DevOps&SRE Library

Reliability Engineering for Air-Gapped Systems

All those systems were air-gapped, meaning the team that builds the software has no access to metrics, logs or runtime.

https://blog.alexewerlof.com/p/reliability-engineering-for-air-gapped

Why our Kafka consumers survived the day but died every night

It took us 4–5 incidents over several weeks to even recognise the pattern.

https://medium.com/@lokeshsoni/why-our-kafka-consumers-survived-the-day-but-died-every-night-8c9eb6ae528f

We Automated Everything Except Knowing What's Going On

AI collapsed the cost of building software, but the systems underneath are buckling.

https://eversole.dev/blog/we-automated-everything

Migrating Etsy's database sharding to Vitess

This database cluster contains most of Etsy's online data and is made up of ~1,000 tables distributed across ~1,000 shards.

https://www.etsy.com/codeascraft/migrating-etsyas-database-sharding-to-vitess

4 ways to use Argo CD and Terraform together

Terraform is the most popular solution for implementing Infrastructure As Code (IaC). The Terraform provider registry contains a very large collection of providers/integrations for all the major cloud providers and at the same time offers a wealth of integration for databases, networking components, Continuous Integration platforms etc. Argo CD is the leading solution for GitOps deployments on Kubernetes. In the last CNCF survey we found out that 60% of respondents use Argo CD in production. Although several guides currently exist that explain how to use each tool individually, there is limited information on how they can be combined. A lot of existing Terraform users adopt Argo CD and wonder: 1. What is the best way to pass variables from Terraform to Helm charts deployed with Terraform? 2. How to get secrets in Kubernetes applications that are generated/retrieved from Terraform? 3. When should the Terraform Helm and Kubernetes providers come into play if Argo CD already supports Kubernetes deployments on its own? 4. For which Kubernetes resources should Terraform be responsible and for which Argo CD? 5. What is the proper boundary between the two tools so that operators can use them to the maximum benefit? In this guide, we will answer all these questions and actually show you four different approaches for how Terraform and Argo CD can work together. Note that everything we say about Terraform also applies to OpenTofu.

https://octopus.com/blog/argocd-terraform-together

До сих пор разворачиваете PostgreSQL вручную? Сэкономьте силы для задач разработки. 21 марта в 16:00 (мск) пройдёт вебинар от MWS Cloud Platform, где эксперты компании расскажут, как получить готовую базу для бэкенда за несколько минут. Что будет в эфире: ⚫ облачный PostgreSQL: плюсы/минусы решения; ⚫ как устроен управляемый сервис в новом облаке от MWS Cloud; ⚫ машинерия под капотом бэкапов, автообновлений, switch и failover; ⚫ создадим кластер за несколько минут и настроим подключение. Вебинар будет интересен администраторам баз данных (DBA), бэкенд-разработчикам, DevOps- и SRE-инженерам, техническим лидам и архитекторам, владельцам продуктов и стартапам. Зарегистрироваться

Terraform Parallelism: How It Works, Tuning & Best Practices

In this blog post, we will explore Terraform parallelism: what it is, how to manage it, and best practices for configuring parallelism in Terraform.

https://spacelift.io/blog/terraform-parallelism

How to cut your Docker build time by 95%, Buildx, Caching & Layer Optimization

Docker builds taking forever? I cut mine from 8 min to 24 sec. Here's how using Buildx and caching.

https://arcnet.am/post/70

Safeguarding dynamic configuration changes at scale

How Airbnb ships dynamic config changes safely and reliably.

https://medium.com/airbnb-engineering/safeguarding-dynamic-configuration-changes-at-scale-5aca5222ed68

Automating RDS Postgres to Aurora Postgres Migration

In 2024, the Online Data Stores team at Netflix conducted a comprehensive review of the relational database technologies used across the company. This evaluation examined functionality, performance, and total cost of ownership across our database ecosystem. Based on this analysis, we decided to standardize on Amazon Aurora PostgreSQL as the primary relational database offering for Netflix teams.

https://netflixtechblog.com/automating-rds-postgres-to-aurora-postgres-migration-261ca045447f

nanobrew

A fast package manager for macOS and Linux. Written in Zig. Uses Homebrew's bottles and formulas under the hood, plus native .deb support for Docker containers.

https://github.com/justrach/nanobrew

nono

AI agents get filesystem access, run shell commands, and are wide open to prompt injections. The standard response is guardrails and policies. The problem is that policies can be bypassed — and guardrails can be talked out of. With nono, you don't have to. nono wraps your agent in a kernel-isolated sandbox in seconds — with API key protection, destructive action guardrails, and full snapshot/rollback built in. No hypervisor to configure. No container volume mounts, instead fine grained capability control to the file level. Zero latency overhead.

https://github.com/always-further/nono

InfraKitchen

An open-source platform from Electrolux that lets platform teams define reusable Terraform templates while enabling developers to self-serve multi-cloud infrastructure (AWS, Azure, GCP) via pull-request-driven continuous delivery, with audit logging and an MCP server for AI agent integration.

https://opensource.electrolux.one/infrakitchen

Terraform Drift Detection Powered by GitHub Actions

A zero-cost drift detection pipeline built entirely on GitHub Actions uses Terraform's native `-detailed-exitcode` flag to auto-discover root modules, run daily parallel plans, and open GitHub Issues when drift is detected — no external tools or paid services required, with OIDC for keyless AWS auth.

https://rosesecurity.dev/2025/12/11/terraform-drift-detection-with-github-actions.html

5 Suggestions to Upgrade your OpenTofu/Terraform & AWS Development Experience

Five practical DX improvements for daily OpenTofu/Terraform + AWS work: use `tenv` for seamless version switching, a `grep` alias to summarize plans quickly, `tflint` with cloud provider plugins for linting, `awsp` for fast AWS profile switching, and a customized shell prompt showing the current branch/workspace/profile at a glance to prevent costly wrong-context mistakes.

https://www.uturndata.com/insights/5-suggestions-upgrade-opentofu-terraform-aws-development-experience

Disappointing People Early

The post argues teams should make reliability targets, support limits, and roadmap uncertainty explicit early so customers and stakeholders do not build riskier implicit expectations.

https://log.andvari.net/disappointing-people-early.html

10 Real-World Status Page Examples: And What You Can Learn From Them

The post walks through ten status page examples and highlights clear communication, simple layouts, and expectation-setting details that help users during incidents.

https://uptimerobot.com/blog/10-real-status-page-examples

Вебинар: Механизмы защиты от переполнения диска в Databases Что делать, если диск переполнен? Экстренно очистить кэш пакетного менеджера или удалить старые логи, но важно другое. А как вообще не допускать таких ситуаций? Как построить систему хранения данных, чтобы не переплачивать за автомасштабирование, но обезопасить себя от простоев? Приходите на наш вебинар, чтобы узнать узнать больше про работу с дисками и поучаствовать в обсуждении актуальных кейсов. 16 апреля, 16:00 (мск) О чем будем говорить - Зачем нужны WAL, и что будет если их удалить - Какие существуют неочевидные причины переполнения дисков, как это влияет на доступность БД - Сколько стоят последствия даунтаймов. Какие есть инструменты, чтобы все исправить - Чек-лист инструментов, чтобы избежать переполнения WAL-диска: мониторинг, алертинг и профилирование нагрузки Кому будет полезен вебинар - DevOps/SRE-инженерам - DBA и инженерам сопровождения БД - архитекторам облачных решений - техническим лидам, отвечающим за стабильность сервисов Зарегистрироваться

Practical Considerations for AI Incident Reviews

The post argues AI-written incident reviews fail without rich cross-system data and human engagement because incident reviews are socio-technical learning work, not just document generation.

https://fgj.codes/posts/ai-incident-reviews

How Mastodon Runs OpenTelemetry Collectors in Production

At the beginning of 2025, the OpenTelemetry Developer Experience SIG published the results of its first community survey. One of the strongest themes was clear: teams want more real-world examples of how the OpenTelemetry SDKs and the OpenTelemetry Collector are actually used in production. To help close that gap, the SIG began collecting stories directly from end users—across industries, architectures, and company sizes. This post kicks off a new series focused specifically on organizations’ real world stories, starting with a small but uniquely challenging case. This first story features Mastodon, a non-profit organization operating at global scale with a remarkably small team.

https://opentelemetry.io/blog/2026/devex-mastodon