#205 — February 27, 2019

Read on the Web

Web Operations Weekly

Top Ten Most Popular Docker Images Each Contain 30+ Vulnerabilities — Snyk, the security analysis folks, have been scanning Docker images en masse and discovered that many suffer from known vulnerabilities. Enjoy the whole report here, but the good news is upgrading base images will resolve most of the problems.

Lirin Tal

Massively Parallel Web Perf Testing on a Budget — This post goes into great detail about a specific use case where thousands of pages need to be tested quickly, why a serverless approach was chosen, and just how quick the end result is. (Psst.. we have a serverless newsletter if you like stuff like this.)

Stuart Sandine

Designing a Package Manager from the Ground Up - CircleCI Orbs — CircleCI recently launched a package manager just for CI: CircleCI orbs. If you're using orbs today and want to understand how to get the most from them, or if you're thinking about designing your own package management system, this post is for you.

CircleCI sponsor

k3s: Lightweight Kubernetes — From the folks behind RancherOS comes an interesting alternative build of Kubernetes that’ll work all the way down to a Raspberry Pi.

Rancher Labs

How to Roll a Super Cheap Kubernetes Cluster on AWS with kubeadm — Some bash and Terraform-based scripts that provision what the author believes is the ‘cheapest possible Kubernetes cluster’ on AWS. At a few bucks a month, I believe it.

Sam Weston

NGINX 1.15.9: Adds Dynamic Certificate Loading Support — This sounds like a minor release but support for variables in ssl_certificate and ssl_certificate_key directives could be of huge interest to you if you want to build paths to certificates dynamically.


💻 Jobs

Front End Developer✌️ in Beautiful Norway🎉 — Passion for React and GraphQL? Want to move to Norway?


Find a Job Through Vettery — Vettery specializes in developer roles and is completely free for job seekers. Create a profile to get started.


💬 Stories & Opinions

A Rough Guide to Terraform at SendGrid — A thorough write up of how SendGrid (the folks we send our newsletters through) uses Terraform at scale for provisioning and managing most of its infrastructure.

Steven Bogacz

How Datto is Issuing Let’s Encrypt Certificates for 65,000 Servers

Philipp Heckel

Multi-CDN Strategy for Improved Performance and Reliability — If you want to deliver an optimal video viewing experience, you may need an advanced CDN strategy such as introducing additional CDNs and performing dynamic CDN-selection.

Mux sponsor

▶  Audi Builds a Microservices Dashboard with NGINX Plus as an API Gateway on AWS

Timo Stark

Serverless Needs a Bolder, Stateful Vision — The programming model for serverless is still mainly limited to stateless functions — the so-called Function-as-a-Service (FaaS) model — which limits the range of use-cases supported.

Jonas Bonér

AWS API Performance Comparison: Serverless vs. Containers vs. API Gateway — Compares the performance of three different architectures running the same HTTP endpoint.

Alex DeBrie

Cloud Irregular: IAM Is The Real Cloud Lock-In“Forget Lambda and serverless: if you are doing anything at all in AWS besides using it as a fantastically overpriced datacenter, I pretty much guarantee you are deeply locked into IAM.”

Forrest Brazeal

Highly Available MySQL Clustering at WePay Using Orchestrator, Consul and HAProxy — WePay’s engineering team talks about their new highly available MySQL cluster built with HAProxy, Consul and Orchestrator. It improves upon their previous architecture by reducing any downtime from 30 minutes to 40-60 seconds.


Redis Turns 10: How It Started with a Single Post on Hacker News — The popular data structure server is a huge infrastructure favorite of mine for queues, message buses, and more.

Dave Nielsen (RedisLabs)

📣 Some vendor-y related news items

Azure Functions Gains First-Class Java Support — Azure’s serverless functions platform now has support for Java.
Asavari Tayal (Microsoft)

DigitalOcean Introduces General Purpose Droplets — Possibly confusingly named as they’re not the same as DO’s ‘Standard Droplets’ - these new droplets offer more performance for production workloads.

VMware Introduces 'Essential PKS' for Custom Kubernetes Deployments — A platform for organizations that want to build out custom deployments of Kubernetes, but also have access to expert support.
Susan Hall

🛠 Code & Tools

Amazon Personalize: Real-Time Personalization and Recommendation — A machine learning service that makes it easy for developers to create individualized recommendations for customers. Based on the tech Amazon itself uses.

Amazon Web Services

NetworKit: A Toolkit for Large-Scale Network Analysis from Python

Christian Staudt and Henning Meyerhenke

Pingu: A Slack Notifier for Long-Running Processes — A simple shell-based way to send a message on Slack when a process finishes.

Chris Rehn