InfoQ Homepage DevOps Content on InfoQ
-
Chef Extends OpsWorks Capabilities in AWS
Chef has announced new capabilities to address application lifecycle control concerns in containers in AWS. New functionality includes Chef Automate with integrated compliance and builds on AWS OpsWorks for Chef Automate announced in 2016. OpsWorks for Chef Automate provides a managed Chef server and suite of automation tools.
-
NIST Publishes Guidelines on Application Container Security
The National Institute of Standards and Technology (NIST) published a bulletin on application container technology and its most notable security challenges. The report is a summary of two previous bulletins outlining vulnerability areas including image, registry, orchestrator, container, host OS, and hardware, and their countermeasures.
-
Amazon GuardDuty: A Zero-Footprint Managed Threat Detection Service for AWS Accounts and Resources
At the AWS re:invent conference, the release of Amazon GuardDuty was announced - a managed threat detection service that continuously monitors for malicious or unauthorised behaviour. The service can be centrally managed, is “zero footprint”, and remediation scripts or AWS Lambda functions can be configured to trigger automatically based on GuardDuty findings.
-
Werner Vogels on “21st Century [Cloud] Architectures”: Availability, Reliability and Resilience
At the AWS re:invent 2017 conference, Werner Vogels, CTO of Amazon, presented a keynote that discussed core concepts required for building “21st Century Architectures” on the cloud. Highlights of the talk included discussion of the emerging practices of evolutionary and “cloud native” architectures, the role of security becoming everyone’s responsibility, and the benefits of chaos engineering.
-
AWS re:Invent Day 2 Keynote Announcements: Alexa for Business, Cloud9 IDE & AWS Lambda Enhancements
At the second keynote of the AWS re:invent 2017 conference, running in Las Vegas, Werner Vogels, CTO of Amazon, took to the stage to announce several new product releases: Alexa for Business; AWS Cloud9 IDE; and multiple enhancements to the AWS Lambda service, including traffic shifting, the doubling of available RAM, and a pre-announcement of .NET Core 2 and Golang language support.
-
Serverless Challenges in Hybrid Environments
Sam Newman, independent consultant and author of the book "Building Microservices", talked at the Velocity conference in London on the challenges faced when hybrid systems rely on both serverless architectures and traditional infrastructure. In particular, Newman discussed how serverless changes our notion of resiliency and how the two paradigms clash at times of high load in the system.
-
AWS re:Invent 2017 ML and IoT Announcements: Amazon SageMaker, AWS DeepLens & IoT Device Manager
At the AWS re:invent conference 2017, held in Las Vegas, USA, several new AWS machine learning (ML) and Internet of Things (IoT) products were released. Highlights include Amazon SageMaker - a fully-managed ML service that enables developers to “quickly build, train, and host ML models”; and IoT Device Manager - a service to securely onboard, monitor, and remotely manage IoT devices at scale.
-
What's New in MicroProfile 1.2
The Eclipse Foundation recently released MicroProfile version 1.2. New APIs added to this release include improved communications among microservices, response to system faults, and the JSON Web Toolkit (JWT). Emily Jiang, CDI and MicroProfile development lead at IBM, and Michael Croft, Java middleware consultant at Payara, spoke to InfoQ about this latest release.
-
AWS re:Invent 2017 Announcements: Managed Kubernetes, Serverless RDBMS & DynamoDB Global Tables
At the AWS re:invent 2017 conference, held in Las Vegas, USA, several new compute and storage features were announced, including: EKS, a fully managed Kubernetes service; AWS Fargate, a service to run containers without managing servers; Amazon Aurora Multi-Master; Amazon Aurora Serverless; DynamoDB Global Tables and on-demand backup; and Amazon Neptune, a fully managed graph database.
-
Post-Mortems Trends and Behaviors
Eric Siegler presented his findings at Velocity from analyzing data from 1000 post-mortems ran by 125 different organizations over a six month period. Main trends include the prevalence of blameless post-mortems; the fact that only 1 in 100 post-mortems refer to "human error"; and that analyzing the lifecycle of incidents can provide useful insights on weaknesses in the incident response process.
-
XebiaLabs Announce DevOps Intelligence Engine
XebiaLabs, the developers of Continuous Delivery and DevOps tooling XL Release and XL Deploy, has announced availability of the first release of XL Impact, a goal-based, data-driven recommendation and decision making tool for DevOps organisations. XebiaLabs claims this is the first tool of its kind and the capability is essential for organisations to prove DevOps performance improvements.
-
Kubernetes 1.8 Improves Security, Stability and Workloads
The Kubernetes team has released version 1.8, which focuses on improved security and better stability, and has moved the Workloads API to beta. New mature features include role-based access control (RBAC), support for volume mount options, allowing privilege escalation, and support for high-level volume operation metrics.
-
container-diff - an Open Source Tool from Google for Analyzing Differences between Docker Images
Google released an open source project called container-diff which can be used to analyze differences between Docker images. It supports file-system differences and is aware of changes brought about by the apt, npm and pip package managers.
-
Monitoring Microservices - A Prediction for 2018
The monitoring and distributed tracing of microservices has been a recognised challenge for a number of years. Recently Péter Márton, CTO of RisingStack, has written an article on experiences with various approaches including the OpenTracing initiative and has some recommendations, example code and makes a prediction or two about the future.
-
Creating and Enforcing "Policy as Code" with HashiCorp Sentinel
HashiCorp have released Sentinel, an embedded “policy as code” framework that is integrated within the HashiCorp Enterprise products. Sentinel enables “fine-grained, logic-based policy decisions” that can be used to automatically audit and enforce organisational, compliance or security policies when working with Infrastructure as Code and other HashiCorp platform tooling.