organization iii. ENABLING ORGANIZATIONAL LEARNING AND A SAFETY CULTURE 1. When we work within a complex system, by definition it is impossible for us to perfectly predict all the outcomes for any action we processes, often to help individual departments maintain their “turf.” Failure is processed through a system of judgment, resulting in either punishment or justice and mercy. c. Generative organizations TO START 47 7. Ch. 5 Selecting Which Value Stream to Start With 51 a. GREENFIELD vs BROWNFIELD SERVICES i. DevOps is not just for Greenfield ii. Important Predictor – Is the application architected

consistent, & secure c. CREATE OUR SINGLE REPOSITORY OF TRUTH FOR THE ENTIRE SYSTEM i. ALL parts (code & environments) of the system are shared in a version control repository ii. Version control is for introduced iv. Integration tests – ensure correct interaction with other production applications and services g. CATCH ERRORS AS EARLY IN OUR AUTOMATED TESTING AS POSSIBLE i. A test suite’s goal is to find When a change causes the build or automated tests to fail: 1. No new work is allowed to enter the system until the problem is fixed. 2. Bring in whatever help is needed to resolve the problem iii. Prioritize

Accidents are due to the inevitable design problems in complex systems that we build; they are system problems – not individual problems iii. Effective practices 1. Blameless post-mortems 2. Controlled “could have” a. These are counterfactual statements b. Frames the problem as the system as imagined rather than the system that actually exists 4. Focus on – “Why did it make sense to me when I took that and behavior of libraries and components ii. Test suite becomes the living documentation of the system specification and represent working examples of API use e. DESIGN FOR OPERATIONS THROUGH CODIFIED

Logging Levels 1. Debug – anything that happens in the program 2. Info – user driven actions or system specific 3. Warn – conditions that could become an error and will likely trigger an alert 4. Error GTP Security & Risk Management group) 1. Authentication/authorization decisions 2. System and data access 3. System and application changes, especially privileged changes 4. Data changes (CRUD) 5. Invalid INITIALLY SELF-MANAGE THEIR PRODUCTION SERVICE i. Google has development groups self-manage their services in production before they become eligible for Ops group to manage. 1. Define launch requirements

systems that preserve many of the advantages of buying off the shelf.  The risk of developing a system incrementally and altering it based on user feedback is often lower than that of buying a finished change.  The advantages of the agility that can be gained through a flexible, changeable, custom system —a smooth rather than a lumpy EA, as we put it in the last chapter—are becoming morecompelling, and developer incorporates open source frameworks, uses standardized design patterns, and orchestrates services that are already available.  There are “cookbooks” available with templates for deploying systems

and last, that the business should be thought of as a community, or perhaps as a Complex Adaptive System, which needs to be led and managed through an inspect-and- adapt, feedback-and-vision-oriented approach dysfunctional transformation cycle. It lies, I believe, in our distinction between the development of a system and its operation and maintenance.  Dividing our IT spending into development and maintenance buckets way to incrementally modernize a legacy system as defined by Martin Fowler.  Instead of building an entirely new system, we take a small piece of the legacy system and rebuild it in a way that lets it

“finished” late.  This, as we know, is based on the outdated idea that we define the scope of the system ahead of time and keep working until we deliver it. That is precisely what we do not do in an Agile consequences. In the plan-driven model, quality was easier to understand.  We specified what the system should do, and then measured quality as adherence to that specification.  The opposite of a defect say that we are deciding between two different open source products for building a piece of the system and do not know enough of their impacts to make the choice. In the old-school way of making the

what not to worry about  Perf events mixed mode can show stack traces of both Java and native system calls Continuous Delivery in Financial Training by David Genn (IG) @david_genn  Separate deployment moving, from the first year of USDS Mikey Dickerson (Federal Government | United States Digital Services Team)  The more simple, the better off you are  Agile is tactic not religious credo  You have

Design.pdfContainerized Software Factory Reference DesignSoftware Factory using Cloud DevSecOps Services Sidecar Container Security Stack Sidecar Container Security Stack enables: correlated and centralized containers, strong identities per Pod using certificates, and whitelisting rather than blacklisting. Services that support the security sidecar include: 1. Program-specific Log Storage and Retrieval Service

cgroupdriver=systemd" ] } # mkdir -p /etc/systemd/system/docker.service.d # docker info ★docker会修改防火墙规则，导致pod网络不通 # vi /usr/lib/systemd/system/docker.service #在[Service]下的ExecStart=/usr/bin/dockerd 置文件并编辑 # vi /etc/kubeadm-init.yaml apiVersion: kubeadm.k8s.io/v1beta2 bootstrapTokens: - groups: - system:bootstrappers:kubeadm:default-node-token token: abcdef.0123456789abcdef �l: 24h0m0s usages: 置文件并编辑 # vi /etc/kubeadm-init.yaml apiVersion: kubeadm.k8s.io/v1beta3 bootstrapTokens: - groups: - system:bootstrappers:kubeadm:default-node-token token: abcdef.0123456789abcdef �l: 24h0m0s usages: