DevOpsLinks

WorkOS is a modern identity platform for B2B SaaS apps.

→ A complete user management solution along with SSO, Directory Sync (SCIM), and Fine-Grained Authorization (FGA).
→ Modular and easy-to-use APIs allow integrations to be completed in minutes instead of months.
→ High-quality documentation and seamless onboarding for your users eliminate unnecessary complexity for your engineers.
→ Free user management up to 1 million MAUs.

WorkOS powers some of the fastest growing companies like Perplexity, Vercel, Webflow, and more.

Start integrating today

Microsoft's 20-year deal with Constellation Energy to purchase power from a reopened Three Mile Island plant, independent of the notorious 1979 accident site, signifies a bold shift to carbon-free nuclear energy as tech giants like Amazon explore similar paths for AI-driven data centers, requiring regulatory approval and promising $1.6 billion in facility upgrades to revive this once unprofitable but potentially lucrative energy source.

With the launch of Express brokers in Amazon MSK, enjoy up to three times more throughput with fewer brokers, scale 20 times faster, experience 90% quicker recovery during failures, benefit from hands-free storage management without preprovisioning, and manage clusters effortlessly using preconfigured Kafka best practices—all while ensuring the same low latency and resilience in mission-critical applications.

Amazon Aurora PostgreSQL Limitless Database offers horizontal scaling through serverless sharding to enhance write throughput and storage capacity, utilizing routers and shards to manage SQL connections and data distribution among sharded, reference, and standard tables, while maintaining PostgreSQL compatibility, across a broad set of global AWS regions.

Debian 12.8 updates "Bookworm" with critical security and bug fixes, including btrfs-convert checksum error corrections, expanded cloud-init support, glibc improvements, Linux kernel enhancements, Node.js build corrections, and important OpenSSL vulnerability fixes, emphasizing its role as a routine maintenance update.

GitHub Copilot for Azure in Public Preview enhances development efficiency by deeply integrating with Visual Studio Code to assist with tasks like deploying containerized applications on Azure, navigating AI models, and managing cloud migrations, all through intuitive natural language prompts without leaving the IDE.

Backdoor inserted into library liblzma in xz compression tools and libraries resulting in backdoor in SSH. Advanced software supply chain attack using obfuscation and stealth techniques for hiding attack payload, affecting pre-release versions of DEB and RPM packages for x86_64 Linux. Attack allows remote command execution with privileges of SSH daemon, emphasized by CVSS base score of 10. Discovery made by PostgreSQL developer Andres Freund through anomalies in SSH logins. Incident handled by cautious disclosure and containment measures by Red Hat, industry reacting promptly with detection rules published.

Scaling Prometheus isn't plug-and-play, especially as Kubernetes clusters and microservices grow. The underlying architecture includes components like the Time Series Database, Scraper, and PromQL Engine. Strategies for scaling include vertical scaling, horizontal scaling through federation, and advanced solutions like Thanos and Cortex. The pull model allows Prometheus to actively scrape metrics from endpoints for precise monitoring, while optimization tips help keep Prometheus running smoothly. Monitoring key metrics like TSDB, scrape performance, and query performance is crucial for troubleshooting common issues like high memory usage or slow queries. With the right strategies, Prometheus can effectively scale to fit the needs of growing infrastructure.

Kubernetes' complexity often baffles even experts, but 12 crucial tools like Keda for event-driven autoscaling, Devtron for seamless app deployment, and OpenCost for cost monitoring offer solutions by enhancing efficiency, security, and resource optimization.

After six years of wrestling with Kubernetes for cloud development environments, Gitpod discovered that Kubernetes's inherent complexity, security concerns with arbitrary code, and unpredictable resource patterns make it ill-suited for development workspaces, leading to the birth of Gitpod Flex—a streamlined architecture ditching much Kubernetes infrastructure while ensuring zero-trust security, seamless devcontainer integration, and rapid self-hosted deployments.

Modern software, despite running on exceptionally fast hardware capable of powering advanced 3D simulations, often feels sluggish due to the reliance on inefficient web technologies; while web-based tools like Figma show off astounding performance by harnessing WebAssembly and WebGL, many apps, especially those built with Electron, suffer from bloat and poor optimization, highlighting that the real culprit isn't the technology but rather the lack of care in crafting fast, elegant experiences.

KubeCon North America features over three hundred technical talks, including case studies on scaling reliability and the impact of AI on SRE teams. Rootly will have a significant presence at the conference, with a booth in the Solutions Showroom and various events throughout the week. Additionally, sessions on topics like AI-based tracing solutions and optimizing LLM efficiency on Kubernetes will offer actionable insights for SREs attending KubeCon.

Azure App Service's general availability of Sidecars enables app modernization by allowing enterprises to add AI, logging, and security capabilities without major code rewrites, enhancing legacy app performance and integrating new functions through a containerized sidecar pattern, facilitating deployments like lightweight Phi-3 SLM integrations for edge computing and Redis caching for increased efficiency.

Adevinta's platform team narrowly avoided a severe IP exhaustion outage during an EKS migration by creatively implementing a custom networking configuration with Secondary CIDR after experimenting with alternatives like Cilium and IPv6, ultimately revealing critical insights for scaling and capacity planning in large AWS environments.

Microsoft's blunder—a mislabeled Windows Server 2025 upgrade as a security patch—reveals the peril of automation gone awry when paired with human error, spotlighting fragile update processes that still rely on legacy systems or closed-source methodologies, and underscores the urgent need for a universal, open framework to reliably manage updates and unravel the chaos of package management.

Cloudflare observed a significant traffic drop starting at 13:21 UTC during the October 30 OVHcloud outage, with peered traffic volume falling significantly and a spike in traffic routed to the Amsterdam data center. OVHcloud's outage was attributed to an issue in a network configuration pushed by a peering partner, leading to a route leak that impacted both Cloudflare and OVHcloud. Worldstream later acknowledged a route leak on their network caused by a configuration error, affecting routes advertised to all peers.

Frustrated with the complexity and performance overkill of timeseries databases for simple tasks, the author rolled out a Python Flask application with a SQLite backend that mimics Prometheus API functionalities, integrating easily with Grafana for clear, daily-aligned charting and efficient data aggregation for IoT devices, though further refinement and a potential rewrite in Go may be needed for enhanced scalability.

Terraform configurations can be organized by services or components for ease of root cause analysis and environment consistency, using variables to manage scaled environments with .tfvars files; Spacelift further simplifies by providing CI/CD automation, workspace management, and integrated module registry for seamless infrastructure provisioning.

LocalStack offers an efficient local development environment by emulating AWS services, allowing developers to prototype applications like a Spring Boot backend with React frontend—handling CRUD operations on shipment data—without AWS dependency, using Terraform to seamlessly transition identical infrastructure to AWS, thus minimizing integration issues and reducing costs.

GitHub's rapid expansion creates an attractive target for threats, with 12.8 million secrets leaked last year, making GitGuardian's free GitHub Security Audit an essential tool for assessing exposure, with features like comprehensive developer footprint analysis, attack surface quantification, and zombie leak identification to bolster organizational security.

Dealing with big data and comparing files with llama 3 without cloud power was useless. Llama forgot loaded files and basic responses were inaccurate, making it challenging to use for more advanced tasks. For simpler tasks like code documentation and generating smaller utilities, llama 3 has been helpful and time-saving.

Windows in a Docker container.

A demo running 4000 Firecracker microVMs.

Lock, Stock, and Two Smoking MicroVMs. Create and manage the lifecycle of MicroVMs backed by containerd.

Hyperlight is a lightweight Virtual Machine Manager (VMM) designed to be embedded within applications. It enables safe execution of untrusted code within micro virtual machines with very low latency and minimal overhead.

The NATS execution engine

Language focused docker images, minus the operating system.

Did you know that WhatsApp uses Erlang, a lesser-known programming language, to handle its massive messaging load? Erlang was chosen for its ability to manage real-time, highly concurrent systems, which is essential for WhatsApp’s over 100 billion daily messages. With just a small team of engineers, WhatsApp scaled to support billions of users globally, thanks to Erlang's fault-tolerant design and ability to seamlessly handle millions of simultaneous connections per server.

"Java is to JavaScript what Car is to Carpet" ~ Chris Heilmann