DevOps&SRE Library

Optimising Node.js Application Performance

In this post, I’d like to take you through the journey of optimising Aurora, our high-traffic GraphQL front end API built on Node.js. Running on Google Kubernetes Engine, we’ve managed to reduce our pod count by over 30% without compromising latency, thanks to improvements in resource utilisation and code efficiency. I’ll share what worked, what didn’t, and why. So whether you’re facing similar challenges or simply curious about real-world Node.js optimisation, you should find practical insights here that you can apply to your own projects.

https://tech.loveholidays.com/optimising-node-js-application-performance-7ba998c15a46

L4-L7 Performance: Comparing LoxiLB, MetalLB, NGINX, HAProxy

As Kubernetes continues to dominate the cloud-native ecosystem, the need for high-performance, scalable, and efficient networking solutions has become paramount. This blog compares LoxiLB with MetalLB as Kubernetes service load balancers and pits LoxiLB against NGINX and HAProxy for Kubernetes ingress. These comparisons mainly focus on performance for modern cloud-native workloads.

https://dev.to/nikhilmalik/l4-l7-performance-comparing-loxilb-metallb-nginx-haproxy-1eh0

🌐Роль и задачи DevOps в современном IT На открытом уроке рассмотрим: - что меняется в DevOps; - актуальные инструменты DevOps инженера; - сравним DevOps c SRE, Platform Engineer. После занятий вы будете знать: - в чем различия и пересечения между ролями DevOps и SRE (Site Reliability Engineering; - об актуальных трендах и изменениях в методологиях DevOps; - об актуальных инструментах DevOps инженера. 👉 Регистрация и подробности о курсе DevOps Advanced https://vk.cc/cLRSxd Реклама. ООО «Отус онлайн-образование», ОГРН 1177746618576, erid: 2VtzqvTSm5E

Guardrails for Your Cloud: A Simple Guide to OPA and Terraform https://devsecopsai.today/guardrails-for-your-cloud-a-simple-guide-to-opa-and-terraform-aada0d589dc5

The Lost Fourth Pillar of Observability - Config Data Monitoring

A lot has been written about logs, metrics, and traces as they are indeed key components in observability, application, and system monitoring. One thing that is often overlooked, however, is config data and its observability. In this blog, we'll explore what config data is, how it differs from logs, metrics, and traces, and discuss what architecture is needed to store this type of data and in which scenarios it provides value.

https://www.cloudquery.io/blog/fourth-lost-pillar-of-observability-config-data-monitoring

Incident SEV scales are a waste of time

Ask an engineering leader about their incident response protocol and they’ll tell you about their severity scale. “The first thing we do is we assign a severity to the incident,” they’ll say, “so the right people will get notified.” And this is sensible. In order to figure out whom to get involved, decision makers need to know how bad the problem is. If the problem is trivial, a small response will do, and most people can get on with their day. If it’s severe, it’s all hands on deck. Severity correlates (or at least, it’s easy to imagine it correlating) to financial impact. This makes a SEV scale appealing to management: it takes production incidents, which are so complex as to defy tidy categorization on any dimension, and helps make them legible. A typical SEV scale looks like this: - SEV-3: Impact limited to internal systems. - SEV-2: Non-customer-facing problem in production. - SEV-1: Service degradation with limited impact in production. - SEV-0: Widespread production outage. All hands on deck! But when you’re organizing an incident response, is severity really what matters?

https://blog.danslimmon.com/2025/01/29/incident-sev-scales-are-a-waste-of-time/

Anomaly Detection in Time Series Using Statistical Analysis

Setting up alerts for metrics isn’t always straightforward. In some cases, a simple threshold works just fine — for example, monitoring disk space on a device. You can just set an alert at 10% remaining, and you’re covered. The same goes for tracking available memory on a server. But what if we need to monitor something like user behavior on a website? Imagine running a web store where you sell products. One approach might be to set a minimum threshold for daily sales and check it once a day. But what if something goes wrong, and you need to catch the issue much sooner — within hours or even minutes? In that case, a static threshold won’t cut it because user activity fluctuates throughout the day. This is where anomaly detection comes in.

https://medium.com/booking-com-development/anomaly-detection-in-time-series-using-statistical-analysis-cc587b21d008

tilt

Define your dev environment as code. For microservice apps on Kubernetes.

https://github.com/tilt-dev/tilt

outpost

Outpost is a self-hosted and open-source infrastructure that enables event producers to add outbound webhooks and Event Destinations to their platform with support for destination types such as Webhooks, Hookdeck Event Gateway, Amazon EventBridge, AWS SQS, AWS SNS, GCP Pub/Sub, RabbitMQ, and Kafka.

https://github.com/hookdeck/outpost

brush

brush (Bo(u)rn(e) RUsty SHell) is a POSIX- and bash-compatible shell, implemented in Rust. It's built and tested on Linux and macOS, with experimental support on Windows. (Its Linux build is fully supported running on Windows via WSL.)

https://github.com/reubeno/brush

arkflow

High-performance Rust stream processing engine, providing powerful data stream processing capabilities, supporting multiple input/output sources and processors.

https://github.com/arkflow-rs/arkflow

cloud-snitch

Map visualization and firewall for AWS activity, inspired by Little Snitch for macOS.

https://github.com/ccbrown/cloud-snitch

oomd

oomd is userspace Out-Of-Memory (OOM) killer for linux systems.

https://github.com/facebookincubator/oomd

kubepfm

kubepfm is a simple wrapper to the kubectl port-forward command for multiple pods/deployments/services. It can start multiple kubectl port-forward processes based on the number of input targets. Terminating the tool (Ctrl-C) will also terminate all running kubectl sub-processes.

https://github.com/flowerinthenight/kubepfm

kubectl-klock

A kubectl plugin to render the kubectl get pods --watch output in a much more readable fashion. Think of it as running watch kubectl get pods, but instead of polling, it uses the regular watch feature to stream updates as soon as they occur.

https://github.com/applejag/kubectl-klock

🐳❓ Хотите стать экспертом по Docker и микросервисам? Освойте ключевые навыки для разработки, упаковки и развертывания приложений с Docker-образами! ⏰ На открытом вебинаре 13 мая в 20:00 мск мы разберём, как эффективно использовать Docker для контейнеризации и автоматизации процессов развертывания микросервисов. Вы познакомитесь с принципами создания и оптимизации Docker-образов, а также с лучшими практиками DevOps и CI/CD. Умение использовать Docker для автоматизации и управления микросервисами сделает вас более конкурентоспособным на рынке труда. Получите знания, которые востребованы в крупных компаниях. 👉 Регистрируйтесь на открытый урок и получите скидку на программу обучения «DevOps-практики и инструменты»: https://vk.cc/cLmRPj Реклама. ООО «Отус онлайн-образование», ОГРН 1177746618576, www.otus.ru, erid: 2VtzqvZdW9h

silver-surfer

Api-Version Compatibility Checker & Provides Migration Path for K8s Objects

https://github.com/devtron-labs/silver-surfer

Connecting Kubernetes K3s cluster to external router using BGP with MetalLB and Nginx Ingress https://medium.com/@nikoolayy1/connecting-kubernetes-k3s-cluster-to-external-router-using-bgp-with-metallb-bgp-nginx-as-ingress-9bb767dcecd2

🌐 OSPF или ISIS: машрутизация между зонами. Как разработать этот функционал и не ошибиться? Понимание принципов работы маршрутизации между зонами позволяет на качественно новом уровне рассмотреть работу протоколов маршрутизации OSPF и IS-IS, работающих на основе информации о топологии сети и используемых внутри автономных систем (доменов маршрутизации). Также сравнение отличий в реализации маршрутизации между зонами позволяют выявить ограничения в использовании того либо иного протокола. На уроке: - Рассмотрим, как реализована маршрутизация между зонами в OSPF - Узнаем, как реализована маршрутизация между зонами в ISIS - Реализуем на практике маршрутизацию между зонами в сети с использованием одного из современных протоколов маршрутизации 👉 Регистрация и подробности о курсе Network Engineer. Professional: https://vk.cc/cLDnyO Реклама. ООО «Отус онлайн-образование», ОГРН 1177746618576, www.otus.ru, erid: 2VtzqwmHK6b

Turing Pi 2 Home cluster https://tomassirio.medium.com/turing-pi-2-home-cluster-e4a7446ef4ba