Welcome back everyone! After a brief holiday break, DevOps Industry Updates is hot off the presses with yet another action-packed issue. From AWS managed Prometheus & Grafana to what is becoming one of the largest security breaches in history (#solarwinds123), be sure to read this one until the end!

🔥 Top Cream

This issue’s top 4 stories:

1. AWS announces Amazon Managed Service for Prometheus
2. Why are my tests so slow?
3. The Big Little Guide to Message Queues
4. Russia’s SolarWinds Attack

🌎 Society

• After embracing remote work in 2020, companies face conflicts making it permanent by Paul Sawers

• The State of Women in Tech and Startups: Women Who Tech retained polling firm Lincoln Park Strategies to anonymously survey 1,003 tech employees, founders, and investors globally on their experiences in the tech sector.

• The ethics of Pull Requests, being the “Reviewer” by Werner Dijkerman: this is the second of a three part blogpost series about Pull Request reviewing. I am writing this so I can give you my personal view on each side of the Pull Request saga, something I explain to every member joining my team.

• Jason Kelley by Section 230 is Good, Actually: why Section 230 matters, and how it helps the users of Internet services both big and small.

📟 DevOps

• Why are my tests so slow? by Charity: a list of likely suspects, anti-patterns and unresolved personal trauma.

• Uber’s Real-Time Push Platform: this article describes how Uber went from polling for refreshing the app to a gRPC-based bi-directional streaming protocol to build our app experience.

• Dockerfile best practices by Stephen Gutekanst: best practices for writing production-worthy Docker images. Includes a base Dockerfile to start with.

• The Big Little Guide to Message Queues by Sudhir Jonathan: a guide to the fundamental concepts that underlie message queues, and how they apply to popular queueing systems available today.

• Feature Flags in DevOps: How These Concepts Relate: feature flagging is a software development technique that has been growing and gaining popularity in recent times. However, some development teams still aren’t quite familiar with it. This post offers an introductory guide on feature flags and explains how feature flagging supports DevOps.

• HashiCorp Nomad Meets the 2 Million Container Challenge by Chang Li: HashiCorp Nomad scheduled 2,000,000 Docker containers on 6,100 hosts in 10 AWS regions in 22 minutes.

🛠️ DevOps Tools

• cloudquery by Yevgeny Pats: Cloudquery transforms your cloud infrastructure into queryable SQL tables for easy monitoring, governance and security.

• getmeli/meli: platform for deploying static sites and frontend applications easily. Automatic SSL, deploy previews, reverse proxy, and more.

• Netflix/consoleme: consolidates the management of multiple AWS accounts into a single interface. It allows your end-users and administrators to get credentials for your different accounts, and allows your users/administrators to manage or request cloud permissions.

• Fakerr/git-cheat by Walid Berrahal: beautiful, easy to reach Git cheat sheet in your terminal.

• so-fancy/diff-so-fancy: diff-so-fancy strives to make your diffs human readable instead of machine readable. This helps improve code quality and helps you spot defects faster.

☸️ Kubernetes

• k8spin/k8spin-operator: Kubernetes multi-tenant operator. Enables multi-tenant capabilities in your Kubernetes cluster.

🔐 Security

• Russia’s SolarWinds Attack by Bruce Schneier: while you’ve been distracted by the holidays, coronavirus, and politics, the more we learn about the SolarWinds security fiasco, the worse it looks.

• Stealing your private documents through a bug in Google Docs by KL Sreeram: a security vulnerability in Google Docs could have let attackers steal screenshots of your sensitive documents. The cause of this was a postMessage security misconfiguration.

• Evolving Container Security With Linux User Namespaces by Netflix: one of Netflix’s biggest concerns with multi-tenancy is security isolation. Despite the risks, we’ve chosen to leverage containers as part of our security boundary. To offset the risks brought about by the container security boundary, Netflix employs some additional protections which are described in detail in yet another great blog post.

💻 Programming

• Top 10 Python libraries of 2020 by Alan Descoins

• 5 Ways to install Node.js by Luciano Mammino: this article explores the most common ways to install Node.js in your development system, along with the pros and cons of each method.

🐧 Linux

• Git stash doesn’t have to be scary by Jemma Issroff: what git stashes are, how to use them and when not to use them.

• A Vim Guide for Intermediate Users: in this article, I’ll explain many more advanced concepts, some of them making Vim truly special compared to other editors. Who wasn’t blown away discovering Vim’s macros?

🔩 Hardware

• How AWS Added Apple Mac Mini Nodes to EC2 by Patrick Kennedy

🚢 Leadership

• Research: Women Are Better Leaders During a Crisis by Jack Zenger and Joseph Folkman: according to an analysis of 360-degree assessments conducted between March and June of this year, women were rated by those who work with them as more effective. The gap between men and women in the pandemic is even larger than previously measured, possibly indicating that women tend to perform better in a crisis

☁️ Cloud

• Introduction to Cloud Computing: if you or someone you know is new to cloud computing, Digital Ocean has a full self-guided course with a full picture of what cloud has to offer. It starts with a conceptual framework, moves through Linux commands through setting up your first cloud servers.

• Ex-product manager at Google about why GCP lost to AWS by Hemant Mohapatra

AWS

• AWS announces Amazon Managed Service for Prometheus

• AWS announces Amazon Managed Service for Grafana: developed in partnership with Grafana Labs, Amazon Managed Service for Grafana manages the provisioning, setup, scaling, and maintenance of Grafana servers.

• Announcing General Availability of AWS Cost Anomaly Detection by Bowen Wang and Lutong Yang: AWS Cost Anomaly Detection uses a multi-layered machine learning model that learns your unique, historic spend patterns to detect one-time cost spike and/or continuous cost increases, without you having to define your thresholds.

• Introducing AWS CloudShell: AWS CloudShell is a browser-based shell available within the AWS console. Starting a CloudShell session provides immediate access to an Amazon Linux 2 environment with the AWS CLI pre-installed and pre-authenticated using the same credentials used to login to the console.

• Amazon VPC Reachability Analyzer announced: VPC Reachability Analyzer is a new feature that enables you to perform connectivity testing between resources in your virtual private clouds (VPC). With Reachability Analyzer, you can quickly troubleshoot connectivity issues caused by misconfiguration, and proactively verify that your configuration matches your network connectivity intent.

• Amazon EC2 announces new network performance metrics: Amazon EC2 now provides additional network performance metrics to help customers gain more insights into instance network performance. Five new metrics provide customers visibility when their instances exceed network allowances defined by AWS.

• Amazon Aurora PostgreSQL Integrates with AWS Lambda: Amazon Aurora with PostgreSQL compatibility can now make calls to AWS Lambda functions. This allows you to extend the capabilities of the database and invoke external applications to act upon data changes. For example, you can create a Lambda function that sends emails to customers whenever their address in the database is updated.

• AWS Session Manager: A better way to SSH by Mark Sawer: this article describes an AWS innovation introduced in 2019 called Session Manager. The Session Manager adds to SSH a layer of authentication and authorization based on IAM and only requires HTTPS outbound on the server end.

Article version: 1.0.0