Hello CloudMakers!

This is the 20th issue of this newsletter already! It's a small but exciting milestone, and I wouldn't have made it here without your support. Thank you for being a part of this journey so far!

Today we shall see:

• how Monzo improved deployment strategy with automated rollbacks

• how to integrate Amazon CodeGuru Reviewer and GitHub Actions

• a solution for multi-tenancy and multi-cluster setups in Kubernetes

Enjoy!

Argo Rollouts at scale: Bringing Automated Rollbacks to 2,100+ services at Monzo

It's always interesting to read about how companies are implementing new technologies to improve their operations. In this article, Monzo, a banking and financial technology company, shares their experience of implementing automated rollbacks using Argo Rollouts to enhance their deployment strategy. Monzo had previously relied on testing, alerting, and human discipline to catch bad deployments, but they wanted to improve their system. With the new automated rollback system, Monzo can ensure that their customers experience fewer issues, and their engineers can spend more time delivering value instead of worrying about deployments. The new system is easy to use, transparent to engineers, and can be extended to support progressive rollouts in the future.

Integrating with GitHub Actions – Amazon CodeGuru in your DevSecOps Pipeline

Many organizations have embraced DevOps practices to automate and streamline their software delivery and IT operations. However, concerns have been raised about the potential security risks associated with such practices. Amazon CodeGuru, an AI-driven tool that uses machine learning and automated reasoning, can identify critical issues and bugs during application development and deployment, without compromising on security.

Amazon CodeGuru Reviewer helps to improve code security by identifying common vulnerabilities and recommending best practices based on OWASP Top 10 and AWS security practices. It analyzes Java and Python code, detects deviations from best practices when using AWS APIs and SDKs, identifies concurrency issues and resource leaks, validates input parameters, and detects security vulnerabilities. In this post you can find out how the tool integrates with GitHub Actions, allowing you to include security checks in your continuous integration workflows, ensuring comprehensive analysis and continuous improvement.

kcp: Kubernetes-like control plane

KCP is an open-source project that aims to make multi-tenancy and multi-cluster setups in Kubernetes easier. While multi-tenancy can be accomplished using various tools in Kubernetes, it can become difficult when tenants want to run their own operators with their own CRDs. KCP's solution is to use Workspaces to implement multi-tenancy. KCP also addresses the multi-cluster problem by providing solutions that make it easier to use multiple clusters as a single compute service. Check it out, maybe it can be a helpful tool for simplifying complex Kubernetes setups.

Thank you for reading my newsletter!

If you liked it, please invite your friends to subscribe!

If you were forwarded this newsletter and liked it, you can subscribe for free here:

Have you read an article you liked and want to share it? Send it to me and you might see it published in this newsletter!

Interested in old issues? You can find them here!