Arrested DevOps

Conference content Videos of talks on YouTube Deserted Island DevOps Postmortem Shoutout to Tori Chu who both spoke and did the amazing in-game artwork and swag! Recaps Deserted Island DevOps Wrapup (FireHydrant Blog) Deserted Island DevOps Recap (Blameless) Press coverage RedMonk article VentureBeat article TechCrunch article Vice article TechRepublic article

Last time Aaron was on ADO ChaoSlinger Enter to win a free copy of the upcoming Security Chaos Engineering O’Reilly book

Helm.sh Celebrating Helm’s CNCF Graduation CNCF announces Helm graduation An Introduction to Helm - Matt Farina & Josh Dolitsky Phippy and Friends Keynote: Phippy Goes to the Zoo: A Kubernetes Story - Matt Butcher & Karen Chu - KubeCon North America 2018 Seven Hard Truths About Open Source Community Helm chart testing Helm hub Helm twitter Helm logo art credit: @flynnduism Banner image: @bridgetkromhout

Jessica and Matt spend a little time with Corey Quinn and Pete Cheslock of the Duckbill Group to dig into the mysteries of AWS billing, why product names are all terrible, and what exactly is a "cloud economist" anyway?

WebAssembly WASI Bytecode Alliance Krustlet Kubernetes Rust Kubelet on GitHub Introducing Krustlet, the WebAssembly Kubelet by Matt Fisher Kubernetes and waSCC by Brian Ketelsen waSCC capability that will make your ops folks cry - GitHub link to evil project (don’t install this) Kubernetes: A Rusty Friendship - Taylor Thomas WebAssembly meets Kubernetes with Krustlet by Ralph Squillace

Secure By Design Guests Dan Bergh Johnsson, Daniel Deogun, and Daniel Sawano join host Jessica Kerr to discuss their book Secure by Design. Daniel: “There’s a lot of good designs which come naturally to us as programmers but which has the interesting side effect that they also prevent security-related bugs.” Domain Primitives The panel discusses domain primitives as an example of coding practices that naturally provide security through good design. Dan Bergh: “It’s a good starting point to understand that using domain-driven design not only makes your code more expressive, solves more domain problems. Even though these designs were not crafted to address security to start with, they’ve also had that as a side effect.” Jessica: “I love that what you’re recommending in this part is to think harder about what you do want in the system, express that in the code, and suddenly a bunch of things that you don’t want in the system just aren’t.” Testing The panel talks about the ways in which testing contributes to secure design. Daniel Sawano: “It tends to be so much easier and more robust if you start defining your own domain types.” Immutability The panel discusses the benefits of immutability. Dan Berg: “It’s possible to…configure and mutate them until they are kind of safe-ish.” Jessica: “Kind of safe-ish?” Dan Berg: “Well, we are on a DevOps podcast.” Logging The panel talks about the security implications of logging practices. Daniel Deogan: “One thing that’s very important is that if you log input directly into your logs, it becomes an attack surface for second-order injection attacks.” Dan Bergh: “It’s a perfect launchpad for doing a really, really hard attack inside your system.” Daniel Deogan: “The common mistake that many developers do is that they more or less dump inputs blindly.” Jessica: “We have this illusion that logging is simple, but it isn’t.” Cloud Thinking The panel discusses the chapter on cloud thinking. Dan Bergh: “In a way, we’re instructing the system to become more intelligent.” Symmathesy! The book is available online in its entirety.

Pareto Inefficient Nash Equilibrium Systems Thinking Double-loop Learning

Check out A Minute on the Mic for bite-sized videos from experts on various topics! Laura Spring Live - March 19 Matt Failover Conf - April 21

Referenced in the show Patrick discussed his love for continuous learning and referenced some of his favorite books. The Ironies of Automation is a paper discussing how automation can expand problems rather than eliminate them. Promise Theory is an approach to coordinating actors and agents in a system about their intentions to each other in the form of promises. The model was originally proposed by Mark Burgess NoEstimates: How to Measure Project Progress Without Estimating is a 2016 book that explains the “No Estimates” Agile concept. A trip down memory lane with the very first DevOps Days Ghent back in 2009. Where you can find us Patrick KubeCon in London DevOps Talks Melbourne DevSecCon Sydney O’Reilly Infrastructure Conference Matt DevOpsDays NYC March 3rd - 4th SRECon Americas West March 24th - 26th Jeff Panda Express usually on Thursdays Open CFPs The CFP for devopsdays chicago will be open at the time of this publishing, so go to devopsdays.org/chicago to check it out!

Historical Context The panel discusses the origins of the book Team Topologies. The project started with a blog post. Matthew: “Back in 2013, I actually wrote a blog post in my personal blog. I actually wrote it in a rage.” In 2015, Manuel joined the team to help expand on the ideas from that blog post and create Devops Toplogies. Manuel: “What the hell are you calling a DevOps team? DevOps is not about creating a new team called DevOps.” DevOps Topologies The panel discusses the impact of DevOps Topologies and some of the companies that have used it, including Netflix and Conde Nast. Matthew and Manuel explain how the project has evolved over time as DevOps Topologies was being deployed in the real world. Matthew: “It’s not just a set of patterns or templates. We wanted to provide an organizational capability for detecting when things have changed and have gone wrong.” The panel discusses Conway’s Law and its implications for DevOps. Manuel: “Teams are the means of delivering value.” Flow! The panel discusses the importance of flow in both living systems and organizations. Manuel: “It’s a more experiment driven approach where we have this goal or this need we need to meet and then allowing the teams to find the right solution.” Jessica: “In modern systems, the flow is of changes to the flow of the product. It’s a very different level of work.” The panel discusses the need for different team configurations that are constantly evolving. Matthew: “It seems quite important to understand different kinds of dynamics in the organization at different times.” Three Team Interaction Modes The panel discusses the three team interaction modes laid out in the book: collaboration, as-a-service, and facilitation. Four Team Topologies The panel discusses the four team topologies in the book: value stream aligned teams, enabling teams, platform teams, and complicated subsystem teams. Jessica: “The limitation of a team is cognitive load. It’s not resources, it’s not pizza.” Manuel: “Although pizza is very appealing.” Manuel discusses Dunbar’s Number and how that concept can put useful constraints on teams. Buy the book! Episode images by Jessica Kerr. Show notes by Tyler Wilson.