Welcome to this week’s edition of the DevOps Bulletin!

Curious how Figma managed to migrate its infrastructure to Kubernetes in less than 12 months? We’ve got the details. Curious about the risks of localhost APIs being exploited from your browser? Learn how to safeguard your systems. Plus, with Amazon ECR’s new scanning features now available, see what this means for your container security.

As SQL turns 50, we look at its future. With incidents on Git platforms rising, find out what this trend could mean for your CI/CD pipelines. And discover how Uber tests payments in production, pushing the boundaries of reliability.

This week’s tutorials include deep dives into Postgres storage, Kubernetes security, and Dockerfile best practices. We also cover Netflix’s cross-regional network issue and show you how to repurpose an old phone into a NAS.

Finally, check out the latest DevOps projects, from KubeBlocks for stateful Kubernetes apps to DCPerf for cloud benchmarking. There’s plenty to explore and apply this week!

Newsworthy Stories

• Figma’s Kubernetes Migration: Learn how Figma transitioned its entire infrastructure onto Kubernetes in less than 12 months.

• 0.0.0.0 Day: Exploiting Localhost APIs: Discover how localhost APIs can be exploited directly from the browser.

• Amazon ECR Basic Scanning: The new version of Amazon ECR’s basic scanning is now generally available!

• SQL at 50: A look into the future of SQL as it celebrates its 50th anniversary—what’s next for the structured query language that powers so much of today’s data?

• Rising Incidents on Git Platforms: The number of incidents affecting GitHub, Bitbucket, GitLab, and JIRA is on the rise—what does this mean for your CI/CD pipeline?

• Uber’s Production Payment Testing: Discover how Uber tests its payment systems directly in production to ensure reliability and scalability.

• Multi-Metric Scaling: Yelp's journey to implement multi-metric horizontal autoscaling in its legacy platform-as-a-service, PaaSTA.

Deploying on a Friday?

Sometimes deploying on a Friday might be the right move—breaking the taboo with solid strategies.

Tutorials of the week

• How Postgres stores data on disk: Exploring the various directories, files, and underlying structures like pages and heaps that compose a database.

• Kubernetes Security Guide: The guide covers a wide range of topics, including node security, network policies, authentication, and image security, offering practical advice and tools for testing and implementing these security measures.

• Dockerfile Instructions - ADD vs. COPY: Understand the differences between the ADD and COPY instructions in Dockerfiles, and learn when to use each for better security and functionality.

• Cross-Regional Network Performance Investigation: Netflix’s Cloud team shares their investigation into a cross-regional network performance issue, shedding light on best practices for geographic data synchronization.

• CodeBuild Workflows for Terraform: Simplify your Terraform CI/CD with reusable CodeBuild workflows, specifically tailored for integrating with GitHub PRs.

• Turning an Old Phone into a NAS: A step-by-step guide on repurposing your old smartphone into a fully functional NAS device.

• Policy as Code in Terraform: Compare HashiCorp Sentinel and Open Policy Agent (OPA) to learn how to enforce the policy as code within your Terraform infrastructure.

Projects of the week

Highlighting cool DevOps projects to keep an eye on:

• InnoDB_rs: A powerful tool for data recovery from accidentally deleted MySQL databases.

• KubeBlocks: An open-source control plane for running and managing stateful applications like databases and message queues on Kubernetes.

• DCPerf: A benchmark suite designed to represent real-world hyperscale cloud applications in data centers.

• Stack Auth: A developer-friendly, open-source managed authentication solution.

• pg_replicate: A Rust crate designed to quickly build replication solutions for PostgreSQL.