× Want to read this newsletter every week?! × 👋  Join FAUN
 
DevOps Weekly Newsletter, DevOpsLinks. Curated DevOps news, tutorials, tools and more!
🌐 View in your browser.   |  ✍️ Publish on FAUN   |  🦄 Become a sponsor
 
Last week's must-read news and stories from the DevOps community
DevOpsLinks
 
 
⭐ Patrons
 
workos.com workos.com
 
WorkOS: sell to enterprises with a few lines of code
 
 

WorkOS is a modern identity platform for B2B SaaS apps.

→ A complete user management solution along with SSO, Directory Sync (SCIM), and Fine-Grained Authorization (FGA).
→ Modular and easy-to-use APIs allow integrations to be completed in minutes instead of months.
→ High-quality documentation and seamless onboarding for your users eliminate unnecessary complexity for your engineers.
→ Free user management up to 1 million MAUs.

WorkOS powers some of the fastest growing companies like Perplexity, Vercel, Webflow, and more.

Start integrating today

 
 

👉 Spread the word and help developers find you by promoting your projects on FAUN. Get in touch for more information.

 
ℹ️ News, Updates & Announcements
 
aws.amazon.com aws.amazon.com
 
Amazon Aurora PostgreSQL Limitless Database is now generally available
 
 

Amazon Aurora PostgreSQL Limitless Database offers horizontal scaling through serverless sharding to enhance write throughput and storage capacity, utilizing routers and shards to manage SQL connections and data distribution among sharded, reference, and standard tables, while maintaining PostgreSQL compatibility, across a broad set of global AWS regions.

 
 
aws.amazon.com aws.amazon.com
 
Introducing Express brokers for Amazon MSK to deliver high throughput and faster scaling for your Kafka clusters
 
 

With the launch of Express brokers in Amazon MSK, enjoy up to three times more throughput with fewer brokers, scale 20 times faster, experience 90% quicker recovery during failures, benefit from hands-free storage management without preprovisioning, and manage clusters effortlessly using preconfigured Kafka best practices—all while ensuring the same low latency and resilience in mission-critical applications.

 
 
www.bbc.com www.bbc.com
 
Three Mile Island nuclear site to reopen in Microsoft deal
 
 

Microsoft's 20-year deal with Constellation Energy to purchase power from a reopened Three Mile Island plant, independent of the notorious 1979 accident site, signifies a bold shift to carbon-free nuclear energy as tech giants like Amazon explore similar paths for AI-driven data centers, requiring regulatory approval and promising $1.6 billion in facility upgrades to revive this once unprofitable but potentially lucrative energy source.

 
 
www.phoronix.com www.phoronix.com
 
Debian 12.8 Released With Many Bug Fixes & Security Updates
 
 

Debian 12.8 updates "Bookworm" with critical security and bug fixes, including btrfs-convert checksum error corrections, expanded cloud-init support, glibc improvements, Linux kernel enhancements, Node.js build corrections, and important OpenSSL vulnerability fixes, emphasizing its role as a routine maintenance update.

 
 
techcommunity.microsoft.com techcommunity.microsoft.com
 
GitHub Copilot for Azure: 6 Must-Try Features
 
 

GitHub Copilot for Azure in Public Preview enhances development efficiency by deeply integrating with Visual Studio Code to assist with tasks like deploying containerized applications on Azure, navigating AI models, and managing cloud migrations, all through intuitive natural language prompts without leaving the IDE.

 
 
 
🐾 From FAUNers
 
faun.pub faun.pub
 
12 Tools that will make Kubernetes management easier in 2024
 
 

Kubernetes' complexity often baffles even experts, but 12 crucial tools like Keda for event-driven autoscaling, Devtron for seamless app deployment, and OpenCost for cost monitoring offer solutions by enhancing efficiency, security, and resource optimization.

 
 
faun.dev faun.dev
 
XZ Backdoor: “That was a close one”
 
 

Backdoor inserted into library liblzma in xz compression tools and libraries resulting in backdoor in SSH. Advanced software supply chain attack using obfuscation and stealth techniques for hiding attack payload, affecting pre-release versions of DEB and RPM packages for x86_64 Linux. Attack allows remote command execution with privileges of SSH daemon, emphasized by CVSS base score of 10. Discovery made by PostgreSQL developer Andres Freund through anomalies in SSH logins. Incident handled by cautious disclosure and containment measures by Red Hat, industry reacting promptly with detection rules published.

 
 
faun.dev faun.dev
 
Scaling Prometheus: Tips, Tricks, and Proven Strategies   ✅
 
 

Scaling Prometheus isn't plug-and-play, especially as Kubernetes clusters and microservices grow. The underlying architecture includes components like the Time Series Database, Scraper, and PromQL Engine. Strategies for scaling include vertical scaling, horizontal scaling through federation, and advanced solutions like Thanos and Cortex. The pull model allows Prometheus to actively scrape metrics from endpoints for precise monitoring, while optimization tips help keep Prometheus running smoothly. Monitoring key metrics like TSDB, scrape performance, and query performance is crucial for troubleshooting common issues like high memory usage or slow queries. With the right strategies, Prometheus can effectively scale to fit the needs of growing infrastructure.

 
 

👉 Create your FAUN Page if it's not done yet and start sharing your blog posts, news, and tools on FAUN Developer Community, collect badges and more!
 

 
🔗 Stories, Tutorials & Articles
 
rootly.com rootly.com
 
The Unofficial SRE Track for KubeCon NA '24   ✅
 
 
KubeCon North America features over three hundred technical talks, including case studies on scaling reliability and the impact of AI on SRE teams. Rootly will have a significant presence at the conference, with a booth in the Solutions Showroom and various events throughout the week. Additionally, sessions on topics like AI-based tracing solutions and optimizing LLM efficiency on Kubernetes will offer actionable insights for SREs attending KubeCon.
 
 
cloudflare.com cloudflare.com
 
Cloudflare’s perspective of the October 30 OVHcloud outage   ✅
 
 
Cloudflare observed a significant traffic drop starting at 13:21 UTC during the October 30 OVHcloud outage, with peered traffic volume falling significantly and a spike in traffic routed to the Amsterdam data center. OVHcloud's outage was attributed to an issue in a network configuration pushed by a peering partner, leading to a route leak that impacted both Cloudflare and OVHcloud. Worldstream later acknowledged a route leak on their network caused by a configuration error, affecting routes advertised to all peers.
 
 
spacelift.io spacelift.io
 
Terraform Files - How to Structure Terraform Project
 
 
Terraform configurations can be organized by services or components for ease of root cause analysis and environment consistency, using variables to manage scaled environments with .tfvars files; Spacelift further simplifies by providing CI/CD automation, workspace management, and integrated module registry for seamless infrastructure provisioning.
 
 
techcommunity.microsoft.com techcommunity.microsoft.com
 
Modernize your legacy apps with minimal code changes using sidecars
 
 

Azure App Service's general availability of Sidecars enables app modernization by allowing enterprises to add AI, logging, and security capabilities without major code rewrites, enhancing legacy app performance and integrating new functions through a containerized sidecar pattern, facilitating deployments like lightweight Phi-3 SLM integrations for edge computing and Redis caching for increased efficiency.

 
 
medium.com medium.com
 
How we avoided an outage caused by running out of IPs in EKS   ✅
 
 

Adevinta's platform team narrowly avoided a severe IP exhaustion outage during an EKS migration by creatively implementing a custom networking configuration with Secondary CIDR after experimenting with alternatives like Cilium and IPv6, ultimately revealing critical insights for scaling and capacity planning in large AWS environments.

 
 
blog.preyneyv.dev blog.preyneyv.dev
 
I Waited 10 Billion Cycles and All I Got Was This Loading Screen   ✅
 
 

Modern software, despite running on exceptionally fast hardware capable of powering advanced 3D simulations, often feels sluggish due to the reliance on inefficient web technologies; while web-based tools like Figma show off astounding performance by harnessing WebAssembly and WebGL, many apps, especially those built with Electron, suffer from bloat and poor optimization, highlighting that the real culprit isn't the technology but rather the lack of care in crafting fast, elegant experiences.

 
 
www.theregister.com www.theregister.com
 
Hackers love GitHub dorks - SecOps love outsmarting them   ✅
 
 

GitHub's rapid expansion creates an attractive target for threats, with 12.8 million secrets leaked last year, making GitGuardian's free GitHub Security Audit an essential tool for assessing exposure, with features like comprehensive developer footprint analysis, attack surface quantification, and zombie leak identification to bolster organizational security.

 
 
www.theregister.com www.theregister.com
 
Windows Server 2025 snafu was like a supply chain attack
 
 

Microsoft's blunder—a mislabeled Windows Server 2025 upgrade as a security patch—reveals the peril of automation gone awry when paired with human error, spotlighting fragile update processes that still rely on legacy systems or closed-source methodologies, and underscores the urgent need for a universal, open framework to reliably manage updates and unravel the chaos of package management.

 
 
blog.brixit.nl blog.brixit.nl
 
Building a timeseries database for fun
 
 

Frustrated with the complexity and performance overkill of timeseries databases for simple tasks, the author rolled out a Python Flask application with a SQLite backend that mimics Prometheus API functionalities, integrating easily with Grafana for clear, daily-aligned charting and efficient data aggregation for IoT devices, though further refinement and a potential rewrite in Go may be needed for enhanced scalability.

 
 
www.srvrlss.io www.srvrlss.io
 
Local Serverless Development with LocalStack and Terraform
 
 

LocalStack offers an efficient local development environment by emulating AWS services, allowing developers to prototype applications like a Spring Boot backend with React frontend—handling CRUD operations on shipment data—without AWS dependency, using Terraform to seamlessly transition identical infrastructure to AWS, thus minimizing integration issues and reducing costs.

 
 
gitpod.io gitpod.io
 
We’re leaving Kubernetes
 
 
After six years of wrestling with Kubernetes for cloud development environments, Gitpod discovered that Kubernetes's inherent complexity, security concerns with arbitrary code, and unpredictable resource patterns make it ill-suited for development workspaces, leading to the birth of Gitpod Flex—a streamlined architecture ditching much Kubernetes infrastructure while ensuring zero-trust security, seamless devcontainer integration, and rapid self-hosted deployments.
 
 
 
💬 Discussions, Q&A & Forums
 
reddit.com reddit.com
 
How are you using AI in your testing?
 
 
Dealing with big data and comparing files with llama 3 without cloud power was useless. Llama forgot loaded files and basic responses were inaccurate, making it challenging to use for more advanced tasks. For simpler tasks like code documentation and generating smaller utilities, llama 3 has been helpful and time-saving.
 
 
 
⚙️ Tools, Apps & Software
 
github.com github.com
 
firecracker-microvm/firecracker-demo
 
 

A demo running 4000 Firecracker microVMs.

 
 
github.com github.com
 
synadia-io/nex
 
 

The NATS execution engine

 
 
github.com github.com
 
hyperlight-dev/hyperlight
 
 

Hyperlight is a lightweight Virtual Machine Manager (VMM) designed to be embedded within applications. It enables safe execution of untrusted code within micro virtual machines with very low latency and minimal overhead.

 
 
github.com github.com
 
liquidmetal-dev/flintlock
 
 

Lock, Stock, and Two Smoking MicroVMs. Create and manage the lifecycle of MicroVMs backed by containerd.

 
 
github.com github.com
 
dockur/windows
 
 

Windows in a Docker container.

 
 
github.com github.com
 
GoogleContainerTools/distroless
 
 

Language focused docker images, minus the operating system.

 
 

👉 Spread the word and help developers find and follow your Open Source project by promoting it on FAUN. Get in touch for more information.

 
🤔 Did you know?
 
 

Did you know that WhatsApp uses Erlang, a lesser-known programming language, to handle its massive messaging load? Erlang was chosen for its ability to manage real-time, highly concurrent systems, which is essential for WhatsApp’s over 100 billion daily messages. With just a small team of engineers, WhatsApp scaled to support billions of users globally, thanks to Erlang's fault-tolerant design and ability to seamlessly handle millions of simultaneous connections per server.

 
 
😂 Meme of the week
 
 
 
 
🗣️ Quote of the week
 
 

"Java is to JavaScript what Car is to Carpet" ~ Chris Heilmann

 
 
❤️ Thanks for reading
 
 
👉 Never miss an issue
Join FAUN Developer Community and subscribe to our newsletter here.

👋 Keep in touch and follow us on social media:
- 💼LinkedIn
- 📝Medium
- 🐦Twitter
- 👥Facebook
- 📰Reddit
- 📸Instagram

👌 Was this newsletter helpful?
We'd really appreciate it if you could share it with your friends! You can also donate to help us keep this newsletter going.

ℹ️ Have a question or feedback?
Feel free to reach out to us at community@faun.dev. We'd love to hear from you!

🤩 Want to sponsor our newsletter?
Reach out to us at sponsors@faun.dev and we'll get back to you as soon as possible.