This is Infra Weekly Newsletter, a newsletter about infrastructure, cloud, DevOps, automation, servers, Linux and related subjects.
About CodeQL
CodeQL can be used to run security checks and automate the discovery of vulnerabilities and bugs.
https://codeql.github.com/docs/codeql-overview/about-codeql/
Being on-call sucks
A quite biased post on being on-call but he is listing what actions we should follow to improve reliability.
https://bobbiechen.com/blog/2022/7/20/being-on-call-sucks
How to Move Beyond a Monolithic Data Lake to a Distributed Data Mesh
I see an increase in articles on Data mesh. This is an original article where this concept is coming from.
https://martinfowler.com/articles/data-monolith-to-mesh.html#DomainDataAsAProduct
What's your Kubernetes nightmare?
A fascinating thread about issues running Kubernetes in production.
https://news.ycombinator.com/item?id=31892384
MetalLB
A load-balancer for bare metal installations of k8s clusters.
This is a list of compatible networks.
https://metallb.universe.tf/installation/network-addons/
You also need BGP routers.
Quagga Routing Suite
Since I am talking about BGP, Quagga is probably the most famous solution on Linux.
Best routing solution for Linux
From my personal experience, VyOS (Open Source VyataOS) is the best router based on Linux.
Another load balancer for Kubernetes
https://purelb.gitlab.io/docs/
Rook
A kubernetes storage provider integrating with NFS and Ceph.
Persistent Storage with Longhorn
Another storage solution for Kubernetes
https://rancher.com/products/longhorn
Mirantis acquires amazee.io
ZeroOps Application Delivery Hub for K8s, Built by Developers for Developers.
https://www.mirantis.com/blog/mirantis-amazee_io/
Hints about SUSE's 'Adaptable Linux Platform' emerge
Suse is using a solution to run and update Linux similar to CoreOS and Talos Linux, using containers and atomic updates.
https://www.theregister.com/2022/07/26/suse_adaptable_linux_platform/
libostree
The core OSTree model is like git in that it checksums individual files and has a content-addressed-object store. It’s unlike git in that it “checks out” the files via hardlinks, and they thus need to be immutable to prevent corruption. Therefore, another way to think of OSTree is that it’s just a more polished version of Linux VServer hard links.
https://ostreedev.github.io/ostree/
7 biggest Kubernetes security mistakes
A simple list of good advice to keep in mind.
https://www.infoworld.com/article/3667277/7-biggest-kubernetes-security-mistakes.html
Rewriting the heart of our sync engine
Dropbox story on rewriting their sync engine.
https://dropbox.tech/infrastructure/rewriting-the-heart-of-our-sync-engine
RKE2
RKE2, also known as RKE Government, is Rancher's next-generation Kubernetes distribution.
Kubernetes in Action
I heard good things about this book.
https://www.manning.com/books/kubernetes-in-action
Kubernetes up and running
VMware also distributes a free version.
https://www.oreilly.com/library/view/kubernetes-up-and/9781491935668/
Programming Kubernetes
A more advanced title on Kubernetes and how to develop applications on it.
https://learning.oreilly.com/library/view/programming-kubernetes/9781492047094/
Karpenter
Scaling management for k8s clusters.
Manage Kubernetes with Jsonnet
It has a long list of tools.
https://jsonnet.org/articles/kubernetes.html
k9s
K9s is a terminal-based UI to interact with your Kubernetes clusters. The aim of this project is to make it easier to navigate, observe and manage your deployed applications in the wild. K9s continually watch Kubernetes for changes and offers subsequent commands to interact with your monitored resources.
Kubernetes Failure Stories
Proxmox Provider
Terraform provider for Proxmox, you can create LXC containers too.
https://registry.terraform.io/providers/Telmate/proxmox/latest/docs
Why Intuitive Troubleshooting Has Stopped Working for You
Systems are more complex and debugging infrastructure is more difficult, according to this article.
https://www.honeycomb.io/blog/why-intuitive-troubleshooting-stopped-working/
Application Architecture: A Quick Guide for Startups
Cockroach Labs talk about the evolution of infrastructure as it scales.
https://www.cockroachlabs.com/blog/startup-reference-architecture/
AWS Auto Cleanup
AWS Auto Cleanup helps clean up your AWS resources, keeping your AWS accounts neat and tidy whilst reducing costs. AWS Auto Cleanup uses a combination of user-defined allowlists and time-based policies to delete resources that are no longer needed.
https://github.com/servian/aws-auto-cleanup
How to create a Python package in 2022
It is based on Poetry, which is my favourite at the moment.
https://mathspp.com/blog/how-to-create-a-python-package-in-2022
That’s all. I will take a two-week vacation.