In this linux-heavy edition of DevOps Industry Updates, we visit some more advanced git features, SSH tunnels, a 24 year old kernel bug and, and on a non-linux note, the earth-shattering emergence of Databricks. It’s been an especially busy couple of weeks in the wonderful world of DevOps, but lucky for you, I have all of the best parts right here:

🔥 Top Cream

This issue’s top 5 stories:

1. 5 habits of successful DevOps leaders
2. A visual guide to SSH tunnels
3. Hildegard: New Malware Targeting Kubernetes
4. How .NET container images are maintained
5. A visual guide on troubleshooting Kubernetes deployments

🌎 Society

• Why Databricks Is Winning In The Data & Analytics Market: as evidenced by a recent $1 billion funding raise, Databricks is growing rapidly and deservedly.

• Email from Jeff Bezos to employees: Andy Jassy will become the new CEO of Amazon.

• Changes to LastPass Free: starting March 16th, you will need to pay $27/year if you want to use LastPass on your mobile device and computer.

📟 DevOps

• Engineering dependability and fault tolerance in a distributed system: discusses the concepts of dependability and fault tolerance and explains how the Ably platform is designed with fault tolerant approaches to uphold its dependability guarantees.

• Drawbacks of developing in containers: everything involves tradeoffs, and today we’re going to focus on what some of the drawbacks of containers are.

• Terraform Mono Repo vs. Multi Repo: The Great Debate: learn about the pros and cons of using mono repositories and multi repositories along with the most logical use case for each.

• Dynamically Loaded Terraform Providers: there are some situations where you need information from your Terraform execution to configure a provider. This can be a challenge and not super obvious if you need to do it. Let’s dive into a scenario where this exists.

🛠️ DevOps Tools

• iann0036/iamlive: generate a basic IAM policy from AWS client-side monitoring (CSM).

• spulec/moto: a library that allows you to easily mock out tests based on AWS infrastructure.

• conwnet/github1s: one second to read GitHub code with VS Code.

• Homebrew 3.0.0: adds official Apple Silicon support and a new bottle format in formulae.

☸️ Kubernetes

• Hildegard: New Malware Targeting Kubernetes: Unit 42 researchers detected a new malware campaign targeting Kubernetes clusters. Once getting a foothold, the malware attempted to spread over as many containers as possible and eventually launched cryptojacking operation.

• Exploring Kubernetes Operator Pattern: “in this article, I’ll try to take a closer look at the Operators pattern, see which Kubernetes parts are involved in operators implementation, and what makes operators feel like first-class Kubernetes citizens. Of course, with as many pictures as possible.”

• A visual guide on troubleshooting Kubernetes deployments: a diagram to help you debug your deployments in Kubernetes.

🔐 Security

• What’s an SPF Record? Ultimate Guide to Email: spam has been sloshing around on the internet since forever and so have methods to fight it. SPF is a neat way to help prevent your domain name from being abused for appearing to send spam or forged emails.

• How .NET container images are maintained : staying safe and up-to-date with containers can be challenging and not always intuitive. This post describes Microsoft’s approach to helping you with that — largely via their container image publishing system — and with associated guidance of the images Microsoft publishes.

• Basic Intro to Elliptic Curve Cryptography

• Normalizing AWS IAM Policies for Automation: uncovering the power of SQL to analyze IAM policies via normalization of the AWS IAM policy syntax.

💻 Programming

• Python strings are immutable, but only sometimes

• Python 2to3: What’s New in 3.0: features added in Python 3.0 beyond those already in 2.6, including Unicode by default, type annotations, and exception chaining.

🐧 Linux

• A visual guide to SSH tunnels: this article does a great job explaining common use cases and examples of SSH tunnels while visually presenting the traffic flows.

• Advanced Git Features You Didn’t Know You Needed: git is a very powerful tool which almost every developer needs to use on a daily basis, but for most us it’s usage is reduced to just a few commands such as pull, commit and push. To be efficient, productive and wield the full power of git however, one needs to know a few more commands and tricks.

• Alternative Shells: this is a big list of alternative shells (as opposed to the common POSIX-ish shells like bash and zsh).

• Uncovering a 24-year-old bug in the Linux Kernel

• 8 tips for reliable Linux system automation: reducing complexity can streamline and smooth the automation pipeline.

🚢 Leadership

• 5 habits of successful DevOps leaders: building and improving a DevOps culture requires a special kind of leader. The most successful DevOps leaders model habits including consensus-building and continuous learning.

• How Managers Can Support Employees with Chronic Illnesses: chronic illness is extremely common, and the Covid-19 pandemic has helped normalize talking about it in the workplace. It can be hard to know what to say to an employee with a chronic illness — it’s an emotional topic, but there are three steps managers can take to ensure they approach these conversations with empathy and confidence.

☁️ Cloud

• Comparing Cloud Shells: AWS, Azure, and GCP: “in this blog post, I’m going to look at the cloud shells from AWS, Microsoft Azure, and Google Cloud, and see what they really have to offer.”

AWS

• AWS Innovate: AI/ML Edition: learn about AWS’s latest technologies and innovations in AI/ML, share core concepts, and dive deep into architectural and deployment best practices across 30+ sessions at this free online event.

• How they AWS: a curated collection of publicly available resources on how technology and tech-savvy organizations around the world use AWS.

• AWS Lambda now supports Node.js 14: new features include top-level-await, enhanced diagnostics, modifications of the streams APIs, and a revised JavaScript engine for better performance.

• PrivateLink for Amazon S3 is Now Generally Available: eliminates the need to use public IPs, configure firewall rules, or configure an Internet Gateway to access S3 from on-prem.

• VPC Traffic Mirroring is now supported on select non-Nitro instance types: replicate network traffic from EC2 instances within your VPC to security and monitoring appliances for use cases such as content inspection, threat monitoring, and troubleshooting.

• Introducing Amazon EC2 M5n, M5dn, R5n, and R5dn Bare Metal Instances: utilize up to 100 Gbps of network bandwidth and use Elastic Fabric Adapter (EFA) for HPC/ML workloads. Like all Amazon EC2 bare metal instances, you also get direct access to the Intel Xeon Scalable processor and memory resources of the underlying server.

• ALB now supports Application Cookie Stickiness: this new feature helps customers ensure that clients connect to the same load balancer target for the duration of their session using application cookies.

• Amazon Aurora supports PostgreSQL 12: PostgreSQL 12 includes better index management, improved partitioning capabilities, and the ability to execute JSON path queries per SQL/JSON specifications.

• Introducing Amazon CloudFront Security Savings Bundle: a flexible self-service pricing plan that helps you save up to 30% on your CloudFront bill in exchange for a monthly spend commitment for a 1-year term.

Article version: 1.0.0