacking DNS routing for k8s
https://wgtwo.com/blog/forbidden-lore-hacking-dns-routing-for-k8s
https://wgtwo.com/blog/forbidden-lore-hacking-dns-routing-for-k8s
Writing Runbook Documentation When You’re An SRE
Tips and tricks for writing effective runbook documentation when you aren’t a technical writerhttps://www.transposit.com/blog/2020.01.30-writing-runbook-documentation-when-youre-an-sre
SLO — From Nothing to… Production
https://geototti21.medium.com/slo-from-nothing-to-production-91b8d4270bd5
https://geototti21.medium.com/slo-from-nothing-to-production-91b8d4270bd5
Building Kubernetes Clusters using Kubernetes
https://tomas-valasek.medium.com/building-kubernetes-clusters-using-kubernetes-dde332c77d65
https://tomas-valasek.medium.com/building-kubernetes-clusters-using-kubernetes-dde332c77d65
Athenz
Athenz is an open source platform for X.509 certificate based service authentication and fine grained access control in dynamic infrastructures. It supports provisioning and configuration (centralized authorization) use cases as well as serving/runtime (decentralized authorization) use cases. Athenz authorization system utilizes x.509 certificates and industry standard mutual TLS bound oauth2 access tokens. The name “Athenz” is derived from “AuthNZ” (N for authentication and Z for authorization).https://github.com/yahoo/athenz
Why I've Been Merging Microservices Back Into The Monolith At InVision
https://www.bennadel.com/blog/3944-why-ive-been-merging-microservices-back-into-the-monolith-at-invision.htm
https://www.bennadel.com/blog/3944-why-ive-been-merging-microservices-back-into-the-monolith-at-invision.htm