By default all Kubernetes secrets are base64 encoded and stored as plaintext in etcd. Seth Vargo shares techniques for securing Kubernetes secrets, including encryption, KMS plug-ins, and tools like HashiCorp Vault and the trade-offs of each approach to better secure their clusters.
Ruth Yakubu explores end-to-end serverless scenarios on Microsoft Azure Functions, Azure Cosmos DB, and Event Grid.
Lena Hall takes you on an adventure into the multifaceted universe of ever-changing distributed systems.
Lachlan Evenson and Bridget Kromhout discuss Microsoft's journey to build Kubernetes policy controller Gatekeeper in the open and explain how the tool helped inform how an enterprise offering on Azure. Join in for pragmatic tips on how to effectively contribute to and use open source tools.
Maya Kaczorowski explores how containers offer a fundamentally different, possibly better, security model than you're used to. They enable you to patch your environment more easily, identify when you're affected by a new vulnerability, and enforce governance for what is deployed in your environment.
Join Liz Fong-Jones to explore several practices core to production excellence: giving everyone a stake in production, collaborating to ensure observability, measuring with service level objectives, and prioritizing improvements using risk analysis.
Patrick Meenan lets you in on how HTTP/2 prioritization is effectively broken in most deployments and shows you how to detect, debug, and fix the issues.
Jess Kerr argues that most programming careers aren't about writing software; they're about changing it. With this distinction, she'll share some things about reuse, delivery, quality, and how to grow as a programmer.
Join Ryan Kitchens for an introduction to Safety-II concepts that will help move the industry forward, increasing the opportunity for learning from success with some fundamental and practical ways that get us from "Why did things go wrong?" to "How did things go right?"
We've been working to foster a more diverse, inclusive, and equitable tech industry for years, but we have yet to see meaningful and lasting change. Drawing inspiration from restorative justice practices and her own journey of healing, Alex Qin offers a hopeful vision for how we can come together and cocreate the world we yearn for.
You're going to automate all the things, reduce toil, and make your systems smarter and recover automatically. . .except sometimes you're automating a house of cards built on the back of individual people and a well-meaning solution can fail to address the true problems in the system. Tim Bonci offers a postmortem of a solution that was designed to solve a common operational problem but failed.
Drawing from work in technology, community development finance, social psychology, complexity theory, and championship sports, Everett Harper moves to the edge of these disciplines, centering on the key practices that are crucial for solving our most critical challenges.
The technology invented for web browsers is a much better way of running serverless code than traditional processes and containers. Let Zack Bloom show you why.
Consul is a well-known and widely used service discovery mechanism. Although Kubernetes has a built-in service discovery mechanism, Wish has standardized on using Consul. Thomas Jackson explains how Wish is leveraging Kubernetes and integrating it with its infrastructure.
Rajesh Raman dives deep into the practice of observability, demonstrating how a more analytics-driven approach to metrics, traces, and other monitoring signals improves observability. You'll learn a framework for kick-starting a culture of observability in your organization, informed by Rajesh's experience building and deploying observability tools at SignalFx.
Kubernetes provides a powerful set of APIs and abstractions for building distributed systems, and it provides users with the ability to build and install their own extension APIs alongside the core APIs. Phillip Wittrock covers how core Kubernetes APIs are designed and built and teaches the basics of writing an installable custom Kubernetes API.
Everyone keeps telling you that containers need orchestration, but you're not so sure; maybe they could go for some light jazz? Or maybe serverless is here to save us from the tyranny of (virtual) machines, but meanwhile somebody's gotta kuber some netes, and it's likely to be you.
Aaron Schlesinger dives into case studies on why and how it's hard for app developers to adopt Kubernetes. He walks you through the tools to make the transition easier, providing a holistic view of how to fit everything together to make Kubernetes easier for teams. You'll leave with what you need to get your teams started with or improve your team’s productivity on Kubernetes.
Are we building the right abstraction layers? And how would we know? To answer these questions, Kyle Anderson looks at the past, present, and future of the abstraction layers we've built as an industry.
Alex Elman explains how Indeed used a site-wide outage as an opportunity to build resilience, improve reliability, and make lasting improvements to the engineering culture.
After five years of helping hundreds of customers use Apache Kafka, you've seen it all. Gwen Shapira provides an overview of the most common ways Apache Kafka users manage to cause downtime and lose data. And how to avoid them.
As both engineers and managers reach midcareer levels referred to as career or terminal levels (e.g., senior engineer or senior manager levels in many technology companies), they are often faced with uncertainty and ambiguity on possible next steps in their career. Uma Chingunde focuses on career planning and strategy for midcareer technologists.
Observability may be the hot new thing, but for many devs, it's unclear how to gracefully get from where they are now (searching across logs or using canned APM tools) to debugging production with ease. Christine Yen makes the case that observability can be more valuable to devs than ops, and she lays out a series of practical steps to up-level a team's ability to ask questions of production.
DevOps and platform teams have too many projects, not enough time, and users who can easily ask if the thing is done, because "it's really holding them up." James Heimbuck explores the good, the bad, and the ugly of how SendGrid incorporates product management practices into planning and execution within DevOps and platform teams to cut off scope creep and never-ending projects and realize value.
Microservices and cloud native technologies is the path for building large-scale, distributed systems. Can it do the same for teams? Chen Goldberg leads the Google engineering team building Kubernetes, Istio, GKE, and Anthos and explains how the same tech can help build happy teams.
Chaos engineering allows security incident response teams to proactively experiment on recurring incident patterns to derive new information about underlying factors that were previously unknown. Join Aaron Rinehart to explore the hidden costs of security incidents, learn a new technique for uncovering system weaknesses in systems security, and more.
While cloud native appears to be on a winning streak, there are too many enterprise development teams being left behind. Bob Quillin outlines how the cloud native community can create a more open multicloud future, reduce complexity (rather than piling more on), and be more inclusive to all teams—modern and traditional, startups and enterprises alike.
Examining the increased need for specialized Operations Engineering in the Age of Serverless
Yaniv Aknin dives into the secret sauce for a successful SRE organization: high-quality measurements of reliability. He explains why measuring reliability is crucial (and why it’s so hard), shares a couple of tips for getting it right, and explores why it’s the key differentiator between SRE and DevOps.
Interested in becoming more data driven and empowering your peers and coworkers with insights and data? Yoni Leibowitz and Sasha Rosenbaum share how Microsoft has been constantly transforming its engineering, support, finance, and marketing work via new tech for data-driven decisions.
The last two years have seen the emergence of several mechanisms to isolate workloads in containers as well as Kubernetes's ability to run these in a single multitenant cluster. Ricardo Aravena explores the pros and cons and explains how users can benefit from them.
Dave Andrews sheds light on how the edge landscape has been—and is still—evolving with a look at the new class of low-latency/high-bandwidth application domains and how Verizon Digital Media Services is helping to deliver this to its customers.