DevOps has taken the world by storm, with more and more top companies using the methodology to ensure faster deployment and significantly improve product quality. DevOps practices keep evolving, so it’s important to be familiar with everything that happens in the world of DevOps. To ease your life, Profisea’s experts have prepared a new selection of the trending DevOps news to share with everyone who loves DevOps and works on DevOps projects. In this digest, you’ll find interesting news, updates, and articles for the DevOps & CloudOps community. Get ready for a new slice of DevOps stuff and continue reading to learn something new and useful today.
1. Google acquires Siemplify
At the beginning of January, Google announced the acquisition of Siemplify, a well-known security orchestration, automation, and response provider. It isn’t a big surprise as Siemplify seems to be a great addition to the Chronicle platform to help companies improve their threat responsе. According to Google, mixing a reliable SOAR capability with Chronicle’s cutting-edge approach is an important step forward in their vision in the security area. Amos Stern, CEO at Siemplify says: “Together with Chronicle’s rich security analytics and threat intelligence, we can truly help security professionals transform the security operations center to defend against today’s threats.” For more details, read the Google Cloud blog and Siemplify CEO Amos Stern’s blog.
2. Instance Tags on the Amazon EC2 Instance Metadata Service
An exciting update for Amazon customers! Now, instance tags are available on the EC2 Instance Metadata Service. Tags are really useful as they allow users to arrange the AWS resources in different ways (by owner, environment, or purpose). Previously, the instance tags were available by utilizing the describe-tags API or from the console, but now there is no need to use the DescribeInstance or DescribeTag API calls to get tag information as they can be accessed from the instance metadata. The feature is available in all commercial zones. To get started and learn more, check the EC2 user guide.
3. Let’s play with DNS
If you want to learn more about DNS or just to see how it works, here is a new tool, created by Julia Evans. She has built a site, called Mess With DNS where everyone can do experiments with DNS. The project is aimed to explain DNS in practice as Julia believes that the best way to learn about something is to play around and experiment. The site includes ready-made experiments you can try, or you can easily create your own experiments. Mess With DNS allows you to use a real subdomain and see a live stream of all DNS queries coming in for records on it (a “behind the scenes” view). This helps to understand how things work in DNS better. There are three types of experiments you can try here: “weird” experiments, “useful” experiments, and “tutorial” experiments. “Weird” experiments help to see what will happen when something goes wrong. You can make mistakes and break rules, then see how they play out with no consequences. The “tutorial” experiments will show you how to set some basic DNS records and can be helpful if you are new to DNS or just want to see how the site works. The“useful” experiments show realistic DNS tasks (for example, setting up a website or email). For more details, read Julia Evans’ blog post.
4. Metrics now available for AWS PrivateLink
A bunch of news metrics is available while using AWS PrivateLink for VPC Endpoints and VPC Endpoint Services. AWS PrivateLink is a networking component offered by Amazon Web Services (AWS) that simplifies and secures connectivity between Amazon Virtual Private Clouds (VPCs), other services hosted on AWS, and on-premises applications.
For PrivateLink Endpoint owners, this means metrics to:
- track traffic volume and number of connections through the endpoints
- monitor packet drops
- view connection resets (RSTs) by the service
Endpoint Service owners can:
- keep an eye on the number of bytes, connections, and resets (RSTs) for the Endpoint Service
- track the total number of endpoints connected to their service
- view metrics per connected-endpoint
Metrics are published at 1-minute intervals for all PrivateLink-based Endpoints and Endpoint Services and are available without any extra charges. Read the AWS blog post to learn more.
5. GitLab 14.7 released!
GitLab 14.7 was released on January 22, which means that more useful features are available. The new release comes with 25+ updates to make the experience with GitLab even better. Among key improvements are:
- GitLab Runner compliance with FIPS 140-2
- Streaming audit events
- Group access tokens
- The ability to delete labels in the Edit Label page
- GitLab UI identifies to administrators that a user is locked
- LDAP failover support
- Bulk delete artifacts with the API
- Runner status badges in Admin view
- Major Gitleaks performance improvements
- Backup and restore supports Terraform state files
Go to the GitLab blog to read more about the release, check the whole list of updates.
6. Roblox’s postmortem on October‘s 73-hour outage
If you missed Roblox’s postmortem on October‘s 73-hour outage, you can read it here. Even though the outage happened in October 2021, a detailed description of the case was published in January 2022. Roblox released a comprehensive overview of what happened and what chain of events led to the issues. The company also explained how they addressed the problem and what they are doing to prevent similar issues from happening in the future. Moreover, some improvements have already been made to improve reliability. For more details, visit the Roblox blog.
7. RedHat is introducing MicroShift
RedHat presented MicroShift, their own Kubernetes distribution designed for edge devices. This is a project RedHat is currently working on. The aim of the project is to tailor OpenShift for field-deployed edge computing devices, providing workload portability and consistent management experience. How does it work? MicroShift repackages OpenShift core components into a single light-weighted binary (160MB executable, with no compression or optimization. As a monolith, it offers an “all-or-nothing” start/stop behavior that works with systemd and allows fast (re)start times of several seconds. If you want to know more, watch the end-to-end provisioning demo video and read the Red Hat blog.
8. Google ends the G Suite legacy free edition
Google will completely shut down its G Suite legacy free edition that was introduced in 2006 after stopping new users from signing up for it in December 2012. According to the company, the free tier no longer will be available starting July 1, and current users must switch to paid subscriptions for the newer Google Workspace by May 1 to use their accounts and services. Google adds that it will automatically pick a subscription plan for those who don’t select one by the start of May, analyzing the current usage patterns when making the decision. The accounts that won’t fill in their billing information by July 1st will be suspended. Check the information from Google Workspace Admin Help for more details.
9. Amazon EMR on EKS releases Custom Image ValidationTool
Amazon EMR on EKS created a Custom Image Validation Tool that gives users an opportunity to run an automated set of tests to validate their customized docker container image. With EMR on EKS, users can create their own images that consist of specific packages, and libraries that are not available by default. And custom image support allows creating a self-contained docker image with the application and its dependencies for each use-case. The Custom Image Validation Tool can be downloaded from the AWS Labs repository on GitHub. To delve deeper into customizing images in EMR on EKS, check the documentation and blog.
10. Cloud adoption remains the top priority
A recent survey of 1,600 enterprise IT decision-makers from Aryaka demonstrated that 51% of respondents are planning to reduce their use of legacy data centers within the next 2 years as they move to the cloud. The report also delivers a lot of valuable insights on workplaces, cloud adoption, and several other areas, in the context of digital transformation accelerated by the COVID-19 pandemic. When it comes to network and security, the newest trends include the Secure Access Service Edge (SASE), with 64% using or planning to use it over the next year. For more interesting findings, download the full report.
11. Open Policy Agent (OPA) for better Policy as Code
Open Policy Agent (OPA) is a dynamic framework with multiple implementations in various systems, for example, Gatekeeper for Kubernetes.OPA provides a high-level declarative language that allows users to specify policy as code and APIs to offload policy decision-making from your software. At the same time, OPA can be used in various ways, including unit tests. OPA provides an amazing platform to create complex policies to detect many issues such as anomalies, misconfigurations, or poor practices. Here is an interesting article with real-world examples of parsing and extracting relevant datasets with and without OPA.
Wrapping things up
Profisea’s experts constantly collect the most interesting DevOps and Cloud news to share with you. Tell us what you want to see in our next digest and what topics we need to cover. Our team is busy preparing a new portion of valuable stuff for you. And if you are planning to move to the Cloud, are going to implement DevOps, or just want to learn more about DevSecOps, feel free to contact us. We are here to help you achieve your business goals with the best DevOps and Cloud practices in your hands.