DevOps Industry Updates #17

Welcome back everyone! After a brief holiday break, DevOps Industry Updates is hot off the presses with yet another action-packed issue. From AWS managed Prometheus & Grafana to what is becoming one of the largest security breaches in history (#solarwinds123), be sure to read this one until the end!

🔥 Top Cream

This issue’s top 4 stories:

  1. AWS announces Amazon Managed Service for Prometheus
  2. Why are my tests so slow?
  3. The Big Little Guide to Message Queues
  4. Russia’s SolarWinds Attack

🌎 Society

  • Jason Kelley by Section 230 is Good, Actually: why Section 230 matters, and how it helps the users of Internet services both big and small.

📟 DevOps

  • Uber’s Real-Time Push Platform: this article describes how Uber went from polling for refreshing the app to a gRPC-based bi-directional streaming protocol to build our app experience.

  • Dockerfile best practices by Stephen Gutekanst: best practices for writing production-worthy Docker images. Includes a base Dockerfile to start with.

  • The Big Little Guide to Message Queues by Sudhir Jonathan: a guide to the fundamental concepts that underlie message queues, and how they apply to popular queueing systems available today.

  • Feature Flags in DevOps: How These Concepts Relate: feature flagging is a software development technique that has been growing and gaining popularity in recent times. However, some development teams still aren’t quite familiar with it. This post offers an introductory guide on feature flags and explains how feature flagging supports DevOps.

🛠️ DevOps Tools

  • cloudquery by Yevgeny Pats: Cloudquery transforms your cloud infrastructure into queryable SQL tables for easy monitoring, governance and security.

  • getmeli/meli: platform for deploying static sites and frontend applications easily. Automatic SSL, deploy previews, reverse proxy, and more.

  • Netflix/consoleme: consolidates the management of multiple AWS accounts into a single interface. It allows your end-users and administrators to get credentials for your different accounts, and allows your users/administrators to manage or request cloud permissions.

  • Fakerr/git-cheat by Walid Berrahal: beautiful, easy to reach Git cheat sheet in your terminal.

  • so-fancy/diff-so-fancy: diff-so-fancy strives to make your diffs human readable instead of machine readable. This helps improve code quality and helps you spot defects faster.

☸️ Kubernetes

  • k8spin/k8spin-operator: Kubernetes multi-tenant operator. Enables multi-tenant capabilities in your Kubernetes cluster.

🔐 Security

  • Russia’s SolarWinds Attack by Bruce Schneier: while you’ve been distracted by the holidays, coronavirus, and politics, the more we learn about the SolarWinds security fiasco, the worse it looks.

  • Stealing your private documents through a bug in Google Docs by KL Sreeram: a security vulnerability in Google Docs could have let attackers steal screenshots of your sensitive documents. The cause of this was a postMessage security misconfiguration.

  • Evolving Container Security With Linux User Namespaces by Netflix: one of Netflix’s biggest concerns with multi-tenancy is security isolation. Despite the risks, we’ve chosen to leverage containers as part of our security boundary. To offset the risks brought about by the container security boundary, Netflix employs some additional protections which are described in detail in yet another great blog post.

💻 Programming

  • 5 Ways to install Node.js by Luciano Mammino: this article explores the most common ways to install Node.js in your development system, along with the pros and cons of each method.

🐧 Linux

  • A Vim Guide for Intermediate Users: in this article, I’ll explain many more advanced concepts, some of them making Vim truly special compared to other editors. Who wasn’t blown away discovering Vim’s macros?

🔩 Hardware

🚢 Leadership

  • Research: Women Are Better Leaders During a Crisis by Jack Zenger and Joseph Folkman: according to an analysis of 360-degree assessments conducted between March and June of this year, women were rated by those who work with them as more effective. The gap between men and women in the pandemic is even larger than previously measured, possibly indicating that women tend to perform better in a crisis

☁️ Cloud


  • Introducing AWS CloudShell: AWS CloudShell is a browser-based shell available within the AWS console. Starting a CloudShell session provides immediate access to an Amazon Linux 2 environment with the AWS CLI pre-installed and pre-authenticated using the same credentials used to login to the console.

  • Amazon VPC Reachability Analyzer announced: VPC Reachability Analyzer is a new feature that enables you to perform connectivity testing between resources in your virtual private clouds (VPC). With Reachability Analyzer, you can quickly troubleshoot connectivity issues caused by misconfiguration, and proactively verify that your configuration matches your network connectivity intent.

  • Amazon EC2 announces new network performance metrics: Amazon EC2 now provides additional network performance metrics to help customers gain more insights into instance network performance. Five new metrics provide customers visibility when their instances exceed network allowances defined by AWS.

  • Amazon Aurora PostgreSQL Integrates with AWS Lambda: Amazon Aurora with PostgreSQL compatibility can now make calls to AWS Lambda functions. This allows you to extend the capabilities of the database and invoke external applications to act upon data changes. For example, you can create a Lambda function that sends emails to customers whenever their address in the database is updated.

  • AWS Session Manager: A better way to SSH by Mark Sawer: this article describes an AWS innovation introduced in 2019 called Session Manager. The Session Manager adds to SSH a layer of authentication and authorization based on IAM and only requires HTTPS outbound on the server end.

Article version: 1.0.0

Written on January 5, 2021