Welcome back! It’s been a whole Jira sprint since the last newsletter and Mother’s Day is right around the corner (this Sunday). If you still haven’t obtained anything for your Mom, you can always consider getting her what I got my mom this year: a Unix Magic Poster (flowers could work, too). In what might be our most process focused issue yet, we look at release testing, SLIs vs. SLAs vs SLOs, how to ship code faster with feature flags and much more. So grab a seat and get ready to open a bunch of new tabs, it’s all here:

🔥 Top Cream

This issue’s top 4 stories:

1. Release Testing Explained
2. My Comprehensive Guide to AWS Cost Control
3. Hosting SQLite databases on Github Pages
4. CSRF, CORS, and HTTP Security headers Demystified

🌎 Society

• DockerCon LIVE 2021: this one day, virtual event on May 27th will be jam-packed with 45+ breakout sessions, interactive community rooms, compelling keynotes and sponsors, live panels and interviews, and more.

• GitLab’s 2021 Survey uncovers a new DevOps maturity model: GitLab’s just-released 2021 Global DevSecOps Survey found sharp increases in automation, release cadences, continuous deployments, and security postures, as well as a growing reliance on cutting edge technologies, including artificial intelligence and machine learning.

📟 DevOps

• Nine Pillars of DevOps Best Practices

• Lessons I learned from achieving a 99.99% platform uptime

• SRE fundamentals 2021: SLIs vs. SLAs. vs SLOs

• Release Testing Explained: great overview that explores several methods used to perform release testing. If you don’t know what TDD is, you should probably read this article.

• SRE at Google: Our complete list of CRE life lessons: a complete list of CRE life lessons posts we’ve published in the past five years in one convenient location.

• Hosting SQLite databases on Github Pages: a sqlite wrapper that enables you to query a statically-hosted sqlite DB file.

🛠️ DevOps Tools

• SigNoz: Open-source Observability platform: monitor your applications and troubleshoot problems in your deployed applications, an open-source alternative to DataDog, New Relic, etc.

• Use Google like a pro: Googling is one of the most important skills for every developer. This post shows you how to get better at Googling.

• Tips for productive DevOps workflows: JSON formatting with jq and CI/CD linting automation.

• junegunn/fzf: a command-line fuzzy finder.

☸️ Kubernetes

• Optimizing Prometheus and Grafana with the Prometheus Operator: this article discusses cluster monitoring fundamentals and how to use the Prometheus Operator to deploy Prometheus and Grafana to monitor a Kubernetes cluster.

• unfor19/kubernetes-localdev: great tutorial that shows how to create a local Kubernetes development environment on macOS or Windows and WSL2, including HTTPS/TLS and OAuth2/OIDC authentication.

• A brief overview of the Container Network Interface (CNI) in Kubernetes: understand where the CNI fits into the Kubernetes architecture.

• Evolving Kubernetes networking with the Gateway API: it was at Kubecon 2019 San Diego when a passionate group of contributors gathered to discuss the evolution of Ingress. The discussion overflowed to the hotel lobby across the street and what came out of it would later be known as the Gateway API.

• Kubernetes 1.21: Metrics Stability hits GA: Kubernetes 1.21 marks the graduation of the metrics stability framework and along with it, the first officially supported stable metrics. Not only do stable metrics come with supportability guarantees, the metrics stability framework brings escape hatches that you can use if you encounter problematic metrics.

🔐 Security

• Making the Internet more secure one signed container at a time: until now, there just hasn’t been an easy way to verify that images are what they claim to be. Introducing Cosign!

💻 Programming

• How we ship code faster and safer with feature flags

• CSRF, CORS, and HTTP Security headers Demystified: programmers often do not have a strong grasp of how attacks work and how to mitigate them. This post attempts to close that gap a little.

• A brief history of Rust at Facebook

🐧 Linux

• Building containers by hand: The PID namespace: the PID namespace is an important one when it comes to building isolated environments. Find out why and how to use it.

• Linux bans University of Minnesota for sending buggy patches on purpose

• Understanding Sockets: learn about the different types of sockets that are used for inter-process communication.

• “Shared libraries are not a good thing in general” by Linus Torvalds

🚢 Leadership

• How to Successfully Hand Over Systems: “who will take ownership of the systems that were owned by a team that doesn’t exist anymore or that are better suited to be owned by another team? It’s in everyone’s interest that the ownership be given to a team familiar with the system’s domain, so that they can continue the maintenance and evolution.”

• OKRs v KPIs - How they work together

• Manageable On-Call for Companies without Money Printers: Google SRE-style on-call, but for all sorts and sizes of software teams.

☁️ Cloud

• Why We Built Our Own DNS Infrastructure

• How Facebook encodes your videos: people upload hundreds of millions of videos to Facebook every day. Making sure every video is delivered at the best quality means optimizing not only when and how our video codecs compress and decompress videos for viewing, but also which codecs are used for which videos.

AWS

• AWS announces a price reduction for Amazon Managed Service for Prometheus: pricing for metric samples ingested has been reduced by up to 84%.

• Introducing AWS Toolkit for Visual Studio support for AWS SSO and Assume Role with MFA

• Amazon EBS Container Storage Interface (CSI) driver is now GA

• EC2 enables replacing root volumes: the Replace Root Volume feature enables customers to replace the root volume for a running instance. The feature restores the root volume of an instance to its launch state, or to a specific snapshot, without stopping the instance.

• My Comprehensive Guide to AWS Cost Control: in this article I’m going to walk you through my experience managing AWS costs at GumGum. It has three distinct stages: tracking and understanding costs, using those insights to reduce costs and the risk of making cost-saving changes, and then integrating these cost insights into our processes.

• DevOps Guru is now GA with additional capabilities: for the sake of our jobs, let’s all agree to never speak about this service again.

• A serverless email server on AWS using S3 and SES: necessity is the mother of invention: “this stack was created out of frustration due to the fact that to this day there’s no easy way to have a full email server without the overhead of installing and configuring all servers needed to handle incoming and outgoing messages. We wanted something simple, with no interface and no server management, so we came up with S3-Email.”

• AWS Latency Monitoring: round trip ping times between all AWS regions.

Article version: 1.0.0