Welcome back! If your week has been anything like mine, you’ve been a little busier than usual and you probably didn’t have a lot of time to read the latest DevOps news. Well fear not, DevOps Industry Updates has you covered! Standouts in this issue include GKE who launched two impressive new features (AutoPilot and Multidimensional Pod Autoscaler aka MPA) and some stellar essays on system design. Player ready? Let’s go:

🔥 Top Cream

This issue’s top 5 stories:

1. Top 20 Dockerfile best practices
2. Despite the Pandemic, DevOps Salaries Rose in 2020
3. Splitting the ping
4. Modules, monoliths, and microservices
5. Engineering dependability and fault tolerance in a distributed system

🌎 Society

• Recap: Gene Kim’s Thoughts on DevOps in 2021: perspective on the biggest changes that sprung from 2020 and areas of focus for the rest of this year.

• DigitalOcean Files For IPO Among A Sea Of SPACs

• Despite the Pandemic, DevOps Salaries Rose in 2020: Puppet’s survey got 2,243 responses and noted that organizations with highly evolved DevOps practices pay better than those that are less evolved.

• 4 Times I Felt Discriminated Against for Being a Female Developer

• Okta acquires cloud identity startup Auth0 for $6.5B: the company had a valuation of $1.92 billion when it raised $120 million led by Salesforce Ventures last July.

📟 DevOps

• Top 20 Dockerfile best practices: learn how to prevent security issues and optimize containerized applications by applying a quick set of Dockerfile best practices in your image builds.

• Elasticsearch Optimizations at Lyft: in this article, Lyft shares the different ways they measured and altered our interactions with Elasticsearch to ultimately decrease latency and costs.

• Modules, monoliths, and microservices

🛠️ DevOps Tools

• sift: a fast and powerful alternative to grep.

• ConsoleMe: a Central Control Plane for AWS Permissions and Access

• Cockpit: an easy-to-use, integrated, glanceable, and open web-based interface for your servers.

• a simple DNS lookup tool

☸️ Kubernetes

• Watch Kubernetes Experts Fix Broken Kubernetes Clusters Live: we break them, they fix em, live!

• Introduction to GitOps on Kubernetes with Flux v2: how to set up a GitOps pipeline for your Kubernetes cluster with Flux v2.

• Kubernetes examples: a series of YAML references with canonical and as-simple-as-possible demonstrations of kubernetes functionality and features.

• How We Minimized the Overhead of Kubernetes in our Job System

🔐 Security

• The CNAME of the Game: a large-scale analysis of a DNS-based tracking evasion scheme that leverages CNAME records to include tracker resources, effectively bypassing anti-tracking measures that use hostname-based block lists.

• Former SolarWinds CEO blames intern for ‘solarwinds123’ password leak

• At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

• Does your VPC endpoint allow access to half of the Internet?

💻 Programming

• Development on Windows is Painful

• Learning Rust and Go: it’s interesting how both Go and Rust fall into the same category but are so fundamentally different in design, philosophy, and execution.Here are some insights from using both for quite a while.

🐧 Linux

• Building a Linux container by hand using namespaces: How user namespaces in Linux relate to container security.

☁️ Cloud

• Splitting the ping: ping is one of the fundamental pillars of networking. It’s simple, universally supported, and is normally one of the few things that is shipped with all network stack.

• Engineering dependability and fault tolerance in a distributed system: in this article, we discuss the concepts of dependability and fault tolerance in detail and explain how the Ably platform is designed with fault tolerant approaches to uphold its dependability guarantees.

AWS

• Amazon Elasticsearch Service now supports rollups: index rollups let you summarize high granularity data and preserve feature-rich aggregations over large data sets for analytics while reducing the storage costs.

• Analyze and understand IAM role usage with Amazon Detective: quickly attribute activity performed under a role to a specific resource in your environment, understand cross-account role assumptions, determine role chaining behavior, and quickly see called APIs.

• EKS and EKS Distro now support Kubernetes 1.19: highlights of the 1.19 release include Ingress API and Pod Topology Spread reaching stable status, EndpointSlices being enabled by default, and immutable Secrets and ConfigMaps. As of May 3rd, 2021, Kubernetes version 1.15 will no longer be supported.

• EKS clusters now support user authentication with OIDC

• Big Sur EC2 Mac instances now support EFS

• How to use source maps in AWS Lambda with Node.js: if you ever opened your CloudWatch logs and saw that the error happened in the /var/task/index.js:1:2345, this post is for you. Learn how to transform this meaningless stack trace into something that matches your source code and you understand.

• Parameter Store vs Secrets Manager

GCP

• Scaling workloads across multiple dimensions in GKE: application owners can now define multiple autoscaling behaviors for a workload using a single Kubernetes resource: Multidimensional Pod Autoscaler (MPA).

• Introducing GKE Autopilot: a revolution in managed Kubernetes

• Google Cloud products in 4 words or less (2021 edition): Google Cloud offers lots of products to support a wide variety of use cases. But how do you even know where to start?! Don’t worry, we’ve got you covered!

Article version: 1.0.0