2022-04-04: Open Source Getting Started, Go 1.18, Kubernetes Events, KubeCon EU, Dagger, (API) Observability and Obsidian.md¶
Thanks for reading the web version, you can subscribe to the Ops In Dev newsletter to receive it in your mail inbox.
π Hey, lovely to see you again¶
March brought many new ideas, and exciting releases and announcements. Observability is still getting stronger, and more learning resources and production examples are being shared. We also got new features and design patterns to learn in Go 1.18, and more developer goodies such as Dagger. The event forecast for May is great too - I am super excited to speak at KubeCon EU for the first time, followed by diving into CI/CD Observability at cdCon. And we had a lovely Open Source Getting Started Twitter space. Enough of the spoilers - enjoy reading, and learn at your own pace :-)
β Hot Topics¶
- Dagger, a portable devkit for CI/CD pipelines. More below :)
- How Observability can improve gaming. Interesting use case!
- Making the Case for Observability (to your boss). Plan your next career step too.
π‘οΈ The Sec in Ops in Dev¶
The #EveryoneCanContribute cafe meetup with Aqua Security OSS tools brought tracee into the discussion, and how it is different to Falco. You can watch the full recording with chapter sections here.
Extending Checkov with custom policies to detect supply chain attacks is explained in this excellent blog post. Expect to dive into analysis and Python code examples to help secure your Terraform deployments.
Dagger left the private preview, providing a portable development kit for CI/CD pipelines including an actions catalog. It uses CUE as a configuration language and supports Docker compatible container runtimes. Additional actions can be written in many different programming languages. Very interesting to follow and integrate into a DevOps platform. We'll have a first look together in the #EveryoneCanContribute cafe meetup on April 12.
Harbor is an open-source registry that allows securing artifacts. It is a graduated CNCF project. The upcoming 2.5.0 release brings cosign from Sigstore in the RC2. More security release news: HashiCorp Vault 1.10 was released and brings MFA with TOTP, Okta, Dua, and PingIdentity. You can also use Vault as an OIDC provider, similar to GitLab and other platforms.
Streaming Kubernetes Events in Slack provides a great way to "look inside" and learn what's happening in a Kubernetes cluster.
ποΈ Observability¶
Observability is a very hot topic in 2022, with many different opinions and a lot to learn. It also might be something standing out in your career portfolio. What is API Observability takes you on a historical ride up to how we ended up simplifying cloud-native container observability with OpenTelemetry.
Andy Kuszyk wrote a great detailed introduction to Prometheus Histograms and how they help show the distribution of a dataset, grouped into buckets on specific ranges and counts for example. Recommend reading to learn more, with practical code examples and PromQL queries.
Monitoring TLS certificates and their expiry is an important task. The x509 certificate exporter is designed to monitor Kubernetes clusters from the inside, and can also be used as a standalone exporter. Thanks to CloudSecList for finding this gem!
Who watches the watchers tackles the problem of monitoring going down, flying blind in incidents. It gives an idea of how to build it using AWS Serverless, Pagerduty, Prometheus, and Grafana.
Diving into Service Level Objectives (SLO) and wondering about Service Level Indicators? Read on how GitLab shares SLIs across engineering departments for practical examples, and make sure to join SLOConf where Bob and Andrew will talk about them too.
If you are using OHVcloud managed Kubernetes, check out the Distributed tracing with Jaeger guide which also covers the deployment and instrumentation with OpenTelemetry using a small Go app. Timescale shared a great tutorial on how to instrument a Python app with OpenTelemetry.
Observability bookmarks for later: Cloudflare's vision, Microservice design patterns, APM is legacy - distributed tracing wins.
π The inner Dev¶
Eddie Jaoude invited me to join a Twitter Space on Getting Started with Open Source. The discussion was truly inspiring and exceeded 2 hours, with folks sharing their contribution experience, and contributors and maintainers sharing ideas to get started and build communities in the long term. I have collected thoughts and URLs here, including a soon-to-be-open-source project from Laurel and more resources to find OSS projects, such as newsletters.
π± March also brought great updates and insights for your favorite programming language.
Go 1.18 is here, and brings Generics as a new design pattern to adapt and learn. The technical implementation is described in the Type Parameter proposal - to get started, read the blog post about generics. More Go 1.18 news: go fmt runs concurrently, which benefits from systems with multiple CPUs. It also adds support for fuzzing.
"Python 3.11 is looping up to 45% faster for creating instances of basic classes and calling methods". The Twitter thread links to an Anti Pattern benchmark project
A Rust crate can be hosted in different places, public or in private Git repositories. Learn how to make them available for both, developers and CI/CD.
You can write unsafe C in Rust with Rustic - (tweet source):
Is Rust too memory-safe and elegant for you? Do you wish to return to something simpler? Well, have I got the solution for you, with the all-new c! macro! Simply insert c! into your source and then write C like it's 1999!*
Well, ok, don't try the suggestion in production :)
π Your next project could be ...¶
π‘ "From Zero to Production in Rust" got published, and I was curious when I saw the Observability chapter. You are building a newsletter app throughout the chapters, which sounds like a great learning journey :-)
𧩠Let's play a game ... with the CNCF landscape puzzle.
π€ Become the next programmer's rapper ... Lose yourSQL.
ποΈ Getting started with an OSS project, now what? Follow this mini-thread of suggestions in 1 and 2.
πΊοΈ Try a new alerting dashboard for the Prometheus AlertManager: karma.
π Tools and tips for your daily use¶
π Powerlevel10k ZSH theme for macOS is worthwhile with instant prompts and lots of prompt details out of the box. After finishing a Kubernetes Monitoring workshop, many students asked "off-topic" about the theme :)
π³ Docker Desktop alternatives on macOS: podman, nerdctl or Rancher Desktop?
βοΈ Start using Obsidian.md and publish the project with MkDocs and GitLab Pages.
π₯ Events and CfPs¶
- May 9-12: SLOConf, virtual
- May 9-12: o11yfest, virtual
- May 10: dockerCon 2022, virtual
- May 16-20: KubeCon EU, Valencia, Spain
π CfPs due soon
- Sep 5-7: Container Days, Hamburg, Germany, CfP due April 30.
- Oct 4-6: Open Source Automation Days, Munich, Germany, CfP due May 31
- Oct 24-28: KubeCon NA, Detroit, Michigan, CfP due May 27
- Nov 10-11: All Day DevOps, virtual, CfP due May 31
- Nov 16-17: Continuous Lifecycle / ContainerConf, Mannheim, Germany, CfP due May 8
Looking for more CfPs? Try CFP Land.
π‘ Join my talks :-)
- "Left shift your SLOs with Chaos" at SLOConf on May 9-12
- "From Monitoring to Observability: Left Shift your SLOs with Chaos" at KubeCon EU on Friday, May 20 - in-person in Valencia, Spain.
- "How we build CI/CD Observability with OpenTelemetry" at cdCon on June 7-8
π€ Shoutouts¶
Valentin Despa created an amazing learning resource: "DevOps with GitLab CI" on FreeCodeCamp. 4+ hours of step-by-step instructions by an experienced trainer.
Thanks for reading! If you are viewing the website, make sure to subscribe to stay in the loop!
See you next month - let me know what you think on Twitter or LinkedIn.
Cheers,
Michael
PS: If you want to share items for the next newsletter, please check out the contributing guide. Thanks!