Our August DOXLON featured a solid DevOps Exchange line up, covering some very current topics in the DevOps world. We started with Owain Perry and his monitoring solutions at Just Eat. Following Richard Clark took us through how to build a resilient VPC transit network. We closed with Graeme Forbes on the topic of SSL.
We want to thank everyone who attended this month and look forward to seeing you on September 21st!
WHAT DOES NEXT-GEN MONITORING LOOK LIKE?
Owain Perry, Principal Engineer at Just Eat
Just Eat are looking at refreshing their logging, time series, and alerting capability. They have ideas about what this might look like at a high level: involving streaming logs and metrics augmented with metadata, short term storage of high resolution metrics and logs, tracing and anomaly detection. While supporting RBAC data security and access, GDPR and Personal Identifiable Information and geographically local storage for low latency query. They are not presenting a solution, but the journey so far. There are some interesting requirements and some ideas on solutions.
BUILDING A RESILIENT VPC TRANSIT NETWORK USING BGP, CISCO CSR, TERRAFORM, AND PACKER
Richard Clark, Head of Backend Engineering at Depop
This talk is in part about Depop's journey from a single AWS account, with two un-routable VPCs on incompatible address space, to a new infrastructure split over 12 AWS accounts, each with one or more VPCs. With greater complexity (there are 72 VPN tunnels per region..) comes a need for automation, so all infrastructure within these new AWS accounts is driven by code.
This transit network supports dynamic, multi-region routing, and is supported by a pair of Cisco cloud routers (per region). The configuration for these routers is driven primarily by Terraform, plugged into a Packer build pipeline, resulting in immutable router AMIs. Getting this all up and running required a PR to Terraform to add support for what we needed to the core aws_vpn_connection resource, and saw us bumping up against Terraform’s limitations, so there’s some space for exploration around there well.
FUN WITH SSL
Graeme Forbes, Principal Consultant at Infinity Works
When working in an organization which relies on SSL client certificates for authentication there are many challenges. This is how one organization adapted all development and api services so they could be used from anywhere, and the compromises that had to be made to enable Continuous Delivery.
This content came from DevOps Exchange London (#DOXLON), a monthly DevOps Meetup in London.
If you'd like to speak at a future DOXLON or join the Meetup, please visit the DOXLON Meetup page.