One of the things that happens with many companies that start adopting DevOps is that they release new features constantly. They publish their lists of changes, and they try to attract customers and grow their businesses. They may make some mistakes, but they fix those quickly and keep pushing forward. That's the idea, and it works well. However, many of the developers (and most managers), don't think about the security side of their changes. This piece looks at the way hackers and criminals view DevOps, often using release notes and feature changes as a target to focus their efforts. In this way, they exploit holes and vulnerabilities in software to attack data storage. The examples include S3 buckets of storage and Elasticsearch, which is notoriously poorly secured by many people. Read the rest of  The Need for DevSecOps

The Need for DevSecOps

A series of episodes that look at databases and the world from a data professional's viewpoint. Written and recorded by Steve Jones, editor of SQLServerCentral and The Voice of the DBA.

Technology

Tech News

Podcasting

Gadgets

Software How-To

News

This article has a concept I've never heard about: invisible downtime. This is the idea that there are problems in your application that the customer sees. Your servers are running, but the application doesn't work correctly or is pausing with a delay that impacts customers. From an IT perspective, the SLA is being met and there aren't any problems. From a customer viewpoint, they're ready to start looking at a competitor's offering. Lots of developers and operations people know there are issues in our systems. We know networks go down or connectivity to some service is delayed. We also know the database gets slow, or at least, slower than we'd like. We know there are poor-performing code and under-sized hardware, running with storage that doesn't produce as many IOPs as our workload demands. We would also like time to fix these issues, but often we aren't given any resources. Read the rest of Invisible Downtime

Invisible Downtime

Kubernetes is cool, and I think it's really useful in helping us scale and manage multiple systems easily in a fault-tolerant way. Actually, I don't think Kubernetes per se is important itself; more it seems that the idea of some orchestration engine to manage containers and systems is what really matters. As a side note, there are other orchestrators such as Mesos, OpenShift, and Nomad. However, do we need to know Kubernetes to use it for databases? This is a data platform newsletter, and most of us work with databases in some way. I do see more databases moving to the cloud, and a few moving to containers. I was thinking about this when I saw a Simple Talk article on Kubernetes for Complete Beginners. It's a basic article that looks at what the platform consists of, how it works, and how to set up a mini Kubernetes platform on your system. It's well written and interesting, but ... Read the rest of  Kubernetes is Cool, But ...

Kubernetes is Cool, But ...

It seems that when I travel to offices these days, it's standard for most desk setups to have two monitors. I think all the desks at Redgate have a docking station and two monitors for people to use. They also convert to standing desks, which is handy. I have a standing desk that I use regularly, and it's nice to have that option when I visit an office. At a number of customer sites, I've seen similar setups, sometimes with laptop/monitor lifts instead of desks that rise. Recently I saw a docking station announced that can support four monitors. I wonder how many of you want, need, or use more than two monitors. While there is often a standard in offices, since many of us work part or full-time at home, perhaps you have a different setup. Maybe you have one or two large monitors instead of 3 or 4 smaller ones. I'd certainly be interested to know if any of you have more than 4 monitors. Read the rest of  Multiple Display Productivity

Multiple Display Productivity

I've got a few certifications and quite a few more that have expired or aren't relevant. Does anyone think Windows NT 4.0 or SQL Server 6.5 matter? If you need help in those areas, ask someone else. Unless you have a crazy budget with a willingness to pay a ridiculous hourly rate. Kamil Nowinski had a recent video discussing why IT certifications are still relevant. He had ten reasons, and if you want to watch the entire show, you'll hear his reasons and some rationale why he thinks they matter. It's a good set of reasons: keeping up with tech, practicing learning, demonstrating a commitment to some technology, finding a community of certified colleagues, and more. Read the rest of  Are IT Certifications Still Relevant?

Are IT Certifications Still Relevant?

One of the things that I've found with cloud computing services is that the people involved with managing these resources sometimes get asked to become financial accountants. I saw an interesting post from SQL Rod asking about this new task as something all of us might need to consider a part of our job in the modern world. He asks if we are Techouncants or Accountechs? This isn't in the sense of being the Financial DBA trying to manage costs in the cloud, though that is part of his post. It's more about making smart financial decisions. Certainly, as more workloads move to the cloud, and they are for many of us, we likely need to keep an eye on costs, usage, and tuning. Read the rest of The DBAccountant

The Need for DevSecOps

Download our free app to listen on your phone