{"id":308,"date":"2021-08-31T14:40:03","date_gmt":"2021-08-31T14:40:03","guid":{"rendered":"https:\/\/fde.cat\/?p=308"},"modified":"2021-08-31T14:40:03","modified_gmt":"2021-08-31T14:40:03","slug":"sre-weekly-issue-270","status":"publish","type":"post","link":"https:\/\/fde.cat\/index.php\/2021\/08\/31\/sre-weekly-issue-270\/","title":{"rendered":"SRE Weekly Issue #270"},"content":{"rendered":"

View on sreweekly.com<\/a><\/p>\n

\n

A message from our sponsor, StackHawk:<\/h2>\n

APIs are not only the backbone of modern application architecture, but they are also a key part of security. Discover what API security testing is, how it works, and get started using API security tools
\nhttp:\/\/sthwk.com\/API-security<\/a><\/p>\n<\/div>\n

Articles<\/h2>\n
\n
Thundering herds, noisy neighbours, and retry storms<\/a><\/div>\n
\n

This is an in-progress document about the kinds of patterns we see or use when designing systems. The author warned me that it\u2019s a work in progress and maybe not ready for prime-time, but I think this is exactly<\/em> the time when I should get it in front of your eyes.<\/p>\n

I\u2019d love your help growing this list. If you know of a name that is missing from the list please send me a tweet with the name and a short description of it and I\u2019ll include it in the list with a link to your tweet<\/p>\n

Mads Hartmann<\/p>\n<\/div>\n<\/div>\n

\n
The Downtime Project<\/a><\/div>\n
\n

Whoa, a podcast dedicated to picking apart public incident postings! I love this, because there\u2019s a lot that\u2019s left to shorthand, and a live conversation is a great way to flesh it out.<\/p>\n

Tom Kleinpeter and Jamie Turner<\/p>\n<\/div>\n<\/div>\n

\n
Health boss unsure how many hospital patients were overdosed due to Windows upgrade<\/a><\/div>\n
\n

There\u2019s a really interesting undercurrent in this story about resilience. Nurses can catch these kinds of errors, but this just one layered protection among many. If the system is reduced to relying on that second-layer defense, the overall resilience is diminished.<\/p>\n

Daniel Keane \u2014 ABC News<\/p>\n<\/div>\n<\/div>\n

\n
Have you ever seen a car crash test? That\u2019s Chaos Engineering<\/a><\/div>\n
\n

Of course, before reaching this stage, all of the pieces are tested in isolation. But until they\u2019re all put together, it\u2019s almost impossible to predict the behavior of the finished product during an accident.<\/p>\n

Mikolaj Pawlikowski<\/p>\n<\/div>\n<\/div>\n

\n
4 attributes of a great site reliability engineer<\/a><\/div>\n
\n

The attributes discussed are:<\/p>\n

Problem solving
\nAwareness building
\nCollaboration
\nEmpathy<\/p>\n

Jayne Groll<\/p>\n<\/div>\n<\/div>\n

\n
How to hire Site Reliability Engineers (SREs): 5 top qualities<\/a><\/div>\n
\n

Wait, more attributes? Oh, and by the same author, too:<\/p>\n

\u201cGreat SREs have a passion for high-quality automation.\u201d
\n\u201cA great SRE ensures SLOs (Service Level Objectives) are set at correct boundaries of service; [\u2026]\u201d
\nPrize Communication.
\nLook for longer-term support experience.
\nLook for a person that demonstrates empathy.<\/p>\n

Jayne Groll<\/p>\n<\/div>\n<\/div>\n

\n
Site Reliability Engineering for Native Mobile Apps <\/a><\/div>\n
\n

This one explore the application of SRE principles to mobile app design.<\/p>\n

Abhijith Krishnappa<\/p>\n<\/div>\n<\/div>\n

\n
Choosing SLOs that users need, not the ones you want to provide<\/a><\/div>\n
\n

This two-part series uses a narrative case study format to show how SLOs can be misleading. You might have great numbers, but what are the numbers actually measuring?<\/p>\n

Adam Hammond \u2014 Squadcast<\/p>\n<\/div>\n<\/div>\n

Outages<\/h2>\n

A major US oil pipeline<\/a><\/p>\n

The pipeline was targeted by a ransomware attack.<\/p>\n

GasBuddy<\/a><\/p>\n

This app for finding gasoline prices seems to have been impacted by a flood of user traffic driven by the US oil pipeline outage. In fact, their front page seems to be very slow for me as I write this.<\/p>\n

Salesforce<\/a><\/p>\n

The outage was widespread and even affected their status page<\/a>.<\/p>\n

eBay<\/a>
\nMicrosoft Outlook<\/a>
\nSRE WEEKLY<\/p>\n","protected":false},"excerpt":{"rendered":"

View on sreweekly.com A message from our sponsor, StackHawk: APIs are not only the backbone of modern application architecture, but they are also a key part of security. Discover what API security testing is, how it works, and get started using API security tools http:\/\/sthwk.com\/API-security Articles Thundering herds, noisy neighbours, and retry storms This is… Continue reading SRE Weekly Issue #270<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","footnotes":""},"categories":[8],"tags":[],"class_list":["post-308","post","type-post","status-publish","format-standard","hentry","category-sre","entry"],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":336,"url":"https:\/\/fde.cat\/index.php\/2021\/08\/31\/sre-weekly-issue-280\/","url_meta":{"origin":308,"position":0},"title":"SRE Weekly Issue #280","date":"August 31, 2021","format":false,"excerpt":"View on sreweekly.com A message from our sponsor, StackHawk: DataRobot is using StackHawk to automate API security testing and to scale AppSec across their dev team. Learn more about all they\u2019re up to: https:\/\/sthwk.com\/DataRobot Articles The Harmful Consequences of the Robustness Principle The Robustness Principle (\u201cbe conservative in what you\u2026","rel":"","context":"In "SRE"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":350,"url":"https:\/\/fde.cat\/index.php\/2021\/08\/31\/sre-weekly-issue-284\/","url_meta":{"origin":308,"position":1},"title":"SRE Weekly Issue #284","date":"August 31, 2021","format":false,"excerpt":"View on sreweekly.com Like last week, I prepared this week\u2019s issue in advance, so no Outages section.\u00a0 Have a great week! A message from our sponsor, StackHawk: Trying to automate application and API security testing? See how StackHawk and Burp Suite Enterprise stack up: https:\/\/sthwk.com\/burp-enterprise Articles Alerting on SLOs like\u2026","rel":"","context":"In "SRE"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":269,"url":"https:\/\/fde.cat\/index.php\/2021\/08\/31\/sre-weekly-issue-257\/","url_meta":{"origin":308,"position":2},"title":"SRE Weekly Issue #257","date":"August 31, 2021","format":false,"excerpt":"View on sreweekly.com A message from our sponsor, StackHawk: Keeping your APIs secure requires thoughtful design and testing. Learn how to protect your REST, SOAP and GraphQL APIs from security vulnerabilities with StackHawk http:\/\/sthwk.com\/api-protection Articles Sometimes alerts have inobvious reasons for existing This one really got me thinking. Make sure\u2026","rel":"","context":"In "SRE"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":463,"url":"https:\/\/fde.cat\/index.php\/2021\/09\/20\/sre-weekly-issue-287\/","url_meta":{"origin":308,"position":3},"title":"SRE Weekly Issue #287","date":"September 20, 2021","format":false,"excerpt":"View on sreweekly.com A message from our sponsor, StackHawk: Trying to figure out how to keep your APIs secure? You\u2019re not the only one. See how DataRobot is automating API security testing with StackHawk. https:\/\/sthwk.com\/DataRobot Articles Industry Interviews: Colm Doyle, Incident Commander at Slack Lots of details about how Slack\u2026","rel":"","context":"In "SRE"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":291,"url":"https:\/\/fde.cat\/index.php\/2021\/08\/31\/sre-weekly-issue-263\/","url_meta":{"origin":308,"position":4},"title":"SRE Weekly Issue #263","date":"August 31, 2021","format":false,"excerpt":"View on sreweekly.com A message from our sponsor, StackHawk: You can utilize Swagger Docs in security testing to drive more thorough and accurate vulnerability scans of your APIs. Learn how: http:\/\/sthwk.com\/swagger-api-testing Articles [Increment: Reliability] Tracing a path to observability They make a really clear case for why traditional metrics and\u2026","rel":"","context":"In "SRE"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":254,"url":"https:\/\/fde.cat\/index.php\/2021\/08\/31\/sre-weekly-issue-253\/","url_meta":{"origin":308,"position":5},"title":"SRE Weekly Issue #253","date":"August 31, 2021","format":false,"excerpt":"View on sreweekly.com A message from our sponsor, StackHawk: How do you know if your GraphQL API is secure? Watch StackHawk CSO Scott Gerlach walk through how to run application security tests for GraphQL-backed apps. http:\/\/sthwk.com\/graphql-webinar Articles May 30 SSL incident TLS can be such a headache. This was an\u2026","rel":"","context":"In "SRE"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/posts\/308","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/comments?post=308"}],"version-history":[{"count":1,"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/posts\/308\/revisions"}],"predecessor-version":[{"id":402,"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/posts\/308\/revisions\/402"}],"wp:attachment":[{"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/media?parent=308"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/categories?post=308"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/tags?post=308"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}