Welcome to this week’s edition of the DevOps Bulletin!

Looking for better ways to structure your Terraform projects? We’ll explore practical tips for managing your environments efficiently. Need to cut Kubernetes costs? See how multi-tenancy and virtual clusters could help streamline your infra.

This week, we’re also sharing tips for optimizing PostgreSQL queries at scale and how to solve missing AWS resources in Terraform using a simple solution. On the security front, learn how a single file vulnerability revealed flaws in major projects like Chromium.

Ever thought about hosting your own container registry? We’ll show you how to take full control of your container images, and if FinOps is on your radar, check out the Microsoft toolkit that helps you manage cloud costs effectively.

Plus, discover some great open-source projects like Kloudlite and OpenObserve to enhance your tech stack.

All this and more in this week's DevOps Bulletin—don’t miss it!

Newsworthy Stories

• Five Lessons from a Minor Production Incident

• Making a Postgres Compound Index 50x Faster

• Reflections on IaC using Terraform

• How to Improve Your DevOps Automation

• Too Many Microservices

• A Deep Look into Our New Massive Multitenant Architecture

• Optimizing Kubernetes Costs with Multi-Tenancy and Virtual Clusters

Kickstart your FinOps efforts

The Microsoft FinOps toolkit is an open-source collection of resources and tools to help you adopt FinOps.

AWS Data Center Latencies

Check out a cool project to visualize latency between different AWS regions.

Tutorials of the week

• Solve Missing AWS Resources in Terraform: The awscc provider, using AWS's Cloud Control API, helps overcome resource gaps.

• Optimizing PostgreSQL Queries at Scale: Tips to troubleshoot inefficient queries and resource bottlenecks.

  

• Getting Started with Terraform Stack: Simplify deployments across environments like dev, staging, and production without complex CI/CD setups.

• Finding Vulnerabilities at Scale: How a JPEG processing vulnerability led to discovering security flaws in major projects like Chromium and WINE.

• Simplifying Multi-Environment Kubernetes Deployments: Kluctl automates deployments, integrates with Helm and Kustomize, and reduces manual intervention.

  

• How to Structure a Terraform Project: The tutorial covers approaches like monorepo and polyrepo setups for managing environments and modules.

• Deploy Azure Resources from GitLab with No Secrets Using OpenTofu: Learn how to deploy Azure resources using GitLab pipelines with OpenID Connect, all without managing secrets.

• Promoting Terraform Changes from DEV to PROD: Learn how to use workspaces for separate states and environment folders to clearly separate multi-envs deployments.

• Implementing Compliant Secrets with AWS Secrets Manager: This tutorial walks you through building detailed access policies and introduces a Terraform module to automate and simplify policy management.

• Terraform Stacks with Azure: This guide covers dynamic credentials, creating stacks with multiple components, and using orchestration rules for automatic deployment approvals.

• Self-Hosting a Container Registry: From setting up Docker and Nginx to handling SSL certificates.

Projects of the week

Highlighting cool DevOps projects to keep an eye on:

• Kloudlite is an open-source platform designed to provide seamless and secure development environments for building distributed applications.

• OpenObserve is a cloud-native observability platform built specifically for logs, metrics, traces, analytics, and RUM designed to work at a petabyte scale.

• Drasi is a data processing platform that simplifies detecting changes in data and taking immediate action.

• SonarIAC is a static code analyzer for Infrastructure-as-Code languages such as CloudFormation and Terraform, as well as DevOps like Docker and Kubernetes.