Skip to content

2022-07-12: OpenFeature & OpenCost at CNCF, OpenTelemetry for Rust & Python apps, Go Profiling, GitLab DB Split,, and much more

Thanks for reading the web version, you can subscribe to the Ops In Dev newsletter to receive it in your mail inbox.

πŸ‘‹ Hey, lovely to see you again

Honestly, reading my bookmarks [0], this month brought a wealth of knowledge to this newsletter. I did not yet read all my friends' newsletters (, Seven-Day DevOps, DevOps'ish, CloudSecList - full list in the Developer Evangelism handbook).

It is great to see developer experience with Security Observability being improved, OpenTelemetry and Sigstore are literally everywhere. On the Ops side, alerts and SLO management become easier. Community efforts create more open standards, CNCF touching base with feature flags and cloud-native cost control.

And whichever new language or tool you choose to learn, many new getting starting and interactive guides come by default. Spin up a Tetragon demo in Kubernetes, hands-on Rust, or start contributing using remote dev environments in Gitpod ... amazing times :-)

Let's see what we can learn together this month :)

[0] I'm sending myself emails for review that are routed into a special mail folder. Works on every device as a boring solution ;-) Suggestions welcome!

β˜• Hot Topics

🎯 Release speed-run

kubewarden 1.0.0, a policy engine for Kubernetes using portable WebAssembly modules, helps with Pod Security Policy replacement. Trivy 0.29.0 supports RBAC scanning of Kubernetes Roles/ClusterRoles, and also scans Helm charts in the latest release. PolarSignals' ArcticDB was renamed to FrostDB. Zabbix 6.2 adds support for secure secrets using CyberArk next zo HashiCorp Vault. Vault 1.11 provides a new Kubernetes secrets engine to dynamically generate Kubernetes service account tokens, service accounts, role bindings, and roles.

πŸ›‘οΈ The Sec in Ops in Dev

AnaΓ―s Urlichs created an amazing visual landscape of cloud-native security scanners. Recommend bookmarking. If you want to learn more about container image signing with Sigstore, Chainguard provides a free getting started course.

The transparency and helpful resources from Cloudflare are amazing: From the Cloudflare outage on June 21, 2022 retrospective to Optimizing TCP for high WAN throughput while preserving low latency, a thorough and in-depth read on TCP windows, tuning kernel settings and multiple kernel patch attempt until successful.

β›… Cloud Native

OpenFeature is now a sandbox CNCF project. Congrats to everyone involved in building a common standard for (cloud-native) feature flags! OpenCost is a new CNCF sandbox project to help with resource efficiency and cost estimation for Kubernetes. The project is based on the KubeCost engine, which is open source.

I also recommend diving into more KubeCon EU talks with Logs told us it was DNS, it felt like DNS, it had to be DNS, it wasn't DNS, learning from production incidents. Jaeger Tracing: Present and Future brings the idea of "Aggregated Trace Metrics (ATM)" forward, generating metrics from traces.

Another great learnk8s resource: Dive into authentication and authorization and learn about user and workload identities in Kubernetes. A worthwhile architecture read is inside the Google Container tools, kpt design docs: Configuration as data and Package Orchestration.

πŸ‘οΈ Observability

Let's start with an insightful read on eBPF, sidecars, and the future of the service mesh. You'll see more eBPF content in the future, I am slowly adopting the topic and am following a lot of resources and communities to learn more. This newsletter inspired last month's EveryoneCanContribute cafe to try Tetragon from Cilium live in the meetup.

Telemetry and Observability at BlackRock dives into the all-mighty question of alerting strategies and how alert backtesting frameworks help here. Developers need transparency on how their applications are performing - give them Observability with alerts and SLOs. My Philosophy on Alerting, based on observations as an SRE at Google. Another helpful tip in the same area: How to alert for Pod Restart & OOMKilled in Kubernetes.

Santhosh Nagaraj created an awesome Prometheus Getting Started tutorial, which is now merged into the official Prometheus documentation. Congrats!

The integration of Clickhouse as a datastore for Error Tracking in GitLab provides innovative insights and many things to learn. The blueprint for production readiness on review caught my attention with key metrics to monitor Clickhouse: system.asynchronous_metrics), system.metrics), Load on processors which are exposed as a metrics endpoint for Prometheus. More Clickhouse observability insights soon!

πŸ” The inner Dev

Recommend watching the hands-on insights into Go profiling and optimizations for the GitLab agent for Kubernetes, written in Go: issue and recording.

GitLab Agent for Kubernetes Go Profiling

If you are learning Rust, these insights about each every Rust keyword in this Twitter thread can be helpful. OpenTelemetry is getting easier for Rust developers - these web app frameworks provide out-of-the-box support for better Observability:

  1. tide with opentelemetry-tide
  2. with actix-web-opentelemeetry.

Polarsignals wrote a great article about gRPC, and how they use it for a web app. Also, a good resource to get started with the basic concepts of gRPC with a visual aid, as the protocol is used in OpenTelemetry, Kubernetes, etc.

HashiCorp announced their new Developer Site in beta, a place to learn in interactive labs, tutorials, and many documentation resources. They'll start with Vault and Waypoint, more to come soon. Another great resource to level up your developer career: Companies using RFCs or Design Docs and Examples of these -- learning how document architecture vision and reviews.

Recommended resources for Python developers: Next-level Concurrent Programming in Python with Asyncio, Logging in Python like a Pro, OpenTelemetry for Python Developers

... and maybe the next level of even ;-)

πŸ“ˆ Your next project could be ...

πŸ“š Tools and tips for your daily use

πŸ”– Book'mark

πŸŽ₯ Events and CfPs

πŸ‘‹ CfPs due soon

Looking for more CfPs? Try CFP Land.

🎀 Shoutouts

Kitboga for the many laughs when scammers tried their evil on Windows 3.11. Recommend subscribing too, very insightful and also helpful for family and friends avoiding to fall for these scams.


Thanks for reading! If you are viewing the website archive, make sure to subscribe to stay in the loop!

See you next month - let me know what you think on Twitter or LinkedIn.



PS: If you want to share items for the next newsletter, please check out the contributing guide - tag me in tweet replies or send me a DM. Thanks!