CodeIsGo.com

Observability-driven DevOps and SRE automation can help enterprises achieve SLO goals and reduce MTTR. But, how do you get started? By Rob Jahn.

We refer to this culture and practice as observability-driven DevOps and SRE automation. The article discusses:

• The role of observability within DevOps
• The results of observability-driven DevOps speak for themselves
• 5 steps to achieve observability-driven automation
• Gain visibility into your existing releases
• Report and act upon SLOs for your critical services
• Automate release validation through SLO health scoring
• Speed up existing delivery pipelines through SLO-driven orchestration
• Reduce MTTR through SLO-driven remediation

Automating and orchestrating DevOps remediation action and incident response starts by adopting and integrating SLOs within enterprise processes. This automation also relies on integrating tools for releases, notifications, and incident management. This connection empowers platform and site reliability engineers to automate release validation, improve resiliency engineering, support multi-stage delivery, and incorporate automated problem remediation. Good read!

People expect exceptional performance when they access your site. They want quick load times, stable layouts and quick interactivity, regardless of whether they’re on desktop or mobile. By Ben Schwarz.

However, there are a near-limitless number of ways you could try to measure web performance, and some are far better than others. These 7 website performance metrics allow you to understand how your web page performs across several different page load aspects:

• Largest Contentful Paint (LCP)
• Cumulative Layout Shift (CLS)
• Total Blocking Time (TBT)
• Interaction to Next Paint (INP)
• Time to First Byte (TTFB)
• Number of Third Party Scripts
• Time to Interactive (TTI)
• Commonly tracked metrics you should avoid

Too much data can be just as harmful as not enough. For that reason, you need to ensure you’re only tracking the best possible website performance metrics. These three metrics are often tracked but should be avoided: First Input Delay, First Meaningful Paint, Performance Score. Interesting read!

A four-year-old company is coming to market soon with an unexpected technology to cool CPUs and SoCs. Frore Systems has developed a cooling chip it calls AirJet that sits on top of a heat-generating chip and cools it without the need for mechanical fans. By Josh Norem.

It’s 2.8mm thick and uses pulsating inlets to suck air into it and exhaust it out the sides. The company claims its “solid-state” cooling solution allows for double the CPU performance compared with using traditional methods. It’s secured $100 million in funding and is now partnering with Intel to bring its technology to the company’s Evo line of laptops.

The AirJet is designed to deal with the ever-shrinking nature of our electronic devices. As phones, tablets, and laptops get smaller, cooling them becomes more difficult. When insufficient cooling is applied, a CPU will throttle, lowering its clock speeds to reduce temps. This naturally results in decreased performance. Frore Systems claims its AirJet tackles this problem better than a fan, without taking much room inside the device. The heart of the issue is how long a CPU can maintain its maximum clock speed with peak power consumption.

According to CEO Dr. Seshu Madhavapeddy in an interview with PCWorld, a 1.8GHz ARM processor with four AirJet Minis will be able to run at 3.5GHz “forever.” An AirJet Pro that’s made for x86 could run at PL1 at 2.1GHz instead of 1.4GHz with a fan. Additionally, the AirJet in a 15-inch laptop would produce just 29 dBA of sound, instead of 42 dBA with a fan. Interesting read!

Blockchain is changing the way the world stores and moves its information. Building on our commitment to help Web3 developers build and deploy new products on blockchain-based platforms, today we’re thrilled to announce Google Cloud’s Blockchain Node Engine. By Amit Zavery, James Tromans.

While self-managed nodes are often difficult to deploy and require constant management, Blockchain Node Engine is a fully managed node-hosting service that can minimize the need for node operations. Web3 companies who require dedicated nodes can relay transactions, deploy smart contracts, and read or write blockchain data with the reliability, performance, and security they expect from Google Cloud compute and network infrastructure.

With Blockchain Node Engine, Web3 organizations enjoy the following benefits:

• Streamlined provisioning
• Secure development
• Fully managed operations

Google Cloud actively monitors the nodes and restarts them during outages as needed. By reducing the need for a dedicated DevOps team, and by offering Google Cloud’s service level agreement (SLA), Blockchain Node Engine can let your team focus on your users instead of your infrastructure. Interesting read!

Automation allows you to apply compliance and security policies consistently across your servers, verify compliance, and remediate servers. By Ricardo Gerardi.

In his article 5 ways to harden a new system with Ansible, sysadmin sudoer Anthony Critelli walks through developing an Ansible playbook to secure a new Linux server. He shows how to use Ansible to patch the system, lock remote access, disable unused software and services, and do other useful tasks. Further in the tutorial:

• Ensure your firewall is up and running
• Ensure SELinux is enabled and enforcing
• Enable kernel security parameters
• Disable ICMP
• Enable system auditing
• Security is a journey

The topics in this article are good starting points for improving your server’s security. You may not make your server completely secure, but you’re making it safer. Ensuring your firewall is running, SELinux is enforced, and network access is tightened are basic security measures. In many cases, taking care of the basics greatly protects your systems. Full playbook is also attached for your exploration!

Building, testing, and monitoring applications in the cloud is a unique challenge. While many organizations have embraced a DevOps methodology, their DevOps machine is still not at the level of maturity they might like it to be. According to a recent survey, 53% work on a team with a ’low level’ of DevOps based on maturity factors. By Dave Armlin.

A big part of achieving cloud DevOps maturity is selecting the right tools for the job. The following tools help automate various parts of the CI/CD pipeline, and make it much easier for DevOps teams to consistently monitor their AWS cloud infrastructure and applications. As with a lot of AWS services, there are several native DevOps tools for AWS users. These services make it easier to provision and manage AWS infrastructure, deploy application code, automate software releases, and monitor the performance of applications and infrastructure.

The article then pays attention to these tools:

• Native AWS cloud DevOps tools
  • AWS CodePipeline
  • AWS CodeBuild
  • AWS CodeDeploy
  • AWS CodeStar
• DevOps tools for AWS and multi-cloud environments
  • CircleCI
  • Snyk
  • HashiCorp Terraform
  • Jira Software
  • Gradle
  • ChaosSearch

To sum up, while AWS offers many native DevOps tools to accelerate the application development and delivery lifecycle, these essential tools may increase your team’s capacity to leverage automation. Ideally, you’ll be able to automate and orchestrate your CI/CD pipeline and cut down on day-to-day DevOps management challenges. Links to further reading also in the article. Nice one!

There are methods to improve API design — like following RESTful practices. But time and again we are seeing customers unknowingly program minor inconveniences into their APIs. To help you avoid these pitfalls, here are six of the most common mistakes we have seen developers make while creating the API — and guidance on how to get it right. By Varun Krovvidi,Geir Sjurseth.

Practices for REST APIs mentioned in the article:

• Thinking inside-out vs outside-in
• Making your APIs too complex for users
• Creating “chatty” APIs with too many calls
• Not allowing for flexibility
• Making design unreadable to humans
• Know when you can break the RESTful rules

Being true to the RESTful basics — such as using the correct HTTP verbs, status codes, and stateless resource-based interfaces — can make your customers’ lives easier because they don’t need to learn an all new lexicon, but remember that the goal is just to help them get their job done. If you put RESTful design first over user experience, then it doesn’t really serve its purpose. Nice one!

Facebook developed GraphQL during their quest to find a better and more flexible way to work across their data. They found that they could achieve this flexibility with a query-based approach. By defining a schema that the queries can run against, an API based on GraphQL enables clients to make fewer requests while still being able to work with as much (or as little) of the data that’s exposed through the query as desired. By Vince Power.

When it comes to building a GraphQL API, there are multiple frameworks to choose from across multiple technologies. It should come as no surprise that GraphQL is also fully supported by Python. In this tutorial, we will use a Python package called Graphene to walk you through the process of setting up a GraphQL server in Python.

In the article you will find:

• What is Graphene in Python?
• Install the GraphQL APIs Python environment
• Set up Flask web server
• Building a Graphene schema
• Testing the GraphQL API
• GraphQL and Python

GraphQL has been embraced by technology leaders from Netflix to Shopify to PayPal as the modern way to do APIs, offering far more flexibility and speed than REST or SOAP, and making it ideal for both web and mobile applications. Simple GraphQL APIs are quick and easy to build in just about any language, but as this exercise has shown, Python and Graphene can give you a real headstart on developing GraphQL-based APIs. Good read!

How to scrape data from amazon.com with Bright Data’s data collectors, and create a product search API that you can deploy to the web and monetize it. By Oskar Petr.

APIs (application programming interfaces) are a way of communication between two or more computers, with the intention of passing requested data from one computer to another. APIs can share a piece of document that can later be accordingly reacted to by the requesting computer.

The article then will walk you over:

• Why is it important that companies should make use of APIs?
• Who can benefit from the existence of an API?
• Data collectors
• Creating the application
• Deploying an API
• Is it legal to scrape the web
• Where to deploy and monetize your API?

Web scraping is used for data extraction from websites’ DOM element values. Scrapers, who scrape the web, can be given a direct path to certain elements in the DOM structure and extract the element’s value. Collected values can be then passed onto the API’s response. Creating your API with the power of scraping information from the web is making your business a lot more powerful in the side of transferring information, collecting it and in developer experience. Good one!

Palo Alto Networks eliminated the MQ layer for a project that correlates events in near real time, using an existing database instead of Kafka. By Cynthia Dunlop.

Global security provider Palo Alto Networks processes terabytes of network security events each day. It analyzes, correlates and responds to millions of events per second — many different types of events, using many different schemas, reported by many different sensors and data sources. One of its many challenges is understanding which of those events actually describe the same network “story” from different viewpoints.

The main points worth mentioning in the article:

• Evolving from Events to Stories
• Implementation 1: Relational database
• Implementation 2: NoSQL + message queue
• Implementation 3: NoSQL + Cloud-managed message queue
• Implementation 4: NoSQL (ScyllaDB), no message queue

According to authors the company reduced the operational complexity because tehy did not add another system — they actually removed a system [Kafka] from our deployment. Nice one!