Astrid Atkinson, director at Google, drew on their experiences over the last decade to present some rules and advice on engineering for the long term. The Velocity Conference 2015 attendees at Santa Clara learned that it's crucial to imagine that you're going to be wildly successful, that complexity mustn't be eliminated but managed and that the focus should be on scaling systems not teams.
Google have created a Kubernetes-based open source reference implementation that automates the building of custom Google Compute Engine VM images with Jenkins and Packer. The primary goal of this work is to demonstrate how to add image creation into a build pipeline for continuous delivery, and produce artifacts that may provide increased reliability and reduced speed of VM initialisation.
Capgemini are currently working on Apollo, an open source application platform built on top of the Apache Mesos cluster manager and Docker, which is designed to power next generation web services, microservices and big data platforms running at scale.
Forrester has come-up with a new definition of DevOps. Forrester has added an additional “S” for sourcing in the CALMS definition of DevOps. They believe that DevOps must be supported by a solid sourcing strategy to extend the ecosystem. This then brings them to the acronym of CALMSS.
New Relic has released a set of new features to its Software Analytics Platform. Service Maps is a real time visual map focused on services. Together with a tool for Docker monitoring, a database dashboard for NoSQL databases and an unified alerts platform, the company wants to reduce complexity in modern software architecture.
Lindsay Holmwood, Flapjack's creator, offers advice to enable fast, with quality, feedback loops and to support small, discrete changes. Holmwood asserts that to get quality feedback there are five main issues to think about: the CAP theorem; SLA definition; SLA validation; interfaces between services; data and infrastructure immutability.
Latest version of MemSQL, in-memory database with support for transactions and analytics, includes a new Community Edition for free use by organizations. MemSQL 4, released last week, also supports integration with Apache Spark, Hadoop Distributed File System (HDFS), and Amazon S3.
BanyanOps have published a report stating that ‘Over 30% of Official Images in Docker Hub Contain High Priority Security Vulnerabilities’, which include some of the sensational 2014 issues such as ShellShock and Heartbleed. The analysis also looks at user generated ‘general’ repositories and finds an even greater level of vulnerability.
Continuous Integration can help to find integration issues earlier and to visualize the status of the build to all involved. Integration problems can be detected at build-time in stead of run-time during testing and teams can get immediate feedback on changes that they made and on the impact on components that are developed by other teams.
Teams rarely consider success as a mode of failure, but not preparing for exceeding their goals can be just as dangerous as ignoring basic software and infrastructure needs. Mark Simms and Mark Souza discuss anti-patterns they've seen and some of the best ways to architect to win in spite of your own success.
Cisco is currently working on an open source ‘microservice-infrastructure’ project, which will support the continuous deployment of microservice-based applications, and is built upon technologies such as Mesos, Consul and Docker. Development is occurring primarily in the open, via the CiscoCloud Github account.
Flipboard recently reported on an in-house application of deep learning to scale up low-resolution images that illustrates the power and flexibility of this class of learning algorithms.
Google have released Google Compute Engine ‘preemptible’ virtual machines in beta, which are the same as normal instances with the exception that they are limited to a maximum 24 hour runtime, and may be shut down at any time. Preemptible VMs are offered at a fixed price, which is discounted up to 70% off the prices of normal instances.
The Netflix team has released FIDO -- an open source system for automatically analysing security events. Not to be confused with FIDO Alliance, Netflix's platform stands for Fully Integrated Defense Operation, the platform's Github describes FIDO as "an orchestration layer used to automate the incident response process by evaluating, assessing and responding to malware."
Users of the popular virtual machine tools Xen, KVM, VirtualBox, and QEMU are urged to patch their systems as soon as possible due to a newly found bug that exposes flaws in the code providing virtual floppy disk support. The VENOM vulnerability affects all operating systems that are hosting these environments.