DevOps / SRE - Top Links Last Week
Week 50 Issue #4
Week 50 Issue #4
School of SRE: Curriculum for onboarding non-traditional hires and new grads
LinkedIn - In early 2019, we started visiting campuses across India to recruit the best and brightest minds to ensure LinkedIn, and all the services that make up its complex technology stack, is always available for everyone. This critical function at Linkedin falls under the purview of the Site Engineering team and Site Reliability Engineers (SREs) who are Software Engineers specializing in reliability. SREs apply the principles of computer science and engineering to the design, development and operation of computer systems: generally, large scale, distributed ones
10 Free Software Development Resources for Beginners
If you have just started learning software development, then the list of resources below will be really useful.
Please consider supporting the Weekly DevOps / SRE Report. Subscribe to the phpops Newsletter on our website!
101 Tips to Make You a Better Developer
I’ve put all my knowledge and experience into these 101 tips that might help you in your career as a web developer. Whether you’re just starting or already have some experience, these tips will hopefully help you. This list is by no means complete, and certainly not every single point will be a perfect fit, but I hope you can pick some of them for inspiration or guidance.
Unfixable Kubernetes Security Hole Means Potential Man-in-the-Middle Attacks
Well, it had to happen eventually. Every now and again — I’m looking at you Intel with your Converged Security Management Engine (CSME) snafu — a security bug shows up that can’t be fixed. Now, it’s Kubernetes‘s turn. Tim Allclair, an Apple software engineer, who also helps oversee Kubernetes security, announced a “security issue was discovered with Kubernetes affecting multitenant clusters. If a potential attacker can already create or edit services and pods, then they may be able to intercept traffic from other pods (or nodes) in the cluster.”
Quick Take: Container Security on Amazon Web Services
For better or worse, how containers are used on Amazon Web Services will impact the technology’s future. So, for better or worse, it is necessary to track this, which is what AWS developer advocate and Cloud Native Computing Foundation (CNCF) ambassador Michael Hausenblas has done for the second consecutive year. The AWS Container Security Survey 2020 had 156 respondents, of which half used the Elastic Kubernetes Service (EKS) on the Elastic Cloud Compute (EC2) service. In addition, 36% are running a container service on top of AWS Fargate, but with about half of this group exclusively relying on AWS ECS.
Semgrep for Cloud Security
Semgrep is an emerging static analysis tool which is getting traction within the AppSec community. Its broad support to multiple programming languages, together with the easiness with which is possible to create rules, makes it a powerful tool that can help AppSec teams scaling their efforts into preventing complete classes of vulnerabilities from their codebases.
Kubernetes Is Deprecating Docker Support & Here’s Why You Should Not Panic
On 2nd December 2020, Kubernetes published an article stating that Kubernetes is deprecating Docker as a container runtime… And this was not a big deal I thought as I usually read articles from the Kubernetes Blog, thought this is just a release update blog. But then I saw Ian Coldwater, the Kubernetes SIG Security co-chair tweeted something which panicked the DevOps realm, quite literally. I, then realized, that the blog post was written as a clarification of this tweet.
Software Quality Testing: Creating Quality Filtration Stacks | Capital One
Software quality. This is a term that’s talked about in the context of magic processes that promise to fix all the things, make your coffee in the morning, and tuck you into bed at night. I’ve been in software development for over 25 years. I’ve built and led teams building mission critical software products. Over the years, I’ve worked with amazing people who’ve shaped my view on how to think about software quality and how to build software with quality as a first class citizen. In this post, I’d like to pass on some of the knowledge I’ve gained and start a real discussion about what it means to care about software quality management.
Certified Kubernetes Administrator (CKA) Exam Experience Sharing and Question Examples
In this article, I would like to share the kubernetes certificate exam experience and questions examples.
Announcing General Availability of HashiCorp Nomad 1.0
Today we are pleased to announce the general availability of HashiCorp Nomad 1.0. Nomad is a simple and flexible orchestrator to deploy and manage containers and non-containerized applications across on-premises and cloud environments at scale. Nomad is widely adopted and used in production by organizations like Cloudflare, Roblox, Q2, Pandora, and more.