A comparison of serverless deployment tools. Author describes the differences between Serverless Framework, SAM, and AWS CDK. However, this articale is more an overview of the aforementioned tools rather than competitive test.

Unfortunately, both Terraform (including Terraform CDK and Pulumi are out of comparision. Which is kinda disappointing. In my opinion, these two have more potential than the tools from this post.

#serverless #aws

Speaking of Terraform CDK. Here is a quick manual on how to define Azure resources using Terraform CDK and TypeScript.

It's Azure specific, but the overall workflow should be similar for any other Terraform provider.

#terraform #azure

git-xargs - tool for change same things in many Github repos at once

This is a CLI tool for easily executing commands and scripts opensorced by Gruntwork a short time ago.
Written in Go and used goroutines, so it pretty fast, except you reached the Github API call limit :)

#git #github #toolz

Some time ago there was a popular interview question for the roles inside DevOps methodology: "What will you not automate or what is impossible to automate in your opinion?" That was an open-ended question to get the candidate out of the "automate everything - monitor everything" bubble. However, there was an ultimate answer for that - code review.

Like yeah, how would you automate code review, right? Well, using machine learning! - says Werner Vogels - CTO of AWS.

The article is mostly a praise of their new CodeGuru service. However, it brings up an interesting question: what if in a decade or so our job would be not fixing the bugs and production environments, but rather developing models that would prevent bugs getting into production in the first place? Or developing an AI, which will react on monitoring alerts accordingly without any human intervention?

Feel free to share your thoughts in the chat!

#aws #ml

Cilium 1.10 is out with Wireguard, BGP Support, Egress IP Gateway, New Cilium CLI, XDP Load Balancer, Alibaba Cloud Integration and more. As well as a lot of performance improvements.

And that's great news! Especially, the Wireguard part, because now Cilium supports not only IPSec for traffic encryption between the pods.

#networking #kubernetes

​​​​🎉🎉🎉
Today is CatOps' birthday!

It's been 4 years already!

Thank you for being with us all these years!
🎉🎉🎉

And back to IaC.

Pulumi has presented an Automation API - a generic way to programmatically trigger Pulumi execution.

This API should ease for platform teams the development of self-service developers' portals.

The article contains examples of the Automation API usage as a WebUI, CLI, CI/CD systems' plugin, and even Jupiter notebook.


#iac #pulumi

​​Default Tags in the Terraform AWS Provider

Finally!
Required AWS Provider >= v3.38.0, TF >= 0.12.

#aws #terraform

Why sharing a single article if you can share the whole magazine?

Increment is an online and printed magazine about software and technologies, which is published in a good-old format of monthly issues.

Each issue has its own topic and the 16th dated February 2021 is dedicated to the topic of Reliability!

Enjoy more than 10 articles on reliability, chaos engineering, etc. as well as case studies from various companies. Also, you can buy a printed magazine version if you want.

Increment has already covered topics like On-call, Remote work, Cloud, etc. Honestly, this is the best publishing finding for me this year. I'll definitely dig into it and probably even order a printed version as well!

#reliability

From our subscriber.

How developers can be their own operations department is a story of DevOps evolution in a single company.

This article doesn't provide any answers on how you should run your operations or organize your teams. However, it gives some historical context. The story of Flipp company is very similar to what happened with the industry as a whole.

If you want to get an insight on how DevOps movement emerged and why it has become so popular - you're welcome to read this one.

P.S. You can propose an article in via chat

#culture #devops

Job offer negotiations as well as compensation ranges themselves are always hot topics for discussions not only in software development.

Needless to say that the skills to negotiate are important and help you to get a better deal (sometimes even without changing a company).

Today in the CatOps Chat we are going to talk about compensation and salary negotiations in general. Voice chat starts today at 17:00 UTC in the group chat. Important thing to mention: the conversation is usually in Russian or Ukrainian, or (more frequently) both.

And it's not all yet. Here is an article to prepare yourself for such a discussion. It was sitting in my reading list for a few months now, but it looks like today the time to read it has come eventually. I'm happy to share these articles with you as well!

- Ten Rules for Negotiating a Job Offer. (Part I)
- How Not to Bomb Your Offer Negotiation. (Part II)

Enjoy and auf wiederhören!

#culture #jobs

QUIC - a planned successor of TCP - is now formalized as RFC 9000.

QUIC was initially developed at Google, but later adopted by IETF. It provides some TCP-like features on top of UDP in order to overcome latency and packet loss, especially in the last mile.

HTTP/3, which is built on top of QUIC is not formalized yet, but it's following closely behind. So, it will be likely released soon as well.

So, with HTTP/3 around the corner, have you already switched to HTTP/2?

#networking #quic

Gatus is a health dashboard written in Go.

It has minimalistic configuration and allows you to set multiple conditions to label an endpoint as "healthy".

Also, you can host it on your own inside your private network. So, if you have security requirements of not to allow external health checkers into the perimeter, this could be a good way to go.

#toolz #observability

Introducing Argo Rollouts v1.0

Now, for those, who's not familiar with Argo universe, there are Argo, ArgoCD, and Argo Rollouts. All these tools are developed under the same umbrella and are complimentary to each other, but they are not the same thing.

Argo Rollouts manages iterative deployments aka progressive delivery aka canary releases. However, progressive delivery is a broader term. Basically, you roll out your application gradually in an automated way based on the health metrics.

Currently, Argo Rollouts supports such metrics providers as: Prometheus, Wavefront, DataDog, NewRelic, Kayenta, custom Kubernetes Job, and custom Web check. And it supports various traffic controllers like: Linkerd, Istio, AWS LoadBalancer, Ambassador, and Nginx.

So, what's new in version 1.0?
- New Argo Rollouts UI
- Ability to reference existing Deployment workloads instead of inlining a PodTemplate at spec.template
- Richer Prometheus stats and Kubernetes events
- Support for Ambassador as a canary traffic router
- Support canarying using Istio DestinationRule subsets

You can read the full changelog in the GitHub release description.

Also, they have a roadmap, so you can check, what's coming next

#cicd #kubernetes #argo

Consul Service Mesh for Amazon ECS is now in the Tech Preview.

This means that you can deploy Consul Service Mesh on Fargate type ECS using official Terraform modules. However, only setups for Dev are supported right now, i.e. the official module deploys only a single dev/testing Consul task for now. This will be changed before Consul Service Mesh for AWS ECS hits GA.

#consul #hashicorp #aws #networking

​​A short article by Julia Evans about why OSI model doesn't map to TCP/IP really well. And why sometimes it's just easier to say things like "TCP load balancer" or "Ethernet switch" rather than "later 4", "layer 2", etc.

tl;dr: primarily, because OSI is old.

Also, there is a diagram of your usual network packet as a bonus.

deps.dev helps you to track down important information about dependencies in your code, like known CVEs, license information, and latest release version.

Currently, you can search through NPM packages, Go modules, Maven artifacts, Cargo crates, with NuGet and PyPI yet to come.

#dev

Some time ago we had some weird network timeouts in our Kubernetes clusters. It was also pretty strange that not all service owners reported timeouts and according to the monitoring graphs, these issues usually happened during the day.

A colleague of mine dig into this problem and, well, found a bug in AWS. He described the process of his debug in this article, which steps he took and in what sequence, as well as some tools he used to debug this.

Happy reading!

#kubernetes #aws

The Serverless Rules are a compilation of rules to validate infrastructure as code templates for AWS against recommended practices.

They are available as cfn-lint or tflint plugins. So, you can check your CloudFormation or Terraform code against them.

#aws #serverless

I like it when articles on the Web start discussions. Although, sometimes such articles are just click bait, but you can figure it out based discussions they ignite.

Steve Smith wrote an article called "GitOps is a placebo", where he argues that GitOps haven't bought anything new to the table, because all its core concepts already existed in form of Continuous Delivery and Infrastructure as Code.

And here is the reply to this article by Carlos Sanchez in the form of a Twitter thread.

Feel free to share your own thoughts on GitOps in our chat

#cicd #iac #gitops